[Multicast] Multicast client auto-discovery

1. Use packetIn/packetOut to collect IGMP membership report and detect Multicast group. 2. Add an OpenFlow entry for each Multicast group in which local Pods have joined to forward the packet normally and output it to antrea-gw0. 3. Output the Multicast traffic to antrea-gw0 if no local Pods have joined the target Multicast group. Signed-off-by: wenyingd <wenyingd@vmware.com>
antrea-io · Nov 25, 2021 · 3c883f2 · 3c883f2
1 parent db0c92d
commit 3c883f2
Show file tree

Hide file tree

Showing 28 changed files with 1,210 additions and 58 deletions.
diff --git a/build/yamls/antrea-aks.yml b/build/yamls/antrea-aks.yml
@@ -3981,6 +3981,9 @@ data:
     # Deployments and StatefulSets via IP Pool annotation.
     #  AntreaIPAM: false
 
+    # Enable multicast traffic. This feature is supported only with noEncap mode.
+    #  Multicast: false
+
     # Name of the OpenVSwitch bridge antrea-agent will create and use.
     # Make sure it doesn't conflict with your existing OpenVSwitch bridges.
     #ovsBridge: br-int
@@ -4261,7 +4264,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-6dtt4hkmmm
+  name: antrea-config-c5h558tg5g
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4332,7 +4335,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-6dtt4hkmmm
+          value: antrea-config-c5h558tg5g
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4383,7 +4386,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-6dtt4hkmmm
+          name: antrea-config-c5h558tg5g
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4664,7 +4667,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-config-6dtt4hkmmm
+          name: antrea-config-c5h558tg5g
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

diff --git a/build/yamls/antrea-eks.yml b/build/yamls/antrea-eks.yml
@@ -3981,6 +3981,9 @@ data:
     # Deployments and StatefulSets via IP Pool annotation.
     #  AntreaIPAM: false
 
+    # Enable multicast traffic. This feature is supported only with noEncap mode.
+    #  Multicast: false
+
     # Name of the OpenVSwitch bridge antrea-agent will create and use.
     # Make sure it doesn't conflict with your existing OpenVSwitch bridges.
     #ovsBridge: br-int
@@ -4261,7 +4264,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-6dtt4hkmmm
+  name: antrea-config-c5h558tg5g
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4332,7 +4335,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-6dtt4hkmmm
+          value: antrea-config-c5h558tg5g
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4383,7 +4386,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-6dtt4hkmmm
+          name: antrea-config-c5h558tg5g
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4666,7 +4669,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-config-6dtt4hkmmm
+          name: antrea-config-c5h558tg5g
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

diff --git a/build/yamls/antrea-gke.yml b/build/yamls/antrea-gke.yml
@@ -3981,6 +3981,9 @@ data:
     # Deployments and StatefulSets via IP Pool annotation.
     #  AntreaIPAM: false
 
+    # Enable multicast traffic. This feature is supported only with noEncap mode.
+    #  Multicast: false
+
     # Name of the OpenVSwitch bridge antrea-agent will create and use.
     # Make sure it doesn't conflict with your existing OpenVSwitch bridges.
     #ovsBridge: br-int
@@ -4261,7 +4264,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-25kc566684
+  name: antrea-config-h72246h8f2
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4332,7 +4335,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-25kc566684
+          value: antrea-config-h72246h8f2
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4383,7 +4386,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-25kc566684
+          name: antrea-config-h72246h8f2
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4667,7 +4670,7 @@ spec:
           path: /home/kubernetes/bin
         name: host-cni-bin
       - configMap:
-          name: antrea-config-25kc566684
+          name: antrea-config-h72246h8f2
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

diff --git a/build/yamls/antrea-ipsec.yml b/build/yamls/antrea-ipsec.yml
@@ -3981,6 +3981,9 @@ data:
     # Deployments and StatefulSets via IP Pool annotation.
     #  AntreaIPAM: false
 
+    # Enable multicast traffic. This feature is supported only with noEncap mode.
+    #  Multicast: false
+
     # Name of the OpenVSwitch bridge antrea-agent will create and use.
     # Make sure it doesn't conflict with your existing OpenVSwitch bridges.
     #ovsBridge: br-int
@@ -4266,7 +4269,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-tc6kb6tbkh
+  name: antrea-config-557h844gdh
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4346,7 +4349,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-tc6kb6tbkh
+          value: antrea-config-557h844gdh
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4397,7 +4400,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-tc6kb6tbkh
+          name: antrea-config-557h844gdh
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4713,7 +4716,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-config-tc6kb6tbkh
+          name: antrea-config-557h844gdh
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

diff --git a/build/yamls/antrea-kind.yml b/build/yamls/antrea-kind.yml
@@ -3981,6 +3981,9 @@ data:
     # Deployments and StatefulSets via IP Pool annotation.
     #  AntreaIPAM: false
 
+    # Enable multicast traffic. This feature is supported only with noEncap mode.
+    #  Multicast: false
+
     # Name of the OpenVSwitch bridge antrea-agent will create and use.
     # Make sure it doesn't conflict with your existing OpenVSwitch bridges.
     #ovsBridge: br-int
@@ -4266,7 +4269,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-d4hfbm5d8h
+  name: antrea-config-f7dbh45mc5
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4337,7 +4340,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-d4hfbm5d8h
+          value: antrea-config-f7dbh45mc5
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4388,7 +4391,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-d4hfbm5d8h
+          name: antrea-config-f7dbh45mc5
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4665,7 +4668,7 @@ spec:
           type: CharDevice
         name: dev-tun
       - configMap:
-          name: antrea-config-d4hfbm5d8h
+          name: antrea-config-f7dbh45mc5
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

diff --git a/build/yamls/antrea.yml b/build/yamls/antrea.yml
@@ -3981,6 +3981,9 @@ data:
     # Deployments and StatefulSets via IP Pool annotation.
     #  AntreaIPAM: false
 
+    # Enable multicast traffic. This feature is supported only with noEncap mode.
+    #  Multicast: false
+
     # Name of the OpenVSwitch bridge antrea-agent will create and use.
     # Make sure it doesn't conflict with your existing OpenVSwitch bridges.
     #ovsBridge: br-int
@@ -4266,7 +4269,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-786ttm24c7
+  name: antrea-config-gg2666bbdt
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4337,7 +4340,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-786ttm24c7
+          value: antrea-config-gg2666bbdt
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4388,7 +4391,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-786ttm24c7
+          name: antrea-config-gg2666bbdt
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4669,7 +4672,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-config-786ttm24c7
+          name: antrea-config-gg2666bbdt
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

diff --git a/build/yamls/base/conf/antrea-agent.conf b/build/yamls/base/conf/antrea-agent.conf
@@ -35,6 +35,9 @@ featureGates:
 # Deployments and StatefulSets via IP Pool annotation.
 #  AntreaIPAM: false
 
+# Enable multicast traffic. This feature is supported only with noEncap mode.
+#  Multicast: false
+
 # Name of the OpenVSwitch bridge antrea-agent will create and use.
 # Make sure it doesn't conflict with your existing OpenVSwitch bridges.
 #ovsBridge: br-int

diff --git a/cmd/antrea-agent/agent.go b/cmd/antrea-agent/agent.go
@@ -36,6 +36,7 @@ import (
 	"antrea.io/antrea/pkg/agent/flowexporter/exporter"
 	"antrea.io/antrea/pkg/agent/interfacestore"
 	"antrea.io/antrea/pkg/agent/metrics"
+	"antrea.io/antrea/pkg/agent/multicast"
 	npl "antrea.io/antrea/pkg/agent/nodeportlocal"
 	"antrea.io/antrea/pkg/agent/openflow"
 	"antrea.io/antrea/pkg/agent/proxy"
@@ -115,7 +116,8 @@ func run(o *Options) error {
 		features.DefaultFeatureGate.Enabled(features.Egress),
 		features.DefaultFeatureGate.Enabled(features.FlowExporter),
 		o.config.AntreaProxy.ProxyAll,
-		connectUplinkToBridge)
+		connectUplinkToBridge,
+		features.DefaultFeatureGate.Enabled(features.Multicast))
 
 	_, serviceCIDRNet, _ := net.ParseCIDR(o.config.ServiceCIDR)
 	var serviceCIDRNetv6 *net.IPNet
@@ -455,6 +457,14 @@ func run(o *Options) error {
 		}
 	}
 
+	if features.DefaultFeatureGate.Enabled(features.Multicast) {
+		mcastController := multicast.NewMulticastController(ofClient, nodeConfig, ifaceStore)
+		if err := mcastController.Initialize(); err != nil {
+			return err
+		}
+		go mcastController.Run(stopCh)
+	}
+
 	agentQuerier := querier.NewAgentQuerier(
 		nodeConfig,
 		networkConfig,

diff --git a/pkg/agent/interfacestore/interface_cache.go b/pkg/agent/interfacestore/interface_cache.go
@@ -15,6 +15,7 @@
 package interfacestore
 
 import (
+	"fmt"
 	"sync"
 
 	"k8s.io/client-go/tools/cache"
@@ -40,6 +41,8 @@ const (
 	// interfaceIPIndex is the index built with InterfaceConfig.IP
 	// Only the interfaces with IP get indexed.
 	interfaceIPIndex = "ip"
+	// ofPortIndex is the index built with InterfaceConfig.OFPort
+	ofPortIndex = "ofPort"
 )
 
 // Local cache for interfaces created on node, including container, host gateway, and tunnel
@@ -221,6 +224,18 @@ func (c *interfaceCache) GetNodeTunnelInterface(nodeName string) (*InterfaceConf
 	return obj.(*InterfaceConfig), true
 }
 
+// GetInterfaceByOFPort retrieves InterfaceConfig by the given ofPort number.
+func (c *interfaceCache) GetInterfaceByOFPort(ofPort uint32) (*InterfaceConfig, bool) {
+	c.RLock()
+	defer c.RUnlock()
+	ofportStr := fmt.Sprintf("%d", ofPort)
+	interfaceConfigs, _ := c.cache.ByIndex(ofPortIndex, ofportStr)
+	if len(interfaceConfigs) == 0 {
+		return nil, false
+	}
+	return interfaceConfigs[0].(*InterfaceConfig), true
+}
+
 func interfaceNameIndexFunc(obj interface{}) ([]string, error) {
 	interfaceConfig := obj.(*InterfaceConfig)
 	return []string{interfaceConfig.InterfaceName}, nil
@@ -260,6 +275,15 @@ func interfaceIPIndexFunc(obj interface{}) ([]string, error) {
 	return intfIPs, nil
 }
 
+func interfaceOFPortIndexFunc(obj interface{}) ([]string, error) {
+	interfaceConfig := obj.(*InterfaceConfig)
+	if interfaceConfig.OFPort < 0 {
+		// If interfaceConfig OFport is not valid, we return empty key.
+		return []string{}, nil
+	}
+	return []string{fmt.Sprintf("%d", interfaceConfig.OFPort)}, nil
+}
+
 func NewInterfaceStore() InterfaceStore {
 	return &interfaceCache{
 		cache: cache.NewIndexer(getInterfaceKey, cache.Indexers{
@@ -268,6 +292,7 @@ func NewInterfaceStore() InterfaceStore {
 			containerIDIndex:   containerIDIndexFunc,
 			podIndex:           podIndexFunc,
 			interfaceIPIndex:   interfaceIPIndexFunc,
+			ofPortIndex:        interfaceOFPortIndexFunc,
 		}),
 	}
 }