ovn-org · qinqon · Oct 14, 2024 · Oct 14, 2024 · Oct 21, 2024 · maiqueb
@@ -3,6 +3,7 @@ package kubevirt
 import (
 	"fmt"
 	"net"
+	"sort"
 
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -349,3 +350,82 @@ func ZoneContainsPodSubnetOrUntracked(watchFactory *factory.WatchFactory, lsMana
 func IsPodOwnedByVirtualMachine(pod *corev1.Pod) bool {
 	return ExtractVMNameFromPod(pod) != nil
 }
+
+func isTargetPodReady(targetPod *corev1.Pod) bool {
+	if targetPod == nil {
+		return false
+	}
+
+	// This annotation only appears on live migration scenarios, and it signals
+	// that target VM pod is ready to receive traffic, so we can route
+	// traffic to it.
+	targetReadyTimestamp := targetPod.Annotations[kubevirtv1.MigrationTargetReadyTimestamp]
+
+	// VM is ready to receive traffic
+	return targetReadyTimestamp != ""
+}
+
+func filterNotComplete(vmPods []*corev1.Pod) []*corev1.Pod {
+	var notCompletePods []*corev1.Pod
+	for _, vmPod := range vmPods {
+		if !util.PodCompleted(vmPod) {
+			notCompletePods = append(notCompletePods, vmPod)
+		}
+	}
+
+	return notCompletePods
+}
+
+type LiveMigrationState string
+
+const (
+	LiveMigrationInProgress        LiveMigrationState = "InProgress"
+	LiveMigrationTargetDomainReady LiveMigrationState = "TargetDomainReady"
+	LiveMigrationCompleted         LiveMigrationState = "Completed"
+)
+
+type LiveMigrationStatus struct {
+	SourcePod, TargetPod *corev1.Pod
+	State                LiveMigrationState
+}
+
+func DiscoverLiveMigrationStatus(client *factory.WatchFactory, pod *corev1.Pod) (*LiveMigrationStatus, error) {
+	vmKey := ExtractVMNameFromPod(pod)
+	if vmKey == nil {
+		return nil, nil
+	}
+
+	vmPods, err := client.GetPodsBySelector(pod.Namespace, metav1.LabelSelector{MatchLabels: map[string]string{kubevirtv1.VirtualMachineNameLabel: vmKey.Name}})
+	if err != nil {
+		return nil, err
+	}
+
+	//TODO: cover failed migration
+	vmPods = filterNotComplete(vmPods)
+
+	// no migration
+	if len(vmPods) < 2 {
+		return nil, nil
+	}
+
+	if len(vmPods) > 2 {
+		return nil, fmt.Errorf("unexpected live migration state at pods: %+v", vmPods)
+	}
+
+	// Sort vmPods by creation time
+	sort.Slice(vmPods, func(i, j int) bool {
+		// i less than j
+		return vmPods[j].CreationTimestamp.After(vmPods[i].CreationTimestamp.Time)
+	})
+
+	status := LiveMigrationStatus{
+		SourcePod: vmPods[0],
+		TargetPod: vmPods[1],
+		State:     LiveMigrationInProgress,
+	}
+
+	if isTargetPodReady(status.TargetPod) {
+		status.State = LiveMigrationTargetDomainReady
+	}
+	return &status, nil
+}
@@ -493,7 +493,7 @@ func buildFailOnDuplicateOps(c client.Client, m model.Model) ([]ovsdb.Operation,
 func getAllUpdatableFields(model model.Model) []interface{} {
 	switch t := model.(type) {
 	case *nbdb.LogicalSwitchPort:
-		return []interface{}{&t.Addresses, &t.Type, &t.TagRequest, &t.Options, &t.PortSecurity}
+		return []interface{}{&t.Addresses, &t.Type, &t.TagRequest, &t.Options, &t.PortSecurity, &t.Enabled}
 	case *nbdb.PortGroup:
 		return []interface{}{&t.ACLs, &t.Ports, &t.ExternalIDs}
 	default:

@@ -18,13 +18,15 @@ import (
 	"github.com/ovn-org/ovn-kubernetes/go-controller/pkg/factory"
 	"github.com/ovn-org/ovn-kubernetes/go-controller/pkg/kubevirt"
 	logicalswitchmanager "github.com/ovn-org/ovn-kubernetes/go-controller/pkg/ovn/logical_switch_manager"
+	"github.com/ovn-org/ovn-kubernetes/go-controller/pkg/types"
 	ovntypes "github.com/ovn-org/ovn-kubernetes/go-controller/pkg/types"
 	"github.com/ovn-org/ovn-kubernetes/go-controller/pkg/util"
 	kapi "k8s.io/api/core/v1"
 	kerrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/klog/v2"
+	"k8s.io/utils/ptr"
 
 	libovsdbclient "github.com/ovn-org/libovsdb/client"
 	"github.com/ovn-org/libovsdb/ovsdb"
@@ -588,7 +590,29 @@ func (bnc *BaseNetworkController) addLogicalPortToNetwork(pod *kapi.Pod, nadName
 		}
 	}
 
-	ops, err = libovsdbops.CreateOrUpdateLogicalSwitchPortsOnSwitchOps(bnc.nbClient, nil, ls, lsp)
+	lsps := []*nbdb.LogicalSwitchPort{lsp}
+	if kubevirt.IsPodOwnedByVirtualMachine(pod) && bnc.isAllowedForMigration() {
+		kubevirtLiveMigrationStatus, err := kubevirt.DiscoverLiveMigrationStatus(bnc.watchFactory, pod)
+		if err != nil {
+			return nil, nil, nil, false, err
+		}
+		if kubevirtLiveMigrationStatus != nil && pod.Name == kubevirtLiveMigrationStatus.TargetPod.Name {
+			lsp.Enabled = ptr.To(kubevirtLiveMigrationStatus.State == kubevirt.LiveMigrationTargetDomainReady)
+			// kubevirt do not update source pod, so the controller cannot wait for
+			// it to disable the LSP, let's just do it here at the same operation
+			if kubevirtLiveMigrationStatus.State == kubevirt.LiveMigrationTargetDomainReady {
+				sourcePodLSP := &nbdb.LogicalSwitchPort{
+					Name:    bnc.GetLogicalPortName(kubevirtLiveMigrationStatus.SourcePod, nadName),
+					Enabled: ptr.To(false),
+				}
+				lsps = append(lsps, sourcePodLSP)
+				klog.Infof("DELETEME, source.pod: %s, source.enabled: %t", kubevirtLiveMigrationStatus.SourcePod.Name, *sourcePodLSP.Enabled)
+			}
+			klog.Infof("DELETEME, target.pod: %s, target.enabled: %t", pod.Name, *lsp.Enabled)
+		}
+	}
+
+	ops, err = libovsdbops.CreateOrUpdateLogicalSwitchPortsOnSwitchOps(bnc.nbClient, nil, ls, lsps...)
 	if err != nil {
 		return nil, nil, nil, false,
 			fmt.Errorf("error creating logical switch port %+v on switch %+v: %+v", *lsp, *ls, err)
@@ -1162,3 +1186,7 @@ func (bnc *BaseNetworkController) wasPodReleasedBeforeStartup(uid, nad string) b
 	}
 	return bnc.releasedPodsBeforeStartup[nad].Has(uid)
 }
+
+func (bnc *BaseNetworkController) isAllowedForMigration() bool {
+	return bnc.IsSecondary() && bnc.TopologyType() == types.Layer2Topology
+}