From 5d8b106a0096d4b104579f95eaad05009074bcb9 Mon Sep 17 00:00:00 2001
From: hzma <hzma@alauda.io>
Date: Wed, 17 May 2023 16:29:35 +0800
Subject: [PATCH] add route for service ip range when init vpc-nat-gw (#2821)

---
 dist/images/vpcnatgateway/nat-gateway.sh |  9 +++++++++
 pkg/controller/vpc_nat_gateway.go        | 13 +++++--------
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/dist/images/vpcnatgateway/nat-gateway.sh b/dist/images/vpcnatgateway/nat-gateway.sh
index 1051528dc14..4b6e7e8643c 100644
--- a/dist/images/vpcnatgateway/nat-gateway.sh
+++ b/dist/images/vpcnatgateway/nat-gateway.sh
@@ -33,6 +33,15 @@ function init() {
     iptables -t nat -A POSTROUTING -j SNAT_FILTER
     iptables -t nat -A SNAT_FILTER -j EXCLUSIVE_SNAT
     iptables -t nat -A SNAT_FILTER -j SHARED_SNAT
+
+    for rule in $@
+    do
+        arr=(${rule//,/ })
+        cidr=${arr[0]}
+        nextHop=${arr[1]}
+
+        exec_cmd "ip route replace $cidr via $nextHop dev eth0"
+    done
 }
 
 
diff --git a/pkg/controller/vpc_nat_gateway.go b/pkg/controller/vpc_nat_gateway.go
index 2ea8cc35825..3b2d6c5da02 100644
--- a/pkg/controller/vpc_nat_gateway.go
+++ b/pkg/controller/vpc_nat_gateway.go
@@ -289,12 +289,7 @@ func (c *Controller) handleInitVpcNatGw(key string) error {
 		}
 		return err
 	}
-	var v4Cidr string
-	if subnet, ok := c.ipam.Subnets[gw.Spec.Subnet]; ok {
-		v4Cidr = subnet.V4CIDR.String()
-	} else {
-		return fmt.Errorf("failed to get subnet %s", gw.Spec.Subnet)
-	}
+	// subnet for vpc-nat-gw has been checked when create vpc-nat-gw
 
 	if err := c.updateCrdNatGw(gw.Name); err != nil {
 		klog.Errorf("failed to update nat gw: %v", gw.Name, err)
@@ -317,8 +312,10 @@ func (c *Controller) handleInitVpcNatGw(key string) error {
 	}
 	NAT_GW_CREATED_AT = pod.CreationTimestamp.Format("2006-01-02T15:04:05")
 	klog.V(3).Infof("nat gw pod '%s' inited at %s", key, NAT_GW_CREATED_AT)
-	if err = c.execNatGwRules(pod, natGwInit, []string{v4Cidr}); err != nil {
-		klog.Errorf("failed to init vpc nat gateway, %v", err)
+
+	if err = c.execNatGwRules(pod, natGwInit, []string{fmt.Sprintf("%s,%s", c.config.ServiceClusterIPRange, pod.Annotations[util.GatewayAnnotation])}); err != nil {
+		err = fmt.Errorf("failed to init vpc nat gateway, %v", err)
+		klog.Error(err)
 		return err
 	}
 	c.updateVpcFloatingIpQueue.Add(key)