Skip to content

Commit

Permalink
[Multicast] support encap mode
Browse files Browse the repository at this point in the history
1, Use a single routine to send local multicast groups in an IGMP v3
   Report message to notify all the other Nodes in the cluster
2. Multicast controller maintains both local Pod members and remote
   Nodes which has Pod members for each multicast group found in the
   cluster
3. Add remote Node members in the OpenFlow group buckets.
4. Agent drops the duplicated multicast packet received from underlay by
   - adding iptables rules in raw table antreaPreRouting chain to drop
     multicast packets sent from other Nodes, because the Pod multicast
     traffic is received from tunnel with encap mode.
   - adding an ipset to maintain IPs of other Nodes in the cluster, which
     is used as source in the iptables rule.

Signed-off-by: wenyingd <[email protected]>
  • Loading branch information
wenyingd committed Jul 14, 2022
1 parent 42162ce commit 9d66c05
Show file tree
Hide file tree
Showing 27 changed files with 1,370 additions and 219 deletions.
2 changes: 1 addition & 1 deletion build/charts/antrea/conf/antrea-agent.conf
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ featureGates:
# IPAM when configuring secondary network interfaces with Multus.
{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "AntreaIPAM" "default" false) }}

# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "Multicast" "default" false) }}

# Enable Antrea Multi-cluster Gateway to support cross-cluster traffic.
Expand Down
2 changes: 1 addition & 1 deletion build/charts/antrea/conf/antrea-controller.conf
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ featureGates:
# Enable collecting and exposing NetworkPolicy statistics.
{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "NetworkPolicyStats" "default" true) }}

# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "Multicast" "default" false) }}

# Enable controlling SNAT IPs of Pod egress traffic.
Expand Down
8 changes: 4 additions & 4 deletions build/yamls/antrea-aks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2583,7 +2583,7 @@ data:
# IPAM when configuring secondary network interfaces with Multus.
# AntreaIPAM: false
# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
# Multicast: false
# Enable Antrea Multi-cluster Gateway to support cross-cluster traffic.
Expand Down Expand Up @@ -2872,7 +2872,7 @@ data:
# Enable collecting and exposing NetworkPolicy statistics.
# NetworkPolicyStats: true
# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
# Multicast: false
# Enable controlling SNAT IPs of Pod egress traffic.
Expand Down Expand Up @@ -3692,7 +3692,7 @@ spec:
kubectl.kubernetes.io/default-container: antrea-agent
# Automatically restart Pods with a RollingUpdate if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: b82a5504883f65d32538dd4c2de4e01f4ac99203ff69191463715f67878e0745
checksum/config: beca655f34bfd122082c7efa73505680278a8aa97e74099ca6040bcc4311622f
labels:
app: antrea
component: antrea-agent
Expand Down Expand Up @@ -3932,7 +3932,7 @@ spec:
annotations:
# Automatically restart Pod if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: b82a5504883f65d32538dd4c2de4e01f4ac99203ff69191463715f67878e0745
checksum/config: beca655f34bfd122082c7efa73505680278a8aa97e74099ca6040bcc4311622f
labels:
app: antrea
component: antrea-controller
Expand Down
8 changes: 4 additions & 4 deletions build/yamls/antrea-eks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2583,7 +2583,7 @@ data:
# IPAM when configuring secondary network interfaces with Multus.
# AntreaIPAM: false
# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
# Multicast: false
# Enable Antrea Multi-cluster Gateway to support cross-cluster traffic.
Expand Down Expand Up @@ -2872,7 +2872,7 @@ data:
# Enable collecting and exposing NetworkPolicy statistics.
# NetworkPolicyStats: true
# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
# Multicast: false
# Enable controlling SNAT IPs of Pod egress traffic.
Expand Down Expand Up @@ -3692,7 +3692,7 @@ spec:
kubectl.kubernetes.io/default-container: antrea-agent
# Automatically restart Pods with a RollingUpdate if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: b82a5504883f65d32538dd4c2de4e01f4ac99203ff69191463715f67878e0745
checksum/config: beca655f34bfd122082c7efa73505680278a8aa97e74099ca6040bcc4311622f
labels:
app: antrea
component: antrea-agent
Expand Down Expand Up @@ -3934,7 +3934,7 @@ spec:
annotations:
# Automatically restart Pod if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: b82a5504883f65d32538dd4c2de4e01f4ac99203ff69191463715f67878e0745
checksum/config: beca655f34bfd122082c7efa73505680278a8aa97e74099ca6040bcc4311622f
labels:
app: antrea
component: antrea-controller
Expand Down
8 changes: 4 additions & 4 deletions build/yamls/antrea-gke.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2583,7 +2583,7 @@ data:
# IPAM when configuring secondary network interfaces with Multus.
# AntreaIPAM: false
# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
# Multicast: false
# Enable Antrea Multi-cluster Gateway to support cross-cluster traffic.
Expand Down Expand Up @@ -2872,7 +2872,7 @@ data:
# Enable collecting and exposing NetworkPolicy statistics.
# NetworkPolicyStats: true
# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
# Multicast: false
# Enable controlling SNAT IPs of Pod egress traffic.
Expand Down Expand Up @@ -3692,7 +3692,7 @@ spec:
kubectl.kubernetes.io/default-container: antrea-agent
# Automatically restart Pods with a RollingUpdate if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: c74fa3f40177249ad901af12a4127b31b3291f9b8bf3ce6a9be1e666e29c5447
checksum/config: 741b313c6ab0ed98e7d994985861722f503a93529f90a5141b8a6e0c124d8904
labels:
app: antrea
component: antrea-agent
Expand Down Expand Up @@ -3932,7 +3932,7 @@ spec:
annotations:
# Automatically restart Pod if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: c74fa3f40177249ad901af12a4127b31b3291f9b8bf3ce6a9be1e666e29c5447
checksum/config: 741b313c6ab0ed98e7d994985861722f503a93529f90a5141b8a6e0c124d8904
labels:
app: antrea
component: antrea-controller
Expand Down
8 changes: 4 additions & 4 deletions build/yamls/antrea-ipsec.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2596,7 +2596,7 @@ data:
# IPAM when configuring secondary network interfaces with Multus.
# AntreaIPAM: false
# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
# Multicast: false
# Enable Antrea Multi-cluster Gateway to support cross-cluster traffic.
Expand Down Expand Up @@ -2885,7 +2885,7 @@ data:
# Enable collecting and exposing NetworkPolicy statistics.
# NetworkPolicyStats: true
# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
# Multicast: false
# Enable controlling SNAT IPs of Pod egress traffic.
Expand Down Expand Up @@ -3705,7 +3705,7 @@ spec:
kubectl.kubernetes.io/default-container: antrea-agent
# Automatically restart Pods with a RollingUpdate if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: 1609abc57e2865390df7a7d99e4c3b342c7e097fa879fefe8e4315130eaa9019
checksum/config: c74f29ceba3905db50cef22ee46f73e1c101c108a70e70918b17413c174081e8
checksum/ipsec-secret: d0eb9c52d0cd4311b6d252a951126bf9bea27ec05590bed8a394f0f792dcb2a4
labels:
app: antrea
Expand Down Expand Up @@ -3991,7 +3991,7 @@ spec:
annotations:
# Automatically restart Pod if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: 1609abc57e2865390df7a7d99e4c3b342c7e097fa879fefe8e4315130eaa9019
checksum/config: c74f29ceba3905db50cef22ee46f73e1c101c108a70e70918b17413c174081e8
labels:
app: antrea
component: antrea-controller
Expand Down
8 changes: 4 additions & 4 deletions build/yamls/antrea.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2583,7 +2583,7 @@ data:
# IPAM when configuring secondary network interfaces with Multus.
# AntreaIPAM: false
# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
# Multicast: false
# Enable Antrea Multi-cluster Gateway to support cross-cluster traffic.
Expand Down Expand Up @@ -2872,7 +2872,7 @@ data:
# Enable collecting and exposing NetworkPolicy statistics.
# NetworkPolicyStats: true
# Enable multicast traffic. This feature is supported only with noEncap mode.
# Enable multicast traffic.
# Multicast: false
# Enable controlling SNAT IPs of Pod egress traffic.
Expand Down Expand Up @@ -3692,7 +3692,7 @@ spec:
kubectl.kubernetes.io/default-container: antrea-agent
# Automatically restart Pods with a RollingUpdate if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: 0814cc9f3baa94e76e83a108b04d05200485610c7f5950c584503af7151a9e86
checksum/config: 056a828ba2400e94aa9c43e6e74a4b007027bf6b95a68e1e15f34cd6ffeb2baa
labels:
app: antrea
component: antrea-agent
Expand Down Expand Up @@ -3932,7 +3932,7 @@ spec:
annotations:
# Automatically restart Pod if the ConfigMap changes
# See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
checksum/config: 0814cc9f3baa94e76e83a108b04d05200485610c7f5950c584503af7151a9e86
checksum/config: 056a828ba2400e94aa9c43e6e74a4b007027bf6b95a68e1e15f34cd6ffeb2baa
labels:
app: antrea
component: antrea-controller
Expand Down
4 changes: 3 additions & 1 deletion cmd/antrea-agent/agent.go
Original file line number Diff line number Diff line change
Expand Up @@ -652,7 +652,9 @@ func run(o *Options) error {
ovsBridgeClient,
podUpdateChannel,
o.igmpQueryInterval,
validator)
validator,
networkConfig.TrafficEncapMode.SupportsEncap(),
informerFactory)
if err := mcastController.Initialize(); err != nil {
return err
}
Expand Down
23 changes: 2 additions & 21 deletions pkg/agent/controller/noderoute/node_route_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -501,8 +501,9 @@ func (c *Controller) addNodeRoute(nodeName string, node *corev1.Node) error {
if err != nil {
return fmt.Errorf("error when retrieving MAC of Node %s: %v", nodeName, err)
}
peerNodeIPs, err := c.getNodeTransportAddrs(node)
peerNodeIPs, err := k8s.GetNodeTransportAddrs(node)
if err != nil {
klog.ErrorS(err, "Failed to retrieve Node IP addresses", "node", node.Name)
return err
}
peerWireGuardPublicKey := node.Annotations[types.NodeWireGuardPublicAnnotationKey]
Expand Down Expand Up @@ -799,23 +800,3 @@ func getNodeMAC(node *corev1.Node) (net.HardwareAddr, error) {
}
return mac, nil
}

func (c *Controller) getNodeTransportAddrs(node *corev1.Node) (*utilip.DualStackIPs, error) {
if c.networkConfig.TransportIface != "" || len(c.networkConfig.TransportIfaceCIDRs) > 0 {
transportAddrs, err := k8s.GetNodeAddrsFromAnnotations(node, types.NodeTransportAddressAnnotationKey)
if err != nil {
return nil, err
}
if transportAddrs != nil {
return transportAddrs, nil
}
klog.InfoS("Transport address is not found, using NodeIP instead", "node", node.Name)
}
// Use NodeIP if the transport IP address is not set or not found.
peerNodeIPs, err := k8s.GetNodeAddrs(node)
if err != nil {
klog.ErrorS(err, "Failed to retrieve Node IP addresses", "node", node.Name)
return nil, err
}
return peerNodeIPs, nil
}
Loading

0 comments on commit 9d66c05

Please sign in to comment.