Support TopologyAwareHints in Antrea proxy

Feature TopologyAwareHints is at Beta stage in Kubernetes v1.23, and it is enabled by default in Kubernetes v1.24 See more https://kubernetes.io/docs/concepts/services-networking/topology-aware-hints/. Signed-off-by: Hongliang Liu <[email protected]>
antrea-io · Jun 21, 2022 · 9fa1ff7 · 9fa1ff7
1 parent c6fae02
commit 9fa1ff7
Show file tree

Hide file tree

Showing 17 changed files with 517 additions and 90 deletions.
diff --git a/build/charts/antrea/conf/antrea-agent.conf b/build/charts/antrea/conf/antrea-agent.conf
@@ -6,10 +6,14 @@ featureGates:
 {{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "AntreaProxy" "default" true) }}
 
 # Enable EndpointSlice support in AntreaProxy. Don't enable this feature unless that EndpointSlice
-# API version v1beta1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
+# API version v1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
 # this flag will not take effect.
 {{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "EndpointSlice" "default" false) }}
 
+# Enable TopologyAwareHints in AntreaProxy. This requires AntreaProxy and EndpointSlice to be
+# enabled, otherwise this flag will not take effect.
+{{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "TopologyAwareHints" "default" false) }}
+
 # Enable traceflow which provides packet tracing feature to diagnose network issue.
 {{- include "featureGate" (dict "featureGates" .Values.featureGates "name" "Traceflow" "default" true) }}
 

diff --git a/build/yamls/antrea-aks.yml b/build/yamls/antrea-aks.yml
@@ -64,10 +64,14 @@ data:
     #  AntreaProxy: true
 
     # Enable EndpointSlice support in AntreaProxy. Don't enable this feature unless that EndpointSlice
-    # API version v1beta1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
+    # API version v1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
     # this flag will not take effect.
     #  EndpointSlice: false
 
+    # Enable TopologyAwareHints in AntreaProxy. This requires AntreaProxy and EndpointSlice to be
+    # enabled, otherwise this flag will not take effect.
+    #  TopologyAwareHints: false
+
     # Enable traceflow which provides packet tracing feature to diagnose network issue.
     #  Traceflow: true
 
@@ -3664,7 +3668,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: a4e7182f54a10234001d8baeb7d950a5053ffb97b2f6951db516244ac3620cd8
+        checksum/config: e9374b5ca3de1c4d413767d76875b5136a1eee082439a9ad7dfb97814ea3a4ba
       labels:
         app: antrea
         component: antrea-agent
@@ -3904,7 +3908,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: a4e7182f54a10234001d8baeb7d950a5053ffb97b2f6951db516244ac3620cd8
+        checksum/config: e9374b5ca3de1c4d413767d76875b5136a1eee082439a9ad7dfb97814ea3a4ba
       labels:
         app: antrea
         component: antrea-controller

diff --git a/build/yamls/antrea-eks.yml b/build/yamls/antrea-eks.yml
@@ -64,10 +64,14 @@ data:
     #  AntreaProxy: true
 
     # Enable EndpointSlice support in AntreaProxy. Don't enable this feature unless that EndpointSlice
-    # API version v1beta1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
+    # API version v1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
     # this flag will not take effect.
     #  EndpointSlice: false
 
+    # Enable TopologyAwareHints in AntreaProxy. This requires AntreaProxy and EndpointSlice to be
+    # enabled, otherwise this flag will not take effect.
+    #  TopologyAwareHints: false
+
     # Enable traceflow which provides packet tracing feature to diagnose network issue.
     #  Traceflow: true
 
@@ -3664,7 +3668,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: a4e7182f54a10234001d8baeb7d950a5053ffb97b2f6951db516244ac3620cd8
+        checksum/config: e9374b5ca3de1c4d413767d76875b5136a1eee082439a9ad7dfb97814ea3a4ba
       labels:
         app: antrea
         component: antrea-agent
@@ -3906,7 +3910,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: a4e7182f54a10234001d8baeb7d950a5053ffb97b2f6951db516244ac3620cd8
+        checksum/config: e9374b5ca3de1c4d413767d76875b5136a1eee082439a9ad7dfb97814ea3a4ba
       labels:
         app: antrea
         component: antrea-controller

diff --git a/build/yamls/antrea-gke.yml b/build/yamls/antrea-gke.yml
@@ -64,10 +64,14 @@ data:
     #  AntreaProxy: true
 
     # Enable EndpointSlice support in AntreaProxy. Don't enable this feature unless that EndpointSlice
-    # API version v1beta1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
+    # API version v1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
     # this flag will not take effect.
     #  EndpointSlice: false
 
+    # Enable TopologyAwareHints in AntreaProxy. This requires AntreaProxy and EndpointSlice to be
+    # enabled, otherwise this flag will not take effect.
+    #  TopologyAwareHints: false
+
     # Enable traceflow which provides packet tracing feature to diagnose network issue.
     #  Traceflow: true
 
@@ -3664,7 +3668,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: afbe6d81852e79d710d0350ab5173f7d0e05b79c75744cffb94ce2294afc328c
+        checksum/config: 00efb109e5d2fb1657e622f37029da378ff9082af0a9abeda50732ec71cda53b
       labels:
         app: antrea
         component: antrea-agent
@@ -3904,7 +3908,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: afbe6d81852e79d710d0350ab5173f7d0e05b79c75744cffb94ce2294afc328c
+        checksum/config: 00efb109e5d2fb1657e622f37029da378ff9082af0a9abeda50732ec71cda53b
       labels:
         app: antrea
         component: antrea-controller

diff --git a/build/yamls/antrea-ipsec.yml b/build/yamls/antrea-ipsec.yml
@@ -77,10 +77,14 @@ data:
     #  AntreaProxy: true
 
     # Enable EndpointSlice support in AntreaProxy. Don't enable this feature unless that EndpointSlice
-    # API version v1beta1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
+    # API version v1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
     # this flag will not take effect.
     #  EndpointSlice: false
 
+    # Enable TopologyAwareHints in AntreaProxy. This requires AntreaProxy and EndpointSlice to be
+    # enabled, otherwise this flag will not take effect.
+    #  TopologyAwareHints: false
+
     # Enable traceflow which provides packet tracing feature to diagnose network issue.
     #  Traceflow: true
 
@@ -3677,7 +3681,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 626cd437985469e9b0e55e2faacbab203aee641d8a99ff9831c2bb3319f02e95
+        checksum/config: 8ef3a3e1e32d78ae87c008912f55a0dcbe35f94efb4fc6c4befb7c2c76e2f70a
         checksum/ipsec-secret: d0eb9c52d0cd4311b6d252a951126bf9bea27ec05590bed8a394f0f792dcb2a4
       labels:
         app: antrea
@@ -3963,7 +3967,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 626cd437985469e9b0e55e2faacbab203aee641d8a99ff9831c2bb3319f02e95
+        checksum/config: 8ef3a3e1e32d78ae87c008912f55a0dcbe35f94efb4fc6c4befb7c2c76e2f70a
       labels:
         app: antrea
         component: antrea-controller

diff --git a/build/yamls/antrea.yml b/build/yamls/antrea.yml
@@ -64,10 +64,14 @@ data:
     #  AntreaProxy: true
 
     # Enable EndpointSlice support in AntreaProxy. Don't enable this feature unless that EndpointSlice
-    # API version v1beta1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
+    # API version v1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
     # this flag will not take effect.
     #  EndpointSlice: false
 
+    # Enable TopologyAwareHints in AntreaProxy. This requires AntreaProxy and EndpointSlice to be
+    # enabled, otherwise this flag will not take effect.
+    #  TopologyAwareHints: false
+
     # Enable traceflow which provides packet tracing feature to diagnose network issue.
     #  Traceflow: true
 
@@ -3664,7 +3668,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 750097fa4ed60fda68fedf2f31b06a1a62dbbe5dc9a38e9c1f9ddc861a389401
+        checksum/config: c0da16f5f3238210419a6aeae404dfa9bb731cb2c84fd147395cde121191558f
       labels:
         app: antrea
         component: antrea-agent
@@ -3904,7 +3908,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 750097fa4ed60fda68fedf2f31b06a1a62dbbe5dc9a38e9c1f9ddc861a389401
+        checksum/config: c0da16f5f3238210419a6aeae404dfa9bb731cb2c84fd147395cde121191558f
       labels:
         app: antrea
         component: antrea-controller

diff --git a/docs/feature-gates.md b/docs/feature-gates.md
@@ -34,9 +34,10 @@ example, to enable `AntreaProxy` on Linux, edit the Agent configuration in the
 ## List of Available Features
 
 | Feature Name            | Component          | Default | Stage | Alpha Release | Beta Release | GA Release | Extra Requirements | Notes |
-| ----------------------- | ------------------ | ------- | ----- | ------------- | ------------ | ---------- | ------------------ | ----- |
+| ----------------------- | ------------------ | ------- | ----- |---------------| ------------ | ---------- | ------------------ | ----- |
 | `AntreaProxy`           | Agent              | `true`  | Beta  | v0.8          | v0.11        | N/A        | Yes                | Must be enabled for Windows. |
 | `EndpointSlice`         | Agent              | `false` | Alpha | v0.13.0       | N/A          | N/A        | Yes                |       |
+| `TopologyAwareHints`    | Agent              | `false` | Alpha | v1.8          | N/A          | N/A        | Yes                |       |
 | `AntreaPolicy`          | Agent + Controller | `true`  | Beta  | v0.8          | v1.0         | N/A        | No                 | Agent side config required from v0.9.0+. |
 | `Traceflow`             | Agent + Controller | `true`  | Beta  | v0.8          | v0.11        | N/A        | Yes                |       |
 | `FlowExporter`          | Agent              | `false` | Alpha | v0.9          | N/A          | N/A        | Yes                |       |
@@ -90,6 +91,19 @@ and will not implement Cluster IP functionality as expected.
 When using the OVS built-in kernel module (which is the most common case), your
 kernel version must be >= 4.6 (as opposed to >= 4.4 without this feature).
 
+### TopologyAwareHints
+
+`TopologyAwareHints` enables TopologyAwareHints support in AntreaProxy. The feature
+TopologyAwareHints is at beta stage in Kubernetes 1.23 (beta), and it is enabled by
+default in Kubernetes 1.24. For AntreaProxy, traffic can be routed to the Endpoint
+which is closer to its origin with this feature. Refer to this
+[link](https://kubernetes.io/docs/concepts/services-networking/topology-aware-hints/)
+for more information.
+
+#### Requirements for this Feature
+
+Feature EndpointSlice is enabled.
+
 ### AntreaPolicy
 
 `AntreaPolicy` enables Antrea ClusterNetworkPolicy and Antrea NetworkPolicy CRDs to be

diff --git a/hack/generate-manifest.sh b/hack/generate-manifest.sh
@@ -30,6 +30,7 @@ Generate a YAML manifest for Antrea using Helm and print it to stdout.
         --no-proxy                    Generate a manifest with Antrea proxy disabled
         --proxy-all                   Generate a manifest with Antrea proxy with all Service support enabled
         --endpointslice               Generate a manifest with EndpointSlice support enabled
+        --topology-aware-hints        Generate a manifest with TopologyAwareHints support enabled
         --flow-exporter               Generate a manifest with FlowExporter support enabled
         --no-np                       Generate a manifest with Antrea-native policies disabled
         --tun (geneve|vxlan|gre|stt)  Choose encap tunnel type from geneve, gre, stt and vxlan (default is geneve)
@@ -73,6 +74,7 @@ ALLFEATURES=false
 PROXY=true
 PROXY_ALL=false
 ENDPOINTSLICE=false
+TOPOLOGY_AWARE_HINTS=false
 FLOW_EXPORTER=false
 NP=true
 KEEP=false
@@ -136,6 +138,10 @@ case $key in
     ENDPOINTSLICE=true
     shift
     ;;
+    --topology-aware-hints)
+    TOPOLOGY_AWARE_HINTS=true
+    shift
+    ;;
     --flow-exporter)
     FLOW_EXPORTER=true
     shift
@@ -231,6 +237,12 @@ if [ "$PROXY" == false ] && [ "$ENDPOINTSLICE" == true ]; then
     exit 1
 fi
 
+if [ "$ENDPOINTSLICE" == false ] && [ "$TOPOLOGY_AWARE_HINTS" == true ]; then
+    echoerr "--topology-aware-hints requires EndpointSlice, so it cannot be used without --endpointslice"
+    print_help
+    exit 1
+fi
+
 if [ "$PROXY" == false ] && [ "$PROXY_ALL" == true ]; then
     echoerr "--proxy-all requires AntreaProxy, so it cannot be used with --no-proxy"
     print_help
@@ -330,6 +342,10 @@ if $ENDPOINTSLICE; then
     HELM_VALUES+=("featureGates.EndpointSlice=true")
 fi
 
+if $TOPOLOGY_AWARE_HINTS; then
+   HELM_VALUES+=("featureGates.TopologyAwareHints=true")
+fi
+
 if $FLOW_EXPORTER; then
     HELM_VALUES+=("featureGates.FlowExporter=true")
 fi

diff --git a/pkg/agent/proxy/endpoints.go b/pkg/agent/proxy/endpoints.go
@@ -21,7 +21,7 @@ import (
 	"sync"
 
 	corev1 "k8s.io/api/core/v1"
-	discovery "k8s.io/api/discovery/v1beta1"
+	discovery "k8s.io/api/discovery/v1"
 	apimachinerytypes "k8s.io/apimachinery/pkg/types"
 	"k8s.io/klog/v2"