Skip to content

Commit

Permalink
Merge pull request #1919 from thomasferrandiz/rebased-remove-multiclu…
Browse files Browse the repository at this point in the history
…stercidr

Remove multiclustercidr code
  • Loading branch information
thomasferrandiz authored Mar 21, 2024
2 parents 41a4a4d + 323f51e commit de8b1f0
Show file tree
Hide file tree
Showing 19 changed files with 95 additions and 387 deletions.
7 changes: 0 additions & 7 deletions Documentation/kube-flannel.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,13 +34,6 @@ rules:
- nodes/status
verbs:
- patch
- apiGroups:
- networking.k8s.io
resources:
- clustercidrs
verbs:
- list
- watch
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
Expand Down
2 changes: 1 addition & 1 deletion go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@ require (
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5
k8s.io/utils v0.0.0-20221107191617-1a15be271d1d // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
)
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -776,8 +776,8 @@ k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 h1:+70TFaan3hfJzs+7VK2o+OGxg8HsuBr/5f6tVAjDu6E=
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280/go.mod h1:+Axhij7bCpeqhklhUTe3xmOn6bWxolyZEeyaFpjGtl4=
k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5 h1:kmDqav+P+/5e1i9tFfHq1qcF3sOrDp+YEkVDAHu7Jwk=
k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
k8s.io/utils v0.0.0-20221107191617-1a15be271d1d h1:0Smp/HP1OH4Rvhe+4B8nWGERtlqAGSftbSbbmm45oFs=
k8s.io/utils v0.0.0-20221107191617-1a15be271d1d/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
Expand Down
36 changes: 8 additions & 28 deletions main.go
Original file line number Diff line number Diff line change
Expand Up @@ -346,39 +346,19 @@ func main() {
os.Exit(1)
}

flannelIPv4Net := ip.IP4Net{}
flannelIpv6Net := ip.IP6Net{}
if config.EnableIPv4 {
flannelIPv4Net, err = config.GetFlannelNetwork(&bn.Lease().Subnet)
if err != nil {
log.Error(err)
cancel()
wg.Wait()
os.Exit(1)
}
}
if config.EnableIPv6 {
flannelIpv6Net, err = config.GetFlannelIPv6Network(&bn.Lease().IPv6Subnet)
if err != nil {
log.Error(err)
cancel()
wg.Wait()
os.Exit(1)
}
}
// Set up ipMasq if needed
if opts.ipMasq {
prevNetworks := ReadCIDRsFromSubnetFile(opts.subnetFile, "FLANNEL_NETWORK")
prevNetwork := ReadCIDRFromSubnetFile(opts.subnetFile, "FLANNEL_NETWORK")
prevSubnet := ReadCIDRFromSubnetFile(opts.subnetFile, "FLANNEL_SUBNET")

prevIPv6Networks := ReadIP6CIDRsFromSubnetFile(opts.subnetFile, "FLANNEL_IPV6_NETWORK")
prevIPv6Network := ReadIP6CIDRFromSubnetFile(opts.subnetFile, "FLANNEL_IPV6_NETWORK")
prevIPv6Subnet := ReadIP6CIDRFromSubnetFile(opts.subnetFile, "FLANNEL_IPV6_SUBNET")

err = trafficMngr.SetupAndEnsureMasqRules(ctx,
flannelIPv4Net, prevSubnet,
prevNetworks,
flannelIpv6Net, prevIPv6Subnet,
prevIPv6Networks,
config.Network, prevSubnet,
prevNetwork,
config.IPv6Network, prevIPv6Subnet,
prevIPv6Network,
bn.Lease(),
opts.iptablesResyncSeconds)
if err != nil {
Expand All @@ -394,8 +374,8 @@ func main() {
// In Docker 1.13 and later, Docker sets the default policy of the FORWARD chain to DROP.
if opts.iptablesForwardRules {
trafficMngr.SetupAndEnsureForwardRules(ctx,
flannelIPv4Net,
flannelIpv6Net,
config.Network,
config.IPv6Network,
opts.iptablesResyncSeconds)
}

Expand Down
7 changes: 1 addition & 6 deletions pkg/backend/ipip/ipip.go
Original file line number Diff line number Diff line change
Expand Up @@ -90,12 +90,7 @@ func (be *IPIPBackend) RegisterNetwork(ctx context.Context, wg *sync.WaitGroup,
return nil, fmt.Errorf("failed to acquire lease: %v", err)
}

net, err := config.GetFlannelNetwork(&n.SubnetLease.Subnet)
if err != nil {
return nil, err
}

link, err := be.configureIPIPDevice(n.SubnetLease, net)
link, err := be.configureIPIPDevice(n.SubnetLease, config.Network)

if err != nil {
return nil, err
Expand Down
6 changes: 1 addition & 5 deletions pkg/backend/udp/udp_amd64.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,15 +79,11 @@ func (be *UdpBackend) RegisterNetwork(ctx context.Context, wg *sync.WaitGroup, c
return nil, fmt.Errorf("failed to acquire lease: %v", err)
}

net, err := config.GetFlannelNetwork(&l.Subnet)
if err != nil {
return nil, err
}
// Tunnel's subnet is that of the whole overlay network (e.g. /16)
// and not that of the individual host (e.g. /24)
tunNet := ip.IP4Net{
IP: l.Subnet.IP,
PrefixLen: net.PrefixLen,
PrefixLen: config.Network.PrefixLen,
}

return newNetwork(be.sm, be.extIface, cfg.Port, tunNet, l)
Expand Down
12 changes: 2 additions & 10 deletions pkg/backend/vxlan/vxlan.go
Original file line number Diff line number Diff line change
Expand Up @@ -211,20 +211,12 @@ func (be *VXLANBackend) RegisterNetwork(ctx context.Context, wg *sync.WaitGroup,
// This IP is just used as a source address for host to workload traffic (so
// the return path for the traffic has an address on the flannel network to use as the destination)
if config.EnableIPv4 {
net, err := config.GetFlannelNetwork(&lease.Subnet)
if err != nil {
return nil, err
}
if err := dev.Configure(ip.IP4Net{IP: lease.Subnet.IP, PrefixLen: 32}, net); err != nil {
if err := dev.Configure(ip.IP4Net{IP: lease.Subnet.IP, PrefixLen: 32}, config.Network); err != nil {
return nil, fmt.Errorf("failed to configure interface %s: %w", dev.link.Attrs().Name, err)
}
}
if config.EnableIPv6 {
net, err := config.GetFlannelIPv6Network(&lease.IPv6Subnet)
if err != nil {
return nil, err
}
if err := v6Dev.ConfigureIPv6(ip.IP6Net{IP: lease.IPv6Subnet.IP, PrefixLen: 128}, net); err != nil {
if err := v6Dev.ConfigureIPv6(ip.IP6Net{IP: lease.IPv6Subnet.IP, PrefixLen: 128}, config.IPv6Network); err != nil {
return nil, fmt.Errorf("failed to configure interface %s: %w", v6Dev.link.Attrs().Name, err)
}
}
Expand Down
14 changes: 3 additions & 11 deletions pkg/backend/wireguard/wireguard.go
Original file line number Diff line number Diff line change
Expand Up @@ -171,25 +171,17 @@ func (be *WireguardBackend) RegisterNetwork(ctx context.Context, wg *sync.WaitGr
}

if config.EnableIPv4 {
net, err := config.GetFlannelNetwork(&lease.Subnet)
if err != nil {
return nil, err
}
err = dev.Configure(lease.Subnet.IP, net)
err = dev.Configure(lease.Subnet.IP, config.Network)
if err != nil {
return nil, err
}
}

if config.EnableIPv6 {
ipv6net, err := config.GetFlannelIPv6Network(&lease.IPv6Subnet)
if err != nil {
return nil, err
}
if cfg.Mode == Separate {
err = v6Dev.ConfigureV6(lease.IPv6Subnet.IP, ipv6net)
err = v6Dev.ConfigureV6(lease.IPv6Subnet.IP, config.IPv6Network)
} else {
err = dev.ConfigureV6(lease.IPv6Subnet.IP, ipv6net)
err = dev.ConfigureV6(lease.IPv6Subnet.IP, config.IPv6Network)
}
if err != nil {
return nil, err
Expand Down
32 changes: 8 additions & 24 deletions pkg/backend/wireguard/wireguard_network.go
Original file line number Diff line number Diff line change
Expand Up @@ -183,13 +183,9 @@ func (n *network) handleSubnetEvents(ctx context.Context, batch []lease.Event) {
if err != nil {
log.Errorf("could not read network config: %v", err)
}
flannelnet, err := netconf.GetFlannelNetwork(&event.Lease.Subnet)
if err != nil {
log.Errorf("could not get flannel network: %v", err)
}

if err := n.dev.addRoute(flannelnet.ToIPNet()); err != nil {
log.Errorf("failed to add ipv4 route to (%s): %v", flannelnet, err)
if err := n.dev.addRoute(netconf.Network.ToIPNet()); err != nil {
log.Errorf("failed to add ipv4 route to (%s): %v", netconf.Network, err)
}
}

Expand All @@ -206,13 +202,9 @@ func (n *network) handleSubnetEvents(ctx context.Context, batch []lease.Event) {
if err != nil {
log.Errorf("could not read network config: %v", err)
}
ipv6flannelnet, err := netconf.GetFlannelIPv6Network(&event.Lease.IPv6Subnet)
if err != nil {
log.Errorf("could not get flannel network: %v", err)
}

if err := n.v6Dev.addRoute(ipv6flannelnet.ToIPNet()); err != nil {
log.Errorf("failed to add ipv6 route to (%s): %v", ipv6flannelnet, err)
if err := n.v6Dev.addRoute(netconf.IPv6Network.ToIPNet()); err != nil {
log.Errorf("failed to add ipv6 route to (%s): %v", netconf.IPv6Network, err)
}
}
} else {
Expand Down Expand Up @@ -242,21 +234,13 @@ func (n *network) handleSubnetEvents(ctx context.Context, batch []lease.Event) {
if err != nil {
log.Errorf("could not read network config: %v", err)
}
flannelnet, err := netconf.GetFlannelNetwork(&event.Lease.Subnet)
if err != nil {
log.Errorf("could not get flannel network: %v", err)
}

if err := n.dev.addRoute(flannelnet.ToIPNet()); err != nil {
log.Errorf("failed to add ipv4 route to (%s): %v", flannelnet, err)
}
ipv6flannelnet, err := netconf.GetFlannelIPv6Network(&event.Lease.IPv6Subnet)
if err != nil {
log.Errorf("could not get flannel network: %v", err)
if err := n.dev.addRoute(netconf.Network.ToIPNet()); err != nil {
log.Errorf("failed to add ipv4 route to (%s): %v", netconf.Network, err)
}

if err := n.dev.addRoute(ipv6flannelnet.ToIPNet()); err != nil {
log.Errorf("failed to add ipv6 route to (%s): %v", ipv6flannelnet, err)
if err := n.dev.addRoute(netconf.IPv6Network.ToIPNet()); err != nil {
log.Errorf("failed to add ipv6 route to (%s): %v", netconf.IPv6Network, err)
}
}

Expand Down
124 changes: 0 additions & 124 deletions pkg/subnet/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,8 @@ import (
"errors"
"fmt"
"math/big"
"net"

"github.com/flannel-io/flannel/pkg/ip"
"k8s.io/klog/v2"
netutils "k8s.io/utils/net"
)

type Config struct {
Expand All @@ -32,8 +29,6 @@ type Config struct {
EnableNFTables bool
Network ip.IP4Net
IPv6Network ip.IP6Net
Networks []ip.IP4Net
IPv6Networks []ip.IP6Net
SubnetMin ip.IP4
SubnetMax ip.IP4
IPv6SubnetMin *ip.IP6
Expand Down Expand Up @@ -73,9 +68,6 @@ func ParseConfig(s string) (*Config, error) {
}
cfg.BackendType = bt

cfg.Networks = make([]ip.IP4Net, 0)
cfg.IPv6Networks = make([]ip.IP6Net, 0)

return cfg, nil
}

Expand Down Expand Up @@ -204,119 +196,3 @@ func CheckNetworkConfig(config *Config) error {
}
return nil
}

// GetFlannelNetwork returns the relevant IPv4 network (i.e. clusterCIDR) for subnet sn
// If Networks is not empty, GetFlannelNetwork returns the first networks that contains subnet sn.
// If Networks is empty, this means we are not using the MultiClusterCIDR API
// so GetFlannelNetwork falls back to the standard behavior and returns the single Network entry
func (c *Config) GetFlannelNetwork(sn *ip.IP4Net) (ip.IP4Net, error) {
if c.HasNetworks() {
for _, net := range c.Networks {
if net.ContainsCIDR(sn) {
return net, nil
}
}
return ip.IP4Net{}, fmt.Errorf("could not find flannel networks matching subnet %s", sn)
} else {
emptyNet := ip.IP4Net{}
if c.Network != emptyNet {
return c.Network, nil
} else {
return emptyNet, fmt.Errorf("could not find an ipv4 network in the flannel configuration")
}
}
}

// GetFlannelIPv6Network returns the relevant IPv6 network (i.e. clusterCIDR) for subnet sn
// If Networks is not empty, GetFlannelIPv6Network returns the first networks that contains subnet sn.
// If Networks is empty, this means we are not using the MultiClusterCIDR API
// so GetFlannelIPv6Network falls back to the standard behavior and returns the single IPv6Network entry
func (c *Config) GetFlannelIPv6Network(sn *ip.IP6Net) (ip.IP6Net, error) {
if c.HasIPv6Networks() {
for _, net := range c.IPv6Networks {
if net.ContainsCIDR(sn) {
return net, nil
}
}
return ip.IP6Net{}, fmt.Errorf("could not find flannel ipv6 networks matching subnet %s", sn)
} else {
emptyNet := ip.IP6Net{}
if c.IPv6Network != emptyNet {
return c.IPv6Network, nil
} else {
return emptyNet, fmt.Errorf("could not find an ipv6 network in the flannel configuration")
}

}
}

// AddNetwork adds net to either c.Networks or c.IPv6Networks depending on its type
func (c *Config) AddNetwork(net *net.IPNet) {
if netutils.IsIPv4CIDR(net) {
ip4net := ip.FromIPNet(net)
if !c.containsIPv4Network(ip4net) {
c.Networks = append(c.Networks, ip4net)
}
} else if netutils.IsIPv6CIDR(net) {
ip6net := ip.FromIP6Net(net)
if !c.containsIPv6Network(ip6net) {
c.IPv6Networks = append(c.IPv6Networks, ip6net)
}
} else {
klog.Warningf("cannot add unknown CIDR to config: %s", net)
}
}

func (c *Config) containsIPv4Network(net ip.IP4Net) bool {
for _, ip4net := range c.Networks {
if net.Equal(ip4net) {
return true
}
}
return false
}

func (c *Config) containsIPv6Network(net ip.IP6Net) bool {
for _, ip6net := range c.IPv6Networks {
if net.Equal(ip6net) {
return true
}
}
return false
}

// HasNetworks returns true if there is at least 1 IPv4 network in the flannel config,
// false otherwise
func (c *Config) HasNetworks() bool {
if c.Networks != nil {
return len(c.Networks) > 0
} else {
return false
}
}

// HasIPv6Networks returns true if there is at least 1 IPv6 network in the flannel config,
// false otherwise
func (c *Config) HasIPv6Networks() bool {
if c.IPv6Networks != nil {
return len(c.IPv6Networks) > 0
} else {
return false
}
}

func (c *Config) GetNetworks() []ip.IP4Net {
if len(c.Networks) > 0 {
return c.Networks
} else {
return []ip.IP4Net{c.Network}
}
}

func (c *Config) GeIPv6tNetworks() []ip.IP6Net {
if len(c.Networks) > 0 {
return c.IPv6Networks
} else {
return []ip.IP6Net{c.IPv6Network}
}
}
Loading

0 comments on commit de8b1f0

Please sign in to comment.