fixes

cmd/gateway/geneve/main.go

@@ -109,7 +109,7 @@ func run(cmd *cobra.Command, _ []string) error {
 		return fmt.Errorf("unable to setup internalnode reconciler: %w", err)
 	}
 
-	runnable, err := concurrent.NewRunnableGuest("geneve")
+	runnable, err := concurrent.NewRunnableGuest(options.GwOptions.ContainerName)
 	if err != nil {
 		return fmt.Errorf("unable to create runnable guest: %w", err)
 	}

cmd/gateway/main.go

@@ -116,7 +116,7 @@ func run(cmd *cobra.Command, _ []string) error {
 	cfg := config.GetConfigOrDie()
 
 	// Create the client. This client should be used only outside the reconciler.
-	// This client don't need a cache.
+	// This client does not need a cache.
 	cl, err := client.New(cfg, client.Options{
 		Scheme: scheme,
 	})
@@ -210,6 +210,7 @@ func run(cmd *cobra.Command, _ []string) error {
 		connoptions.GwOptions.PodName,
 		connoptions.GwOptions.Name,
 		connoptions.GwOptions.Namespace,
+		connoptions.GwOptions.ConcurrentContainersNames,
 	)
 	if err != nil {
 		return fmt.Errorf("unable to create concurrent runnable: %w", err)

cmd/gateway/wireguard/main.go

@@ -157,7 +157,7 @@ func run(cmd *cobra.Command, _ []string) error {
 		return fmt.Errorf("unable to register prometheus collector: %w", err)
 	}
 
-	runnable, err := concurrent.NewRunnableGuest("wireguard")
+	runnable, err := concurrent.NewRunnableGuest(options.GwOptions.ContainerName)
 	if err != nil {
 		return fmt.Errorf("unable to create runnable guest: %w", err)
 	}

deployments/liqo/files/liqo-gateway-ClusterRole.yaml

@@ -21,16 +21,6 @@ rules:
   - patch
   - update
   - watch
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - update
 - apiGroups:
   - coordination.k8s.io
   resources:

deployments/liqo/templates/liqo-wireguard-gateway-client-template.yaml

@@ -52,6 +52,8 @@ spec:
                 - --node-name={{"$(NODE_NAME)"}}
                 - --pod-name={{"$(POD_NAME)"}}
                 - --mode=client
+                - --container-name=gateway
+                - --concurrent-containers-names=wireguard,geneve
                 {{- if .Values.metrics.enabled }}
                 - --metrics-address=:8080
                 {{- end }}
@@ -60,9 +62,7 @@ spec:
                 - --ping-loss-threshold={{ .Values.networking.gatewayTemplates.ping.lossThreshold }}
                 - --ping-interval={{ .Values.networking.gatewayTemplates.ping.interval }}
                 - --ping-update-status-interval={{ .Values.networking.gatewayTemplates.ping.updateStatusInterval }}
-                {{- if gt .Values.networking.gatewayTemplates.replicas 1.0 }}
                 - --leader-election=true
-                {{- end }}
                 {{- if .Values.requirements.kernel.disabled }}
                 - --disable-kernel-version-check
                 {{- end }}
@@ -98,6 +98,7 @@ spec:
                 - --remote-cluster-id={{"{{ .ClusterID }}"}}
                 - --gateway-uid={{"{{ .GatewayUID }}"}}
                 - --mode=client
+                - --container-name=wireguard
                 - --mtu={{"{{ .Spec.MTU }}"}}
                 - --endpoint-address={{"{{ index .Spec.Endpoint.Addresses 0 }}"}}
                 - --endpoint-port={{"{{ .Spec.Endpoint.Port }}"}}
@@ -136,6 +137,7 @@ spec:
                 - --node-name={{"$(NODE_NAME)"}}
                 - --pod-name={{"$(POD_NAME)"}}
                 - --mode=server
+                - --container-name=geneve
                 - --geneve-port={{ .Values.networking.genevePort }}
                 {{- if .Values.metrics.enabled }}
                 - --metrics-address=:8084

deployments/liqo/templates/liqo-wireguard-gateway-server-template-eks.yaml

@@ -79,6 +79,8 @@ spec:
                 - --pod-name={{"$(POD_NAME)"}}
                 - --gateway-uid={{"{{ .GatewayUID }}"}}
                 - --mode=server
+                - --container-name=gateway
+                - --concurrent-containers-names=wireguard,geneve
                 {{- if .Values.metrics.enabled }}
                 - --metrics-address=:8080
                 {{- end }}
@@ -87,9 +89,7 @@ spec:
                 - --ping-loss-threshold={{ .Values.networking.gatewayTemplates.ping.lossThreshold }}
                 - --ping-interval={{ .Values.networking.gatewayTemplates.ping.interval }}
                 - --ping-update-status-interval={{ .Values.networking.gatewayTemplates.ping.updateStatusInterval }}
-                {{- if gt .Values.networking.gatewayTemplates.replicas 1.0 }}
                 - --leader-election=true
-                {{- end }}
                 {{- if .Values.requirements.kernel.disabled }}
                 - --disable-kernel-version-check
                 {{- end }}
@@ -125,6 +125,7 @@ spec:
                 - --remote-cluster-id={{"{{ .ClusterID }}"}}
                 - --gateway-uid={{"{{ .GatewayUID }}"}}
                 - --mode=server
+                - --container-name=wireguard
                 - --mtu={{"{{ .Spec.MTU }}"}}
                 - --listen-port={{"{{ .Spec.Endpoint.Port }}"}}
                 {{- if .Values.metrics.enabled }}
@@ -162,6 +163,7 @@ spec:
                 - --pod-name={{"$(POD_NAME)"}}
                 - --gateway-uid={{"{{ .GatewayUID }}"}}
                 - --mode=server
+                - --container-name=geneve
                 - --geneve-port={{ .Values.networking.genevePort }}
                 {{- if .Values.metrics.enabled }}
                 - --metrics-address=:8084

deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml

@@ -70,6 +70,8 @@ spec:
                 - --pod-name={{"$(POD_NAME)"}}
                 - --gateway-uid={{"{{ .GatewayUID }}"}}
                 - --mode=server
+                - --container-name=gateway
+                - --concurrent-containers-names=wireguard,geneve
                 {{- if .Values.metrics.enabled }}
                 - --metrics-address=:8080
                 {{- end }}
@@ -78,9 +80,7 @@ spec:
                 - --ping-loss-threshold={{ .Values.networking.gatewayTemplates.ping.lossThreshold }}
                 - --ping-interval={{ .Values.networking.gatewayTemplates.ping.interval }}
                 - --ping-update-status-interval={{ .Values.networking.gatewayTemplates.ping.updateStatusInterval }}
-                {{- if gt .Values.networking.gatewayTemplates.replicas 1.0 }}
                 - --leader-election=true
-                {{- end }}
                 {{- if .Values.requirements.kernel.disabled }}
                 - --disable-kernel-version-check
                 {{- end }}
@@ -116,6 +116,7 @@ spec:
                 - --remote-cluster-id={{"{{ .ClusterID }}"}}
                 - --gateway-uid={{"{{ .GatewayUID }}"}}
                 - --mode=server
+                - --container-name=wireguard
                 - --mtu={{"{{ .Spec.MTU }}"}}
                 - --listen-port={{"{{ .Spec.Endpoint.Port }}"}}
                 {{- if .Values.metrics.enabled }}
@@ -153,6 +154,7 @@ spec:
                 - --pod-name={{"$(POD_NAME)"}}
                 - --gateway-uid={{"{{ .GatewayUID }}"}}
                 - --mode=server
+                - --container-name=geneve
                 - --geneve-port={{ .Values.networking.genevePort }}
                 {{- if .Values.metrics.enabled }}
                 - --metrics-address=:8084

pkg/gateway/concurrent/const.go

@@ -16,6 +16,3 @@ package concurrent
 
 // UnixSocketPath is the path of the Unix socket.
 const unixSocketPath string = "/ipc/leader.sock"
-
-// ContainerNames is the list of container names.
-var containerNames = []string{"wireguard", "geneve"}

pkg/gateway/concurrent/gateway.go

@@ -40,7 +40,7 @@ type RunnableGateway struct {
 }
 
 // NewRunnableGateway creates a new Runnable.
-func NewRunnableGateway(cl client.Client, podName, deploymentName, namespace string) (*RunnableGateway, error) {
+func NewRunnableGateway(cl client.Client, podName, deploymentName, namespace string, containerNames []string) (*RunnableGateway, error) {
 	guestConnections := ipc.NewGuestConnections(containerNames)
 
 	socket, err := ipc.CreateListenSocket(unixSocketPath)

pkg/gateway/flags.go

@@ -39,13 +39,18 @@ const (
 	FlagNameNodeName FlagName = "node-name"
 	// FlagNamePodName is the name of the pod.
 	FlagNamePodName FlagName = "pod-name"
+	// FlagContainerName is the name of the container.
+	FlagContainerName FlagName = "container-name"
 
 	// FlagNameGatewayUID is the UID of the Gateway resource.
 	FlagNameGatewayUID FlagName = "gateway-uid"
 
 	// FlagNameMode is the mode in which the gateway is configured.
 	FlagNameMode FlagName = "mode"
 
+	// FlagConcurrentContainersNames is the names of the containers that the gateway container must wait for.
+	FlagConcurrentContainersNames FlagName = "concurrent-containers-names"
+
 	// FlagNameLeaderElection is the flag to enable leader election.
 	FlagNameLeaderElection FlagName = "leader-election"
 	// FlagNameLeaderElectionLeaseDuration is the lease duration for the leader election.
@@ -75,6 +80,7 @@ var RequiredFlags = []FlagName{
 	FlagNameGatewayUID,
 	FlagNameNodeName,
 	FlagNamePodName,
+	FlagContainerName,
 }
 
 // InitFlags initializes the flags for the gateway.
@@ -84,11 +90,15 @@ func InitFlags(flagset *pflag.FlagSet, opts *Options) {
 	flagset.StringVar(&opts.RemoteClusterID, FlagNameRemoteClusterID.String(), "", "ClusterID of the remote cluster")
 	flagset.StringVar(&opts.NodeName, FlagNameNodeName.String(), "", "Node name")
 	flagset.StringVar(&opts.PodName, FlagNamePodName.String(), "", "Pod name")
+	flagset.StringVar(&opts.ContainerName, FlagContainerName.String(), "", "Container name")
 
 	flagset.StringVar(&opts.GatewayUID, FlagNameGatewayUID.String(), "", "Parent gateway resource UID")
 
 	flagset.Var(&opts.Mode, FlagNameMode.String(), "Parent gateway mode")
 
+	flagset.StringSliceVar(&opts.ConcurrentContainersNames, FlagConcurrentContainersNames.String(),
+		[]string{}, "the container list that gateway container must wait for")
+
 	flagset.BoolVar(&opts.LeaderElection, FlagNameLeaderElection.String(), false, "Enable leader election")
 	flagset.DurationVar(&opts.LeaderElectionLeaseDuration, FlagNameLeaderElectionLeaseDuration.String(), 15*time.Second,
 		"LeaseDuration for the leader election")
@@ -111,5 +121,12 @@ func MarkFlagsRequired(cmd *cobra.Command) error {
 			return err
 		}
 	}
+
+	if cmd.Name() == "liqo-gateway" {
+		if err := cmd.MarkFlagRequired(FlagConcurrentContainersNames.String()); err != nil {
+			return err
+		}
+	}
+
 	return nil
 }

pkg/gateway/options.go

@@ -28,11 +28,14 @@ type Options struct {
 	RemoteClusterID string
 	NodeName        string
 	PodName         string
+	ContainerName   string
 
 	GatewayUID string
 
 	Mode Mode
 
+	ConcurrentContainersNames []string
+
 	LeaderElection              bool
 	LeaderElectionLeaseDuration time.Duration
 	LeaderElectionRenewDeadline time.Duration

pkg/liqo-controller-manager/networking/external-network/wireguard/wggatewayclient_controller.go

@@ -17,7 +17,6 @@ package wireguard
 import (
 	"context"
 	"fmt"
-	"sort"
 
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
@@ -293,20 +292,12 @@ func (r *WgGatewayClientReconciler) handleInternalEndpointStatus(ctx context.Con
 		return err
 	}
 
-	if len(podList.Items) == 0 {
-		err := fmt.Errorf("no pods found for deployment %s/%s", dep.Namespace, dep.Name)
+	if len(podList.Items) != 1 {
+		err := fmt.Errorf("wrong number of pods for deployment %s/%s: %d (must be 1)", dep.Namespace, dep.Name, len(podList.Items))
 		klog.Error(err)
 		return err
 	}
 
-	// sort pods by creation timestamp (older first), and name
-	sort.Slice(podList.Items, func(i, j int) bool {
-		if podList.Items[i].CreationTimestamp.Equal(&podList.Items[j].CreationTimestamp) {
-			return podList.Items[i].Name < podList.Items[j].Name
-		}
-		return podList.Items[i].CreationTimestamp.Before(&podList.Items[j].CreationTimestamp)
-	})
-
 	if podList.Items[0].Status.PodIP == "" {
 		err := fmt.Errorf("pod %s/%s has no IP", podList.Items[0].Namespace, podList.Items[0].Name)
 		klog.Error(err)