hubble: implement peer service, enable it locally

[rolinh]

Please, see individual commits for details.

[coveralls]

Coverage increased (+0.1%) to 44.74% when pulling 0c5a9e9 on pr/rolinh/hubble-peer into 531e61f on master.

[michi-covalent]

the change looks good, but it wasn't clear to me how i can test this in my cluster. i guess nobody is actually calling rpc Notify(NotifyRequest) yet?

[rolinh]

the change looks good, but it wasn't clear to me how i can test this in my cluster.

You can use a gRPC client. For example, with grpcurl, you can invoke the service like this from the root of the git repository:

$ grpcurl -import-path api/v1/peer -proto peer.proto -unix -plaintext /var/run/cilium/hubble.sock peer.Peer.Notify
{
  "name": "runtime1",
  "address": "10.0.2.15",
  "type": "PEER_ADDED"
}

Note that this call "blocks". So one way to test this is to invoke this command then add/remove nodes from your cluster. Of course, the cilium-agent needs the --enable-hubble flag.

i guess nobody is actually calling rpc Notify(NotifyRequest) yet?

Not yet. I have an in-development version of hubble-proxy hubble-relay that is using this service but this will be for a follow-up PR once this one is merged.

[aanm]

Nit, consider using an interface instead of implementation.

[rolinh]

Yup, this is required for testing, like mentioned in the struct comment just above. If it's fine with you, I'll add an interface in pkg/node/manager/manager.go.

[aanm]

The interface could be defined here, not in pkg/node/manager/manager.go, this allows you to not need to import pkg/node/manager in this package.

[rolinh]

I've added the interface with this commit faae24149afbb9da49688945123c09a79716f903 already and implemented tests of the service.
I think that importing the interface from pkg/node/manager is not so bad because it's otherwise really hard to understand who implements it if you're not familiar enough with cilium's codebase.

[aanm]

@rolinh there are tools built for that purpose [0] so there's no point in keeping the interfaces in the same place as 1 of the implementations. What happens if in the future we will have a different node manager that implements the same interface? Where will the interface live?

[0] https://docs.google.com/document/d/1_Y9xCEMj5S-7rv2ooHpZNH15JgRT5iM742gJkw5LtmQ/edit#heading=h.f6hyappclfor

[rolinh]

I don't mind moving the interface to pkg/hubble/peer if you have strong feelings about it; I don't think it matters much.

[rolinh]

The interface could be defined here, not in pkg/node/manager/manager.go, this allows you to not need to import pkg/node/manager in this package.

BTW, by moving the interface to pkg/hubble/peer I could save on importing pkg/node/manager but then I'll have to import pkg/datapath as it's required for the interface definition. I'm not "saving" on import anyway.

[gandro]

Awesome! I do see an issue with blocking the Node Manager which I think must be addressed, but all my other comments are just comments and don't require any action.

[gandro]

stream.Send() can block (it does I/O). Which means the unbuffered h.C channel causes the NodeManager to be blocked as well in h.Node{Add,Update,Delete}.

[aanm]

Why isn't a context.Context part of the Send parameters?

[rolinh]

Because the ServerStream interface doesn't use a context.Context. SendMsg() is used by Send(), as can be seen in the generated code in peer.pb.go:

type Peer_NotifyServer interface {
	Send(*ChangeNotification) error
	grpc.ServerStream
}

type peerNotifyServer struct {
	grpc.ServerStream
}

func (x *peerNotifyServer) Send(m *ChangeNotification) error {
	return x.ServerStream.SendMsg(m)
}

The interface defines a context but it's global to ServerStream.

[rolinh]

@gandro I have added a test that simulates a blocked send (TestService_NotifyWithBlockedSend) and it failed (which is good as it tests what we want).

To fix the problem and have the test pass, I've added small buffer (of size 10 by default but this is configurable through service options) that, when full, triggers the server to stop steaming to the client.
This eventually pushes the problem back to the client which will have to call Notify() again in such a case. I don't think it's a problem overall because upon calling Notify(), the client receives the list of all peers before receiving continuous updates so maintaining a local cache client-side is easy.

Please, have a look again at the Notify() implementation and tell me if you think this way of handling the problem is OK.

[gandro]

Awesome, yes, the code itself looks good! 🎉 We have to get a bit of experience with this, because I honestly have no clue how big the buffer size should be.

[rolinh]

We have to get a bit of experience with this, because I honestly have no clue how big the buffer size should be.

Neither do I. I assumed that since the connection is over a local unix domain socket, a buffer of 10 should be sufficient. I also don't want to make it unnecessarily large because if the caller can't keep up then there's probably a problem elsewhere.

[michi-covalent]

@rolinh ok it passed my rigorous testing of scaling nodepool size from 1 to 3 and then scaling it back down to 1:

# ./grpcurl -import-path api/v1/peer -proto peer.proto -unix -plaintext /var/run/cilium/hubble.sock peer.Peer.Notify
{
  "name": "gke-michi-default-pool-87b89101-ljbs",
  "address": "10.138.0.53",
  "type": "PEER_ADDED"
}
{
  "name": "gke-michi-default-pool-87b89101-4r14",
  "address": "10.138.0.55",
  "type": "PEER_ADDED"
}
{
  "name": "gke-michi-default-pool-87b89101-lwrc",
  "address": "10.138.0.56",
  "type": "PEER_ADDED"
}
{
  "name": "gke-michi-default-pool-87b89101-4r14",
  "address": "10.138.0.55",
  "type": "PEER_DELETED"
}
{
  "name": "gke-michi-default-pool-87b89101-lwrc",
  "address": "10.138.0.56",
  "type": "PEER_DELETED"
}

[aanm]

The interface could be defined here, not in pkg/node/manager/manager.go, this allows you to not need to import pkg/node/manager in this package.

[aanm]

Why isn't a context.Context part of the Send parameters?

[rolinh]

test-me-please

EDIT: test flake

[rolinh]

restart-ginkgo

EDIT: hit flake again

[gandro]

Awesome, yes, the code itself looks good! 🎉 We have to get a bit of experience with this, because I honestly have no clue how big the buffer size should be.

[rolinh]

restart-ginkgo

EDIT: yet another flake :(
EDIT2: just rebased against latest master

[rolinh]

test-me-please

EDIT: update to adapt to changes from e99049f

[rolinh]

test-me-please

EDIT: rebased against master again to fix conflict introduced by f332fb5

[rolinh]

test-me-please

[nebril]

test-gke

[nebril]

test-gke

[rolinh]

Rebased against master to fix conflict with fef319a.

[rolinh]

test-me-please

[nebril]

test-gke

[rolinh]

Found a bug in the peer service implementation where the wrong context.Background() was used instead of the existing ctx.

[rolinh]

test-me-please

[rolinh]

rebased against master, fixed test failure uncovered by the context fix.

[rolinh]

test-me-please

[nebril]

test-gke

[nebril]

test-gke

Edit: looks like it timed out: https://jenkins.cilium.io/job/Cilium-PR-K8s-GKE/546/execution/node/112/log/

[christarazi]

LGTM!

[christarazi]

test-gke

[rolinh]

The GKE test was running for 10+ hours and stuck at this step (CI issue):

[Pipeline] Start of Pipeline
[Pipeline] node
Still waiting to schedule task
‘jenkins-node-gke-fixed0’ is offline

[rolinh]

test-gke