Remove stale LRSRs from default and network scopped cluster router #4679
Conversation
github-actions
bot
added
the
area/unit-testing
arghosh93
force-pushed
the
delete_stale_logical_route
branch
from
3b302b6
to
cd269e4
Compare
tssurya
added
the
area/core-kubernetes
arghosh93
force-pushed
the
delete_stale_logical_route
branch
from
cd269e4
to
661da18
Compare
arghosh93
force-pushed
the
delete_stale_logical_route
branch
from
661da18
to
263bd30
Compare
This commit is to effectively filter LRSR created for default cluster router and prevent deletion of any other required routes. Previous predicate was causing 2 LRSRs to be selected while execution of CreateOrReplaceLogicalRouterStaticRouteWithPredicate function and was causing one of the routes to be deleted upon ovnkube-controller restart. 10.244.0.0/16 100.64.0.4 src-ip 10.244.2.0/24 100.64.0.4 src-ip Upstream issue: ovn-kubernetes#4693 Signed-off-by: Arnab Ghosh <[email protected]>
This PR removes logical router static routes with stale IPs when join or transit switch IP gets changed as part of day 2 operation. ip4.dst == 10.244.0.0/24 , nexthop = 100.88.0.2 dst-ip ip4.dst == 100.64.0.2/16 , nexthop = 100.88.0.2 dst-ip ip4.dst == 10.244.0.0/16 , nexthop = 100.64.0.4 src-ip ip4.dst == 100.64.0.4 , nexthop = 100.64.0.4 dst-ip Signed-off-by: Arnab Ghosh <[email protected]>
arghosh93
force-pushed
the
delete_stale_logical_route
branch
from
263bd30
to
fe9519f
Compare
|
|
||
| nodeTransitSwitchPortIPs, err := util.ParseNodeTransitSwitchPortAddrs(node) | ||
| if err != nil || len(nodeTransitSwitchPortIPs) == 0 { | ||
| return fmt.Errorf("failed to get the node transit switch port Ips : %v", err) |
There was a problem hiding this comment.
I think it would be a better idea to aggregate the errors here instead of doing the early exit. There is still a chance to cleanup the join addr routes.
| if util.IsAnnotationNotSetError(err) { | ||
| var err1 error | ||
| // this is for backwards compatibility | ||
| nodeGRPIPs, err1 = util.ParseNodeGatewayRouterLRPAddrs(node) |
There was a problem hiding this comment.
Are you sure we still need that?
There was a problem hiding this comment.
I am not sure. I checked other places where we are getting join IP from annotation and in all those places we are running ParseNodeGatewayRouterLRPAddrs() if IsAnnotationNotSetError() is true.
| return lrsr.ExternalIDs["ic-node"] == node.Name && lrsr.ExternalIDs[types.NetworkExternalID] == zic.GetNetworkName() && | ||
| (lrsr.Nexthop != v6TransitSwitchIP.IP.String() || (nodeSubnet != nil && lrsr.IPPrefix != nodeSubnet.String() && | ||
| lrsr.IPPrefix != v6JoinIP.IP.String()+util.GetIPFullMaskString(v6JoinIP.IP.String()))) | ||
| } else if !utilnet.IsIPv6String(lrsr.Nexthop) { |
There was a problem hiding this comment.
NIT: Use utilnet.IsIPv4String instead
| return lrsr.ExternalIDs["ic-node"] == node.Name && lrsr.ExternalIDs[types.NetworkExternalID] == zic.GetNetworkName() && | ||
| (lrsr.Nexthop != v6TransitSwitchIP.IP.String() || (nodeSubnet != nil && lrsr.IPPrefix != nodeSubnet.String() && | ||
| lrsr.IPPrefix != v6JoinIP.IP.String()+util.GetIPFullMaskString(v6JoinIP.IP.String()))) | ||
| } else if !utilnet.IsIPv6String(lrsr.Nexthop) { |
There was a problem hiding this comment.
There is no need for the else if since the first if returns.
| return false | ||
| } | ||
| err = libovsdbops.DeleteLogicalRouterStaticRoutesWithPredicate(zic.nbClient, zic.networkClusterRouterName, p) | ||
| if err != nil && !errors.Is(err, libovsdbclient.ErrNotFound) { |
There was a problem hiding this comment.
I don't think that DeleteLogicalRouterStaticRoutesWithPredicate returns libovsdbclient.ErrNotFound if there was nothing to delete.
There was a problem hiding this comment.
yaa, you are right , ErrNotFound is set to false at operationModel.
| if !config.OVNKubernetesFeature.EnableInterconnect { | ||
| lrsr.ExternalIDs["nodeName"] = nodeName | ||
| } | ||
| } else if !config.OVNKubernetesFeature.EnableInterconnect { |
There was a problem hiding this comment.
Was it intentional that you override all ExternalIDs in case of non-secondary networks?
Otherwise, You could just extract the if and do it once:
if gw.netInfo.IsSecondary() {
...
}
...
if !config.OVNKubernetesFeature.EnableInterconnect {
}
| @@ -633,7 +636,8 @@ func (zic *ZoneInterconnectHandler) addRemoteNodeStaticRoutes(node *corev1.Node, | |||
| addRoute := func(prefix, nexthop string) error { | |||
| logicalRouterStaticRoute := nbdb.LogicalRouterStaticRoute{ | |||
| ExternalIDs: map[string]string{ | |||
| "ic-node": node.Name, | |||
| "ic-node": node.Name, | |||
| types.NetworkExternalID: zic.GetNetworkName(), | |||
There was a problem hiding this comment.
IIRC we usually also add the types.TopologyExternalID, it wouldn't hurt to have it here also, especially if we allow same network names on different topologies.
| } | ||
| p := func(lrsr *nbdb.LogicalRouterStaticRoute) bool { | ||
| if utilnet.IsIPv6String(lrsr.Nexthop) { | ||
| nodeSubnet, _ := util.MatchFirstIPNetFamily(true, nodeSubnets) |
There was a problem hiding this comment.
I don't think we should do the the check if err != nil
| if lrsr.Nexthop != gwLRPIP && utilnet.IPFamilyOfString(lrsr.Nexthop) == utilnet.IPFamilyOfString(gwLRPIP) && | ||
| lrsr.Nexthop == lrsr.IPPrefix { | ||
| networkName, isSecondaryNetwork := lrsr.ExternalIDs[types.NetworkExternalID] | ||
| if isSecondaryNetwork && networkName == gw.netInfo.GetNetworkName() { |
There was a problem hiding this comment.
This nested if/elseif block could be simplified.
I wonder if there is any benefit in not including the nodeName when EnableInterconnect is true, if we had it would simplify this check.
| } | ||
|
|
||
| err := libovsdbops.DeleteLogicalRouterStaticRoutesWithPredicate(gw.nbClient, gw.clusterRouterName, p) | ||
| if err != nil && !errors.Is(err, libovsdbclient.ErrNotFound) { |
There was a problem hiding this comment.
I don't think that DeleteLogicalRouterStaticRoutesWithPredicate returns libovsdbclient.ErrNotFound
This PR removes logical router static routes with stale IPs when join or transit switch IP gets changed as part of day 2 operation.
ip4.dst == 10.244.0.0/24 , nexthop = 100.88.0.2 dst-ip
ip4.dst == 100.64.0.2/16 , nexthop = 100.88.0.2 dst-ip
ip4.dst == 10.244.0.0/16 , nexthop = 100.64.0.4 src-ip
ip4.dst == 100.64.0.4 , nexthop = 100.64.0.4 dst-ip
ip4.dst == 10.244.2.0/24 , nexthop = 100.64.0.4 src-ip
What this PR does and why is it needed
Which issue(s) this PR fixes
Jira: https://issues.redhat.com/browse/OCPBUGS-36177
Fixes #4693 additionally.
Special notes for reviewers
How to verify it
Details to documentation updates
Description for the changelog
Does this PR introduce a user-facing change?