Fix NetworkEvents with upstream ovnk (#2461)

* Fix NetworkEvents with upstream ovnk

* add test

Author: jotak

internal/controller/ebpf/agent_controller.go

@@ -74,27 +74,27 @@ const (
 	envDNSTrackingPort            = "DNS_TRACKING_PORT"
 	envPreferredInterface         = "PREFERRED_INTERFACE_FOR_MAC_PREFIX"
 	envAttachMode                 = "TC_ATTACH_MODE"
+	envOVNObservHostMountPath     = "OVN_OBSERV_HOST_MOUNT_PATH"
 	envListSeparator              = ","
 )
 
 const (
-	exportKafka                 = "kafka"
-	exportGRPC                  = "grpc"
-	kafkaCerts                  = "kafka-certs"
-	averageMessageSize          = 100
-	bpfTraceMountName           = "bpf-kernel-debug"
-	bpfTraceMountPath           = "/sys/kernel/debug"
-	bpfNetNSMountName           = "var-run-netns"
-	bpfNetNSMountPath           = "/var/run/netns"
-	droppedFlowsAlertThreshold  = 100
-	ovnObservMountName          = "var-run-ovn"
-	ovnObservMountPath          = "/var/run/ovn"
-	ovnObservHostMountPath      = "/var/run/ovn-ic"
-	ovsMountPath                = "/var/run/openvswitch"
-	ovsHostMountPath            = "/var/run/openvswitch"
-	ovsMountName                = "var-run-ovs"
-	defaultNetworkEventsGroupID = "10"
-	defaultPreferredInterface   = "0a:58=eth0" // Hard-coded default config to deal with OVN-generated MACs
+	exportKafka                     = "kafka"
+	exportGRPC                      = "grpc"
+	averageMessageSize              = 100
+	bpfTraceMountName               = "bpf-kernel-debug"
+	bpfTraceMountPath               = "/sys/kernel/debug"
+	bpfNetNSMountName               = "var-run-netns"
+	bpfNetNSMountPath               = "/var/run/netns"
+	droppedFlowsAlertThreshold      = 100
+	ovnObservMountName              = "var-run-ovn"
+	ovnObservMountPath              = "/var/run/ovn"
+	ovnObservHostMountPathOpenShift = "/var/run/ovn-ic"
+	ovsMountPath                    = "/var/run/openvswitch"
+	ovsHostMountPath                = "/var/run/openvswitch"
+	ovsMountName                    = "var-run-ovs"
+	defaultNetworkEventsGroupID     = "10"
+	defaultPreferredInterface       = "0a:58=eth0" // Hard-coded default config to deal with OVN-generated MACs
 )
 
 const (
@@ -221,6 +221,7 @@ func (c *AgentController) desired(ctx context.Context, coll *flowslatest.FlowCol
 	if err != nil {
 		return nil, err
 	}
+	advancedConfig := helper.GetAdvancedAgentConfig(coll.Spec.Agent.EBPF.Advanced)
 
 	if coll.Spec.Agent.EBPF.Metrics.Server.TLS.Type != flowslatest.ServerTLSDisabled {
 		var promTLS *flowslatest.CertificateReference
@@ -300,15 +301,22 @@ func (c *AgentController) desired(ctx context.Context, coll *flowslatest.FlowCol
 	if coll.Spec.Agent.EBPF.IsAgentFeatureEnabled(flowslatest.NetworkEvents) ||
 		coll.Spec.Agent.EBPF.IsAgentFeatureEnabled(flowslatest.UDNMapping) {
 		if !coll.Spec.Agent.EBPF.Privileged {
-			rlog.Error(fmt.Errorf("invalid configuration"), "To use Network Events Monitor"+
-				"features privileged mode needs to be enabled")
+			rlog.Error(fmt.Errorf("invalid configuration"), "To use NetworkEvents or UDNMapping features, privileged mode needs to be enabled")
 		} else {
+			hostPath := advancedConfig.Env[envOVNObservHostMountPath]
+			if hostPath == "" {
+				if c.ClusterInfo.IsOpenShift() {
+					hostPath = ovnObservHostMountPathOpenShift
+				} else {
+					hostPath = ovsHostMountPath
+				}
+			}
 			volume := corev1.Volume{
 				Name: ovnObservMountName,
 				VolumeSource: corev1.VolumeSource{
 					HostPath: &corev1.HostPathVolumeSource{
 						Type: newHostPathType(corev1.HostPathDirectory),
-						Path: ovnObservHostMountPath,
+						Path: hostPath,
 					},
 				},
 			}
@@ -361,8 +369,6 @@ func (c *AgentController) desired(ctx context.Context, coll *flowslatest.FlowCol
 		volumeMounts = append(volumeMounts, volumeMount)
 	}
 
-	advancedConfig := helper.GetAdvancedAgentConfig(coll.Spec.Agent.EBPF.Advanced)
-
 	return &v1.DaemonSet{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      constants.EBPFAgentName,

internal/controller/ebpf/agent_controller_test.go

@@ -222,3 +222,49 @@ func TestBpfmanConfig(t *testing.T) {
 		"csi.bpfman.io/program": "netobserv",
 	}, ds.Spec.Template.Spec.Volumes[1].CSI.VolumeAttributes)
 }
+
+func TestNetworkEventsOVNMount(t *testing.T) {
+	fc := flowslatest.FlowCollector{
+		Spec: flowslatest.FlowCollectorSpec{
+			Agent: flowslatest.FlowCollectorAgent{
+				EBPF: flowslatest.FlowCollectorEBPF{
+					Privileged: true,
+					Features:   []flowslatest.AgentFeature{flowslatest.NetworkEvents},
+				},
+			},
+		},
+	}
+
+	// Upstream OVN
+	info := reconcilers.Common{Namespace: "netobserv", ClusterInfo: &cluster.Info{}}
+	inst := info.NewInstance(map[reconcilers.ImageRef]string{reconcilers.MainImage: "ebpf-agent"}, status.Instance{})
+	agent := NewAgentController(inst)
+	ds, err := agent.desired(context.Background(), &fc)
+	assert.NoError(t, err)
+	assert.NotNil(t, ds)
+
+	assert.Equal(t, "var-run-ovn", ds.Spec.Template.Spec.Volumes[2].Name)
+	assert.Equal(t, "/var/run/openvswitch", ds.Spec.Template.Spec.Volumes[2].HostPath.Path)
+
+	// OpenShift OVN
+	info.ClusterInfo.Mock("4.20.0", cluster.OVNKubernetes)
+	ds, err = agent.desired(context.Background(), &fc)
+	assert.NoError(t, err)
+	assert.NotNil(t, ds)
+
+	assert.Equal(t, "var-run-ovn", ds.Spec.Template.Spec.Volumes[2].Name)
+	assert.Equal(t, "/var/run/ovn-ic", ds.Spec.Template.Spec.Volumes[2].HostPath.Path)
+
+	// Custom
+	fc.Spec.Agent.EBPF.Advanced = &flowslatest.AdvancedAgentConfig{
+		Env: map[string]string{
+			envOVNObservHostMountPath: "/foo/bar",
+		},
+	}
+	ds, err = agent.desired(context.Background(), &fc)
+	assert.NoError(t, err)
+	assert.NotNil(t, ds)
+
+	assert.Equal(t, "var-run-ovn", ds.Spec.Template.Spec.Volumes[2].Name)
+	assert.Equal(t, "/foo/bar", ds.Spec.Template.Spec.Volumes[2].HostPath.Path)
+}