fix: Using Node IP as the primary IP allowing the use of all the IPs …

…in the subnet for pods in Vnet Scale Mode and added the fix for Vnet Scale Cillium (#2660) * Testing with NodeIP as the PrimaryIP * Updated the secondary IP configs to not delete the first IP from Primary IP field as we will now use the Node IP for all functions related to Primary IP * Fixed the invalid UT to test out and validate the use of Node IP for SNAT and including the primary IP for use in secondary IP blocks * Combined the common code for Prefix Length * Updated to set the Host Primary IP for both Overlay and Vnet Scale as it is primarily only being used to setup IMDS SNAT Rules * Fixing the valid overlay UT to include the Host Primary IP
Azure · Apr 1, 2024 · 364c168 · 364c168
1 parent 7c4e48c
commit 364c168
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 6 deletions.
diff --git a/cns/kubecontroller/nodenetworkconfig/conversion.go b/cns/kubecontroller/nodenetworkconfig/conversion.go
@@ -87,14 +87,20 @@ func CreateNCRequestFromStaticNC(nc v1alpha.NetworkContainer) (*cns.CreateNetwor
 	if err != nil {
 		return nil, errors.Wrapf(err, "invalid SubnetAddressSpace %s", nc.SubnetAddressSpace)
 	}
+
 	subnet := cns.IPSubnet{
-		IPAddress:    primaryPrefix.Addr().String(),
 		PrefixLength: uint8(subnetPrefix.Bits()),
 	}
+	if nc.Type == v1alpha.VNETBlock {
+		subnet.IPAddress = nc.NodeIP
+	} else {
+		subnet.IPAddress = primaryPrefix.Addr().String()
+	}
 
 	req, err := createNCRequestFromStaticNCHelper(nc, primaryPrefix, subnet)
 	if err != nil {
 		return nil, errors.Wrapf(err, "error while creating NC request from static NC")
 	}
+
 	return req, err
 }
diff --git a/cns/kubecontroller/nodenetworkconfig/conversion_linux.go b/cns/kubecontroller/nodenetworkconfig/conversion_linux.go
@@ -27,8 +27,6 @@ func createNCRequestFromStaticNCHelper(nc v1alpha.NetworkContainer, primaryIPPre
 
 	// Add IPs from CIDR block to the secondary IPConfigs
 	if nc.Type == v1alpha.VNETBlock {
-		// Delete primary IP reserved for Primary IP for NC
-		delete(secondaryIPConfigs, primaryIPPrefix.Addr().String())
 
 		for _, ipAssignment := range nc.IPAssignments {
 			cidrPrefix, err := netip.ParsePrefix(ipAssignment.IP)
@@ -48,6 +46,7 @@ func createNCRequestFromStaticNCHelper(nc v1alpha.NetworkContainer, primaryIPPre
 	}
 
 	return &cns.CreateNetworkContainerRequest{
+		HostPrimaryIP:        nc.NodeIP,
 		SecondaryIPConfigs:   secondaryIPConfigs,
 		NetworkContainerid:   nc.ID,
 		NetworkContainerType: cns.Docker,

diff --git a/cns/kubecontroller/nodenetworkconfig/conversion_linux_test.go b/cns/kubecontroller/nodenetworkconfig/conversion_linux_test.go
@@ -7,7 +7,8 @@ import (
 )
 
 var validOverlayRequest = &cns.CreateNetworkContainerRequest{
-	Version: strconv.FormatInt(0, 10),
+	HostPrimaryIP: validOverlayNC.NodeIP,
+	Version:       strconv.FormatInt(0, 10),
 	IPConfiguration: cns.IPConfiguration{
 		IPSubnet: cns.IPSubnet{
 			PrefixLength: uint8(subnetPrefixLen),
@@ -37,18 +38,23 @@ var validOverlayRequest = &cns.CreateNetworkContainerRequest{
 }
 
 var validVNETBlockRequest = &cns.CreateNetworkContainerRequest{
-	Version: strconv.FormatInt(version, 10),
+	Version:       strconv.FormatInt(version, 10),
+	HostPrimaryIP: vnetBlockNodeIP,
 	IPConfiguration: cns.IPConfiguration{
 		GatewayIPAddress: vnetBlockDefaultGateway,
 		IPSubnet: cns.IPSubnet{
 			PrefixLength: uint8(vnetBlockSubnetPrefixLen),
-			IPAddress:    vnetBlockPrimaryIP,
+			IPAddress:    vnetBlockNodeIP,
 		},
 	},
 	NetworkContainerid:   ncID,
 	NetworkContainerType: cns.Docker,
 	// Ignore first IP in first CIDR Block, i.e. 10.224.0.4
 	SecondaryIPConfigs: map[string]cns.SecondaryIPConfig{
+		"10.224.0.4": {
+			IPAddress: "10.224.0.4",
+			NCVersion: version,
+		},
 		"10.224.0.5": {
 			IPAddress: "10.224.0.5",
 			NCVersion: version,