Support AntreaNetworkPolicy reject action in Traceflow #2032

gran-vmv · 2021-04-06T07:28:19Z

No description provided.

codecov-io · 2021-04-06T08:15:20Z

Codecov Report

Merging #2032 (9b224bc) into main (4d92619) will increase coverage by 0.60%.
The diff coverage is 51.51%.

❗ Current head 9b224bc differs from pull request most recent head 37c1a53. Consider uploading reports for the commit 37c1a53 to get more accurate results

@@            Coverage Diff             @@
##             main    #2032      +/-   ##
==========================================
+ Coverage   60.78%   61.39%   +0.60%     
==========================================
  Files         269      269              
  Lines       20326    20846     +520     
==========================================
+ Hits        12356    12799     +443     
- Misses       6677     6738      +61     
- Partials     1293     1309      +16

Flag	Coverage Δ
e2e-tests	`24.81% <0.00%> (?)`
kind-e2e-tests	`51.74% <60.71%> (+0.28%)`	⬆️
unit-tests	`41.53% <0.00%> (+0.09%)`	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
pkg/agent/controller/traceflow/packetin.go	`44.83% <51.51%> (-11.86%)`	⬇️
pkg/ovs/openflow/ofctrl_packetin.go	`0.00% <0.00%> (-35.09%)`	⬇️
pkg/ipfix/ipfix_process.go	`81.81% <0.00%> (-18.19%)`	⬇️
...agent/controller/traceflow/traceflow_controller.go	`55.04% <0.00%> (-14.43%)`	⬇️
pkg/agent/controller/networkpolicy/packetin.go	`56.09% <0.00%> (-14.18%)`	⬇️
pkg/controller/traceflow/controller.go	`56.99% <0.00%> (-10.28%)`	⬇️
...ntroller/networkpolicy/networkpolicy_controller.go	`70.12% <0.00%> (-0.98%)`	⬇️
pkg/agent/openflow/client.go	`60.37% <0.00%> (+0.53%)`	⬆️
pkg/agent/flowexporter/exporter/exporter.go	`71.62% <0.00%> (+0.67%)`	⬆️
... and 19 more

gran-vmv · 2021-04-06T09:26:23Z

/test-all
/test-ipv6-all
/test-ipv6-only-all

gran-vmv · 2021-04-07T08:20:24Z

/test-all
/test-ipv6-all
/test-ipv6-only-all

gran-vmv · 2021-04-07T09:04:14Z

/test-all
/test-ipv6-all
/test-ipv6-only-all

gran-vmv · 2021-04-07T09:04:43Z

/test-hw-offload
/test-windows-e2e

gran-vmv · 2021-04-08T02:43:10Z

/test-all
/test-ipv6-all
/test-ipv6-only-all
/test-hw-offload
/test-windows-e2e

gran-vmv · 2021-04-08T07:30:26Z

/test-all
/test-ipv6-all
/test-ipv6-only-all
/test-hw-offload
/test-windows-e2e

gran-vmv · 2021-04-08T07:41:15Z

/test-ipv6-all
/test-ipv6-only-all

gran-vmv · 2021-04-08T07:41:59Z

/test-windows-e2e
/test-windows-conformance
/test-windows-networkpolicy

gran-vmv · 2021-04-08T09:15:27Z

/test-windows-networkpolicy
/test-windows-e2e
/test-networkpolicy
/test-ipv6-only-e2e
/test-ipv6-e2e
/test-conformance

gran-vmv · 2021-04-08T10:00:36Z

/test-ipv6-only-conformance
/test-windows-e2e
/test-ipv6-only-e2e

gran-vmv · 2021-04-09T01:35:30Z

/test-ipv6-only-conformance
/test-windows-e2e
/test-ipv6-only-e2e
/test-ipv6-e2e

lzhecheng · 2021-04-09T02:38:33Z

There's an "invalid memory address or nil pointer dereference" error for IPv6 tests. I think it is related to implementation.

gran-vmv · 2021-04-09T02:41:23Z

There's an "invalid memory address or nil pointer dereference" error for IPv6 tests. I think it is related to implementation.

It's introduced by this change #2029 (review) . I'm discussing with Jianjun.

gran-vmv · 2021-04-09T02:55:20Z

/test-ipv6-only-e2e

gran-vmv · 2021-04-09T02:55:42Z

/test-ipv6-e2e
/test-windows-e2e

gran-vmv · 2021-04-09T07:53:07Z

/test-all
/test-ipv6-all
/test-ipv6-only-all

gran-vmv · 2021-04-09T09:44:56Z

/test-all-features-conformance
/test-ipv6-only-conformance

gran-vmv · 2021-04-12T06:52:43Z

/test-all
/test-ipv6-all
/test-ipv6-only-all

gran-vmv · 2021-04-12T09:15:01Z

/test-e2e
/test-ipv6-e2e
/test-ipv6-only-conformance
/test-windows-networkpolicy

jianjuns · 2021-04-12T18:04:56Z

pkg/apis/crd/v1alpha1/types.go

@@ -51,6 +51,15 @@ const (
 	ActionForwardedOutOfOverlay TraceflowAction = "ForwardedOutOfOverlay"
 )

+type TraceflowRejectAction string
+
+const (


But why we need to define reject actions? The behavior is fixed right - TPCis always reset, and others are always ICMPProhibited. In my mind, we just need a new TraceflowAction called ActionRejected.

For the "reject" implementation in Antrea, it is a "drop" action with responding specific message. Thus I use another "rejectAction" property to store this information, but I'm OK to discard this new property and use action=ActionRejected instead.
@tnqn @antoninbas Any comments?

I think we should drop it for now until we give users the ability to configure the reject action (if we ever do that...)

Thanks. I dropped current design and use action=ActionRejected instead.

gran-vmv · 2021-04-13T04:05:13Z

/test-e2e
/test-ipv6-e2e
/test-ipv6-only-conformance

gran-vmv · 2021-04-19T10:07:39Z

/test-all
/test-ipv6-all
/test-ipv6-only-all

jianjuns

LGTM

gran-vmv · 2021-04-20T06:43:36Z

/test-e2e
/test-ipv6-conformance
/test-ipv6-e2e
/test-ipv6-only-conformance
/test-ipv6-only-e2e
/test-windows-networkpolicy

gran-vmv · 2021-04-20T08:06:09Z

/test-e2e
/test-ipv6-only-e2e

gran-vmv · 2021-04-20T10:05:15Z

/test-e2e
/test-ipv6-e2e
/test-ipv6-only-conformance

gran-vmv · 2021-04-21T02:16:28Z

Errors in jenkins-ipv6-ds-e2e and jenkins-ipv6-only-conformance are not related to this patch.

vmwclabot added the cla-not-required label Apr 6, 2021

gran-vmv added the status/WIP Work in progress label Apr 6, 2021

gran-vmv force-pushed the tf-rej branch 2 times, most recently from b9370d0 to 0be85b0 Compare April 6, 2021 08:33

gran-vmv force-pushed the tf-rej branch 5 times, most recently from 6b17484 to e4be8cf Compare April 7, 2021 06:34

gran-vmv force-pushed the tf-rej branch from e4be8cf to b58371a Compare April 7, 2021 08:55

gran-vmv force-pushed the tf-rej branch 2 times, most recently from 08bd34f to 9b224bc Compare April 8, 2021 01:22

gran-vmv force-pushed the tf-rej branch 2 times, most recently from affa354 to 37c1a53 Compare April 8, 2021 06:27

gran-vmv removed the status/WIP Work in progress label Apr 8, 2021

gran-vmv requested review from jianjuns, tnqn and lzhecheng April 9, 2021 01:35

gran-vmv requested a review from luolanzone April 9, 2021 01:36

gran-vmv force-pushed the tf-rej branch from 37c1a53 to e9c51e2 Compare April 9, 2021 06:41

gran-vmv force-pushed the tf-rej branch 2 times, most recently from 40dfdfa to d880fb5 Compare April 12, 2021 02:58

gran-vmv added this to the Antrea v1.1 release milestone Apr 12, 2021

jianjuns reviewed Apr 12, 2021

View reviewed changes

gran-vmv requested review from jianjuns and antoninbas April 13, 2021 04:02

gran-vmv force-pushed the tf-rej branch 2 times, most recently from 16f1057 to e842ac9 Compare April 19, 2021 08:04

Support AntreaNetworkPolicy reject action in Traceflow

76ee1b4

gran-vmv force-pushed the tf-rej branch from e842ac9 to 76ee1b4 Compare April 19, 2021 09:30

jianjuns approved these changes Apr 19, 2021

View reviewed changes

gran-vmv merged commit c67106c into antrea-io:main Apr 21, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Support AntreaNetworkPolicy reject action in Traceflow #2032

Support AntreaNetworkPolicy reject action in Traceflow #2032

gran-vmv commented Apr 6, 2021

codecov-io commented Apr 6, 2021 •

edited

Loading

gran-vmv commented Apr 6, 2021

gran-vmv commented Apr 7, 2021

gran-vmv commented Apr 7, 2021

gran-vmv commented Apr 7, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 9, 2021

lzhecheng commented Apr 9, 2021

gran-vmv commented Apr 9, 2021

gran-vmv commented Apr 9, 2021

gran-vmv commented Apr 9, 2021

gran-vmv commented Apr 9, 2021

gran-vmv commented Apr 9, 2021

gran-vmv commented Apr 12, 2021

gran-vmv commented Apr 12, 2021

jianjuns Apr 12, 2021

gran-vmv Apr 13, 2021

antoninbas Apr 17, 2021

gran-vmv Apr 19, 2021

gran-vmv commented Apr 13, 2021

gran-vmv commented Apr 19, 2021

jianjuns left a comment

gran-vmv commented Apr 20, 2021

gran-vmv commented Apr 20, 2021

gran-vmv commented Apr 20, 2021

gran-vmv commented Apr 21, 2021

Support AntreaNetworkPolicy reject action in Traceflow #2032

Support AntreaNetworkPolicy reject action in Traceflow #2032

Conversation

gran-vmv commented Apr 6, 2021

codecov-io commented Apr 6, 2021 • edited Loading

Codecov Report

gran-vmv commented Apr 6, 2021

gran-vmv commented Apr 7, 2021

gran-vmv commented Apr 7, 2021

gran-vmv commented Apr 7, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 8, 2021

gran-vmv commented Apr 9, 2021

lzhecheng commented Apr 9, 2021

gran-vmv commented Apr 9, 2021

gran-vmv commented Apr 9, 2021

gran-vmv commented Apr 9, 2021

gran-vmv commented Apr 9, 2021

gran-vmv commented Apr 9, 2021

gran-vmv commented Apr 12, 2021

gran-vmv commented Apr 12, 2021

jianjuns Apr 12, 2021

Choose a reason for hiding this comment

gran-vmv Apr 13, 2021

Choose a reason for hiding this comment

antoninbas Apr 17, 2021

Choose a reason for hiding this comment

gran-vmv Apr 19, 2021

Choose a reason for hiding this comment

gran-vmv commented Apr 13, 2021

gran-vmv commented Apr 19, 2021

jianjuns left a comment

Choose a reason for hiding this comment

gran-vmv commented Apr 20, 2021

gran-vmv commented Apr 20, 2021

gran-vmv commented Apr 20, 2021

gran-vmv commented Apr 21, 2021

codecov-io commented Apr 6, 2021 •

edited

Loading