Skip to content

Commit

Permalink
Fix redundant reconciles in FQDN controller (#5893)
Browse files Browse the repository at this point in the history
Signed-off-by: Dyanngg <dingyang@vmware.com>
  • Loading branch information
Dyanngg authored Jan 22, 2024
1 parent ba57a7f commit 6128753
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 9 deletions.
20 changes: 11 additions & 9 deletions pkg/agent/controller/networkpolicy/fqdn.go
Original file line number Diff line number Diff line change
Expand Up @@ -482,20 +482,22 @@ func (f *fqdnController) onDNSResponseMsg(dnsMsg *dns.Msg, lookupTime time.Time,
// wait for another attempt of realization of these rules, before forwarding the response to the
// original client.
func (f *fqdnController) syncDirtyRules(fqdn string, waitCh chan error, addressUpdate bool) {
if waitCh == nil && !addressUpdate {
// No dirty rules to sync
return
}
dirtyRules := sets.New[string]()
for selectorItem := range f.fqdnToSelectorItem[fqdn] {
utilsets.MergeString(dirtyRules, f.selectorItemToRuleIDs[selectorItem])
}
if waitCh == nil {
if addressUpdate {
for selectorItem := range f.fqdnToSelectorItem[fqdn] {
for ruleID := range f.selectorItemToRuleIDs[selectorItem] {
klog.V(4).InfoS("Reconciling dirty rule", "ruleID", ruleID)
f.dirtyRuleHandler(ruleID)
}
for ruleID := range dirtyRules {
klog.V(4).InfoS("Reconciling dirty rule for FQDN address updates", "ruleID", ruleID)
f.dirtyRuleHandler(ruleID)
}
}
} else {
dirtyRules := sets.New[string]()
for selectorItem := range f.fqdnToSelectorItem[fqdn] {
utilsets.MergeString(dirtyRules, f.selectorItemToRuleIDs[selectorItem])
}
if !addressUpdate {
// If there is no address update for this FQDN, and rules selecting this FQDN
// were all previously realized successfully, then there will be no dirty rules
Expand Down
18 changes: 18 additions & 0 deletions pkg/agent/controller/networkpolicy/fqdn_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -395,6 +395,10 @@ func TestSyncDirtyRules(t *testing.T) {
selectorItem2 := fqdnSelectorItem{
matchName: testFQDN2,
}
testFQDN3 := "*antrea.io"
selectorItem3 := fqdnSelectorItem{
matchRegex: testFQDN3,
}
tests := []struct {
name string
fqdnsToSync []string
Expand All @@ -406,6 +410,17 @@ func TestSyncDirtyRules(t *testing.T) {
expectedDirtyRulesRemaining sets.Set[string]
expectErr bool
}{
{
name: "test non-blocking dirty rule sync without address update",
fqdnsToSync: []string{testFQDN},
prevDirtyRules: sets.New[string](),
addressUpdates: []bool{false},
waitChs: []chan error{nil},
notifications: []ruleRealizationUpdate{},
expectedDirtyRuleSyncCalls: []string{},
expectedDirtyRulesRemaining: sets.New[string](),
expectErr: false,
},
{
name: "test non-blocking dirty rule sync with address update",
fqdnsToSync: []string{testFQDN},
Expand Down Expand Up @@ -482,10 +497,13 @@ func TestSyncDirtyRules(t *testing.T) {
dirtyRuleSyncCalls = append(dirtyRuleSyncCalls, s)
}
f.addFQDNSelector("1", []string{testFQDN})
f.addFQDNSelector("1", []string{testFQDN3})
f.addFQDNSelector("2", []string{testFQDN})
f.addFQDNSelector("2", []string{testFQDN2})
f.setFQDNMatchSelector(testFQDN, selectorItem)
f.setFQDNMatchSelector(testFQDN2, selectorItem2)
f.setFQDNMatchSelector(testFQDN, selectorItem3)
f.setFQDNMatchSelector(testFQDN2, selectorItem3)
// This simulates failed rule syncs in previous syncDirtyRules() calls
if len(tc.prevDirtyRules) > 0 {
f.ruleSyncTracker.dirtyRules = tc.prevDirtyRules
Expand Down

0 comments on commit 6128753

Please sign in to comment.