Fix TransferToRemote DPU connection: replace localhost loopback with …#175
Open
hdwhdw wants to merge 1 commit intoAzure:202506from
Open
Fix TransferToRemote DPU connection: replace localhost loopback with …#175hdwhdw wants to merge 1 commit intoAzure:202506from
hdwhdw wants to merge 1 commit intoAzure:202506from
Conversation
…… (#591) * Fix TransferToRemote DPU connection: replace localhost loopback with direct DPU connection HandleTransferToRemoteForDPUStreaming previously dialed localhost:8080 with insecure credentials to issue a File/Put RPC that the DPU proxy would intercept and forward. This breaks when the gNMI server runs on a different port or with TLS enabled. Replace the loopback pattern with dpuproxy.GetDPUConnection(), which resolves DPU info via Redis and returns a cached gRPC connection directly to the target DPU. This eliminates the hardcoded address, the insecure dial, and the need for DPU routing metadata headers on the outgoing request. Also removes HandleTransferToRemoteForDPU (disk-based two-phase version) which was never called in production. Signed-off-by: Dawei Huang <daweihuang@microsoft.com> * Fix gomonkey inlining issue with NewFileClient on Go 1.24 Extract gnoi_file_pb.NewFileClient into a package-level variable so tests can patch it via ApplyGlobalVar instead of ApplyFunc. The generated protobuf function is tiny and gets inlined by Go 1.24, which defeats gomonkey's function-level patching and causes nil pointer panics in CI. Signed-off-by: Dawei Huang <daweihuang@microsoft.com> --------- Signed-off-by: Dawei Huang <daweihuang@microsoft.com>
prsunny
approved these changes
Feb 26, 2026
|
@prabhataravind for viz |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why I did it
Cherry-pick fix for DPU TransferToRemote file transfer from upstream sonic-gnmi to 202506 branch.
How I did it
Cherry-picked the following PR from https://github.com/sonic-net/sonic-gnmi:
direct DPU connection
The fix addresses a production issue where HandleTransferToRemoteForDPUStreaming used grpc.Dial("localhost:8080",
insecure.NewCredentials()) to loop back through the local gNMI proxy for DPU file transfers. This hardcoded address breaks
when the gNMI server runs on port 50052 with TLS (mTLS) enabled.
Changes:
direct gRPC connection to the target DPU
How to verify it
Verified on Cisco-8102-28FH-DPU-O (str3-8102-07) with gNMI server on port 50052 with mTLS:
grpcurl
-cert /etc/sonic/telemetry/client.cer
-key /etc/sonic/telemetry/client.key
-cacert /etc/sonic/telemetry/streamingtelemetryserver.cer
-H "x-sonic-ss-target-type: dpu"
-H "x-sonic-ss-target-index: 0"
-d '{
"local_path": "/var/tmp/build.log",
"remote_download": {
"path": "http://.......",
"protocol": "HTTP"
}
}'
localhost:50052 gnoi.file.File/TransferToRemote
File successfully transferred to DPU0 and verified via ssh admin@169.254.200.1 'md5sum /var/tmp/build.log'.