Skip to content

add pod uid check in cni add #704

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Oct 21, 2024
Merged

add pod uid check in cni add #704

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions pkg/apis/crds/network.alibabacloud.com_nodes.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -174,6 +174,9 @@ spec:
podID:
description: Add the pod ID
type: string
podUID:
description: Add pod UID for validate
type: string
primary:
type: boolean
status:
Expand All @@ -199,6 +202,9 @@ spec:
podID:
description: Add the pod ID
type: string
podUID:
description: Add pod UID for validate
type: string
primary:
type: boolean
status:
Expand Down
2 changes: 1 addition & 1 deletion pkg/apis/crds/register.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ func getCRD(name string) apiextensionsv1.CustomResourceDefinition {
version = "v0.1.0"
case CRDNode:
crdBytes = crdsNode
version = "v0.1.0"
version = "v0.2.0"
default:
panic(fmt.Sprintf("crd %s name not exist", name))
}
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/network.alibabacloud.com/v1beta1/node_types.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,8 @@ type IP struct {
Status IPStatus `json:"status"`
// Add the pod ID
PodID string `json:"podID,omitempty"`
// Add pod UID for validate
PodUID string `json:"podUID,omitempty"`
}

type IPMap map[string]*IP
Expand Down
1 change: 1 addition & 0 deletions pkg/controller/multi-ip/node/pod.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (

type PodRequest struct {
// requirements
PodUID string

RequireIPv4 bool
RequireIPv6 bool
Expand Down
12 changes: 10 additions & 2 deletions pkg/controller/multi-ip/node/pool.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -418,6 +418,7 @@
}

podsMapper[pod.Namespace+"/"+pod.Name] = &PodRequest{
PodUID: string(pod.UID),

Check warning on line 421 in pkg/controller/multi-ip/node/pool.go

View check run for this annotation

Codecov / codecov/patch

pkg/controller/multi-ip/node/pool.go#L421 

Added line #L421 was not covered by tests
RequireIPv4: node.Spec.ENISpec.EnableIPv4,
RequireIPv6: node.Spec.ENISpec.EnableIPv6,
RequireERDMA: requireERDMA,
Expand Down Expand Up @@ -464,12 +465,14 @@
if v.IP.PodID == "" {
continue
}
_, ok := podsMapper[v.IP.PodID]
info, ok := podsMapper[v.IP.PodID]
if ok {
v.IP.PodUID = info.PodUID
continue
}
log.Info("pod released", "pod", v.IP.PodID, "ip", v.IP.IP)
v.IP.PodID = ""
v.IP.PodUID = ""
}
}
}
Expand Down Expand Up @@ -497,6 +500,7 @@
if ok && (eniIP.IP.PodID == "" || eniIP.IP.PodID == podID) {
info.ipv4Ref = eniIP
eniIP.IP.PodID = podID
eniIP.IP.PodUID = info.PodUID
log.Info("assign ip (from pod status)", "pod", podID, "ip", eniIP.IP, "eni", eniIP.NetworkInterface.ID)
}
}
Expand All @@ -509,6 +513,7 @@
if ok && (eniIP.IP.PodID == "" || eniIP.IP.PodID == podID) {
info.ipv6Ref = eniIP
eniIP.IP.PodID = podID
eniIP.IP.PodUID = info.PodUID
log.Info("assign ip (from pod status)", "pod", podID, "ip", eniIP.IP, "eni", eniIP.NetworkInterface.ID)
}
}
Expand Down Expand Up @@ -544,7 +549,7 @@
IP: v.IP,
}
v.IP.PodID = podID

v.IP.PodUID = info.PodUID
log.Info("assign ip", "pod", podID, "ip", v.IP.IP, "eni", v.NetworkInterface.ID)
break
}
Expand Down Expand Up @@ -588,6 +593,7 @@
IP: v.IP,
}
v.IP.PodID = podID
v.IP.PodUID = info.PodUID
log.Info("assign ip", "pod", podID, "ip", v.IP.IP, "eni", v.NetworkInterface.ID)

break
Expand All @@ -600,6 +606,7 @@
log.Info("failed to get ipv6 addr, roll back ipv4", "pod", podID, "ip", info.ipv4Ref.IP)

info.ipv4Ref.IP.PodID = ""
info.ipv4Ref.IP.PodUID = ""
info.ipv4Ref = nil
}
unSucceedPods[podID] = info
Expand Down Expand Up @@ -1370,6 +1377,7 @@
v.Primary = ip.Primary
if v.PodID == "" {
v.PodID = ip.PodID
v.PodUID = ip.PodUID

Check warning on line 1380 in pkg/controller/multi-ip/node/pool.go

View check run for this annotation

Codecov / codecov/patch

pkg/controller/multi-ip/node/pool.go#L1380 

Added line #L1380 was not covered by tests
}
} else {
in[ip.IP] = ip
Expand Down
12 changes: 9 additions & 3 deletions pkg/controller/multi-ip/node/pool_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,21 +39,25 @@ func MetaIntoCtx(ctx context.Context) context.Context {
func Test_releaseUnWanted(t *testing.T) {
log := logr.Discard()
podsMapper := map[string]*PodRequest{
"pod2": &PodRequest{},
"pod2": &PodRequest{
PodUID: "uid_pod2",
},
}
enis := map[string]*networkv1beta1.NetworkInterface{
"eni": {
IPv4: map[string]*networkv1beta1.IP{
"v4": {
PodID: "pod1",
PodID: "pod1",
PodUID: "pod1",
},
"11": {
PodID: "",
},
},
IPv6: map[string]*networkv1beta1.IP{
"v6": {
PodID: "pod2",
PodID: "pod2",
PodUID: "foo",
},
},
},
Expand All @@ -63,7 +67,9 @@ func Test_releaseUnWanted(t *testing.T) {
releasePodNotFound(log, podsMapper, ipv4Map, ipv6Map)

assert.Empty(t, enis["eni"].IPv4["v4"].PodID)
assert.Empty(t, enis["eni"].IPv4["v4"].PodUID)
assert.Equal(t, "pod2", enis["eni"].IPv6["v6"].PodID)
assert.Equal(t, "uid_pod2", enis["eni"].IPv6["v6"].PodUID)
}

func Test_getEniOptions(t *testing.T) {
Expand Down
6 changes: 6 additions & 0 deletions pkg/eni/crdv2.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -152,6 +152,9 @@
ip.PodID != cni.PodID {
continue
}
if ip.PodUID != "" && ip.PodUID != cni.PodUID {
continue

Check warning on line 156 in pkg/eni/crdv2.go

View check run for this annotation

Codecov / codecov/patch

pkg/eni/crdv2.go#L155-L156 

Added lines #L155 - L156 were not covered by tests
}
addr, err := netip.ParseAddr(ip.IP)
if err != nil {
return false, err
Expand All @@ -164,6 +167,9 @@
ip.PodID != cni.PodID {
continue
}
if ip.PodUID != "" && ip.PodUID != cni.PodUID {
continue

Check warning on line 171 in pkg/eni/crdv2.go

View check run for this annotation

Codecov / codecov/patch

pkg/eni/crdv2.go#L170-L171 

Added lines #L170 - L171 were not covered by tests
}
addr, err := netip.ParseAddr(ip.IP)
if err != nil {
return false, err
Expand Down
Loading