Skip to content

loader: Attach bpf_host to cilium_net from Golang #11598

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 2, 2020
Merged

loader: Attach bpf_host to cilium_net from Golang #11598

merged 1 commit into from
Jun 2, 2020

Conversation

pchaigno
Copy link
Member

Attach bpf_host to the second host device (i.e., cilium_net) from Golang, as part of the host endpoint's datapath loading, instead of doing it from init.sh.

Doing so has the following benefits:

  • We compile one less time because we only need to patch the object file
    on the Go side.
  • It simplifies the weird dance around includes in bpf_host.c.
  • It moves more code out of init.sh.

@maintainer-s-little-helper

This comment has been minimized.

Sign in to view
@pchaigno pchaigno added area/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. area/loader Impacts the loading of BPF programs into the kernel. release-note/misc This PR makes changes that have no direct user impact. labels May 19, 2020
@pchaigno pchaigno force-pushed the pr/pchaigno/load-cilium_net-from-golang branch from bb2a2a9 to bf7ce2e Compare May 20, 2020 17:48
@coveralls
Copy link

coveralls commented May 20, 2020
edited
Loading

Coverage Status

Coverage decreased (-0.04%) to 36.804% when pulling e1ad5fe on pr/pchaigno/load-cilium_net-from-golang into 5e5c626 on master.

@pchaigno pchaigno marked this pull request as ready for review May 21, 2020 10:13
@pchaigno pchaigno requested review from a team May 21, 2020 10:13
@vadorovsky vadorovsky added the dont-merge/needs-rebase This PR needs to be rebased because it has merge conflicts. label May 25, 2020
@pchaigno pchaigno force-pushed the pr/pchaigno/load-cilium_net-from-golang branch from bf7ce2e to c3a8d22 Compare May 25, 2020 10:44
@pchaigno pchaigno removed the dont-merge/needs-rebase This PR needs to be rebased because it has merge conflicts. label May 25, 2020
@pchaigno pchaigno force-pushed the pr/pchaigno/load-cilium_net-from-golang branch from c3a8d22 to d12a28e Compare May 26, 2020 08:36
joestringer
joestringer approved these changes May 26, 2020
View reviewed changes
@pchaigno
Copy link
Member Author

Privileged unit tests need fixing 😞

@pchaigno pchaigno marked this pull request as draft May 27, 2020 19:12
@pchaigno pchaigno force-pushed the pr/pchaigno/load-cilium_net-from-golang branch 2 times, most recently from 289f009 to 543c95d Compare May 29, 2020 20:08
@pchaigno
loader: Attach bpf_host to cilium_net from Golang
e1ad5fe 
Attach bpf_host to the second host device (i.e., cilium_net) from
Golang, as part of the host endpoint's datapath loading, instead of
doing it from init.sh.

Doing so has the following benefits:
- We compile one less time because we only need to patch the object file
  on the Go side.
- It simplifies the weird dance around includes in bpf_host.c.
- It moves more code out of init.sh.

Signed-off-by: Paul Chaignon <paul@cilium.io>
@pchaigno pchaigno force-pushed the pr/pchaigno/load-cilium_net-from-golang branch from 543c95d to e1ad5fe Compare May 29, 2020 20:10
@pchaigno
Copy link
Member Author

I was initially planning to go the long road and add support for the full host endpoint compilation+loading in the unit tests, but I'd like to get this PR into v1.8. The compilation+loading is well covered in the e2e tests anyway.

In a nutshell: the host endpoint is a bit peculiar because it compiles and attached one object file to the first device, then patches it to attach to subsequent devices. However, in the unit tests, we compile and load dummy object files (e.g., with test_cilium_xxx_65535 map names). Instead of testing the full host endpoint compilation+loading (i.e., with the patching for other devices), this PR takes the shorter option of skipping other devices for now. This is not a regression since code in init.sh isn't unit tested either.

@pchaigno pchaigno marked this pull request as ready for review May 29, 2020 20:33
@pchaigno
Copy link
Member Author

retest-gke

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label May 30, 2020
@pchaigno pchaigno mentioned this pull request Jun 1, 2020
Closed
34 tasks
@aanm aanm merged commit 1256a13 into master Jun 2, 2020
@aanm aanm deleted the pr/pchaigno/load-cilium_net-from-golang branch June 2, 2020 08:52
@tklauser tklauser mentioned this pull request Jun 3, 2020
Merged
@pchaigno pchaigno added the area/host-firewall Impacts the host firewall or the host endpoint. label Jul 20, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joestringer joestringer joestringer approved these changes

@aanm aanm aanm approved these changes

Assignees
No one assigned
Labels
area/datapath Impacts bpf/ or low-level forwarding details, including map management and monitor messages. area/host-firewall Impacts the host firewall or the host endpoint. area/loader Impacts the loading of BPF programs into the kernel. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@pchaigno @coveralls @joestringer @aanm @tklauser @vadorovsky