Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FRR-K8s: make listening to incoming connections configurable #229

Merged
merged 1 commit into from
Nov 22, 2024
Merged

FRR-K8s: make listening to incoming connections configurable #229

merged 1 commit into from
Nov 22, 2024

Conversation

fedepaol
Copy link
Member

Is this a BUG FIX or a FEATURE ?:

Uncomment only one, leave it on its own line:

/kind bug
/kind cleanup
/kind feature
/kind design
/kind flake
/kind failing
/kind documentation
/kind regression

What this PR does / why we need it:

In case full mesh is not needed, always connecting results in a more predictable behavior. So let's let the user choose if they want to accept connectoins or not.

Special notes for your reviewer:

Release note:

Make the acceptance of incoming BGP connections optional via an helm parameter.

karampok
karampok reviewed Nov 21, 2024
View reviewed changes
Copy link
Contributor

@karampok karampok left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

General questions:
When metallb deploys the frr-k8s backend, it used HELM right? So the default will be no incoming connections? When we use operator the operator deploys the metallb and that deploys the backend, right?

charts/frr-k8s/values.yaml Outdated
@@ -163,6 +163,8 @@ frrk8s:
metricsPort: 7573
resources: {}
secureMetricsPort: 9141
# frr contains configuration specific to the FRR container,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not understand the comment, can you expand?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

because it's a copy / paste mistake :D

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

removed

@fedepaol
Copy link
Member Author

General questions: When metallb deploys the frr-k8s backend, it used HELM right? So the default will be no incoming connections? When we use operator the operator deploys the metallb and that deploys the backend, right?

re: metallb: it depends. If it uses kustomize, it will need to provide a custom configmap / kustomize override it. With helm, it uses helm. The operator uses helm

@fedepaol
FRR-K8s: make listening to incoming connections configurable
46dcc92 
In case full mesh is not needed, always connecting results in a more
predictable behavior.

Signed-off-by: Federico Paolinelli <[email protected]>
@karampok
Copy link
Contributor

karampok commented Nov 21, 2024
edited
Loading

CI failed in GR test and logs

2024/11/21 11:55:47 BGP: [H5AW4-JFYQC] Route-map: null, prefix: 192.168.2.0/24, result: deny
2024/11/21 11:55:47 BGP: [VERY4-P6JC8] 172.30.0.3(Unknown) [Update:SEND] 192.168.2.0/24 is filtered by route-map '172.30.0.3-out'

and

2024/11/21 11:55:12 WATCHFRR: [QDG3Y-BY5TN] zebra state -> up : connect succeeded
2024/11/21 11:55:12 WATCHFRR: [QDG3Y-BY5TN] mgmtd state -> up : connect succeeded
2024/11/21 11:55:12 WATCHFRR: [QDG3Y-BY5TN] staticd state -> up : connect succeeded
2024/11/21 11:55:12 WATCHFRR: [QDG3Y-BY5TN] bfdd state -> up : connect succeeded
2024/11/21 11:55:12 MGMTD: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:12 STATIC: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:12 BFD: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:12 ZEBRA: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:15 WATCHFRR: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:15.188 ZEBRA: [V4EEB-GQBPV] Add route-map 172.30.0.3-out
2024/11/21 11:55:15.188 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.3-out add sequence 1, type: permit
2024/11/21 11:55:15.189 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.3-pl-ipv4 in route-map 172.30.0.3-out
2024/11/21 11:55:15.189 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.3-pl-ipv4: 172.30.0.3-out
2024/11/21 11:55:15.191 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.3-out add sequence 2, type: permit
2024/11/21 11:55:15.193 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.3-pl-ipv4 in route-map 172.30.0.3-out
2024/11/21 11:55:15.193 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.3-pl-ipv4: 172.30.0.3-out
2024/11/21 11:55:15.194 ZEBRA: [RWPWC-9TYFK] Filter 172.30.0.3-pl-ipv4 updated
2024/11/21 11:55:15.194 ZEBRA: [PQ39Y-44VF4] Notifying 172.30.0.3-out of dependency
2024/11/21 11:55:15.200 ZEBRA: [V4EEB-GQBPV] Add route-map 172.30.0.3-in
2024/11/21 11:55:15.200 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.3-in add sequence 3, type: deny
2024/11/21 11:55:15.202 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.3-denied-inpl-ipv4 in route-map 172.30.0.3-in
2024/11/21 11:55:15.202 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.3-denied-inpl-ipv4: 172.30.0.3-in
2024/11/21 11:55:15.204 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.3-in add sequence 4, type: deny
2024/11/21 11:55:15.207 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.3-denied-inpl-ipv4 in route-map 172.30.0.3-in
2024/11/21 11:55:15.207 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.3-denied-inpl-ipv4: 172.30.0.3-in
2024/11/21 11:55:15.216 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.3-in add sequence 5, type: permit
2024/11/21 11:55:15.217 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.3-inpl-ipv4 in route-map 172.30.0.3-in
2024/11/21 11:55:15.217 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.3-inpl-ipv4: 172.30.0.3-in
2024/11/21 11:55:15.218 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.3-in add sequence 6, type: permit
2024/11/21 11:55:15.220 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.3-inpl-ipv4 in route-map 172.30.0.3-in
2024/11/21 11:55:15.220 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.3-inpl-ipv4: 172.30.0.3-in
2024/11/21 11:55:15.224 ZEBRA: [V4EEB-GQBPV] Add route-map 172.30.0.2-out
2024/11/21 11:55:15.224 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.2-out add sequence 1, type: permit
2024/11/21 11:55:15.247 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.2-pl-ipv4 in route-map 172.30.0.2-out
2024/11/21 11:55:15.247 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.2-pl-ipv4: 172.30.0.2-out
2024/11/21 11:55:15.251 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.2-out add sequence 2, type: permit
2024/11/21 11:55:15.252 MGMTD: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:15.252 MGMTD: [G6NKK-8C6DV] end_config: VTY:0x7f307d1df2c0, pending SET-CFG: 0
2024/11/21 11:55:15.264 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.2-pl-ipv4 in route-map 172.30.0.2-out
2024/11/21 11:55:15.264 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.2-pl-ipv4: 172.30.0.2-out
2024/11/21 11:55:15.266 ZEBRA: [RWPWC-9TYFK] Filter 172.30.0.2-pl-ipv4 updated
2024/11/21 11:55:15.266 ZEBRA: [PQ39Y-44VF4] Notifying 172.30.0.2-out of dependency
2024/11/21 11:55:15.272 STATIC: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:15.272 STATIC: [G6NKK-8C6DV] end_config: VTY:0x7fe730a29360, pending SET-CFG: 0
2024/11/21 11:55:15.273 ZEBRA: [V4EEB-GQBPV] Add route-map 172.30.0.2-in
2024/11/21 11:55:15.273 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.2-in add sequence 3, type: deny
2024/11/21 11:55:15.274 BFD: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:15.274 BFD: [G6NKK-8C6DV] end_config: VTY:0x7f9fb1912020, pending SET-CFG: 0
2024/11/21 11:55:15.283 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.2-denied-inpl-ipv4 in route-map 172.30.0.2-in
2024/11/21 11:55:15.283 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.2-denied-inpl-ipv4: 172.30.0.2-in
2024/11/21 11:55:15.285 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.2-in add sequence 4, type: deny
2024/11/21 11:55:15.289 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.2-denied-inpl-ipv4 in route-map 172.30.0.2-in
2024/11/21 11:55:15.289 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.2-denied-inpl-ipv4: 172.30.0.2-in
2024/11/21 11:55:15.300 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.2-in add sequence 5, type: permit
2024/11/21 11:55:15.304 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.2-inpl-ipv4 in route-map 172.30.0.2-in
2024/11/21 11:55:15.304 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.2-inpl-ipv4: 172.30.0.2-in
2024/11/21 11:55:15.306 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.30.0.2-in add sequence 6, type: permit
2024/11/21 11:55:15.310 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.30.0.2-inpl-ipv4 in route-map 172.30.0.2-in
2024/11/21 11:55:15.310 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.30.0.2-inpl-ipv4: 172.30.0.2-in
2024/11/21 11:55:15.322 ZEBRA: [V4EEB-GQBPV] Add route-map 172.18.0.6-out
2024/11/21 11:55:15.322 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.6-out add sequence 1, type: permit
2024/11/21 11:55:15.325 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.6-pl-ipv4 in route-map 172.18.0.6-out
2024/11/21 11:55:15.325 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.6-pl-ipv4: 172.18.0.6-out
2024/11/21 11:55:15.327 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.6-out add sequence 2, type: permit
2024/11/21 11:55:15.331 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.6-pl-ipv4 in route-map 172.18.0.6-out
2024/11/21 11:55:15.331 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.6-pl-ipv4: 172.18.0.6-out
2024/11/21 11:55:15.333 ZEBRA: [RWPWC-9TYFK] Filter 172.18.0.6-pl-ipv4 updated
2024/11/21 11:55:15.333 ZEBRA: [PQ39Y-44VF4] Notifying 172.18.0.6-out of dependency
2024/11/21 11:55:15.340 ZEBRA: [V4EEB-GQBPV] Add route-map 172.18.0.6-in
2024/11/21 11:55:15.340 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.6-in add sequence 3, type: deny
2024/11/21 11:55:15.343 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.6-denied-inpl-ipv4 in route-map 172.18.0.6-in
2024/11/21 11:55:15.343 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.6-denied-inpl-ipv4: 172.18.0.6-in
2024/11/21 11:55:15.345 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.6-in add sequence 4, type: deny
2024/11/21 11:55:15.347 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.6-denied-inpl-ipv4 in route-map 172.18.0.6-in
2024/11/21 11:55:15.347 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.6-denied-inpl-ipv4: 172.18.0.6-in
2024/11/21 11:55:15.348 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.6-in add sequence 5, type: permit
2024/11/21 11:55:15.351 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.6-inpl-ipv4 in route-map 172.18.0.6-in
2024/11/21 11:55:15.351 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.6-inpl-ipv4: 172.18.0.6-in
2024/11/21 11:55:15.353 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.6-in add sequence 6, type: permit
2024/11/21 11:55:15.356 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.6-inpl-ipv4 in route-map 172.18.0.6-in
2024/11/21 11:55:15.356 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.6-inpl-ipv4: 172.18.0.6-in
2024/11/21 11:55:15.361 ZEBRA: [V4EEB-GQBPV] Add route-map 172.18.0.5-out
2024/11/21 11:55:15.361 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.5-out add sequence 1, type: permit
2024/11/21 11:55:15.365 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.5-pl-ipv4 in route-map 172.18.0.5-out
2024/11/21 11:55:15.365 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.5-pl-ipv4: 172.18.0.5-out
2024/11/21 11:55:15.367 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.5-out add sequence 2, type: permit
2024/11/21 11:55:15 WATCHFRR: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:15.370 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.5-pl-ipv4 in route-map 172.18.0.5-out
2024/11/21 11:55:15.370 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.5-pl-ipv4: 172.18.0.5-out
2024/11/21 11:55:15.371 ZEBRA: [RWPWC-9TYFK] Filter 172.18.0.5-pl-ipv4 updated
2024/11/21 11:55:15.371 ZEBRA: [PQ39Y-44VF4] Notifying 172.18.0.5-out of dependency
2024/11/21 11:55:15.380 ZEBRA: [V4EEB-GQBPV] Add route-map 172.18.0.5-in
2024/11/21 11:55:15.380 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.5-in add sequence 3, type: deny
2024/11/21 11:55:15.383 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.5-denied-inpl-ipv4 in route-map 172.18.0.5-in
2024/11/21 11:55:15.383 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.5-denied-inpl-ipv4: 172.18.0.5-in
2024/11/21 11:55:15.385 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.5-in add sequence 4, type: deny
2024/11/21 11:55:15.388 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.5-denied-inpl-ipv4 in route-map 172.18.0.5-in
2024/11/21 11:55:15.388 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.5-denied-inpl-ipv4: 172.18.0.5-in
2024/11/21 11:55:15.390 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.5-in add sequence 5, type: permit
2024/11/21 11:55:15.393 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.5-inpl-ipv4 in route-map 172.18.0.5-in
2024/11/21 11:55:15.393 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.5-inpl-ipv4: 172.18.0.5-in
2024/11/21 11:55:15.396 ZEBRA: [Q5QB0-7A1DJ] Route-map 172.18.0.5-in add sequence 6, type: permit
2024/11/21 11:55:15.399 ZEBRA: [MB1AM-D3Z0A] Adding dependency for filter 172.18.0.5-inpl-ipv4 in route-map 172.18.0.5-in
2024/11/21 11:55:15.399 ZEBRA: [KSWFP-ABCEJ] route_map_print_dependency: Dependency for 172.18.0.5-inpl-ipv4: 172.18.0.5-in
2024/11/21 11:55:15.423 ZEBRA: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:01
2024/11/21 11:55:15.423 ZEBRA: [G6NKK-8C6DV] end_config: VTY:0x7f45b3312040, pending SET-CFG: 0
2024/11/21 11:55:15.743 MGMTD: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:15.743 MGMTD: [G6NKK-8C6DV] end_config: VTY:0x7f307d1df300, pending SET-CFG: 0
2024/11/21 11:55:15.811 STATIC: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:15.811 STATIC: [G6NKK-8C6DV] end_config: VTY:0x7fe730a293a0, pending SET-CFG: 0
2024/11/21 11:55:15.817 BFD: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:15.817 BFD: [G6NKK-8C6DV] end_config: VTY:0x7f9fb1912850, pending SET-CFG: 0
2024/11/21 11:55:15.876 ZEBRA: [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2024/11/21 11:55:15.876 ZEBRA: [G6NKK-8C6DV] end_config: VTY:0x7f45b3312780, pending SET-CFG: 0
2024/11/21 11:55:17 WATCHFRR: [YFT0P-5Q5YX] Forked background command [pid 276]: /usr/lib/frr/watchfrr.sh restart bgpd
Cannot stop bgpd: pid 166 not running
2024/11/21 11:55:17 WATCHFRR: [QDG3Y-BY5TN] bgpd state -> up : connect succeeded
2024/11/21 11:55:17 WATCHFRR: [KWE5Q-QNGFC] all daemons up, doing startup-complete notify
2

It looks again that route-map was

2024/11/21 11:55:15.361 ZEBRA: [V4EEB-GQBPV] Add route-map 172.18.0.5-out

and the BGPD crashed (because pid was not found).

@fedepaol fedepaol merged commit 12e4dd6 into metallb:main Nov 22, 2024
9 of 11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@karampok karampok karampok approved these changes

Assignees
No one assigned
Labels
kind/feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fedepaol @karampok