fix lr policy for default subnet with logical gateway enabled (#2177)

pkg/controller/gc.go

@@ -620,7 +620,7 @@ func (c *Controller) gcPortGroup() error {
 			return err
 		}
 		for _, subnet := range subnets {
-			if subnet.Spec.Vpc != util.DefaultVpc || subnet.Spec.Vlan != "" || subnet.Name == c.config.NodeSwitch || subnet.Spec.GatewayType != kubeovnv1.GWDistributedType {
+			if subnet.Spec.Vpc != util.DefaultVpc || (subnet.Spec.Vlan != "" && !subnet.Spec.LogicalGateway) || subnet.Name == c.config.NodeSwitch || subnet.Spec.GatewayType != kubeovnv1.GWDistributedType {
 				continue
 			}
 			for _, node := range nodes {

pkg/controller/node.go

@@ -314,7 +314,7 @@ func (c *Controller) handleAddNode(key string) error {
 	}
 
 	for _, subnet := range subnets {
-		if subnet.Spec.Vlan != "" || subnet.Spec.Vpc != util.DefaultVpc || subnet.Name == c.config.NodeSwitch || subnet.Spec.GatewayType != kubeovnv1.GWDistributedType {
+		if (subnet.Spec.Vlan != "" && !subnet.Spec.LogicalGateway) || subnet.Spec.Vpc != util.DefaultVpc || subnet.Name == c.config.NodeSwitch || subnet.Spec.GatewayType != kubeovnv1.GWDistributedType {
 			continue
 		}
 		if err = c.createPortGroupForDistributedSubnet(node, subnet); err != nil {
@@ -1112,7 +1112,7 @@ func (c *Controller) deletePolicyRouteForNode(nodeName string) error {
 	}
 
 	for _, subnet := range subnets {
-		if subnet.Spec.Vlan != "" || subnet.Spec.Vpc != util.DefaultVpc || subnet.Name == c.config.NodeSwitch {
+		if (subnet.Spec.Vlan != "" && !subnet.Spec.LogicalGateway) || subnet.Spec.Vpc != util.DefaultVpc || subnet.Name == c.config.NodeSwitch {
 			continue
 		}
 
@@ -1183,7 +1183,7 @@ func (c *Controller) addPolicyRouteForCentralizedSubnetOnNode(nodeName, nodeIP s
 	}
 
 	for _, subnet := range subnets {
-		if subnet.Spec.Vlan != "" || subnet.Spec.Vpc != util.DefaultVpc || subnet.Name == c.config.NodeSwitch || subnet.Spec.GatewayType != kubeovnv1.GWCentralizedType {
+		if (subnet.Spec.Vlan != "" && !subnet.Spec.LogicalGateway) || subnet.Spec.Vpc != util.DefaultVpc || subnet.Name == c.config.NodeSwitch || subnet.Spec.GatewayType != kubeovnv1.GWCentralizedType {
 			continue
 		}
 

pkg/daemon/controller_linux.go

@@ -121,26 +121,34 @@ func (c *Controller) reconcileRouters(event subnetEvent) error {
 		}
 	}
 
+	node, err := c.nodesLister.Get(c.config.NodeName)
+	if err != nil {
+		klog.Errorf("failed to get node %s %v", c.config.NodeName, err)
+		return err
+	}
+	nodeIPv4, nodeIPv6 := util.GetNodeInternalIP(*node)
+
 	cidrs := make([]string, 0, len(subnets)*2)
 	for _, subnet := range subnets {
-		if subnet.Spec.Vlan != "" || subnet.Spec.Vpc != util.DefaultVpc || !subnet.Status.IsReady() {
+		if (subnet.Spec.Vlan != "" && !subnet.Spec.LogicalGateway) || subnet.Spec.Vpc != util.DefaultVpc || !subnet.Status.IsReady() {
 			continue
 		}
 
 		for _, cidrBlock := range strings.Split(subnet.Spec.CIDRBlock, ",") {
 			if _, ipNet, err := net.ParseCIDR(cidrBlock); err != nil {
 				klog.Errorf("%s is not a valid cidr block", cidrBlock)
 			} else {
+				if nodeIPv4 != "" && util.CIDRContainIP(cidrBlock, nodeIPv4) {
+					continue
+				}
+				if nodeIPv6 != "" && util.CIDRContainIP(cidrBlock, nodeIPv6) {
+					continue
+				}
 				cidrs = append(cidrs, ipNet.String())
 			}
 		}
 	}
 
-	node, err := c.nodesLister.Get(c.config.NodeName)
-	if err != nil {
-		klog.Errorf("failed to get node %s %v", c.config.NodeName, err)
-		return err
-	}
 	gateway, ok := node.Annotations[util.GatewayAnnotation]
 	if !ok {
 		klog.Errorf("annotation for node %s ovn.kubernetes.io/gateway not exists", node.Name)

pkg/daemon/gateway.go

@@ -116,7 +116,7 @@ func (c *Controller) getSubnetsDistributedGateway(protocol string) ([]string, er
 	var result []string
 	for _, subnet := range subnets {
 		if subnet.DeletionTimestamp == nil &&
-			subnet.Spec.Vlan == "" &&
+			(subnet.Spec.Vlan == "" || subnet.Spec.LogicalGateway) &&
 			subnet.Spec.Vpc == util.DefaultVpc &&
 			subnet.Spec.CIDRBlock != "" &&
 			subnet.Spec.GatewayType == kubeovnv1.GWDistributedType &&