From fd42f9dcafe0c71d03bedcb8984dfea00884e378 Mon Sep 17 00:00:00 2001 From: Hongliang Liu Date: Tue, 30 Mar 2021 17:56:09 +0800 Subject: [PATCH] Modification for review. --- build/yamls/antrea-aks.yml | 22 +- build/yamls/antrea-eks.yml | 22 +- build/yamls/antrea-gke.yml | 22 +- build/yamls/antrea-ipsec.yml | 22 +- build/yamls/antrea.yml | 22 +- cmd/antrea-agent/agent.go | 7 +- cmd/antrea-controller/controller.go | 2 +- docs/api.md | 40 +-- hack/update-codegen.sh | 2 +- pkg/agent/controller/traceflow/packetin.go | 32 +-- .../controller/traceflow/packetin_test.go | 8 +- pkg/apis/crd/v1alpha1/types.go | 20 +- .../crdmirroring/crdhandler/clustergroup.go | 9 +- .../crdhandler/clusternetworkpolicy.go | 9 +- .../crdmirroring/crdhandler/externalentity.go | 9 +- .../crdmirroring/crdhandler/networkpolicy.go | 9 +- pkg/controller/crdmirroring/crdhandler/ops.go | 9 +- .../crdmirroring/crdhandler/tier.go | 9 +- .../crdmirroring/crdmirroring_controller.go | 103 ++++++- .../crdmirroring_controller_test.go | 149 ++++------ .../crdmirroring/crdmirroring_handlers.go | 111 ------- .../crdmirroring/types/interface.go | 2 +- pkg/controller/traceflow/controller.go | 4 +- pkg/controller/traceflow/controller_test.go | 4 +- pkg/graphviz/traceflow.go | 16 +- pkg/monitor/agent.go | 101 ++++++- pkg/monitor/controller.go | 123 +++++++- test/e2e/traceflow_test.go | 270 +++++++++--------- 28 files changed, 630 insertions(+), 528 deletions(-) delete mode 100644 pkg/controller/crdmirroring/crdmirroring_handlers.go diff --git a/build/yamls/antrea-aks.yml b/build/yamls/antrea-aks.yml index 829b105b2c5..e42f7ace84b 100644 --- a/build/yamls/antrea-aks.yml +++ b/build/yamls/antrea-aks.yml @@ -2017,6 +2017,12 @@ rules: verbs: - get - update +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create - apiGroups: - apiregistration.k8s.io resourceNames: @@ -2255,22 +2261,6 @@ subjects: namespace: kube-system --- apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: antrea - name: antrea-ca - namespace: kube-system ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: antrea - name: antrea-cluster-identity - namespace: kube-system ---- -apiVersion: v1 data: antrea-agent.conf: | # FeatureGates is a map of feature names to bools that enable or disable experimental features. diff --git a/build/yamls/antrea-eks.yml b/build/yamls/antrea-eks.yml index ffbdfd2c92e..aff0cefd464 100644 --- a/build/yamls/antrea-eks.yml +++ b/build/yamls/antrea-eks.yml @@ -2017,6 +2017,12 @@ rules: verbs: - get - update +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create - apiGroups: - apiregistration.k8s.io resourceNames: @@ -2255,22 +2261,6 @@ subjects: namespace: kube-system --- apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: antrea - name: antrea-ca - namespace: kube-system ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: antrea - name: antrea-cluster-identity - namespace: kube-system ---- -apiVersion: v1 data: antrea-agent.conf: | # FeatureGates is a map of feature names to bools that enable or disable experimental features. diff --git a/build/yamls/antrea-gke.yml b/build/yamls/antrea-gke.yml index 8dfa448640a..40e1f0f6359 100644 --- a/build/yamls/antrea-gke.yml +++ b/build/yamls/antrea-gke.yml @@ -2017,6 +2017,12 @@ rules: verbs: - get - update +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create - apiGroups: - apiregistration.k8s.io resourceNames: @@ -2255,22 +2261,6 @@ subjects: namespace: kube-system --- apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: antrea - name: antrea-ca - namespace: kube-system ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: antrea - name: antrea-cluster-identity - namespace: kube-system ---- -apiVersion: v1 data: antrea-agent.conf: | # FeatureGates is a map of feature names to bools that enable or disable experimental features. diff --git a/build/yamls/antrea-ipsec.yml b/build/yamls/antrea-ipsec.yml index a48db940388..1a50d298abe 100644 --- a/build/yamls/antrea-ipsec.yml +++ b/build/yamls/antrea-ipsec.yml @@ -2017,6 +2017,12 @@ rules: verbs: - get - update +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create - apiGroups: - apiregistration.k8s.io resourceNames: @@ -2255,22 +2261,6 @@ subjects: namespace: kube-system --- apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: antrea - name: antrea-ca - namespace: kube-system ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: antrea - name: antrea-cluster-identity - namespace: kube-system ---- -apiVersion: v1 data: antrea-agent.conf: | # FeatureGates is a map of feature names to bools that enable or disable experimental features. diff --git a/build/yamls/antrea.yml b/build/yamls/antrea.yml index bb92a31202c..ee85c6ebe76 100644 --- a/build/yamls/antrea.yml +++ b/build/yamls/antrea.yml @@ -2017,6 +2017,12 @@ rules: verbs: - get - update +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create - apiGroups: - apiregistration.k8s.io resourceNames: @@ -2255,22 +2261,6 @@ subjects: namespace: kube-system --- apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: antrea - name: antrea-ca - namespace: kube-system ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: antrea - name: antrea-cluster-identity - namespace: kube-system ---- -apiVersion: v1 data: antrea-agent.conf: | # FeatureGates is a map of feature names to bools that enable or disable experimental features. diff --git a/cmd/antrea-agent/agent.go b/cmd/antrea-agent/agent.go index bda122fa644..9265d92e96e 100644 --- a/cmd/antrea-agent/agent.go +++ b/cmd/antrea-agent/agent.go @@ -67,6 +67,11 @@ func run(o *Options) error { if err != nil { return fmt.Errorf("error creating K8s clients: %v", err) } + legacyCRDClient, err := k8s.CreateLegacyCRDClient(o.config.ClientConnection, o.config.KubeAPIServerOverride) + if err != nil { + return fmt.Errorf("error creating legacy CRD client: %v", err) + } + informerFactory := informers.NewSharedInformerFactory(k8sClient, informerDefaultResync) crdInformerFactory := crdinformers.NewSharedInformerFactory(crdClient, informerDefaultResync) traceflowInformer := crdInformerFactory.Crd().V1alpha1().Traceflows() @@ -300,7 +305,7 @@ func run(o *Options) error { networkPolicyController, o.config.APIPort) - agentMonitor := monitor.NewAgentMonitor(crdClient, agentQuerier) + agentMonitor := monitor.NewAgentMonitor(crdClient, legacyCRDClient, agentQuerier) go agentMonitor.Run(stopCh) diff --git a/cmd/antrea-controller/controller.go b/cmd/antrea-controller/controller.go index 70e5135773e..24fb6c762bf 100644 --- a/cmd/antrea-controller/controller.go +++ b/cmd/antrea-controller/controller.go @@ -181,7 +181,7 @@ func run(o *Options) error { controllerQuerier := querier.NewControllerQuerier(networkPolicyController, o.config.APIPort) - controllerMonitor := monitor.NewControllerMonitor(crdClient, nodeInformer, controllerQuerier) + controllerMonitor := monitor.NewControllerMonitor(crdClient, legacyCRDClient, nodeInformer, controllerQuerier) var traceflowController *traceflow.Controller if features.DefaultFeatureGate.Enabled(features.Traceflow) { diff --git a/docs/api.md b/docs/api.md index 8e45bd7e8b8..4fe62b06154 100644 --- a/docs/api.md +++ b/docs/api.md @@ -11,26 +11,26 @@ For information about the Antrea API versioning policy, please refer to this These are the API group versions which are curently available when using Antrea. -| API group | API version | API Service? | Introduced in | Deprecated in / Planned Deprecation | Planned Removal | -| -------------------------------------------- | ----------- | ------------ | ------------- | ----------------------------------- | --------------- | -| `clusterinformation.antrea.tanzu.vmware.com` | `v1beta1` | No | v0.3.0 | v1.0.0 | Dec 2021 | -| `core.antrea.tanzu.vmware.com` | `v1alpha2` | No | v0.11.0 | v1.0.0 | Dec 2021 | -| `controlplane.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.10.0 | v0.11.0 | Aug 2021 | -| `controlplane.antrea.tanzu.vmware.com` | `v1beta2` | Yes | v0.11.0 | v1.0.0 | Dec 2021 | -| `networking.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.3.0 | v0.10.0 | Jun 2021 | -| `ops.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v1.0.0 | Dec 2021 | -| `security.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v1.0.0 | Dec 2021 | -| `stats.antrea.tanzu.vmware.com` | `v1alpha1` | Yes | v0.10.0 | v1.0.0 | Dec 2021 | -| `system.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.5.0 | v1.0.0 | Dec 2021 | -| `crd.antrea.io` | `v1alpha1` | No | v1.0.0 | N/A | N/A | -| `crd.antrea.io` | `v1alpha2` | No | v1.0.0 | N/A | N/A | -| `crd.antrea.io` | `v1beta1` | No | v1.0.0 | N/A | N/A | -| `controlplane.antrea.io` | `v1beta2` | Yes | v1.0.0 | N/A | N/A | -| `stats.antrea.io` | `v1alpha1` | Yes | v1.0.0 | N/A | N/A | -| `system.antrea.io` | `v1beta1` | Yes | v1.0.0 | N/A | N/A | +| API group | API version | API Service? | Introduced in | Deprecated in / Planned Deprecation | Planned Removal | +|---|---|---|---|---|---| +| `clusterinformation.antrea.tanzu.vmware.com` | `v1beta1` | No | v0.3.0 | v1.0.0 | Dec 2021 | +| `core.antrea.tanzu.vmware.com` | `v1alpha2` | No | v0.11.0 | v1.0.0 | Dec 2021 | +| `controlplane.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.10.0 | v0.11.0 | Aug 2021 | +| `controlplane.antrea.tanzu.vmware.com` | `v1beta2` | Yes | v0.11.0 | v1.0.0 | Dec 2021 | +| `networking.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.3.0 | v0.10.0 | Jun 2021 | +| `ops.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v1.0.0 | Dec 2021 | +| `security.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v1.0.0 | Dec 2021 | +| `stats.antrea.tanzu.vmware.com` | `v1alpha1` | Yes | v0.10.0 | v1.0.0 | Dec 2021 | +| `system.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.5.0 | v1.0.0 | Dec 2021 | +| `crd.antrea.io` | `v1alpha1` | No | v1.0.0 | N/A | N/A | +| `crd.antrea.io` | `v1alpha2` | No | v1.0.0 | N/A | N/A | +| `crd.antrea.io` | `v1beta1` | No | v1.0.0 | N/A | N/A | +| `controlplane.antrea.io` | `v1beta2` | Yes | v1.0.0 | N/A | N/A | +| `stats.antrea.io` | `v1alpha1` | Yes | v1.0.0 | N/A | N/A | +| `system.antrea.io` | `v1beta1` | Yes | v1.0.0 | N/A | N/A | ## Previously-supported -| API group | API version | API Service? | Introduced in | Deprecated in | Removed in | -| -------------------------------------------- | ----------- | ------------ | ------------- | ----------------------------------- | --------------- | -| `core.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v0.11.0 | v0.11.0 | +| API group | API version | API Service? | Introduced in | Deprecated in | Removed in | +|---|---|---|---|---|---| +| `core.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v0.11.0 | v0.11.0 | diff --git a/hack/update-codegen.sh b/hack/update-codegen.sh index adcd42fcaf8..b345e9a7bfe 100755 --- a/hack/update-codegen.sh +++ b/hack/update-codegen.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -ANTREA_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"/.. +ANTREA_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../" && pwd )" IMAGE_NAME="antrea/codegen:kubernetes-1.18.4" function docker_run() { diff --git a/pkg/agent/controller/traceflow/packetin.go b/pkg/agent/controller/traceflow/packetin.go index e0baf2d9dda..1f5b5e70211 100644 --- a/pkg/agent/controller/traceflow/packetin.go +++ b/pkg/agent/controller/traceflow/packetin.go @@ -101,13 +101,13 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*opsv1alpha1.Tracefl if isSender { ob := new(opsv1alpha1.Observation) - ob.Component = opsv1alpha1.SpoofGuard - ob.Action = opsv1alpha1.Forwarded + ob.Component = opsv1alpha1.ComponentSpoofGuard + ob.Action = opsv1alpha1.ActionForwarded obs = append(obs, *ob) } else { ob := new(opsv1alpha1.Observation) - ob.Component = opsv1alpha1.Forwarding - ob.Action = opsv1alpha1.Received + ob.Component = opsv1alpha1.ComponentForwarding + ob.Action = opsv1alpha1.ActionReceived ob.ComponentInfo = openflow.GetFlowTableName(openflow.ClassifierTable) obs = append(obs, *ob) } @@ -141,8 +141,8 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*opsv1alpha1.Tracefl } if isValidCtNw(ctNwDst) && ipDst != ctNwDst { ob := &opsv1alpha1.Observation{ - Component: opsv1alpha1.LB, - Action: opsv1alpha1.Forwarded, + Component: opsv1alpha1.ComponentLB, + Action: opsv1alpha1.ActionForwarded, TranslatedDstIP: ipDst, } obs = append(obs, *ob) @@ -219,19 +219,19 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*opsv1alpha1.Tracefl } if c.networkConfig.TrafficEncapMode.SupportsEncap() && outputPort == config.DefaultTunOFPort { ob.TunnelDstIP = tunnelDstIP - ob.Action = opsv1alpha1.Forwarded + ob.Action = opsv1alpha1.ActionForwarded } else if ipDst == gatewayIP.String() && outputPort == config.HostGatewayOFPort { - ob.Action = opsv1alpha1.Delivered + ob.Action = opsv1alpha1.ActionDelivered } else if c.networkConfig.TrafficEncapMode.SupportsEncap() && outputPort == config.HostGatewayOFPort { - ob.Action = opsv1alpha1.ForwardedOutOfOverlay + ob.Action = opsv1alpha1.ActionForwardedOutOfOverlay } else if outputPort == config.HostGatewayOFPort { // noEncap - ob.Action = opsv1alpha1.Forwarded + ob.Action = opsv1alpha1.ActionForwarded } else { // Output port is Pod port, packet is delivered. - ob.Action = opsv1alpha1.Delivered + ob.Action = opsv1alpha1.ActionDelivered } ob.ComponentInfo = openflow.GetFlowTableName(binding.TableIDType(tableID)) - ob.Component = opsv1alpha1.Forwarding + ob.Component = opsv1alpha1.ComponentForwarding obs = append(obs, *ob) } @@ -294,20 +294,20 @@ func getNetworkPolicyObservation(tableID uint8, ingress bool) *opsv1alpha1.Obser case uint8(openflow.IngressMetricTable), uint8(openflow.IngressDefaultTable): // Packet dropped by ANP/default drop rule ob.ComponentInfo = openflow.GetFlowTableName(binding.TableIDType(tableID)) - ob.Action = opsv1alpha1.Dropped + ob.Action = opsv1alpha1.ActionDropped default: ob.ComponentInfo = openflow.GetFlowTableName(openflow.IngressRuleTable) - ob.Action = opsv1alpha1.Forwarded + ob.Action = opsv1alpha1.ActionForwarded } } else { switch tableID { case uint8(openflow.EgressMetricTable), uint8(openflow.EgressDefaultTable): // Packet dropped by ANP/default drop rule ob.ComponentInfo = openflow.GetFlowTableName(binding.TableIDType(tableID)) - ob.Action = opsv1alpha1.Dropped + ob.Action = opsv1alpha1.ActionDropped default: ob.ComponentInfo = openflow.GetFlowTableName(openflow.EgressRuleTable) - ob.Action = opsv1alpha1.Forwarded + ob.Action = opsv1alpha1.ActionForwarded } } return ob diff --git a/pkg/agent/controller/traceflow/packetin_test.go b/pkg/agent/controller/traceflow/packetin_test.go index fa435d503e3..5a9f8779638 100644 --- a/pkg/agent/controller/traceflow/packetin_test.go +++ b/pkg/agent/controller/traceflow/packetin_test.go @@ -41,7 +41,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) { want: &crdv1alpha1.Observation{ Component: crdv1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressMetric", - Action: crdv1alpha1.Dropped, + Action: crdv1alpha1.ActionDropped, }, }, { @@ -53,7 +53,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) { want: &crdv1alpha1.Observation{ Component: crdv1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressRule", - Action: crdv1alpha1.Forwarded, + Action: crdv1alpha1.ActionForwarded, }, }, { @@ -65,7 +65,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) { want: &crdv1alpha1.Observation{ Component: crdv1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressDefaultRule", - Action: crdv1alpha1.Dropped, + Action: crdv1alpha1.ActionDropped, }, }, { @@ -77,7 +77,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) { want: &crdv1alpha1.Observation{ Component: crdv1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: crdv1alpha1.Forwarded, + Action: crdv1alpha1.ActionForwarded, }, }, } diff --git a/pkg/apis/crd/v1alpha1/types.go b/pkg/apis/crd/v1alpha1/types.go index ed7652b667f..604820c706c 100644 --- a/pkg/apis/crd/v1alpha1/types.go +++ b/pkg/apis/crd/v1alpha1/types.go @@ -32,23 +32,23 @@ const ( type TraceflowComponent string const ( - SpoofGuard TraceflowComponent = "SpoofGuard" - LB TraceflowComponent = "LB" - Routing TraceflowComponent = "Routing" + ComponentSpoofGuard TraceflowComponent = "SpoofGuard" + ComponentLB TraceflowComponent = "LB" + ComponentRouting TraceflowComponent = "Routing" ComponentNetworkPolicy TraceflowComponent = "NetworkPolicy" - Forwarding TraceflowComponent = "Forwarding" + ComponentForwarding TraceflowComponent = "Forwarding" ) type TraceflowAction string const ( - Delivered TraceflowAction = "Delivered" - Received TraceflowAction = "Received" - Forwarded TraceflowAction = "Forwarded" - Dropped TraceflowAction = "Dropped" - // ForwardedOutOfOverlay indicates that the packet has been forwarded out of the network + ActionDelivered TraceflowAction = "Delivered" + ActionReceived TraceflowAction = "Received" + ActionForwarded TraceflowAction = "Forwarded" + ActionDropped TraceflowAction = "Dropped" + // ActionForwardedOutOfOverlay indicates that the packet has been forwarded out of the network // managed by Antrea. This indicates that the Traceflow request can be considered complete. - ForwardedOutOfOverlay TraceflowAction = "ForwardedOutOfOverlay" + ActionForwardedOutOfOverlay TraceflowAction = "ForwardedOutOfOverlay" ) // List the supported protocols and their codes in traceflow. diff --git a/pkg/controller/crdmirroring/crdhandler/clustergroup.go b/pkg/controller/crdmirroring/crdhandler/clustergroup.go index ce2045301a7..5fa496f72d4 100644 --- a/pkg/controller/crdmirroring/crdhandler/clustergroup.go +++ b/pkg/controller/crdmirroring/crdhandler/clustergroup.go @@ -85,17 +85,16 @@ func (c *ClusterGroupHandler) SyncObject(legacyObj, newObj metav1.Object) error return nil } -//DeleteNewObject deletes the mirrored new ClusterGroup. +// DeleteNewObject deletes the mirrored new ClusterGroup. func (c *ClusterGroupHandler) DeleteNewObject(namespace, name string) error { client := c.client.CrdV1alpha2().ClusterGroups() return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) } -// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// UpdateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it // will not be managed by mirroring controller anymore. -func (c *ClusterGroupHandler) LiberateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.ClusterGroup).DeepCopy() - delete(n.Annotations, types.ManagedBy) +func (c *ClusterGroupHandler) UpdateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.ClusterGroup) newClient := c.client.CrdV1alpha2().ClusterGroups() _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) return err diff --git a/pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go b/pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go index eed314fe738..95a6fb839d8 100644 --- a/pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go +++ b/pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go @@ -85,17 +85,16 @@ func (c *ClusterNetworkPolicyHandler) SyncObject(legacyObj, newObj metav1.Object return nil } -//DeleteNewObject deletes the mirrored new ClusterNetworkPolicy. +// DeleteNewObject deletes the mirrored new ClusterNetworkPolicy. func (c *ClusterNetworkPolicyHandler) DeleteNewObject(namespace, name string) error { client := c.client.CrdV1alpha1().ClusterNetworkPolicies() return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) } -// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// UpdateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it // will not be managed by mirroring controller anymore. -func (c *ClusterNetworkPolicyHandler) LiberateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.ClusterNetworkPolicy).DeepCopy() - delete(n.Annotations, types.ManagedBy) +func (c *ClusterNetworkPolicyHandler) UpdateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.ClusterNetworkPolicy) newClient := c.client.CrdV1alpha1().ClusterNetworkPolicies() _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) return err diff --git a/pkg/controller/crdmirroring/crdhandler/externalentity.go b/pkg/controller/crdmirroring/crdhandler/externalentity.go index 7e7bcb4b7e4..95a4a327115 100644 --- a/pkg/controller/crdmirroring/crdhandler/externalentity.go +++ b/pkg/controller/crdmirroring/crdhandler/externalentity.go @@ -74,17 +74,16 @@ func (c *ExternalEntityHandler) SyncObject(legacyObj, newObj metav1.Object) erro return nil } -//DeleteNewObject deletes the mirrored new ExternalEntity. +// DeleteNewObject deletes the mirrored new ExternalEntity. func (c *ExternalEntityHandler) DeleteNewObject(namespace, name string) error { client := c.client.CrdV1alpha2().ExternalEntities(namespace) return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) } -// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// UpdateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it // will not be managed by mirroring controller anymore. -func (c *ExternalEntityHandler) LiberateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.ExternalEntity).DeepCopy() - delete(n.Annotations, types.ManagedBy) +func (c *ExternalEntityHandler) UpdateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.ExternalEntity) newClient := c.client.CrdV1alpha2().ExternalEntities(newObj.GetNamespace()) _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) return err diff --git a/pkg/controller/crdmirroring/crdhandler/networkpolicy.go b/pkg/controller/crdmirroring/crdhandler/networkpolicy.go index db45d05063b..030e7538764 100644 --- a/pkg/controller/crdmirroring/crdhandler/networkpolicy.go +++ b/pkg/controller/crdmirroring/crdhandler/networkpolicy.go @@ -88,17 +88,16 @@ func (c *NetworkPolicyHandler) SyncObject(legacyObj, newObj metav1.Object) error return nil } -//DeleteNewObject deletes the mirrored new NetworkPolicy +// DeleteNewObject deletes the mirrored new NetworkPolicy. func (c *NetworkPolicyHandler) DeleteNewObject(namespace, name string) error { client := c.client.CrdV1alpha1().NetworkPolicies(namespace) return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) } -// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// UpdateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it // will not be managed by mirroring controller anymore. -func (c *NetworkPolicyHandler) LiberateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.NetworkPolicy).DeepCopy() - delete(n.Annotations, types.ManagedBy) +func (c *NetworkPolicyHandler) UpdateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.NetworkPolicy) newClient := c.client.CrdV1alpha1().NetworkPolicies(newObj.GetNamespace()) _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) return err diff --git a/pkg/controller/crdmirroring/crdhandler/ops.go b/pkg/controller/crdmirroring/crdhandler/ops.go index f825cef83e4..9db54acf324 100644 --- a/pkg/controller/crdmirroring/crdhandler/ops.go +++ b/pkg/controller/crdmirroring/crdhandler/ops.go @@ -88,17 +88,16 @@ func (c *TraceflowHandler) SyncObject(legacyObj, newObj metav1.Object) error { return nil } -//DeleteNewObject deletes the mirrored new Traceflow. +// DeleteNewObject deletes the mirrored new Traceflow. func (c *TraceflowHandler) DeleteNewObject(namespace, name string) error { client := c.client.CrdV1alpha1().Traceflows() return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) } -// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// UpdateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it // will not be managed by mirroring controller anymore. -func (c *TraceflowHandler) LiberateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.Traceflow).DeepCopy() - delete(n.Annotations, types.ManagedBy) +func (c *TraceflowHandler) UpdateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.Traceflow) newClient := c.client.CrdV1alpha1().Traceflows() _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) return err diff --git a/pkg/controller/crdmirroring/crdhandler/tier.go b/pkg/controller/crdmirroring/crdhandler/tier.go index 42c3d36b929..06629a08605 100644 --- a/pkg/controller/crdmirroring/crdhandler/tier.go +++ b/pkg/controller/crdmirroring/crdhandler/tier.go @@ -75,17 +75,16 @@ func (c *TierHandler) SyncObject(legacyObj, newObj metav1.Object) error { return nil } -//DeleteNewObject deletes the mirrored new Tier. +// DeleteNewObject deletes the mirrored new Tier. func (c *TierHandler) DeleteNewObject(namespace, name string) error { client := c.client.CrdV1alpha1().Tiers() return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) } -// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// UpdateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it // will not be managed by mirroring controller anymore. -func (c *TierHandler) LiberateNewObject(newObj metav1.Object) error { - n := newObj.(*crd.Tier).DeepCopy() - delete(n.Annotations, types.ManagedBy) +func (c *TierHandler) UpdateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.Tier) newClient := c.client.CrdV1alpha1().Tiers() _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) return err diff --git a/pkg/controller/crdmirroring/crdmirroring_controller.go b/pkg/controller/crdmirroring/crdmirroring_controller.go index b5399b82fb8..4fa68469ae7 100644 --- a/pkg/controller/crdmirroring/crdmirroring_controller.go +++ b/pkg/controller/crdmirroring/crdmirroring_controller.go @@ -19,6 +19,8 @@ import ( "time" apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/tools/cache" @@ -198,14 +200,16 @@ func (c *Controller) syncMirroring(key string) error { if err != nil { return fmt.Errorf("failed to sync data between legacy and new %s %s/%s: %v", c.crdName, namespace, name, err) } - } else { // If the legacy object annotated with "crd.antrea.io/stop-mirror" and the new object annotated with "crd.antrea.io/managed-by", - // this means that user wants to stop mirroring and liberate the new object. - klog.V(4).Infof("Update the mirrored new %s %s/%s, then the mirrored new is liberated from mirroring", c.crdName, namespace, name) - err = c.mirroringHandler.LiberateNewObject(newObj) + // this means that user wants to stop mirroring. + klog.V(4).Infof("Update the mirrored new %s %s/%s, then mirroring is stopped", c.crdName, namespace, name) + newObjCopied := deepCopy(newObj) + delete(newObjCopied.GetAnnotations(), types.ManagedBy) + + err = c.mirroringHandler.UpdateNewObject(newObjCopied) if err != nil { - return fmt.Errorf("failed to liberate mirrored new %s %s/%s: %v", c.crdName, namespace, name, err) + return fmt.Errorf("failed to update the mirrored new %s %s/%s: %v", c.crdName, namespace, name, err) } } } @@ -238,3 +242,92 @@ func (c *Controller) handleErr(err error, key interface{}) { c.queue.Forget(key) utilruntime.HandleError(err) } + +func (c *Controller) onNewCRDAdd(obj interface{}) { + crd := obj.(metav1.Object) + + _, exist := crd.GetAnnotations()[types.ManagedBy] + if exist { + klog.V(4).Infof("Processing mirroring %s %s/%s ADD event", c.crdName, crd.GetNamespace(), crd.GetName()) + c.queueCRD(obj) + } +} + +func (c *Controller) onNewCRDUpdate(prevObj, obj interface{}) { + crd := obj.(metav1.Object) + + _, exist := crd.GetAnnotations()[types.ManagedBy] + if exist { + klog.V(4).Infof("Processing mirroring %s %s/%s UPDATE event", c.crdName, crd.GetNamespace(), crd.GetName()) + c.queueCRD(obj) + } +} + +func (c *Controller) onNewCRDDelete(obj interface{}) { + crd := getCRDFromDeleteAction(obj) + if crd == nil { + return + } + + _, exist := crd.GetAnnotations()[types.ManagedBy] + if exist { + klog.V(4).Infof("Processing mirroring %s %s/%s DELETE event", c.crdName, crd.GetNamespace(), crd.GetName()) + c.queueCRD(obj) + } +} + +func (c *Controller) onLegacyCRDAdd(obj interface{}) { + crd := obj.(metav1.Object) + + _, exist := crd.GetAnnotations()[types.StopMirror] + if !exist { + klog.V(4).Infof("Processing legacy %s %s/%s ADD event", c.crdName, crd.GetNamespace(), crd.GetName()) + c.queueCRD(obj) + } +} + +func (c *Controller) onLegacyCRDUpdate(prevObj, obj interface{}) { + prevCrd := prevObj.(metav1.Object) + + _, exist := prevCrd.GetAnnotations()[types.StopMirror] + if !exist { + klog.V(4).Infof("Processing legacy %s %s/%s UPDATE event", c.crdName, prevCrd.GetNamespace(), prevCrd.GetName()) + c.queueCRD(obj) + } +} + +func (c *Controller) onLegacyCRDDelete(obj interface{}) { + crd := getCRDFromDeleteAction(obj) + if crd == nil { + return + } + + _, exist := crd.GetAnnotations()[types.StopMirror] + if !exist { + klog.V(4).Infof("Processing legacy %s %s/%s DELETE event", c.crdName, crd.GetNamespace(), crd.GetName()) + c.queueCRD(obj) + } +} + +func getCRDFromDeleteAction(obj interface{}) metav1.Object { + _, ok := obj.(metav1.Object) + if ok { + return obj.(metav1.Object) + } + tombstone, ok := obj.(cache.DeletedFinalStateUnknown) + if !ok { + utilruntime.HandleError(fmt.Errorf("couldn't get object from tombstone %#v", obj)) + return nil + } + + _, ok = tombstone.Obj.(metav1.Object) + if ok { + return tombstone.Obj.(metav1.Object) + } + utilruntime.HandleError(fmt.Errorf("tombstone contained object that is not a object resource: %#v", obj)) + return nil +} + +func deepCopy(obj metav1.Object) metav1.Object { + return obj.(runtime.Object).DeepCopyObject().(metav1.Object) +} diff --git a/pkg/controller/crdmirroring/crdmirroring_controller_test.go b/pkg/controller/crdmirroring/crdmirroring_controller_test.go index d9b2b674406..c8c6f851670 100644 --- a/pkg/controller/crdmirroring/crdmirroring_controller_test.go +++ b/pkg/controller/crdmirroring/crdmirroring_controller_test.go @@ -50,15 +50,15 @@ import ( const ( informerDefaultResync = 30 * time.Second - timeout = 2 * time.Minute + timeout = 2 * time.Second mockWait = 200 * time.Millisecond - NetworkPolicy = "NetworkPolicy" - ClusterNetworkPolicy = "ClusterNetworkPolicy" - Tier = "Tier" - ClusterGroup = "ClusterGroup" - ExternalEntity = "ExternalEntity" - Traceflow = "Traceflow" + networkPolicy = "NetworkPolicy" + clusterNetworkPolicy = "ClusterNetworkPolicy" + tier = "Tier" + clusterGroup = "ClusterGroup" + externalEntity = "ExternalEntity" + traceflow = "Traceflow" ) var ( @@ -115,7 +115,7 @@ func newMirroringController(crdName string) *mirroringController { m := &mirroringController{} switch crdName { - case NetworkPolicy: + case networkPolicy: crdInformer := crdInformerFactory.Crd().V1alpha1().NetworkPolicies() legacyCRDInformer := legacyCRDInformerFactory.Security().V1alpha1().NetworkPolicies() informer = crdInformer.Informer() @@ -123,7 +123,7 @@ func newMirroringController(crdName string) *mirroringController { m.testHandler = NewNetworkPolicyTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) mirroringHandler = crdhandler.NewNetworkPolicyHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) - case ClusterNetworkPolicy: + case clusterNetworkPolicy: crdInformer := crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies() legacyCRDInformer := legacyCRDInformerFactory.Security().V1alpha1().ClusterNetworkPolicies() informer = crdInformer.Informer() @@ -131,7 +131,7 @@ func newMirroringController(crdName string) *mirroringController { m.testHandler = NewClusterNetworkPolicyTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) mirroringHandler = crdhandler.NewClusterNetworkPolicyHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) - case Tier: + case tier: crdInformer := crdInformerFactory.Crd().V1alpha1().Tiers() legacyCRDInformer := legacyCRDInformerFactory.Security().V1alpha1().Tiers() informer = crdInformer.Informer() @@ -139,7 +139,7 @@ func newMirroringController(crdName string) *mirroringController { m.testHandler = NewTierTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) mirroringHandler = crdhandler.NewTierHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) - case ClusterGroup: + case clusterGroup: crdInformer := crdInformerFactory.Crd().V1alpha2().ClusterGroups() legacyCRDInformer := legacyCRDInformerFactory.Core().V1alpha2().ClusterGroups() informer = crdInformer.Informer() @@ -147,7 +147,7 @@ func newMirroringController(crdName string) *mirroringController { m.testHandler = NewClusterGroupTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) mirroringHandler = crdhandler.NewClusterGroupHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) - case ExternalEntity: + case externalEntity: crdInformer := crdInformerFactory.Crd().V1alpha2().ExternalEntities() legacyCRDInformer := legacyCRDInformerFactory.Core().V1alpha2().ExternalEntities() informer = crdInformer.Informer() @@ -155,7 +155,7 @@ func newMirroringController(crdName string) *mirroringController { m.testHandler = NewExternalEntityTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) mirroringHandler = crdhandler.NewExternalEntityHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) - case Traceflow: + case traceflow: crdInformer := crdInformerFactory.Crd().V1alpha1().Traceflows() legacyCRDInformer := legacyCRDInformerFactory.Ops().V1alpha1().Traceflows() informer = crdInformer.Informer() @@ -181,24 +181,24 @@ func buildObj(crdName, namespace, name string) metav1.Object { var obj metav1.Object switch crdName { - case NetworkPolicy: + case networkPolicy: obj = &legacysecurity.NetworkPolicy{} obj.SetNamespace(namespace) obj.(*legacysecurity.NetworkPolicy).Spec.Priority = priority1 - case ClusterNetworkPolicy: + case clusterNetworkPolicy: obj = &legacysecurity.ClusterNetworkPolicy{} obj.(*legacysecurity.ClusterNetworkPolicy).Spec.Priority = priority1 - case Tier: + case tier: obj = &legacysecurity.Tier{} obj.(*legacysecurity.Tier).Spec = spec1 - case ClusterGroup: + case clusterGroup: obj = &legacycore.ClusterGroup{} obj.(*legacycore.ClusterGroup).Spec.PodSelector = &labelSelector1 - case ExternalEntity: + case externalEntity: obj = &legacycore.ExternalEntity{} obj.SetNamespace(namespace) obj.(*legacycore.ExternalEntity).Spec.Endpoints = endPoints1 - case Traceflow: + case traceflow: obj = &legacyops.Traceflow{} obj.(*legacyops.Traceflow).Spec.Source = source1 } @@ -209,116 +209,77 @@ func buildObj(crdName, namespace, name string) metav1.Object { } func updateLegacyObj(crdName string, obj metav1.Object) metav1.Object { - var res metav1.Object + res := deepCopy(obj) switch crdName { - case NetworkPolicy: - res = obj.(*legacysecurity.NetworkPolicy).DeepCopy() + case networkPolicy: res.(*legacysecurity.NetworkPolicy).Spec.Priority = priority2 - case ClusterNetworkPolicy: - res = obj.(*legacysecurity.ClusterNetworkPolicy).DeepCopy() + case clusterNetworkPolicy: res.(*legacysecurity.ClusterNetworkPolicy).Spec.Priority = priority2 - case Tier: - res = obj.(*legacysecurity.Tier).DeepCopy() - res.(*legacysecurity.Tier).DeepCopy().Spec = spec2 - case ClusterGroup: - res = obj.(*legacycore.ClusterGroup).DeepCopy() + case tier: + res.(*legacysecurity.Tier).Spec = spec2 + case clusterGroup: res.(*legacycore.ClusterGroup).Spec.PodSelector = &labelSelector2 - case ExternalEntity: - res = obj.(*legacycore.ExternalEntity).DeepCopy() + case externalEntity: res.(*legacycore.ExternalEntity).Spec.Endpoints = endPoints2 - case Traceflow: - res = obj.(*legacyops.Traceflow).DeepCopy() + case traceflow: res.(*legacyops.Traceflow).Spec.Source = source2 } - return res } -func updateLegacyObjAnnotation(crdName string, obj metav1.Object) metav1.Object { - var res metav1.Object - switch crdName { - case NetworkPolicy: - res = obj.(*legacysecurity.NetworkPolicy).DeepCopy() - res.(*legacysecurity.NetworkPolicy).Annotations = map[string]string{types.StopMirror: "true"} - case ClusterNetworkPolicy: - res = obj.(*legacysecurity.ClusterNetworkPolicy).DeepCopy() - res.(*legacysecurity.ClusterNetworkPolicy).Annotations = map[string]string{types.StopMirror: "true"} - case Tier: - res = obj.(*legacysecurity.Tier).DeepCopy() - res.(*legacysecurity.Tier).Annotations = map[string]string{types.StopMirror: "true"} - case ClusterGroup: - res = obj.(*legacycore.ClusterGroup).DeepCopy() - res.(*legacycore.ClusterGroup).Annotations = map[string]string{types.StopMirror: "true"} - case ExternalEntity: - res = obj.(*legacycore.ExternalEntity).DeepCopy() - res.(*legacycore.ExternalEntity).Annotations = map[string]string{types.StopMirror: "true"} - case Traceflow: - res = obj.(*legacyops.Traceflow).DeepCopy() - res.(*legacyops.Traceflow).Annotations = map[string]string{types.StopMirror: "true"} - } - +func updateLegacyObjAnnotation(obj metav1.Object) metav1.Object { + res := deepCopy(obj) + res.SetAnnotations(map[string]string{types.StopMirror: "true"}) return res } func updateNewObj(crdName string, obj metav1.Object) metav1.Object { - var res metav1.Object + res := deepCopy(obj) switch crdName { - case NetworkPolicy: - res = obj.(*crdv1alpha1.NetworkPolicy).DeepCopy() + case networkPolicy: res.(*crdv1alpha1.NetworkPolicy).Spec.Priority = priority2 - case ClusterNetworkPolicy: - res = obj.(*crdv1alpha1.ClusterNetworkPolicy).DeepCopy() + case clusterNetworkPolicy: res.(*crdv1alpha1.ClusterNetworkPolicy).Spec.Priority = priority2 - case Tier: - res = obj.(*crdv1alpha1.Tier).DeepCopy() + case tier: res.(*crdv1alpha1.Tier).DeepCopy().Spec = spec2 - case ClusterGroup: - res = obj.(*crdv1alpha2.ClusterGroup).DeepCopy() + case clusterGroup: res.(*crdv1alpha2.ClusterGroup).Spec.PodSelector = &labelSelector2 - case ExternalEntity: - res = obj.(*crdv1alpha2.ExternalEntity).DeepCopy() + case externalEntity: res.(*crdv1alpha2.ExternalEntity).Spec.Endpoints = endPoints2 - case Traceflow: - res = obj.(*crdv1alpha1.Traceflow).DeepCopy() + case traceflow: res.(*crdv1alpha1.Traceflow).Spec.Source = source2 } - return res } func updateNewObjStatus(crdName string, obj metav1.Object) metav1.Object { - var res metav1.Object + res := deepCopy(obj) switch crdName { - case NetworkPolicy: - res = obj.(*crdv1alpha1.NetworkPolicy).DeepCopy() + case networkPolicy: res.(*crdv1alpha1.NetworkPolicy).Status = npStatus - case ClusterNetworkPolicy: - res = obj.(*crdv1alpha1.ClusterNetworkPolicy).DeepCopy() + case clusterNetworkPolicy: res.(*crdv1alpha1.ClusterNetworkPolicy).Status = npStatus - case ClusterGroup: - res = obj.(*crdv1alpha2.ClusterGroup).DeepCopy() + case clusterGroup: res.(*crdv1alpha2.ClusterGroup).Status.Conditions = conditions - case Traceflow: - res = obj.(*crdv1alpha1.Traceflow).DeepCopy() + case traceflow: res.(*crdv1alpha1.Traceflow).Status = tfStatus } - return res } func assertSpec(t *testing.T, crdName string, expectedObj, res metav1.Object) { switch crdName { - case NetworkPolicy: + case networkPolicy: assert.Equal(t, expectedObj.(*legacysecurity.NetworkPolicy).Spec, res.(*crdv1alpha1.NetworkPolicy).Spec) - case ClusterNetworkPolicy: + case clusterNetworkPolicy: assert.Equal(t, expectedObj.(*legacysecurity.ClusterNetworkPolicy).Spec, res.(*crdv1alpha1.ClusterNetworkPolicy).Spec) - case Tier: + case tier: assert.Equal(t, expectedObj.(*legacysecurity.Tier).Spec, res.(*crdv1alpha1.Tier).Spec) - case ClusterGroup: + case clusterGroup: assert.Equal(t, expectedObj.(*legacycore.ClusterGroup).Spec, res.(*crdv1alpha2.ClusterGroup).Spec) - case ExternalEntity: + case externalEntity: assert.Equal(t, expectedObj.(*legacycore.ExternalEntity).Spec, res.(*crdv1alpha2.ExternalEntity).Spec) - case Traceflow: + case traceflow: assert.Equal(t, expectedObj.(*legacyops.Traceflow).Spec, res.(*crdv1alpha1.Traceflow).Spec) } } @@ -1510,7 +1471,7 @@ func (c *mirroringController) testNewLiberate(t *testing.T) { t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) } - legacyObj, newObj, err := c.testHandler.NewLiberateAndWait(updateLegacyObjAnnotation(c.crdName, obj)) + legacyObj, newObj, err := c.testHandler.NewLiberateAndWait(updateLegacyObjAnnotation(obj)) if err != nil { t.Fatalf("Expected no error running NewLiberateAndWait, got %v", err) } @@ -1597,10 +1558,10 @@ func testCRD(t *testing.T, crd string) { } func TestCRDMirroringController(t *testing.T) { - t.Run(ClusterGroup, func(t *testing.T) { testCRD(t, ClusterGroup) }) - t.Run(ExternalEntity, func(t *testing.T) { testCRD(t, ExternalEntity) }) - t.Run(NetworkPolicy, func(t *testing.T) { testCRD(t, NetworkPolicy) }) - t.Run(ClusterNetworkPolicy, func(t *testing.T) { testCRD(t, ClusterNetworkPolicy) }) - t.Run(Tier, func(t *testing.T) { testCRD(t, Tier) }) - t.Run(Traceflow, func(t *testing.T) { testCRD(t, Traceflow) }) + t.Run(clusterGroup, func(t *testing.T) { testCRD(t, clusterGroup) }) + t.Run(externalEntity, func(t *testing.T) { testCRD(t, externalEntity) }) + t.Run(networkPolicy, func(t *testing.T) { testCRD(t, networkPolicy) }) + t.Run(clusterNetworkPolicy, func(t *testing.T) { testCRD(t, clusterNetworkPolicy) }) + t.Run(tier, func(t *testing.T) { testCRD(t, tier) }) + t.Run(traceflow, func(t *testing.T) { testCRD(t, traceflow) }) } diff --git a/pkg/controller/crdmirroring/crdmirroring_handlers.go b/pkg/controller/crdmirroring/crdmirroring_handlers.go deleted file mode 100644 index 41f6a0967b8..00000000000 --- a/pkg/controller/crdmirroring/crdmirroring_handlers.go +++ /dev/null @@ -1,111 +0,0 @@ -// Copyright 2021 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package crdmirroring - -import ( - "fmt" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - utilruntime "k8s.io/apimachinery/pkg/util/runtime" - "k8s.io/client-go/tools/cache" - "k8s.io/klog" - - "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" -) - -func (c *Controller) onNewCRDAdd(obj interface{}) { - crd := obj.(metav1.Object) - - _, exist := crd.GetAnnotations()[types.ManagedBy] - if exist { - klog.V(4).Infof("Processing mirroring %s %s/%s ADD event", c.crdName, crd.GetNamespace(), crd.GetName()) - c.queueCRD(obj) - } -} - -func (c *Controller) onNewCRDUpdate(prevObj, obj interface{}) { - crd := obj.(metav1.Object) - - _, exist := crd.GetAnnotations()[types.ManagedBy] - if exist { - klog.V(4).Infof("Processing mirroring %s %s/%s UPDATE event", c.crdName, crd.GetNamespace(), crd.GetName()) - c.queueCRD(obj) - } -} - -func (c *Controller) onNewCRDDelete(obj interface{}) { - crd := getCRDFromDeleteAction(obj) - if crd == nil { - return - } - - _, exist := crd.GetAnnotations()[types.ManagedBy] - if exist { - klog.V(4).Infof("Processing mirroring %s %s/%s DELETE event", c.crdName, crd.GetNamespace(), crd.GetName()) - c.queueCRD(obj) - } -} - -func (c *Controller) onLegacyCRDAdd(obj interface{}) { - crd := obj.(metav1.Object) - - _, exist := crd.GetAnnotations()[types.StopMirror] - if !exist { - klog.V(4).Infof("Processing legacy %s %s/%s ADD event", c.crdName, crd.GetNamespace(), crd.GetName()) - c.queueCRD(obj) - } -} - -func (c *Controller) onLegacyCRDUpdate(prevObj, obj interface{}) { - prevCrd := prevObj.(metav1.Object) - - _, exist := prevCrd.GetAnnotations()[types.StopMirror] - if !exist { - klog.V(4).Infof("Processing legacy %s %s/%s UPDATE event", c.crdName, prevCrd.GetNamespace(), prevCrd.GetName()) - c.queueCRD(obj) - } -} - -func (c *Controller) onLegacyCRDDelete(obj interface{}) { - crd := getCRDFromDeleteAction(obj) - if crd == nil { - return - } - - _, exist := crd.GetAnnotations()[types.StopMirror] - if !exist { - klog.V(4).Infof("Processing legacy %s %s/%s DELETE event", c.crdName, crd.GetNamespace(), crd.GetName()) - c.queueCRD(obj) - } -} - -func getCRDFromDeleteAction(obj interface{}) metav1.Object { - _, ok := obj.(metav1.Object) - if ok { - return obj.(metav1.Object) - } - tombstone, ok := obj.(cache.DeletedFinalStateUnknown) - if !ok { - utilruntime.HandleError(fmt.Errorf("couldn't get object from tombstone %#v", obj)) - return nil - } - - _, ok = tombstone.Obj.(metav1.Object) - if ok { - return tombstone.Obj.(metav1.Object) - } - utilruntime.HandleError(fmt.Errorf("tombstone contained object that is not a object resource: %#v", obj)) - return nil -} diff --git a/pkg/controller/crdmirroring/types/interface.go b/pkg/controller/crdmirroring/types/interface.go index e1c67dccce4..467c6f55a58 100644 --- a/pkg/controller/crdmirroring/types/interface.go +++ b/pkg/controller/crdmirroring/types/interface.go @@ -23,5 +23,5 @@ type MirroringHandler interface { AddNewObject(obj metav1.Object) error SyncObject(legacyObj, newObj metav1.Object) error DeleteNewObject(namespace, name string) error - LiberateNewObject(obj metav1.Object) error + UpdateNewObject(obj metav1.Object) error } diff --git a/pkg/controller/traceflow/controller.go b/pkg/controller/traceflow/controller.go index ff6ad72c1f6..3c1df0cf57a 100644 --- a/pkg/controller/traceflow/controller.go +++ b/pkg/controller/traceflow/controller.go @@ -285,10 +285,10 @@ func (c *Controller) checkTraceflowStatus(tf *crdv1alpha1.Traceflow) error { receiver := false for i, nodeResult := range tf.Status.Results { for j, ob := range nodeResult.Observations { - if ob.Component == crdv1alpha1.SpoofGuard { + if ob.Component == crdv1alpha1.ComponentSpoofGuard { sender = true } - if ob.Action == crdv1alpha1.Delivered || ob.Action == crdv1alpha1.Dropped || ob.Action == crdv1alpha1.ForwardedOutOfOverlay { + if ob.Action == crdv1alpha1.ActionDelivered || ob.Action == crdv1alpha1.ActionDropped || ob.Action == crdv1alpha1.ActionForwardedOutOfOverlay { receiver = true } if ob.TranslatedDstIP != "" { diff --git a/pkg/controller/traceflow/controller_test.go b/pkg/controller/traceflow/controller_test.go index 58a8d9c2e3d..4d4c33afd13 100644 --- a/pkg/controller/traceflow/controller_test.go +++ b/pkg/controller/traceflow/controller_test.go @@ -98,11 +98,11 @@ func TestTraceflow(t *testing.T) { res.Status.Results = []crdv1alpha1.NodeResult{ // Sender { - Observations: []crdv1alpha1.Observation{{Component: crdv1alpha1.SpoofGuard}}, + Observations: []crdv1alpha1.Observation{{Component: crdv1alpha1.ComponentSpoofGuard}}, }, // Receiver { - Observations: []crdv1alpha1.Observation{{Action: crdv1alpha1.Delivered}}, + Observations: []crdv1alpha1.Observation{{Action: crdv1alpha1.ActionDelivered}}, }, } tfc.client.CrdV1alpha1().Traceflows().Update(context.TODO(), res, metav1.UpdateOptions{}) diff --git a/pkg/graphviz/traceflow.go b/pkg/graphviz/traceflow.go index e71c56a9d20..9294b7e3d1f 100644 --- a/pkg/graphviz/traceflow.go +++ b/pkg/graphviz/traceflow.go @@ -110,7 +110,7 @@ func isSender(result *crdv1alpha1.NodeResult) bool { if len(result.Observations) == 0 { return false } - if result.Observations[0].Component != crdv1alpha1.SpoofGuard || result.Observations[0].Action != crdv1alpha1.Forwarded { + if result.Observations[0].Component != crdv1alpha1.ComponentSpoofGuard || result.Observations[0].Action != crdv1alpha1.ActionForwarded { return false } return true @@ -120,7 +120,7 @@ func isReceiver(result *crdv1alpha1.NodeResult) bool { if len(result.Observations) == 0 { return false } - if result.Observations[0].Component != crdv1alpha1.Forwarding || result.Observations[0].Action != crdv1alpha1.Received { + if result.Observations[0].Component != crdv1alpha1.ComponentForwarding || result.Observations[0].Action != crdv1alpha1.ActionReceived { return false } return true @@ -184,10 +184,10 @@ func getTraceflowMessage(o *crdv1alpha1.Observation, spec *crdv1alpha1.Traceflow spec.Destination.Pod = o.Pod[strings.Index(o.Pod, `/`)+1:] } } - if o.Action != crdv1alpha1.Dropped && len(o.TranslatedDstIP) > 0 { + if o.Action != crdv1alpha1.ActionDropped && len(o.TranslatedDstIP) > 0 { str += "\nTranslated Destination IP: " + o.TranslatedDstIP } - if o.Action != crdv1alpha1.Dropped && len(o.TunnelDstIP) > 0 { + if o.Action != crdv1alpha1.ActionDropped && len(o.TunnelDstIP) > 0 { str += "\nTunnel Destination IP : " + o.TunnelDstIP } return str @@ -303,12 +303,12 @@ func genSubGraph(graph *gographviz.Graph, cluster *gographviz.SubGraph, result * } else { edge.Attrs[gographviz.MinLen] = "1" } - if o.Action == crdv1alpha1.Dropped && !isForwardDir { + if o.Action == crdv1alpha1.ActionDropped && !isForwardDir { edge.Attrs[gographviz.Style] = `"invis"` } } // Set the pattern of node. - if o.Action == crdv1alpha1.Dropped { + if o.Action == crdv1alpha1.ActionDropped { node.Attrs[gographviz.Color] = fireBrick node.Attrs[gographviz.FillColor] = mistyRose } else { @@ -361,7 +361,7 @@ func GenGraph(tf *crdv1alpha1.Traceflow) (string, error) { switch senderRst.Observations[len(senderRst.Observations)-1].Action { // If the last action of the sender is FORWARDED, // then the packet has been sent out by sender, implying that there is a disconnection. - case crdv1alpha1.Forwarded: + case crdv1alpha1.ActionForwarded: lastNode, err := createEndpointNodeWithDefaultStyle(graph, graph.Name, getDstNodeName(tf)) if err != nil { return "", err @@ -374,7 +374,7 @@ func GenGraph(tf *crdv1alpha1.Traceflow) (string, error) { if err != nil { return "", err } - case crdv1alpha1.Delivered: + case crdv1alpha1.ActionDelivered: lastNode, err := createEndpointNodeWithDefaultStyle(graph, cluster1.Name, getDstNodeName(tf)) if err != nil { return "", err diff --git a/pkg/monitor/agent.go b/pkg/monitor/agent.go index 5a905924e62..8c98d813a58 100644 --- a/pkg/monitor/agent.go +++ b/pkg/monitor/agent.go @@ -26,18 +26,31 @@ import ( agentquerier "github.com/vmware-tanzu/antrea/pkg/agent/querier" "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" clientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + legacyv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + legacyclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" ) type agentMonitor struct { - client clientset.Interface - querier agentquerier.AgentQuerier + client clientset.Interface + legacyClient legacyclientset.Interface + querier agentquerier.AgentQuerier // agentCRD is the desired state of agent monitoring CRD which agentMonitor expects. agentCRD *v1beta1.AntreaAgentInfo + // legacyAgentCRD is the desired state of agent monitoring CRD which agentMonitor expects. + legacyAgentCRD *legacyv1beta1.AntreaAgentInfo } // NewAgentMonitor creates a new agent monitor. -func NewAgentMonitor(client clientset.Interface, querier agentquerier.AgentQuerier) *agentMonitor { - return &agentMonitor{client: client, querier: querier, agentCRD: nil} +func NewAgentMonitor(client clientset.Interface, + legacyClient legacyclientset.Interface, + querier agentquerier.AgentQuerier) *agentMonitor { + return &agentMonitor{ + client: client, + legacyClient: legacyClient, + querier: querier, + agentCRD: nil, + legacyAgentCRD: nil, + } } // Run creates AntreaAgentInfo CRD first after controller is running. @@ -47,6 +60,9 @@ func (monitor *agentMonitor) Run(stopCh <-chan struct{}) { // Sync agent monitoring CRD every minute util stopCh is closed. wait.Until(monitor.syncAgentCRD, time.Minute, stopCh) + + // Sync legacy agent monitoring CRD every minute util stopCh is closed. + wait.Until(monitor.syncLegacyAgentCRD, time.Minute, stopCh) } func (monitor *agentMonitor) syncAgentCRD() { @@ -105,3 +121,80 @@ func (monitor *agentMonitor) updateAgentCRD(partial bool) (*v1beta1.AntreaAgentI klog.V(2).Infof("Updating agent monitoring CRD %+v, partial: %t", monitor.agentCRD, partial) return monitor.client.CrdV1beta1().AntreaAgentInfos().Update(context.TODO(), monitor.agentCRD, metav1.UpdateOptions{}) } + +func (monitor *agentMonitor) syncLegacyAgentCRD() { + var err error = nil + if monitor.legacyAgentCRD != nil { + if monitor.legacyAgentCRD, err = monitor.updateLegacyAgentCRD(true); err == nil { + return + } + klog.Errorf("Failed to partially update agent monitoring CRD: %v", err) + monitor.legacyAgentCRD = nil + } + + monitor.legacyAgentCRD, err = monitor.getLegacyAgentCRD() + + if errors.IsNotFound(err) { + monitor.legacyAgentCRD, err = monitor.createLegacyAgentCRD() + if err != nil { + klog.Errorf("Failed to create agent monitoring CRD: %v", err) + monitor.legacyAgentCRD = nil + } + return + } + + if err != nil { + klog.Errorf("Failed to get agent monitoring CRD: %v", err) + monitor.legacyAgentCRD = nil + return + } + + monitor.legacyAgentCRD, err = monitor.updateLegacyAgentCRD(false) + if err != nil { + klog.Errorf("Failed to entirely update agent monitoring CRD: %v", err) + monitor.legacyAgentCRD = nil + } +} + +// getLegacyAgentCRD is used to check the existence of agent monitoring CRD. +// So when the pod restarts, it will update this monitoring CRD instead of creating a new one. +func (monitor *agentMonitor) getLegacyAgentCRD() (*legacyv1beta1.AntreaAgentInfo, error) { + crdName := monitor.querier.GetNodeConfig().Name + klog.V(2).Infof("Getting legacy agent monitoring CRD %+v", crdName) + return monitor.legacyClient.ClusterinformationV1beta1().AntreaAgentInfos().Get(context.TODO(), crdName, metav1.GetOptions{}) +} + +// createLegacyAgentCRD creates a new agent CRD. +func (monitor *agentMonitor) createLegacyAgentCRD() (*legacyv1beta1.AntreaAgentInfo, error) { + agentCRD := new(v1beta1.AntreaAgentInfo) + monitor.querier.GetAgentInfo(agentCRD, false) + legacyAgentCRD := agentInfoDeepCopy(agentCRD) + klog.V(2).Infof("Creating legacy agent monitoring CRD %+v", legacyAgentCRD) + return monitor.legacyClient.ClusterinformationV1beta1().AntreaAgentInfos().Create(context.TODO(), legacyAgentCRD, metav1.CreateOptions{}) +} + +// updateLegacyAgentCRD updates the monitoring CRD. +func (monitor *agentMonitor) updateLegacyAgentCRD(partial bool) (*legacyv1beta1.AntreaAgentInfo, error) { + monitor.querier.GetAgentInfo(monitor.agentCRD, partial) + monitor.legacyAgentCRD = agentInfoDeepCopy(monitor.agentCRD) + klog.V(2).Infof("Updating legacy agent monitoring CRD %+v, partial: %t", monitor.legacyAgentCRD, partial) + return monitor.legacyClient.ClusterinformationV1beta1().AntreaAgentInfos().Update(context.TODO(), monitor.legacyAgentCRD, metav1.UpdateOptions{}) +} + +func agentInfoDeepCopy(aa *v1beta1.AntreaAgentInfo) *legacyv1beta1.AntreaAgentInfo { + laa := new(legacyv1beta1.AntreaAgentInfo) + laa.Name = aa.Name + laa.Version = aa.Version + laa.PodRef = *aa.PodRef.DeepCopy() + laa.NodeRef = *aa.NodeRef.DeepCopy() + laa.NodeSubnets = aa.NodeSubnets + laa.OVSInfo = *aa.OVSInfo.DeepCopy() + laa.NetworkPolicyControllerInfo = *aa.NetworkPolicyControllerInfo.DeepCopy() + laa.LocalPodNum = aa.LocalPodNum + laa.AgentConditions = []v1beta1.AgentCondition{} + for _, ac := range aa.AgentConditions { + laa.AgentConditions = append(laa.AgentConditions, *ac.DeepCopy()) + } + laa.APIPort = aa.APIPort + return laa +} diff --git a/pkg/monitor/controller.go b/pkg/monitor/controller.go index 63ef0bf3e83..855f56d0400 100644 --- a/pkg/monitor/controller.go +++ b/pkg/monitor/controller.go @@ -29,6 +29,8 @@ import ( "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" clientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" controllerquerier "github.com/vmware-tanzu/antrea/pkg/controller/querier" + legacyv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + legacyclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" ) const ( @@ -38,17 +40,30 @@ const ( type controllerMonitor struct { client clientset.Interface + legacyClient legacyclientset.Interface nodeInformer coreinformers.NodeInformer // nodeListerSynced is a function which returns true if the node shared informer has been synced at least once. nodeListerSynced cache.InformerSynced querier controllerquerier.ControllerQuerier // controllerCRD is the desired state of controller monitoring CRD which controllerMonitor expects. - controllerCRD *v1beta1.AntreaControllerInfo + controllerCRD *v1beta1.AntreaControllerInfo + legacyControllerCRD *legacyv1beta1.AntreaControllerInfo } // NewControllerMonitor creates a new controller monitor. -func NewControllerMonitor(client clientset.Interface, nodeInformer coreinformers.NodeInformer, querier controllerquerier.ControllerQuerier) *controllerMonitor { - m := &controllerMonitor{client: client, nodeInformer: nodeInformer, nodeListerSynced: nodeInformer.Informer().HasSynced, querier: querier, controllerCRD: nil} +func NewControllerMonitor(client clientset.Interface, + legacyClient legacyclientset.Interface, + nodeInformer coreinformers.NodeInformer, + querier controllerquerier.ControllerQuerier) *controllerMonitor { + m := &controllerMonitor{ + client: client, + legacyClient: legacyClient, + nodeInformer: nodeInformer, + nodeListerSynced: nodeInformer.Informer().HasSynced, + querier: querier, + controllerCRD: nil, + legacyControllerCRD: nil, + } nodeInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{ AddFunc: nil, UpdateFunc: nil, @@ -68,9 +83,13 @@ func (monitor *controllerMonitor) Run(stopCh <-chan struct{}) { } monitor.deleteStaleAgentCRDs() + monitor.deleteLegacyStaleAgentCRDs() // Sync controller monitoring CRD every minute util stopCh is closed. wait.Until(monitor.syncControllerCRD, time.Minute, stopCh) + + // Sync legacy controller monitoring CRD every minute util stopCh is closed. + wait.Until(monitor.syncLegacyControllerCRD, time.Minute, stopCh) } func (monitor *controllerMonitor) syncControllerCRD() { @@ -161,6 +180,7 @@ func (monitor *controllerMonitor) deleteStaleAgentCRD(old interface{}) { } } monitor.deleteAgentCRD(node.Name) + monitor.deleteLegacyAgentCRD(node.Name) } func (monitor *controllerMonitor) deleteAgentCRD(name string) { @@ -170,3 +190,100 @@ func (monitor *controllerMonitor) deleteAgentCRD(name string) { klog.Errorf("Failed to delete agent monitoring CRD %s: %v", name, err) } } + +func (monitor *controllerMonitor) syncLegacyControllerCRD() { + var err error = nil + if monitor.legacyControllerCRD != nil { + if monitor.legacyControllerCRD, err = monitor.updateLegacyControllerCRD(true); err == nil { + return + } + klog.Errorf("Failed to partially update legacy controller monitoring CRD: %v", err) + monitor.legacyControllerCRD = nil + } + + monitor.legacyControllerCRD, err = monitor.getLegacyControllerCRD(crdName) + + if errors.IsNotFound(err) { + monitor.legacyControllerCRD, err = monitor.createLegacyControllerCRD(crdName) + if err != nil { + klog.Errorf("Failed to create legacy controller monitoring CRD: %v", err) + monitor.legacyControllerCRD = nil + } + return + } + + if err != nil { + klog.Errorf("Failed to get legacy controller monitoring CRD: %v", err) + monitor.legacyControllerCRD = nil + return + } + + monitor.legacyControllerCRD, err = monitor.updateLegacyControllerCRD(false) + if err != nil { + klog.Errorf("Failed to entirely update legacy controller monitoring CRD: %v", err) + monitor.legacyControllerCRD = nil + } +} + +func (monitor *controllerMonitor) getLegacyControllerCRD(crdName string) (*legacyv1beta1.AntreaControllerInfo, error) { + return monitor.legacyClient.ClusterinformationV1beta1().AntreaControllerInfos().Get(context.TODO(), crdName, metav1.GetOptions{}) +} + +func (monitor *controllerMonitor) createLegacyControllerCRD(crdName string) (*legacyv1beta1.AntreaControllerInfo, error) { + controllerCRD := new(v1beta1.AntreaControllerInfo) + controllerCRD.Name = crdName + monitor.querier.GetControllerInfo(controllerCRD, false) + legacyControllerCRD := controllerInfoDeepCopy(controllerCRD) + klog.V(2).Infof("Creating legacy controller monitoring CRD %+v", legacyControllerCRD) + return monitor.legacyClient.ClusterinformationV1beta1().AntreaControllerInfos().Create(context.TODO(), legacyControllerCRD, metav1.CreateOptions{}) +} + +func (monitor *controllerMonitor) updateLegacyControllerCRD(partial bool) (*legacyv1beta1.AntreaControllerInfo, error) { + monitor.querier.GetControllerInfo(monitor.controllerCRD, partial) + monitor.legacyControllerCRD = controllerInfoDeepCopy(monitor.controllerCRD) + klog.V(2).Infof("Updating controller monitoring CRD %+v, partial: %t", monitor.legacyControllerCRD, partial) + return monitor.legacyClient.ClusterinformationV1beta1().AntreaControllerInfos().Update(context.TODO(), monitor.legacyControllerCRD, metav1.UpdateOptions{}) +} + +func (monitor *controllerMonitor) deleteLegacyStaleAgentCRDs() { + crds, err := monitor.legacyClient.ClusterinformationV1beta1().AntreaAgentInfos().List(context.TODO(), metav1.ListOptions{ + ResourceVersion: "0", + }) + if err != nil { + klog.Errorf("Failed to list legacy agent monitoring CRDs: %v", err) + return + } + + nodeLister := monitor.nodeInformer.Lister() + for _, crd := range crds.Items { + _, err := nodeLister.Get(crd.Name) + if errors.IsNotFound(err) { + monitor.deleteLegacyAgentCRD(crd.Name) + } + } +} + +func (monitor *controllerMonitor) deleteLegacyAgentCRD(name string) { + klog.Infof("Deleting legacy agent monitoring CRD %s", name) + err := monitor.legacyClient.ClusterinformationV1beta1().AntreaAgentInfos().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + klog.Errorf("Failed to delete legacy agent monitoring CRD %s: %v", name, err) + } +} + +func controllerInfoDeepCopy(ac *v1beta1.AntreaControllerInfo) *legacyv1beta1.AntreaControllerInfo { + lac := new(legacyv1beta1.AntreaControllerInfo) + lac.Name = ac.Name + lac.Version = ac.Version + lac.PodRef = *ac.PodRef.DeepCopy() + lac.NodeRef = *ac.NodeRef.DeepCopy() + lac.ServiceRef = *ac.ServiceRef.DeepCopy() + lac.NetworkPolicyControllerInfo = *ac.NetworkPolicyControllerInfo.DeepCopy() + lac.ConnectedAgentNum = ac.ConnectedAgentNum + lac.ControllerConditions = []v1beta1.ControllerCondition{} + for _, cc := range ac.ControllerConditions { + lac.ControllerConditions = append(lac.ControllerConditions, *cc.DeepCopy()) + } + lac.APIPort = ac.APIPort + return lac +} diff --git a/test/e2e/traceflow_test.go b/test/e2e/traceflow_test.go index a019b90f8d5..2552463cad2 100644 --- a/test/e2e/traceflow_test.go +++ b/test/e2e/traceflow_test.go @@ -130,13 +130,13 @@ func TestTraceflowIntraNodeANP(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressMetric", - Action: v1alpha1.Dropped, + Action: v1alpha1.ActionDropped, }, }, }, @@ -177,13 +177,13 @@ func TestTraceflowIntraNodeANP(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressMetric", - Action: v1alpha1.Dropped, + Action: v1alpha1.ActionDropped, }, }, }, @@ -292,18 +292,18 @@ func TestTraceflowIntraNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressDefaultRule", - Action: v1alpha1.Dropped, + Action: v1alpha1.ActionDropped, }, }, }, @@ -343,18 +343,18 @@ func TestTraceflowIntraNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -393,18 +393,18 @@ func TestTraceflowIntraNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -438,18 +438,18 @@ func TestTraceflowIntraNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -510,18 +510,18 @@ func TestTraceflowIntraNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressDefaultRule", - Action: v1alpha1.Dropped, + Action: v1alpha1.ActionDropped, }, }, }, @@ -561,18 +561,18 @@ func TestTraceflowIntraNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -611,18 +611,18 @@ func TestTraceflowIntraNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -656,18 +656,18 @@ func TestTraceflowIntraNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -729,18 +729,18 @@ func TestTraceflowIntraNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -777,18 +777,18 @@ func TestTraceflowIntraNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -931,18 +931,18 @@ func TestTraceflowInterNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, }, }, @@ -950,14 +950,14 @@ func TestTraceflowInterNode(t *testing.T) { Node: node2, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Classification", - Action: v1alpha1.Received, + Action: v1alpha1.ActionReceived, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -996,18 +996,18 @@ func TestTraceflowInterNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, }, }, @@ -1015,14 +1015,14 @@ func TestTraceflowInterNode(t *testing.T) { Node: node2, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Classification", - Action: v1alpha1.Received, + Action: v1alpha1.ActionReceived, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -1056,18 +1056,18 @@ func TestTraceflowInterNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, }, }, @@ -1075,14 +1075,14 @@ func TestTraceflowInterNode(t *testing.T) { Node: node2, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Classification", - Action: v1alpha1.Received, + Action: v1alpha1.ActionReceived, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -1123,24 +1123,24 @@ func TestTraceflowInterNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.LB, + Component: v1alpha1.ComponentLB, Pod: fmt.Sprintf("%s/%s", testNamespace, "nginx"), TranslatedDstIP: nginxIPv4Str, - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, }, }, @@ -1148,14 +1148,14 @@ func TestTraceflowInterNode(t *testing.T) { Node: node2, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Classification", - Action: v1alpha1.Received, + Action: v1alpha1.ActionReceived, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -1196,18 +1196,18 @@ func TestTraceflowInterNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, }, }, @@ -1215,14 +1215,14 @@ func TestTraceflowInterNode(t *testing.T) { Node: node2, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Classification", - Action: v1alpha1.Received, + Action: v1alpha1.ActionReceived, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -1261,18 +1261,18 @@ func TestTraceflowInterNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, }, }, @@ -1280,14 +1280,14 @@ func TestTraceflowInterNode(t *testing.T) { Node: node2, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Classification", - Action: v1alpha1.Received, + Action: v1alpha1.ActionReceived, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -1321,18 +1321,18 @@ func TestTraceflowInterNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, }, }, @@ -1340,14 +1340,14 @@ func TestTraceflowInterNode(t *testing.T) { Node: node2, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Classification", - Action: v1alpha1.Received, + Action: v1alpha1.ActionReceived, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -1388,24 +1388,24 @@ func TestTraceflowInterNode(t *testing.T) { Node: node1, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.LB, + Component: v1alpha1.ComponentLB, Pod: fmt.Sprintf("%s/%s", testNamespace, "nginx"), TranslatedDstIP: nginxIPv6Str, - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Forwarded, + Action: v1alpha1.ActionForwarded, }, }, }, @@ -1413,14 +1413,14 @@ func TestTraceflowInterNode(t *testing.T) { Node: node2, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Classification", - Action: v1alpha1.Received, + Action: v1alpha1.ActionReceived, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.Delivered, + Action: v1alpha1.ActionDelivered, }, }, }, @@ -1481,13 +1481,13 @@ func TestTraceflowExternalIP(t *testing.T) { Node: node, Observations: []v1alpha1.Observation{ { - Component: v1alpha1.SpoofGuard, - Action: v1alpha1.Forwarded, + Component: v1alpha1.ComponentSpoofGuard, + Action: v1alpha1.ActionForwarded, }, { - Component: v1alpha1.Forwarding, + Component: v1alpha1.ComponentForwarding, ComponentInfo: "Output", - Action: v1alpha1.ForwardedOutOfOverlay, + Action: v1alpha1.ActionForwardedOutOfOverlay, }, }, }, @@ -1663,7 +1663,7 @@ func runTestTraceflow(t *testing.T, data *TestData, tc testcase) { return } } else if len(tc.expectedResults) > 0 { - if tf.Status.Results[0].Observations[0].Component == v1alpha1.SpoofGuard { + if tf.Status.Results[0].Observations[0].Component == v1alpha1.ComponentSpoofGuard { if err = compareObservations(tc.expectedResults[0], tf.Status.Results[0]); err != nil { t.Fatal(err) return