Removing GATEWAY_PRIVATE_IP parameter from the LIQO install script

Route-operator gets the configuration from the clusterconfig.policy.liqo.io CRD

api/cluster-config/v1/clusterconfig_types.go

@@ -76,9 +76,9 @@ type DiscoveryConfig struct {
 
 type LiqonetConfig struct {
 	//contains a list of reserved subnets in CIDR notation used by the k8s cluster like the podCIDR and ClusterCIDR
-	ReservedSubnets  []string               `json:"reservedSubnets"`
-	GatewayPrivateIP string                 `json:"gatewayPrivateIP"`
-	VxlanNetConfig   liqonet.VxlanNetConfig `json:"vxlanNetConfig,omitempty"`
+	ReservedSubnets []string               `json:"reservedSubnets"`
+	PodCIDR         string                 `json:"podCIDR"`
+	VxlanNetConfig  liqonet.VxlanNetConfig `json:"vxlanNetConfig,omitempty"`
 }
 
 // ClusterConfigStatus defines the observed state of ClusterConfig

cmd/liqonet/main.go

@@ -26,6 +26,7 @@ import (
 	"github.com/vishvananda/netlink"
 	"k8s.io/client-go/kubernetes"
 	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
+	"k8s.io/klog/v2"
 	"net"
 	"os"
 	"strconv"
@@ -125,12 +126,6 @@ func main() {
 			setupLog.Error(err, "an error occurred while retrieving node name")
 			os.Exit(4)
 		}
-		//get node name
-		podCIDR, err := liqonet.GetClusterPodCIDR()
-		if err != nil {
-			setupLog.Error(err, "an error occurred while retrieving cluster pod cidr")
-			os.Exit(6)
-		}
 		gatewayVxlanIP, err := liqonet.GetGatewayVxlanIP(clientset, vxlanConfig)
 		if err != nil {
 			setupLog.Error(err, "unable to derive gatewayVxlanIP")
@@ -157,10 +152,16 @@ func main() {
 			IPtablesRuleSpecsPerRemoteCluster:  make(map[string][]liqonet.IPtableRule),
 			NodeName:                           nodeName,
 			GatewayVxlanIP:                     gatewayVxlanIP,
-			ClusterPodCIDR:                     podCIDR,
 			RetryTimeout:                       30 * time.Second,
 			IPtables:                           ipt,
 			NetLink:                            &liqonet.RouteManager{},
+			Configured:                         make(chan bool, 1),
+		}
+		r.WatchConfiguration(config, &clusterConfig.GroupVersion)
+		if !r.IsConfigured {
+			<-r.Configured
+			r.IsConfigured = true
+			klog.Infof("route-operator configured with podCIDR %s", r.ClusterPodCIDR)
 		}
 		if err = r.SetupWithManager(mgr); err != nil {
 			setupLog.Error(err, "unable to create controller", "controller", "Route")

config/cluster-config/crd/bases/policy.liqo.io_clusterconfigs.yaml

@@ -108,7 +108,7 @@ spec:
               type: object
             liqonetConfig:
               properties:
-                gatewayPrivateIP:
+                podCIDR:
                   type: string
                 reservedSubnets:
                   description: contains a list of reserved subnets in CIDR notation
@@ -133,7 +133,7 @@ spec:
                   - Vni
                   type: object
               required:
-              - gatewayPrivateIP
+              - podCIDR
               - reservedSubnets
               type: object
           required:

deployments/liqo_chart/crds/policy.liqo.io_clusterconfigs.yaml

@@ -84,6 +84,8 @@ spec:
                   maximum: 65355
                   minimum: 1
                   type: integer
+                allowUntrustedCA:
+                  type: boolean
                 service:
                   type: string
                 updateTime:
@@ -108,7 +110,7 @@ spec:
               type: object
             liqonetConfig:
               properties:
-                gatewayPrivateIP:
+                podCIDR:
                   type: string
                 reservedSubnets:
                   description: contains a list of reserved subnets in CIDR notation
@@ -133,7 +135,7 @@ spec:
                   - Vni
                   type: object
               required:
-              - gatewayPrivateIP
+              - podCIDR
               - reservedSubnets
               type: object
           required:
@@ -147,9 +149,9 @@ spec:
       type: object
   version: v1
   versions:
-  - name: v1
-    served: true
-    storage: true
+    - name: v1
+      served: true
+      storage: true
 status:
   acceptedNames:
     kind: ""

deployments/liqo_chart/subcharts/networkModule_chart/templates/tunnelEndpoint-operator.yaml

@@ -84,10 +84,5 @@ spec:
               valueFrom:
                 fieldRef:
                   fieldPath: status.podIP
-            - name: LOCAL_TUNNEL_PRIVATE_IP
-              valueFrom:
-                configMapKeyRef:
-                  name: {{ .Values.global.configmapName }}
-                  key: gatewayPrivateIP
       hostNetwork: true
       restartPolicy: Always

deployments/liqo_chart/values.yaml

@@ -5,8 +5,6 @@
 clusterID: "lab9"
 podCIDR: "10.244.0.0/16"
 serviceCIDR: "10.96.0.0/12"
-gatewayPrivateIP: "192.168.1.1"
-
 
 ##### Needed
 suffix: ""
@@ -86,6 +84,5 @@ peeringRequestOperator_chart:
   enabled: true
 
 global:
-  configmapName: "liqo-configmap"
   suffix: ""
   version: ""

install.sh

@@ -32,7 +32,6 @@ function print_help()
    echo "This script is designed to install LIQO on your cluster. This script is configurable via environment variables:"
    echo "   POD_CIDR: the POD CIDR of your cluster (e.g.; 10.0.0.0/16). The script will try to detect it, but you can override this by having this variable already set"
    echo "   SERVICE_CIDR: the POD CIDR of your cluster (e.g.; 10.96.0.0/12) . The script will try to detect it, but you can override thisthis by having this variable already set"
-   echo "   GATEWAY_PRIVATE_IP: the IP used by the cluster inside the cluster-to-cluster interconnection (e.g.; 192.168.1.1)"
    echo "   GATEWAY_IP: the public IP that will be used by LIQO to establish the interconnection with other clusters"
 }
 
@@ -84,7 +83,6 @@ URL=https://github.com/LiqoTech/liqo.git
 HELM_VERSION=v3.2.3
 HELM_ARCHIVE=helm-${HELM_VERSION}-linux-amd64.tar.gz
 HELM_URL=https://get.helm.sh/$HELM_ARCHIVE
-DEFAULT_GATEWAY_PRIVATE_IP=192.168.1.1
 NAMESPACE_DEFAULT="liqo"
 # The following variable are used a default value to select the images when installing LIQO.
 # When installing a non released version:
@@ -140,8 +138,6 @@ POD_CIDR_COMMAND='kubectl cluster-info dump | grep -m 1 -Po "(?<=--cluster-cidr=
 set_variable_from_command POD_CIDR POD_CIDR_COMMAND "[ERROR]: Unable to find POD_CIDR"
 SERVICE_CIDR_COMMAND='kubectl cluster-info dump | grep -m 1 -Po "(?<=--service-cluster-ip-range=)[0-9.\/]+"'
 set_variable_from_command SERVICE_CIDR SERVICE_CIDR_COMMAND "[ERROR]: Unable to find Service CIDR"
-GATEWAY_PRIVATE_IP_COMMAND="echo $DEFAULT_GATEWAY_PRIVATE_IP"
-set_variable_from_command GATEWAY_PRIVATE_IP GATEWAY_PRIVATE_IP_COMMAND "[ERROR]: Unable to set Gateway Private IP"
 NAMESPACE_COMMAND="echo $NAMESPACE_DEFAULT"
 set_variable_from_command NAMESPACE NAMESPACE_COMMAND "[ERROR]: Error while creating the namespace... "
 LIQO_SUFFIX_COMMAND="echo $LIQO_SUFFIX_DEFAULT"
@@ -154,7 +150,7 @@ set_variable_from_command LIQO_VERSION LIQO_VERSION_COMMAND "[ERROR]: Error sett
 kubectl create ns $NAMESPACE
 $TMPDIR/bin/helm dependency update $TMPDIR/liqo/deployments/liqo_chart
 $TMPDIR/bin/helm install liqo -n liqo $TMPDIR/liqo/deployments/liqo_chart --set podCIDR=$POD_CIDR --set serviceCIDR=$SERVICE_CIDR \
---set gatewayPrivateIP=$GATEWAY_PRIVATE_IP --set gatewayIP=$GATEWAY_IP --set global.suffix="$LIQO_SUFFIX" --set global.version="$LIQO_VERSION"
+--set gatewayIP=$GATEWAY_IP --set global.suffix="$LIQO_SUFFIX" --set global.version="$LIQO_VERSION"
 echo "[INSTALL]: Installing LIQO on your cluster..."
 sleep 30
 

internal/liqonet/route-operator-config.go

@@ -0,0 +1,35 @@
+package controllers
+
+import (
+	policyv1 "github.com/liqoTech/liqo/api/cluster-config/v1"
+	"github.com/liqoTech/liqo/pkg/clusterConfig"
+	"github.com/liqoTech/liqo/pkg/crdClient"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/kubernetes/scheme"
+	"k8s.io/client-go/rest"
+	"k8s.io/klog/v2"
+	"os"
+)
+
+func (r *RouteController) WatchConfiguration(config *rest.Config, gv *schema.GroupVersion) {
+	config.ContentConfig.GroupVersion = gv
+	config.APIPath = "/apis"
+	config.NegotiatedSerializer = scheme.Codecs.WithoutConversion()
+	config.UserAgent = rest.DefaultKubernetesUserAgent()
+	CRDclient, err := crdClient.NewFromConfig(config)
+	if err != nil {
+		klog.Error(err, err.Error())
+		os.Exit(1)
+	}
+	go clusterConfig.WatchConfiguration(func(configuration *policyv1.ClusterConfig) {
+		if !r.IsConfigured {
+			r.ClusterPodCIDR = configuration.Spec.LiqonetConfig.PodCIDR
+			r.Configured <- true
+		}
+		//check if the podCIDR is different from the one on the cluster config
+		//TODO: a go routine which removes all the configuration with the old podCIDR and triggers a new configuration for the new podCIDR
+		if r.ClusterPodCIDR != configuration.Spec.LiqonetConfig.PodCIDR {
+			r.ClusterPodCIDR = configuration.Spec.LiqonetConfig.PodCIDR
+		}
+	}, CRDclient, "")
+}

internal/liqonet/route-operator.go

@@ -67,6 +67,8 @@ type RouteController struct {
 	IPtables       liqonetOperator.IPTables
 	NetLink        liqonetOperator.NetLink
 	ClusterPodCIDR string
+	Configured     chan bool //channel to comunicate when the podCIDR has been set
+	IsConfigured   bool      //true when the operator is configured and ready to be started
 	//here we save only the rules that reference the custom chains added by us
 	//we need them at deletion time
 	IPTablesRuleSpecsReferencingChains map[string]liqonetOperator.IPtableRule //using a map to avoid duplicate entries. the key is the rulespec

scripts/cluster-config/Makefile

@@ -32,7 +32,7 @@ deploy: manifests
 
 # Generate manifests e.g. CRD, RBAC etc.
 manifests: controller-gen
-	$(CONTROLLER_GEN) $(CRD_OPTIONS) paths="./api/cluster-config/v1" output:crd:artifacts:config=config/cluster-config/crd/bases
+	$(CONTROLLER_GEN) $(CRD_OPTIONS) paths="../../api/cluster-config/v1" output:crd:artifacts:config=../../config/cluster-config/crd/bases
 
 # Run go fmt against code
 fmt:
@@ -44,7 +44,7 @@ vet:
 
 # Generate code
 generate: controller-gen
-	$(CONTROLLER_GEN) object:headerFile=./hack/boilerplate.go.txt paths="./..."
+	$(CONTROLLER_GEN) object:headerFile=../../hack/boilerplate.go.txt paths="../../api/cluster-config/v1"
 
 # Build the docker image
 docker-build: test

test/unit/discovery/env_test.go

@@ -279,8 +279,8 @@ func getClusterConfig(config rest.Config) {
 				DnsServer:           "8.8.8.8:53",
 			},
 			LiqonetConfig: policyv1.LiqonetConfig{
-				ReservedSubnets:  []string{"10.0.0.0/16"},
-				GatewayPrivateIP: "192.168.1.1",
+				ReservedSubnets: []string{"10.0.0.0/16"},
+				PodCIDR:         "192.168.1.1",
 				VxlanNetConfig: liqonet.VxlanNetConfig{
 					Network:    "",
 					DeviceName: "",

test/unit/liqonet/env_test.go

@@ -183,8 +183,8 @@ func getClusterConfig() *policyv1.ClusterConfig {
 				DnsServer:           "8.8.8.8:53",
 			},
 			LiqonetConfig: policyv1.LiqonetConfig{
-				ReservedSubnets:  []string{"10.0.0.0/16"},
-				GatewayPrivateIP: "192.168.1.1",
+				ReservedSubnets: []string{"10.0.0.0/16"},
+				PodCIDR:         "10.244.0.0/16",
 				VxlanNetConfig: liqonet.VxlanNetConfig{
 					Network:    "",
 					DeviceName: "",

test/unit/liqonet/route-operator_test.go

@@ -1,13 +1,15 @@
 package liqonet
 
 import (
+	clusterConfig "github.com/liqoTech/liqo/api/cluster-config/v1"
 	v1 "github.com/liqoTech/liqo/api/liqonet/v1"
 	controller "github.com/liqoTech/liqo/internal/liqonet"
 	"github.com/liqoTech/liqo/pkg/liqonet"
 	utils "github.com/liqoTech/liqo/pkg/liqonet"
 	"github.com/stretchr/testify/assert"
 	"github.com/vishvananda/netlink"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/rest"
 	"k8s.io/klog"
 	"net"
 	"reflect"
@@ -60,13 +62,26 @@ func setupRouteOperator() error {
 		NetLink: &liqonet.MockRouteManager{
 			RouteList: []netlink.Route{},
 		},
-		ClusterPodCIDR:                     "10.1.0.0/16",
+		Configured:                         make(chan bool, 1),
 		IPTablesRuleSpecsReferencingChains: make(map[string]liqonet.IPtableRule),
 		IPTablesChains:                     make(map[string]liqonet.IPTableChain),
 		IPtablesRuleSpecsPerRemoteCluster:  make(map[string][]liqonet.IPtableRule),
 		RoutesPerRemoteCluster:             make(map[string][]netlink.Route),
 		RetryTimeout:                       0,
 	}
+	config := k8sManager.GetConfig()
+	newConfig := &rest.Config{
+		Host: config.Host,
+		// gotta go fast during tests -- we don't really care about overwhelming our test API server
+		QPS:   1000.0,
+		Burst: 2000.0,
+	}
+	routeOperator.WatchConfiguration(newConfig, &clusterConfig.GroupVersion)
+	if !routeOperator.IsConfigured {
+		<-routeOperator.Configured
+		routeOperator.IsConfigured = true
+		klog.Infof("route-operator configured with podCIDR %s", routeOperator.ClusterPodCIDR)
+	}
 	err = routeOperator.SetupWithManager(k8sManager)
 	if err != nil {
 		klog.Error(err, err.Error())

test/unit/liqonet/tunnelEndpointCreator_test.go

@@ -47,9 +47,9 @@ func getClusterConfigurationCR(reservedSubnets []string) *policyv1.ClusterConfig
 			AdvertisementConfig: policyv1.AdvertisementConfig{},
 			DiscoveryConfig:     policyv1.DiscoveryConfig{},
 			LiqonetConfig: policyv1.LiqonetConfig{
-				ReservedSubnets:  reservedSubnets,
-				GatewayPrivateIP: "",
-				VxlanNetConfig:   liqonetOperator.VxlanNetConfig{},
+				ReservedSubnets: reservedSubnets,
+				PodCIDR:         "",
+				VxlanNetConfig:  liqonetOperator.VxlanNetConfig{},
 			},
 		},
 		Status: policyv1.ClusterConfigStatus{},