Merge pull request #12111 from rifelpet/os-lb-vipacl

In-line openstack loadbalancer feature detection

go.mod

@@ -27,7 +27,6 @@ replace (
 	k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.22.0
 	k8s.io/kubectl => k8s.io/kubectl v0.22.0
 	k8s.io/kubelet => k8s.io/kubelet v0.22.0
-	k8s.io/kubernetes => k8s.io/kubernetes v1.21.3
 	k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.22.0
 	k8s.io/metrics => k8s.io/metrics v0.22.0
 	k8s.io/mount-utils => k8s.io/mount-utils v0.22.0
@@ -59,10 +58,12 @@ require (
 	github.com/google/go-containerregistry v0.5.1
 	github.com/google/uuid v1.2.0
 	github.com/gophercloud/gophercloud v0.18.0
+	github.com/gorilla/mux v1.8.0 // indirect
 	github.com/hashicorp/hcl/v2 v2.10.0
 	github.com/hashicorp/vault/api v1.1.0
 	github.com/jacksontj/memberlistmesh v0.0.0-20190905163944-93462b9d2bb7
 	github.com/jetstack/cert-manager v1.3.1
+	github.com/miekg/dns v1.1.35 // indirect
 	github.com/mitchellh/mapstructure v1.4.1
 	github.com/pelletier/go-toml v1.9.3
 	github.com/pkg/sftp v1.13.0
@@ -88,9 +89,9 @@ require (
 	k8s.io/apimachinery v0.22.0
 	k8s.io/cli-runtime v0.22.0
 	k8s.io/client-go v0.22.0
-	k8s.io/cloud-provider-openstack v1.21.1
 	k8s.io/component-base v0.22.0
 	k8s.io/gengo v0.0.0-20210203185629-de9496dff47b
+	k8s.io/klog v1.0.0 // indirect
 	k8s.io/klog/v2 v2.9.0
 	k8s.io/kubectl v0.22.0
 	k8s.io/legacy-cloud-providers v0.22.0

pkg/model/openstackmodel/context.go

@@ -19,7 +19,6 @@ package openstackmodel
 import (
 	"fmt"
 
-	openstackutil "k8s.io/cloud-provider-openstack/pkg/util/openstack"
 	"k8s.io/klog/v2"
 	"k8s.io/kops/pkg/model"
 	"k8s.io/kops/upup/pkg/fi"
@@ -51,7 +50,11 @@ func (c *OpenstackModelContext) UseVIPACL() bool {
 	if err != nil {
 		return false
 	}
-	return openstackutil.IsOctaviaFeatureSupported(osCloud.LoadBalancerClient(), openstackutil.OctaviaFeatureVIPACL)
+	use, err := osCloud.UseLoadBalancerVIPACL()
+	if err != nil {
+		return false
+	}
+	return use
 }
 
 func (c *OpenstackModelContext) GetNetworkName() (string, error) {

upup/pkg/fi/cloudup/openstack/cloud.go

@@ -23,19 +23,20 @@ import (
 	"strings"
 	"time"
 
-	"github.com/gophercloud/gophercloud/openstack/compute/v2/flavors"
-
+	"github.com/blang/semver/v4"
 	"github.com/gophercloud/gophercloud"
 	os "github.com/gophercloud/gophercloud/openstack"
 	cinder "github.com/gophercloud/gophercloud/openstack/blockstorage/v3/volumes"
 	az "github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/availabilityzones"
 	"github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/keypairs"
 	"github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/servergroups"
 	"github.com/gophercloud/gophercloud/openstack/compute/v2/extensions/volumeattach"
+	"github.com/gophercloud/gophercloud/openstack/compute/v2/flavors"
 	"github.com/gophercloud/gophercloud/openstack/compute/v2/servers"
 	"github.com/gophercloud/gophercloud/openstack/dns/v2/recordsets"
 	"github.com/gophercloud/gophercloud/openstack/dns/v2/zones"
 	"github.com/gophercloud/gophercloud/openstack/imageservice/v2/images"
+	"github.com/gophercloud/gophercloud/openstack/loadbalancer/v2/apiversions"
 	"github.com/gophercloud/gophercloud/openstack/loadbalancer/v2/listeners"
 	"github.com/gophercloud/gophercloud/openstack/loadbalancer/v2/loadbalancers"
 	"github.com/gophercloud/gophercloud/openstack/loadbalancer/v2/monitors"
@@ -308,6 +309,8 @@ type OpenstackCloud interface {
 	CreateL3FloatingIP(opts l3floatingip.CreateOpts) (fip *l3floatingip.FloatingIP, err error)
 	DeleteFloatingIP(id string) error
 	DeleteL3FloatingIP(id string) error
+
+	UseLoadBalancerVIPACL() (bool, error)
 }
 
 type openstackCloud struct {
@@ -325,6 +328,7 @@ type openstackCloud struct {
 	useOctavia      bool
 	zones           []string
 	floatingEnabled bool
+	useVIPACL       *bool
 }
 
 var _ fi.Cloud = &openstackCloud{}
@@ -655,6 +659,38 @@ func (c *openstackCloud) GetCloudTags() map[string]string {
 	return c.tags
 }
 
+func (c *openstackCloud) UseLoadBalancerVIPACL() (bool, error) {
+	if c.useVIPACL != nil {
+		return *c.useVIPACL, nil
+	}
+	use, err := useLoadBalancerVIPACL(c)
+	if err != nil {
+		return false, err
+	}
+	c.useVIPACL = &use
+	return use, nil
+}
+
+func useLoadBalancerVIPACL(c OpenstackCloud) (bool, error) {
+	allPages, err := apiversions.List(c.LoadBalancerClient()).AllPages()
+	if err != nil {
+		return false, err
+	}
+	versions, err := apiversions.ExtractAPIVersions(allPages)
+	if err != nil {
+		return false, err
+	}
+	if len(versions) == 0 {
+		return false, fmt.Errorf("loadbalancer API versions not found")
+	}
+	ver, err := semver.ParseTolerant(versions[len(versions)-1].ID)
+	if err != nil {
+		return false, err
+	}
+	// https://github.com/kubernetes/cloud-provider-openstack/blob/721615aa256bbddbd481cfb4a887c3ab180c5563/pkg/util/openstack/loadbalancer.go#L108
+	return ver.Compare(semver.MustParse("2.12")) > 0, nil
+}
+
 type Address struct {
 	IPType string `mapstructure:"OS-EXT-IPS:type"`
 	Addr   string

upup/pkg/fi/cloudup/openstack/mock_cloud.go

@@ -456,3 +456,7 @@ func (c *MockCloud) UseOctavia() bool {
 func (c *MockCloud) UseZones(zones []string) {
 	c.zones = zones
 }
+
+func (c *MockCloud) UseLoadBalancerVIPACL() (bool, error) {
+	return true, nil
+}

upup/pkg/fi/cloudup/openstacktasks/lblistener.go

@@ -21,7 +21,6 @@ import (
 	"sort"
 
 	"github.com/gophercloud/gophercloud/openstack/loadbalancer/v2/listeners"
-	openstackutil "k8s.io/cloud-provider-openstack/pkg/util/openstack"
 	"k8s.io/klog/v2"
 	"k8s.io/kops/upup/pkg/fi"
 	"k8s.io/kops/upup/pkg/fi/cloudup/openstack"
@@ -129,6 +128,11 @@ func (_ *LBListener) CheckChanges(a, e, changes *LBListener) error {
 }
 
 func (_ *LBListener) RenderOpenstack(t *openstack.OpenstackAPITarget, a, e, changes *LBListener) error {
+	useVIPACL, err := t.Cloud.UseLoadBalancerVIPACL()
+	if err != nil {
+		return err
+	}
+
 	if a == nil {
 		klog.V(2).Infof("Creating LB with Name: %q", fi.StringValue(e.Name))
 		listeneropts := listeners.CreateOpts{
@@ -139,7 +143,7 @@ func (_ *LBListener) RenderOpenstack(t *openstack.OpenstackAPITarget, a, e, chan
 			ProtocolPort:   443,
 		}
 
-		if openstackutil.IsOctaviaFeatureSupported(t.Cloud.LoadBalancerClient(), openstackutil.OctaviaFeatureVIPACL) {
+		if useVIPACL {
 			listeneropts.AllowedCIDRs = e.AllowedCIDRs
 		}
 
@@ -150,7 +154,7 @@ func (_ *LBListener) RenderOpenstack(t *openstack.OpenstackAPITarget, a, e, chan
 		e.ID = fi.String(listener.ID)
 		return nil
 	} else if len(changes.AllowedCIDRs) > 0 {
-		if openstackutil.IsOctaviaFeatureSupported(t.Cloud.LoadBalancerClient(), openstackutil.OctaviaFeatureVIPACL) {
+		if useVIPACL {
 			opts := listeners.UpdateOpts{
 				AllowedCIDRs: &changes.AllowedCIDRs,
 			}