Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(vxlan):detect vtep mac addr change #8924

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(vxlan):detect vtep mac addr change #8924

wants to merge 1 commit into from

Conversation

MageekChiu
Copy link

@MageekChiu MageekChiu commented Jun 18, 2024
edited by caseydavenport
Loading

There are roughly two cases when our vtep(vxlan.calico) mac address gets messed up:

  1. Someone or some third-party component may modify the mac address of vtep on a node
  2. When a node left the cluster and didn't get properly cleaned, the old mac address may stuck, and then the node rejoin the cluster and the vtep gets a new mac address assigned(but not executed).

In both case, calico-node wouldn't be able to pull up new vtep and network on the node would be broken(eg. any request from workload on this node to other workload inside the cluster won't succeed). So we need to detect mac address changes and retry pulling up vtep to make sure network not broken.

Calico now reconciles its VXLAN tunnel interface MAC address if it changes.

@MageekChiu
fix(vxlan):detect vtep mac addr change
ca42fa7 
There are roughly two cases when our vtep(vxlan.calico) mac address gets messed up: 1. someone or some third-party component may modify the mac address of vtep on a node 2. when a  node left the cluster and didn't get properly cleaned, the old mac address may stuck, and then the node rejoin the cluster and the vtep gets a new mac address assigned(but not executed). In both case, calico-node wouldn't be able to pull up new vtep and network on the node would be broken(eg. any request from workload on this node to other workload inside the cluster won't succeed). So we need to detect mac address changes and retry pulling up vtep to make sure network not broken.
@MageekChiu MageekChiu requested a review from a team as a code owner June 18, 2024 08:56
@marvin-tigera marvin-tigera added this to the Calico v3.29.0 milestone Jun 18, 2024
@marvin-tigera marvin-tigera added release-note-required Change has user-facing impact (no matter how small) docs-pr-required Change is not yet documented labels Jun 18, 2024
@CLAassistant
Copy link

CLAassistant commented Jun 18, 2024
edited
Loading

CLA assistant check
All committers have signed the CLA.

caseydavenport
caseydavenport approved these changes Jun 18, 2024
View reviewed changes
Copy link
Member

@caseydavenport caseydavenport left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me, thanks @MageekChiu!

@caseydavenport
Copy link
Member

/sem-approve

@caseydavenport caseydavenport added the docs-not-required Docs not required for this change label Jun 18, 2024
@marvin-tigera marvin-tigera removed the docs-pr-required Change is not yet documented label Jun 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@caseydavenport caseydavenport caseydavenport approved these changes

Assignees
No one assigned
Labels
docs-not-required Docs not required for this change merge-when-ready release-note-required Change has user-facing impact (no matter how small)
Projects
None yet
Milestone
Calico v3.29.0
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@MageekChiu @CLAassistant @caseydavenport @marvin-tigera