Have CNI assume mtu from eth0

[faiq]

As per my conversation with @aojea in the following issue We figured the best path going forward would be to auto configure the MTU of kindnet from the host's device

This pull request replaces the one here
#1686

[k8s-ci-robot]

Hi @faiq. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[aojea]

why do you think we should change the default?

[faiq]

We could allow the kernel to set the default, as documented here: https://github.com/containernetworking/plugins/tree/master/plugins/main/ptp#example-network-configuration

I've typically found that mtu is configured to 1500, which has been problematic for many people.

Maybe it should be 1400 instead.

[aojea]

I prefer to keep current behaviour, and allow the kernel to set it

[aojea]

/ok-to-test

[BenTheElder]

explicit +1 on the approach, btw, since I neglected to put that in github anywhere.
will take a closer look soon.

[aojea]

ping @faiq , it's only missing not defaulting the mtu to 1480, maybe just not inserting that field in the json if we can't get the MTU value from eth0 is enough.

please disregard my other comment #1690 (comment)

[faiq]

Thanks for the ping @aojea. I'll be completing this one today. I believe we just need to template it if we get an error from getting the MTU from eth0. We might need to log this error as well for anyone looking to debug why their MTU isn't being set. Thoughts?

[aojea]

Thanks for the ping @aojea. I'll be completing this one today. I believe we just need to template it if we get an error from getting the MTU from eth0. We might need to log this error as well for anyone looking to debug why their MTU isn't being set. Thoughts?

yeah, that sounds nice, what about something like

klog.Infof("Failed to get MTU size from interface eth0, using kernel default MTU size")

[aojea]

@BenTheElder if I read it correctly this is going to be executed periodically, can you confirm?

I don't like the idea of iterating over the interfaces periodically, it can cause issues, I had issue with the net library before.
Should be better to try to get the mtu only once? in the main loop? and pass it as a parameter of ComputeCNIConfigInputs?

[faiq]

Actually, yes it will be computed multiple times and I think it's a more sound approach to compute this once.

[faiq]

/retest

[BenTheElder]

init() and global data is a big anti-pattern.
mtu should be plumbed down from main.

[faiq]

I didn't realize this was an anti-pattern, sorry. If you have a quick article on best practices, I'd love to read it! If not, no sweat.

I can pull it down from main, but I think it would need to go in makeNodesReconciler as an extra parameter which then propagates to the ComputeCNIConfigInputs function.

Alternatively we can put mtu as a field in CNIConfigWriter and in this method func (c *CNIConfigWriter) Write(inputs CNIConfigInputs)

we can have inputs.Mtu = c.mtu

Let me know what you would prefer.

[aojea]

I lean to the CNIConfigWriter since mtu only matter to that type.
what do you think Ben?

[BenTheElder]

no sweat :-)
I would say "avoid globals" is a good practice for all languages, I don't have a reference handy just this moment though, sorry.

init is best avoided in code because it's both global behavior and unpredictable import side-effects (importing the package causes this code to be run during the binary startup, in some random order versus other packages)

CNIConfigWriter makes sense to me 👍

[BenTheElder]

https://stackoverflow.com/a/56039373 is a pretty decent short reference on this point specifically 😅

[faiq]

/retest

[aojea]

if the eth0 interface is not found mtu will be 0,
and {{if .Mtu}}, will skip this based on the go template docs

{{if pipeline}} T1 {{end}}
	If the value of the pipeline is empty, no output is generated;
	otherwise, T1 is executed. The empty values are false, 0, any
	nil pointer or interface value, and any array, slice, map, or
	string of length zero.
	Dot is unaffected.

[faiq]

Yes, and then it will default to the ptp behavior of being set by the kernel. I thought that's what we wanted #1690 (comment)

In the docs it says it is an optional field and will be set by Kernel if its not there: https://github.com/containernetworking/plugins/tree/master/plugins/main/ptp#network-configuration-reference

Network configuration reference
name (string, required): the name of the network
type (string, required): "ptp"
ipMasq (boolean, optional): set up IP Masquerade on the host for traffic originating from ip of this network and destined outside of this network. Defaults to false.
mtu (integer, optional): explicitly set MTU to the specified value. Defaults to value chosen by the kernel.
ipam (dictionary, required): IPAM configuration to be used for this network.
dns (dictionary, optional): DNS information to return as described in the Result.

[aojea]

right, perfect

[aojea]

this looks good now, thanks for your patience.
Do you mind squashing all commits?

[faiq]

I can squash all the commits, sure.

[aojea]

/retest
/lgtm
thanks

[faiq]

/retest

[aojea]

/retest

[aojea]

tested locally and works

3: eth0@if5: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1400 qdisc noqueue 

root@kind-control-plane:/# crictl logs f438b5bc17747
I0702 08:52:26.361506       1 main.go:65] hostIP = 172.18.0.2
podIP = 172.18.0.2
I0702 08:52:26.361748       1 main.go:74] setting mtu 1400 for CNI 

[BenTheElder]

Sorry I was out the end of last week (holidays at employer / USA). Looking at this again now.

[BenTheElder]

rebased to HEAD and pushed a kindnetd image
/lgtm
/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: BenTheElder, faiq

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [BenTheElder]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[BenTheElder]

/retest
Test pod didn't start. CI issue.

[BenTheElder]

thanks for this!