Skip to content

Add SIGUSR1 signal handler for runtime configuration dumps

Placeholder 蔡秀吉 requested to merge github/fork/thc1006/feature/sigusr1-config-dump into main

Description

This PR implements support for runtime configuration dumps via SIGUSR1 signal handling, addressing issue #1301 (closed).

When a SIGUSR1 signal is sent to a running kube-vip process, it will dump the current configuration to stdout, including:

  • Basic VIP configuration (address, interface, port, etc.)
  • BGP settings and peer information
  • ARP/NDP configuration
  • Services configuration and active instances
  • Network interfaces status
  • Leader election settings
  • Runtime statistics (load balancer, egress, etc.)

Implementation Details

  • Signal Handler: Registered SIGUSR1 in pkg/manager/manager.go:250
  • Dump Logic: Moved to separate file pkg/manager/manager_dump.go following project convention
  • Coverage: Updated all 4 manager modes (ARP, BGP, Table, Wireguard) in manager_*.go files
  • Testing: Comprehensive unit tests in manager_dump_test.go and E2E test in e2e_sigusr1_test.go
  • Documentation: Added CHANGELOG.md entry

Changes

  • 9 files changed, 597 insertions(+), 27 deletions(-)
  • New files: manager_dump.go, manager_dump_test.go, e2e_sigusr1_test.go, CHANGELOG.md
  • Modified: manager.go, manager_arp.go, manager_bgp.go, manager_table.go, manager_wireguard.go

Testing Performed

Unit Tests

All 5 dump tests passed (0.017s):

=== RUN   TestDumpConfiguration
--- PASS: TestDumpConfiguration (0.00s)
=== RUN   TestDumpConfigSection
--- PASS: TestDumpConfigSection (0.00s)
=== RUN   TestDumpBGPSection
--- PASS: TestDumpBGPSection (0.00s)
=== RUN   TestDumpARPSection
--- PASS: TestDumpARPSection (0.00s)
=== RUN   TestDumpRuntimeSection
--- PASS: TestDumpRuntimeSection (0.00s)
PASS
ok  	github.com/kube-vip/kube-vip/pkg/manager	0.017s

Static Analysis

  • go vet: No errors in modified code
  • gofmt: All files properly formatted (LF line endings in git)

Docker Build

  • Successfully built with Go 1.25.3
  • Build time: 60.5s
  • Multi-stage build verified

Security Scan

Trivy vulnerability scan results:

Report Summary
┌──────────┬──────────┬─────────────────┬─────────┐
│  Target  │   Type   │ Vulnerabilities │ Secrets │
├──────────┼──────────┼─────────────────┼─────────┤
│ kube-vip │ gobinary │        0        │    -    │
└──────────┴──────────┴─────────────────┴─────────┘

All previous CVE issues resolved by using Go 1.25.3 (includes fixes for CVE-2025-47912, CVE-2025-58183, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-61724)

Usage Example

# Find the kube-vip pod
kubectl get pods -n kube-system -l component=kube-vip

# Send SIGUSR1 signal
kubectl exec -n kube-system <pod-name> -- kill -USR1 1

# View the configuration dump
kubectl logs -n kube-system <pod-name>

Notes

  • Implementation follows project conventions (separate manager_dump.go file like manager_arp.go, manager_bgp.go, etc.)
  • Thread-safe: uses existing manager mutex for configuration access
  • Non-intrusive: only adds signal handling, no changes to core functionality
  • Backward compatible: no API changes, only adds new signal handling capability

Closes #1301 (closed)

Merge request reports