Cilium BGPv1 Reconciler - Handle updated and deprecated Cidr fields

In 27322f3, the CiliumLoadBalancerIPPool's field named "cidrs" was deprecated. The documentation on https://docs.cilium.io/en/stable/network/lb-ipam/ provides an example of configuring a CiliumLoadBalancerIPPool using the field named "blocks". While testing a BGP policy configured with the Advertised Path Attributes feature, I was not able to achieve the desired policy. BGP attributes configured were not being applied. While discussing this in Cilium's Slack channel, it was pointed out that the BGPv1 reconciler was only aware of the deprecated field. This commit updates Cilium's BGPv1 reconciler to support both the deprecated and updated fields. Fixes: #32693 Signed-off-by: David Swafford <dswafford@coreweave.com>
cilium · May 31, 2024 · 686876c · 686876c
1 parent d4ce450
commit 686876c
Show file tree

Hide file tree

Showing 2 changed files with 439 additions and 4 deletions.
diff --git a/pkg/bgpv1/manager/reconciler/route_policy.go b/pkg/bgpv1/manager/reconciler/route_policy.go
@@ -238,11 +238,31 @@ func (r *RoutePolicyReconciler) pathAttributesToPolicy(attrs v2alpha1api.CiliumB
 			if attrs.Selector != nil && !labelSelector.Matches(labels.Set(pool.Labels)) {
 				continue
 			}
+			prefixesSeen := sets.New[netip.Prefix]()
+			for _, cidrBlock := range pool.Spec.Blocks {
+				cidr, err := netip.ParsePrefix(string(cidrBlock.Cidr))
+				if err != nil {
+					return nil, fmt.Errorf("failed to parse IPAM pool CIDR %s: %w", cidrBlock.Cidr, err)
+				}
+				if cidr.Addr().Is4() {
+					v4Prefixes = append(v4Prefixes, &types.RoutePolicyPrefixMatch{CIDR: cidr, PrefixLenMin: maxPrefixLenIPv4, PrefixLenMax: maxPrefixLenIPv4})
+				} else {
+					v6Prefixes = append(v6Prefixes, &types.RoutePolicyPrefixMatch{CIDR: cidr, PrefixLenMin: maxPrefixLenIPv6, PrefixLenMax: maxPrefixLenIPv6})
+				}
+				prefixesSeen.Insert(cidr)
+			}
+			// Note: CiliumLoadBalancerIPPool.Spec.Cidrs was deprecated as of
+			// https://github.com/cilium/cilium/commit/27322f3959c3fa05b9b1c4f9827527b4a3642687
+			// It was replaced by CiliumLoadBalancerIPPool.Spec.Blocks.
 			for _, cidrBlock := range pool.Spec.Cidrs {
 				cidr, err := netip.ParsePrefix(string(cidrBlock.Cidr))
 				if err != nil {
 					return nil, fmt.Errorf("failed to parse IPAM pool CIDR %s: %w", cidrBlock.Cidr, err)
 				}
+				// If the same prefix was specified in Spec.Blocks and Spec.Cidrs, ignore the duplicate.
+				if prefixesSeen.Has(cidr) {
+					continue
+				}
 				if cidr.Addr().Is4() {
 					v4Prefixes = append(v4Prefixes, &types.RoutePolicyPrefixMatch{CIDR: cidr, PrefixLenMin: maxPrefixLenIPv4, PrefixLenMax: maxPrefixLenIPv4})
 				} else {