Skip to content

Commit

Permalink
Minor fixes on Liqo network module
Browse files Browse the repository at this point in the history 
This PR fixes a couple of bugs in Liqo networking module. The first causes connection problems on environments that do not NAT Pod traffic, therefore it has been fixed by adding an appropriate NAT rule. The second causes problems during endpoint reflection after the Liqo network manager is rescheduled: the NatMappingInflater module do not recover correctly and therefore remote clusters appear to have no configuration. It has been fixed by recovering correctly when the inflater is created.
  • Loading branch information
@davidefalcone1
davidefalcone1 committed Jul 21, 2021
1 parent a0832fa commit ea4ce4e
Show file tree
Hide file tree
Showing 6 changed files with 184 additions and 58 deletions.
2 changes: 1 addition & 1 deletion internal/liqonet/tunnelEndpointCreator/tunnelEndpointCreator-operator.go
View file
Expand Up @@ -306,7 +306,7 @@ func (tec *TunnelEndpointCreator) deleteNetConfig(fc *discoveryv1alpha1.ForeignC
}
if len(netConfigList.Items) != 1 {
if len(netConfigList.Items) == 0 {
klog.Infof("nothing to remove: a resource of type %s for remote cluster %s not found",
klog.V(4).Infof("nothing to remove: a resource of type %s for remote cluster %s not found",
netv1alpha1.GroupVersion.String(), clusterID)
return nil
}
Expand Down
1 change: 1 addition & 0 deletions pkg/liqonet/iptables/iptables.go
View file
Expand Up @@ -681,6 +681,7 @@ func getPostroutingRules(tep *netv1alpha1.TunnelEndpoint) ([]IPTableRule, error)
}
return []IPTableRule{
{"-s", localPodCIDR, "-d", remotePodCIDR, "-j", NETMAP, "--to", localRemappedPodCIDR},
{"-s", localPodCIDR, "-d", remoteExternalCIDR, "-j", NETMAP, "--to", localRemappedPodCIDR},
{"!", "-s", localPodCIDR, "-d", remotePodCIDR, "-j", SNAT, "--to-source", natIP},
{"!", "-s", localPodCIDR, "-d", remoteExternalCIDR, "-j", SNAT, "--to-source", natIP},
}, nil
Expand Down
5 changes: 5 additions & 0 deletions pkg/liqonet/iptables/iptables_test.go
View file
Expand Up @@ -671,6 +671,7 @@ var _ = Describe("iptables", func() {
Expect(newPostRoutingRules).ToNot(ContainElements(postRoutingRules))
Expect(newPostRoutingRules).To(ContainElements([]string{
fmt.Sprintf("-s %s -d %s -j %s --to %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATPodCIDR, NETMAP, tep.Status.LocalNATPodCIDR),
fmt.Sprintf("-s %s -d %s -j %s --to %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATExternalCIDR, NETMAP, tep.Status.LocalNATPodCIDR),
fmt.Sprintf("! -s %s -d %s -j %s --to-source %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATPodCIDR,
SNAT, mustGetFirstIP(tep.Status.LocalNATPodCIDR)),
fmt.Sprintf("! -s %s -d %s -j %s --to-source %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATExternalCIDR,
Expand All @@ -695,6 +696,7 @@ var _ = Describe("iptables", func() {
func() []string {
return []string{
fmt.Sprintf("-s %s -d %s -j %s --to %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATPodCIDR, NETMAP, tep.Status.LocalNATPodCIDR),
fmt.Sprintf("-s %s -d %s -j %s --to %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATExternalCIDR, NETMAP, tep.Status.LocalNATPodCIDR),
fmt.Sprintf("! -s %s -d %s -j %s --to-source %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATPodCIDR,
SNAT, mustGetFirstIP(tep.Status.LocalNATPodCIDR)),
fmt.Sprintf("! -s %s -d %s -j %s --to-source %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATExternalCIDR,
Expand All @@ -720,6 +722,7 @@ var _ = Describe("iptables", func() {
func() []string {
return []string{
fmt.Sprintf("-s %s -d %s -j %s --to %s", tep.Status.LocalPodCIDR, tep.Spec.PodCIDR, NETMAP, tep.Status.LocalNATPodCIDR),
fmt.Sprintf("-s %s -d %s -j %s --to %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATExternalCIDR, NETMAP, tep.Status.LocalNATPodCIDR),
fmt.Sprintf("! -s %s -d %s -j %s --to-source %s", tep.Status.LocalPodCIDR, tep.Spec.PodCIDR,
SNAT, mustGetFirstIP(tep.Status.LocalNATPodCIDR)),
fmt.Sprintf("! -s %s -d %s -j %s --to-source %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATExternalCIDR,
Expand Down Expand Up @@ -747,6 +750,7 @@ var _ = Describe("iptables", func() {
func() []string {
return []string{
fmt.Sprintf("-s %s -d %s -j %s --to %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATPodCIDR, NETMAP, tep.Status.LocalNATPodCIDR),
fmt.Sprintf("-s %s -d %s -j %s --to %s", tep.Status.LocalPodCIDR, tep.Spec.ExternalCIDR, NETMAP, tep.Status.LocalNATPodCIDR),
fmt.Sprintf("! -s %s -d %s -j %s --to-source %s", tep.Status.LocalPodCIDR, tep.Status.RemoteNATPodCIDR,
SNAT, mustGetFirstIP(tep.Status.LocalNATPodCIDR)),
fmt.Sprintf("! -s %s -d %s -j %s --to-source %s", tep.Status.LocalPodCIDR, tep.Spec.ExternalCIDR,
Expand Down Expand Up @@ -778,6 +782,7 @@ var _ = Describe("iptables", func() {
func() []string {
return []string{
fmt.Sprintf("-s %s -d %s -j %s --to %s", tep.Status.LocalPodCIDR, tep.Spec.PodCIDR, NETMAP, tep.Status.LocalNATPodCIDR),
fmt.Sprintf("-s %s -d %s -j %s --to %s", tep.Status.LocalPodCIDR, tep.Spec.ExternalCIDR, NETMAP, tep.Status.LocalNATPodCIDR),
fmt.Sprintf("! -s %s -d %s -j %s --to-source %s", tep.Status.LocalPodCIDR, tep.Spec.PodCIDR,
SNAT, mustGetFirstIP(tep.Status.LocalNATPodCIDR)),
fmt.Sprintf("! -s %s -d %s -j %s --to-source %s", tep.Status.LocalPodCIDR, tep.Spec.ExternalCIDR,
Expand Down
115 changes: 115 additions & 0 deletions pkg/liqonet/natmappinginflater/coverage.txt
View file
@@ -0,0 +1,115 @@
mode: atomic
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:54.67,59.16 3 23
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:62.2,62.17 1 23
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:59.16,61.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:65.65,66.19 1 17
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:72.2,72.24 1 16
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:78.2,78.21 1 15
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:84.2,84.51 1 14
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:90.2,90.56 1 13
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:96.2,96.12 1 12
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:66.19,71.3 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:72.24,77.3 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:78.21,83.3 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:84.51,89.3 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:90.56,95.3 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:100.110,102.70 1 17
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:106.2,106.68 1 12
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:110.2,112.64 2 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:102.70,104.3 1 5
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:106.68,108.3 1 11
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:115.97,118.43 2 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:122.2,122.38 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:127.2,147.16 3 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:152.2,155.16 2 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:159.2,160.12 2 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:118.43,121.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:122.38,125.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:147.16,150.3 2 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:155.16,158.3 2 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:164.92,165.69 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:169.2,170.12 2 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:165.69,167.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:175.86,176.73 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:201.2,201.23 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:204.2,204.12 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:176.73,179.44 2 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:182.3,182.43 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:188.3,189.72 2 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:193.3,195.17 2 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:198.3,199.13 2 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:179.44,181.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:182.43,184.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:189.72,191.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:195.17,197.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:201.23,203.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:209.86,214.13 4 11
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:220.2,221.35 2 10
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:225.2,226.87 2 9
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:230.2,230.12 1 9
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:214.13,218.3 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:221.35,223.3 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:226.87,229.3 2 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:233.104,234.71 1 9
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:250.2,250.23 1 9
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:253.2,253.12 1 9
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:234.71,237.17 2 9
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:240.3,242.72 2 9
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:245.3,245.17 1 9
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:248.3,248.13 1 9
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:237.17,239.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:242.72,244.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:245.17,247.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:250.23,252.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:257.82,262.13 4 4
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:268.2,269.13 2 3
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:273.2,274.77 2 2
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:278.2,278.12 1 2
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:262.13,266.3 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:269.13,271.3 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:274.77,277.3 2 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:282.94,283.73 1 2
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:297.2,297.23 1 2
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:300.2,300.12 1 2
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:283.73,286.17 2 2
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:290.3,292.72 2 2
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:295.3,295.13 1 2
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:286.17,288.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:292.72,294.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:297.23,299.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:304.102,307.16 2 11
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:313.2,315.16 2 11
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:318.2,318.12 1 11
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:307.16,310.3 2 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:315.16,317.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:322.110,333.16 4 22
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:336.2,336.26 1 22
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:346.2,348.16 3 20
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:351.2,351.16 1 20
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:333.16,335.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:336.26,337.27 1 3
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:337.27,339.18 2 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:339.18,341.5 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:342.9,344.4 1 2
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:348.16,350.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:355.97,358.13 2 8
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:365.2,365.22 1 7
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:358.13,362.3 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:370.145,374.32 3 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:387.2,387.22 1 1
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:374.32,377.17 2 3
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:381.3,383.17 2 3
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:377.17,379.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:383.17,385.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:390.74,399.16 3 23
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:403.2,404.49 2 23
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:412.2,413.12 2 23
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:399.16,401.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:404.49,407.17 2 44
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:410.3,410.89 1 44
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/natMappingInflater.go:407.17,409.4 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/test_utils.go:17.127,19.16 2 46
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/test_utils.go:22.2,43.16 3 46
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/test_utils.go:46.2,46.65 1 46
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/test_utils.go:19.16,21.3 1 0
github.com/liqotech/liqo/pkg/liqonet/natmappinginflater/test_utils.go:43.16,45.3 1 0
48 changes: 31 additions & 17 deletions pkg/liqonet/natmappinginflater/natMappingInflater.go
View file
Expand Up @@ -53,8 +53,11 @@ const (
// NewInflater returns a NatMappingInflater istance.
func NewInflater(dynClient dynamic.Interface) *NatMappingInflater {
inflater := &NatMappingInflater{
dynClient: dynClient,
natMappingsPerCluster: make(map[string]netv1alpha1.Mappings),
dynClient: dynClient,
}
err := inflater.recoverMappingsFromResources()
if err != nil {
klog.Error(err)
}
return inflater
}
Expand Down Expand Up @@ -103,27 +106,12 @@ func (inflater *NatMappingInflater) InitNatMappingsPerCluster(podCIDR, externalC
if _, exists := inflater.natMappingsPerCluster[clusterID]; exists {
return nil
}
// Check if resource for remote cluster already exists, this can happen if this Pod
// has been re-scheduled.
resource, err := inflater.getNatMappingResource(clusterID)
if err != nil && !k8sErr.IsNotFound(err) {
return err
}
if err == nil {
inflater.recoverFromResource(resource)
return nil
}
// error was NotFound, therefore resource and in-memory structure have to be created
// Init natMappingsPerCluster
inflater.natMappingsPerCluster[clusterID] = make(netv1alpha1.Mappings)
// Init resource
return inflater.initResource(podCIDR, externalCIDR, clusterID)
}

func (inflater *NatMappingInflater) recoverFromResource(resource *netv1alpha1.NatMapping) {
inflater.natMappingsPerCluster[resource.Spec.ClusterID] = resource.Spec.ClusterMappings
}

func (inflater *NatMappingInflater) initResource(podCIDR, externalCIDR, clusterID string) error {
// Check existence of resource
natMappings, err := inflater.getNatMappingResource(clusterID)
Expand Down Expand Up @@ -398,3 +386,29 @@ func (inflater *NatMappingInflater) deleteMultipleNatMappingResources(resources
}
return survived, nil
}

func (inflater *NatMappingInflater) recoverMappingsFromResources() error {
nm := &netv1alpha1.NatMapping{}
list, err := inflater.dynClient.
Resource(netv1alpha1.NatMappingGroupResource).
List(context.Background(), metav1.ListOptions{
LabelSelector: fmt.Sprintf("%s=%s",
consts.NatMappingResourceLabelKey,
consts.NatMappingResourceLabelValue),
})
if err != nil {
return fmt.Errorf("unable to get NatMapping resources: %w", err)
}
// Allocate a map with capacity equal to the number of found resources
inflater.natMappingsPerCluster = make(map[string]netv1alpha1.Mappings, len(list.Items))
for _, unstructuredMapping := range list.Items {
// For each resource, convert and store it in the map.
err = runtime.DefaultUnstructuredConverter.FromUnstructured(unstructuredMapping.Object, nm)
if err != nil {
return fmt.Errorf("cannot map unstructured resource to NatMapping resource: %w", err)
}
inflater.natMappingsPerCluster[nm.Spec.ClusterID] = nm.Spec.ClusterMappings.DeepCopy()
}
klog.Infof("In memory structure of NatMappingInflater has been successfully recovered from resources.")
return nil
}

0 comments on commit ea4ce4e

Please sign in to comment.