Skip to content

NE-2488: Add OpenShift router tools to NetworkEdge toolset#98

Open
alebedev87 wants to merge 2 commits intoopenshift:mainfrom
alebedev87:router-toolset
Open

NE-2488: Add OpenShift router tools to NetworkEdge toolset#98
alebedev87 wants to merge 2 commits intoopenshift:mainfrom
alebedev87:router-toolset

Conversation

@alebedev87
Copy link

@alebedev87 alebedev87 commented Jan 9, 2026
edited
Loading

This PR introduces new tools for inspecting OpenShift router pods through the Kubernetes MCP Server.

Added tools:

  • get_router_config: View the router's configuration
  • get_router_info: Get router runtime information and statistics
  • get_router_sessions: View all active sessions in the router

Documentation: Added NETEDGE.md covering the NetworkEdge toolset, including both router and CoreDNS tools.

Tests: Added evaluation tasks for the added tools.

@openshift-ci
Copy link

openshift-ci bot commented Jan 9, 2026

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jan 9, 2026
@alebedev87 alebedev87 mentioned this pull request Jan 9, 2026
Open
3 tasks
@swghosh
Copy link
Member

swghosh commented Jan 12, 2026

#51 (comment)

Should we consider having this as a part of the "openshift" toolgroup?

@alebedev87 alebedev87 marked this pull request as ready for review January 12, 2026 22:39
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jan 12, 2026
@openshift-ci openshift-ci bot requested review from ardaguclu and matzew January 12, 2026 22:40
@alebedev87
Copy link
Author

alebedev87 commented Jan 12, 2026

Should we consider having this as a part of the "openshift" toolgroup?

@swghosh : That crossed my mind too. In my case "router" doesn't make much sense in Kubernetes context. However I didn't want to complicate things at this stage either.

@bentito
Copy link

bentito commented Jan 20, 2026

Wherever this ends up we'll likely end up using it as part of our NIDS MCP tooling. https://issues.redhat.com/browse/NE-2278 inspect_route likely can just call one of these or be replaced by one or more of these. Also we might want to support all of these such that we have richer router data. cc @rikatz @Thealisyed

@matzew
Copy link
Member

matzew commented Feb 10, 2026

can just call one of these or be replaced by one or more of these

@bentito @alebedev87 any updates on this? or still on discussion.

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 10, 2026
@bentito
Copy link

bentito commented Feb 10, 2026

@bentito @alebedev87 any updates on this? or still on discussion.
@alebedev87 When you can, please rebase and move to the ./pkg/toolsets/netedge dir

@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 12, 2026
@openshift-ci
Copy link

openshift-ci bot commented Feb 12, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: alebedev87
Once this PR has been reviewed and has the lgtm label, please assign cali0707 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@alebedev87 alebedev87 changed the title Add toolset for OpenShift router NE-2488: Add OpenShift router tools to NetworkEdge toolset Feb 12, 2026
@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Feb 12, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Feb 12, 2026
edited by openshift-ci bot
Loading

@alebedev87: This pull request references NE-2488 which is a valid jira issue.

Details

In response to this:

This PR introduces new tools for inspecting OpenShift router pods through the Kubernetes MCP Server.

Added tools:

  • get_router_config: View the router's configuration
  • get_router_info: Get router runtime information and statistics
  • get_router_sessions: View all active sessions in the router

Documentation: Added NETEDGE.md covering the NetworkEdge toolset, including both router and CoreDNS tools.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@alebedev87
NE-2488: Add OpenShift router tools to NetworkEdge toolset
5450808 
This commit introduces new tools for inspecting
OpenShift router pods through the Kubernetes MCP Server.

Added tools:
- get_router_config: View the router's configuration
- get_router_info: Get router runtime information and statistics
- get_router_sessions: View all active sessions in the router

Documentation: Added NETEDGE.md covering the NetworkEdge toolset,
including both router and CoreDNS tools.
@alebedev87
NE-2488: Add evaluation tasks for router tools
7871a5b 
Add eval tasks for the three router tools in the netedge toolset:
- get-router-config: verifies HAProxy configuration retrieval
- get-router-info: verifies HAProxy runtime information retrieval
- get-router-sessions: verifies active sessions retrieval
@openshift-ci-robot
Copy link

openshift-ci-robot commented Feb 12, 2026
edited by openshift-ci bot
Loading

@alebedev87: This pull request references NE-2488 which is a valid jira issue.

Details

In response to this:

This PR introduces new tools for inspecting OpenShift router pods through the Kubernetes MCP Server.

Added tools:

  • get_router_config: View the router's configuration
  • get_router_info: Get router runtime information and statistics
  • get_router_sessions: View all active sessions in the router

Documentation: Added NETEDGE.md covering the NetworkEdge toolset, including both router and CoreDNS tools.

Tests: Added evaluation tasks for the added tools.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci
Copy link

openshift-ci bot commented Feb 12, 2026

@alebedev87: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

alebedev87
alebedev87 commented Feb 12, 2026
View reviewed changes
pkg/toolsets/netedge/router.go
Title: "Get Router Config",
ReadOnlyHint: ptr.To(true),
DestructiveHint: ptr.To(false),
OpenWorldHint: ptr.To(true),
Copy link
Author

@alebedev87 alebedev87 Feb 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bentito : I used false here before but then I copied true as in get_coredns_config tool. I'm not quite sure whether it's a good decision for router configs/sessions/info. Can you please advice?

@bentito
Copy link

bentito commented Feb 12, 2026

I've reviewed this PR in the context of the NIDS MCP strategy and found a few critical areas for improvement, particularly regarding offline analysis.

Review Summary: Router Tools vs Offline Strategy

Context:

1. Critical Refactoring Required: Offline Compatibility

The current implementation of get_router_config relies on PodsExec (effectively oc exec), which will not work with offline must-gather archives.
Refactoring Recommendation:
Adopt the Client Abstraction Pattern demonstrated in ovn-kubernetes-mcp.

  • Abstract the Data Source: Use a helper that switches behavior based on the context (live cluster vs. file dump).
  • Implementation for get_router_config:
    • Live Mode: Continue using exec cat /var/lib/haproxy/conf/haproxy.config.
    • Offline Mode: Read the file directly from the filesystem. I confirmed that standard must-gather archives do contain this file at paths like .../ingress_controllers/default/router-*/haproxy.config.

2. Scope Clarification: "Live Only" Tools

The tools get_router_info and get_router_sessions rely on active HAProxy socket commands (show info, show sess).

  • Finding: These outputs are not present in standard must-gather dumps.
  • Action: These must be explicitly documented and marked as Live Only to set correct expectations for the agent and users, as they will fail in offline triage scenarios.

3. Consistency: Client Usage

PR #98 uses kubernetes.NewCore(params).PodsExec. For consistency with PR #115, request that the author switch to the controller-runtime client pattern where applicable (e.g., for listing pods), as it simplifies testing and mocking.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ardaguclu ardaguclu Awaiting requested review from ardaguclu

@matzew matzew Awaiting requested review from matzew

Assignees

No one assigned

Labels

jira/valid-reference Indicates that this PR references a valid Jira ticket of any type.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@alebedev87 @swghosh @bentito @matzew @openshift-ci-robot @openshift-merge-robot

Comments