fix: subnet bind to ns

kubeovn · Nov 4, 2020 · d5b819b · d5b819b
1 parent 921190e
commit d5b819b
Show file tree

Hide file tree

Showing 3 changed files with 82 additions and 29 deletions.
diff --git a/pkg/controller/namespace.go b/pkg/controller/namespace.go
@@ -108,48 +108,75 @@ func (c *Controller) handleAddNamespace(key string) error {
 		return err
 	}
 
-	vpc, err := c.vpcsLister.Get(c.config.ClusterRouter)
+	var ls, cidr string
+	var excludeIps []string
+	subnets, err := c.subnetsLister.List(labels.Everything())
 	if err != nil {
-		klog.Errorf("failed to get default vpc %v", err)
+		klog.Errorf("failed to list subnets %v", err)
 		return err
 	}
-
-	vpcs, err := c.vpcsLister.List(labels.Everything())
-	for _, v := range vpcs {
-		if util.ContainsString(v.Spec.Namespaces, key) {
-			vpc = v
+	// check if subnet bind ns
+	for _, s := range subnets {
+		for _, ns := range s.Spec.Namespaces {
+			if ns == key {
+				ls = s.Name
+				cidr = s.Spec.CIDRBlock
+				excludeIps = s.Spec.ExcludeIps
+				break
+			}
+		}
+		if ls != "" {
 			break
 		}
 	}
 
-	var ls, cidr string
-	var excludeIps []string
-	if vpc.Status.DefaultLogicalSwitch != "" {
-		subnet, err := c.subnetsLister.Get(vpc.Status.DefaultLogicalSwitch)
+	if ls == "" {
+		// If NS does not belong to any custom VPC, then this NS belongs to the default VPC
+		vpc, err := c.vpcsLister.Get(c.config.ClusterRouter)
+		if err != nil {
+			klog.Errorf("failed to get default vpc %v", err)
+			return err
+		}
+		vpcs, err := c.vpcsLister.List(labels.Everything())
+		if err != nil {
+			klog.Errorf("failed to list vpc %v", err)
+			return err
+		}
+		for _, v := range vpcs {
+			if util.ContainsString(v.Spec.Namespaces, key) {
+				vpc = v
+				break
+			}
+		}
+
+		if vpc.Status.DefaultLogicalSwitch != "" {
+			ls = vpc.Status.DefaultLogicalSwitch
+		} else {
+			ls = c.config.DefaultLogicalSwitch
+		}
+		subnet, err := c.subnetsLister.Get(ls)
 		if err != nil {
 			klog.Errorf("failed to get default subnet %v", err)
 			return err
 		}
 		ls = subnet.Name
 		cidr = subnet.Spec.CIDRBlock
 		excludeIps = subnet.Spec.ExcludeIps
+
 	}
+
 	op := "replace"
 	if namespace.Annotations == nil || len(namespace.Annotations) == 0 {
 		op = "add"
 		namespace.Annotations = map[string]string{}
 	} else {
-		if namespace.Annotations[util.VpcAnnotation] == vpc.Name &&
-			namespace.Annotations[util.LogicalRouterAnnotation] == vpc.Status.Router &&
-			namespace.Annotations[util.LogicalSwitchAnnotation] == ls &&
+		if namespace.Annotations[util.LogicalSwitchAnnotation] == ls &&
 			namespace.Annotations[util.CidrAnnotation] == cidr &&
 			namespace.Annotations[util.ExcludeIpsAnnotation] == strings.Join(excludeIps, ",") {
 			return nil
 		}
 	}
 
-	namespace.Annotations[util.VpcAnnotation] = vpc.Name
-	namespace.Annotations[util.LogicalRouterAnnotation] = vpc.Status.Router
 	namespace.Annotations[util.LogicalSwitchAnnotation] = ls
 	namespace.Annotations[util.CidrAnnotation] = cidr
 	namespace.Annotations[util.ExcludeIpsAnnotation] = strings.Join(excludeIps, ",")

diff --git a/pkg/controller/pod.go b/pkg/controller/pod.go
@@ -622,25 +622,31 @@ func needAllocateSubnets(pod *v1.Pod, subnets []*kubeovnv1.Subnet) []*kubeovnv1.
 }
 
 func (c *Controller) getPodDefaultSubnet(pod *v1.Pod) (*kubeovnv1.Subnet, error) {
-	subnetName := c.config.DefaultLogicalSwitch
+	var subnetName string
+	// 1. check annotation subnet
 	lsName, lsExist := pod.Annotations[util.LogicalSwitchAnnotation]
 	if lsExist {
 		subnetName = lsName
 	} else {
-		vpcs, err := c.vpcsLister.List(labels.Everything())
+		ns, err := c.namespacesLister.Get(pod.Namespace)
 		if err != nil {
-			klog.Errorf("failed to list vpc %v", err)
+			klog.Errorf("failed to get namespace %v", err)
 			return nil, err
 		}
-		for _, vpc := range vpcs {
-			if util.ContainsString(vpc.Spec.Namespaces, pod.Namespace) {
-				if vpc.Status.DefaultLogicalSwitch != "" {
-					subnetName = vpc.Status.DefaultLogicalSwitch
-					break
-				}
-			}
+		if ns.Annotations == nil {
+			err = fmt.Errorf("namespace network annotations is nil")
+			klog.Error(err)
+			return nil, err
+		}
+
+		subnetName, _ = ns.Annotations[util.LogicalSwitchAnnotation]
+		if subnetName == "" {
+			err = fmt.Errorf("namespace default logical switch is not found")
+			klog.Error(err)
+			return nil, err
 		}
 	}
+
 	subnet, err := c.subnetsLister.Get(subnetName)
 	if err != nil {
 		klog.Errorf("failed to get subnet %v", err)

diff --git a/pkg/controller/subnet.go b/pkg/controller/subnet.go
@@ -402,9 +402,6 @@ func (c *Controller) handleAddOrUpdateSubnet(key string) error {
 	vpc, err := c.vpcsLister.Get(subnet.Spec.Vpc)
 	if err != nil {
 		klog.Errorf("failed to get subnet's vpc '%s', %v", subnet.Spec.Vpc, err)
-		if k8serrors.IsNotFound(err) {
-			return nil
-		}
 		return err
 	}
 	if !vpc.Status.Standby {
@@ -413,6 +410,29 @@ func (c *Controller) handleAddOrUpdateSubnet(key string) error {
 		return err
 	}
 
+	if !vpc.Status.Default {
+		for _, ns := range subnet.Spec.Namespaces {
+			if !util.ContainsString(vpc.Spec.Namespaces, ns) {
+				err = fmt.Errorf("namespace '%s' is out of range to custom vpc '%s'", ns, vpc.Name)
+				klog.Error(err)
+				return err
+			}
+		}
+	} else {
+		vpcs, err := c.vpcsLister.List(labels.Everything())
+		if err != nil {
+			klog.Errorf("failed to list vpc, %v", err)
+			return err
+		}
+		for _, vpc := range vpcs {
+			if subnet.Spec.Vpc != vpc.Name && !vpc.Status.Default && util.IsStringsOverlap(vpc.Spec.Namespaces, subnet.Spec.Namespaces) {
+				err = fmt.Errorf("namespaces %v are overlap with vpc '%s'", subnet.Spec.Namespaces, vpc.Name)
+				klog.Error(err)
+				return err
+			}
+		}
+	}
+
 	if err := calcSubnetStatusIP(subnet, c); err != nil {
 		klog.Errorf("calculate subnet %s used ip failed, %v", subnet.Name, err)
 		return err