Delay the initialization of ARP/NDP responders #6700
Conversation
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
from
42d9434
to
dce62e5
Compare
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
from
dce62e5
to
2dd49d8
Compare
cmd/antrea-agent/agent.go
Outdated
| if egressController != nil { | ||
| go egressController.Run(stopCh) | ||
| } | ||
|
|
||
| if externalIPController != nil { | ||
| go externalIPController.Run(stopCh) | ||
| } | ||
|
|
There was a problem hiding this comment.
My concern with changing the order is that it is a bit arbitrary, we can introduce new unexpected issues, and it limits what we can do in the future. For example, we could in the future want to introduce a dependency of flowRestoreCompleteWait on the realization of Egress policies. It would make sense: delay the removal of flow-restore-wait until Egress policy flows have been installed, in order to provide a more consistent datapath on (re)start. See #6342 for more context.
However, we know that there is already a dependency of SecondaryNetwork initialization on flowRestoreCompleteWait. This dependency is important and AFAIK cannot be broken. So with the change described above, we would end up with a circular dependency:
EgressController before flowRestoreCompleteWait before SecondaryNetwork initialization before EgressController.
I would rather avoid "introducing" this new dependency (or rather enforcing this new dependency).
cc @tnqn for his opinion
There was a problem hiding this comment.
I think this is a valid concern. we can check/watch for interface changes in the responders to avoid the hard dependencies. Waiting for Quan's insights.
There was a problem hiding this comment.
Not introducing the dependency makes sense to me. Actually I'm considering something similar (check/watch for interface changes) to support #6547, for which we might add an externalInterface configuration and it could happen that not all nodes have the interface (and it's a valid case because user can select certain nodes as egress nodes, then raising error because the interface doesn't exist on non egress nodes doesn't make sense). If we can handle interface change in egress controller, it would solve two problems.
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
2 times, most recently
from
0b59d67
to
1945b5b
Compare
For secondary-network scenarios, the transport interface can be changed after the agent is started. The ARP/NDP responders should be started after the initialization of secondary-network to bind to the transport interface of the new index. Besides, this change also addresses the following issues: - NDP responder may fail to bind to the new interface due to the Duplicate Address Detection process. - Golang caches the zone index for the interface, which may result in NDP responder binding on the stale interface Fixes: antrea-io#6623 Signed-off-by: Xu Liu <[email protected]>
xliuxu
force-pushed
the
xliuxu/delay-initialize-responders
branch
from
1945b5b
to
586807b
Compare
| type Interface interface { | ||
| LinkExists(linkName string) bool | ||
|
|
||
| // Run starts the detector. | ||
| Run(stopCh <-chan struct{}) | ||
|
|
||
| // AddEventHandler registers an eventHandler of link updates. It's not thread-safe and should be called before | ||
| // starting the detector. | ||
| AddEventHandler(handler LinkEventHandler, linkName ...string) | ||
|
|
||
| // HasSynced returns true if the cache has been initialized with the existing links. | ||
| HasSynced() bool | ||
| } |
For secondary-network scenarios, the transport interface can be changed after the agent is started. The ARP/NDP responders should be started after the initialization of secondary-network to bind to the transport interface of the new index.
Besides, this change also addresses the following issues:
Fixes: #6623