Add EgressNode field in Traceflow observation

build/charts/antrea/crds/traceflow.yaml

@@ -454,6 +454,8 @@ spec:
                               type: string
                             egress:
                               type: string
+                            egressNode:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea-aks.yml

@@ -5110,6 +5110,8 @@ spec:
                               type: string
                             egress:
                               type: string
+                            egressNode:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea-crds.yml

@@ -5083,6 +5083,8 @@ spec:
                               type: string
                             egress:
                               type: string
+                            egressNode:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea-eks.yml

@@ -5110,6 +5110,8 @@ spec:
                               type: string
                             egress:
                               type: string
+                            egressNode:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea-gke.yml

@@ -5110,6 +5110,8 @@ spec:
                               type: string
                             egress:
                               type: string
+                            egressNode:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea-ipsec.yml

@@ -5110,6 +5110,8 @@ spec:
                               type: string
                             egress:
                               type: string
+                            egressNode:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

build/yamls/antrea.yml

@@ -5110,6 +5110,8 @@ spec:
                               type: string
                             egress:
                               type: string
+                            egressNode:
+                              type: string
                 capturedPacket:
                   properties:
                     srcIP:

pkg/agent/controller/egress/egress_controller.go

@@ -1360,13 +1360,13 @@ func (c *EgressController) GetEgressIPByMark(mark uint32) (string, error) {
 	return "", fmt.Errorf("no EgressIP associated with mark %v", mark)
 }
 
-// GetEgress returns effective Egress and Egress IP applied on a Pod.
-func (c *EgressController) GetEgress(ns, podName string) (string, string, error) {
+// GetEgress returns effective EgressName, EgressIP and EgressNode name of Egress applied on a Pod.
+func (c *EgressController) GetEgress(ns, podName string) (string, string, string, error) {
 	if c == nil {
-		return "", "", fmt.Errorf("Egress is not enabled")
+		return "", "", "", fmt.Errorf("Egress is not enabled")
 	}
 	pod := k8s.NamespacedName(ns, podName)
-	egress, exists := func() (string, bool) {
+	egressName, exists := func() (string, bool) {
 		c.egressBindingsMutex.RLock()
 		defer c.egressBindingsMutex.RUnlock()
 		binding, exists := c.egressBindings[pod]
@@ -1376,13 +1376,15 @@ func (c *EgressController) GetEgress(ns, podName string) (string, string, error)
 		return binding.effectiveEgress, true
 	}()
 	if !exists {
-		return "", "", fmt.Errorf("no Egress applied to Pod %v", pod)
+		return "", "", "", fmt.Errorf("no Egress applied to Pod %v", pod)
 	}
-	state, exists := c.getEgressState(egress)
-	if !exists {
-		return "", "", fmt.Errorf("no Egress State associated with name %s", egress)
+	egress, err := c.egressLister.Get(egressName)
+	if err != nil {
+		return "", "", "", err
 	}
-	return egress, state.egressIP, nil
+	egressNode := egress.Status.EgressNode
+	egressIP := egress.Status.EgressIP
+	return egressName, egressIP, egressNode, nil
 }
 
 // An Egress is schedulable if its Egress IP is allocated from ExternalIPPool.

pkg/agent/controller/egress/egress_controller_test.go

@@ -1616,6 +1616,10 @@ func TestGetEgress(t *testing.T) {
 	egress := &crdv1b1.Egress{
 		ObjectMeta: metav1.ObjectMeta{Name: "egressA", UID: "uidA"},
 		Spec:       crdv1b1.EgressSpec{EgressIP: fakeLocalEgressIP1},
+		Status: crdv1b1.EgressStatus{
+			EgressNode: fakeNode,
+			EgressIP:   fakeLocalEgressIP1,
+		},
 	}
 	egressGroup := &cpv1b2.EgressGroup{
 		ObjectMeta: metav1.ObjectMeta{Name: "egressA", UID: "uidA"},
@@ -1648,6 +1652,7 @@ func TestGetEgress(t *testing.T) {
 		args               args
 		expectedEgressName string
 		expectedEgressIP   string
+		expectedEgressNode string
 		expectedErr        string
 	}{
 		{
@@ -1658,6 +1663,7 @@ func TestGetEgress(t *testing.T) {
 			},
 			expectedEgressName: "egressA",
 			expectedEgressIP:   fakeLocalEgressIP1,
+			expectedEgressNode: fakeNode,
 		},
 		{
 			name: "no local egress applied on a pod",
@@ -1670,14 +1676,15 @@ func TestGetEgress(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			gotEgressName, gotEgressIP, err := c.GetEgress(tt.args.ns, tt.args.podName)
+			gotEgressName, gotEgressIP, gotEgressNode, err := c.GetEgress(tt.args.ns, tt.args.podName)
 			if tt.expectedErr == "" {
 				require.NoError(t, err)
 			} else {
 				require.EqualError(t, err, tt.expectedErr)
 			}
 			assert.Equal(t, tt.expectedEgressName, gotEgressName)
 			assert.Equal(t, tt.expectedEgressIP, gotEgressIP)
+			assert.Equal(t, tt.expectedEgressNode, gotEgressNode)
 		})
 	}
 }

pkg/agent/controller/traceflow/packetin.go

@@ -292,11 +292,11 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1beta1.Traceflo
 				}
 			}
 			if isRemoteEgress == 1 { // an Egress packet, currently on source Node and forwarded to Egress Node.
-				egress, _, err := c.egressQuerier.GetEgress(ns, srcPod)
+				egressName, egressIP, egressNode, err := c.egressQuerier.GetEgress(ns, srcPod)
 				if err != nil {
 					return nil, nil, nil, err
 				}
-				obEgress := getEgressObservation(false, tunnelDstIP, egress)
+				obEgress := getEgressObservation(false, egressIP, egressName, egressNode)
 				obs = append(obs, *obEgress)
 			}
 			ob.TunnelDstIP = tunnelDstIP
@@ -312,18 +312,19 @@ func (c *Controller) parsePacketIn(pktIn *ofctrl.PacketIn) (*crdv1beta1.Traceflo
 				}
 			}
 			if pktMark != 0 { // Egress packet on Egress Node
-				egressIP, err := c.egressQuerier.GetEgressIPByMark(pktMark)
-				if err != nil {
-					return nil, nil, nil, err
-				}
-				egress := ""
+				egressName, egressIP, egressNode := "", "", ""
 				if tunnelDstIP == "" { // Egress Node is Source Node of this Egress packet
-					egress, _, err = c.egressQuerier.GetEgress(ns, srcPod)
+					egressName, egressIP, egressNode, err = c.egressQuerier.GetEgress(ns, srcPod)
+					if err != nil {
+						return nil, nil, nil, err
+					}
+				} else {
+					egressIP, err = c.egressQuerier.GetEgressIPByMark(pktMark)
 					if err != nil {
 						return nil, nil, nil, err
 					}
 				}
-				obEgress := getEgressObservation(true, egressIP, egress)
+				obEgress := getEgressObservation(true, egressIP, egressName, egressNode)
 				obs = append(obs, *obEgress)
 			}
 			ob.Action = crdv1beta1.ActionForwardedOutOfOverlay
@@ -485,11 +486,12 @@ func parseCapturedPacket(pktIn *ofctrl.PacketIn) *crdv1beta1.Packet {
 	return &capturedPacket
 }
 
-func getEgressObservation(isEgressNode bool, egressIP, egressName string) *crdv1beta1.Observation {
+func getEgressObservation(isEgressNode bool, egressIP, egressName, egressNode string) *crdv1beta1.Observation {
 	ob := new(crdv1beta1.Observation)
 	ob.Component = crdv1beta1.ComponentEgress
 	ob.EgressIP = egressIP
 	ob.Egress = egressName
+	ob.EgressNode = egressNode
 	if isEgressNode {
 		ob.Action = crdv1beta1.ActionMarkedForSNAT
 	} else {

pkg/agent/controller/traceflow/packetin_test.go

@@ -41,6 +41,7 @@ import (
 var (
 	egressName = "dummyEgress"
 	egressIP   = "192.168.100.100"
+	egressNode = "fakeEgressNode"
 )
 
 func prepareMockTables() {
@@ -303,8 +304,7 @@ func TestParsePacketIn(t *testing.T) {
 				},
 			},
 			expectedCalls: func(npQuerierq *queriertest.MockAgentNetworkPolicyInfoQuerier, egressQuerier *queriertest.MockEgressQuerier) {
-				egressQuerier.EXPECT().GetEgress(pod1.Namespace, pod1.Name).Return(egressName, egressIP, nil)
-				egressQuerier.EXPECT().GetEgressIPByMark(uint32(1)).Return(egressIP, nil)
+				egressQuerier.EXPECT().GetEgress(pod1.Namespace, pod1.Name).Return(egressName, egressIP, egressNode, nil)
 			},
 			expectedTf: &crdv1beta1.Traceflow{
 				ObjectMeta: metav1.ObjectMeta{
@@ -331,10 +331,11 @@ func TestParsePacketIn(t *testing.T) {
 						Action:    crdv1beta1.ActionForwarded,
 					},
 					{
-						Component: crdv1beta1.ComponentEgress,
-						Action:    crdv1beta1.ActionMarkedForSNAT,
-						Egress:    egressName,
-						EgressIP:  egressIP,
+						Component:  crdv1beta1.ComponentEgress,
+						Action:     crdv1beta1.ActionMarkedForSNAT,
+						Egress:     egressName,
+						EgressIP:   egressIP,
+						EgressNode: egressNode,
 					},
 					{
 						Component:     crdv1beta1.ComponentForwarding,
@@ -370,7 +371,7 @@ func TestParsePacketIn(t *testing.T) {
 				},
 			},
 			expectedCalls: func(npQuerierq *queriertest.MockAgentNetworkPolicyInfoQuerier, egressQuerier *queriertest.MockEgressQuerier) {
-				egressQuerier.EXPECT().GetEgress(pod1.Namespace, pod1.Name).Return(egressName, egressIP, nil)
+				egressQuerier.EXPECT().GetEgress(pod1.Namespace, pod1.Name).Return(egressName, egressIP, egressNode, nil)
 			},
 			expectedTf: &crdv1beta1.Traceflow{
 				ObjectMeta: metav1.ObjectMeta{
@@ -397,10 +398,11 @@ func TestParsePacketIn(t *testing.T) {
 						Action:    crdv1beta1.ActionForwarded,
 					},
 					{
-						Component: crdv1beta1.ComponentEgress,
-						Action:    crdv1beta1.ActionForwardedToEgressNode,
-						Egress:    egressName,
-						EgressIP:  egressIP,
+						Component:  crdv1beta1.ComponentEgress,
+						Action:     crdv1beta1.ActionForwardedToEgressNode,
+						Egress:     egressName,
+						EgressIP:   egressIP,
+						EgressNode: egressNode,
 					},
 					{
 						Component:     crdv1beta1.ComponentForwarding,

pkg/agent/flowexporter/exporter/exporter.go

@@ -641,7 +641,7 @@ func (exp *FlowExporter) findFlowType(conn flowexporter.Connection) uint8 {
 }
 
 func (exp *FlowExporter) fillEgressInfo(conn *flowexporter.Connection) {
-	egressName, egressIP, err := exp.egressQuerier.GetEgress(conn.SourcePodNamespace, conn.SourcePodName)
+	egressName, egressIP, _, err := exp.egressQuerier.GetEgress(conn.SourcePodNamespace, conn.SourcePodName)
 	if err != nil {
 		// Egress is not enabled or no Egress is applied to this Pod
 		return

pkg/agent/flowexporter/exporter/exporter_test.go

@@ -841,9 +841,9 @@ func TestFlowExporter_fillEgressInfo(t *testing.T) {
 				SourcePodName:      tc.sourcePodName,
 			}
 			if tc.expectedEgressName != "" {
-				egressQuerier.EXPECT().GetEgress(conn.SourcePodNamespace, conn.SourcePodName).Return(tc.expectedEgressName, tc.expectedEgressIP, nil)
+				egressQuerier.EXPECT().GetEgress(conn.SourcePodNamespace, conn.SourcePodName).Return(tc.expectedEgressName, tc.expectedEgressIP, "", nil)
 			} else {
-				egressQuerier.EXPECT().GetEgress(conn.SourcePodNamespace, conn.SourcePodName).Return("", "", fmt.Errorf("no Egress applied to Pod %s", conn.SourcePodName))
+				egressQuerier.EXPECT().GetEgress(conn.SourcePodNamespace, conn.SourcePodName).Return("", "", "", fmt.Errorf("no Egress applied to Pod %s", conn.SourcePodName))
 			}
 			exp.fillEgressInfo(&conn)
 			assert.Equal(t, tc.expectedEgressName, conn.EgressName)

pkg/apis/crd/v1beta1/types.go

@@ -1165,6 +1165,8 @@ type Observation struct {
 	// TunnelDstIP is the tunnel destination IP.
 	TunnelDstIP string `json:"tunnelDstIP,omitempty" yaml:"tunnelDstIP,omitempty"`
 	EgressIP    string `json:"egressIP,omitempty" yaml:"egressIP,omitempty"`
+	// EgressNode is the name of the Egress Node.
+	EgressNode string `json:"egressNode,omitempty" yaml:"egressNode,omitempty"`
 }
 
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

pkg/querier/querier.go

@@ -62,7 +62,7 @@ type ControllerNetworkPolicyInfoQuerier interface {
 
 type EgressQuerier interface {
 	GetEgressIPByMark(mark uint32) (string, error)
-	GetEgress(podNamespace, podName string) (string, string, error)
+	GetEgress(podNamespace, podName string) (string, string, string, error)
 }
 
 // GetSelfPod gets current pod.

test/e2e/traceflow_test.go

@@ -2118,10 +2118,11 @@ func testTraceflowEgress(t *testing.T, data *TestData) {
 						Action:    v1beta1.ActionForwarded,
 					},
 					{
-						Component: v1beta1.ComponentEgress,
-						Action:    v1beta1.ActionMarkedForSNAT,
-						Egress:    egress.Name,
-						EgressIP:  egressIP,
+						Component:  v1beta1.ComponentEgress,
+						Action:     v1beta1.ActionMarkedForSNAT,
+						Egress:     egress.Name,
+						EgressIP:   egressIP,
+						EgressNode: egressNode,
 					},
 					{
 						Component:     v1beta1.ComponentForwarding,
@@ -2189,10 +2190,11 @@ func testTraceflowEgress(t *testing.T, data *TestData) {
 						Action:    v1beta1.ActionForwarded,
 					},
 					{
-						Component: v1beta1.ComponentEgress,
-						Action:    v1beta1.ActionForwardedToEgressNode,
-						Egress:    egress.Name,
-						EgressIP:  egressIP,
+						Component:  v1beta1.ComponentEgress,
+						Action:     v1beta1.ActionForwardedToEgressNode,
+						Egress:     egress.Name,
+						EgressIP:   egressIP,
+						EgressNode: egressNode,
 					},
 					{
 						Component:     v1beta1.ComponentForwarding,
@@ -2345,6 +2347,7 @@ func compareObservations(expected v1beta1.NodeResult, actual v1beta1.NodeResult)
 			exObs[i].TranslatedDstIP != acObs[i].TranslatedDstIP ||
 			exObs[i].EgressIP != acObs[i].EgressIP ||
 			exObs[i].Egress != acObs[i].Egress ||
+			exObs[i].EgressNode != acObs[i].EgressNode ||
 			exObs[i].Action != acObs[i].Action ||
 			exObs[i].NetworkPolicy != acObs[i].NetworkPolicy ||
 			exObs[i].NetworkPolicyRule != acObs[i].NetworkPolicyRule {