feat: add ovn dnat (#2565)

* feat: ovn dnat --------- Co-authored-by: yl4811 <yl4811@yealink.com>
kubeovn · Mar 30, 2023 · 887df21 · 887df21
1 parent 02a8687
commit 887df21
Show file tree

Hide file tree

Showing 24 changed files with 1,659 additions and 4 deletions.
diff --git a/dist/images/cleanup.sh b/dist/images/cleanup.sh
@@ -113,7 +113,7 @@ kubectl delete --ignore-not-found crd htbqoses.kubeovn.io security-groups.kubeov
                                       vpc-nat-gateways.kubeovn.io vpcs.kubeovn.io vlans.kubeovn.io provider-networks.kubeovn.io \
                                       iptables-dnat-rules.kubeovn.io  iptables-eips.kubeovn.io  iptables-fip-rules.kubeovn.io \
                                       iptables-snat-rules.kubeovn.io vips.kubeovn.io switch-lb-rules.kubeovn.io vpc-dnses.kubeovn.io \
-                                      ovn-eips.kubeovn.io ovn-fips.kubeovn.io ovn-snat-rules.kubeovn.io 
+                                      ovn-eips.kubeovn.io ovn-fips.kubeovn.io ovn-snat-rules.kubeovn.io ovn-dnat-rules.kubeovn.io
 
 # Remove annotations/labels in namespaces and nodes
 kubectl annotate no --all ovn.kubernetes.io/cidr-

diff --git a/dist/images/install.sh b/dist/images/install.sh
@@ -1008,6 +1008,109 @@ spec:
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
+metadata:
+  name: ovn-dnat-rules.kubeovn.io
+spec:
+  group: kubeovn.io
+  names:
+    plural: ovn-dnat-rules
+    singular: ovn-dnat-rule
+    shortNames:
+      - odnat
+    kind: OvnDnatRule
+    listKind: OvnDnatRuleList
+  scope: Cluster
+  versions:
+    - name: v1
+      served: true
+      storage: true
+      subresources:
+        status: {}
+      additionalPrinterColumns:
+        - jsonPath: .spec.ovnEip
+          name: Eip
+          type: string
+        - jsonPath: .status.protocol
+          name: Protocol
+          type: string
+        - jsonPath: .status.v4Eip
+          name: V4Eip
+          type: string
+        - jsonPath: .status.v4Ip
+          name: V4Ip
+          type: string
+        - jsonPath: .status.internalPort
+          name: InternalPort
+          type: string
+        - jsonPath: .status.externalPort
+          name: ExternalPort
+          type: string
+        - jsonPath: .spec.ipName
+          name: IpName
+          type: string
+        - jsonPath: .status.ready
+          name: Ready
+          type: boolean
+      schema:
+          openAPIV3Schema:
+            type: object
+            properties:
+              status:
+                type: object
+                properties:
+                  ready:
+                    type: boolean
+                  v4Eip:
+                    type: string
+                  v4Ip:
+                    type: string
+                  macAddress:
+                    type: string
+                  vpc:
+                    type: string
+                  externalPort:
+                    type: string
+                  internalPort:
+                    type: string
+                  protocol:
+                    type: string
+                  ipName:
+                    type: string
+                  conditions:
+                    type: array
+                    items:
+                      type: object
+                      properties:
+                        type:
+                          type: string
+                        status:
+                          type: string
+                        reason:
+                          type: string
+                        message:
+                          type: string
+                        lastUpdateTime:
+                          type: string
+                        lastTransitionTime:
+                          type: string
+              spec:
+                type: object
+                properties:
+                  ovnEip:
+                    type: string
+                  ipType:
+                    type: string
+                  ipName:
+                    type: string
+                  externalPort:
+                    type: string
+                  internalPort:
+                    type: string
+                  protocol:
+                    type: string
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
 metadata:
   name: vpcs.kubeovn.io
 spec:
@@ -1844,6 +1947,8 @@ rules:
       - ovn-eips/status
       - ovn-fips/status
       - ovn-snat-rules/status
+      - ovn-dnat-rules
+      - ovn-dnat-rules/status
       - switch-lb-rules
       - switch-lb-rules/status
       - vpc-dnses
@@ -2353,6 +2458,8 @@ rules:
       - ovn-eips/status
       - ovn-fips/status
       - ovn-snat-rules/status
+      - ovn-dnat-rules
+      - ovn-dnat-rules/status
       - vpc-dnses
       - vpc-dnses/status
       - switch-lb-rules

diff --git a/kubeovn-helm/templates/kube-ovn-crd.yaml b/kubeovn-helm/templates/kube-ovn-crd.yaml
@@ -790,6 +790,109 @@ spec:
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
+metadata:
+  name: ovn-dnat-rules.kubeovn.io
+spec:
+  group: kubeovn.io
+  names:
+    plural: ovn-dnat-rules
+    singular: ovn-dnat-rule
+    shortNames:
+      - odnat
+    kind: OvnDnatRule
+    listKind: OvnDnatRuleList
+  scope: Cluster
+  versions:
+    - name: v1
+      served: true
+      storage: true
+      subresources:
+        status: {}
+      additionalPrinterColumns:
+        - jsonPath: .spec.ovnEip
+          name: Eip
+          type: string
+        - jsonPath: .status.protocol
+          name: Protocol
+          type: string
+        - jsonPath: .status.v4Eip
+          name: V4Eip
+          type: string
+        - jsonPath: .status.v4Ip
+          name: V4Ip
+          type: string
+        - jsonPath: .status.internalPort
+          name: InternalPort
+          type: string
+        - jsonPath: .status.externalPort
+          name: ExternalPort
+          type: string
+        - jsonPath: .spec.ipName
+          name: IpName
+          type: string
+        - jsonPath: .status.ready
+          name: Ready
+          type: boolean
+      schema:
+          openAPIV3Schema:
+            type: object
+            properties:
+              status:
+                type: object
+                properties:
+                  ready:
+                    type: boolean
+                  v4Eip:
+                    type: string
+                  v4Ip:
+                    type: string
+                  macAddress:
+                    type: string
+                  vpc:
+                    type: string
+                  externalPort:
+                    type: string
+                  internalPort:
+                    type: string
+                  protocol:
+                    type: string
+                  ipName:
+                    type: string
+                  conditions:
+                    type: array
+                    items:
+                      type: object
+                      properties:
+                        type:
+                          type: string
+                        status:
+                          type: string
+                        reason:
+                          type: string
+                        message:
+                          type: string
+                        lastUpdateTime:
+                          type: string
+                        lastTransitionTime:
+                          type: string
+              spec:
+                type: object
+                properties:
+                  ovnEip:
+                    type: string
+                  ipType:
+                    type: string
+                  ipName:
+                    type: string
+                  externalPort:
+                    type: string
+                  internalPort:
+                    type: string
+                  protocol:
+                    type: string
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
 metadata:
   name: vpcs.kubeovn.io
 spec:

diff --git a/kubeovn-helm/templates/ovn-CR.yaml b/kubeovn-helm/templates/ovn-CR.yaml
@@ -36,6 +36,8 @@ rules:
       - ovn-eips/status
       - ovn-fips/status
       - ovn-snat-rules/status
+      - ovn-dnat-rules
+      - ovn-dnat-rules/status
       - vpc-dnses
       - vpc-dnses/status
       - switch-lb-rules

diff --git a/pkg/apis/kubeovn/v1/register.go b/pkg/apis/kubeovn/v1/register.go
@@ -59,6 +59,8 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 		&OvnFipList{},
 		&OvnSnatRule{},
 		&OvnSnatRuleList{},
+		&OvnDnatRule{},
+		&OvnDnatRuleList{},
 		&SecurityGroup{},
 		&SecurityGroupList{},
 		&SwitchLBRule{},

diff --git a/pkg/apis/kubeovn/v1/status.go b/pkg/apis/kubeovn/v1/status.go
@@ -117,3 +117,13 @@ func (osrs *OvnSnatRuleStatus) Bytes() ([]byte, error) {
 	klog.V(5).Info("status body", newStr)
 	return []byte(newStr), nil
 }
+
+func (odrs *OvnDnatRuleStatus) Bytes() ([]byte, error) {
+	bytes, err := json.Marshal(odrs)
+	if err != nil {
+		return nil, err
+	}
+	newStr := fmt.Sprintf(`{"status": %s}`, string(bytes))
+	klog.V(5).Info("status body", newStr)
+	return []byte(newStr), nil
+}
diff --git a/pkg/apis/kubeovn/v1/types.go b/pkg/apis/kubeovn/v1/types.go
@@ -1184,3 +1184,76 @@ type OvnSnatRuleList struct {
 
 	Items []OvnSnatRule `json:"items"`
 }
+
+// +genclient
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +genclient:nonNamespaced
+// +resourceName=ovn-dnat-rules
+
+type OvnDnatRule struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   OvnDnatRuleSpec   `json:"spec"`
+	Status OvnDnatRuleStatus `json:"status,omitempty"`
+}
+
+type OvnDnatRuleSpec struct {
+	OvnEip       string `json:"ovnEip"`
+	IpType       string `json:"ipType"` // vip, ip
+	IpName       string `json:"ipName"` // vip, ip crd name
+	InternalPort string `json:"internalPort"`
+	ExternalPort string `json:"externalPort"`
+	Protocol     string `json:"protocol,omitempty"`
+}
+
+// OvnDnatRuleCondition describes the state of an object at a certain point.
+// +k8s:deepcopy-gen=true
+type OvnDnatRuleCondition struct {
+	// Type of condition.
+	Type ConditionType `json:"type"`
+	// Status of the condition, one of True, False, Unknown.
+	Status corev1.ConditionStatus `json:"status"`
+	// The reason for the condition's last transition.
+	// +optional
+	Reason string `json:"reason,omitempty"`
+	// A human readable message indicating details about the transition.
+	// +optional
+	Message string `json:"message,omitempty"`
+	// Last time the condition was probed
+	// +optional
+	LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty"`
+	// Last time the condition transitioned from one status to another.
+	// +optional
+	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
+}
+
+// +k8s:deepcopy-gen=true
+type OvnDnatRuleStatus struct {
+	// +optional
+	// +patchStrategy=merge
+	Ready        bool   `json:"ready" patchStrategy:"merge"`
+	V4Eip        string `json:"v4Eip" patchStrategy:"merge"`
+	V4Ip         string `json:"v4Ip" patchStrategy:"merge"`
+	MacAddress   string `json:"macAddress" patchStrategy:"merge"`
+	Vpc          string `json:"vpc" patchStrategy:"merge"`
+	InternalPort string `json:"internalPort"`
+	ExternalPort string `json:"externalPort"`
+	Protocol     string `json:"protocol,omitempty"`
+	IpName       string `json:"ipName"`
+
+	// Conditions represents the latest state of the object
+	// +optional
+	// +patchMergeKey=type
+	// +patchStrategy=merge
+	Conditions []OvnDnatRuleCondition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+type OvnDnatRuleList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata"`
+
+	Items []OvnDnatRule `json:"items"`
+}