Move ut from bpf/ut to bpf/conntrack

olljanat · Jun 16, 2022 · b26e505 · b26e505
1 parent 09f141f
commit b26e505
Show file tree

Hide file tree

Showing 4 changed files with 43 additions and 183 deletions.
diff --git a/felix/bpf/conntrack/conntrack_test.go b/felix/bpf/conntrack/conntrack_test.go
@@ -28,6 +28,7 @@ import (
 	. "github.com/onsi/gomega"
 
 	"github.com/projectcalico/calico/felix/bpf/conntrack"
+	v2 "github.com/projectcalico/calico/felix/bpf/conntrack/v2"
 	"github.com/projectcalico/calico/felix/bpf/mock"
 )
 
@@ -262,3 +263,40 @@ var _ = Describe("BPF Conntrack StaleNATScanner", func() {
 		),
 	)
 })
+
+var _ = Describe("BPF Conntrack upgrade entries", func() {
+	k2 := v2.NewKey(1, net.ParseIP("10.0.0.1"), 0, net.ParseIP("10.0.0.2"), 0)
+	k3 := conntrack.NewKey(1, net.ParseIP("10.0.0.1"), 0, net.ParseIP("10.0.0.2"), 0)
+
+	v2Normal := v2.NewValueNormal(now-1, now-1, 0, v2.Leg{Seqno: 1000, SynSeen: true, Ifindex: 200}, v2.Leg{Seqno: 1001, RstSeen: true, Ifindex: 201})
+	v3Normal := conntrack.NewValueNormal(now-1, now-1, 0, conntrack.Leg{Seqno: 1000, SynSeen: true, Ifindex: 200}, conntrack.Leg{Seqno: 1001, RstSeen: true, Ifindex: 201})
+
+	v2NatReverse := v2.NewValueNATReverse(now-1, now-1, 0, v2.Leg{Seqno: 1000, SynSeen: true, Ifindex: 200}, v2.Leg{Seqno: 1001, RstSeen: true, Ifindex: 201}, net.IPv4(1, 2, 3, 4), net.IPv4(5, 6, 7, 8), 1234)
+	v3NatReverse := conntrack.NewValueNATReverse(now-1, now-1, 0, conntrack.Leg{Seqno: 1000, SynSeen: true, Ifindex: 200}, conntrack.Leg{Seqno: 1001, RstSeen: true, Ifindex: 201}, net.IPv4(1, 2, 3, 4), net.IPv4(5, 6, 7, 8), 1234)
+
+	v2NatRevSnat := v2.NewValueNATReverseSNAT(now-1, now-1, 0, v2.Leg{Seqno: 1000, SynSeen: true, Ifindex: 200}, v2.Leg{Seqno: 1001, RstSeen: true, Ifindex: 201}, net.IPv4(1, 2, 3, 4), net.IPv4(5, 6, 7, 8), net.IPv4(9, 10, 11, 12), 1234)
+	v3NatRevSnat := conntrack.NewValueNATReverseSNAT(now-1, now-1, 0, conntrack.Leg{Seqno: 1000, SynSeen: true, Ifindex: 200}, conntrack.Leg{Seqno: 1001, RstSeen: true, Ifindex: 201}, net.IPv4(1, 2, 3, 4), net.IPv4(5, 6, 7, 8), net.IPv4(9, 10, 11, 12), 1234)
+
+	v2NatFwd := v2.NewValueNATForward(now-1, now-1, 0, v2.NewKey(3, net.ParseIP("20.0.0.1"), 0, net.ParseIP("20.0.0.2"), 0))
+	v3NatFwd := conntrack.NewValueNATForward(now-1, now-1, 0, conntrack.NewKey(3, net.ParseIP("20.0.0.1"), 0, net.ParseIP("20.0.0.2"), 0))
+	DescribeTable("upgrade entries",
+		func(k2 v2.Key, v2 v2.Value, k3 conntrack.Key, v3 conntrack.Value) {
+			upgradedKey := k2.Upgrade()
+			upgradedValue := v2.Upgrade()
+			Expect(upgradedKey.AsBytes()).To(Equal(k3.AsBytes()))
+			Expect(upgradedValue.AsBytes()).To(Equal(v3.AsBytes()))
+		},
+		Entry("conntrack normal entry",
+			k2, v2Normal, k3, v3Normal,
+		),
+		Entry("conntrack nat rev entry",
+			k2, v2NatReverse, k3, v3NatReverse,
+		),
+		Entry("conntrack nat rev entry",
+			k2, v2NatRevSnat, k3, v3NatRevSnat,
+		),
+		Entry("conntrack nat rev entry",
+			k2, v2NatFwd, k3, v3NatFwd,
+		),
+	)
+})
diff --git a/felix/bpf/ut/map_upgrade_test.go b/felix/bpf/ut/map_upgrade_test.go
@@ -20,12 +20,7 @@ import (
 
 	. "github.com/onsi/gomega"
 
-	"net"
-	"time"
-
 	"github.com/projectcalico/calico/felix/bpf"
-	"github.com/projectcalico/calico/felix/bpf/conntrack"
-	conntrackv2 "github.com/projectcalico/calico/felix/bpf/conntrack/v2"
 	mock "github.com/projectcalico/calico/felix/bpf/mock/multiversion"
 	v2 "github.com/projectcalico/calico/felix/bpf/mock/multiversion/v2"
 	v3 "github.com/projectcalico/calico/felix/bpf/mock/multiversion/v3"
@@ -387,176 +382,3 @@ func TestMapUpgradeWhileResizeInProgress(t *testing.T) {
 	deleteMap(mockMapv2)
 	deleteMap(mockMapv5)
 }
-
-func TestCtMapUpgradeWithNATFwdEntries(t *testing.T) {
-	RegisterTestingT(t)
-	ctMap.(*bpf.PinnedMap).Close()
-	os.Remove(ctMap.Path())
-	mc := &bpf.MapContext{}
-	// create version 2 map
-	ctMapV2 := conntrack.MapV2(mc)
-	err := ctMapV2.EnsureExists()
-	Expect(err).NotTo(HaveOccurred(), "Failed to create version2 ct map")
-
-	created := time.Duration(1)
-	lastSeen := time.Duration(2)
-	flags := conntrack.FlagNATOut | conntrack.FlagSkipFIB
-	k := conntrackv2.NewKey(1, net.ParseIP("10.0.0.1"), 0, net.ParseIP("10.0.0.2"), 0)
-	revKey := conntrackv2.NewKey(1, net.ParseIP("10.0.0.2"), 0, net.ParseIP("10.0.0.3"), 0)
-	v := conntrackv2.NewValueNATForward(created, lastSeen, flags, revKey)
-	v.SetNATSport(uint16(4000))
-	err = ctMapV2.Update(k.AsBytes(), v[:])
-	Expect(err).NotTo(HaveOccurred())
-
-	ctMapMemV2, err := conntrackv2.LoadMapMem(ctMapV2)
-	Expect(err).NotTo(HaveOccurred())
-
-	ctMapV3 := conntrack.Map(mc)
-	err = ctMapV3.EnsureExists()
-	Expect(err).NotTo(HaveOccurred(), "Failed to create ct map")
-
-	ctMapMemV3 := saveCTMap(ctMapV3)
-	Expect(len(ctMapMemV3)).To(Equal(len(ctMapMemV2)))
-
-	k3 := conntrack.NewKey(1, net.ParseIP("10.0.0.1"), 0, net.ParseIP("10.0.0.2"), 0)
-	value3 := ctMapMemV3[k3]
-
-	revKey3 := conntrack.NewKey(1, net.ParseIP("10.0.0.2"), 0, net.ParseIP("10.0.0.3"), 0)
-	Expect(value3.Created()).To(Equal(int64(1)))
-	Expect(value3.LastSeen()).To(Equal(int64(2)))
-	Expect(value3.Flags()).To(Equal(flags))
-	Expect(value3.ReverseNATKey()).To(Equal(revKey3))
-	Expect(value3.NATSPort()).To(Equal(uint16(4000)))
-
-	ctMapV2.(*bpf.PinnedMap).Close()
-	ctMapV3.(*bpf.PinnedMap).Close()
-
-	os.Remove(ctMapV2.Path())
-	os.Remove(ctMapV3.Path())
-	for _, m := range allMaps {
-		err := m.EnsureExists()
-		Expect(err).NotTo(HaveOccurred())
-	}
-}
-
-func TestCtMapUpgradeWithNATRevEntries(t *testing.T) {
-	RegisterTestingT(t)
-	ctMap.(*bpf.PinnedMap).Close()
-	os.Remove(ctMap.Path())
-	mc := &bpf.MapContext{}
-	// create version 2 map
-	ctMapV2 := conntrack.MapV2(mc)
-	err := ctMapV2.EnsureExists()
-	Expect(err).NotTo(HaveOccurred(), "Failed to create version2 ct map")
-
-	var created, lastSeen time.Duration
-	flags := conntrack.FlagNATOut | conntrack.FlagSkipFIB
-	tunIP := net.IP{20, 0, 0, 1}
-	origIP := net.IP{30, 0, 0, 1}
-	origPort := uint16(4000)
-	origSport := uint16(5000)
-	k := conntrackv2.NewKey(1, net.ParseIP("10.0.0.1"), 0, net.ParseIP("10.0.0.2"), 0)
-	created = time.Duration(1)
-	lastSeen = time.Duration(2)
-	seqNoAB := uint32(1000)
-	ifIndexAB := uint32(2000)
-	seqNoBA := uint32(1001)
-	ifIndexBA := uint32(2001)
-	legAB := conntrackv2.Leg{Seqno: seqNoAB, SynSeen: true, AckSeen: false, FinSeen: true, RstSeen: false, Whitelisted: true, Opener: false, Ifindex: ifIndexAB}
-	legBA := conntrackv2.Leg{Seqno: seqNoBA, SynSeen: false, AckSeen: true, FinSeen: false, RstSeen: true, Whitelisted: false, Opener: true, Ifindex: ifIndexBA}
-	v := conntrackv2.NewValueNATReverse(created, lastSeen, flags, legAB, legBA, tunIP, origIP, uint16(origPort))
-	v.SetOrigSport(origSport)
-	err = ctMapV2.Update(k.AsBytes(), v[:])
-	Expect(err).NotTo(HaveOccurred())
-
-	ctMapMemV2, err := conntrackv2.LoadMapMem(ctMapV2)
-	Expect(err).NotTo(HaveOccurred())
-
-	ctMapV3 := conntrack.Map(mc)
-	err = ctMapV3.EnsureExists()
-	Expect(err).NotTo(HaveOccurred(), "Failed to create ct map")
-
-	ctMapMemV3 := saveCTMap(ctMapV3)
-	Expect(len(ctMapMemV3)).To(Equal(len(ctMapMemV2)))
-
-	k3 := conntrack.NewKey(1, net.ParseIP("10.0.0.1"), 0, net.ParseIP("10.0.0.2"), 0)
-	value3 := ctMapMemV3[k3]
-	legAB3 := conntrack.Leg{Seqno: seqNoAB, SynSeen: true, AckSeen: false, FinSeen: true, RstSeen: false, Whitelisted: true, Opener: false, Ifindex: ifIndexAB}
-	legBA3 := conntrack.Leg{Seqno: seqNoBA, SynSeen: false, AckSeen: true, FinSeen: false, RstSeen: true, Whitelisted: false, Opener: true, Ifindex: ifIndexBA}
-	expectedValue := conntrack.NewValueNATReverse(created, lastSeen, flags, legAB3, legBA3, tunIP, origIP, uint16(origPort))
-	expectedValue.SetOrigSport(origSport)
-	Expect(value3).To(Equal(expectedValue))
-	ctMapV2.(*bpf.PinnedMap).Close()
-	ctMapV3.(*bpf.PinnedMap).Close()
-
-	os.Remove(ctMapV2.Path())
-	os.Remove(ctMapV3.Path())
-	for _, m := range allMaps {
-		err := m.EnsureExists()
-		Expect(err).NotTo(HaveOccurred())
-	}
-}
-
-func TestCtMapUpgradeWithNormalEntries(t *testing.T) {
-	RegisterTestingT(t)
-	ctMap.(*bpf.PinnedMap).Close()
-	os.Remove(ctMap.Path())
-
-	mc := &bpf.MapContext{}
-	// create version 2 map
-	ctMapV2 := conntrack.MapV2(mc)
-	err := ctMapV2.EnsureExists()
-	Expect(err).NotTo(HaveOccurred(), "Failed to create version2 ct map")
-
-	var created, lastSeen time.Duration
-	flags := conntrack.FlagNATOut | conntrack.FlagSkipFIB
-	for n := 0; n < 2; n++ {
-		k := conntrackv2.NewKey(1, net.ParseIP("10.0.0.1"), uint16(n), net.ParseIP("10.0.0.2"), uint16(n>>16))
-		created = time.Duration(1 + int64(n))
-		lastSeen = time.Duration(2 + int64(n))
-		seqNoAB := 1000 + uint32(n)
-		ifIndexAB := 2000 + uint32(n)
-		seqNoBA := 1001 + uint32(n)
-		ifIndexBA := 2001 + uint32(n)
-		legAB := conntrackv2.Leg{Seqno: seqNoAB, SynSeen: true, AckSeen: false, FinSeen: true, RstSeen: false, Whitelisted: true, Opener: false, Ifindex: ifIndexAB}
-		legBA := conntrackv2.Leg{Seqno: seqNoBA, SynSeen: false, AckSeen: true, FinSeen: false, RstSeen: true, Whitelisted: false, Opener: true, Ifindex: ifIndexBA}
-		v := conntrackv2.NewValueNormal(created, lastSeen, flags, legAB, legBA)
-		err := ctMapV2.Update(k.AsBytes(), v[:])
-		Expect(err).NotTo(HaveOccurred())
-	}
-
-	ctMapMemV2, err := conntrackv2.LoadMapMem(ctMapV2)
-	Expect(err).NotTo(HaveOccurred())
-
-	ctMapV3 := conntrack.Map(mc)
-	err = ctMapV3.EnsureExists()
-	Expect(err).NotTo(HaveOccurred(), "Failed to create ct map")
-
-	ctMapMemV3 := saveCTMap(ctMapV3)
-	Expect(len(ctMapMemV3)).To(Equal(len(ctMapMemV2)))
-
-	for n := 0; n < 2; n++ {
-		k := conntrack.NewKey(1, net.ParseIP("10.0.0.1"), uint16(n), net.ParseIP("10.0.0.2"), uint16(n>>16))
-		value := ctMapMemV3[k]
-		created = time.Duration(1 + int64(n))
-		lastSeen = time.Duration(2 + int64(n))
-		seqNoAB := 1000 + uint32(n)
-		ifIndexAB := 2000 + uint32(n)
-		seqNoBA := 1001 + uint32(n)
-		ifIndexBA := 2001 + uint32(n)
-		legAB := conntrack.Leg{Seqno: seqNoAB, SynSeen: true, AckSeen: false, FinSeen: true, RstSeen: false, Whitelisted: true, Opener: false, Ifindex: ifIndexAB}
-		legBA := conntrack.Leg{Seqno: seqNoBA, SynSeen: false, AckSeen: true, FinSeen: false, RstSeen: true, Whitelisted: false, Opener: true, Ifindex: ifIndexBA}
-		expectedValue := conntrack.NewValueNormal(created, lastSeen, flags, legAB, legBA)
-		Expect(value).To(Equal(expectedValue))
-	}
-
-	ctMapV2.(*bpf.PinnedMap).Close()
-	ctMapV3.(*bpf.PinnedMap).Close()
-
-	os.Remove(ctMapV2.Path())
-	os.Remove(ctMapV3.Path())
-	for _, m := range allMaps {
-		err := m.EnsureExists()
-		Expect(err).NotTo(HaveOccurred())
-	}
-}
diff --git a/felix/cmd/calico-bpf/commands/conntrack.go b/felix/cmd/calico-bpf/commands/conntrack.go
@@ -399,7 +399,7 @@ type conntrackWriteCmd struct {
 func newConntrackWriteCmd() *cobra.Command {
 	cmd := &conntrackWriteCmd{
 		Command: &cobra.Command{
-			Use:   "write [<version>] <key> <value>",
+			Use:   "write <key> <value> [<version>]",
 			Short: "write a key-value pair, each encoded in base64",
 		},
 	}

diff --git a/felix/fv/bpf_map_upgrade_test.go b/felix/fv/bpf_map_upgrade_test.go
@@ -75,7 +75,7 @@ var _ = infrastructure.DatastoreDescribe("_BPF-SAFE_ Felix bpf test conntrack ma
 		key64 := base64.StdEncoding.EncodeToString(key[:])
 
 		// write a normal key
-		felixes[0].Exec("calico-bpf", "conntrack", "write", "2", key64, val64)
+		felixes[0].Exec("calico-bpf", "conntrack", "write", key64, val64, "2")
 
 		k3Normal := conntrack.NewKey(6, srcIP, 0, dstIP, 0)
 		leg3Normal := conntrack.Leg{SynSeen: true, AckSeen: true, Opener: true}
@@ -89,7 +89,7 @@ var _ = infrastructure.DatastoreDescribe("_BPF-SAFE_ Felix bpf test conntrack ma
 		val.SetNATSport(4321)
 		val64 = base64.StdEncoding.EncodeToString(val[:])
 
-		felixes[0].Exec("calico-bpf", "conntrack", "write", "2", key64, val64)
+		felixes[0].Exec("calico-bpf", "conntrack", "write", key64, val64, "2")
 		k3NatFwd := conntrack.NewKey(11, srcIP, 0, dstIP, 0)
 		val3NatFwd := conntrack.NewValueNATForward(now, now, 0, k3NatFwd)
 		val3NatFwd.SetNATSport(4321)
@@ -103,7 +103,7 @@ var _ = infrastructure.DatastoreDescribe("_BPF-SAFE_ Felix bpf test conntrack ma
 		val = v2.NewValueNATReverse(now, now, 0, leg, leg, tunIP, origIP, 1234)
 		val64 = base64.StdEncoding.EncodeToString(val[:])
 
-		felixes[0].Exec("calico-bpf", "conntrack", "write", "2", key64, val64)
+		felixes[0].Exec("calico-bpf", "conntrack", "write", key64, val64, "2")
 		k3NatRev := conntrack.NewKey(11, srcIP, 0, dstIP, 0)
 		val3NatRev := conntrack.NewValueNATReverse(now, now, 0, leg3Normal, leg3Normal, tunIP, origIP, 1234)
 
@@ -118,7 +118,7 @@ var _ = infrastructure.DatastoreDescribe("_BPF-SAFE_ Felix bpf test conntrack ma
 		val = v2.NewValueNATReverseSNAT(now, now, 0, leg, leg, tunIP, origIP, origSIP, 1234)
 		val64 = base64.StdEncoding.EncodeToString(val[:])
 
-		felixes[0].Exec("calico-bpf", "conntrack", "write", "2", key64, val64)
+		felixes[0].Exec("calico-bpf", "conntrack", "write", key64, val64, "2")
 		k3NatRevSnat := conntrack.NewKey(11, srcIP, 0, dstIP, 0)
 		val3NatRevSnat := conntrack.NewValueNATReverseSNAT(now, now, 0, leg3Normal, leg3Normal, tunIP, origIP, origSIP, 1234)