antrea
antrea copied to clipboard
antrea-io
StretchedNetworkPolicy Agent Implementation
This PR is based on https://github.com/antrea-io/antrea/pull/3913.
- Add implementation of Stretched NetworkPolicy in Antrea agent. 1.1 Add OVS flows with tun_id matching. 1.2 Agent also realizes a security rule using unknown LabelIdentity for each Stretched NetworkPolicy rule.
- Add implementation of LabelIdentity on datapath 2.1 Pod will load its LabelIdentity in tun_id in ClassifierFlow. 2.2 Pod Classifier flow will have a different cacheKey for easy updates. 2.3 StretchedNetworkPolicy will sync Pod ClassifierFlow according to Pod/NS/LabelID events.
- Add UT and E2E tests.
Codecov Report
Merging #3914 (fedfdf5) into main (113fe92) will increase coverage by
0.20%. The diff coverage is32.25%.
:exclamation: Current head fedfdf5 differs from pull request most recent head d1e79ce. Consider uploading reports for the commit d1e79ce to get more accurate results
@@ Coverage Diff @@
## main #3914 +/- ##
==========================================
+ Coverage 67.87% 68.07% +0.20%
==========================================
Files 402 415 +13
Lines 57284 58981 +1697
==========================================
+ Hits 38879 40151 +1272
- Misses 15707 16111 +404
- Partials 2698 2719 +21
| Flag | Coverage Δ | *Carryforward flag | |
|---|---|---|---|
| e2e-tests | 39.99% <10.95%> (?) |
||
| integration-tests | 34.60% <39.21%> (ø) |
Carriedforward from 113fe92 | |
| kind-e2e-tests | 47.54% <57.37%> (ø) |
Carriedforward from 113fe92 | |
| unit-tests | 56.44% <66.49%> (ø) |
Carriedforward from 113fe92 |
*This pull request uses carry forward flags. Click here to find out more.
| Impacted Files | Coverage Δ | |
|---|---|---|
| cmd/antrea-agent/agent.go | 0.00% <0.00%> (ø) |
|
| pkg/agent/cniserver/pod_configuration_windows.go | 0.00% <0.00%> (ø) |
|
| ...multicluster/stretched_networkpolicy_controller.go | 0.00% <0.00%> (ø) |
|
| pkg/agent/openflow/network_policy.go | 78.95% <0.00%> (-0.44%) |
:arrow_down: |
| pkg/agent/types/networkpolicy.go | 89.58% <ø> (-0.17%) |
:arrow_down: |
| pkg/agent/cniserver/pod_configuration.go | 58.10% <50.00%> (+0.44%) |
:arrow_up: |
| pkg/agent/openflow/pipeline.go | 88.53% <53.84%> (-2.54%) |
:arrow_down: |
| pkg/agent/openflow/multicluster.go | 72.02% <78.94%> (-24.24%) |
:arrow_down: |
| pkg/agent/controller/networkpolicy/cache.go | 85.63% <79.62%> (-1.12%) |
:arrow_down: |
| pkg/agent/controller/networkpolicy/reconciler.go | 74.08% <83.33%> (+3.80%) |
:arrow_up: |
| ... and 55 more |
This pull request introduces 1 alert when merging 0bf305c869a30f07615c3867ce5e1df202951309 into 52bb02e0acdbf46c4756df092e9f008a3e49370d - view on LGTM.com
new alerts:
- 1 for Useless assignment to local variable
![lgtm-com[bot] avatar](https://avatars.githubusercontent.com/in/17324?v=4 "Published by a pub.dev verified publisher"){kind=small}
Hi @GraysonWu Could you update the summary and commit message so reviewer can learn about this PR with more details? thanks.
Hi @GraysonWu Could you update the summary and commit message so reviewer can learn about this PR with more details? thanks.
Updated.