Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

subnet routes (fixed, completed) #204

Merged
merged 10 commits into from
Mar 28, 2023
Merged

subnet routes (fixed, completed) #204

merged 10 commits into from
Mar 28, 2023

Conversation

BenjaminLudwigSAP
Copy link
Collaborator

@BenjaminLudwigSAP BenjaminLudwigSAP commented Feb 9, 2023
edited
Loading

This fixes and completes #196 and #202.
This will be followed up by - but is independent of - refactoring PR #205.
Closes #207

@notandy @BenjaminLudwigSAP
Interface route for subnets without self-ip
3d653ff 
This PR introduces l2 generation and update for interface routes for
subnets of a network that have no self-ip.
This allows having pool members from foreign subnets without the need to route
via default gw and allow setups like no-snat.
@BenjaminLudwigSAP BenjaminLudwigSAP changed the title Fix static subnet route creation/deletion subnet routes (fixed, completed) Feb 27, 2023
@BenjaminLudwigSAP
[l2] Fix subnet route provisioning
c81eb89 
- Provision subnet routes to Common tenant, because
  - Tenant deletion happens before L2 cleanup and fails when routes
    are still present in the tenant
  - A small caveat is that we can't filter by regex or wildcard when
    fetching routes from the BigIP via iControl REST, so we need to
    filter after fetching.

- Rename methods to something with 'subnet routes' instead of 'static
  routes'. The routes are static insofar as they are statically
  configured, but so are other routes provisioned by the F5 provider
  driver, so 'static' is not needed.

- A separate CleanupSubnetRoutes task is needed since SyncSubnetRoutes
  does not know whether the network is to be deleted (i. e. whether it
  was called from remove_l2) and happily creates routes for all
  subnets of a network at network tenant deletion.

- Fix: SyncSubnetRoutes creates only one single subnet route due to
  unconditional return statement in the for loop.

- Fix: Missing RaisesIControlRestError decorator on
  CleanupDefaultRoute execute method

- Simplify subnet route sync logic

TODO:

- Remove orphaned subnet routes in L2SyncManager.full_sync

- SelfIPs and subnet routes are mutually exclusive. Their creation and
  deletion has to be coordinated, respectively
@BenjaminLudwigSAP
[unittest] test_SyncSubnetRoutes: Check subnet route name
539d096
@BenjaminLudwigSAP
[l2] Full sync: Clean up orphaned subnet routes
15a5177
@BenjaminLudwigSAP BenjaminLudwigSAP mentioned this pull request Feb 28, 2023
Open
@BenjaminLudwigSAP BenjaminLudwigSAP marked this pull request as ready for review March 1, 2023 16:23
notandy
notandy requested changes Mar 3, 2023
View reviewed changes
octavia_f5/controller/worker/tasks/f5_tasks.py Outdated Show resolved Hide resolved
octavia_f5/controller/worker/tasks/f5_tasks.py Outdated Show resolved Hide resolved
octavia_f5/controller/worker/tasks/f5_tasks.py Outdated Show resolved Hide resolved
@BenjaminLudwigSAP
[l2] Refactor subnet route provisioning
afc0a8c 
Ignore existing and needed route immediately without iterating over
the rest of the needed subnet routes.
This does not change behavior as long as each subnet ID appears only
once in the list of subnets, which we know is the case.
@BenjaminLudwigSAP
[l2] Fix subnet route deletions
e7e6bda 
existing_route does not have a 'path' key. This error was introduced
in #196
@notandy
[l2] don't mutate array while iterating over it
0812eae 
Same functionalty as before, but without changing the array that is
being iterated and a bit more compact.
@notandy
Copy link
Collaborator

notandy commented Mar 10, 2023

I've reproduced that the feature is suffering from the bug, that happens when adding a load-balancer to a subnet that already got a static subnet route. But so far it looks good.

@BenjaminLudwigSAP BenjaminLudwigSAP mentioned this pull request Mar 22, 2023
Closed
@BenjaminLudwigSAP
[l2] Fix: Subnet routes conflict with SelfIPs
4a6fdad 
- L2SyncManager:

  - Rename sync_l2_selfips_flow to
    sync_l2_selfips_and_subnet_routes_flow.
    I may in a future PR rename this again to something that makes the
    dichotomy more clear between provisioning all l2 objects and only
    SelfIPs and subnet routes. Maybe something along the lines of
    sync_l2_network_scope vs. sync_l2_subnet_scope, we'll see.

  - If there are no SelfIPs to provision (i.e. selfips is empty) we
    don't return immediately anymore, but instead provision subnet
    routes for all subnets. This gives us the least surprising behavior
    in the event that no SelfIP ports were created.

  - _do_sync_l2_selfips_and_subnet_routes_flow:
    Don't calculate SelfIPs to add/remove here. That calculation has
    to happen in the cleanup_selfips_and_subnet_routes and
    ensure_selfips_and_subnet_routes flows, respectively. This is so
    that selection of which subnet routes to delete can happen in the
    CleanupSubnetRoutes task. This avoids code duplication because
    that task is also called from remove_l2, but to delete ALL subnet
    routes of a network.

- F5Flows: Split up sync_l2_selfips into
  cleanup_selfips_and_subnet_routes for deletion and
  ensure_selfips_and_subnet_routes for creation

- F5Tasks:

  - Rename SyncSubnetRoutes to EnsureSubnetRoutes

  - Separate subnet_in_selfips sub-function out of EnsureSubnetRoutes
    to reuse it in both EnsureSubnetRoutes and CleanupSubnetRoutes

  - CleanupSubnetRoutes: Clean up either all subnet routes or only the
    unneeded ones. The former case is used by F5Flows.remove_l2
@BenjaminLudwigSAP
[l2] Fix full_sync: Needed subnet routes are deleted
7da1b54 
- Calculation of which subnet routes are needed was wrong: All subnets
  of all networks were considered. This means that orphaned subnet
  routes of still existing subnet routes were not deleted, even if the
  subnet doesn't have LBs anymore.

- continue statement was in nested for-loop. This means that no subnet
  routes were really skipped, the for-loop did nothing at all.
  This in turn means that all subnet routes were deleted at this point
  during full_sync and then recreated later when full_sync executes
  ensure_l2_flow.
notandy
notandy approved these changes Mar 27, 2023
View reviewed changes
Copy link
Collaborator

@notandy notandy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added minor comments, but in general it seems to work fine.

Afaik, _do_sync_l2_selfips_and_subnet_routes_flow can be completely embedded (and have therefor less boilerplate) in ensure_selfips_and_subnet_routes and is not reused elsewhere, but it's fine to do it another time.

octavia_f5/controller/worker/l2_sync_manager.py Show resolved Hide resolved
octavia_f5/controller/worker/flows/f5_flows.py Show resolved Hide resolved
octavia_f5/tests/unit/controller/worker/tasks/test_f5_tasks.py Show resolved Hide resolved
@BenjaminLudwigSAP BenjaminLudwigSAP mentioned this pull request Mar 28, 2023
Open
10 tasks
@BenjaminLudwigSAP
Copy link
Collaborator Author

I've opened #211 for future L2 refactoring.

@BenjaminLudwigSAP BenjaminLudwigSAP merged commit 9bc5a65 into stable/yoga-m3 Mar 28, 2023
@BenjaminLudwigSAP BenjaminLudwigSAP deleted the subnet-routes branch March 28, 2023 11:34
@notandy notandy mentioned this pull request Mar 28, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@notandy notandy notandy approved these changes

@m-kratochvil m-kratochvil Awaiting requested review from m-kratochvil

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add support for custom routes for LB listener port
2 participants
@BenjaminLudwigSAP @notandy