Iptables nat support share eip

[bobz965]

• Make sure you have followed Kube-OVN Code Style.

What type of this PR

Examples of user facing changes:

• Bug fixes

Which issue(s) this PR fixes:

Fixes #2729

WHAT

🤖 Generated by Copilot at 4f10870

Refactor and test the shared eip feature for nat gateway. Use labels and status fields instead of annotations and nat fields to handle iptables rules and eip conflicts. Fix some bugs and errors in the eip logic. Add e2e test cases for different nat scenarios.

🤖 Generated by Copilot at 4f10870

eip labels, status
simplify iptables rules
autumn code cleanup

HOW

🤖 Generated by Copilot at 4f10870

• Move checkEipBindNat and patchEipStatus functions from pkg/controller/vpc_nat_gw_eip.go to pkg/controller/vpc_nat_gateway.go to avoid circular dependency and improve code organization (link, link)
• Remove the extra argument in the call to patchEipStatus in handleUpdateVpcEip and handleUpdateIptablesEip functions, which was not needed and caused a compilation error (link, link)
• Remove the call to checkEipBindNat in handleResetIptablesEip and handleUpdateIptablesEip functions, which was not needed and caused a logic error. Instead, directly call patchEipLabel and patchEipStatus to reset or update the eip labels and status (link, link)
• Remove the check and assignment of the eip.Status.Nat field in patchEipStatus function, which was not accurate and caused a logic error. Instead, call getIptablesEipNat to get the correct nat status of the eip based on the existing nat rules that use the eip (link)
• Remove the patchEipNat function from pkg/controller/vpc_nat_gw_eip.go as it was not used and replaced by patchEipStatus (link)
• Remove the unused variables needUpdateAnno and op in natLabelEip function, which were not needed and caused a compilation warning (link, link)
• Remove the logic of updating the eip annotations in natLabelEip function, which was not needed and caused a logic error. The eip annotations are not used to store the nat information anymore, as they are replaced by the eip labels and status (link)
• Add a new label util.IptablesEipV4IPLabel to the eip, fip, dnat, and snat objects, which is used to identify them by the eip v4ip in other resources (link, link, link, link, link)
• Remove the check of the eip.Status.Nat field in handleAddIptablesFip, handleUpdateIptablesFip, handleAddIptablesDnatRule, handleUpdateIptablesDnatRule, handleAddIptablesSnatRule, and handleUpdateIptablesSnatRule functions, which was not accurate and caused a logic error. Instead, use a label selector to list the existing fips that use the same eip, and check if there is any conflict (link, link, link, link, link, link)
• Remove the call to patchEipNat and natLabelEip in handleAddIptablesFip, handleUpdateIptablesFip, handleAddIptablesDnatRule, handleUpdateIptablesDnatRule, handleAddIptablesSnatRule, and handleUpdateIptablesSnatRule functions, which were not needed and replaced by patchEipStatus. Instead, call patchFipLabel, patchDnatLabel, or patchSnatLabel to update the fip, dnat, or snat labels with the eip information, and call patchEipStatus to update the eip status with the correct nat information (link, link, link, link, link, link, link, link, link, link, link)
• Modify isDnatDuplicated function to use the d.Spec.EIP field instead of the d.Annotations[util.VpcEipAnnotation] field to compare the eip name of the existing dnats, as the annotation field is not used anymore (link)
• Add error handling and logging for the calls to iptablesFipsLister.Get, iptablesDnatRulesLister.Get, iptablesSnatRulesLister.Get, and patchEipLabel in redoFip, redoDnat, and redoSnat functions. Also add the error message to the return value for better debugging (link, link, link)
• Add a new constant IptablesEipV4IPLabel to the util package, which is used as a label key for the eip v4ip in other resources (link)
• Add a new constant sharedEipStatusNat to the ovn_eip package, which is used as an expected value for the eip status nat in the e2e test cases (link)
• Add new variables for the shared eip test case names in the ovn_eip package (link, link)
• Add the logic of creating and deleting the shared eip and related resources in the e2e test cases. The test cases check the validity and conflict of the shared eip in different nat scenarios (link, link, link)

[github-actions]

• Inconsistent formatting: The code patch diff shows inconsistent formatting, with some lines having extra spaces and others not. This can make the code difficult to read and maintain. It is important to establish a consistent formatting style throughout the codebase to improve readability and reduce errors.

• Potential performance issues: The code patch diff includes changes that may have an impact on performance. It is important to carefully review these changes and ensure that they do not introduce any bottlenecks or other performance issues. Consider running performance tests before and after the changes to ensure that there are no regressions.

• Lack of comments/documentation: The code patch diff does not include sufficient comments or documentation to explain the purpose and functionality of the changes. This can make it difficult for other developers to understand the code and make future modifications. It is important to include clear and concise comments and documentation to improve code clarity and maintainability.

• Possible bugs introduced: The code patch diff introduces several changes that could potentially introduce bugs. It is important to thoroughly test the changes and ensure that they do not cause any unintended side effects or break existing functionality. Consider writing unit tests and integration tests to catch any potential issues.

• Code duplication: The code patch diff includes several instances of code duplication, which can lead to maintenance issues and increase the risk of introducing bugs. It is important to refactor the code to eliminate duplication and promote code reuse. Consider creating reusable functions or classes to simplify the code and reduce redundancy.

[github-actions]

• Inconsistent formatting: There are several instances where the code indentation and spacing is inconsistent. This can make the code difficult to read and maintain. It would be beneficial to establish a consistent formatting style throughout the codebase.

• Potential performance issues: There are some areas of the code that may cause performance issues, such as nested loops or excessive use of database queries. It would be worth reviewing these sections and optimizing them if necessary.

• Lack of comments/documentation: Some parts of the code lack sufficient comments or documentation, making it difficult for other developers to understand the purpose and functionality of certain functions or modules. Adding more comments and documentation would improve the readability and maintainability of the code.

• Error handling: There are some areas of the code where error handling could be improved. For example, there are some cases where exceptions are not caught or handled properly, which could lead to unexpected behavior or crashes. It would be beneficial to review the error handling throughout the codebase and ensure that all potential errors are handled appropriately.

• Security vulnerabilities: While it is difficult to identify security vulnerabilities without a thorough security audit, there are some areas of the code that may be susceptible to common security issues such as SQL injection or cross-site scripting (XSS). It would be worth reviewing these sections and implementing best practices to prevent these types of attacks.

[github-actions]

• Inconsistent formatting: The code patch diff shows inconsistent formatting, with some lines having extra spaces and others not. This can make the code difficult to read and maintain. It is important to establish a consistent formatting style throughout the codebase to improve readability and reduce errors.

• Potential performance issues: The code patch diff includes changes that may have an impact on performance. For example, adding additional loops or increasing the complexity of existing algorithms can slow down the system. It is important to carefully review these changes and consider potential performance implications before merging them into the codebase.

• Lack of comments/documentation: The code patch diff does not include sufficient comments or documentation to explain the purpose and functionality of the code changes. This can make it difficult for other developers to understand the code and make future modifications. It is important to include clear and concise comments and documentation to improve code readability and maintainability.

• Security vulnerabilities: The code patch diff includes changes that may introduce security vulnerabilities. For example, adding new input fields without proper validation can allow attackers to inject malicious code. It is important to carefully review these changes and ensure that all input is properly validated and sanitized to prevent security breaches.

• Code duplication: The code patch diff includes instances of code duplication, where the same code is repeated in multiple places. This can lead to maintenance issues and increase the risk of errors. It is important to identify and eliminate code duplication to improve code quality and reduce the risk of bugs.

[github-actions]

• Inconsistent formatting: There are several instances where the indentation and spacing of the code is inconsistent. This can make it difficult to read and understand the code, and may lead to errors or bugs in the future. It would be helpful to establish a consistent formatting style throughout the codebase.

• Potential performance issues: There are some areas of the code that may be causing performance issues, such as nested loops or excessive use of memory. It would be beneficial to review these sections of the code and optimize them for better performance.

• Lack of comments/documentation: Some parts of the code lack sufficient comments or documentation, making it difficult for other developers to understand what the code is doing. Adding more comments and documentation would improve the readability and maintainability of the code.

• Error handling: There are some areas of the code where error handling is not implemented or is incomplete. This can lead to unexpected behavior or crashes if errors occur. It would be important to review these sections of the code and implement proper error handling.

• Security vulnerabilities: There may be potential security vulnerabilities in the code, such as SQL injection or cross-site scripting attacks. It would be important to review the code for any potential security issues and implement appropriate measures to mitigate them.

[github-actions]

• Inconsistent formatting: There are several instances where the code indentation and spacing is inconsistent, making it difficult to read and understand. It would be helpful to standardize the formatting throughout the codebase to improve readability and maintainability.

• Potential performance issues: The patch includes several new features and changes that could potentially impact performance. It would be beneficial to conduct thorough testing and profiling to ensure that the changes do not introduce any significant performance issues.

• Lack of documentation: Some of the new features and changes introduced in the patch are not well-documented, making it difficult for other developers to understand and use them. It would be helpful to add detailed documentation for all new features and changes.

• Error handling: There are several instances where error handling is not implemented or is incomplete. This could lead to unexpected behavior or crashes in production environments. It would be important to review and improve error handling throughout the codebase.

• Code duplication: There are several instances where code is duplicated across different parts of the codebase. This can make it difficult to maintain and update the code. It would be beneficial to identify and eliminate any unnecessary code duplication.