Enhance Egress support in Traceflow

- Add "EgressNodeIP" field in Traceflow observations.

- Add "EgressNode" field in observations from Egress Node as well when
  Egress Node is different from source Node. Previously, "EgressNode" field
  was available only in observations from source Node.

Fixes antrea-io#6099

Signed-off-by: Kumar Atish <kumar.atish@broadcom.com>

build/charts/antrea/crds/traceflow.yaml

@@ -456,6 +456,8 @@ spec:
                               type: string
                             egressNode:
                               type: string
+                            egressNodeIP:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea-aks.yml

@@ -4987,6 +4987,8 @@ spec:
                               type: string
                             egressNode:
                               type: string
+                            egressNodeIP:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea-crds.yml

@@ -4960,6 +4960,8 @@ spec:
                               type: string
                             egressNode:
                               type: string
+                            egressNodeIP:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea-eks.yml

@@ -4987,6 +4987,8 @@ spec:
                               type: string
                             egressNode:
                               type: string
+                            egressNodeIP:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea-gke.yml

@@ -4987,6 +4987,8 @@ spec:
                               type: string
                             egressNode:
                               type: string
+                            egressNodeIP:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea-ipsec.yml

@@ -4987,6 +4987,8 @@ spec:
                               type: string
                             egressNode:
                               type: string
+                            egressNodeIP:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea.yml

@@ -4987,6 +4987,8 @@ spec:
                               type: string
                             egressNode:
                               type: string
+                            egressNodeIP:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

pkg/agent/controller/traceflow/packetin.go

@@ -292,11 +292,11 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1beta1.Traceflo
 				}
 			}
 			if isRemoteEgress == 1 { // an Egress packet, currently on source Node and forwarded to Egress Node.
-				egressName, egressIP, egressNode, err := c.egressQuerier.GetEgress(ns, srcPod)
+				egressName, egressIP, egressNodeName, err := c.egressQuerier.GetEgress(ns, srcPod)
 				if err != nil {
 					return nil, nil, nil, err
 				}
-				obEgress := getEgressObservation(false, egressIP, egressName, egressNode)
+				obEgress := getEgressObservation(false, egressIP, egressName, egressNodeName, "")
 				obs = append(obs, *obEgress)
 			}
 			ob.TunnelDstIP = tunnelDstIP
@@ -312,9 +312,9 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1beta1.Traceflo
 				}
 			}
 			if pktMark != 0 { // Egress packet on Egress Node
-				egressName, egressIP, egressNode := "", "", ""
+				egressName, egressIP, egressNodeName, egressNodeIP := "", "", "", ""
 				if tunnelDstIP == "" { // Egress Node is Source Node of this Egress packet
-					egressName, egressIP, egressNode, err = c.egressQuerier.GetEgress(ns, srcPod)
+					egressName, egressIP, egressNodeName, err = c.egressQuerier.GetEgress(ns, srcPod)
 					if err != nil {
 						return nil, nil, nil, err
 					}
@@ -323,8 +323,14 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1beta1.Traceflo
 					if err != nil {
 						return nil, nil, nil, err
 					}
+					egressNodeName = c.nodeConfig.Name
 				}
-				obEgress := getEgressObservation(true, egressIP, egressName, egressNode)
+				if c.nodeConfig.NodeIPv4Addr != nil {
+					egressNodeIP = c.nodeConfig.NodeIPv4Addr.IP.String()
+				} else {
+					egressNodeIP = c.nodeConfig.NodeIPv6Addr.IP.String()
+				}
+				obEgress := getEgressObservation(true, egressIP, egressName, egressNodeName, egressNodeIP)
 				obs = append(obs, *obEgress)
 			}
 			ob.Action = crdv1beta1.ActionForwardedOutOfOverlay
@@ -486,12 +492,13 @@ func parseCapturedPacket(pktIn *ofctrl.PacketIn) *crdv1beta1.Packet {
 	return &capturedPacket
 }
 
-func getEgressObservation(isEgressNode bool, egressIP, egressName, egressNode string) *crdv1beta1.Observation {
+func getEgressObservation(isEgressNode bool, egressIP, egressName, egressNodeName, egressNodeIP string) *crdv1beta1.Observation {
 	ob := new(crdv1beta1.Observation)
 	ob.Component = crdv1beta1.ComponentEgress
 	ob.EgressIP = egressIP
 	ob.Egress = egressName
-	ob.EgressNode = egressNode
+	ob.EgressNode = egressNodeName
+	ob.EgressNodeIP = egressNodeIP
 	if isEgressNode {
 		ob.Action = crdv1beta1.ActionMarkedForSNAT
 	} else {

pkg/agent/controller/traceflow/packetin_test.go

@@ -39,9 +39,10 @@ import (
 )
 
 var (
-	egressName = "dummyEgress"
-	egressIP   = "192.168.100.100"
-	egressNode = "fakeEgressNode"
+	egressName     = "dummyEgress"
+	egressIP       = "192.168.100.100"
+	egressNodeName = "fakeEgressNode"
+	egressNodeIP   = "192.168.100.101"
 )
 
 func prepareMockTables() {
@@ -209,8 +210,8 @@ func getTestPacketBytes(dstIP string) []byte {
 		Protocol: uint8(8),
 		DSCP:     1,
 		Length:   20,
-		NWSrc:    net.IP(pod1IPv4),
-		NWDst:    net.IP(dstIP),
+		NWSrc:    net.ParseIP(pod1IPv4),
+		NWDst:    net.ParseIP(dstIP),
 	}
 	ethernetPkt := protocol.NewEthernet()
 	ethernetPkt.HWSrc = pod1MAC
@@ -288,6 +289,9 @@ func TestParsePacketIn(t *testing.T) {
 				GatewayConfig: &config.GatewayConfig{
 					OFPort: 2,
 				},
+				NodeIPv4Addr: &net.IPNet{
+					IP: net.ParseIP(egressNodeIP),
+				},
 			},
 			tfState: &traceflowState{
 				name:     "traceflow-pod-to-ipv4",
@@ -304,7 +308,7 @@ func TestParsePacketIn(t *testing.T) {
 				},
 			},
 			expectedCalls: func(npQuerierq *queriertest.MockAgentNetworkPolicyInfoQuerier, egressQuerier *queriertest.MockEgressQuerier) {
-				egressQuerier.EXPECT().GetEgress(pod1.Namespace, pod1.Name).Return(egressName, egressIP, egressNode, nil)
+				egressQuerier.EXPECT().GetEgress(pod1.Namespace, pod1.Name).Return(egressName, egressIP, egressNodeName, nil)
 			},
 			expectedTf: &crdv1beta1.Traceflow{
 				ObjectMeta: metav1.ObjectMeta{
@@ -331,11 +335,12 @@ func TestParsePacketIn(t *testing.T) {
 						Action:    crdv1beta1.ActionForwarded,
 					},
 					{
-						Component:  crdv1beta1.ComponentEgress,
-						Action:     crdv1beta1.ActionMarkedForSNAT,
-						Egress:     egressName,
-						EgressIP:   egressIP,
-						EgressNode: egressNode,
+						Component:    crdv1beta1.ComponentEgress,
+						Action:       crdv1beta1.ActionMarkedForSNAT,
+						Egress:       egressName,
+						EgressIP:     egressIP,
+						EgressNode:   egressNodeName,
+						EgressNodeIP: egressNodeIP,
 					},
 					{
 						Component:     crdv1beta1.ComponentForwarding,
@@ -371,7 +376,7 @@ func TestParsePacketIn(t *testing.T) {
 				},
 			},
 			expectedCalls: func(npQuerierq *queriertest.MockAgentNetworkPolicyInfoQuerier, egressQuerier *queriertest.MockEgressQuerier) {
-				egressQuerier.EXPECT().GetEgress(pod1.Namespace, pod1.Name).Return(egressName, egressIP, egressNode, nil)
+				egressQuerier.EXPECT().GetEgress(pod1.Namespace, pod1.Name).Return(egressName, egressIP, egressNodeName, nil)
 			},
 			expectedTf: &crdv1beta1.Traceflow{
 				ObjectMeta: metav1.ObjectMeta{
@@ -402,7 +407,7 @@ func TestParsePacketIn(t *testing.T) {
 						Action:     crdv1beta1.ActionForwardedToEgressNode,
 						Egress:     egressName,
 						EgressIP:   egressIP,
-						EgressNode: egressNode,
+						EgressNode: egressNodeName,
 					},
 					{
 						Component:     crdv1beta1.ComponentForwarding,
@@ -423,6 +428,10 @@ func TestParsePacketIn(t *testing.T) {
 				GatewayConfig: &config.GatewayConfig{
 					OFPort: 2,
 				},
+				NodeIPv4Addr: &net.IPNet{
+					IP: net.ParseIP(egressNodeIP),
+				},
+				Name: egressNodeName,
 			},
 			tfState: &traceflowState{
 				name: "traceflow-pod-to-ipv4",
@@ -465,9 +474,11 @@ func TestParsePacketIn(t *testing.T) {
 						Action:    crdv1beta1.ActionReceived,
 					},
 					{
-						Component: crdv1beta1.ComponentEgress,
-						Action:    crdv1beta1.ActionMarkedForSNAT,
-						EgressIP:  egressIP,
+						Component:    crdv1beta1.ComponentEgress,
+						Action:       crdv1beta1.ActionMarkedForSNAT,
+						EgressIP:     egressIP,
+						EgressNode:   egressNodeName,
+						EgressNodeIP: egressNodeIP,
 					},
 					{
 						Component:     crdv1beta1.ComponentForwarding,

pkg/apis/crd/v1beta1/types.go

@@ -1187,6 +1187,8 @@ type Observation struct {
 	EgressIP    string `json:"egressIP,omitempty" yaml:"egressIP,omitempty"`
 	// EgressNode is the name of the Egress Node.
 	EgressNode string `json:"egressNode,omitempty" yaml:"egressNode,omitempty"`
+	// EgressNodeIP is the IP of Egress Node.
+	EgressNodeIP string `json:"egressNodeIP,omitempty" yaml:"egressNodeIP,omitempty"`
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

test/e2e/traceflow_test.go

@@ -2118,11 +2118,12 @@ func testTraceflowEgress(t *testing.T, data *TestData) {
 						Action:    v1beta1.ActionForwarded,
 					},
 					{
-						Component:  v1beta1.ComponentEgress,
-						Action:     v1beta1.ActionMarkedForSNAT,
-						Egress:     egress.Name,
-						EgressIP:   egressIP,
-						EgressNode: egressNode,
+						Component:    v1beta1.ComponentEgress,
+						Action:       v1beta1.ActionMarkedForSNAT,
+						Egress:       egress.Name,
+						EgressIP:     egressIP,
+						EgressNode:   egressNode,
+						EgressNodeIP: egressIP,
 					},
 					{
 						Component:     v1beta1.ComponentForwarding,
@@ -2211,9 +2212,11 @@ func testTraceflowEgress(t *testing.T, data *TestData) {
 						Action:    v1beta1.ActionReceived,
 					},
 					{
-						Component: v1beta1.ComponentEgress,
-						Action:    v1beta1.ActionMarkedForSNAT,
-						EgressIP:  egressIP,
+						Component:    v1beta1.ComponentEgress,
+						Action:       v1beta1.ActionMarkedForSNAT,
+						EgressIP:     egressIP,
+						EgressNode:   egressNode,
+						EgressNodeIP: egressIP,
 					},
 					{
 						Component:     v1beta1.ComponentForwarding,
@@ -2348,6 +2351,7 @@ func compareObservations(expected v1beta1.NodeResult, actual v1beta1.NodeResult)
 			exObs[i].EgressIP != acObs[i].EgressIP ||
 			exObs[i].Egress != acObs[i].Egress ||
 			exObs[i].EgressNode != acObs[i].EgressNode ||
+			exObs[i].EgressNodeIP != acObs[i].EgressNodeIP ||
 			exObs[i].Action != acObs[i].Action ||
 			exObs[i].NetworkPolicy != acObs[i].NetworkPolicy ||
 			exObs[i].NetworkPolicyRule != acObs[i].NetworkPolicyRule {