Implement antctl get pod-interface [podName]

[lzhecheng]

Issue #275

Implemented antctl subcommand: pod-interface

• This command is under get group to get pod interface information.
  Users can filter the result with "podName" as an arg or "namespace"
  as an flag. The default namespace is "default".
• Removed duplicated flag in commandDefinition.
• Support bool flag

The output should be like this:

{
  "name": "patch-demo-c8796b6dd-5k6qn",
  "InterfaceName": "patch-de-17bf25",
  "IP": "192.168.2.7",
  "MAC": "36:44:77:45:ee:55",
  "PortUUID": "e2bc4318-5cda-4be9-ab61-8ff748db7320",
  "OFPort": 8,
  "ContainerID": "58e4aba280fe1696a647aa0f928071a3bfb25a9da21937dcdc05200fce39ca20",
  "PodNamespace": "default"
}

[antrea-bot]

Thanks for your PR.
Unit tests and code linters are run automatically every time the PR is updated.
E2e, conformance and network policy tests can only be triggered by a member of the vmware-tanzu organization. Regular contributors to the project should join the org.

The following commands are available:

• /test-e2e: to trigger e2e tests.
• /skip-e2e: to skip e2e tests.
• /test-conformance: to trigger conformance tests.
• /skip-conformance: to skip conformance tests.
• /test-networkpolicy: to trigger networkpolicy tests.
• /skip-networkpolicy: to skip networkpolicy tests.
• /test-all: to trigger all tests.
• /skip-all: to skip all tests.

These commands can only be run by members of the vmware-tanzu organization.

[lzhecheng]

/test-all

[lzhecheng]

/test-networkpolicy

[antoninbas]

I may be missing something, but it seems that the command should use the Namespace as well as the Pod name.

IMO, if I have 2 Pods with the same name in 2 different namespaces, I should be able to select a single one. It doesn't seem like it is the case right now. It seems that you stop at the first Pod for which the name matches?

Also, as I commented on the agent-info PR, will we be able to run this command from out-of-cluster (from out of the agent Pod)? That would be very useful.

[antoninbas]

maybe others will disagree but I would suggest having a more generic GetInterfacesByType(interfaceType InterfaceType) interface method - like we have GetInterfaceKeysByType below. Maybe it will help keep the number of methods for this interface "reasonable".

[lzhecheng]

Do you mean make the command like antctl get pod podName -n nsName ? Do you use namespace to filter for CRD @mengdie-song ?
Then if user doesn't specify the namespace name, let's show all pods with different namespaces ?

Yes, we can run this command remotely with future implementation.

[mengdie-song]

@lzhecheng For CRD, currently we only have the field LocalPodNum to show the number of Pod. I did not distinguish them by namespaces. I can enhance this part if we want more information for local pods in CRD. But if the number of Pods is too large, I am afraid the CRD is not friendly way to show.

However, CLI can show more information than CRD if we want. Since this patch has already added a separate function GetContainerInterfaces to get details, we can get Pod namespace from InterfaceConfig if we would like to show it via CLI.

[antoninbas]

I suggest using "Pod" and not "pod" for user-facing messages, for the sake of consistency.

[jianjuns]

+1

[lzhecheng]

Reasonable. Updated.

[antoninbas]

should the file be named "get_pod.go" instead since this is the "pod" subcommand in the "get" command group? Would it be possible to have a "pod" subcommand in another command group?

[lzhecheng]

Yes, it is possible. Updated.

[antoninbas]

suggestion: "Print information about the network interface(s) created by the Antrea agent for the specified Pod".

[lzhecheng]

Updated.

[jianjuns]

A general question for this cmd - do we plan to add more information about the Pod later? If it is just about Pod interface info, maybe name it get pod-interface?

[jianjuns]

I would stop adding more CLI code to Agent/ControllerMonitor which is originally for MonitorCRD.
But we can decide this together with other changes I suggested like extracting API server code out of CLI.

[jianjuns]

+1

[jianjuns]

Could you provide an example output of the command? I have three general questions:

1. Should we add the namespace argument (like --namespace/-N just like kubectl).
2. Should we support getting all Pods (Pod name is not specified).
3. If the command is for Pod interface configuration only? If so should we name it get pod-interface; if not should we define a separate struct like PodInfo for future extension, instead of using InterfaceConfig directly.
   @tnqn

[lzhecheng]

Could you provide an example output of the command? I have three general questions:

1. Should we add the namespace argument (like --namespace/-N just like kubectl).
2. Should we support getting all Pods (Pod name is not specified).
3. If the command is for Pod interface configuration only? If so should we name it get pod-interface; if not should we define a separate struct like PodInfo for future extension, instead of using InterfaceConfig directly.
   @tnqn

I just put an example in the description of this PR.

1. Yes, this is under development.
2. Yes, this has been implemented.
3. I agree we can change the command name to "pod-interface".

[lzhecheng]

/test-networkpolicy

[tnqn]

Restful api doesn't have verb in url path, which should be expressed by http method.

[lzhecheng]

Updated.

[tnqn]

I understand they are redundant but better to not touch unrelated code so that reviewers can focus on your change and there won't be surprise when seeing git history that some lines are changed in an unrelated PR.

[lzhecheng]

Removed since this is fixed in other PR.

[tnqn]

why is there a "v" prefix for namespace only?

[lzhecheng]

There used to be other var named podNS so I added "v" to avoid conflict. Now it is ok to name it "podNS".

[tnqn]

Why using Println in server code?

[lzhecheng]

It is not final code and only for debugging. Removed.

[tnqn]

This is a closure so aq has been decided before serving requests. If aq could possibly be nil, I would prefer we return error at the earliest place so that we don't need to check aq in every subroutine of the call stack.
Actually I checked agent.go has made sure aq cannot be nil so this check is not necessary.

[lzhecheng]

Thanks for reminding. Code is not updated according to refactored framework.

[tnqn]

Is namespace a mandatory field? Is it safe to assume len(ns) > 0?

[lzhecheng]

namespace has a default value and if no value after "-n", it will return Error: flag needs an argument: 'n' in -n.

[tnqn]

This can be simpler:

if doFilter and len(m) == 0 {
	w.WriteHeader(http.StatusNotFound)
} else {
	var pods []GetPodInterfaceResponse
	for k, v := range m {
		pods = append(pods, GetPodInterfaceResponse{k, v})
	}
	err := json.NewEncoder(w).Encode(pods)
	if err != nil {
		w.WriteHeader(http.StatusInternalServerError)
	}
}

[lzhecheng]

Refactored.

[tnqn]

Why using map and having the podname as the key? Is there any reason pods having same name but in different namespaces needs to be grouped together?

[lzhecheng]

Refactored.

[tnqn]

Could you provide an example output of the command? I have three general questions:

1. Should we add the namespace argument (like --namespace/-N just like kubectl).
2. Should we support getting all Pods (Pod name is not specified).
3. If the command is for Pod interface configuration only? If so should we name it get pod-interface; if not should we define a separate struct like PodInfo for future extension, instead of using InterfaceConfig directly.
   @tnqn

@jianjuns, sorry for missing the notification. All sounds good to me.

[lzhecheng]

/test-e2e

[lzhecheng]

I followed @jianjuns 's suggestion and updated the code.

[lzhecheng]

/test-all

[tnqn]

Again, why multiple interfaces with same Pod name are grouped together? They are logically unrelated, I think the previous flatten struct works.

[tnqn]

ditto, is there any problem using a slice to keep result?

[tnqn]

The 3 branches can be simplified as:

if len(name) > 0 && len(m) == 0 {
    w.WriteHeader(http.StatusNotFound)
    return
}
var pods []Response
...

[lzhecheng]

Code updated to avoid grouping pods with same name but in different namespaces together. isSingle field in nonResourceEndpoint is turned into outputType, an enum including default, single and multiple.

[lzhecheng]

/test-all

[lzhecheng]

/test-e2e
/test-conformance

[tnqn]

nit: keep the normal code path at a minimal indentation, and indent the error handling, dealing with it first https://github.com/golang/go/wiki/CodeReviewComments#indent-error-flow

[lzhecheng]

Updated

[tnqn]

"default" is shorter than "multiple", why use short for it alone? and this short doesn't seem common.

[lzhecheng]

I think "default" is reserved? Let's change it to "defaultType"

[tnqn]

output sounds like an action, maybe "outputType" to avoid confusion.

[lzhecheng]

IMO, "output" sounds like a noun which is shorter like the original "single". Also, if changed, we will have outputType() as a function and a outputType as a field in nonResourceEndpoint, which is confusing I think.

[tnqn]

Of course it can sound like a noun but it means the output of the responder? I don't know if it's only me who will be confused by the function name. AFAIK, Output is widely used by exec, command, http request to get the output and the noun output is used to take the return value.
Besides, if output is really clear for the mean of outputType, why the type is named OutputType while the method is named output?
Defining a method to get the field with same name is quite common regardless of languages, it's even encouraged to do it in Golang (to save the prefix Get), I don't think it's confusing.

If you have a field called owner (lower case, unexported), the getter method should be called Owner (upper case, exported), not GetOwner.

https://golang.org/doc/effective_go.html#Getters

[lzhecheng]

Thanks for sharing the doc. But outputType() cannot work, it returns type nonResourceEndpoint has both field and method named outputType. I choose OutputType() instead.

[tnqn]

This case is still testing single object, why change the case name?

[lzhecheng]

Updated. Thanks for reminding me cuz I changed it by mistake.

[tnqn]

why not use outputType as variable name?

[lzhecheng]

Updated.

[tnqn]

Do we still need this?

[lzhecheng]

Indeed, BoolFlag is not applied by any commands now. However, I suggest keeping it since these newly-added types not just add support for "bool" flag but also it refactors the code to adapt more kinds of flags in the future. Unless there will only be string flag, I think it is worthwhile to keep these changes.

[tnqn]

Then we should add this the first time it is used, not assuming it can be used one day unpredictably. Some people are even dedicated to clean up functions, structs that are no longer used no matter how useful they used to be. We shouldn't do the opposite thing.

[lzhecheng]

Removed.

[tnqn]

are they still needed?

[lzhecheng]

Removed.

[tnqn]

I think it's worth to add comments for this values, it took me a while to understand, maybe others will have question too.

[lzhecheng]

Comments added.

[weiqiangt]

Overall, LGTM, some nits left.

[weiqiangt]

@jianjuns Do you think we should access interfacestore in the handler directly?

[weiqiangt]

nit, maybe add the modifier always?

[lzhecheng]

Updated.

[weiqiangt]

nit: it would be better to have a variable for cd.getEndpoint().OutputType() != multiple && (cd.getEndpoint().OutputType() == single || argGet).

[lzhecheng]

Updated

[jianjuns]

Have a question here: for registered APIGroup exposed via API Server, could we have the "single" case, but is the API path exposes a single object, but not a type of resources?
I am asking because I am adding the controller-info cmd which should be exposed via aggregated API, and wondering it should be declared as a resourceEndpoint or nonResourceEndpoint in antctl.go. The former does not have the "single" type now,
@weiqiangt @tnqn

[weiqiangt]

I think the controller-info is a similar case of version.
If you specified a resourceName, the antctl would always assume the response is single. The antctl does not know what the content is but just dispatch the response to the transform function according to definition.

[jianjuns]

Sure. My question is could resourceEndpoint also have the "single" type case, or it should be always "multiple"?

[weiqiangt]

For now, if a resourceEndpoint specified resourceName then it is single inexplicitly, otherwise, the antctl will only assume the response is single when running command with arg.
I don't think @lzhecheng implemented multiple for resourceEndpoint, but developers can make the both single transform func and list transform func expect same type to hack a multiple behavior.

[jianjuns]

LGTM

[lzhecheng]

/test-all

[tnqn]

LGTM