Reinitialize ARP/NDP responders when the transport interface changes #6700
Conversation
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
from
42d9434
to
dce62e5
Compare
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
from
dce62e5
to
2dd49d8
Compare
cmd/antrea-agent/agent.go
Outdated
| if egressController != nil { | ||
| go egressController.Run(stopCh) | ||
| } | ||
|
|
||
| if externalIPController != nil { | ||
| go externalIPController.Run(stopCh) | ||
| } | ||
|
|
There was a problem hiding this comment.
My concern with changing the order is that it is a bit arbitrary, we can introduce new unexpected issues, and it limits what we can do in the future. For example, we could in the future want to introduce a dependency of flowRestoreCompleteWait on the realization of Egress policies. It would make sense: delay the removal of flow-restore-wait until Egress policy flows have been installed, in order to provide a more consistent datapath on (re)start. See #6342 for more context.
However, we know that there is already a dependency of SecondaryNetwork initialization on flowRestoreCompleteWait. This dependency is important and AFAIK cannot be broken. So with the change described above, we would end up with a circular dependency:
EgressController before flowRestoreCompleteWait before SecondaryNetwork initialization before EgressController.
I would rather avoid "introducing" this new dependency (or rather enforcing this new dependency).
cc @tnqn for his opinion
There was a problem hiding this comment.
I think this is a valid concern. we can check/watch for interface changes in the responders to avoid the hard dependencies. Waiting for Quan's insights.
There was a problem hiding this comment.
Not introducing the dependency makes sense to me. Actually I'm considering something similar (check/watch for interface changes) to support #6547, for which we might add an externalInterface configuration and it could happen that not all nodes have the interface (and it's a valid case because user can select certain nodes as egress nodes, then raising error because the interface doesn't exist on non egress nodes doesn't make sense). If we can handle interface change in egress controller, it would solve two problems.
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
3 times, most recently
from
1945b5b
to
586807b
Compare
| type Interface interface { | ||
| LinkExists(linkName string) bool | ||
|
|
||
| // Run starts the detector. | ||
| Run(stopCh <-chan struct{}) | ||
|
|
||
| // AddEventHandler registers an eventHandler of link updates. It's not thread-safe and should be called before | ||
| // starting the detector. | ||
| AddEventHandler(handler LinkEventHandler, linkName ...string) | ||
|
|
||
| // HasSynced returns true if the cache has been initialized with the existing links. | ||
| HasSynced() bool | ||
| } |
There was a problem hiding this comment.
Hi @tnqn, could you comment on this? Thanks a lot!
There was a problem hiding this comment.
I haven't thought about how to leverage it in #6547 yet but it looks good to me for now.
Please design a minimum interface in a generic way that is best for addressing your current issue, I could add new methods or update it when using.
|
@tnqn @antoninbas I have added this to the 2.2 release log, can you prioritize this PR's review as well? We'd probaboly better to include it considering it's a bug fix. Let me know if you have a different view. Thanks. |
| var ( | ||
| // map of transportInterfaceName to ARP responder | ||
| arpResponders = make(map[string]*arpResponder) | ||
| // map of transportInterfaceName to NDP responder | ||
| ndpResponders = make(map[string]*ndpResponder) | ||
| ) | ||
|
|
||
| // NewARPResponder creates a new ARP responder if it does not exist for the given transportInterfaceName. | ||
| // This function is not thread-safe. | ||
| func NewARPResponder(transportInterfaceName string, linkDetector linkdetector.Interface) *arpResponder { |
There was a problem hiding this comment.
it feels like this is independent of this change itself
I see this in the PR description:
NDP responder may fail to bind to the new interface due to the Duplicate Address Detection process
I assume it is related, but I am still not clear what the issue was
I do agree that having multiple ARP responders for the same interface seems unnecessary, but was it actually an issue?
There was a problem hiding this comment.
This change is not described in the description. Having multiple responders will not cause issues.
The change of
NDP responder may fail to bind to the new interface due to the Duplicate Address Detection process
is to wrap the binding/accepting into wait.Until to retry on binding errors.
I started reviewing the code. It may take a few days to get it merged based on the size. One concern right now is that it depends on an upstream change to the ndp library, and it seems that @xliuxu hasn't heard back from the maintainer in a while. We could make a temporary fork of ndp under the antrea-io organization; that would be slightly better than relying on a personal fork. |
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
from
586807b
to
27541cf
Compare
xliuxu
changed the title
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
from
27541cf
to
204c6c0
Compare
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
3 times, most recently
from
68227ed
to
4515385
Compare
| go wait.NonSlidingUntil(func() { | ||
| d.listAndWatchLinks(stopCh) | ||
| }, 5*time.Second, stopCh) | ||
|
|
||
| <-stopCh |
There was a problem hiding this comment.
nit: this could just be:
wait.NonSlidingUntil(func() { d.listAndWatchLinks(stopCh) }, 5*time.Second, stopCh)| } | ||
|
|
||
| func (d *linkMonitor) Run(stopCh <-chan struct{}) { | ||
| klog.InfoS("Starting localLinkMonitor") |
There was a problem hiding this comment.
I see no other reference to "localLinkMonitor", why did we add "local" here?
| type linkEventHandler struct { | ||
| watchLinkNames []string | ||
| receivedEvents []string | ||
| lock sync.Mutex |
There was a problem hiding this comment.
nit: rename lock to mutex
| func Test_linkMonitor_listAndWatchLinks(t *testing.T) { | ||
| tests := []struct { | ||
| name string | ||
| eventHandlers []*linkEventHandler |
There was a problem hiding this comment.
you made this a list but all the test cases I see only use a single event handler?
either you want to test the case where 2 event handlers are registered, and you should add a test case for that, or you don't think it is necessary to test that case specifically, and the code can be improved.
There was a problem hiding this comment.
added test cases for two event handlers.
| name string | ||
| eventHandlers []*linkEventHandler | ||
| linkEvents []netlink.LinkUpdate | ||
| expectNetlinkCalls func(netlink *netlinktesting.MockInterfaceMockRecorder) |
There was a problem hiding this comment.
I think you should just make this initialLinkList []netlink.Link and set the expectation in the test body. You always expect the same netlink call and the only difference is the list of links being returned.
| func (r *arpResponder) onLinkUpdate(linkName string) { | ||
| klog.V(4).InfoS("Received link update event", "name", linkName) | ||
| select { | ||
| case r.linkEventCh <- struct{}{}: |
There was a problem hiding this comment.
add comment here:
// if an event is already present in the channel, we can drop this new one as we only monitor one link
| continue | ||
| } | ||
| if transportInterface.Index != newTransportInterface.Index { | ||
| klog.InfoS("Transport interface index changed. Restarting ARP responder", "name", transportInterface.Name, "oldIndex", transportInterface.Index, "newIndex", newTransportInterface.Index) |
There was a problem hiding this comment.
nit: make it a single sentence
Transport interface index changed, restarting ARP responder
pkg/agent/util/ndp/ndp.go
Outdated
| var ( | ||
| // IPv6AllNodes is the IPv6 link-local multicast address for all nodes. | ||
| IPv6AllNodes = netip.MustParseAddr("ff02::1") | ||
| ) |
There was a problem hiding this comment.
there is a function for this: https://pkg.go.dev/net/netip#IPv6LinkLocalAllNodes
| defer r.mutex.Unlock() | ||
| if !r.assignedIPs.Has(ip.String()) { | ||
| target, _ := netip.AddrFromSlice(ip) | ||
| if !r.isIPAssigned(target) { |
There was a problem hiding this comment.
I don't really feel good about the fact that we check this separately from the logic below. Usually when you have this pattern:
- acquire lock
- check condition
- release lock
- acquire lock
- perform action which depends on above condition
- release lock
it can be prone to races
it feels like we could hold the lock for the duration of the function
cc @tnqn
There was a problem hiding this comment.
I agree, I didn't notice the change. This is not a very frequent operation that worths extreme performance optimization, we should keep the previous model.
There was a problem hiding this comment.
reverted the changes of the lock
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
from
4515385
to
ae3d98f
Compare
For secondary-network scenarios, the transport interface can be changed after the agent is started. The ARP/NDP responders should be started after the initialization of secondary-network to bind to the transport interface of the new index. Besides, this change also addresses the following issues: - NDP responder may fail to bind to the new interface due to the Duplicate Address Detection process. - Golang caches the zone index for the interface, which may result in NDP responder binding on the stale interface Fixes: antrea-io#6623 Signed-off-by: Xu Liu <[email protected]>
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
from
ae3d98f
to
0004915
Compare
|
/test-all |
For secondary-network scenarios, the transport interface can be changed after the agent is started. The ARP/NDP responders should be restarted after the initialization of secondary-network to bind to the transport interface of the new index.
Besides, this change also addresses the following issues:
Fixes: #6623