API: add graceful restart support

//TODO(karampok): what immutable field means in ffr-k8s Signed-off-by: karampok <[email protected]>
metallb · Jul 1, 2024 · 9d64c4c · 9d64c4c
1 parent db0cb1c
commit 9d64c4c
Show file tree

Hide file tree

Showing 28 changed files with 182 additions and 39 deletions.
diff --git a/API-DOCS.md b/API-DOCS.md
@@ -263,6 +263,7 @@ _Appears in:_
 | `connectTime` _[Duration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v/#duration-v1-meta)_ | Requested BGP connect time, controls how long BGP waits between connection attempts to a neighbor. |  |  |
 | `ebgpMultiHop` _boolean_ | EBGPMultiHop indicates if the BGPPeer is multi-hops away. |  |  |
 | `bfdProfile` _string_ | BFDProfile is the name of the BFD Profile to be used for the BFD session associated<br />to the BGP session. If not set, the BFD session won't be set up. |  |  |
+| `enableGracefulRestart` _boolean_ | EnableGracefulRestart allows BGP peer to continue to forward data packets along<br />known routes while the routing protocol information is being restored.<br />This field is immutable because it requires restart of the BGP session |  |  |
 | `toAdvertise` _[Advertise](#advertise)_ | ToAdvertise represents the list of prefixes to advertise to the given neighbor<br />and the associated properties. |  |  |
 | `toReceive` _[Receive](#receive)_ | ToReceive represents the list of prefixes to receive from the given neighbor. |  |  |
 | `disableMP` _boolean_ | To set if we want to disable MP BGP that will separate IPv4 and IPv6 route exchanges into distinct BGP sessions. | false |  |

diff --git a/api/v1beta1/frrconfiguration_types.go b/api/v1beta1/frrconfiguration_types.go
@@ -143,6 +143,12 @@ type Neighbor struct {
 	// +optional
 	BFDProfile string `json:"bfdProfile,omitempty"`
 
+	// EnableGracefulRestart allows BGP peer to continue to forward data packets along
+	// known routes while the routing protocol information is being restored.
+	// This field is immutable because it requires restart of the BGP session
+	// +optional
+	EnableGracefulRestart bool `json:"enableGracefulRestart,omitempty"`
+
 	// ToAdvertise represents the list of prefixes to advertise to the given neighbor
 	// and the associated properties.
 	// +optional

diff --git a/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml b/charts/frr-k8s/charts/crds/templates/frrk8s.metallb.io_frrconfigurations.yaml
@@ -179,6 +179,12 @@ spec:
                                 description: EBGPMultiHop indicates if the BGPPeer
                                   is multi-hops away.
                                 type: boolean
+                              enableGracefulRestart:
+                                description: |-
+                                  EnableGracefulRestart allows BGP peer to continue to forward data packets along
+                                  known routes while the routing protocol information is being restored.
+                                  This field is immutable because it requires restart of the BGP session
+                                type: boolean
                               holdTime:
                                 description: |-
                                   HoldTime is the requested BGP hold time, per RFC4271.

diff --git a/config/all-in-one/frr-k8s-prometheus.yaml b/config/all-in-one/frr-k8s-prometheus.yaml
@@ -194,6 +194,12 @@ spec:
                                 description: EBGPMultiHop indicates if the BGPPeer
                                   is multi-hops away.
                                 type: boolean
+                              enableGracefulRestart:
+                                description: |-
+                                  EnableGracefulRestart allows BGP peer to continue to forward data packets along
+                                  known routes while the routing protocol information is being restored.
+                                  This field is immutable because it requires restart of the BGP session
+                                type: boolean
                               holdTime:
                                 description: |-
                                   HoldTime is the requested BGP hold time, per RFC4271.

diff --git a/config/all-in-one/frr-k8s.yaml b/config/all-in-one/frr-k8s.yaml
@@ -194,6 +194,12 @@ spec:
                                 description: EBGPMultiHop indicates if the BGPPeer
                                   is multi-hops away.
                                 type: boolean
+                              enableGracefulRestart:
+                                description: |-
+                                  EnableGracefulRestart allows BGP peer to continue to forward data packets along
+                                  known routes while the routing protocol information is being restored.
+                                  This field is immutable because it requires restart of the BGP session
+                                type: boolean
                               holdTime:
                                 description: |-
                                   HoldTime is the requested BGP hold time, per RFC4271.

diff --git a/config/crd/bases/frrk8s.metallb.io_frrconfigurations.yaml b/config/crd/bases/frrk8s.metallb.io_frrconfigurations.yaml
@@ -179,6 +179,12 @@ spec:
                                 description: EBGPMultiHop indicates if the BGPPeer
                                   is multi-hops away.
                                 type: boolean
+                              enableGracefulRestart:
+                                description: |-
+                                  EnableGracefulRestart allows BGP peer to continue to forward data packets along
+                                  known routes while the routing protocol information is being restored.
+                                  This field is immutable because it requires restart of the BGP session
+                                type: boolean
                               holdTime:
                                 description: |-
                                   HoldTime is the requested BGP hold time, per RFC4271.

diff --git a/internal/controller/api_to_config.go b/internal/controller/api_to_config.go
@@ -137,17 +137,18 @@ func neighborToFRR(n v1beta1.Neighbor, ipv4Prefixes, ipv6Prefixes []string, alwa
 		return nil, fmt.Errorf("neighbor %s referencing non existing BFDProfile %s", neighborName(n.ASN, n.Address), n.BFDProfile)
 	}
 	res := &frr.NeighborConfig{
-		Name:         neighborName(n.ASN, n.Address),
-		ASN:          n.ASN,
-		SrcAddr:      n.SourceAddress,
-		Addr:         n.Address,
-		Port:         n.Port,
-		IPFamily:     neighborFamily,
-		EBGPMultiHop: n.EBGPMultiHop,
-		BFDProfile:   n.BFDProfile,
-		VRFName:      routerVRF,
-		AlwaysBlock:  alwaysBlock,
-		DisableMP:    n.DisableMP,
+		Name:            neighborName(n.ASN, n.Address),
+		ASN:             n.ASN,
+		SrcAddr:         n.SourceAddress,
+		Addr:            n.Address,
+		Port:            n.Port,
+		IPFamily:        neighborFamily,
+		EBGPMultiHop:    n.EBGPMultiHop,
+		BFDProfile:      n.BFDProfile,
+		GracefulRestart: n.EnableGracefulRestart,
+		VRFName:         routerVRF,
+		AlwaysBlock:     alwaysBlock,
+		DisableMP:       n.DisableMP,
 	}
 	res.HoldTime, res.KeepaliveTime, err = parseTimers(n.HoldTime, n.KeepaliveTime)
 	if err != nil {

diff --git a/internal/controller/api_to_config_test.go b/internal/controller/api_to_config_test.go
@@ -56,7 +56,8 @@ func TestConversion(t *testing.T) {
 											ConnectTime: &metav1.Duration{
 												Duration: 2 * time.Second,
 											},
-											DisableMP: true,
+											DisableMP:             true,
+											EnableGracefulRestart: true,
 										},
 									},
 									VRF:      "",
@@ -75,16 +76,17 @@ func TestConversion(t *testing.T) {
 						RouterID: "192.0.2.1",
 						Neighbors: []*frr.NeighborConfig{
 							{
-								IPFamily:      ipfamily.IPv4,
-								Name:          "[email protected]",
-								ASN:           65002,
-								Port:          ptr.To[uint16](179),
-								SrcAddr:       "192.1.1.1",
-								Addr:          "192.0.2.2",
-								KeepaliveTime: ptr.To[uint64](20),
-								HoldTime:      ptr.To[uint64](40),
-								ConnectTime:   ptr.To(uint64(2)),
-								DisableMP:     true,
+								IPFamily:        ipfamily.IPv4,
+								Name:            "[email protected]",
+								ASN:             65002,
+								Port:            ptr.To[uint16](179),
+								SrcAddr:         "192.1.1.1",
+								Addr:            "192.0.2.2",
+								KeepaliveTime:   ptr.To[uint64](20),
+								HoldTime:        ptr.To[uint64](40),
+								ConnectTime:     ptr.To(uint64(2)),
+								DisableMP:       true,
+								GracefulRestart: true,
 								Outgoing: frr.AllowedOut{
 									PrefixesV4: []frr.OutgoingFilter{},
 									PrefixesV6: []frr.OutgoingFilter{},

diff --git a/internal/frr/config.go b/internal/frr/config.go
@@ -62,23 +62,24 @@ type BFDProfile struct {
 }
 
 type NeighborConfig struct {
-	IPFamily      ipfamily.Family
-	Name          string
-	ASN           uint32
-	SrcAddr       string
-	Addr          string
-	Port          *uint16
-	HoldTime      *uint64
-	KeepaliveTime *uint64
-	ConnectTime   *uint64
-	Password      string
-	BFDProfile    string
-	EBGPMultiHop  bool
-	VRFName       string
-	Incoming      AllowedIn
-	Outgoing      AllowedOut
-	AlwaysBlock   []IncomingFilter
-	DisableMP     bool
+	IPFamily        ipfamily.Family
+	Name            string
+	ASN             uint32
+	SrcAddr         string
+	Addr            string
+	Port            *uint16
+	HoldTime        *uint64
+	KeepaliveTime   *uint64
+	ConnectTime     *uint64
+	Password        string
+	BFDProfile      string
+	GracefulRestart bool
+	EBGPMultiHop    bool
+	VRFName         string
+	Incoming        AllowedIn
+	Outgoing        AllowedOut
+	AlwaysBlock     []IncomingFilter
+	DisableMP       bool
 }
 
 func (n *NeighborConfig) ID() string {

diff --git a/internal/frr/frr_test.go b/internal/frr/frr_test.go
@@ -825,3 +825,35 @@ func TestSingleSessionWithAlwaysBlock(t *testing.T) {
 
 	testCheckConfigFile(t)
 }
+
+func TestSingleSessionWithGracefulRestart(t *testing.T) {
+	testSetup(t)
+
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	frr := NewFRR(ctx, emptyCB, log.NewNopLogger(), logging.LevelInfo)
+
+	config := Config{
+		Routers: []*RouterConfig{
+			{
+				MyASN: 65000,
+				Neighbors: []*NeighborConfig{
+					{
+						IPFamily:        ipfamily.IPv4,
+						ASN:             65001,
+						Addr:            "192.168.1.2",
+						GracefulRestart: true,
+					},
+				},
+			},
+		},
+	}
+
+	err := frr.ApplyConfig(&config)
+	if err != nil {
+		t.Fatalf("Failed to apply config: %s", err)
+	}
+
+	testCheckConfigFile(t)
+}
diff --git a/internal/frr/templates/frr.tmpl b/internal/frr/templates/frr.tmpl
@@ -30,6 +30,7 @@ router bgp {{$r.MyASN}}{{ if $r.VRF }} vrf {{$r.VRF}}{{end}}
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 {{ if $r.RouterID }}
   bgp router-id {{$r.RouterID}}
 {{- end }}

diff --git a/internal/frr/templates/neighborsession.tmpl b/internal/frr/templates/neighborsession.tmpl
@@ -18,6 +18,9 @@
   {{ if .neighbor.SrcAddr -}}
   neighbor {{.neighbor.Addr}} update-source {{.neighbor.SrcAddr}}
   {{- end }}
+  {{- if .neighbor.GracefulRestart }}
+  neighbor {{.neighbor.Addr}} graceful-restart
+  {{- end }}
 {{- if ne .neighbor.BFDProfile ""}}
   neighbor {{.neighbor.Addr}} bfd profile {{.neighbor.BFDProfile}}
 {{- end }}

diff --git a/internal/frr/testdata/TestMultipleNeighborsOneV4AndOneV6.golden b/internal/frr/testdata/TestMultipleNeighborsOneV4AndOneV6.golden
@@ -62,6 +62,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.2 remote-as 65001
 

diff --git a/internal/frr/testdata/TestMultipleNeighborsOneV4AndOneV6DisableMP.golden b/internal/frr/testdata/TestMultipleNeighborsOneV4AndOneV6DisableMP.golden
@@ -62,6 +62,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.2 remote-as 65001
 

diff --git a/internal/frr/testdata/TestMultipleRoutersMultipleNeighs.golden b/internal/frr/testdata/TestMultipleRoutersMultipleNeighs.golden
@@ -116,6 +116,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.2 remote-as 65001
   neighbor 192.168.1.2 ebgp-multihop
@@ -163,6 +164,7 @@ router bgp 65000 vrf red
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.170.1.2 remote-as 65001
 

diff --git a/internal/frr/testdata/TestSingleSession b/internal/frr/testdata/TestSingleSession
@@ -39,6 +39,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.2 remote-as 65001
   neighbor 192.168.1.2 port 4567

diff --git a/internal/frr/testdata/TestSingleSession.golden b/internal/frr/testdata/TestSingleSession.golden
@@ -39,6 +39,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.2 remote-as 65001
   neighbor 192.168.1.2 port 4567

diff --git a/internal/frr/testdata/TestSingleSessionBFD.golden b/internal/frr/testdata/TestSingleSessionBFD.golden
@@ -32,6 +32,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.2 remote-as 65001
 

diff --git a/internal/frr/testdata/TestSingleSessionWithAlwaysBlock.golden b/internal/frr/testdata/TestSingleSessionWithAlwaysBlock.golden
@@ -72,6 +72,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.2 remote-as 65001
 

diff --git a/internal/frr/testdata/TestSingleSessionWithEBGPMultihop.golden b/internal/frr/testdata/TestSingleSessionWithEBGPMultihop.golden
@@ -39,6 +39,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.2 remote-as 65001
   neighbor 192.168.1.2 ebgp-multihop

diff --git a/internal/frr/testdata/TestSingleSessionWithEBGPMultihopAndExtras.golden b/internal/frr/testdata/TestSingleSessionWithEBGPMultihopAndExtras.golden
@@ -39,6 +39,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.2 remote-as 65001
   neighbor 192.168.1.2 ebgp-multihop

diff --git a/internal/frr/testdata/TestSingleSessionWithGracefulRestart.golden b/internal/frr/testdata/TestSingleSessionWithGracefulRestart.golden
@@ -0,0 +1,54 @@
+log file /etc/frr/frr.log informational
+log timestamp precision 3
+hostname dummyhostname
+ip nht resolve-via-default
+ipv6 nht resolve-via-default
+
+
+route-map 192.168.1.2-out permit 1
+  match ip address prefix-list 192.168.1.2-pl-ipv4
+route-map 192.168.1.2-out permit 2
+  match ipv6 address prefix-list 192.168.1.2-pl-ipv4
+
+
+
+ip prefix-list 192.168.1.2-pl-ipv4 seq 1 deny any
+ipv6 prefix-list 192.168.1.2-pl-ipv4 seq 2 deny any
+
+
+
+
+
+
+ip prefix-list 192.168.1.2-inpl-ipv4 seq 1 deny any
+
+ipv6 prefix-list 192.168.1.2-inpl-ipv4 seq 2 deny any
+route-map 192.168.1.2-in permit 3
+  match ip address prefix-list 192.168.1.2-inpl-ipv4
+route-map 192.168.1.2-in permit 4
+  match ipv6 address prefix-list 192.168.1.2-inpl-ipv4
+
+router bgp 65000
+  no bgp ebgp-requires-policy
+  no bgp network import-check
+  no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
+
+  neighbor 192.168.1.2 remote-as 65001
+
+
+
+
+  neighbor 192.168.1.2 graceful-restart
+
+  address-family ipv4 unicast
+    neighbor 192.168.1.2 activate
+    neighbor 192.168.1.2 route-map 192.168.1.2-in in
+    neighbor 192.168.1.2 route-map 192.168.1.2-out out
+  exit-address-family
+  address-family ipv6 unicast
+    neighbor 192.168.1.2 activate
+    neighbor 192.168.1.2 route-map 192.168.1.2-in in
+    neighbor 192.168.1.2 route-map 192.168.1.2-out out
+  exit-address-family
+
diff --git a/internal/frr/testdata/TestSingleSessionWithIPv6SingleHop.golden b/internal/frr/testdata/TestSingleSessionWithIPv6SingleHop.golden
@@ -35,6 +35,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 2001:db8::1 remote-as 65001
 

diff --git a/internal/frr/testdata/TestTwoRoutersTwoNeighbors.golden b/internal/frr/testdata/TestTwoRoutersTwoNeighbors.golden
@@ -111,6 +111,7 @@ router bgp 65000
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.2 remote-as 65001
 
@@ -139,6 +140,7 @@ router bgp 65000 vrf red
   no bgp ebgp-requires-policy
   no bgp network import-check
   no bgp default ipv4-unicast
+  bgp graceful-restart preserve-fw-state
 
   neighbor 192.168.1.3 remote-as 65001