Enable auto-detection based on CIDR

tigera · Aug 17, 2020 · a303948 · a303948
1 parent 07e350d
commit a303948
Show file tree

Hide file tree

Showing 7 changed files with 52 additions and 2 deletions.
diff --git a/deploy/crds/operator.tigera.io_installations_crd.yaml b/deploy/crds/operator.tigera.io_installations_crd.yaml
@@ -127,6 +127,12 @@ spec:
                           source address on the node is used to reach the specified
                           IP or domain.
                         type: string
+                      cidrs:
+                        description: CIDRS enables IP auto-detection based on which
+                          addresses on the nodes are within one of the provided CIDRs.
+                        items:
+                          type: string
+                        type: array
                       firstFound:
                         description: FirstFound uses default interface matching parameters
                           to select an interface, performing best-effort filtering
@@ -151,6 +157,12 @@ spec:
                           source address on the node is used to reach the specified
                           IP or domain.
                         type: string
+                      cidrs:
+                        description: CIDRS enables IP auto-detection based on which
+                          addresses on the nodes are within one of the provided CIDRs.
+                        items:
+                          type: string
+                        type: array
                       firstFound:
                         description: FirstFound uses default interface matching parameters
                           to select an interface, performing best-effort filtering

diff --git a/pkg/apis/operator/v1/types.go b/pkg/apis/operator/v1/types.go
@@ -257,6 +257,10 @@ type NodeAddressAutodetection struct {
 	// specified IP or domain.
 	// +optional
 	CanReach string `json:"canReach,omitempty"`
+
+	// CIDRS enables IP auto-detection based on which addresses on the nodes are within
+	// one of the provided CIDRs.
+	CIDRS []string `json:"cidrs,omitempty"`
 }
 
 // EncapsulationType is the type of encapsulation to use on an IP pool. Valid

diff --git a/pkg/apis/operator/v1/zz_generated.deepcopy.go b/pkg/apis/operator/v1/zz_generated.deepcopy.go
diff --git a/pkg/apis/operator/v1beta1/zz_generated.deepcopy.go b/pkg/apis/operator/v1beta1/zz_generated.deepcopy.go
diff --git a/pkg/controller/installation/validation.go b/pkg/controller/installation/validation.go
@@ -233,6 +233,15 @@ func validateNodeAddressDetection(ad *operatorv1.NodeAddressAutodetection) error
 	if ad.FirstFound != nil && *ad.FirstFound {
 		numEnabled++
 	}
+	if len(ad.CIDRS) != 0 {
+		numEnabled++
+		for _, c := range ad.CIDRS {
+			_, _, err := net.ParseCIDR(c)
+			if err != nil {
+				return fmt.Errorf("invalid CIDR provided for node address autodetection: %s", c)
+			}
+		}
+	}
 
 	if numEnabled > 1 {
 		return fmt.Errorf("no more than one node address autodetection method can be specified per-family")

diff --git a/pkg/render/node.go b/pkg/render/node.go
@@ -18,6 +18,7 @@ import (
 	"fmt"
 	"net"
 	"strconv"
+	"strings"
 
 	operator "github.com/tigera/operator/pkg/apis/operator/v1"
 	operatorv1 "github.com/tigera/operator/pkg/apis/operator/v1"
@@ -1134,6 +1135,9 @@ func getAutodetectionMethod(ad *operator.NodeAddressAutodetection) string {
 		if ad.FirstFound != nil && *ad.FirstFound {
 			return "first-found"
 		}
+		if len(ad.CIDRS) != 0 {
+			return fmt.Sprintf("cidr=%s", strings.Join(ad.CIDRS, ","))
+		}
 	}
 	return ""
 }

diff --git a/pkg/render/node_test.go b/pkg/render/node_test.go
@@ -1146,6 +1146,22 @@ var _ = Describe("Node rendering tests", func() {
 			ds := dsResource.(*apps.DaemonSet)
 			ExpectEnv(ds.Spec.Template.Spec.Containers[0].Env, "IP_AUTODETECTION_METHOD", "skip-interface=eth*")
 		})
+
+		It("should support cidr", func() {
+			defaultInstance.Spec.CalicoNetwork.NodeAddressAutodetectionV4.FirstFound = nil
+			defaultInstance.Spec.CalicoNetwork.NodeAddressAutodetectionV4.CIDRS = []string{"10.0.1.0/24", "10.0.2.0/24"}
+			component := render.Node(defaultInstance, nil, typhaNodeTLS, nil, false)
+			resources, _ := component.Objects()
+			Expect(len(resources)).To(Equal(defaultNumExpectedResources))
+
+			dsResource := GetResource(resources, "calico-node", "calico-system", "apps", "v1", "DaemonSet")
+			Expect(dsResource).ToNot(BeNil())
+
+			// The DaemonSet should have the correct configuration.
+			ds := dsResource.(*apps.DaemonSet)
+			ExpectEnv(ds.Spec.Template.Spec.Containers[0].Env, "IP_AUTODETECTION_METHOD", "cidr=10.0.1.0/24,10.0.2.0/24")
+		})
+
 	})
 
 	It("should include updates needed for the core upgrade", func() {