Use temp network namespace for rename

[adilGhaffarDev]

This PR is changing how SetupVF sets up a VF in Pod netns.
Previous Approach:

• Set link down
• Set temp name on the link
• Remove alt name
• Change netns (move link to pod netns)
• Rename link in netns to Pod interface name
• … do other operations on the link in netns (Enable IPv4 ARP, Set MAC address, Enable Optimistic DAD etc)
• Bring IF up in Pod netns

New approach:

• Create new tempNS
• Move link to tempNS
• Rename the link in tempNS to pod interface name
• Remove alt name from the link in tempNS
• Move link in tempNS to pod netns
• … do other operations on the link in netns (Enable IPv4 ARP, Set MAC address, Enable Optimistic DAD etc)
• Bring IF up in Pod netns

Previously we were setting temp name of the link now we move the link to tempNS.
Why we are doing this?
Check this issue:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1599
Rapid renaming of link causes race condition explained in the issue please check.
To solve the issue they used tempNS instead of renaming link: containernetworking/plugins#1073
We are trying to do the same in this PR.

Fixes #321

[SchSeba]

Hi @adilGhaffarDev can you please fix the unit-tests please

[adilGhaffarDev]

Hi @adilGhaffarDev can you please fix the unit-tests please

I am working on them, I want to run the tests locally but it gives lot of permission related errors. example error:

  [FAILED] Unexpected error:
      <*errors.errorString | 0xc00030c730>: 
      failed to create the sriov lock directory("/tmp/ginkgo2916429793/pci/vf_lock"): mkdir /tmp/ginkgo2916429793/pci/vf_lock: permission denied
      {
          s: "failed to create the sriov lock directory(\"/tmp/ginkgo2916429793/pci/vf_lock\"): mkdir /tmp/ginkgo2916429793/pci/vf_lock: permission denied",
      }
  occurred
  In [It] at: /home/metal3ci/sriov-cni/pkg/config/config_test.go:38

Is it possible to run these tests locally? in VM?

[adilGhaffarDev]

Hi @adilGhaffarDev can you please fix the unit-tests please

I am working on them, I want to run the tests locally but it gives lot of permission related errors. example error:

  [FAILED] Unexpected error:
      <*errors.errorString | 0xc00030c730>: 
      failed to create the sriov lock directory("/tmp/ginkgo2916429793/pci/vf_lock"): mkdir /tmp/ginkgo2916429793/pci/vf_lock: permission denied
      {
          s: "failed to create the sriov lock directory(\"/tmp/ginkgo2916429793/pci/vf_lock\"): mkdir /tmp/ginkgo2916429793/pci/vf_lock: permission denied",
      }
  occurred
  In [It] at: /home/metal3ci/sriov-cni/pkg/config/config_test.go:38

Is it possible to run these tests locally? in VM?

Nevermind it just needed sudo.

[adilGhaffarDev]

Hi @adilGhaffarDev can you please fix the unit-tests please

All tests are now passing. Please take a look at the test case "should save all the netConf struct to the cache file without dns" in pkg/utils/utils_test.go. It was previously failing, although I hadn’t modified any related code. I’ve made some adjustments to address the failure, but I’m not entirely sure why it was failing in the first place.

[adilGhaffarDev]

@adrianchiris @SchSeba please check

[SchSeba]

Hi @adilGhaffarDev,
I can see the build is still failing please take a look :)

[coveralls]

Pull Request Test Coverage Report for Build 19429187032

Details

• 43 of 86 (50.0%) changed or added relevant lines in 1 file are covered.
• 1 unchanged line in 1 file lost coverage.
• Overall coverage decreased (-0.8%) to 62.135%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
pkg/sriov/sriov.go	43	86	50.0%

Files with Coverage Reduction	New Missed Lines	%
pkg/sriov/sriov.go	1	66.26%

Totals
Change from base Build 19405086786:	-0.8%
Covered Lines:	978
Relevant Lines:	1574

---

💛 - Coveralls

[adilGhaffarDev]

I can see the build is still failing please take a look :)

Now all issues are fixed 😄

[adrianchiris]

partial review. i still need to take a look at ReleaseVF

[adrianchiris]

same as above we should use: err = ....

[zeeke]

hi @adilGhaffarDev , I need a little clarification on the problem this PR is trying to solve, as I got no answer in #321 and the commit description does not describe it.

Even with that information, we have to simplify the SetupVF function: with a 5 defer statement insisting on the same err variable, it is pretty hard to determine every possible combination of error.

[adilGhaffarDev]

hi @adilGhaffarDev , I need a little clarification on the problem this PR is trying to solve, as I got no answer in #321 and the commit description does not describe it.

Even with that information, we have to simplify the SetupVF function: with a 5 defer statement insisting on the same err variable, it is pretty hard to determine every possible combination of error.

I have added in the description of PR what this PR is doing and why it is needed.
I understand that defers are making it bit confusing but those are safeguards so nothing goes wrong. I am open to suggestions in improving the defer situation. I will also check myself.

[zeeke]

my considerations are:
a. this PR removed the step LinkSetDown. I'm not sure why it was in place, and I'm ok with it if no one recalls why it was in place
b. Is the race condition we are trying to solve here about udev rules (like the PR description states)? or is it about having multiple CNI calls insisting on the same temp_XXX name?
c. can we avoid nested netns.Do(...) calls? They make the defer call chain very hard to understand. Can we call them sequentially?

[adilGhaffarDev]

c. can we avoid nested netns.Do(...) calls? They make the defer call chain very hard to understand. Can we call them sequentially?

I have removed nested netns.Do() calls. Please check, now it's much simpler. Defers are removed, and now the code is easier to understand.

[adilGhaffarDev]

@SchSeba @zeeke @adrianchiris . take a look when you get time.
Simplified the code and got rid of confusing defers.

[zeeke]

Thanks for simplifying the code. Left some comments

[adilGhaffarDev]

@zeeke comments are addressed.

[adilGhaffarDev]

@SchSeba @adrianchiris looking for reviews.

[zeeke]

only one comment from my side.
thanks for all your rework

[zeeke]

LGTM

Thanks for having addressed all my comments

[adilGhaffarDev]

@SchSeba @adrianchiris can we merge this?

[SchSeba]

I think we are getting closer I like this solution more it's easier to read and follow I would say :p

[adilGhaffarDev]

@SchSeba comments are addressed.

[SchSeba]

if this line works https://github.com/k8snetworkplumbingwg/sriov-cni/pull/325/files#diff-3f93d9d758dfaab2615b76451d0a014c280e2aa12c0c97f60b2a5c8b2d68e589R202 then here we will not find the interface right?

[adilGhaffarDev]

no it should be able to find because on line 203 we doing:
linkSetNameError := s.nLink.LinkSetName(nsLinkObj, linkName)
so at 211 we should be able to find the interface.
I am changing it bit to make it more clear.