search

antrea-io / antrea

Kubernetes networking based on Open vSwitch
https://antrea.io
Apache License 2.0
1.67k stars 367 forks source link

BGP Antctl commands #6209

Closed rajnkamr closed 1 week ago

rajnkamr commented 7 months ago

antctl agent command to -

antctl get bgproutes --peer <peer-ip-address> --in or(--out) for received or advertised routes respectively.

roopeshsn commented 3 months ago

Hi, @Atish-iaf! If you're already working on this issue, I would like to be a part of it.

CC: @rajnkamr

hongliangl commented 2 months ago

antctl agent command to -

  • [ ] get effective BGPPolicy name. It is nice to also have some basic info about it like LocalASN, RouterID, ListenPort. antctl get bgppolicy(or get bp)

Maybe remove the alias bp, it is not a great short name. IMO, only outputting the effective BGPPolicy name is sufficient for this command.

  • [ ] get ASN, RouterID and ListenPort directly from local BGP server corresponding to effective BGPPolicy. It can be helpful in debugging when BGP server is not running properly or its configuration is different from effective BGPPolicy due to some unknown reason. antctl get bgpserver(or get bs)

Maybe remove the alias bs. The output of the command might contain:

  • [ ] get BGP Peers(known by their Address) added to effective BGPPolicy. It is nice to also have ASN and State of each BGP Peer which can be unknown, idle, active, established etc. antctl get bgppeers

I'm fine this with one.

  • [ ] get routes advertised by effective BGPPolicy. It is nice to also have Advertisement type for each advertised routes. AdvertisementType can be egress, service, pod or all (default all) antctl get bgproutes --type <AdvertisementType>

IIRC, we can only identify the routes received from remote peers as well as the routes sent to remote peers (by getting the routes from the bgpserver on a Node).

cc @antoninbas @tnqn

rajnkamr commented 2 months ago

Maybe remove the alias bp, it is not a great short name. IMO, only outputting the effective BGPPolicy name is sufficient for this command.

For effective policy we might want to have asn, router id and listen port details given that at one time only one bgp policy can be effective however multiple bgp policies could have been applied .

may be can add option to display only effective bgp policy name with antctl get bgppolicy and antctl get bgppolicy --detailsfor all other details ?

NAME              LOCAL ASN     ROUTER ID      LISTEN PORT
bgp-policy-1  64512               192.168.1.1       179
  • [ ] get ASN, RouterID and ListenPort directly from local BGP server corresponding to effective BGPPolicy. It can be helpful in debugging when BGP server is not running properly or its configuration is different from effective BGPPolicy due to some unknown reason. antctl get bgpserver(or get bs)

Maybe remove the alias bs. The output of the command might contain:

  • local listen port;
  • router ID;
  • local ASN;
  • other attributes of the config to start gobgp server added in the future.

* Usually this command is equivalent to gobgp global which gets information by calling gobgp apis may be add antctl get bgpserver --details for future expansion

AS: 64512
Router-ID: 192.168.1.1
Listening Port: 179
  • get BGP Peers(known by their Address) added to effective BGPPolicy. It is nice to also have ASN and State of each BGP Peer which can be unknown, idle, active, established etc. antctl get bgppeers

I'm fine this with one.

for antctl get bgppeers Usually this command can have more information in future but for now, peer, as and state should be ok to start with

Peer            AS       State     Uptime    Received  Advertised
192.168.2.2    64513  Establ    4d12h     24             13
192.168.3.3    64514  Establ    1d02h     18              15

IMO- can add another command to get bgp peer specific details using gobgp apis ( second phase) antctl get peer xyzsimilar to gobgp neighbor 192.168.255.1

  • get routes advertised by effective BGPPolicy. It is nice to also have Advertisement type for each advertised routes. AdvertisementType can be egress, service, pod or all (default all) antctl get bgproutes --type <AdvertisementType>

IIRC, we can only identify the routes received from remote peers as well as the routes sent to remote peers (by getting the routes from the bgpserver on a Node).

It seems it is possible to filter advertised routes, usually routes which starts with * are advertized routes ! from gobgp standard output gobgp global rib

Network              Next Hop             AS_PATH              Age        Attrs
*> 192.168.100.0/24     192.168.1.101                             00:00:06   [{Origin: i}]
antoninbas commented 2 months ago

What's the difference between "antctl get bgpolicy" and "antctl get bgprouter"? It's better to have fewer commands if possible.

For "antctl get bgproutes", we should have the ability to filter by peer. Filtering routes by "type", or being able to tie each route to a specific resource, sounds nice, but I wonder if it is worth it as it may increase the complexity of the implementation without adding too much value.

rajnkamr commented 2 months ago

What's the difference between "antctl get bgpolicy" and "antctl get bgprouter"? It's better to have fewer commands if possible.

antctl get bgpserver retrieves information from gobgp daemon.

rajnkamr commented 2 months ago

For "antctl get bgproutes", we should have the ability to filter by peer. Filtering routes by "type", or being able to tie each route to a specific resource, sounds nice, but I wonder if it is worth it as it may increase the complexity of the implementation without adding too much value.

Makes sense to me as for each bgp peer, a local rib is maintained which could be used to filter routes based on peer, we can have an extension of command antctl get bgproutes which could list all routes received from/sent to a peer antctl get bgproutes --peer <peer-ip-address>

antoninbas commented 2 months ago

What's the difference between "antctl get bgpolicy" and "antctl get bgprouter"? It's better to have fewer commands if possible.

antctl get bgpserver retrieves information from gobgp daemon.

In this case, I wonder if antctl get bgpserver should really be included, especially if we are going to include the gobgp binary in the antrea-agent image for troubleshooting purposes. The command is only useful if we assume there is a very obvious bug in either Antrea or gobgp?

rajnkamr commented 2 months ago

What's the difference between "antctl get bgpolicy" and "antctl get bgprouter"? It's better to have fewer commands if possible.

antctl get bgpserver retrieves information from gobgp daemon.

In this case, I wonder if antctl get bgpserver should really be included, especially if we are going to include the gobgp binary in the antrea-agent image for troubleshooting purposes. The command is only useful if we assume there is a very obvious bug in either Antrea or gobgp?

As it provides same information as provided by gobgp global, do not see a strong case for supporting antctl get bgpserver , also explained about command output in second section , we will drop this command.

luolanzone commented 1 week ago

@rajnkamr I suppose this issue can be closed now?

rajnkamr commented 1 week ago

Yes, antctl bgp PRs and follow up PR is also merged.