Modify OF table name

Signed-off-by: wenyingd <[email protected]>

go.mod

@@ -3,8 +3,8 @@ module antrea.io/antrea
 go 1.17
 
 require (
-	antrea.io/libOpenflow v0.2.0
-	antrea.io/ofnet v0.1.0
+	antrea.io/libOpenflow v0.3.1
+	antrea.io/ofnet v0.2.0
 	github.com/Mellanox/sriovnet v1.0.2
 	github.com/Microsoft/go-winio v0.4.16-0.20201130162521-d1ffc52c7331
 	github.com/Microsoft/hcsshim v0.8.9

go.sum

@@ -1,7 +1,8 @@
-antrea.io/libOpenflow v0.2.0 h1:bBNT3CI8q2FMQRdphP0dynImRK1LBDmA+cQOu7JULj4=
-antrea.io/libOpenflow v0.2.0/go.mod h1:CzEJZxDNAupiGxeL5VOw92PsxfyvehEAvE3PiC6gr8o=
-antrea.io/ofnet v0.1.0 h1:r5c/TM5pa8xSVd5xEUj1L2vYfc4EjIzCWs6cHbeuVFc=
-antrea.io/ofnet v0.1.0/go.mod h1:fLmHHD9XWeVza2pz/HEdLkGyA7pNutxlXCqodlwWQsA=
+antrea.io/libOpenflow v0.3.0/go.mod h1:CzEJZxDNAupiGxeL5VOw92PsxfyvehEAvE3PiC6gr8o=
+antrea.io/libOpenflow v0.3.1 h1:zDu2TGxZYbrBCHxHq4o4TKgA7iRk+PfSW6y+nJSBsu4=
+antrea.io/libOpenflow v0.3.1/go.mod h1:CzEJZxDNAupiGxeL5VOw92PsxfyvehEAvE3PiC6gr8o=
+antrea.io/ofnet v0.2.0 h1:NtiV7Ax2hv23NQukem3vEvMQuQNL1+1kPZEFSRRnZ60=
+antrea.io/ofnet v0.2.0/go.mod h1:t9GyuMB4FWTdC54ChMWP/146nRJfX1YHPGP49EYEa1s=
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=

pkg/agent/apiserver/handlers/ovsflows/handler.go

@@ -50,12 +50,12 @@ func dumpMatchedFlows(aq agentquerier.AgentQuerier, flowKeys []string) ([]Respon
 	return resps, nil
 }
 
-func dumpFlows(aq agentquerier.AgentQuerier, table binding.TableIDType) ([]Response, error) {
+func dumpFlows(aq agentquerier.AgentQuerier, table uint8) ([]Response, error) {
 	resps := []Response{}
 	var flowStrs []string
 	var err error
-	if table != binding.TableIDAll {
-		flowStrs, err = aq.GetOVSCtlClient().DumpTableFlows(uint8(table))
+	if table != binding.TableIDAll.GetID() {
+		flowStrs, err = aq.GetOVSCtlClient().DumpTableFlows(table)
 	} else {
 		flowStrs, err = aq.GetOVSCtlClient().DumpFlows()
 	}
@@ -89,17 +89,17 @@ func getTableFlows(aq agentquerier.AgentQuerier, tables string) ([]Response, err
 	var resps []Response
 	for _, tableSeg := range strings.Split(tables, ",") {
 		tableSeg = strings.TrimSpace(tableSeg)
-		var tableNumber binding.TableIDType
+		var tableNumber uint8
 		// Table nubmer is a 8-bit unsigned integer.
 		n, err := strconv.ParseUint(tableSeg, 10, 8)
 		if err == nil {
-			tableNumber = binding.TableIDType(n)
+			tableNumber = uint8(n)
 			if openflow.GetFlowTableName(tableNumber) == "" {
 				return nil, nil
 			}
 		} else {
 			tableNumber = openflow.GetFlowTableNumber(tableSeg)
-			if tableNumber == binding.TableIDAll {
+			if tableNumber == binding.TableIDAll.GetID() {
 				return nil, nil
 			}
 		}
@@ -197,7 +197,7 @@ func HandleFunc(aq agentquerier.AgentQuerier) http.HandlerFunc {
 		}
 
 		if pod == "" && service == "" && networkPolicy == "" && namespace == "" && table == "" && groups == "" {
-			resps, err = dumpFlows(aq, binding.TableIDAll)
+			resps, err = dumpFlows(aq, binding.TableIDAll.GetID())
 		} else if pod != "" {
 			// Pod Namespace must be provided to dump flows of a Pod.
 			resps, err = getPodFlows(aq, pod, namespace)

pkg/agent/apiserver/handlers/ovsflows/handler_test.go

@@ -25,12 +25,14 @@ import (
 
 	"antrea.io/antrea/pkg/agent/interfacestore"
 	interfacestoretest "antrea.io/antrea/pkg/agent/interfacestore/testing"
+	"antrea.io/antrea/pkg/agent/openflow"
 	oftest "antrea.io/antrea/pkg/agent/openflow/testing"
 	proxytest "antrea.io/antrea/pkg/agent/proxy/testing"
 	agentquerier "antrea.io/antrea/pkg/agent/querier"
 	aqtest "antrea.io/antrea/pkg/agent/querier/testing"
 	cpv1beta "antrea.io/antrea/pkg/apis/controlplane/v1beta2"
 	binding "antrea.io/antrea/pkg/ovs/openflow"
+	"antrea.io/antrea/pkg/ovs/ovsconfig"
 	ovsctltest "antrea.io/antrea/pkg/ovs/ovsctl/testing"
 	"antrea.io/antrea/pkg/querier"
 	queriertest "antrea.io/antrea/pkg/querier/testing"
@@ -131,6 +133,11 @@ func TestServiceFlows(t *testing.T) {
 	ctrl := gomock.NewController(t)
 	defer ctrl.Finish()
 
+	// Create openflow.Client to ensure the OVS tables are added into the cache.
+	bridgeName := "testbr"
+	bridgeMgmtAddr := binding.GetMgmtAddress(ovsconfig.DefaultOVSRunDir, bridgeName)
+	openflow.NewClient(bridgeName, bridgeMgmtAddr, ovsconfig.OVSDatapathSystem, true, false, false, false)
+
 	testcases := []testCase{
 		{
 			test:           "Existing Service",

pkg/agent/controller/networkpolicy/packetin.go

@@ -94,19 +94,19 @@ func getMatchRegField(matchers *ofctrl.Matchers, field *binding.RegField) *ofctr
 
 // getMatch receives ofctrl matchers and table id, match field.
 // Modifies match field to Ingress/Egress register based on tableID.
-func getMatch(matchers *ofctrl.Matchers, tableID binding.TableIDType, disposition uint32) *ofctrl.MatchField {
+func getMatch(matchers *ofctrl.Matchers, tableID uint8, disposition uint32) *ofctrl.MatchField {
 	// Get match from CNPDenyConjIDReg if disposition is not allow.
 	if disposition != openflow.DispositionAllow {
 		return getMatchRegField(matchers, openflow.CNPDenyConjIDField)
 	}
 	// Get match from ingress/egress reg if disposition is allow
 	for _, table := range append(openflow.GetAntreaPolicyEgressTables(), openflow.EgressRuleTable) {
-		if tableID == table {
+		if tableID == table.GetID() {
 			return getMatchRegField(matchers, openflow.TFEgressConjIDField)
 		}
 	}
 	for _, table := range append(openflow.GetAntreaPolicyIngressTables(), openflow.IngressRuleTable) {
-		if tableID == table {
+		if tableID == table.GetID() {
 			return getMatchRegField(matchers, openflow.TFIngressConjIDField)
 		}
 	}
@@ -130,7 +130,7 @@ func getNetworkPolicyInfo(pktIn *ofctrl.PacketIn, c *Controller, ob *logInfo) er
 	matchers := pktIn.GetMatches()
 	var match *ofctrl.MatchField
 	// Get table name
-	tableID := binding.TableIDType(pktIn.TableId)
+	tableID := pktIn.TableId
 	ob.tableName = openflow.GetFlowTableName(tableID)
 
 	// Get disposition Allow or Drop
@@ -326,7 +326,7 @@ func (c *Controller) storeDenyConnection(pktIn *ofctrl.PacketIn) error {
 	matchers := pktIn.GetMatches()
 	var match *ofctrl.MatchField
 	// Get table ID
-	tableID := binding.TableIDType(pktIn.TableId)
+	tableID := pktIn.TableId
 	// Get disposition Allow, Drop or Reject
 	match = getMatchRegField(matchers, openflow.APDispositionField)
 	id, err := getInfoInReg(match, openflow.APDispositionField.GetRange().ToNXRange())
@@ -336,10 +336,10 @@ func (c *Controller) storeDenyConnection(pktIn *ofctrl.PacketIn) error {
 	disposition := openflow.DispositionToString[id]
 
 	// For K8s NetworkPolicy implicit drop action, we cannot get name/namespace.
-	if tableID == openflow.IngressDefaultTable {
+	if tableID == openflow.IngressDefaultTable.GetID() {
 		denyConn.IngressNetworkPolicyType = registry.PolicyTypeK8sNetworkPolicy
 		denyConn.IngressNetworkPolicyRuleAction = flowexporter.RuleActionToUint8(disposition)
-	} else if tableID == openflow.EgressDefaultTable {
+	} else if tableID == openflow.EgressDefaultTable.GetID() {
 		denyConn.EgressNetworkPolicyType = registry.PolicyTypeK8sNetworkPolicy
 		denyConn.EgressNetworkPolicyRuleAction = flowexporter.RuleActionToUint8(disposition)
 	} else { // Get name and namespace for Antrea Network Policy or Antrea Cluster Network Policy
@@ -356,13 +356,13 @@ func (c *Controller) storeDenyConnection(pktIn *ofctrl.PacketIn) error {
 			// Default drop by K8s NetworkPolicy
 			klog.V(4).Infof("Cannot find NetworkPolicy or rule that has ruleID %v", ruleID)
 		} else {
-			if tableID == openflow.AntreaPolicyIngressRuleTable {
+			if tableID == openflow.AntreaPolicyIngressRuleTable.GetID() {
 				denyConn.IngressNetworkPolicyName = policy.Name
 				denyConn.IngressNetworkPolicyNamespace = policy.Namespace
 				denyConn.IngressNetworkPolicyType = flowexporter.PolicyTypeToUint8(policy.Type)
 				denyConn.IngressNetworkPolicyRuleName = rule.Name
 				denyConn.IngressNetworkPolicyRuleAction = flowexporter.RuleActionToUint8(disposition)
-			} else if tableID == openflow.AntreaPolicyEgressRuleTable {
+			} else if tableID == openflow.AntreaPolicyEgressRuleTable.GetID() {
 				denyConn.EgressNetworkPolicyName = policy.Name
 				denyConn.EgressNetworkPolicyNamespace = policy.Namespace
 				denyConn.EgressNetworkPolicyType = flowexporter.PolicyTypeToUint8(policy.Type)

pkg/agent/controller/traceflow/packetin.go

@@ -205,8 +205,8 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1alpha1.Tracefl
 	}
 
 	// Get drop table.
-	if tableID == uint8(openflow.EgressMetricTable) || tableID == uint8(openflow.IngressMetricTable) {
-		ob := getNetworkPolicyObservation(tableID, tableID == uint8(openflow.IngressMetricTable))
+	if tableID == openflow.EgressMetricTable.GetID() || tableID == openflow.IngressMetricTable.GetID() {
+		ob := getNetworkPolicyObservation(tableID, tableID == openflow.IngressMetricTable.GetID())
 		if match := getMatchRegField(matchers, openflow.CNPDenyConjIDField); match != nil {
 			notAllowConjInfo, err := getRegValue(match, nil)
 			if err != nil {
@@ -222,13 +222,13 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1alpha1.Tracefl
 			}
 		}
 		obs = append(obs, *ob)
-	} else if tableID == uint8(openflow.EgressDefaultTable) || tableID == uint8(openflow.IngressDefaultTable) {
-		ob := getNetworkPolicyObservation(tableID, tableID == uint8(openflow.IngressDefaultTable))
+	} else if tableID == openflow.EgressDefaultTable.GetID() || tableID == openflow.IngressDefaultTable.GetID() {
+		ob := getNetworkPolicyObservation(tableID, tableID == openflow.IngressDefaultTable.GetID())
 		obs = append(obs, *ob)
 	}
 
 	// Get output table.
-	if tableID == uint8(openflow.L2ForwardingOutTable) {
+	if tableID == openflow.L2ForwardingOutTable.GetID() {
 		ob := new(crdv1alpha1.Observation)
 		tunnelDstIP := ""
 		isIPv6 := c.nodeConfig.NodeIPAddr.IP.To4() == nil
@@ -262,7 +262,7 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1alpha1.Tracefl
 			// Output port is Pod port, packet is delivered.
 			ob.Action = crdv1alpha1.ActionDelivered
 		}
-		ob.ComponentInfo = openflow.GetFlowTableName(binding.TableIDType(tableID))
+		ob.ComponentInfo = openflow.L2ForwardingOutTable.GetName()
 		ob.Component = crdv1alpha1.ComponentForwarding
 		obs = append(obs, *ob)
 	}
@@ -340,22 +340,30 @@ func getNetworkPolicyObservation(tableID uint8, ingress bool) *crdv1alpha1.Obser
 	ob.Component = crdv1alpha1.ComponentNetworkPolicy
 	if ingress {
 		switch tableID {
-		case uint8(openflow.IngressMetricTable), uint8(openflow.IngressDefaultTable):
+		case openflow.IngressMetricTable.GetID():
 			// Packet dropped by ANP/default drop rule
-			ob.ComponentInfo = openflow.GetFlowTableName(binding.TableIDType(tableID))
+			ob.ComponentInfo = openflow.IngressMetricTable.GetName()
+			ob.Action = crdv1alpha1.ActionDropped
+		case openflow.IngressDefaultTable.GetID():
+			// Packet dropped by ANP/default drop rule
+			ob.ComponentInfo = openflow.IngressDefaultTable.GetName()
 			ob.Action = crdv1alpha1.ActionDropped
 		default:
-			ob.ComponentInfo = openflow.GetFlowTableName(openflow.IngressRuleTable)
+			ob.ComponentInfo = openflow.IngressRuleTable.GetName()
 			ob.Action = crdv1alpha1.ActionForwarded
 		}
 	} else {
 		switch tableID {
-		case uint8(openflow.EgressMetricTable), uint8(openflow.EgressDefaultTable):
+		case openflow.EgressMetricTable.GetID():
+			// Packet dropped by ANP/default drop rule
+			ob.ComponentInfo = openflow.EgressMetricTable.GetName()
+			ob.Action = crdv1alpha1.ActionDropped
+		case openflow.EgressDefaultTable.GetID():
 			// Packet dropped by ANP/default drop rule
-			ob.ComponentInfo = openflow.GetFlowTableName(binding.TableIDType(tableID))
+			ob.ComponentInfo = openflow.EgressDefaultTable.GetName()
 			ob.Action = crdv1alpha1.ActionDropped
 		default:
-			ob.ComponentInfo = openflow.GetFlowTableName(openflow.EgressRuleTable)
+			ob.ComponentInfo = openflow.EgressRuleTable.GetName()
 			ob.Action = crdv1alpha1.ActionForwarded
 		}
 	}

pkg/agent/controller/traceflow/packetin_test.go

@@ -41,7 +41,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) {
 		{
 			name: "ingress metric drop",
 			args: args{
-				tableID: uint8(openflow.IngressMetricTable),
+				tableID: openflow.IngressMetricTable.GetID(),
 				ingress: true,
 			},
 			want: &crdv1alpha1.Observation{
@@ -53,7 +53,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) {
 		{
 			name: "ingress accept",
 			args: args{
-				tableID: uint8(openflow.L2ForwardingOutTable),
+				tableID: openflow.L2ForwardingOutTable.GetID(),
 				ingress: true,
 			},
 			want: &crdv1alpha1.Observation{
@@ -65,7 +65,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) {
 		{
 			name: "egress default drop",
 			args: args{
-				tableID: uint8(openflow.EgressDefaultTable),
+				tableID: openflow.EgressDefaultTable.GetID(),
 				ingress: false,
 			},
 			want: &crdv1alpha1.Observation{
@@ -77,7 +77,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) {
 		{
 			name: "egress accept",
 			args: args{
-				tableID: uint8(openflow.L2ForwardingOutTable),
+				tableID: openflow.L2ForwardingOutTable.GetID(),
 				ingress: false,
 			},
 			want: &crdv1alpha1.Observation{

pkg/agent/openflow/client_test.go

@@ -402,7 +402,7 @@ func prepareTraceflowFlow(ctrl *gomock.Controller) *client {
 	mFlow := ovsoftest.NewMockFlow(ctrl)
 	ctx := &conjMatchFlowContext{dropFlow: mFlow}
 	mFlow.EXPECT().FlowProtocol().Return(binding.Protocol("ip"))
-	mFlow.EXPECT().CopyToBuilder(priorityNormal+2, false).Return(c.pipeline[EgressDefaultTable].BuildFlow(priorityNormal + 2)).Times(1)
+	mFlow.EXPECT().CopyToBuilder(priorityNormal+2, false).Return(getTableByTableID(EgressDefaultTable).BuildFlow(priorityNormal + 2)).Times(1)
 	c.globalConjMatchFlowCache["mockContext"] = ctx
 	c.policyCache.Add(&policyRuleConjunction{metricFlows: []binding.Flow{c.denyRuleMetricFlow(123, false)}})
 	return c

pkg/agent/openflow/network_policy.go

@@ -234,7 +234,7 @@ func (m *conjunctiveMatch) generateGlobalMapKey() string {
 	} else {
 		priorityStr = strconv.Itoa(int(*m.priority))
 	}
-	return fmt.Sprintf("table:%d,priority:%s,type:%v,value:%s", m.tableID, priorityStr, matchType, valueStr)
+	return fmt.Sprintf("table:%d,priority:%s,type:%v,value:%s", m.tableID.GetID(), priorityStr, matchType, valueStr)
 }
 
 // changeType is generally used to describe the change type of a conjMatchFlowContext. It is also used in "flowChange"
@@ -1138,12 +1138,12 @@ func (c *policyRuleConjunction) calculateClauses(rule *types.PolicyRule, clnt *c
 	var isEgressRule = false
 	switch rule.Direction {
 	case v1beta2.DirectionOut:
-		dropTable = clnt.pipeline[EgressDefaultTable]
+		dropTable = getTableByTableID(EgressDefaultTable)
 		isEgressRule = true
 	default:
-		dropTable = clnt.pipeline[IngressDefaultTable]
+		dropTable = getTableByTableID(IngressDefaultTable)
 	}
-	ruleTable := clnt.pipeline[rule.TableID]
+	ruleTable := getTableByTableID(rule.TableID)
 
 	var fromID, toID, serviceID, nClause uint8
 	// Calculate clause IDs and the total number of clauses.
@@ -1642,8 +1642,8 @@ func parseMetricFlow(flow string) (uint32, types.RuleMetric) {
 
 func (c *client) NetworkPolicyMetrics() map[uint32]*types.RuleMetric {
 	result := map[uint32]*types.RuleMetric{}
-	egressFlows, _ := c.ovsctlClient.DumpTableFlows(uint8(EgressMetricTable))
-	ingressFlows, _ := c.ovsctlClient.DumpTableFlows(uint8(IngressMetricTable))
+	egressFlows, _ := c.ovsctlClient.DumpTableFlows(EgressMetricTable.GetID())
+	ingressFlows, _ := c.ovsctlClient.DumpTableFlows(IngressMetricTable.GetID())
 
 	collectMetricsFromFlows := func(flows []string) {
 		for _, flow := range flows {