Azure · vakalapa · Sep 2, 2022 · Sep 2, 2022 · Sep 2, 2022 · Sep 2, 2022
@@ -26,7 +26,7 @@ var version string
 // panicRecoverAndExitWithStackTrace - recovery from panic, print a failure message and stack trace and exit the program
 func panicRecoverAndExitWithStackTrace() {
 	if r := recover(); r != nil {
-		klog.Errorf("%+v", r)
+		klog.Infoln(r)
 		klog.Errorf("Stack trace: %s", string(debug.Stack()))
 	}
 }

@@ -177,13 +177,7 @@ func k8sServerVersion(kubeclientset kubernetes.Interface) *k8sversion.Info {
 	}
 
 	if err != nil {
-		metrics.SendErrorLogAndMetric(util.NpmID, "Error: failed to retrieving kubernetes version")
-		panic(err.Error)
-	}
-
-	if err = util.SetIsNewNwPolicyVerFlag(serverVersion); err != nil {
-		metrics.SendErrorLogAndMetric(util.NpmID, "Error: failed to set IsNewNwPolicyVerFlag")
-		panic(err.Error)
+		metrics.SendErrorLogAndMetric(util.NpmID, "Error: failed to retrieving kubernetes version with err: %s", err.Error())
 	}
 	return serverVersion
 }
@@ -4,11 +4,7 @@ import (
 	"testing"
 
 	"github.com/Azure/azure-container-networking/log"
-	"github.com/Azure/azure-container-networking/npm/util"
 	"github.com/stretchr/testify/require"
-	k8sversion "k8s.io/apimachinery/pkg/version"
-	fakediscovery "k8s.io/client-go/discovery/fake"
-	"k8s.io/client-go/kubernetes/fake"
 )
 
 func TestInitLogging(t *testing.T) {
@@ -17,101 +13,3 @@ func TestInitLogging(t *testing.T) {
 	require.NoError(t, err)
 	require.Equal(t, expectedLogPath, log.GetLogDirectory())
 }
-
-func TestK8sServerVersion(t *testing.T) {
-	// NPM has break behavior change from k8s version >= 1.11.
-	// Thus, util.IsNewNwPolicyVerFlag flag is set based on running K8s version.
-	tests := []struct {
-		name             string
-		info             *k8sversion.Info
-		wantPanic        bool
-		isNewNwPolicyVer bool
-	}{
-		{
-			name: "Test higher version (>1.11)",
-			info: &k8sversion.Info{
-				Major:      "1.20",
-				Minor:      "2",
-				GitVersion: "v1.20.2",
-			},
-			wantPanic:        false,
-			isNewNwPolicyVer: true,
-		},
-		{
-			name: "Test equal version (1.11)",
-			info: &k8sversion.Info{
-				Major:      "1.11",
-				Minor:      "0",
-				GitVersion: "v1.11",
-			},
-			wantPanic:        false,
-			isNewNwPolicyVer: true,
-		},
-		{
-			name: "Test lower version (<1.11)",
-			info: &k8sversion.Info{
-				Major:      "1.10",
-				Minor:      "1",
-				GitVersion: "v1.10.1",
-			},
-			wantPanic:        false,
-			isNewNwPolicyVer: false,
-		},
-		{
-			name: "Test lower version (<1.11)",
-			info: &k8sversion.Info{
-				Major:      "0",
-				Minor:      "0",
-				GitVersion: "v0.0",
-			},
-			wantPanic:        false,
-			isNewNwPolicyVer: false,
-		},
-		{
-			name: "Test wrong minus version",
-			info: &k8sversion.Info{
-				Major:      "-1.11",
-				Minor:      "0",
-				GitVersion: "v-1.11",
-			},
-			wantPanic: true,
-		},
-		{
-			name: "Test wrong alphabet version",
-			info: &k8sversion.Info{
-				Major:      "ab",
-				Minor:      "cc",
-				GitVersion: "vab.cc",
-			},
-			wantPanic: true,
-		},
-		{
-			name: "Test wrong alphabet version",
-			info: &k8sversion.Info{
-				Major:      "1.1",
-				Minor:      "cc",
-				GitVersion: "v1.1.cc",
-			},
-			wantPanic: true,
-		},
-	}
-
-	fc := fake.NewSimpleClientset()
-	for _, tt := range tests {
-		tt := tt
-		fc.Discovery().(*fakediscovery.FakeDiscovery).FakedServerVersion = tt.info
-		t.Run(tt.name, func(t *testing.T) {
-			if tt.wantPanic {
-				require.Panics(t, func() {
-					k8sServerVersion(fc)
-				})
-			} else {
-				require.NotPanics(t, func() {
-					got := k8sServerVersion(fc)
-					require.Equal(t, got, tt.info)
-					require.Equal(t, util.IsNewNwPolicyVerFlag, tt.isNewNwPolicyVer)
-				})
-			}
-		})
-	}
-}
@@ -121,11 +121,14 @@ func craftPartialIptEntrySpecFromOpsAndLabels(ns string, ops, labels []string, s
 // craftPartialIptEntrySpecFromSelector :- ns must be "" for namespace selectors
 // func helps in taking a labelSelector and converts it into corresponding matchSets
 // to be a used in full iptable rules
-//  selector *metav1.LabelSelector: is used to create matchSets
-//  ns string: helps with adding a namespace name in case of empty (or all) selector
-//  srcOrDstFlag string: helps with determining if the src flag is to used in matchsets or dst flag,
+//
+//	selector *metav1.LabelSelector: is used to create matchSets
+//	ns string: helps with adding a namespace name in case of empty (or all) selector
+//	srcOrDstFlag string: helps with determining if the src flag is to used in matchsets or dst flag,
+//
 // depending on ingress or egress translate policy
-//  isNamespaceSelector bool: helps in adding prefix for nameSpace ipsets
+//
+//	isNamespaceSelector bool: helps in adding prefix for nameSpace ipsets
 func craftPartialIptEntrySpecFromSelector(ns string, selector *metav1.LabelSelector, srcOrDstFlag string, isNamespaceSelector bool) ([]string, []string, map[string][]string) {
 	// parse the sector into labels and maps of multiVal match Exprs
 	labelsWithOps, nsLabelListKVs := parseSelector(selector)
@@ -715,13 +718,6 @@ func translateIngress(ns string, policyName string, targetSelector metav1.LabelS
 				continue
 			}
 
-			// fromRule has both namespaceSelector and podSelector set.
-			// We should match the selected pods in the selected namespaces.
-			// This allows traffic from podSelector intersects namespaceSelector
-			// This is only supported in kubernetes version >= 1.11
-			if !util.IsNewNwPolicyVerFlag {
-				continue
-			}
 			for _, nsSelector := range FlattenNameSpaceSelector(fromRule.NamespaceSelector) {
 				// we pass empty ns for the podspec and comment here because it's a combo of both selectors and not limited to network policy namespace
 				iptPartialNsSpec, nsLabelsWithoutOps, listLabelsWithMembers := craftPartialIptEntrySpecFromSelector("", &nsSelector, util.IptablesSrcFlag, true) // Add namespaces prefix to distinguish namespace ipsets and pod ipsets
@@ -1377,13 +1373,6 @@ func translateEgress(ns string, policyName string, targetSelector metav1.LabelSe
 				continue
 			}
 
-			// toRule has both namespaceSelector and podSelector set.
-			// We should match the selected pods in the selected namespaces.
-			// This allows traffic from podSelector intersects namespaceSelector
-			// This is only supported in kubernetes version >= 1.11
-			if !util.IsNewNwPolicyVerFlag {
-				continue
-			}
 			for _, nsSelector := range FlattenNameSpaceSelector(toRule.NamespaceSelector) {
 				// we pass true for the podspec and comment here because it's a combo of both selectors and not limited to network policy namespace
 				iptPartialNsSpec, nsLabelsWithoutOps, listLabelsWithMembers := craftPartialIptEntrySpecFromSelector("", &nsSelector, util.IptablesDstFlag, true)

@@ -642,7 +642,6 @@ func TestTranslateIngress(t *testing.T) {
 		},
 	}
 
-	util.IsNewNwPolicyVerFlag = true
 	sets, _, lists, _, iptEntries := translateIngress(ns, name, targetSelector, rules)
 	expectedSets := []string{
 		"context:dev",
@@ -925,7 +924,6 @@ func TestTranslateEgress(t *testing.T) {
 		},
 	}
 
-	util.IsNewNwPolicyVerFlag = true
 	sets, _, lists, _, iptEntries := translateEgress(ns, name, targetSelector, rules)
 	expectedSets := []string{
 		"context:dev",
@@ -1788,7 +1786,6 @@ func TestAllowNsDevAndAppBackendToAppFrontend(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	util.IsNewNwPolicyVerFlag = true
 	sets, _, lists, _, _, iptEntries := translatePolicy(allowNsDevAndBackendToFrontendPolicy)
 
 	expectedSets := []string{
@@ -2400,8 +2397,6 @@ func TestAllowMultiplePodSelectors(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	util.IsNewNwPolicyVerFlag = true
-
 	sets, _, lists, _, _, iptEntries := translatePolicy(multiPodSlector)
 
 	expectedSets := []string{

@@ -434,14 +434,6 @@ func translateRule(npmNetPol *policies.NPMNetworkPolicy, netPolName string, dire
 			continue
 		}
 
-		// peer has both namespaceSelector and podSelector set.
-		// We should match the selected pods in the selected namespaces.
-		// This allows traffic from podSelector intersects namespaceSelector
-		// This is only supported in kubernetes version >= 1.11
-		if !util.IsNewNwPolicyVerFlag {
-			continue
-		}
-
 		// #2.4 handle namespaceSelector and podSelector and port if exist
 		psResult, err := podSelector(npmNetPol.PolicyKey, matchType, peer.PodSelector)
 		if err != nil {