Multicast route configuration and support for join/leave transport node

build/yamls/antrea-aks.yml

@@ -4155,6 +4155,10 @@ data:
     # 3. The Node IP
     #transportInterface:
 
+    # The names of the interfaces on Nodes that are used to forward multicast traffic.
+    # Defaults to transport interface if not set.
+    #multicastInterfaces: []
+
     # The network CIDRs of the interface on Node which is used for tunneling or routing the traffic across
     # Nodes. If there are multiple interfaces configured the same network CIDR, the first one is used. The
     # IP address used for tunneling or routing traffic to remote Nodes is decided in the following order of
@@ -4299,7 +4303,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-mtdf878cgd
+  name: antrea-config-hc65bkbcgm
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4370,7 +4374,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-mtdf878cgd
+          value: antrea-config-hc65bkbcgm
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4421,7 +4425,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-mtdf878cgd
+          name: antrea-config-hc65bkbcgm
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4702,7 +4706,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-config-mtdf878cgd
+          name: antrea-config-hc65bkbcgm
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

build/yamls/antrea-eks.yml

@@ -4155,6 +4155,10 @@ data:
     # 3. The Node IP
     #transportInterface:
 
+    # The names of the interfaces on Nodes that are used to forward multicast traffic.
+    # Defaults to transport interface if not set.
+    #multicastInterfaces: []
+
     # The network CIDRs of the interface on Node which is used for tunneling or routing the traffic across
     # Nodes. If there are multiple interfaces configured the same network CIDR, the first one is used. The
     # IP address used for tunneling or routing traffic to remote Nodes is decided in the following order of
@@ -4299,7 +4303,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-mtdf878cgd
+  name: antrea-config-hc65bkbcgm
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4370,7 +4374,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-mtdf878cgd
+          value: antrea-config-hc65bkbcgm
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4421,7 +4425,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-mtdf878cgd
+          name: antrea-config-hc65bkbcgm
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4704,7 +4708,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-config-mtdf878cgd
+          name: antrea-config-hc65bkbcgm
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

build/yamls/antrea-gke.yml

@@ -4155,6 +4155,10 @@ data:
     # 3. The Node IP
     #transportInterface:
 
+    # The names of the interfaces on Nodes that are used to forward multicast traffic.
+    # Defaults to transport interface if not set.
+    #multicastInterfaces: []
+
     # The network CIDRs of the interface on Node which is used for tunneling or routing the traffic across
     # Nodes. If there are multiple interfaces configured the same network CIDR, the first one is used. The
     # IP address used for tunneling or routing traffic to remote Nodes is decided in the following order of
@@ -4299,7 +4303,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-f42d6k25t4
+  name: antrea-config-9mch246h2k
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4370,7 +4374,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-f42d6k25t4
+          value: antrea-config-9mch246h2k
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4421,7 +4425,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-f42d6k25t4
+          name: antrea-config-9mch246h2k
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4705,7 +4709,7 @@ spec:
           path: /home/kubernetes/bin
         name: host-cni-bin
       - configMap:
-          name: antrea-config-f42d6k25t4
+          name: antrea-config-9mch246h2k
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

build/yamls/antrea-ipsec.yml

@@ -4160,6 +4160,10 @@ data:
     # 3. The Node IP
     #transportInterface:
 
+    # The names of the interfaces on Nodes that are used to forward multicast traffic.
+    # Defaults to transport interface if not set.
+    #multicastInterfaces: []
+
     # The network CIDRs of the interface on Node which is used for tunneling or routing the traffic across
     # Nodes. If there are multiple interfaces configured the same network CIDR, the first one is used. The
     # IP address used for tunneling or routing traffic to remote Nodes is decided in the following order of
@@ -4304,7 +4308,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-24g5gkf4m9
+  name: antrea-config-2thm85m7gt
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4384,7 +4388,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-24g5gkf4m9
+          value: antrea-config-2thm85m7gt
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4435,7 +4439,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-24g5gkf4m9
+          name: antrea-config-2thm85m7gt
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4751,7 +4755,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-config-24g5gkf4m9
+          name: antrea-config-2thm85m7gt
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

build/yamls/antrea-kind.yml

@@ -4160,6 +4160,10 @@ data:
     # 3. The Node IP
     #transportInterface:
 
+    # The names of the interfaces on Nodes that are used to forward multicast traffic.
+    # Defaults to transport interface if not set.
+    #multicastInterfaces: []
+
     # The network CIDRs of the interface on Node which is used for tunneling or routing the traffic across
     # Nodes. If there are multiple interfaces configured the same network CIDR, the first one is used. The
     # IP address used for tunneling or routing traffic to remote Nodes is decided in the following order of
@@ -4304,7 +4308,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-h5hctb5f9b
+  name: antrea-config-44dgfghbf4
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4375,7 +4379,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-h5hctb5f9b
+          value: antrea-config-44dgfghbf4
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4426,7 +4430,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-h5hctb5f9b
+          name: antrea-config-44dgfghbf4
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4703,7 +4707,7 @@ spec:
           type: CharDevice
         name: dev-tun
       - configMap:
-          name: antrea-config-h5hctb5f9b
+          name: antrea-config-44dgfghbf4
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

build/yamls/antrea.yml

@@ -4160,6 +4160,10 @@ data:
     # 3. The Node IP
     #transportInterface:
 
+    # The names of the interfaces on Nodes that are used to forward multicast traffic.
+    # Defaults to transport interface if not set.
+    #multicastInterfaces: []
+
     # The network CIDRs of the interface on Node which is used for tunneling or routing the traffic across
     # Nodes. If there are multiple interfaces configured the same network CIDR, the first one is used. The
     # IP address used for tunneling or routing traffic to remote Nodes is decided in the following order of
@@ -4304,7 +4308,7 @@ metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-h9276948gc
+  name: antrea-config-c4m4ghgm7d
   namespace: kube-system
 ---
 apiVersion: v1
@@ -4375,7 +4379,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-h9276948gc
+          value: antrea-config-c4m4ghgm7d
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4426,7 +4430,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-h9276948gc
+          name: antrea-config-c4m4ghgm7d
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4707,7 +4711,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-config-h9276948gc
+          name: antrea-config-c4m4ghgm7d
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

build/yamls/base/conf/antrea-agent.conf

@@ -186,6 +186,10 @@ nodePortLocal:
 # 3. The Node IP
 #transportInterface:
 
+# The names of the interfaces on Nodes that are used to forward multicast traffic.
+# Defaults to transport interface if not set.
+#multicastInterfaces: []
+
 # The network CIDRs of the interface on Node which is used for tunneling or routing the traffic across
 # Nodes. If there are multiple interfaces configured the same network CIDR, the first one is used. The
 # IP address used for tunneling or routing traffic to remote Nodes is decided in the following order of

cmd/antrea-agent/agent.go

@@ -21,6 +21,7 @@ import (
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/fields"
+	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/client-go/informers"
 	coreinformers "k8s.io/client-go/informers/core/v1"
@@ -162,7 +163,7 @@ func run(o *Options) error {
 	egressConfig := &config.EgressConfig{
 		ExceptCIDRs: exceptCIDRs,
 	}
-	routeClient, err := route.NewClient(networkConfig, o.config.NoSNAT, o.config.AntreaProxy.ProxyAll, connectUplinkToBridge)
+	routeClient, err := route.NewClient(networkConfig, o.config.NoSNAT, o.config.AntreaProxy.ProxyAll, connectUplinkToBridge, features.DefaultFeatureGate.Enabled(features.Multicast))
 	if err != nil {
 		return fmt.Errorf("error creating route client: %v", err)
 	}
@@ -508,7 +509,17 @@ func run(o *Options) error {
 	}
 
 	if features.DefaultFeatureGate.Enabled(features.Multicast) {
-		mcastController := multicast.NewMulticastController(ofClient, nodeConfig, ifaceStore)
+		multicastSocket, err := multicast.CreateMulticastSocket()
+		if err != nil {
+			return fmt.Errorf("failed to create multicast socket")
+		}
+		mcastController := multicast.NewMulticastController(
+			ofClient,
+			nodeConfig,
+			ifaceStore,
+			multicastSocket,
+			sets.NewString(append(o.config.MulticastInterfaces, networkConfig.TransportIface)...),
+			ovsBridgeClient)
 		if err := mcastController.Initialize(); err != nil {
 			return err
 		}

hack/update-codegen-dockerized.sh

@@ -158,6 +158,7 @@ MOCKGEN_TARGETS=(
   "pkg/agent/cniserver/ipam IPAMDriver testing"
   "pkg/agent/flowexporter/connections ConnTrackDumper,NetFilterConnTrack testing"
   "pkg/agent/interfacestore InterfaceStore testing"
+  "pkg/agent/multicast RouteInterface testing"
   "pkg/agent/nodeportlocal/portcache LocalPortOpener testing"
   "pkg/agent/nodeportlocal/rules PodPortRules testing"
   "pkg/agent/openflow Client,OFEntryOperations testing"

pkg/agent/agent.go

@@ -782,6 +782,7 @@ func (i *Initializer) initNodeLocalConfig() error {
 	}
 
 	var nodeIPv4Addr, nodeIPv6Addr, transportIPv4Addr, transportIPv6Addr *net.IPNet
+	var transportInterfaceName string
 	var localIntf *net.Interface
 	// Find the interface configured with Node IP and use it for Pod traffic.
 	ipAddrs, err := k8s.GetNodeAddrs(node)
@@ -794,9 +795,11 @@ func (i *Initializer) initNodeLocalConfig() error {
 	}
 	transportIPv4Addr = nodeIPv4Addr
 	transportIPv6Addr = nodeIPv6Addr
+	transportInterfaceName = localIntf.Name
 	if i.networkConfig.TransportIface != "" {
 		// Find the configured transport interface, and update its IP address in Node's annotation.
 		transportIPv4Addr, transportIPv6Addr, localIntf, err = getTransportIPNetDeviceByName(i.networkConfig.TransportIface, i.ovsBridge)
+		transportInterfaceName = localIntf.Name
 		if err != nil {
 			return fmt.Errorf("failed to get local IPNet device with transport interface %s: %v", i.networkConfig.TransportIface, err)
 		}
@@ -813,6 +816,7 @@ func (i *Initializer) initNodeLocalConfig() error {
 		}
 	} else if len(i.networkConfig.TransportIfaceCIDRs) > 0 {
 		transportIPv4Addr, transportIPv6Addr, localIntf, err = getIPNetDeviceByCIDRs(i.networkConfig.TransportIfaceCIDRs)
+		transportInterfaceName = localIntf.Name
 		if err != nil {
 			return fmt.Errorf("failed to get local IPNet device with transport Address CIDR %s: %v", i.networkConfig.TransportIfaceCIDRs, err)
 		}
@@ -834,6 +838,7 @@ func (i *Initializer) initNodeLocalConfig() error {
 			i.patchNodeAnnotations(nodeName, types.NodeTransportAddressAnnotationKey, nil)
 		}
 	}
+	i.networkConfig.TransportIface = transportInterfaceName
 
 	// Update the Node's MAC address in the annotations of the Node. The MAC address will be used for direct routing by
 	// OVS in noencap case on Windows Nodes. As a mixture of Linux and Windows nodes is possible, Linux Nodes' MAC