Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Netwatcher got new handlers for "Update" events #120

Merged
merged 3 commits into from
Aug 6, 2019
Merged

Conversation

Levovar
Copy link
Collaborator

@Levovar Levovar commented Aug 2, 2019

Whenever a network management API is updated in the API server, netwatcher will handle that event from now on.
It will take care of deleting the old, and creating the new VLAN/VxLAN interfaces on the host.

In the scope of this PR rejecting modify events (update/delete) when the update could possibly break the system is also implemented.
For example we shall not allow modifications going through which would delete an interface still being used by running Pods, and shall not allow modifications leaving dangling host interfaces behind.
Following the same logic we also forbid network deletion if there are any Pods out there connecting to it.
Solves use-case 5 from #23

@Levovar Levovar force-pushed the netwatcher_modify branch from c2c62e8 to 5cd9046 Compare August 2, 2019 17:43
Whenever a network management API is updated in the API server, netwatcher will handle that event from now on.
It will take care of deleting the old, and creating the new interfaces on the host.

We only re-create the interfaces if something really changed: either VNI, or host_device.
We also stop the futile attempts of provisioning host interfaces for networks not needing them, such as SR-IOV networks.
@Levovar Levovar force-pushed the netwatcher_modify branch from 5cd9046 to 44b3b3e Compare August 2, 2019 17:54
…of networks which would result in invalid cluster state.
@Levovar Levovar force-pushed the netwatcher_modify branch from 26a2980 to 42b871e Compare August 2, 2019 20:38
Added checks for namespace when deciding if a Pod is connected to the network.
For TNs and DNs the EP needs to be in the same namespace as the network to consider it "connected".
For CNs name match is enough, as it is a non-namespaced API.
@Levovar Levovar force-pushed the netwatcher_modify branch from 093c16c to 8efef19 Compare August 6, 2019 19:03
@Levovar Levovar merged commit 062bac2 into master Aug 6, 2019
@Levovar Levovar deleted the netwatcher_modify branch August 6, 2019 19:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant