Move npagent server port to unix socket (#3442)

Author: Pavani-Panakanti

cmd/routed-eni-cni-plugin/cni.go

@@ -45,17 +45,15 @@ import (
 	pb "github.com/aws/amazon-vpc-cni-k8s/rpc"
 )
 
-const ipamdAddress = "127.0.0.1:50051"
-
-const npAgentAddress = "127.0.0.1:50052"
-
-const dummyInterfacePrefix = "dummy"
-
-const npAgentConnTimeout = 2
-
-const multiNICPodAnnotation = "k8s.amazonaws.com/nicConfig"
-const multiNICAttachment = "multi-nic-attachment"
-const containerVethNamePrefix = "mNicIf"
+const (
+	ipamdAddress            = "127.0.0.1:50051"
+	dummyInterfacePrefix    = "dummy"
+	npAgentConnTimeout      = 2
+	npaSocketPath           = "/var/run/aws-node/npa.sock"
+	multiNICPodAnnotation   = "k8s.amazonaws.com/nicConfig"
+	multiNICAttachment      = "multi-nic-attachment"
+	containerVethNamePrefix = "mNicIf"
+)
 
 var version string
 
@@ -330,7 +328,7 @@ func add(args *skel.CmdArgs, cniTypes typeswrapper.CNITYPES, grpcClient grpcwrap
 	}
 	ctx, cancel := context.WithTimeout(context.Background(), npAgentConnTimeout*time.Second) // Set timeout
 	defer cancel()
-	npConn, err := grpcClient.DialContext(ctx, npAgentAddress, grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithBlock())
+	npConn, err := grpcClient.DialContext(ctx, "unix://"+npaSocketPath, grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithBlock())
 	if err != nil {
 		log.Errorf("Failed to connect to network policy agent: %v", err)
 		return errors.New("add cmd: failed to setup network policy")
@@ -505,7 +503,7 @@ func del(args *skel.CmdArgs, cniTypes typeswrapper.CNITYPES, grpcClient grpcwrap
 	// Set up a connection to the network policy agent
 	ctx, cancel := context.WithTimeout(context.Background(), npAgentConnTimeout*time.Second) // Set timeout
 	defer cancel()
-	npConn, err := grpcClient.DialContext(ctx, npAgentAddress, grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithBlock())
+	npConn, err := grpcClient.DialContext(ctx, "unix://"+npaSocketPath, grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithBlock())
 	if err != nil {
 		log.Errorf("Failed to connect to network policy agent: %v. Network Policy agent might not be running", err)
 		return errors.Wrap(err, "del cmd: failed to connect to network policy agent")

cmd/routed-eni-cni-plugin/cni_test.go

@@ -105,7 +105,7 @@ func TestCmdAdd(t *testing.T) {
 	mockC := mock_rpc.NewMockCNIBackendClient(ctrl)
 	mocksRPC.EXPECT().NewCNIBackendClient(conn).Return(mockC)
 
-	npConn, _ := grpc.Dial(npAgentAddress, grpc.WithInsecure())
+	npConn, _ := grpc.Dial("unix://"+npaSocketPath, grpc.WithInsecure())
 	mocksGRPC.EXPECT().DialContext(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(npConn, nil).Times(1)
 
 	mockNP := mock_rpc.NewMockNPBackendClient(ctrl)
@@ -150,7 +150,7 @@ func TestCmdAddWithNPenabled(t *testing.T) {
 	mockC := mock_rpc.NewMockCNIBackendClient(ctrl)
 	mocksRPC.EXPECT().NewCNIBackendClient(conn).Return(mockC)
 
-	npConn, _ := grpc.Dial(npAgentAddress, grpc.WithInsecure())
+	npConn, _ := grpc.Dial("unix://"+npaSocketPath, grpc.WithInsecure())
 
 	mocksGRPC.EXPECT().DialContext(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(npConn, nil).Times(1)
 	mockNP := mock_rpc.NewMockNPBackendClient(ctrl)
@@ -195,7 +195,7 @@ func TestCmdAddWithNPenabledWithErr(t *testing.T) {
 	mockC := mock_rpc.NewMockCNIBackendClient(ctrl)
 	mocksRPC.EXPECT().NewCNIBackendClient(conn).Return(mockC)
 
-	npConn, _ := grpc.Dial(npAgentAddress, grpc.WithInsecure())
+	npConn, _ := grpc.Dial("unix://"+npaSocketPath, grpc.WithInsecure())
 
 	mocksGRPC.EXPECT().DialContext(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(npConn, nil).Times(1)
 	mockNP := mock_rpc.NewMockNPBackendClient(ctrl)
@@ -352,7 +352,7 @@ func TestCmdAddForMultiNICAttachment(t *testing.T) {
 	mockC := mock_rpc.NewMockCNIBackendClient(ctrl)
 	mocksRPC.EXPECT().NewCNIBackendClient(conn).Return(mockC)
 
-	npConn, _ := grpc.Dial(npAgentAddress, grpc.WithInsecure())
+	npConn, _ := grpc.Dial("unix://"+npaSocketPath, grpc.WithInsecure())
 	mocksGRPC.EXPECT().DialContext(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(npConn, nil).Times(1)
 
 	mockNP := mock_rpc.NewMockNPBackendClient(ctrl)
@@ -432,7 +432,7 @@ func TestCmdDel(t *testing.T) {
 	mockC := mock_rpc.NewMockCNIBackendClient(ctrl)
 	mocksRPC.EXPECT().NewCNIBackendClient(conn).Return(mockC)
 
-	npConn, _ := grpc.Dial(npAgentAddress, grpc.WithInsecure())
+	npConn, _ := grpc.Dial("unix://"+npaSocketPath, grpc.WithInsecure())
 
 	mocksGRPC.EXPECT().DialContext(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(npConn, nil).Times(1)
 	mockNP := mock_rpc.NewMockNPBackendClient(ctrl)
@@ -720,7 +720,7 @@ func TestCmdAddForPodENINetwork(t *testing.T) {
 	mockC := mock_rpc.NewMockCNIBackendClient(ctrl)
 	mocksRPC.EXPECT().NewCNIBackendClient(conn).Return(mockC)
 
-	npConn, _ := grpc.Dial(npAgentAddress, grpc.WithInsecure())
+	npConn, _ := grpc.Dial("unix://"+npaSocketPath, grpc.WithInsecure())
 
 	mocksGRPC.EXPECT().DialContext(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(npConn, nil).Times(1)
 	mockNP := mock_rpc.NewMockNPBackendClient(ctrl)
@@ -765,7 +765,7 @@ func TestCmdDelForPodENINetwork(t *testing.T) {
 	mockC := mock_rpc.NewMockCNIBackendClient(ctrl)
 	mocksRPC.EXPECT().NewCNIBackendClient(conn).Return(mockC)
 
-	npConn, _ := grpc.Dial(npAgentAddress, grpc.WithInsecure())
+	npConn, _ := grpc.Dial("unix://"+npaSocketPath, grpc.WithInsecure())
 
 	mocksGRPC.EXPECT().DialContext(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return(npConn, nil).Times(1)
 	mockNP := mock_rpc.NewMockNPBackendClient(ctrl)