Skip to content

fix: sort epInfos to process InfraNIC first before EndpointCreate#4421

Merged
behzad-mir merged 3 commits into
masterfrom
fix/sort-epinfos-infra-first
Jun 1, 2026
Merged

fix: sort epInfos to process InfraNIC first before EndpointCreate#4421
behzad-mir merged 3 commits into
masterfrom
fix/sort-epinfos-infra-first

Conversation

@behzad-mir
Copy link
Copy Markdown
Contributor

@behzad-mir behzad-mir commented May 21, 2026
edited by QxBytes
Loading

Sort epInfos cni/network/network.go) after the createEpInfo loop. In stateless mode, ExternalInterfaces is empty on every ADD so whichever NIC is processed first determines which interface the network gets bound to. If DelegatedVMNIC wins the race, SecondaryEndpointClient moves its interface into the pod namespace, then TransparentEndpointClient fails with "no such network interface".

Reason for Change:

Issue Fixed:

Requirements:

Notes:

@behzad-mir behzad-mir requested a review from a team as a code owner May 21, 2026 21:03
@behzad-mir behzad-mir requested review from QxBytes and Copilot May 21, 2026 21:03
Copilot AI reviewed May 21, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR ensures the CNI plugin processes InfraNIC endpoints before other NIC types during ADD, avoiding incorrect network binding in stateless mode that can later cause endpoint creation to fail with a missing host interface.

Changes:

  • Sort epInfos so InfraNIC (and legacy empty NICType) are processed first before calling EndpointCreate.
  • Add a Linux unit test to validate the intended ordering behavior.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
cni/network/network.go Sorts epInfos prior to EndpointCreate so InfraNIC is handled first in stateless mode.
cni/network/network_linux_test.go Adds a unit test covering the InfraNIC-first ordering logic.

Comment thread cni/network/network.go Outdated
Comment thread cni/network/network_linux_test.go Outdated
@behzad-mir
fix: sort epInfos to process InfraNIC first before EndpointCreate
c665385 
Move the epInfos sort from network.EndpointCreate to the CNI plugin
layer (cni/network/network.go) after the createEpInfo loop. In stateless
mode, ExternalInterfaces is empty on every ADD so whichever NIC is
processed first determines which interface the network gets bound to. If
DelegatedVMNIC wins the race, SecondaryEndpointClient moves its interface
into the pod namespace, then TransparentEndpointClient fails with
"no such network interface".

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@behzad-mir behzad-mir force-pushed the fix/sort-epinfos-infra-first branch from fb45141 to c665385 Compare May 29, 2026 15:56
QxBytes
QxBytes reviewed May 29, 2026
View reviewed changes
Comment thread cni/network/network_linux_test.go Outdated
Comment thread cni/network/network.go Outdated
@behzad-mir
refactor: extract isInfraOrLegacyNICType helper and rewrite sort test
324112b 
Address PR review comments:
- Extract isInfraOrLegacyNICType() helper function to deduplicate the
  repeated NICType == InfraNIC || NICType == "" checks
- Replace TestSortEpInfosInfraNICFirst with TestAddSortsInfraNICFirst
  that tests through the plugin.Add() flow, verifying InfraNIC is
  created first by recording endpoint creation order via mock callback
- Use the helper in both the sort comparator and the Delete path

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@behzad-mir behzad-mir requested a review from QxBytes May 29, 2026 19:57
@behzad-mir
refactor: extract sortInfraNICFirst and isInfraOrLegacyNICType helpers
9974557 
Address PR review comments:
- Extract sortInfraNICFirst() to encapsulate the sort logic that ensures
  InfraNIC is always processed before other NIC types
- Extract isInfraOrLegacyNICType() helper to deduplicate the repeated
  NICType == InfraNIC || NICType == "" checks
- Replace complex integration test with simple unit test for
  sortInfraNICFirst covering multiple NIC type orderings
- Use the helper in both the sort and the Delete path

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@behzad-mir
Copy link
Copy Markdown
Contributor Author

behzad-mir commented May 29, 2026

/azp run Azure Container Networking PR

@azure-pipelines
Copy link
Copy Markdown

azure-pipelines Bot commented May 29, 2026

Azure Pipelines successfully started running 1 pipeline(s).

@behzad-mir behzad-mir added this pull request to the merge queue Jun 1, 2026
Merged via the queue into master with commit 5c65686 Jun 1, 2026
28 of 33 checks passed
@behzad-mir behzad-mir deleted the fix/sort-epinfos-infra-first branch June 1, 2026 21:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@isaac-dasan isaac-dasan isaac-dasan approved these changes

@QxBytes QxBytes QxBytes approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@behzad-mir @isaac-dasan @QxBytes