Skip to content

Commit

Permalink
Merge pull request #674 from danwinship/ovn-kube-dual-stack
Browse files Browse the repository at this point in the history 
ovn-kubernetes: allow dual-stack configs
  • Loading branch information
@openshift-merge-robot
openshift-merge-robot committed Jun 19, 2020
2 parents 2a56600 + 5d67597 commit 4d3ffa8
Show file tree
Hide file tree
Showing 6 changed files with 384 additions and 6 deletions.
2 changes: 1 addition & 1 deletion bindata/network/ovn-kubernetes/004-config.yaml
View file
Expand Up @@ -13,7 +13,7 @@ data:
encap-port="{{.GenevePort}}"
[kubernetes]
service-cidr="{{.OVN_service_cidr}}"
service-cidrs="{{.OVN_service_cidr}}"
ovn-config-namespace="openshift-ovn-kubernetes"
apiserver="{{.K8S_APISERVER}}"
Expand Down
33 changes: 29 additions & 4 deletions pkg/network/ovn_kubernetes.go
View file
Expand Up @@ -21,6 +21,7 @@ import (
uns "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
types "k8s.io/apimachinery/pkg/types"
"k8s.io/apimachinery/pkg/util/wait"
utilnet "k8s.io/utils/net"
"sigs.k8s.io/controller-runtime/pkg/client"
)

Expand Down Expand Up @@ -108,11 +109,35 @@ func renderOVNKubernetes(conf *operv1.NetworkSpec, bootstrapResult *bootstrap.Bo
func validateOVNKubernetes(conf *operv1.NetworkSpec) []error {
out := []error{}

if len(conf.ClusterNetwork) == 0 {
out = append(out, errors.Errorf("ClusterNetworks cannot be empty"))
var cnHasIPv4, cnHasIPv6 bool
for _, cn := range conf.ClusterNetwork {
if utilnet.IsIPv6CIDRString(cn.CIDR) {
cnHasIPv6 = true
} else {
cnHasIPv4 = true
}
}
if !cnHasIPv6 && !cnHasIPv4 {
out = append(out, errors.Errorf("ClusterNetwork cannot be empty"))
}

var snHasIPv4, snHasIPv6 bool
for _, sn := range conf.ServiceNetwork {
if utilnet.IsIPv6CIDRString(sn) {
snHasIPv6 = true
} else {
snHasIPv4 = true
}
}
if !snHasIPv6 && !snHasIPv4 {
out = append(out, errors.Errorf("ServiceNetwork cannot be empty"))
}

if cnHasIPv4 != snHasIPv4 || cnHasIPv6 != snHasIPv6 {
out = append(out, errors.Errorf("ClusterNetwork and ServiceNetwork must have matching IP families"))
}
if len(conf.ServiceNetwork) != 1 {
out = append(out, errors.Errorf("ServiceNetwork must have exactly 1 entry"))
if len(conf.ServiceNetwork) > 2 || (len(conf.ServiceNetwork) == 2 && (!snHasIPv4 || !snHasIPv6)) {
out = append(out, errors.Errorf("ServiceNetwork must have either a single CIDR or a dual-stack pair of CIDRs"))
}

oc := conf.DefaultNetwork.OVNKubernetesConfig
Expand Down
44 changes: 43 additions & 1 deletion pkg/network/ovn_kubernetes_test.go
View file
Expand Up @@ -248,7 +248,49 @@ func TestValidateOVNKubernetes(t *testing.T) {
errExpect("invalid GenevePort 70001")

config.ClusterNetwork = nil
errExpect("ClusterNetworks cannot be empty")
errExpect("ClusterNetwork cannot be empty")
}

func TestValidateOVNKubernetesDualStack(t *testing.T) {
g := NewGomegaWithT(t)

crd := OVNKubernetesConfig.DeepCopy()
config := &crd.Spec

err := validateOVNKubernetes(config)
g.Expect(err).To(BeEmpty())
FillDefaults(config, nil)

errExpect := func(substr string) {
t.Helper()
g.Expect(validateOVNKubernetes(config)).To(
ContainElement(MatchError(
ContainSubstring(substr))))
}

config.ClusterNetwork = []operv1.ClusterNetworkEntry{
{CIDR: "10.128.0.0/14", HostPrefix: 23},
{CIDR: "10.0.0.0/14", HostPrefix: 23},
}
err = validateOVNKubernetes(config)
g.Expect(err).To(BeEmpty())

config.ServiceNetwork = []string{
"fd02::/112",
}
errExpect("ClusterNetwork and ServiceNetwork must have matching IP families")

config.ClusterNetwork = append(config.ClusterNetwork, operv1.ClusterNetworkEntry{
CIDR: "fd01::/48", HostPrefix: 64,
})
errExpect("ClusterNetwork and ServiceNetwork must have matching IP families")

config.ServiceNetwork = append(config.ServiceNetwork, "172.30.0.0/16")
err = validateOVNKubernetes(config)
g.Expect(err).To(BeEmpty())

config.ServiceNetwork = append(config.ServiceNetwork, "172.31.0.0/16")
errExpect("ServiceNetwork must have either a single CIDR or a dual-stack pair of CIDRs")
}

func TestOVNKubernetesIsSafe(t *testing.T) {
Expand Down
121 changes: 121 additions & 0 deletions vendor/k8s.io/utils/net/ipnet.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 4d3ffa8

Please sign in to comment.