From 4dd40b82e18fcb14850f8be9bd598d32c1f66d56 Mon Sep 17 00:00:00 2001 From: Or Shoval Date: Tue, 17 Sep 2024 11:48:41 +0300 Subject: [PATCH] UDN, IPAM: Use v1.multus-cni.io/default-network In order to specify ipam-claim-reference for the primary network, use v1.multus-cni.io/default-network instead k8s.ovn.org/primary-udn-ipamclaim. Signed-off-by: Or Shoval --- pkg/config/types.go | 5 +++- pkg/ipamclaimswebhook/podmutator.go | 38 ++++++++++++++++++++---- pkg/ipamclaimswebhook/podmutator_test.go | 16 +++++++--- 3 files changed, 48 insertions(+), 11 deletions(-) diff --git a/pkg/config/types.go b/pkg/config/types.go index 44682986..7b917087 100644 --- a/pkg/config/types.go +++ b/pkg/config/types.go @@ -11,7 +11,10 @@ const ( NetworkRolePrimary NetworkRole = "primary" ) -const OVNPrimaryNetworkIPAMClaimAnnotation = "k8s.ovn.org/primary-udn-ipamclaim" +const ( + MultusDefaultNetwork = "v1.multus-cni.io/default-network" + DefaultNetworkName = "ovn-kubernetes" +) type RelevantConfig struct { Name string `json:"name"` diff --git a/pkg/ipamclaimswebhook/podmutator.go b/pkg/ipamclaimswebhook/podmutator.go index 9745bcf4..52bbc0b0 100644 --- a/pkg/ipamclaimswebhook/podmutator.go +++ b/pkg/ipamclaimswebhook/podmutator.go @@ -109,7 +109,10 @@ func (a *IPAMClaimsValet) Handle(ctx context.Context, request admission.Request) if newPod == nil { newPod = pod.DeepCopy() } - updatePodWithOVNPrimaryNetworkIPAMClaimAnnotation(newPod, newPrimaryNetworkIPAMClaimName) + if err = updatePodWithDefaultNetworkAnnotation(a.Client, newPod, newPrimaryNetworkIPAMClaimName); err != nil { + return admission.Errored(http.StatusInternalServerError, + fmt.Errorf("failed updating default network annotation: %v", err)) + } } if newPod != nil { @@ -159,8 +162,33 @@ func updatePodSelectionElements(pod *corev1.Pod, networks []*v1.NetworkSelection return nil } -func updatePodWithOVNPrimaryNetworkIPAMClaimAnnotation(pod *corev1.Pod, primaryNetworkIPAMClaimName string) { - pod.Annotations[config.OVNPrimaryNetworkIPAMClaimAnnotation] = primaryNetworkIPAMClaimName +func updatePodWithDefaultNetworkAnnotation(cli client.Client, pod *corev1.Pod, ipamClaimName string) error { + nadKey := types.NamespacedName{ + Namespace: "default", + Name: config.DefaultNetworkName, + } + + nad := v1.NetworkAttachmentDefinition{} + if err := cli.Get(context.Background(), nadKey, &nad); err != nil { + return err + } + + networkAnnotation := []v1.NetworkSelectionElement{ + { + Namespace: "default", + Name: config.DefaultNetworkName, + IPAMClaimReference: ipamClaimName, + }, + } + + annotationBytes, err := json.Marshal(networkAnnotation) + if err != nil { + return err + } + + pod.Annotations[config.MultusDefaultNetwork] = string(annotationBytes) + + return nil } func ensureIPAMClaimRefAtNetworkSelectionElements(ctx context.Context, @@ -236,9 +264,7 @@ func ensureIPAMClaimRefAtNetworkSelectionElements(ctx context.Context, func findNewPrimaryNetworkIPAMClaimName(ctx context.Context, cli client.Client, pod *corev1.Pod, vmName string) (string, error) { log := logf.FromContext(ctx) - if pod.Annotations[config.OVNPrimaryNetworkIPAMClaimAnnotation] != "" { - return "", nil - } + primaryNetworkNAD, err := udn.FindPrimaryNetwork(ctx, cli, pod.Namespace) if err != nil { return "", err diff --git a/pkg/ipamclaimswebhook/podmutator_test.go b/pkg/ipamclaimswebhook/podmutator_test.go index a39eeb49..bd18d93e 100644 --- a/pkg/ipamclaimswebhook/podmutator_test.go +++ b/pkg/ipamclaimswebhook/podmutator_test.go @@ -32,6 +32,8 @@ import ( ipamclaimsapi "github.com/k8snetworkplumbingwg/ipamclaims/pkg/crd/ipamclaims/v1alpha1" nadv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1" + + "github.com/kubevirt/ipam-extensions/pkg/config" ) type testConfig struct { @@ -137,6 +139,7 @@ var _ = Describe("KubeVirt IPAM launcher pod mutato machine", Serial, func() { inputNADs: []*nadv1.NetworkAttachmentDefinition{ dummyNAD(nadName), dummyPrimaryNetworkNAD(nadName), + dummyDefaultNetworkNAD(), }, inputPod: dummyPodForVM(nadName, vmName), expectedAdmissionResponse: admissionv1.AdmissionResponse{ @@ -146,8 +149,8 @@ var _ = Describe("KubeVirt IPAM launcher pod mutato machine", Serial, func() { expectedAdmissionPatches: ConsistOf([]jsonpatch.JsonPatchOperation{ { Operation: "add", - Path: "/metadata/annotations/k8s.ovn.org~1primary-udn-ipamclaim", - Value: "vm1.podnet", + Path: "/metadata/annotations/v1.multus-cni.io~1default-network", + Value: "[{\"name\":\"ovn-kubernetes\",\"namespace\":\"default\",\"ipam-claim-reference\":\"vm1.podnet\"}]", }, { Operation: "replace", @@ -162,6 +165,7 @@ var _ = Describe("KubeVirt IPAM launcher pod mutato machine", Serial, func() { inputVMI: dummyVMI(nadName), inputNADs: []*nadv1.NetworkAttachmentDefinition{ dummyPrimaryNetworkNAD(nadName), + dummyDefaultNetworkNAD(), }, inputPod: dummyPodForVM("" /*without network selection element*/, vmName), expectedAdmissionResponse: admissionv1.AdmissionResponse{ @@ -171,8 +175,8 @@ var _ = Describe("KubeVirt IPAM launcher pod mutato machine", Serial, func() { expectedAdmissionPatches: Equal([]jsonpatch.JsonPatchOperation{ { Operation: "add", - Path: "/metadata/annotations/k8s.ovn.org~1primary-udn-ipamclaim", - Value: "vm1.podnet", + Path: "/metadata/annotations/v1.multus-cni.io~1default-network", + Value: "[{\"name\":\"ovn-kubernetes\",\"namespace\":\"default\",\"ipam-claim-reference\":\"vm1.podnet\"}]", }, }), }), @@ -334,6 +338,10 @@ func dummyNADWithoutPersistentIPs(nadName string) *nadv1.NetworkAttachmentDefini return dummyNADWithConfig(nadName, `{"name": "goodnet"}`) } +func dummyDefaultNetworkNAD() *nadv1.NetworkAttachmentDefinition { + return dummyNADWithConfig("default/"+config.DefaultNetworkName, "") +} + func podAdmissionRequest(pod *corev1.Pod) admission.Request { rawPod, err := json.Marshal(pod) if err != nil {