feat: Adding backend interfaces support to CNS (#2693)

* Adding backend interfaces support for CNS

* Fixing the log line

* Moving backend nic functions to platform package

* Moving the pnpID fetching to platform package

* Moving the mapping to CRD mode

* Moving macaddress parsing to net package function

* removing the backend nic config

* Handling multiple interface information

* Adding error handling for macaddress parsing

* Moving pnpid mapping to swift v2  flow

* Adding pipeline vars

* Adding ut's for Happy paths

* Adding ut's for Happy paths

* Adding mtpnc check

* Rebasing with master

* Addressing lint errors

* Adding function to linux file

* Addressing lint errors

* Addressing lint comments

* Addressing Lint issues

* Modifying ut's

* removing mutex lock on cache

* Adding podnetwork instance label

* Modifying ut's after change

* Moving function out of restserver

* Moving mapping after crd intial state

* Adding the config debug statements

* removing the unused config

* Adding the debug statements

* Adding the debug statements

* Adding more debug logs

* removing log lines and adding mtpnc status check

* Moving mapping to state file

* Rebasing and removing the debug statements

* Addressing lint errors

* removing the debug pipeline changes

* Adding more coverage

* Adding test coverage and unhappy paths

* Addressing lint errors

* addressing lint errors

* Addressing lint errors

Author: shreyashastantram

cns/NetworkContainerContract.go

@@ -481,6 +481,8 @@ type PodIpInfo struct {
 	SkipDefaultRoutes bool
 	// Routes to configure on interface
 	Routes []Route
+	// PnpId is set for backend interfaces, Pnp Id identifies VF. Plug and play id(pnp) is also called as PCI ID
+	PnPID string
 }
 
 type HostIPInfo struct {
@@ -499,12 +501,14 @@ type IPConfigRequest struct {
 
 // Same as IPConfigRequest except that DesiredIPAddresses is passed in as a slice
 type IPConfigsRequest struct {
-	DesiredIPAddresses       []string        `json:"desiredIPAddresses"`
-	PodInterfaceID           string          `json:"podInterfaceID"`
-	InfraContainerID         string          `json:"infraContainerID"`
-	OrchestratorContext      json.RawMessage `json:"orchestratorContext"`
-	Ifname                   string          `json:"ifname"`                   // Used by delegated IPAM
-	SecondaryInterfacesExist bool            `json:"secondaryInterfacesExist"` // will be set by SWIFT v2 validator func
+	DesiredIPAddresses           []string        `json:"desiredIPAddresses"`
+	PodInterfaceID               string          `json:"podInterfaceID"`
+	InfraContainerID             string          `json:"infraContainerID"`
+	OrchestratorContext          json.RawMessage `json:"orchestratorContext"`
+	Ifname                       string          `json:"ifname"`                   // Used by delegated IPAM
+	SecondaryInterfacesExist     bool            `json:"secondaryInterfacesExist"` // will be set by SWIFT v2 validator func
+	BackendInterfaceExist        bool            `json:"BackendInterfaceExist"`    // will be set by SWIFT v2 validator func
+	BackendInterfaceMacAddresses []string        `json:"BacknendInterfaceMacAddress"`
 }
 
 // IPConfigResponse is used in CNS IPAM mode as a response to CNI ADD

cns/configuration/env.go

@@ -14,10 +14,11 @@ const (
 	// LabelNodeSwiftV2 is the Node label for Swift V2
 	LabelNodeSwiftV2 = "kubernetes.azure.com/podnetwork-multi-tenancy-enabled"
 	// LabelPodSwiftV2 is the Pod label for Swift V2
-	LabelPodSwiftV2   = "kubernetes.azure.com/pod-network"
-	EnvPodCIDRs       = "POD_CIDRs"
-	EnvServiceCIDRs   = "SERVICE_CIDRs"
-	EnvInfraVNETCIDRs = "INFRA_VNET_CIDRs"
+	LabelPodSwiftV2                = "kubernetes.azure.com/pod-network"
+	LabelPodNetworkInstanceSwiftV2 = "kubernetes.azure.com/pod-network-instance"
+	EnvPodCIDRs                    = "POD_CIDRs"
+	EnvServiceCIDRs                = "SERVICE_CIDRs"
+	EnvInfraVNETCIDRs              = "INFRA_VNET_CIDRs"
 )
 
 // ErrNodeNameUnset indicates the the $EnvNodeName variable is unset in the environment.

cns/middlewares/k8sSwiftV2.go

@@ -82,15 +82,18 @@ func (k *K8sSWIFTv2Middleware) IPConfigsRequestHandlerWrapper(defaultHandler, fa
 		// Set routes for the pod
 		for i := range ipConfigsResp.PodIPInfo {
 			ipInfo := &ipConfigsResp.PodIPInfo[i]
-			err = k.setRoutes(ipInfo)
-			if err != nil {
-				return &cns.IPConfigsResponse{
-					Response: cns.Response{
-						ReturnCode: types.FailedToAllocateIPConfig,
-						Message:    fmt.Sprintf("AllocateIPConfig failed: %v, IP config request is %v", err, req),
-					},
-					PodIPInfo: []cns.PodIpInfo{},
-				}, errors.Wrapf(err, "failed to set routes for pod %s", podInfo.Name())
+			// Backend nics doesn't need routes to be set
+			if ipInfo.NICType != cns.BackendNIC {
+				err = k.setRoutes(ipInfo)
+				if err != nil {
+					return &cns.IPConfigsResponse{
+						Response: cns.Response{
+							ReturnCode: types.FailedToAllocateIPConfig,
+							Message:    fmt.Sprintf("AllocateIPConfig failed: %v, IP config request is %v", err, req),
+						},
+						PodIPInfo: []cns.PodIpInfo{},
+					}, errors.Wrapf(err, "failed to set routes for pod %s", podInfo.Name())
+				}
 			}
 		}
 		return ipConfigsResp, nil
@@ -115,8 +118,10 @@ func (k *K8sSWIFTv2Middleware) validateIPConfigsRequest(ctx context.Context, req
 	}
 
 	// check the pod labels for Swift V2, set the request's SecondaryInterfaceSet flag to true and check if its MTPNC CRD is ready
-	if _, ok := pod.Labels[configuration.LabelPodSwiftV2]; ok {
-		req.SecondaryInterfacesExist = true
+	_, swiftV2PodNetworkLabel := pod.Labels[configuration.LabelPodSwiftV2]
+	_, swiftV2PodNetworkInstanceLabel := pod.Labels[configuration.LabelPodNetworkInstanceSwiftV2]
+	if swiftV2PodNetworkLabel || swiftV2PodNetworkInstanceLabel {
+
 		// Check if the MTPNC CRD exists for the pod, if not, return error
 		mtpnc := v1alpha1.MultitenantPodNetworkConfig{}
 		mtpncNamespacedName := k8stypes.NamespacedName{Namespace: podInfo.Namespace(), Name: podInfo.Name()}
@@ -127,8 +132,27 @@ func (k *K8sSWIFTv2Middleware) validateIPConfigsRequest(ctx context.Context, req
 		if !mtpnc.IsReady() {
 			return nil, types.UnexpectedError, errMTPNCNotReady.Error()
 		}
+		// If primary Ip is set in status field, it indicates the presence of secondary interfaces
+		if mtpnc.Status.PrimaryIP != "" {
+			req.SecondaryInterfacesExist = true
+		}
+		interfaceInfos := mtpnc.Status.InterfaceInfos
+		for _, interfaceInfo := range interfaceInfos {
+			if interfaceInfo.DeviceType == v1alpha1.DeviceTypeInfiniBandNIC {
+				if interfaceInfo.MacAddress == "" || interfaceInfo.NCID == "" {
+					return nil, types.UnexpectedError, errMTPNCNotReady.Error()
+				}
+				req.BackendInterfaceExist = true
+				req.BackendInterfaceMacAddresses = append(req.BackendInterfaceMacAddresses, interfaceInfo.MacAddress)
+
+			}
+			if interfaceInfo.DeviceType == v1alpha1.DeviceTypeVnetNIC {
+				req.SecondaryInterfacesExist = true
+			}
+		}
 	}
 	logger.Printf("[SWIFTv2Middleware] pod %s has secondary interface : %v", podInfo.Name(), req.SecondaryInterfacesExist)
+	logger.Printf("[SWIFTv2Middleware] pod %s has backend interface : %v", podInfo.Name(), req.BackendInterfaceExist)
 	// retrieve podinfo from orchestrator context
 	return podInfo, types.Success, ""
 }
@@ -171,19 +195,13 @@ func (k *K8sSWIFTv2Middleware) getIPConfig(ctx context.Context, podInfo cns.PodI
 			// InterfaceName is empty for DelegatedVMNIC
 		})
 	} else {
-		// Use InterfaceInfos if not empty
-		podIPInfos = make([]cns.PodIpInfo, len(mtpnc.Status.InterfaceInfos))
-		for i, interfaceInfo := range mtpnc.Status.InterfaceInfos {
-			// Parse MTPNC primaryIP to get the IP address and prefix length
-			ip, prefixSize, err := utils.ParseIPAndPrefix(interfaceInfo.PrimaryIP)
-			if err != nil {
-				return nil, errors.Wrap(err, "failed to parse mtpnc primary IP and prefix")
-			}
-			if prefixSize != prefixLength {
-				return nil, errors.Wrapf(errInvalidMTPNCPrefixLength, "mtpnc primaryIP prefix length is %d", prefixSize)
-			}
-
-			var nicType cns.NICType
+		for _, interfaceInfo := range mtpnc.Status.InterfaceInfos {
+			var (
+				nicType    cns.NICType
+				ip         string
+				prefixSize int
+				err        error
+			)
 			switch {
 			case interfaceInfo.DeviceType == v1alpha1.DeviceTypeVnetNIC && !interfaceInfo.AccelnetEnabled:
 				nicType = cns.DelegatedVMNIC
@@ -194,19 +212,27 @@ func (k *K8sSWIFTv2Middleware) getIPConfig(ctx context.Context, podInfo cns.PodI
 			default:
 				nicType = cns.DelegatedVMNIC
 			}
-
-			podIPInfos[i] = cns.PodIpInfo{
-				PodIPConfig: cns.IPSubnet{
-					IPAddress:    ip,
-					PrefixLength: uint8(prefixSize),
-				},
-				MacAddress:        interfaceInfo.MacAddress,
-				NICType:           nicType,
-				SkipDefaultRoutes: false,
-				HostPrimaryIPInfo: cns.HostIPInfo{
-					Gateway: interfaceInfo.GatewayIP,
-				},
+			if nicType != cns.NodeNetworkInterfaceBackendNIC {
+				// Parse MTPNC primaryIP to get the IP address and prefix length
+				ip, prefixSize, err = utils.ParseIPAndPrefix(interfaceInfo.PrimaryIP)
+				if err != nil {
+					return nil, errors.Wrap(err, "failed to parse mtpnc primary IP and prefix")
+				}
+				if prefixSize != prefixLength {
+					return nil, errors.Wrapf(errInvalidMTPNCPrefixLength, "mtpnc primaryIP prefix length is %d", prefixSize)
+				}
+				podIPInfos = append(podIPInfos, cns.PodIpInfo{
+					PodIPConfig: cns.IPSubnet{
+						IPAddress:    ip,
+						PrefixLength: uint8(prefixSize),
+					},
+					MacAddress:        interfaceInfo.MacAddress,
+					NICType:           cns.DelegatedVMNIC,
+					SkipDefaultRoutes: false,
+					// InterfaceName is empty for DelegatedVMNIC
+				})
 			}
+
 		}
 	}
 

cns/middlewares/k8sSwiftV2_linux_test.go

@@ -31,6 +31,12 @@ var (
 
 	testPod7GUID = "123e4567-e89b-12d3-a456-426614174000"
 	testPod7Info = cns.NewPodInfo("123e45-eth0", testPod7GUID, "testpod7", "testpod7namespace")
+
+	testPod8GUID = "2006cad4-e54d-472e-863d-c4bac66200a7"
+	testPod8Info = cns.NewPodInfo("2006cad4-eth0", testPod8GUID, "testpod8", "testpod8namespace")
+
+	testPod9GUID = "2006cad4-e54d-472e-863d-c4bac66200a7"
+	testPod9Info = cns.NewPodInfo("2006cad4-eth0", testPod9GUID, "testpod9", "testpod9namespace")
 )
 
 func TestMain(m *testing.M) {
@@ -141,6 +147,35 @@ func TestValidateMultitenantIPConfigsRequestSuccess(t *testing.T) {
 	assert.Equal(t, err, "")
 	assert.Equal(t, respCode, types.Success)
 	assert.Equal(t, happyReq.SecondaryInterfacesExist, true)
+
+	happyReq2 := &cns.IPConfigsRequest{
+		PodInterfaceID:   testPod8Info.InterfaceID(),
+		InfraContainerID: testPod8Info.InfraContainerID(),
+	}
+
+	b, _ = testPod8Info.OrchestratorContext()
+	happyReq2.OrchestratorContext = b
+	happyReq2.SecondaryInterfacesExist = false
+
+	_, respCode, err = middleware.validateIPConfigsRequest(context.TODO(), happyReq2)
+	assert.Equal(t, err, "")
+	assert.Equal(t, respCode, types.Success)
+	assert.Equal(t, happyReq.SecondaryInterfacesExist, true)
+
+	happyReq3 := &cns.IPConfigsRequest{
+		PodInterfaceID:   testPod9Info.InterfaceID(),
+		InfraContainerID: testPod9Info.InfraContainerID(),
+	}
+
+	b, _ = testPod9Info.OrchestratorContext()
+	happyReq3.OrchestratorContext = b
+	happyReq3.SecondaryInterfacesExist = false
+
+	_, respCode, err = middleware.validateIPConfigsRequest(context.TODO(), happyReq3)
+	assert.Equal(t, err, "")
+	assert.Equal(t, respCode, types.Success)
+	assert.Equal(t, happyReq3.SecondaryInterfacesExist, false)
+	assert.Equal(t, happyReq3.BackendInterfaceExist, true)
 }
 
 func TestValidateMultitenantIPConfigsRequestFailure(t *testing.T) {
@@ -373,11 +408,8 @@ func TestNICTypeConfigSuccess(t *testing.T) {
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
 	}
-	if len(ipInfos) != 1 {
-		t.Fatalf("expected 1 ipInfo, got %d", len(ipInfos))
-	}
-	if ipInfos[0].NICType != cns.BackendNIC {
-		t.Errorf("expected NIC type %v, got %v", cns.BackendNIC, ipInfos[0].NICType)
+	if len(ipInfos) != 0 {
+		t.Fatalf("expected 0 ipInfo, got %d", len(ipInfos))
 	}
 }
 
@@ -404,7 +436,7 @@ func TestGetSWIFTv2IPConfigMultiInterfaceSuccess(t *testing.T) {
 	assert.Equal(t, err, nil)
 	// Ensure that the length of ipInfos matches the number of InterfaceInfos
 	// Adjust this according to the test setup in mock client
-	expectedInterfaceCount := 3
+	expectedInterfaceCount := 2
 	assert.Equal(t, len(ipInfos), expectedInterfaceCount)
 
 	for _, ipInfo := range ipInfos {

cns/middlewares/mock/mockClient.go

@@ -54,6 +54,18 @@ func NewClient() *Client {
 	testPod7.Labels = make(map[string]string)
 	testPod7.Labels[configuration.LabelPodSwiftV2] = podNetwork
 
+	testPod8 := v1.Pod{}
+	testPod8.Labels = make(map[string]string)
+	testPod8.Labels[configuration.LabelPodSwiftV2] = podNetwork
+
+	testPod9 := v1.Pod{}
+	testPod9.Labels = make(map[string]string)
+	testPod9.Labels[configuration.LabelPodSwiftV2] = podNetwork
+
+	testPod10 := v1.Pod{}
+	testPod10.Labels = make(map[string]string)
+	testPod10.Labels[configuration.LabelPodNetworkInstanceSwiftV2] = podNetwork
+
 	testInterfaceInfos1 := v1alpha1.InterfaceInfo{
 		NCID:            "testncid",
 		PrimaryIP:       "192.168.0.1/32",
@@ -107,22 +119,72 @@ func NewClient() *Client {
 		},
 	}
 
+	testMTPNC8 := v1alpha1.MultitenantPodNetworkConfig{
+		Status: v1alpha1.MultitenantPodNetworkConfigStatus{
+			PrimaryIP:  "192.168.0.1/32",
+			MacAddress: "00:00:00:00:00:00",
+			GatewayIP:  "10.0.0.1",
+			NCID:       "testncid",
+			InterfaceInfos: []v1alpha1.InterfaceInfo{
+				{
+					PrimaryIP:  "192.168.0.1/32",
+					MacAddress: "00:00:00:00:00:00",
+					GatewayIP:  "10.0.0.1",
+					NCID:       "testncid",
+					DeviceType: v1alpha1.DeviceTypeVnetNIC,
+				},
+				{
+					PrimaryIP:  "192.168.0.1/32",
+					MacAddress: "00:00:00:00:00:00",
+					GatewayIP:  "10.0.0.1",
+					NCID:       "testncid",
+					DeviceType: v1alpha1.DeviceTypeInfiniBandNIC,
+				},
+			},
+		},
+	}
+	// Mtpnc with just Infiniband interface
+	testMTPNC9 := v1alpha1.MultitenantPodNetworkConfig{
+		Status: v1alpha1.MultitenantPodNetworkConfigStatus{
+			InterfaceInfos: []v1alpha1.InterfaceInfo{
+				{
+					PrimaryIP:  "192.168.0.1/32",
+					MacAddress: "00:00:00:00:00:00",
+					GatewayIP:  "10.0.0.1",
+					NCID:       "testncid",
+					DeviceType: v1alpha1.DeviceTypeInfiniBandNIC,
+				},
+			},
+		},
+	}
+
+	// Mtpnc with just Infiniband interface
+	testMTPNC10 := v1alpha1.MultitenantPodNetworkConfig{
+		Status: v1alpha1.MultitenantPodNetworkConfigStatus{},
+	}
+
 	return &Client{
 		mtPodCache: map[string]*v1.Pod{
-			"testpod1namespace/testpod1": &testPod1,
-			"testpod3namespace/testpod3": &testPod3,
-			"testpod4namespace/testpod4": &testPod4,
-			"testpod5namespace/testpod5": &testPod5,
-			"testpod6namespace/testpod6": &testPod6,
-			"testpod7namespace/testpod7": &testPod7,
+			"testpod1namespace/testpod1":   &testPod1,
+			"testpod3namespace/testpod3":   &testPod3,
+			"testpod4namespace/testpod4":   &testPod4,
+			"testpod5namespace/testpod5":   &testPod5,
+			"testpod6namespace/testpod6":   &testPod6,
+			"testpod7namespace/testpod7":   &testPod7,
+			"testpod8namespace/testpod8":   &testPod8,
+			"testpod9namespace/testpod9":   &testPod9,
+			"testpod10namespace/testpod10": &testPod10,
 		},
 		mtpncCache: map[string]*v1alpha1.MultitenantPodNetworkConfig{
-			"testpod1namespace/testpod1": &testMTPNC1,
-			"testpod2namespace/testpod2": &testMTPNC2,
-			"testpod4namespace/testpod4": &testMTPNC4,
-			"testpod5namespace/testpod5": &testMTPNC3,
-			"testpod6namespace/testpod6": &testMTPNC5,
-			"testpod7namespace/testpod7": &testMTPNCMulti,
+			"testpod1namespace/testpod1":   &testMTPNC1,
+			"testpod2namespace/testpod2":   &testMTPNC2,
+			"testpod4namespace/testpod4":   &testMTPNC4,
+			"testpod5namespace/testpod5":   &testMTPNC3,
+			"testpod6namespace/testpod6":   &testMTPNC5,
+			"testpod7namespace/testpod7":   &testMTPNCMulti,
+			"testpod8namespace/testpod8":   &testMTPNC8,
+			"testpod9namespace/testpod9":   &testMTPNC9,
+			"testpod10namespace/testpod10": &testMTPNC10,
 		},
 	}
 }