From 369ac907f9123cfaff68868cad3389d20201508c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= Date: Wed, 11 Sep 2024 18:11:29 +0000 Subject: [PATCH 1/3] Fix gateway manager not accounting for UDN join subnets MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gateway manager not accounting for different join subnets of UDNs * tests not expecting the join subnet SNAT when pods snats were disabled * tests misleadingly naming join ip to the ovn masquerade ip Signed-off-by: Jaime Caamaño Ruiz --- go-controller/pkg/config/utils.go | 18 ------- go-controller/pkg/ovn/gateway.go | 50 +++++++++++++------ ...econdary_layer2_network_controller_test.go | 17 +++---- ...econdary_layer3_network_controller_test.go | 29 +++++------ 4 files changed, 59 insertions(+), 55 deletions(-) diff --git a/go-controller/pkg/config/utils.go b/go-controller/pkg/config/utils.go index 92bafdec970..b27be4d7cb6 100644 --- a/go-controller/pkg/config/utils.go +++ b/go-controller/pkg/config/utils.go @@ -263,24 +263,6 @@ func (cs *ConfigSubnets) checkIPFamilies() (usingIPv4, usingIPv6 bool, err error return false, false, fmt.Errorf("illegal network configuration: %s", netConfig) } -func ContainsJoinIP(ip net.IP) bool { - var joinSubnetsConfig []string - if IPv4Mode { - joinSubnetsConfig = append(joinSubnetsConfig, Gateway.V4JoinSubnet) - } - if IPv6Mode { - joinSubnetsConfig = append(joinSubnetsConfig, Gateway.V6JoinSubnet) - } - - for _, subnet := range joinSubnetsConfig { - _, joinSubnet, _ := net.ParseCIDR(subnet) - if joinSubnet.Contains(ip) { - return true - } - } - return false -} - // masqueradeIP represents the masqueradeIPs used by the masquerade subnets for host to service traffic type MasqueradeIPsConfig struct { V4OVNMasqueradeIP net.IP diff --git a/go-controller/pkg/ovn/gateway.go b/go-controller/pkg/ovn/gateway.go index 9013f0447ed..f5b42121e11 100644 --- a/go-controller/pkg/ovn/gateway.go +++ b/go-controller/pkg/ovn/gateway.go @@ -159,6 +159,7 @@ func (gw *GatewayManager) cleanupStalePodSNATs(nodeName string, nodeIPs []*net.I if !config.Gateway.DisableSNATMultipleGWs { return nil } + pods, err := gw.kube.GetPods(metav1.NamespaceAll, metav1.ListOptions{ FieldSelector: fields.OneTermEqualSelector("spec.nodeName", nodeName).String(), }) @@ -166,13 +167,7 @@ func (gw *GatewayManager) cleanupStalePodSNATs(nodeName string, nodeIPs []*net.I return fmt.Errorf("unable to list existing pods on node: %s, %w", nodeName, err) } - gatewayRouter := nbdb.LogicalRouter{ - Name: gw.gwRouterName, - } - routerNats, err := libovsdbops.GetRouterNATs(gw.nbClient, &gatewayRouter) - if err != nil && errors.Is(err, libovsdbclient.ErrNotFound) { - return fmt.Errorf("unable to get NAT entries for router %s on node %s: %w", gatewayRouter.Name, nodeName, err) - } + podIPsOnNode := sets.NewString() // collects all podIPs on node for _, pod := range pods { pod := *pod @@ -204,18 +199,37 @@ func (gw *GatewayManager) cleanupStalePodSNATs(nodeName string, nodeIPs []*net.I podIPsOnNode.Insert(podIP.String()) } } + + gatewayRouter := nbdb.LogicalRouter{ + Name: gw.gwRouterName, + } + routerNats, err := libovsdbops.GetRouterNATs(gw.nbClient, &gatewayRouter) + if err != nil && errors.Is(err, libovsdbclient.ErrNotFound) { + return fmt.Errorf("unable to get NAT entries for router %s on node %s: %w", gatewayRouter.Name, nodeName, err) + } + + nodeIPset := sets.New(util.IPNetsIPToStringSlice(nodeIPs)...) natsToDelete := []*nbdb.NAT{} for _, routerNat := range routerNats { routerNat := routerNat if routerNat.Type != nbdb.NATTypeSNAT { continue } - for _, nodeIP := range nodeIPs { - logicalIP := net.ParseIP(routerNat.LogicalIP) - if routerNat.ExternalIP == nodeIP.IP.String() && !config.ContainsJoinIP(logicalIP) && !podIPsOnNode.Has(routerNat.LogicalIP) { - natsToDelete = append(natsToDelete, routerNat) - } + if !nodeIPset.Has(routerNat.ExternalIP) { + continue + } + if podIPsOnNode.Has(routerNat.LogicalIP) { + continue } + logicalIP := net.ParseIP(routerNat.LogicalIP) + if logicalIP == nil { + // this is probably a CIDR so not a pod IP + continue + } + if gw.containsJoinIP(logicalIP) { + continue + } + natsToDelete = append(natsToDelete, routerNat) } if len(natsToDelete) > 0 { err := libovsdbops.DeleteNATs(gw.nbClient, &gatewayRouter, natsToDelete...) @@ -592,7 +606,7 @@ func (gw *GatewayManager) GatewayInit( if gw.clusterRouterName != "" { p := func(item *nbdb.LogicalRouterStaticRoute) bool { return item.IPPrefix == lrsr.IPPrefix && item.Policy != nil && *item.Policy == *lrsr.Policy && - config.ContainsJoinIP(net.ParseIP(item.Nexthop)) + gw.containsJoinIP(net.ParseIP(item.Nexthop)) } err := libovsdbops.DeleteLogicalRouterStaticRoutesWithPredicate(gw.nbClient, gw.clusterRouterName, p) if err != nil { @@ -643,7 +657,7 @@ func (gw *GatewayManager) GatewayInit( // note, nat.LogicalIP may be a CIDR or IP, we don't care unless it's an IP parsedLogicalIP := net.ParseIP(nat.LogicalIP) // check if join ip changed - if config.ContainsJoinIP(parsedLogicalIP) { + if gw.containsJoinIP(parsedLogicalIP) { // is a join SNAT, check if IP needs updating joinIP, err := util.MatchFirstIPFamily(utilnet.IsIPv6(parsedLogicalIP), gwLRPIPs) if err != nil { @@ -1152,6 +1166,14 @@ func (gw *GatewayManager) removeLRPolicies(nodeName string) { } } +func (gw *GatewayManager) containsJoinIP(ip net.IP) bool { + ipNet := &net.IPNet{ + IP: ip, + Mask: util.GetIPFullMask(ip), + } + return util.IsContainedInAnyCIDR(ipNet, gw.netInfo.JoinSubnets()...) +} + func (gw *GatewayManager) syncGatewayLogicalNetwork( node *kapi.Node, l3GatewayConfig *util.L3GatewayConfig, diff --git a/go-controller/pkg/ovn/secondary_layer2_network_controller_test.go b/go-controller/pkg/ovn/secondary_layer2_network_controller_test.go index 69396c7d7d7..08ee1d415da 100644 --- a/go-controller/pkg/ovn/secondary_layer2_network_controller_test.go +++ b/go-controller/pkg/ovn/secondary_layer2_network_controller_test.go @@ -387,7 +387,7 @@ func expectedLayer2EgressEntities(netInfo util.NetInfo, gwConfig util.L3GatewayC var nat []string if config.Gateway.DisableSNATMultipleGWs { - nat = append(nat, perPodSNAT) + nat = append(nat, nat1, perPodSNAT) } else { nat = append(nat, nat1, nat2, nat3) } @@ -402,7 +402,7 @@ func expectedLayer2EgressEntities(netInfo util.NetInfo, gwConfig util.L3GatewayC Options: gwRouterOptions(gwConfig), Policies: []string{routerPolicyUUID1}, }, - expectedGWToNetworkSwitchRouterPort(gwRouterToNetworkSwitchPortName, netInfo, gwRouterIPAddress(), layer2SubnetGWAddr()), + expectedGWToNetworkSwitchRouterPort(gwRouterToNetworkSwitchPortName, netInfo, gwRouterJoinIPAddress(), layer2SubnetGWAddr()), expectedGRStaticRoute(sr1, dummyMasqueradeSubnet().String(), nextHopMasqueradeIP().String(), nil, &staticRouteOutputPort, netInfo), expectedGRStaticRoute(sr2, ipv4DefaultRoute().String(), nodeGateway().IP.String(), nil, &staticRouteOutputPort, netInfo), expectedGRToExternalSwitchLRP(gwRouterName, netInfo, nodePhysicalIPAddress(), udnGWSNATAddress()), @@ -411,15 +411,14 @@ func expectedLayer2EgressEntities(netInfo util.NetInfo, gwConfig util.L3GatewayC expectedLogicalRouterPolicy(routerPolicyUUID1, netInfo, nodeName, nodeIP().IP.String(), managementPortIP(layer2Subnet()).String()), } - for _, entity := range expectedExternalSwitchAndLSPs(netInfo, gwConfig, nodeName) { - expectedEntities = append(expectedEntities, entity) - } + expectedEntities = append(expectedEntities, expectedExternalSwitchAndLSPs(netInfo, gwConfig, nodeName)...) if config.Gateway.DisableSNATMultipleGWs { - expectedEntities = append(expectedEntities, newNATEntry(perPodSNAT, dummyJoinIP().IP.String(), dummyL2TestPodAdditionalNetworkIP(), nil)) + expectedEntities = append(expectedEntities, newNATEntry(nat1, dummyMasqueradeIP().IP.String(), gwRouterJoinIPAddress().IP.String(), standardNonDefaultNetworkExtIDs(netInfo))) + expectedEntities = append(expectedEntities, newNATEntry(perPodSNAT, dummyMasqueradeIP().IP.String(), dummyL2TestPodAdditionalNetworkIP(), nil)) } else { - expectedEntities = append(expectedEntities, newNATEntry(nat1, dummyJoinIP().IP.String(), gwRouterIPAddress().IP.String(), standardNonDefaultNetworkExtIDs(netInfo))) - expectedEntities = append(expectedEntities, newNATEntry(nat2, dummyJoinIP().IP.String(), layer2Subnet().String(), standardNonDefaultNetworkExtIDs(netInfo))) - expectedEntities = append(expectedEntities, newNATEntry(nat3, dummyJoinIP().IP.String(), layer2SubnetGWAddr().IP.String(), standardNonDefaultNetworkExtIDs(netInfo))) + expectedEntities = append(expectedEntities, newNATEntry(nat1, dummyMasqueradeIP().IP.String(), gwRouterJoinIPAddress().IP.String(), standardNonDefaultNetworkExtIDs(netInfo))) + expectedEntities = append(expectedEntities, newNATEntry(nat2, dummyMasqueradeIP().IP.String(), layer2Subnet().String(), standardNonDefaultNetworkExtIDs(netInfo))) + expectedEntities = append(expectedEntities, newNATEntry(nat3, dummyMasqueradeIP().IP.String(), layer2SubnetGWAddr().IP.String(), standardNonDefaultNetworkExtIDs(netInfo))) } return expectedEntities } diff --git a/go-controller/pkg/ovn/secondary_layer3_network_controller_test.go b/go-controller/pkg/ovn/secondary_layer3_network_controller_test.go index 27e1fc660c1..1fbcbf73bc2 100644 --- a/go-controller/pkg/ovn/secondary_layer3_network_controller_test.go +++ b/go-controller/pkg/ovn/secondary_layer3_network_controller_test.go @@ -527,7 +527,7 @@ func newNodeWithSecondaryNets(nodeName string, nodeIPv4CIDR string, netInfos ... util.OvnNodeChassisID: "abdcef", "k8s.ovn.org/network-ids": "{\"default\":\"0\",\"isolatednet\":\"2\"}", util.OvnNodeManagementPortMacAddresses: fmt.Sprintf("{\"isolatednet\":%q}", dummyMACAddr), - util.OVNNodeGRLRPAddrs: fmt.Sprintf("{\"isolatednet\":{\"ipv4\":%q}}", gwRouterIPAddress()), + util.OVNNodeGRLRPAddrs: fmt.Sprintf("{\"isolatednet\":{\"ipv4\":%q}}", gwRouterJoinIPAddress()), }, Labels: map[string]string{ "k8s.ovn.org/egress-assignable": "", @@ -545,10 +545,10 @@ func newNodeWithSecondaryNets(nodeName string, nodeIPv4CIDR string, netInfos ... } func dummyJoinIPs() []*net.IPNet { - return []*net.IPNet{dummyJoinIP()} + return []*net.IPNet{dummyMasqueradeIP()} } -func dummyJoinIP() *net.IPNet { +func dummyMasqueradeIP() *net.IPNet { return &net.IPNet{ IP: net.ParseIP("169.254.169.13"), Mask: net.CIDRMask(24, 32), @@ -571,7 +571,7 @@ func expectedGWEntities(nodeName, nodeSubnet string, netInfo util.NetInfo, gwCon expectedEntities := append( expectedGWRouterPlusNATAndStaticRoutes(nodeName, gwRouterName, netInfo, gwConfig), - expectedGRToJoinSwitchLRP(gwRouterName, gwRouterIPAddress(), netInfo), + expectedGRToJoinSwitchLRP(gwRouterName, gwRouterJoinIPAddress(), netInfo), expectedGRToExternalSwitchLRP(gwRouterName, netInfo, nodePhysicalIPAddress(), udnGWSNATAddress()), expectedGatewayChassis(nodeName, netInfo, gwConfig), expectedStaticMACBinding(gwRouterName, nextHopMasqueradeIP()), @@ -605,7 +605,7 @@ func expectedGWRouterPlusNATAndStaticRoutes( masqSubnet := config.Gateway.V4MasqueradeSubnet var nat []string if config.Gateway.DisableSNATMultipleGWs { - nat = append(nat, perPodSNAT) + nat = append(nat, nat1, perPodSNAT) } else { nat = append(nat, nat1, nat2) } @@ -619,15 +619,16 @@ func expectedGWRouterPlusNATAndStaticRoutes( Nat: nat, StaticRoutes: []string{staticRoute1, staticRoute2, staticRoute3}, }, - expectedGRStaticRoute(staticRoute1, netInfo.Subnets()[0].CIDR.String(), dummyJoinIP().IP.String(), nil, nil, netInfo), + expectedGRStaticRoute(staticRoute1, netInfo.Subnets()[0].CIDR.String(), dummyMasqueradeIP().IP.String(), nil, nil, netInfo), expectedGRStaticRoute(staticRoute2, ipv4DefaultRoute, nextHopIP, nil, &staticRouteOutputPort, netInfo), expectedGRStaticRoute(staticRoute3, masqSubnet, nextHopMasqIP, nil, &staticRouteOutputPort, netInfo), } if config.Gateway.DisableSNATMultipleGWs { - expectedEntities = append(expectedEntities, newNATEntry(perPodSNAT, dummyJoinIP().IP.String(), dummyTestPodAdditionalNetworkIP(), nil)) + expectedEntities = append(expectedEntities, newNATEntry(nat1, dummyMasqueradeIP().IP.String(), gwRouterJoinIPAddress().IP.String(), standardNonDefaultNetworkExtIDs(netInfo))) + expectedEntities = append(expectedEntities, newNATEntry(perPodSNAT, dummyMasqueradeIP().IP.String(), dummyTestPodAdditionalNetworkIP(), nil)) } else { - expectedEntities = append(expectedEntities, newNATEntry(nat1, dummyJoinIP().IP.String(), gwRouterIPAddress().IP.String(), standardNonDefaultNetworkExtIDs(netInfo))) - expectedEntities = append(expectedEntities, newNATEntry(nat2, dummyJoinIP().IP.String(), netInfo.Subnets()[0].CIDR.String(), standardNonDefaultNetworkExtIDs(netInfo))) + expectedEntities = append(expectedEntities, newNATEntry(nat1, dummyMasqueradeIP().IP.String(), gwRouterJoinIPAddress().IP.String(), standardNonDefaultNetworkExtIDs(netInfo))) + expectedEntities = append(expectedEntities, newNATEntry(nat2, dummyMasqueradeIP().IP.String(), netInfo.Subnets()[0].CIDR.String(), standardNonDefaultNetworkExtIDs(netInfo))) } return expectedEntities } @@ -689,7 +690,7 @@ func expectedLayer3EgressEntities(netInfo util.NetInfo, gwConfig util.L3GatewayC staticRouteUUID1 = "sr1-UUID" staticRouteUUID2 = "sr2-UUID" ) - joinIPAddr := dummyJoinIP().IP.String() + masqIPAddr := dummyMasqueradeIP().IP.String() clusterRouterName := fmt.Sprintf("%s_ovn_cluster_router", netInfo.GetNetworkName()) rtosLRPName := fmt.Sprintf("%s%s", ovntypes.RouterToSwitchPrefix, netInfo.GetNetworkScopedName(nodeName)) rtosLRPUUID := rtosLRPName + "-UUID" @@ -706,10 +707,10 @@ func expectedLayer3EgressEntities(netInfo util.NetInfo, gwConfig util.L3GatewayC ExternalIDs: standardNonDefaultNetworkExtIDs(netInfo), }, &nbdb.LogicalRouterPort{UUID: rtosLRPUUID, Name: rtosLRPName, Networks: []string{"192.168.1.1/24"}, MAC: "0a:58:c0:a8:01:01", GatewayChassis: []string{gatewayChassisUUID}}, - expectedGRStaticRoute(staticRouteUUID1, nodeSubnet.String(), gwRouterIPAddress().IP.String(), &nbdb.LogicalRouterStaticRoutePolicySrcIP, nil, netInfo), - expectedGRStaticRoute(staticRouteUUID2, gwRouterIPAddress().IP.String(), gwRouterIPAddress().IP.String(), nil, nil, netInfo), + expectedGRStaticRoute(staticRouteUUID1, nodeSubnet.String(), gwRouterJoinIPAddress().IP.String(), &nbdb.LogicalRouterStaticRoutePolicySrcIP, nil, netInfo), + expectedGRStaticRoute(staticRouteUUID2, gwRouterJoinIPAddress().IP.String(), gwRouterJoinIPAddress().IP.String(), nil, nil, netInfo), expectedLogicalRouterPolicy(routerPolicyUUID1, netInfo, nodeName, nodeIP, managementPortIP(nodeSubnet).String()), - expectedLogicalRouterPolicy(routerPolicyUUID2, netInfo, nodeName, joinIPAddr, managementPortIP(nodeSubnet).String()), + expectedLogicalRouterPolicy(routerPolicyUUID2, netInfo, nodeName, masqIPAddr, managementPortIP(nodeSubnet).String()), } return expectedEntities } @@ -856,7 +857,7 @@ func nextHopMasqueradeIP() net.IP { return net.ParseIP("169.254.169.4") } -func gwRouterIPAddress() *net.IPNet { +func gwRouterJoinIPAddress() *net.IPNet { return &net.IPNet{ IP: net.ParseIP("100.65.0.4"), Mask: net.CIDRMask(16, 32), From a4e2a0029301659c094d346dbdca685d32ce88ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= Date: Wed, 11 Sep 2024 18:11:55 +0000 Subject: [PATCH 2/3] Fix duplicated UDN tests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * L3 tests with duplicated names * L2 duplicated tests of which some were intended to test something else * L2 secondary tests annotating the wrong IP under the assumption that mgmt and gw IPs would be allocated Signed-off-by: Jaime Caamaño Ruiz --- go-controller/pkg/ovn/multihoming_test.go | 43 ++++++++----------- ...econdary_layer2_network_controller_test.go | 18 ++++---- ...econdary_layer3_network_controller_test.go | 14 +++--- 3 files changed, 33 insertions(+), 42 deletions(-) diff --git a/go-controller/pkg/ovn/multihoming_test.go b/go-controller/pkg/ovn/multihoming_test.go index a0d31b3ebe9..641472cdb3c 100644 --- a/go-controller/pkg/ovn/multihoming_test.go +++ b/go-controller/pkg/ovn/multihoming_test.go @@ -8,8 +8,6 @@ import ( v1 "k8s.io/api/core/v1" - iputils "github.com/containernetworking/plugins/pkg/ip" - nadapi "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1" libovsdbclient "github.com/ovn-org/libovsdb/client" @@ -345,7 +343,7 @@ func hostPhysicalIP(gwConfig util.L3GatewayConfig) string { func hostIPsFromGWConfig(gwConfig util.L3GatewayConfig) []string { var hostIPs []string - for _, ip := range append(gwConfig.IPAddresses, dummyJoinIP()) { + for _, ip := range append(gwConfig.IPAddresses, dummyMasqueradeIP()) { hostIPs = append(hostIPs, ip.IP.String()) } return hostIPs @@ -404,8 +402,8 @@ func icClusterWithDisableSNATTestConfiguration() testConfiguration { } } -func newMultiHomedPod(namespace, name, node, podIP string, multiHomingConfigs ...secondaryNetInfo) *v1.Pod { - pod := newPod(namespace, name, node, podIP) +func newMultiHomedPod(testPod testPod, multiHomingConfigs ...secondaryNetInfo) *v1.Pod { + pod := newPod(testPod.namespace, testPod.podName, testPod.nodeName, testPod.podIP) var secondaryNetworks []nadapi.NetworkSelectionElement for _, multiHomingConf := range multiHomingConfigs { if multiHomingConf.isPrimary { @@ -427,7 +425,7 @@ func newMultiHomedPod(namespace, name, node, podIP string, multiHomingConfigs .. serializedNetworkSelectionElements, _ := json.Marshal(secondaryNetworks) pod.Annotations = map[string]string{nadapi.NetworkAttachmentAnnot: string(serializedNetworkSelectionElements)} if config.OVNKubernetesFeature.EnableInterconnect { - dummyOVNNetAnnotations := dummyOVNPodNetworkAnnotations(multiHomingConfigs) + dummyOVNNetAnnotations := dummyOVNPodNetworkAnnotations(testPod.secondaryPodInfos, multiHomingConfigs) if dummyOVNNetAnnotations != "{}" { pod.Annotations["k8s.ovn.org/pod-networks"] = dummyOVNNetAnnotations } @@ -435,7 +433,7 @@ func newMultiHomedPod(namespace, name, node, podIP string, multiHomingConfigs .. return pod } -func dummyOVNPodNetworkAnnotations(multiHomingConfigs []secondaryNetInfo) string { +func dummyOVNPodNetworkAnnotations(secondaryPodInfos map[string]*secondaryPodInfo, multiHomingConfigs []secondaryNetInfo) string { var ovnPodNetworksAnnotations []byte podAnnotations := map[string]podAnnotation{} for i, netConfig := range multiHomingConfigs { @@ -443,7 +441,8 @@ func dummyOVNPodNetworkAnnotations(multiHomingConfigs []secondaryNetInfo) string // for layer2 topology since allocating the annotation for this cluster configuration // is performed by cluster manager - which doesn't exist in the unit tests. if netConfig.topology == ovntypes.Layer2Topology { - podAnnotations[netConfig.nadName] = dummyOVNPodNetworkAnnotationForNetwork(netConfig, i+1) + portInfo := secondaryPodInfos[netConfig.netName].allportInfo[netConfig.nadName] + podAnnotations[netConfig.nadName] = dummyOVNPodNetworkAnnotationForNetwork(portInfo, netConfig, i+1) } } @@ -455,23 +454,25 @@ func dummyOVNPodNetworkAnnotations(multiHomingConfigs []secondaryNetInfo) string return string(ovnPodNetworksAnnotations) } -func dummyOVNPodNetworkAnnotationForNetwork(netConfig secondaryNetInfo, tunnelID int) podAnnotation { +func dummyOVNPodNetworkAnnotationForNetwork(portInfo portInfo, netConfig secondaryNetInfo, tunnelID int) podAnnotation { role := ovntypes.NetworkRoleSecondary if netConfig.isPrimary { role = ovntypes.NetworkRolePrimary } - var ( - gateways []string - ips []string - ) + var gateways []string for _, subnetStr := range strings.Split(netConfig.clustersubnets, ",") { subnet := testing.MustParseIPNet(subnetStr) - ips = append(ips, GetWorkloadSecondaryNetworkDummyIP(subnet).String()) gateways = append(gateways, util.GetNodeGatewayIfAddr(subnet).IP.String()) } + ip := testing.MustParseIP(portInfo.podIP) + _, maskSize := util.GetIPFullMask(ip).Size() + ipNet := net.IPNet{ + IP: ip, + Mask: net.CIDRMask(portInfo.prefixLen, maskSize), + } return podAnnotation{ - IPs: ips, - MAC: util.IPAddrToHWAddr(testing.MustParseIPNet(ips[0]).IP).String(), + IPs: []string{ipNet.String()}, + MAC: util.IPAddrToHWAddr(ip).String(), Gateways: gateways, Routes: nil, // TODO: must add here the expected routes. TunnelID: tunnelID, @@ -479,16 +480,6 @@ func dummyOVNPodNetworkAnnotationForNetwork(netConfig secondaryNetInfo, tunnelID } } -// GetWorkloadSecondaryNetworkDummyIP returns the workload logical switch port -// address (the ".3" address), return nil if the subnet is invalid -func GetWorkloadSecondaryNetworkDummyIP(subnet *net.IPNet) *net.IPNet { - mgmtIfAddr := util.GetNodeManagementIfAddr(subnet) - if mgmtIfAddr == nil { - return nil - } - return &net.IPNet{IP: iputils.NextIP(mgmtIfAddr.IP), Mask: subnet.Mask} -} - // Internal struct used to marshal PodAnnotation to the pod annotationç // Copied from pkg/util/pod_annotation.go type podAnnotation struct { diff --git a/go-controller/pkg/ovn/secondary_layer2_network_controller_test.go b/go-controller/pkg/ovn/secondary_layer2_network_controller_test.go index 08ee1d415da..99918270287 100644 --- a/go-controller/pkg/ovn/secondary_layer2_network_controller_test.go +++ b/go-controller/pkg/ovn/secondary_layer2_network_controller_test.go @@ -87,7 +87,7 @@ var _ = Describe("OVN Multi-Homed pod operations for layer2 network", func() { &v1.NodeList{Items: []v1.Node{*testNode}}, &v1.PodList{ Items: []v1.Pod{ - *newMultiHomedPod(podInfo.namespace, podInfo.podName, podInfo.nodeName, podInfo.podIP, netInfo), + *newMultiHomedPod(podInfo, netInfo), }, }, &nadapi.NetworkAttachmentDefinitionList{ @@ -160,21 +160,21 @@ var _ = Describe("OVN Multi-Homed pod operations for layer2 network", func() { nonICClusterTestConfiguration(), ), - table.Entry("pod on a user defined primary network on an IC cluster", + table.Entry("pod on a user defined primary network", dummyPrimaryLayer2UserDefinedNetwork("100.200.0.0/16"), - icClusterTestConfiguration(), + nonICClusterTestConfiguration(), ), - table.Entry("pod on a user defined secondary network", + table.Entry("pod on a user defined secondary network on an IC cluster", dummySecondaryLayer2UserDefinedNetwork("100.200.0.0/16"), - nonICClusterTestConfiguration(), + icClusterTestConfiguration(), ), table.Entry("pod on a user defined primary network on an IC cluster", dummyPrimaryLayer2UserDefinedNetwork("100.200.0.0/16"), icClusterTestConfiguration(), ), - table.Entry("pod on a user defined primary network on an IC cluster", + table.Entry("pod on a user defined primary network on an IC cluster with per-pod SNATs enabled", dummyPrimaryLayer2UserDefinedNetwork("100.200.0.0/16"), icClusterWithDisableSNATTestConfiguration(), ), @@ -230,7 +230,7 @@ var _ = Describe("OVN Multi-Homed pod operations for layer2 network", func() { }, &v1.PodList{ Items: []v1.Pod{ - *newMultiHomedPod(podInfo.namespace, podInfo.podName, podInfo.nodeName, podInfo.podIP, netInfo), + *newMultiHomedPod(podInfo, netInfo), }, }, &nadapi.NetworkAttachmentDefinitionList{ @@ -283,11 +283,11 @@ var _ = Describe("OVN Multi-Homed pod operations for layer2 network", func() { dummyLayer2PrimaryUserDefinedNetwork("192.168.0.0/16"), nonICClusterTestConfiguration(), ), - table.Entry("pod on a user defined primary network on an interconnect cluster", + table.Entry("pod on a user defined primary network on an IC cluster", dummyLayer2PrimaryUserDefinedNetwork("192.168.0.0/16"), icClusterTestConfiguration(), ), - table.Entry("pod on a user defined primary network on an interconnect cluster", + table.Entry("pod on a user defined primary network on an IC cluster with per-pod SNATs enabled", dummyLayer2PrimaryUserDefinedNetwork("192.168.0.0/16"), icClusterWithDisableSNATTestConfiguration(), ), diff --git a/go-controller/pkg/ovn/secondary_layer3_network_controller_test.go b/go-controller/pkg/ovn/secondary_layer3_network_controller_test.go index 1fbcbf73bc2..fe490bf912e 100644 --- a/go-controller/pkg/ovn/secondary_layer3_network_controller_test.go +++ b/go-controller/pkg/ovn/secondary_layer3_network_controller_test.go @@ -137,7 +137,7 @@ var _ = Describe("OVN Multi-Homed pod operations", func() { }, &v1.PodList{ Items: []v1.Pod{ - *newMultiHomedPod(podInfo.namespace, podInfo.podName, podInfo.nodeName, podInfo.podIP, netInfo), + *newMultiHomedPod(podInfo, netInfo), }, }, &nadapi.NetworkAttachmentDefinitionList{ @@ -199,15 +199,15 @@ var _ = Describe("OVN Multi-Homed pod operations", func() { dummyPrimaryLayer3UserDefinedNetwork("192.168.0.0/16", "192.168.1.0/24"), nonICClusterTestConfiguration(), ), - table.Entry("pod on a user defined secondary network on an interconnect cluster", + table.Entry("pod on a user defined secondary network on an IC cluster", dummySecondaryLayer3UserDefinedNetwork("192.168.0.0/16", "192.168.1.0/24"), icClusterTestConfiguration(), ), - table.Entry("pod on a user defined primary network on an interconnect cluster", + table.Entry("pod on a user defined primary network on an IC cluster", dummyPrimaryLayer3UserDefinedNetwork("192.168.0.0/16", "192.168.1.0/24"), icClusterTestConfiguration(), ), - table.Entry("pod on a user defined primary network on an interconnect cluster", + table.Entry("pod on a user defined primary network on an IC cluster with per-pod SNATs enabled", dummyPrimaryLayer3UserDefinedNetwork("192.168.0.0/16", "192.168.1.0/24"), icClusterWithDisableSNATTestConfiguration(), ), @@ -270,7 +270,7 @@ var _ = Describe("OVN Multi-Homed pod operations", func() { }, &v1.PodList{ Items: []v1.Pod{ - *newMultiHomedPod(podInfo.namespace, podInfo.podName, podInfo.nodeName, podInfo.podIP, netInfo), + *newMultiHomedPod(podInfo, netInfo), }, }, &nadapi.NetworkAttachmentDefinitionList{ @@ -318,11 +318,11 @@ var _ = Describe("OVN Multi-Homed pod operations", func() { dummyPrimaryLayer3UserDefinedNetwork("192.168.0.0/16", "192.168.1.0/24"), nonICClusterTestConfiguration(), ), - table.Entry("pod on a user defined primary network on an interconnect cluster", + table.Entry("pod on a user defined primary network on an IC cluster", dummyPrimaryLayer3UserDefinedNetwork("192.168.0.0/16", "192.168.1.0/24"), icClusterTestConfiguration(), ), - table.Entry("pod on a user defined primary network on an interconnect cluster", + table.Entry("pod on a user defined primary network on an IC cluster with per-pod SNATs enabled", dummyPrimaryLayer3UserDefinedNetwork("192.168.0.0/16", "192.168.1.0/24"), icClusterWithDisableSNATTestConfiguration(), ), From 14afcbf9621264f6d1de32107bfdcf77f655bbbc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jaime=20Caama=C3=B1o=20Ruiz?= Date: Fri, 13 Sep 2024 12:27:00 +0000 Subject: [PATCH 3/3] Pin multus to v4.1.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit To avoid being affected by potential dev breakage. Signed-off-by: Jaime Caamaño Ruiz --- contrib/kind-common | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/contrib/kind-common b/contrib/kind-common index 55741a9833a..56d450d24e1 100644 --- a/contrib/kind-common +++ b/contrib/kind-common @@ -394,9 +394,11 @@ install_kubevirt_ipam_controller() { } install_multus() { - echo "Installing multus-cni daemonset ..." - multus_manifest="https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/deployments/multus-daemonset.yml" - run_kubectl apply -f "$multus_manifest" + local version="v4.1.0" + echo "Installing multus-cni $version daemonset ..." + wget -qO- "https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/${version}/deployments/multus-daemonset.yml" |\ + sed -e "s|multus-cni:snapshot|multus-cni:${version}|g" |\ + run_kubectl apply -f - } install_mpolicy_crd() {