kmesh-net · kmesh-bot · May 9, 2024 · May 7, 2024
diff --git a/bpf/kmesh/workload/cgroup_sock.c b/bpf/kmesh/workload/cgroup_sock.c
@@ -52,51 +52,26 @@ static inline int sock4_traffic_control(struct bpf_sock_addr *ctx)
 {
     int ret;
     frontend_value *frontend_v = NULL;
-    bool direct_backend = false;
 
     if (!check_kmesh_enabled(ctx))
         return 0;
 
-    DECLARE_VAR_ADDRESS(ctx, address);
+    DECLARE_FRONTEND_KEY(ctx, frontend_k);
 
     BPF_LOG(DEBUG, KMESH, "origin addr=[%u:%u]\n", ctx->user_ip4, ctx->user_port);
-    frontend_v = map_lookup_frontend(&address);
+    frontend_v = map_lookup_frontend(&frontend_k);
     if (!frontend_v) {
-        address.service_port = 0;
-        frontend_v = map_lookup_frontend(&address);
-        if (!frontend_v) {
-            return -ENOENT;
-        }
-        direct_backend = true;
+        return -ENOENT;
     }
 
     BPF_LOG(DEBUG, KMESH, "bpf find frontend addr=[%u:%u]\n", ctx->user_ip4, ctx->user_port);
-
-    if (direct_backend) {
-        backend_key backend_k = {0};
-        backend_value *backend_v = NULL;
-
-        backend_k.backend_uid = frontend_v->upstream_id;
-        backend_v = map_lookup_backend(&backend_k);
-        if (!backend_v) {
-            BPF_LOG(ERR, KMESH, "find backend failed\n");
-            return -ENOENT;
-        }
-        BPF_LOG(DEBUG, KMESH, "find pod frontend\n");
-        ret = backend_manager(ctx, backend_v);
-        if (ret < 0) {
-            if (ret != -ENOENT)
-                BPF_LOG(ERR, KMESH, "backend_manager failed, ret:%d\n", ret);
-            return ret;
-        }
-    } else {
-        ret = frontend_manager(ctx, frontend_v);
-        if (ret != 0) {
-            if (ret != -ENOENT)
-                BPF_LOG(ERR, KMESH, "frontend_manager failed, ret:%d\n", ret);
-            return ret;
-        }
+    ret = frontend_manager(ctx, frontend_v);
+    if (ret != 0) {
+        if (ret != -ENOENT)
+            BPF_LOG(ERR, KMESH, "frontend_manager failed, ret:%d\n", ret);
+        return ret;
     }
+
     return 0;
 }
 

diff --git a/bpf/kmesh/workload/include/backend.h b/bpf/kmesh/workload/include/backend.h
@@ -57,15 +57,14 @@ static inline int backend_manager(ctx_buff_t *ctx, backend_value *backend_v)
         return -ENOEXEC;
     }
 
-    DECLARE_VAR_ADDRESS(ctx, address);
 #pragma unroll
     for (unsigned int i = 0; i < backend_v->port_count; i++) {
         if (i >= MAX_PORT_COUNT) {
             BPF_LOG(WARN, BACKEND, "exceed the max port count\n");
             return -EINVAL;
         }
 
-        if (address.service_port == backend_v->service_port[i]) {
+        if (ctx->user_port == backend_v->service_port[i]) {
             target_addr.ipv4 = backend_v->ipv4;
             target_addr.port = backend_v->target_port[i];
             SET_CTX_ADDRESS(ctx, target_addr);

diff --git a/bpf/kmesh/workload/include/ctx/sock_addr.h b/bpf/kmesh/workload/include/ctx/sock_addr.h
@@ -27,10 +27,9 @@ typedef enum {
 
 typedef struct bpf_sock_addr ctx_buff_t;
 
-#define DECLARE_VAR_ADDRESS(ctx, name)                                                                                 \
-    frontend_key name = {0};                                                                                           \
-    name.ipv4 = (ctx)->user_ip4;                                                                                       \
-    name.service_port = (ctx)->user_port
+#define DECLARE_FRONTEND_KEY(ctx, key)                                                                                 \
+    frontend_key key = {0};                                                                                            \
+    key.ipv4 = (ctx)->user_ip4
 
 #define SET_CTX_ADDRESS(ctx, address)                                                                                  \
     (ctx)->user_ip4 = (address).ipv4;                                                                                  \

diff --git a/bpf/kmesh/workload/include/frontend.h b/bpf/kmesh/workload/include/frontend.h
@@ -21,6 +21,7 @@
 
 #include "workload_common.h"
 #include "service.h"
+#include "backend.h"
 
 static inline frontend_value *map_lookup_frontend(const frontend_key *key)
 {
@@ -32,19 +33,36 @@ static inline int frontend_manager(ctx_buff_t *ctx, frontend_value *frontend_v)
     int ret = 0;
     service_key service_k = {0};
     service_value *service_v = NULL;
+    backend_key backend_k = {0};
+    backend_value *backend_v = NULL;
+    bool direct_backend = false;
 
     service_k.service_id = frontend_v->upstream_id;
     service_v = map_lookup_service(&service_k);
     if (!service_v) {
-        BPF_LOG(WARN, FRONTEND, "find service failed\n");
-        return -ENOENT;
+        backend_k.backend_uid = frontend_v->upstream_id;
+        backend_v = map_lookup_backend(&backend_k);
+        if (!backend_v) {
+            BPF_LOG(WARN, FRONTEND, "find backend failed\n");
+            return -ENOENT;
+        }
+        direct_backend = true;
     }
 
-    ret = service_manager(ctx, frontend_v->upstream_id, service_v);
-    if (ret != 0) {
-        if (ret != -ENOENT)
-            BPF_LOG(ERR, FRONTEND, "service_manager failed, ret:%d\n", ret);
-        return ret;
+    if (direct_backend) {
+        ret = backend_manager(ctx, backend_v);
+        if (ret != 0) {
+            if (ret != -ENOENT)
+                BPF_LOG(ERR, FRONTEND, "backend_manager failed, ret:%d\n", ret);
+            return ret;
+        }
+    } else {
+        ret = service_manager(ctx, frontend_v->upstream_id, service_v);
+        if (ret != 0) {
+            if (ret != -ENOENT)
+                BPF_LOG(ERR, FRONTEND, "service_manager failed, ret:%d\n", ret);
+            return ret;
+        }
     }
 
     return 0;

diff --git a/bpf/kmesh/workload/include/workload.h b/bpf/kmesh/workload/include/workload.h
@@ -26,12 +26,8 @@
 #define RINGBUF_SIZE   (1 << 12)
 
 // frontend map
-// Generally, frontend_key store Service ip and port, for app access Service,
-// Specifically, for app access Pod directly: frontend_key:{ipv4:<PodIP>, service_port:0},
-// frontend_value:{upstream_id:backend_uid}
 typedef struct {
-    __u32 ipv4;         // Service ip or Pod ip
-    __u32 service_port; // actual port for Service or 0 for Pod
+    __u32 ipv4; // Service ip or Pod ip
 } __attribute__((packed)) frontend_key;
 
 typedef struct {

diff --git a/pkg/controller/workload/bpfcache/frontend.go b/pkg/controller/workload/bpfcache/frontend.go
@@ -20,11 +20,8 @@ import (
 	"github.com/cilium/ebpf"
 )
 
-// Generally, frontend_key store Service ip and port, for app access Service,
-// Specifically, for app access Pod directly: FrontendKey:{IPv4:<PodIP>, Port:0}, FrontendValue:{UpstreamId:BackendUid}
 type FrontendKey struct {
 	IPv4 uint32 // Service ip or Pod ip
-	Port uint32 // actual port for Service or 0 for Pod
 }
 
 type FrontendValue struct {

diff --git a/pkg/controller/workload/workload_processor.go b/pkg/controller/workload/workload_processor.go
@@ -119,7 +119,6 @@ func (p *Processor) deletePodFrontendData(uid uint32) error {
 		log.Debugf("Find BackendValue: [%#v]", bv)
 		if bv.PortCount == 0 {
 			fk.IPv4 = bv.IPv4
-			fk.Port = 0
 			if err = p.bpf.FrontendDelete(&fk); err != nil {
 				log.Errorf("FrontendDelete failed: %s", err)
 				return err
@@ -136,10 +135,7 @@ func (p *Processor) storePodFrontendData(uid uint32, ip []byte) error {
 		fv = bpf.FrontendValue{}
 	)
 
-	// stored PodIP in the frontend map for Pod to Pod access.
-	// FrontendKey:{IPv4:<PodIP>, Port:0}, FrontendValue:{ServiceID:BackendUid}
 	fk.IPv4 = binary.LittleEndian.Uint32(ip)
-	fk.Port = 0
 	fv.UpstreamId = uid
 	if err := p.bpf.FrontendUpdate(&fk, &fv); err != nil {
 		log.Errorf("Update frontend map failed, err:%s", err)
@@ -355,8 +351,6 @@ func (p *Processor) storeBackendData(uid uint32, ips [][]byte, portList *workloa
 			}
 		}
 
-		// stored PodIP in the frontend map for Pod to Pod access.
-		// FrontendKey:{IPv4:<PodIP>, Port:0}, FrontendValue:{ServiceID:BackendUid}
 		if err = p.storePodFrontendData(uid, ip); err != nil {
 			log.Errorf("storePodFrontendData failed, err:%s", err)
 			return err
@@ -433,8 +427,6 @@ func (p *Processor) handleDataWithoutService(workload *workloadapi.Workload) err
 			return err
 		}
 
-		// stored PodIP in the frontend map for Pod to Pod access.
-		// FrontendKey:{IPv4:<PodIP>, Port:0}, FrontendValue:{ServiceID:BackendUid}
 		if err = p.storePodFrontendData(uid, ip); err != nil {
 			log.Errorf("storePodFrontendData failed, err:%s", err)
 			return err
@@ -473,12 +465,9 @@ func (p *Processor) storeServiceFrontendData(serviceId uint32, service *workload
 	for _, networkAddress := range service.GetAddresses() {
 		address := networkAddress.Address
 		fk.IPv4 = nets.ConvertIpByteToUint32(address)
-		for _, portPair := range service.GetPorts() {
-			fk.Port = nets.ConvertPortToBigEndian(portPair.ServicePort)
-			if err = p.bpf.FrontendUpdate(&fk, &fv); err != nil {
-				log.Errorf("Update Frontend failed, err:%s", err)
-				return err
-			}
+		if err = p.bpf.FrontendUpdate(&fk, &fv); err != nil {
+			log.Errorf("Update Frontend failed, err:%s", err)
+			return err
 		}
 	}
 	return nil