imp: remove host config controller

host flows are managed by another componenet no need for this controller

Signed-off-by: Michael Filanov <[email protected]>

Author: filanov

cmd/flowscontroller/main.go

@@ -63,16 +63,12 @@ func main() {
 	var probeAddr string
 	var secureMetrics bool
 	var enableHTTP2 bool
-	var configMapNamespace string
-	var configMapName string
 	flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
 	flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
 	flag.BoolVar(&secureMetrics, "metrics-secure", false,
 		"If set the metrics endpoint is served securely")
 	flag.BoolVar(&enableHTTP2, "enable-http2", false,
 		"If set, HTTP/2 will be enabled for the metrics and webhook servers")
-	flag.StringVar(&configMapNamespace, "cm-namespace", "default", "Spectrum-x config map namespace")
-	flag.StringVar(&configMapName, "cm-name", "specx-config", "Spectrum-x config map name")
 	opts := zap.Options{
 		Development: true,
 	}
@@ -154,19 +150,6 @@ func main() {
 		os.Exit(1)
 	}
 
-	if err = (&controller.HostConfigReconciler{
-		NodeName:           Options.NodeName,
-		Client:             mgr.GetClient(),
-		Exec:               &exec.Exec{},
-		ConfigMapNamespace: configMapNamespace,
-		ConfigMapName:      configMapName,
-		Flows:              &controller.Flows{Exec: &exec.Exec{}, NetlinkLib: netlink.New()},
-		OVSWatcher:         ovsWatcherHostConfig,
-	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "HostConfig")
-		os.Exit(1)
-	}
-
 	//+kubebuilder:scaffold:builder
 
 	if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {

cmd/spectrum-x-manager/main.go

@@ -26,22 +26,17 @@ import (
 	// to ensure that exec-entrypoint and run can make use of them.
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
 
-	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
 	ctrl "sigs.k8s.io/controller-runtime"
-	"sigs.k8s.io/controller-runtime/pkg/cache"
-	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/healthz"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
 	"sigs.k8s.io/controller-runtime/pkg/metrics/filters"
 	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 
 	"github.com/Mellanox/spectrum-x-operator/internal/version"
-
-	corev1 "k8s.io/api/core/v1"
 	// +kubebuilder:scaffold:imports
 )
 
@@ -74,8 +69,6 @@ func main() {
 	var enableHTTP2 bool
 	var tlsOpts []func(*tls.Config)
 	var printVersion bool
-	var configMapNamespace string
-	var configMapName string
 	flag.StringVar(&metricsAddr, "metrics-bind-address", "0", "The address the metrics endpoint binds to. "+
 		"Use :8443 for HTTPS or :8080 for HTTP, or leave as 0 to disable the metrics service.")
 	flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
@@ -87,8 +80,6 @@ func main() {
 	flag.BoolVar(&enableHTTP2, "enable-http2", false,
 		"If set, HTTP/2 will be enabled for the metrics and webhook servers")
 	flag.BoolVar(&printVersion, "version", false, "print version and exit")
-	flag.StringVar(&configMapNamespace, "cm-namespace", "default", "Spectrum-x config map namespace")
-	flag.StringVar(&configMapName, "cm-name", "specx-config", "Spectrum-x config map name")
 	opts := zap.Options{
 		Development: true,
 	}
@@ -152,14 +143,6 @@ func main() {
 		HealthProbeBindAddress: probeAddr,
 		LeaderElection:         enableLeaderElection,
 		LeaderElectionID:       "1f9fb416.nvidia.com",
-		Cache: cache.Options{
-			ByObject: map[client.Object]cache.ByObject{
-				&corev1.ConfigMap{}: {
-					Field: fields.ParseSelectorOrDie(fmt.Sprintf("metadata.name=%s,metadata.namespace=%s",
-						configMapName, configMapNamespace)),
-				},
-			},
-		},
 	})
 	if err != nil {
 		setupLog.Error(err, "unable to start manager")

config/flowcontroller/daemonset.yaml

@@ -39,8 +39,6 @@ spec:
       containers:
       - command:
         - /flowcontroller
-        args:
-        - --cm-namespace=$(POD_NAMESPACE)
         image: controller:latest
         name: flowcontroller
         env:

config/manager/manager.yaml

@@ -50,7 +50,6 @@ spec:
         args:
           - --leader-elect
           - --health-probe-bind-address=:8081
-          - --cm-namespace=$(POD_NAMESPACE)
         env:
           - name: POD_NAMESPACE
             valueFrom:

config/rbac/role.yaml

@@ -28,7 +28,6 @@ rules:
 - apiGroups:
   - ""
   resources:
-  - configmaps
   - pods
   verbs:
   - create

internal/controller/flow_controller.go

@@ -22,7 +22,6 @@ import (
 	"fmt"
 	"hash/fnv"
 
-	"github.com/Mellanox/spectrum-x-operator/pkg/config"
 	"github.com/Mellanox/spectrum-x-operator/pkg/exec"
 
 	netdefv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1"
@@ -49,7 +48,6 @@ type FlowReconciler struct {
 }
 
 //+kubebuilder:rbac:groups=core,resources=pods,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=core,resources=pods/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=core,resources=pods/finalizers,verbs=update
 //+kubebuilder:rbac:groups=coordination.k8s.io,resources=leases,verbs=get;list;watch;create;update;patch;delete
@@ -154,29 +152,6 @@ func (r *FlowReconciler) repToBridge(rep string) (string, error) {
 	return br, nil
 }
 
-func getRailDevice(railName string, cfg *config.Config) (string, error) {
-	for _, mapping := range cfg.RailDeviceMapping {
-		if mapping.RailName == railName {
-			return mapping.DevName, nil
-		}
-	}
-	return "", fmt.Errorf("failed to find device for rail %s", railName)
-}
-
-func getBridgeToRail(rail *config.HostRail, cfg *config.Config, exec exec.API) (string, error) {
-	railDevice, err := getRailDevice(rail.Name, cfg)
-	if err != nil {
-		return "", fmt.Errorf("failed to get rail device for rail %s: %s", rail.Name, err)
-	}
-
-	bridge, err := exec.Execute(fmt.Sprintf("ovs-vsctl port-to-br %s", railDevice))
-	if err != nil {
-		return "", fmt.Errorf("failed to get bridge to rail %s, device %s: %s", rail.Name, railDevice, err)
-	}
-
-	return bridge, nil
-}
-
 // SetupWithManager sets up the controller with the Manager.
 func (r *FlowReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	isPodRelevant := func(pod *corev1.Pod) bool {
@@ -221,11 +196,6 @@ func (r *FlowReconciler) SetupWithManager(mgr ctrl.Manager) error {
 		Named("FlowReconciler").
 		For(&corev1.Pod{}).
 		WithEventFilter(predicate.NewPredicateFuncs(func(object client.Object) bool {
-			// don't ignore config map changes - it may be topology config map
-			if _, ok := object.(*corev1.ConfigMap); ok {
-				return true
-			}
-
 			pod, ok := object.(*corev1.Pod)
 			if !ok {
 				return false

internal/controller/flow_controller_test.go

@@ -22,7 +22,6 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/Mellanox/spectrum-x-operator/pkg/config"
 	"github.com/Mellanox/spectrum-x-operator/pkg/exec"
 
 	gomock "github.com/golang/mock/gomock"
@@ -31,8 +30,6 @@ import (
 	. "github.com/onsi/gomega"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	apiErrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/reconcile"
 )
 
@@ -290,86 +287,3 @@ var _ = Describe("Pod Controller", func() {
 
 	})
 })
-
-
-func validConfig() string {
-	return `{
-		"spectrum-x-networks": {
-		  "cross_rail_subnet": "192.0.0.0/8",
-		  "mtu": 9000,
-		  "rails": [
-			{
-			  "name": "rail-1",
-			  "subnet": "192.0.0.0/11"
-			},
-			{
-			  "name": "rail-2",
-			  "subnet": "192.32.0.0/11"
-			}
-		  ]
-		},
-		"rail_device_mapping": [
-		  {
-			"rail_name": "rail-1",
-			"dev_name": "eth0"
-		  },
-		  {
-			"rail_name": "rail-2",
-			"dev_name": "eth1"
-		  }
-		],
-		"hosts": [
-		  {
-			"host_id": "host-1",
-			"rails": [
-			  {
-				"name": "rail-1",
-				"network": "192.0.0.0/31",
-				"peer_leaf_port_ip": "172.0.0.0"
-			  },
-			  {
-				"name": "rail-2",
-				"network": "192.32.0.0/31",
-				"peer_leaf_port_ip": "172.32.0.0"
-			  }
-			]
-		  },
-		  {
-			"host_id": "host-2",
-			"rails": [
-			  {
-				"name": "rail-1",
-				"network": "192.0.0.2/31",
-				"peer_leaf_port_ip": "172.0.0.2"
-			  },
-			  {
-				"name": "rail-2",
-				"network": "192.32.0.2/31",
-				"peer_leaf_port_ip": "172.32.0.2"
-			  }
-			]
-		  }
-		]
-	  }`
-}
-
-func updateConfigMap(ctx context.Context, ns string, data string) {
-	d := map[string]string{config.ConfigMapKey: data}
-	err := k8sClient.Create(ctx, &corev1.ConfigMap{
-		ObjectMeta: metav1.ObjectMeta{Name: cmName, Namespace: ns},
-		Data:       d,
-	})
-	if err == nil {
-		return
-	}
-	if apiErrors.IsAlreadyExists(err) {
-		configMap := &corev1.ConfigMap{}
-		Expect(k8sClient.Get(
-			ctx, types.NamespacedName{Name: cmName, Namespace: ns}, configMap)).NotTo(HaveOccurred())
-		configMap.Data = d
-		Expect(k8sClient.Update(
-			ctx, configMap)).NotTo(HaveOccurred())
-	} else {
-		Expect(err).NotTo(HaveOccurred())
-	}
-}

internal/controller/flows.go

@@ -18,21 +18,19 @@ package controller
 import (
 	"fmt"
 
-	"github.com/Mellanox/spectrum-x-operator/pkg/config"
 	"github.com/Mellanox/spectrum-x-operator/pkg/exec"
 	libnetlink "github.com/Mellanox/spectrum-x-operator/pkg/lib/netlink"
 )
 
 const (
-	railPeerIP = "rail_peer_ip"
-	railUplink = "rail_uplink"
+	railPeerIP      = "rail_peer_ip"
+	railUplink      = "rail_uplink"
+	defaultPriority = 32768
 )
 
 //go:generate ../../bin/mockgen -destination mock_flows.go -source flows.go -package controller
 
 type FlowsAPI interface {
-	DeleteBridgeDefaultFlows(bridge string) error
-	AddHostRailFlows(bridge string, pf string, rail config.HostRail, infraRailSubnet string) error
 	AddPodRailFlows(cookie uint64, vf, bridge, podIP, podMAC string) error
 	DeletePodRailFlows(cookie uint64, bridge string) error
 }
@@ -44,68 +42,6 @@ type Flows struct {
 	NetlinkLib libnetlink.NetlinkLib
 }
 
-func (f *Flows) DeleteBridgeDefaultFlows(bridge string) error {
-	// delete normal action flows - creating a secured bridge is not supported with sriov-network-operator
-	// the error is ignored because in non secured bridge there are flows that cannot be deleted, specfically
-	// for cookie=0, the first time will work but second reconcile will fail.
-	// those are the default flows:
-	// 	cookie=0x0, duration=1297.663s, table=254, n_packets=0, n_bytes=0, priority=0,reg0=0x1 actions=controller(reason=)
-	// 	cookie=0x0, duration=1297.663s, table=254, n_packets=0, n_bytes=0, priority=2,recirc_id=0 actions=drop
-	// 	cookie=0x0, duration=1297.663s, table=254, n_packets=0, n_bytes=0, priority=0,reg0=0x3 actions=drop
-	// 	cookie=0x0, duration=1297.663s, table=254, n_packets=0, n_bytes=0, priority=0,reg0=0x2 actions=drop
-	// once the bridge is created as secured this code will be removed
-	_, _ = f.Exec.Execute(fmt.Sprintf("ovs-ofctl del-flows %s cookie=0x0/-1", bridge))
-
-	return nil
-}
-
-func (f *Flows) AddHostRailFlows(bridge string, pf string, rail config.HostRail, infraRailSubnet string) error {
-	link, err := f.NetlinkLib.LinkByName(bridge)
-	if err != nil {
-		return fmt.Errorf("failed to get interface %s: %w", bridge, err)
-	}
-	addrs, err := f.NetlinkLib.IPv4Addresses(link)
-	if err != nil {
-		return fmt.Errorf("failed to get addresses for interface %s: %w", bridge, err)
-	}
-
-	// if we don't have all the addresses assigned we will have partial flows
-	// checking for 2 addresses because we don't have a proper api between the controllers
-	if len(addrs) != 2 {
-		return fmt.Errorf("expected 2 addresses for interface %s, got %s", bridge, addrs)
-	}
-
-	for _, addr := range addrs {
-		flow := fmt.Sprintf(`ovs-ofctl add-flow %s "table=0,priority=%d,cookie=0x%x,arp,arp_tpa=%s,actions=output:local"`,
-			bridge, defaultPriority, hostConfigCookie, addr.IP)
-		if _, err := f.Exec.Execute(flow); err != nil {
-			return fmt.Errorf("failed to exec [%s]: %s", flow, err)
-		}
-
-		flow = fmt.Sprintf(`ovs-ofctl add-flow %s "table=0,priority=%d,cookie=0x%x,ip,nw_dst=%s,actions=output:local"`,
-			bridge, defaultPriority, hostConfigCookie, addr.IP)
-		if _, err := f.Exec.Execute(flow); err != nil {
-			return fmt.Errorf("failed to exec [%s]: %s", flow, err)
-		}
-	}
-
-	// TOR is the gateway for the outer ip
-	flow := fmt.Sprintf(`ovs-ofctl add-flow %s "table=0,priority=%d,cookie=0x%x,arp,arp_tpa=%s,actions=output:%s"`,
-		bridge, defaultPriority, hostConfigCookie, rail.PeerLeafPortIP, pf)
-	if _, err := f.Exec.Execute(flow); err != nil {
-		return fmt.Errorf("failed to exec [%s]: %s", flow, err)
-	}
-
-	flow = fmt.Sprintf(`ovs-ofctl add-flow %s "table=0,priority=%d,cookie=0x%x,`+
-		`ip,in_port=local,nw_dst=%s,actions=output:%s"`,
-		bridge, defaultPriority, hostConfigCookie, infraRailSubnet, pf)
-	if _, err := f.Exec.Execute(flow); err != nil {
-		return fmt.Errorf("failed to exec [%s]: %s", flow, err)
-	}
-
-	return nil
-}
-
 func (f *Flows) AddPodRailFlows(cookie uint64, vf, bridge, podIP, podMAC string) error {
 	// ovs-ofctl add-flow -OOpenFlow13 $RAIL_BR "table=0, arp,arp_tpa=${CONTAINER_IP} actions=output:${REP_PORT}"
 	flow := fmt.Sprintf(`ovs-ofctl add-flow %s "table=0,priority=%d,cookie=0x%x,arp,arp_tpa=%s,actions=output:%s"`,

internal/controller/flows_test.go

@@ -72,20 +72,6 @@ var _ = Describe("Flows", func() {
 		ctrl.Finish()
 	})
 
-	Context("DeleteBridgeDefaultFlows", func() {
-		It("should delete flows with cookie=0", func() {
-			execMock.EXPECT().Execute("ovs-ofctl del-flows br-rail1 cookie=0x0/-1").Return("", nil)
-			err := flows.DeleteBridgeDefaultFlows("br-rail1")
-			Expect(err).Should(Succeed())
-		})
-
-		It("should not return error if ovs-ofctl fails", func() {
-			execMock.EXPECT().Execute("ovs-ofctl del-flows br-rail1 cookie=0x0/-1").Return("", fmt.Errorf("failed to delete flows"))
-			err := flows.DeleteBridgeDefaultFlows("br-rail1")
-			Expect(err).Should(Succeed())
-		})
-	})
-
 	Context("AddPodRailFlows", func() {
 		var (
 			mockLink *mock_netlink.MockLink