From 37ca8007dd734d1a2b9f45b41d8bcc79c415011b Mon Sep 17 00:00:00 2001 From: Quan Tian Date: Mon, 10 May 2021 20:47:57 +0800 Subject: [PATCH] Update Node's MAC address to the Node's annotation for direct routing --- build/yamls/antrea-aks.yml | 1 + build/yamls/antrea-eks.yml | 1 + build/yamls/antrea-gke.yml | 1 + build/yamls/antrea-ipsec.yml | 1 + build/yamls/antrea.yml | 1 + build/yamls/base/agent-rbac.yml | 1 + pkg/agent/agent.go | 4 ++++ pkg/agent/agent_linux.go | 4 ++++ pkg/agent/agent_windows.go | 35 +++++++++++++++++++++++++++++++++ pkg/agent/types/annotations.go | 20 +++++++++++++++++++ 10 files changed, 69 insertions(+) create mode 100644 pkg/agent/types/annotations.go diff --git a/build/yamls/antrea-aks.yml b/build/yamls/antrea-aks.yml index d88b483202a..e045005401a 100644 --- a/build/yamls/antrea-aks.yml +++ b/build/yamls/antrea-aks.yml @@ -2918,6 +2918,7 @@ rules: - get - watch - list + - patch - apiGroups: - "" resources: diff --git a/build/yamls/antrea-eks.yml b/build/yamls/antrea-eks.yml index a4f3ad1c1e6..f752cfcabf6 100644 --- a/build/yamls/antrea-eks.yml +++ b/build/yamls/antrea-eks.yml @@ -2918,6 +2918,7 @@ rules: - get - watch - list + - patch - apiGroups: - "" resources: diff --git a/build/yamls/antrea-gke.yml b/build/yamls/antrea-gke.yml index c42c3256f45..8aa7fc48eec 100644 --- a/build/yamls/antrea-gke.yml +++ b/build/yamls/antrea-gke.yml @@ -2918,6 +2918,7 @@ rules: - get - watch - list + - patch - apiGroups: - "" resources: diff --git a/build/yamls/antrea-ipsec.yml b/build/yamls/antrea-ipsec.yml index b8ec34cd2c7..9ed0170847f 100644 --- a/build/yamls/antrea-ipsec.yml +++ b/build/yamls/antrea-ipsec.yml @@ -2918,6 +2918,7 @@ rules: - get - watch - list + - patch - apiGroups: - "" resources: diff --git a/build/yamls/antrea.yml b/build/yamls/antrea.yml index 5b6c682e4b3..2f3f4e62e64 100644 --- a/build/yamls/antrea.yml +++ b/build/yamls/antrea.yml @@ -2918,6 +2918,7 @@ rules: - get - watch - list + - patch - apiGroups: - "" resources: diff --git a/build/yamls/base/agent-rbac.yml b/build/yamls/base/agent-rbac.yml index d1b900d573e..13c94107750 100644 --- a/build/yamls/base/agent-rbac.yml +++ b/build/yamls/base/agent-rbac.yml @@ -18,6 +18,7 @@ rules: - get - watch - list + - patch - apiGroups: - "" resources: diff --git a/pkg/agent/agent.go b/pkg/agent/agent.go index 440f77c9e4f..ad6e6a0aa60 100644 --- a/pkg/agent/agent.go +++ b/pkg/agent/agent.go @@ -221,6 +221,10 @@ func (i *Initializer) Initialize() error { return err } + if err := i.updateNodeMACAnnotation(); err != nil { + return err + } + if err := i.setupOVSBridge(); err != nil { return err } diff --git a/pkg/agent/agent_linux.go b/pkg/agent/agent_linux.go index e9158572e92..219e5380044 100644 --- a/pkg/agent/agent_linux.go +++ b/pkg/agent/agent_linux.go @@ -25,6 +25,10 @@ func (i *Initializer) prepareHostNetwork() error { return nil } +func (i *Initializer) updateNodeMACAnnotation() error { + return nil +} + // prepareOVSBridge returns immediately on Linux. func (i *Initializer) prepareOVSBridge() error { return nil diff --git a/pkg/agent/agent_windows.go b/pkg/agent/agent_windows.go index 13a8ab745c5..500e7cbebe7 100644 --- a/pkg/agent/agent_windows.go +++ b/pkg/agent/agent_windows.go @@ -17,16 +17,22 @@ package agent import ( + "context" + "encoding/json" "fmt" "net" "strings" "github.com/Microsoft/hcsshim" "github.com/rakelkar/gonetsh/netroute" + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + apitypes "k8s.io/apimachinery/pkg/types" "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/agent/config" "github.com/vmware-tanzu/antrea/pkg/agent/interfacestore" + "github.com/vmware-tanzu/antrea/pkg/agent/types" "github.com/vmware-tanzu/antrea/pkg/agent/util" "github.com/vmware-tanzu/antrea/pkg/ovs/ovsctl" ) @@ -76,6 +82,35 @@ func (i *Initializer) prepareHostNetwork() error { return util.PrepareHNSNetwork(subnetCIDR, i.nodeConfig.NodeIPAddr, adapter) } +// updateNodeMACAnnotation updates the Node's MAC address in the Annotations of the Node. The MAC address will be used +// for direct routing via Openflow in noencap case. +func (i *Initializer) updateNodeMACAnnotation() error { + if !i.networkConfig.TrafficEncapMode.SupportsNoEncap() { + return nil + } + patch, _ := json.Marshal(map[string]interface{}{ + "metadata": map[string]interface{}{ + "annotations": map[string]string{ + types.NodeMACAddressAnnotationKey: i.nodeConfig.UplinkNetConfig.MAC.String(), + }, + }, + }) + var err error + for attempt := 0; attempt < 3; attempt++ { + _, err = i.client.CoreV1().Nodes().Patch(context.TODO(), i.nodeConfig.Name, apitypes.MergePatchType, patch, metav1.PatchOptions{}) + if err != nil { + if !errors.IsConflict(err) { + return err + } + klog.Warningf("Updating Node MAC annotation failed: %v, will retry", err) + continue + } + klog.Infof("Updating Node MAC annotation succeeded") + return nil + } + return err +} + // prepareOVSBridge adds local port and uplink to ovs bridge. // This function will delete OVS bridge and HNS network created by antrea on failure. func (i *Initializer) prepareOVSBridge() error { diff --git a/pkg/agent/types/annotations.go b/pkg/agent/types/annotations.go new file mode 100644 index 00000000000..c835cb34e10 --- /dev/null +++ b/pkg/agent/types/annotations.go @@ -0,0 +1,20 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package types + +const ( + // NodeMACAddressAnnotationKey represents the key of the Node's MAC address in the Annotations of the Node. + NodeMACAddressAnnotationKey string = "node.antrea.io/mac-address" +)