Use standard value type for k8s.v1.cni.cncf.io/networks annotation (#…

…4146) For SecondaryNetwork support, we switch to using the standard value type for the k8s.v1.cni.cncf.io/networks annotation: https://pkg.go.dev/github.com/k8snetworkplumbingwg/[email protected]/pkg/apis/k8s.cni.cncf.io/v1#NetworkSelectionElement By switching to the standard type: * we avoid user confusion * we ensure compatibility with other solutions such as Multus * we support "edge" cases that were not supported before: 1) using a NetworkAttachmentDefinition CR defined in a different Namespace than the Pod, 2) providing the NetworkAttachmentDefinition CR name as `[namespace/]name[@interface]` * we can use the standard ParseNetworkAnnotation function and avoid potential bugs or inconsistencies. This means that it is no longer possible to provide an "interface type" as part of the annotation value. However, this is not really a standard concept, as this information is typically provided in the NetworkAttachmentDefinition CR. For example, "bridge" mode for "macvlan". And in our case we use "sriov" networkType. In addition to this change, we add a good amount of unit tests, in the context of #4142. Signed-off-by: Antonin Bas <[email protected]>
antrea-io · Aug 29, 2022 · 222c2b6 · 222c2b6
1 parent 53b639f
commit 222c2b6
Show file tree

Hide file tree

Showing 10 changed files with 686 additions and 128 deletions.
diff --git a/cmd/antrea-agent/agent.go b/cmd/antrea-agent/agent.go
@@ -635,7 +635,8 @@ func run(o *Options) error {
 			localPodInformer,
 			nodeConfig.Name,
 			cniPodInfoStore,
-			cniServer)
+			// safe to call given that cniServer.Initialize has been called already.
+			cniServer.GetPodConfigurator())
 		go podWatchController.Run(stopCh)
 	}
 

diff --git a/hack/update-codegen-dockerized.sh b/hack/update-codegen-dockerized.sh
@@ -51,6 +51,8 @@ function generate_mocks {
     "pkg/agent/querier AgentQuerier testing"
     "pkg/agent/route Interface testing"
     "pkg/agent/ipassigner IPAssigner testing"
+    "pkg/agent/secondarynetwork/podwatch InterfaceConfigurator testing"
+    "pkg/agent/secondarynetwork/ipam IPAMDelegator testing"
     "pkg/antctl AntctlClient ."
     "pkg/controller/networkpolicy EndpointQuerier testing"
     "pkg/controller/querier ControllerQuerier testing"

diff --git a/pkg/agent/cniserver/server.go b/pkg/agent/cniserver/server.go
@@ -204,7 +204,7 @@ func (s *CNIServer) isCNIVersionSupported(reqVersion string) bool {
 	return exist
 }
 
-func (s *CNIServer) valiateCNIAndIPAMType(cniConfig *CNIConfig) *cnipb.CniCmdResponse {
+func (s *CNIServer) validateCNIAndIPAMType(cniConfig *CNIConfig) *cnipb.CniCmdResponse {
 	var ipamType string
 	if cniConfig.IPAM != nil {
 		ipamType = cniConfig.IPAM.Type
@@ -251,7 +251,7 @@ func (s *CNIServer) validateRequestMessage(request *cnipb.CniCmdRequest) (*CNICo
 		return nil, s.incompatibleCniVersionResponse(cniVersion)
 	}
 
-	if resp := s.valiateCNIAndIPAMType(cniConfig); resp != nil {
+	if resp := s.validateCNIAndIPAMType(cniConfig); resp != nil {
 		return nil, resp
 	}
 	if !s.isChaining && !cniConfig.secondaryNetworkIPAM {

diff --git a/pkg/agent/secondarynetwork/cnipodcache/cache.go b/pkg/agent/secondarynetwork/cnipodcache/cache.go
@@ -100,7 +100,7 @@ func getCNIPodInfoKey(obj interface{}) (string, error) {
 	return key, nil
 }
 
-func NewCNIPodInfoStore() CNIPodInfoStore {
+func NewCNIPodInfoStore() *CNIPodInfoCache {
 	return &CNIPodInfoCache{
 		cache: cache.NewIndexer(getCNIPodInfoKey, cache.Indexers{
 			podIndex: podIndexFunc,

diff --git a/pkg/agent/secondarynetwork/ipam/ipam_delegator.go b/pkg/agent/secondarynetwork/ipam/ipam_delegator.go
@@ -30,7 +30,18 @@ const (
 	defaultCNIPath  = "/opt/cni/bin"
 )
 
-func GetIPAMSubnetAddress(netConfig []byte, cmdArgs *invoke.Args) (*current.Result, error) {
+type IPAMDelegator interface {
+	GetIPAMSubnetAddress(netConfig []byte, cmdArgs *invoke.Args) (*current.Result, error)
+	DelIPAMSubnetAddress(netConfig []byte, cmdArgs *invoke.Args) error
+}
+
+type delegator struct{}
+
+func NewIPAMDelegator() *delegator {
+	return &delegator{}
+}
+
+func (d *delegator) GetIPAMSubnetAddress(netConfig []byte, cmdArgs *invoke.Args) (*current.Result, error) {
 	var success = false
 	defer func() {
 		if !success {
@@ -56,7 +67,7 @@ func GetIPAMSubnetAddress(netConfig []byte, cmdArgs *invoke.Args) (*current.Resu
 	return ipamResult, nil
 }
 
-func DelIPAMSubnetAddress(netConfig []byte, cmdArgs *invoke.Args) error {
+func (d *delegator) DelIPAMSubnetAddress(netConfig []byte, cmdArgs *invoke.Args) error {
 	cmdArgs.Command = "DEL"
 	if err := delegateNoResult(ipamWhereabouts, netConfig, cmdArgs); err != nil {
 		return err

diff --git a/pkg/agent/secondarynetwork/ipam/testing/mock_ipam.go b/pkg/agent/secondarynetwork/ipam/testing/mock_ipam.go