Implementation of flow aggregator build system and structure (#1558)

This is the first PR of flow aggregator implementation, which only contains the build system and main structure of it, including the yaml files, github workflow changes and command linue tools.
antrea-io · Dec 11, 2020 · a3f0042 · a3f0042
1 parent 6e3d8c7
commit a3f0042
Show file tree

Hide file tree

Showing 20 changed files with 675 additions and 0 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -5,10 +5,12 @@ on:
     branches:
       - master
       - release-*
+      - feature/flow-aggregator
   push:
     branches:
       - master
       - release-*
+      - feature/flow-aggregator
 
 jobs:
   check-changes:
@@ -96,3 +98,20 @@ jobs:
         echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
         make push
         make push-release
+
+  build-flow-aggregator:
+    needs: check-changes
+    if: ${{ needs.check-changes.outputs.has_changes == 'yes' || github.event_name == 'push' }}
+    runs-on: [ubuntu-18.04]
+    steps:
+    - uses: actions/checkout@v2
+    - name: Build flow-aggregator Docker image
+      run: make flow-aggregator-ubuntu
+    - name: Push flow-aggregator Docker image to registry
+      if: ${{ github.repository == 'vmware-tanzu/antrea' && github.event_name == 'push' && github.ref == 'refs/heads/master' }}
+      env:
+        DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+        DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+      run: |
+        echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
+        docker push antrea/flow-aggregator:latest
diff --git a/.github/workflows/build_tag.yml b/.github/workflows/build_tag.yml
@@ -49,3 +49,17 @@ jobs:
           VERSION="${TAG:10}" make octant-antrea-ubuntu
           echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
           docker push antrea/octant-antrea-ubuntu:"${TAG:10}"
+
+  build-flow-aggregator:
+    runs-on: [ubuntu-18.04]
+    steps:
+    - uses: actions/checkout@v2
+    - name: Build flow-aggregator Docker image and push to registry
+      env:
+        DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
+        DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+        TAG: ${{ github.ref }}
+      run: |
+        VERSION="${TAG:10}" make flow-aggregator-ubuntu
+        echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
+        docker push antrea/flow-aggregator:"${TAG:10}"
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -4,10 +4,12 @@ on:
     branches:
     - master
     - release-*
+    - feature/flow-aggregator
   push:
     branches:
     - master
     - release-*
+    - feature/flow-aggregator
 jobs:
 
 

diff --git a/.github/workflows/kind.yml b/.github/workflows/kind.yml
@@ -4,10 +4,12 @@ on:
     branches:
     - master
     - release-*
+    - feature/flow-aggregator
   push:
     branches:
     - master
     - release-*
+    - feature/flow-aggregator
 
 env:
   KIND_VERSION: v0.9.0

diff --git a/.github/workflows/upload_release_assets.yml b/.github/workflows/upload_release_assets.yml
@@ -178,6 +178,15 @@ jobs:
         asset_path: ./assets/antrea-windows.yml
         asset_name: antrea-windows.yml
         asset_content_type: application/octet-stream
+    - name: Upload flow-aggregator.yml
+      uses: actions/upload-release-asset@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        upload_url: ${{ github.event.release.upload_url }}
+        asset_path: ./assets/flow-aggregator.yml
+        asset_name: flow-aggregator.yml
+        asset_content_type: application/octet-stream
     - name: Upload antrea-agent-windows-x86_64.exe
       uses: actions/upload-release-asset@v1
       env:

diff --git a/Makefile b/Makefile
@@ -70,6 +70,11 @@ windows-bin:
 	GOOS=windows $(GO) build -o $(BINDIR) $(GOFLAGS) -ldflags '$(LDFLAGS)' github.com/vmware-tanzu/antrea/cmd/antrea-cni \
 		github.com/vmware-tanzu/antrea/cmd/antrea-agent
 
+.PHONY: flow-aggregator
+flow-aggregator:
+	@mkdir -p $(BINDIR)
+	GOOS=linux $(GO) build -o $(BINDIR) $(GOFLAGS) -ldflags '$(LDFLAGS)' github.com/vmware-tanzu/antrea/cmd/flow-aggregator
+
 .PHONY: test-unit test-integration
 ifeq ($(UNAME_S),Linux)
 test-unit: .linux-test-unit
@@ -298,6 +303,7 @@ manifest:
 	$(CURDIR)/hack/generate-manifest.sh --mode dev --cloud AKS --encap-mode networkPolicyOnly > build/yamls/antrea-aks.yml
 	$(CURDIR)/hack/generate-manifest-octant.sh --mode dev > build/yamls/antrea-octant.yml
 	$(CURDIR)/hack/generate-manifest-windows.sh --mode dev > build/yamls/antrea-windows.yml
+	$(CURDIR)/hack/generate-manifest-flow-aggregator.sh --mode dev > build/yamls/flow-aggregator.yml
 
 .PHONY: manifest-coverage
 manifest-coverage:
@@ -311,6 +317,16 @@ octant-antrea-ubuntu:
 	docker tag antrea/octant-antrea-ubuntu:$(DOCKER_IMG_VERSION) antrea/octant-antrea-ubuntu
 	docker tag antrea/octant-antrea-ubuntu:$(DOCKER_IMG_VERSION) projects.registry.vmware.com/antrea/octant-antrea-ubuntu
 
+.PHONY: flow-aggregator-ubuntu
+flow-aggregator-ubuntu:
+	@echo "===> Building antrea/flow-aggregator Docker image <==="
+ifneq ($(DOCKER_REGISTRY),"")
+	docker build -t antrea/flow-aggregator:$(DOCKER_IMG_VERSION) -f build/images/flow-aggregator/Dockerfile .
+else
+	docker build --pull -t antrea/flow-aggregator:$(DOCKER_IMG_VERSION) -f build/images/flow-aggregator/Dockerfile .
+endif
+	docker tag antrea/flow-aggregator:$(DOCKER_IMG_VERSION) antrea/flow-aggregator
+
 .PHONY: verify
 verify:
 	@echo "===> Verifying spellings <==="

diff --git a/build/images/flow-aggregator/Dockerfile b/build/images/flow-aggregator/Dockerfile
@@ -0,0 +1,16 @@
+FROM golang:1.15 as flow-aggregator-build
+
+WORKDIR /antrea
+
+COPY . /antrea
+
+RUN make flow-aggregator
+
+FROM antrea/base-ubuntu:2.14.0
+
+LABEL maintainer="Antrea <[email protected]>"
+LABEL description="The docker image for the flow aggregator"
+
+USER root
+
+COPY --from=flow-aggregator-build /antrea/bin/flow-aggregator /usr/local/bin/
diff --git a/build/yamls/flow-aggregator.yml b/build/yamls/flow-aggregator.yml
@@ -0,0 +1,77 @@
+apiVersion: v1
+data:
+  flow-aggregator.conf: |
+    # Provide the flow collector address as string with format <IP>:<port>[:<proto>], where proto is tcp or udp.
+    # If no L4 transport proto is given, we consider tcp as default.
+    flowCollectorAddr: ""
+
+    # Provide flow export interval as a duration string. This determines how often the flow aggregator exports flow
+    # records to the flow collector.
+    # Flow export interval should be greater than or equal to 1s (one second).
+    # Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
+    flowExportInterval: 60s
+kind: ConfigMap
+metadata:
+  labels:
+    app: flow-aggregator
+  name: flow-aggregator-configmap-gcd5tkk2dd
+  namespace: flow-aggregator
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: flow-aggregator
+  name: flow-aggregator
+  namespace: flow-aggregator
+spec:
+  ports:
+  - port: 4739
+    protocol: UDP
+    targetPort: 4739
+  selector:
+    app: flow-aggregator
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: flow-aggregator
+  name: flow-aggregator
+  namespace: flow-aggregator
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: flow-aggregator
+  template:
+    metadata:
+      labels:
+        app: flow-aggregator
+    spec:
+      containers:
+      - args:
+        - --config
+        - /etc/flow-aggregator/flow-aggregator.conf
+        - --logtostderr=false
+        - --log_dir=/var/log/flowaggregator
+        - --alsologtostderr
+        - --log_file_max_size=100
+        - --log_file_max_num=4
+        - --v=0
+        command:
+        - flow-aggregator
+        image: antrea/flow-aggregator
+        imagePullPolicy: IfNotPresent
+        name: flow-aggregator
+        ports:
+        - containerPort: 4739
+        volumeMounts:
+        - mountPath: /etc/flow-aggregator/flow-aggregator.conf
+          name: flow-aggregator-config
+          readOnly: true
+          subPath: flow-aggregator.conf
+      volumes:
+      - configMap:
+          name: flow-aggregator-configmap-gcd5tkk2dd
+        name: flow-aggregator-config
diff --git a/build/yamls/flow-aggregator/base/conf/flow-aggregator.conf b/build/yamls/flow-aggregator/base/conf/flow-aggregator.conf
@@ -0,0 +1,9 @@
+# Provide the flow collector address as string with format <IP>:<port>[:<proto>], where proto is tcp or udp.
+# If no L4 transport proto is given, we consider tcp as default.
+flowCollectorAddr: ""
+
+# Provide flow export interval as a duration string. This determines how often the flow aggregator exports flow
+# records to the flow collector.
+# Flow export interval should be greater than or equal to 1s (one second).
+# Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
+flowExportInterval: 60s
diff --git a/build/yamls/flow-aggregator/base/flow-aggregator.yml b/build/yamls/flow-aggregator/base/flow-aggregator.yml
@@ -0,0 +1,51 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: flow-aggregator
+  namespace: flow-aggregator
+spec:
+  selector:
+    app: flow-aggregator
+  ports:
+  - port: 4739
+    protocol: UDP
+    targetPort: 4739
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: flow-aggregator
+  namespace: flow-aggregator
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: flow-aggregator
+  template:
+    spec:
+      containers:
+      - args:
+        - --config
+        - /etc/flow-aggregator/flow-aggregator.conf
+        - --logtostderr=false
+        - --log_dir=/var/log/flowaggregator
+        - --alsologtostderr
+        - --log_file_max_size=100
+        - --log_file_max_num=4
+        - --v=0
+        command:
+          - flow-aggregator
+        name: flow-aggregator
+        image: antrea/flow-aggregator
+        ports:
+          - containerPort: 4739
+        volumeMounts:
+        - mountPath: /etc/flow-aggregator/flow-aggregator.conf
+          name: flow-aggregator-config
+          readOnly: true
+          subPath: flow-aggregator.conf
+      volumes:
+      - name: flow-aggregator-config
+        configMap:
+          name: flow-aggregator-configmap
+
diff --git a/build/yamls/flow-aggregator/base/kustomization.yml b/build/yamls/flow-aggregator/base/kustomization.yml
@@ -0,0 +1,11 @@
+resources:
+- flow-aggregator.yml
+configMapGenerator:
+- files:
+  - conf/flow-aggregator.conf
+  name: flow-aggregator-configmap
+commonLabels:
+  app: flow-aggregator
+namespace: flow-aggregator
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
diff --git a/build/yamls/flow-aggregator/patches/dev/imagePullPolicy.yml b/build/yamls/flow-aggregator/patches/dev/imagePullPolicy.yml
@@ -0,0 +1,11 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: flow-aggregator
+  namespace: flow-aggregator
+spec:
+  template:
+    spec:
+      containers:
+        - name: flow-aggregator
+          imagePullPolicy: IfNotPresent
diff --git a/build/yamls/flow-aggregator/patches/release/.gitignore b/build/yamls/flow-aggregator/patches/release/.gitignore
@@ -0,0 +1 @@
+# placeholder
diff --git a/cmd/flow-aggregator/config.go b/cmd/flow-aggregator/config.go
@@ -0,0 +1,28 @@
+// Copyright 2020 Antrea Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+type FlowAggregatorConfig struct {
+	// Provide the flow collector address as string with format <IP>:<port>[:<proto>], where proto is tcp or udp.
+	// If no L4 transport proto is given, we consider tcp as default.
+	// Defaults to "".
+	FlowCollectorAddr string `yaml:"flowCollectorAddr,omitempty"`
+	// Provide flow export interval as a duration string. This determines how often the flow aggregator exports flow
+	// records to the flow collector.
+	// Flow export interval should be greater than or equal to 1s (one second).
+	// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
+	// Defaults to "60s".
+	FlowExportInterval string `yaml:"flowExportInterval,omitempty"`
+}
diff --git a/cmd/flow-aggregator/flow-aggregator.go b/cmd/flow-aggregator/flow-aggregator.go
@@ -0,0 +1,35 @@
+// Copyright 2020 Antrea Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"k8s.io/klog"
+
+	aggregator "github.com/vmware-tanzu/antrea/pkg/flowaggregator"
+	"github.com/vmware-tanzu/antrea/pkg/signals"
+)
+
+func run(o *Options) error {
+	klog.Infof("Flow aggregator starting...")
+	// Set up signal capture: the first SIGTERM / SIGINT signal is handled gracefully and will
+	// cause the stopCh channel to be closed; if another signal is received before the program
+	// exits, we will force exit.
+	stopCh := signals.RegisterSignalHandlers()
+	flowAggregator := aggregator.InitFlowAggregator(o.flowCollectorAddr, o.exportInterval)
+	go flowAggregator.Run(stopCh)
+	<-stopCh
+	klog.Infof("Stopping flow aggregator")
+	return nil
+}