diff --git a/pkg/controller/controller.go b/pkg/controller/controller.go index 8bd4d3e15da..473563f8341 100644 --- a/pkg/controller/controller.go +++ b/pkg/controller/controller.go @@ -764,6 +764,10 @@ func (c *Controller) Run(ctx context.Context) { util.LogFatalAndExit(err, "failed to sync crd ips") } + if err := c.syncFinalizers(); err != nil { + util.LogFatalAndExit(err, "failed to initialize crd finalizers") + } + if err := c.InitIPAM(); err != nil { util.LogFatalAndExit(err, "failed to initialize ipam") } diff --git a/pkg/controller/init.go b/pkg/controller/init.go index b89fa91e207..d943e15047e 100644 --- a/pkg/controller/init.go +++ b/pkg/controller/init.go @@ -15,6 +15,8 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" "k8s.io/klog/v2" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" kubeovnv1 "github.com/kubeovn/kube-ovn/pkg/apis/kubeovn/v1" "github.com/kubeovn/kube-ovn/pkg/ovs" @@ -578,7 +580,7 @@ func (c *Controller) syncIPCR() error { for _, ipCR := range ips { ip := ipCR.DeepCopy() - if ip.DeletionTimestamp != nil && slices.Contains(ip.Finalizers, util.ControllerName) { + if ip.DeletionTimestamp != nil && slices.Contains(ip.Finalizers, util.KubeOVNControllerFinalizer) { klog.Infof("enqueue update for deleting ip %s", ip.Name) c.updateIPQueue.Add(ip.Name) } @@ -827,3 +829,73 @@ func (c *Controller) initNodeChassis() error { } return nil } + +func (c *Controller) syncFinalizers() error { + // migrate depreciated finalizer to new finalizer + klog.Info("start to sync finalizers") + if err := c.syncIPFinalizer(); err != nil { + klog.Errorf("failed to sync ip finalizer: %v", err) + return err + } + if err := c.syncOvnDnatFinalizer(); err != nil { + klog.Errorf("failed to sync ovn dnat finalizer: %v", err) + return err + } + if err := c.syncOvnEipFinalizer(); err != nil { + klog.Errorf("failed to sync ovn eip finalizer: %v", err) + return err + } + if err := c.syncOvnFipFinalizer(); err != nil { + klog.Errorf("failed to sync ovn fip finalizer: %v", err) + return err + } + if err := c.syncOvnSnatFinalizer(); err != nil { + klog.Errorf("failed to sync ovn snat finalizer: %v", err) + return err + } + if err := c.syncQoSPolicyFinalizer(); err != nil { + klog.Errorf("failed to sync qos policy finalizer: %v", err) + return err + } + if err := c.syncSubnetFinalizer(); err != nil { + klog.Errorf("failed to sync subnet finalizer: %v", err) + return err + } + if err := c.syncVipFinalizer(); err != nil { + klog.Errorf("failed to sync vip finalizer: %v", err) + return err + } + if err := c.syncIptablesEipFinalizer(); err != nil { + klog.Errorf("failed to sync iptables eip finalizer: %v", err) + return err + } + if err := c.syncIptablesFipFinalizer(); err != nil { + klog.Errorf("failed to sync iptables fip finalizer: %v", err) + return err + } + if err := c.syncIptablesDnatFinalizer(); err != nil { + klog.Errorf("failed to sync iptables dnat finalizer: %v", err) + return err + } + if err := c.syncIptablesSnatFinalizer(); err != nil { + klog.Errorf("failed to sync iptables snat finalizer: %v", err) + return err + } + klog.Info("sync finalizers done") + return nil +} + +func (c *Controller) ReplaceFinalizer(cachedObj client.Object) ([]byte, error) { + if controllerutil.ContainsFinalizer(cachedObj, util.DepreciatedFinalizerName) { + newObj := cachedObj.DeepCopyObject().(client.Object) + controllerutil.RemoveFinalizer(newObj, util.DepreciatedFinalizerName) + controllerutil.AddFinalizer(newObj, util.KubeOVNControllerFinalizer) + patch, err := util.GenerateMergePatchPayload(cachedObj, newObj) + if err != nil { + klog.Errorf("failed to generate patch payload for %s, %v", newObj.GetName(), err) + return nil, err + } + return patch, nil + } + return nil, nil +} diff --git a/pkg/controller/ip.go b/pkg/controller/ip.go index acea7b7fe6a..83003856098 100644 --- a/pkg/controller/ip.go +++ b/pkg/controller/ip.go @@ -11,6 +11,7 @@ import ( k8serrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/client-go/tools/cache" @@ -323,7 +324,7 @@ func (c *Controller) handleUpdateIP(key string) error { klog.Infof("ip cr %s release ipam pod key %s from subnet %s", cachedIP.Name, podKey, cachedIP.Spec.Subnet) c.ipam.ReleaseAddressByPod(podKey, cachedIP.Spec.Subnet) } - if err = c.handleDelIPFinalizer(cachedIP, util.ControllerName); err != nil { + if err = c.handleDelIPFinalizer(cachedIP, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to handle del ip finalizer %v", err) return err } @@ -341,6 +342,36 @@ func (c *Controller) handleDelIP(ip *kubeovnv1.IP) error { return nil } +func (c *Controller) syncIPFinalizer() error { + // migrate depreciated finalizer to new finalizer + ips, err := c.ipsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list ips, %v", err) + return err + } + for _, cachedIP := range ips { + patch, err := c.ReplaceFinalizer(cachedIP) + if err != nil { + klog.Errorf("failed to sync finalizer for ip %s, %v", cachedIP.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().IPs().Patch(context.Background(), cachedIP.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for ip %s, %v", cachedIP.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddIPFinalizer(cachedIP *kubeovnv1.IP, finalizer string) error { if cachedIP.DeletionTimestamp.IsZero() { if slices.Contains(cachedIP.Finalizers, finalizer) { @@ -535,7 +566,7 @@ func (c *Controller) createOrUpdateIPCR(ipCRName, podName, ip, mac, subnetName, } } - if err := c.handleAddIPFinalizer(ipCR, util.ControllerName); err != nil { + if err := c.handleAddIPFinalizer(ipCR, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to handle add ip finalizer %v", err) return err } diff --git a/pkg/controller/ovn_dnat.go b/pkg/controller/ovn_dnat.go index 77b6bbf5f89..1a788e7a8b5 100644 --- a/pkg/controller/ovn_dnat.go +++ b/pkg/controller/ovn_dnat.go @@ -301,7 +301,7 @@ func (c *Controller) handleAddOvnDnatRule(key string) error { return err } - if err := c.handleAddOvnDnatFinalizer(cachedDnat, util.ControllerName); err != nil { + if err := c.handleAddOvnDnatFinalizer(cachedDnat, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to add finalizer for ovn dnat %s, %v", cachedDnat.Name, err) return err } @@ -348,7 +348,7 @@ func (c *Controller) handleDelOvnDnatRule(key string) error { return err } } - if err = c.handleDelOvnDnatFinalizer(cachedDnat, util.ControllerName); err != nil { + if err = c.handleDelOvnDnatFinalizer(cachedDnat, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to remove finalizer for ovn dnat %s, %v", cachedDnat.Name, err) return err } @@ -660,6 +660,39 @@ func (c *Controller) DelDnatRule(vpcName, dnatName, externalIP, externalPort str return nil } +func (c *Controller) syncOvnDnatFinalizer() error { + // migrate depreciated finalizer to new finalizer + dnats, err := c.ovnDnatRulesLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list dnats, %v", err) + return err + } + for _, cachedDnat := range dnats { + if len(cachedDnat.Finalizers) == 0 { + continue + } + patch, err := c.ReplaceFinalizer(cachedDnat) + if err != nil { + klog.Errorf("failed to sync finalizer for dnat %s, %v", cachedDnat.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().OvnDnatRules().Patch(context.Background(), cachedDnat.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for dnat %s, %v", cachedDnat.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddOvnDnatFinalizer(cachedDnat *kubeovnv1.OvnDnatRule, finalizer string) error { if cachedDnat.DeletionTimestamp.IsZero() { if slices.Contains(cachedDnat.Finalizers, finalizer) { diff --git a/pkg/controller/ovn_eip.go b/pkg/controller/ovn_eip.go index a18fcc465d0..e0bfd060d66 100644 --- a/pkg/controller/ovn_eip.go +++ b/pkg/controller/ovn_eip.go @@ -268,7 +268,7 @@ func (c *Controller) handleAddOvnEip(key string) error { return err } } - if err = c.handleAddOvnEipFinalizer(cachedEip, util.ControllerName); err != nil { + if err = c.handleAddOvnEipFinalizer(cachedEip, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to add finalizer for ovn eip, %v", err) return err } @@ -343,7 +343,7 @@ func (c *Controller) handleDelOvnEip(key string) error { } } - if err = c.handleDelOvnEipFinalizer(eip, util.ControllerName); err != nil { + if err = c.handleDelOvnEipFinalizer(eip, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to handle remove ovn eip finalizer , %v", err) return err } @@ -584,6 +584,39 @@ func (c *Controller) natLabelAndAnnoOvnEip(eipName, natName, vpcName string) err return err } +func (c *Controller) syncOvnEipFinalizer() error { + // migrate depreciated finalizer to new finalizer + eips, err := c.ovnEipsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list eips, %v", err) + return err + } + for _, cachedEip := range eips { + if len(cachedEip.Finalizers) == 0 { + continue + } + patch, err := c.ReplaceFinalizer(cachedEip) + if err != nil { + klog.Errorf("failed to sync finalizer for eip %s, %v", cachedEip.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().OvnEips().Patch(context.Background(), cachedEip.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for eip %s, %v", cachedEip.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddOvnEipFinalizer(cachedEip *kubeovnv1.OvnEip, finalizer string) error { if cachedEip.DeletionTimestamp.IsZero() { if slices.Contains(cachedEip.Finalizers, finalizer) { diff --git a/pkg/controller/ovn_fip.go b/pkg/controller/ovn_fip.go index a78a6d37b1b..2a867ec87ba 100644 --- a/pkg/controller/ovn_fip.go +++ b/pkg/controller/ovn_fip.go @@ -296,7 +296,7 @@ func (c *Controller) handleAddOvnFip(key string) error { return err } - if err = c.handleAddOvnFipFinalizer(cachedFip, util.ControllerName); err != nil { + if err = c.handleAddOvnFipFinalizer(cachedFip, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to add finalizer for ovn fip, %v", err) return err } @@ -463,7 +463,7 @@ func (c *Controller) handleDelOvnFip(key string) error { return err } } - if err = c.handleDelOvnFipFinalizer(cachedFip, util.ControllerName); err != nil { + if err = c.handleDelOvnFipFinalizer(cachedFip, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to remove finalizer for ovn fip %s, %v", cachedFip.Name, err) return err } @@ -599,6 +599,36 @@ func (c *Controller) GetOvnEip(eipName string) (*kubeovnv1.OvnEip, error) { return cachedEip, nil } +func (c *Controller) syncOvnFipFinalizer() error { + // migrate depreciated finalizer to new finalizer + fips, err := c.ovnFipsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list fips, %v", err) + return err + } + for _, cachedFip := range fips { + patch, err := c.ReplaceFinalizer(cachedFip) + if err != nil { + klog.Errorf("failed to sync finalizer for fip %s, %v", cachedFip.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().OvnFips().Patch(context.Background(), cachedFip.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for fip %s, %v", cachedFip.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddOvnFipFinalizer(cachedFip *kubeovnv1.OvnFip, finalizer string) error { if cachedFip.DeletionTimestamp.IsZero() { if slices.Contains(cachedFip.Finalizers, finalizer) { diff --git a/pkg/controller/ovn_snat.go b/pkg/controller/ovn_snat.go index a49b3af2a1a..1be94d1f31e 100644 --- a/pkg/controller/ovn_snat.go +++ b/pkg/controller/ovn_snat.go @@ -8,6 +8,7 @@ import ( k8serrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/client-go/tools/cache" @@ -257,7 +258,7 @@ func (c *Controller) handleAddOvnSnatRule(key string) error { klog.Errorf("failed to create snat, %v", err) return err } - if err := c.handleAddOvnSnatFinalizer(cachedSnat, util.ControllerName); err != nil { + if err := c.handleAddOvnSnatFinalizer(cachedSnat, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to add finalizer for ovn snat %s, %v", cachedSnat.Name, err) return err } @@ -419,7 +420,7 @@ func (c *Controller) handleDelOvnSnatRule(key string) error { return err } } - if err = c.handleDelOvnSnatFinalizer(cachedSnat, util.ControllerName); err != nil { + if err = c.handleDelOvnSnatFinalizer(cachedSnat, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to remove finalizer for ovn snat %s, %v", cachedSnat.Name, err) return err } @@ -542,6 +543,36 @@ func (c *Controller) ovnSnatChangeEip(snat *kubeovnv1.OvnSnatRule, eip *kubeovnv return false } +func (c *Controller) syncOvnSnatFinalizer() error { + // migrate depreciated finalizer to new finalizer + snats, err := c.ovnSnatRulesLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list snats, %v", err) + return err + } + for _, cachedSnat := range snats { + patch, err := c.ReplaceFinalizer(cachedSnat) + if err != nil { + klog.Errorf("failed to sync finalizer for snat %s, %v", cachedSnat.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().OvnSnatRules().Patch(context.Background(), cachedSnat.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for snat %s, %v", cachedSnat.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddOvnSnatFinalizer(cachedSnat *kubeovnv1.OvnSnatRule, finalizer string) error { if cachedSnat.DeletionTimestamp.IsZero() { if slices.Contains(cachedSnat.Finalizers, finalizer) { diff --git a/pkg/controller/qos_policy.go b/pkg/controller/qos_policy.go index a0f667f55cd..86e46ad72cd 100644 --- a/pkg/controller/qos_policy.go +++ b/pkg/controller/qos_policy.go @@ -265,7 +265,7 @@ func (c *Controller) handleDelQoSPoliciesFinalizer(key string) error { return nil } newQoSPolicies := cachedQoSPolicies.DeepCopy() - controllerutil.RemoveFinalizer(newQoSPolicies, util.ControllerName) + controllerutil.RemoveFinalizer(newQoSPolicies, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedQoSPolicies, newQoSPolicies) if err != nil { klog.Errorf("failed to generate patch payload for qos '%s', %v", cachedQoSPolicies.Name, err) @@ -282,6 +282,36 @@ func (c *Controller) handleDelQoSPoliciesFinalizer(key string) error { return nil } +func (c *Controller) syncQoSPolicyFinalizer() error { + // migrate depreciated finalizer to new finalizer + qosPolicies, err := c.qosPoliciesLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list policy, %v", err) + return err + } + for _, cachedPolicy := range qosPolicies { + patch, err := c.ReplaceFinalizer(cachedPolicy) + if err != nil { + klog.Errorf("failed to sync finalizer for policy %s, %v", cachedPolicy.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().QoSPolicies().Patch(context.Background(), cachedPolicy.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for policy %s, %v", cachedPolicy.Name, err) + return err + } + } + } + return nil +} + func diffQoSPolicyBandwidthLimitRules(oldList, newList kubeovnv1.QoSPolicyBandwidthLimitRules) (added, deleted, updated kubeovnv1.QoSPolicyBandwidthLimitRules) { added = kubeovnv1.QoSPolicyBandwidthLimitRules{} deleted = kubeovnv1.QoSPolicyBandwidthLimitRules{} @@ -521,12 +551,12 @@ func (c *Controller) handleAddQoSPolicyFinalizer(key string) error { return err } if cachedQoSPolicy.DeletionTimestamp.IsZero() { - if slices.Contains(cachedQoSPolicy.Finalizers, util.ControllerName) { + if slices.Contains(cachedQoSPolicy.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newQoSPolicy := cachedQoSPolicy.DeepCopy() - controllerutil.AddFinalizer(newQoSPolicy, util.ControllerName) + controllerutil.AddFinalizer(newQoSPolicy, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedQoSPolicy, newQoSPolicy) if err != nil { klog.Errorf("failed to generate patch payload for qos '%s', %v", cachedQoSPolicy.Name, err) diff --git a/pkg/controller/subnet.go b/pkg/controller/subnet.go index f95994d18f2..a9567cd7e92 100644 --- a/pkg/controller/subnet.go +++ b/pkg/controller/subnet.go @@ -479,10 +479,40 @@ func checkAndUpdateExcludeIPs(subnet *kubeovnv1.Subnet) bool { return changed } +func (c *Controller) syncSubnetFinalizer() error { + // migrate depreciated finalizer to new finalizer + subnets, err := c.subnetsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list subnets, %v", err) + return err + } + for _, cachedSubnet := range subnets { + patch, err := c.ReplaceFinalizer(cachedSubnet) + if err != nil { + klog.Errorf("failed to sync finalizer for subnet %s, %v", cachedSubnet.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().Subnets().Patch(context.Background(), cachedSubnet.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for subnet %s, %v", cachedSubnet.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleSubnetFinalizer(subnet *kubeovnv1.Subnet) (bool, error) { - if subnet.DeletionTimestamp.IsZero() && !slices.Contains(subnet.Finalizers, util.ControllerName) { + if subnet.DeletionTimestamp.IsZero() && !slices.Contains(subnet.Finalizers, util.KubeOVNControllerFinalizer) { newSubnet := subnet.DeepCopy() - newSubnet.Finalizers = append(newSubnet.Finalizers, util.ControllerName) + newSubnet.Finalizers = append(newSubnet.Finalizers, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(subnet, newSubnet) if err != nil { klog.Errorf("failed to generate patch payload for subnet '%s', %v", subnet.Name, err) @@ -506,7 +536,7 @@ func (c *Controller) handleSubnetFinalizer(subnet *kubeovnv1.Subnet) (bool, erro u2oInterconnIP := subnet.Status.U2OInterconnectionIP if !subnet.DeletionTimestamp.IsZero() && (usingIPs == 0 || (usingIPs == 1 && u2oInterconnIP != "")) { newSubnet := subnet.DeepCopy() - newSubnet.Finalizers = util.RemoveString(newSubnet.Finalizers, util.ControllerName) + newSubnet.Finalizers = util.RemoveString(newSubnet.Finalizers, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(subnet, newSubnet) if err != nil { klog.Errorf("failed to generate patch payload for subnet '%s', %v", subnet.Name, err) diff --git a/pkg/controller/vip.go b/pkg/controller/vip.go index 3657168f562..55d9edbc0e3 100644 --- a/pkg/controller/vip.go +++ b/pkg/controller/vip.go @@ -10,6 +10,7 @@ import ( k8serrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/client-go/tools/cache" @@ -649,12 +650,12 @@ func (c *Controller) handleAddVipFinalizer(key string) error { return err } if cachedVip.DeletionTimestamp.IsZero() { - if slices.Contains(cachedVip.Finalizers, util.ControllerName) { + if slices.Contains(cachedVip.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newVip := cachedVip.DeepCopy() - controllerutil.AddFinalizer(newVip, util.ControllerName) + controllerutil.AddFinalizer(newVip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedVip, newVip) if err != nil { klog.Errorf("failed to generate patch payload for ovn eip '%s', %v", cachedVip.Name, err) @@ -684,7 +685,7 @@ func (c *Controller) handleDelVipFinalizer(key string) error { return nil } newVip := cachedVip.DeepCopy() - controllerutil.RemoveFinalizer(newVip, util.ControllerName) + controllerutil.RemoveFinalizer(newVip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedVip, newVip) if err != nil { klog.Errorf("failed to generate patch payload for ovn eip '%s', %v", cachedVip.Name, err) @@ -700,3 +701,33 @@ func (c *Controller) handleDelVipFinalizer(key string) error { } return nil } + +func (c *Controller) syncVipFinalizer() error { + // migrate depreciated finalizer to new finalizer + vips, err := c.virtualIpsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list vips, %v", err) + return err + } + for _, cachedVip := range vips { + patch, err := c.ReplaceFinalizer(cachedVip) + if err != nil { + klog.Errorf("failed to sync finalizer for vip %s, %v", cachedVip.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().Vips().Patch(context.Background(), cachedVip.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for vip %s, %v", cachedVip.Name, err) + return err + } + } + } + return nil +} diff --git a/pkg/controller/vpc_nat_gw_eip.go b/pkg/controller/vpc_nat_gw_eip.go index 017a4eacfdb..dd8fbdd936e 100644 --- a/pkg/controller/vpc_nat_gw_eip.go +++ b/pkg/controller/vpc_nat_gw_eip.go @@ -750,6 +750,36 @@ func (c *Controller) createOrUpdateEipCR(key, v4ip, v6ip, mac, natGwDp, qos, ext return nil } +func (c *Controller) syncIptablesEipFinalizer() error { + // migrate depreciated finalizer to new finalizer + eips, err := c.iptablesEipsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list eips, %v", err) + return err + } + for _, cachedEip := range eips { + patch, err := c.ReplaceFinalizer(cachedEip) + if err != nil { + klog.Errorf("failed to sync finalizer for eip %s, %v", cachedEip.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().IptablesEIPs().Patch(context.Background(), cachedEip.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for eip %s, %v", cachedEip.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddIptablesEipFinalizer(key string) error { cachedIptablesEip, err := c.iptablesEipsLister.Get(key) if err != nil { @@ -760,12 +790,12 @@ func (c *Controller) handleAddIptablesEipFinalizer(key string) error { return err } if cachedIptablesEip.DeletionTimestamp.IsZero() { - if slices.Contains(cachedIptablesEip.Finalizers, util.ControllerName) { + if slices.Contains(cachedIptablesEip.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newIptablesEip := cachedIptablesEip.DeepCopy() - controllerutil.AddFinalizer(newIptablesEip, util.ControllerName) + controllerutil.AddFinalizer(newIptablesEip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesEip, newIptablesEip) if err != nil { klog.Errorf("failed to generate patch payload for iptables eip '%s', %v", cachedIptablesEip.Name, err) @@ -795,7 +825,7 @@ func (c *Controller) handleDelIptablesEipFinalizer(key string) error { return nil } newIptablesEip := cachedIptablesEip.DeepCopy() - controllerutil.RemoveFinalizer(newIptablesEip, util.ControllerName) + controllerutil.RemoveFinalizer(newIptablesEip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesEip, newIptablesEip) if err != nil { klog.Errorf("failed to generate patch payload for iptables eip '%s', %v", cachedIptablesEip.Name, err) diff --git a/pkg/controller/vpc_nat_gw_nat.go b/pkg/controller/vpc_nat_gw_nat.go index 44328254394..1ac75aded9f 100644 --- a/pkg/controller/vpc_nat_gw_nat.go +++ b/pkg/controller/vpc_nat_gw_nat.go @@ -1044,6 +1044,36 @@ func (c *Controller) handleDelIptablesSnatRule(key string) error { return nil } +func (c *Controller) syncIptablesFipFinalizer() error { + // migrate depreciated finalizer to new finalizer + fips, err := c.iptablesFipsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list fips, %v", err) + return err + } + for _, cachedFip := range fips { + patch, err := c.ReplaceFinalizer(cachedFip) + if err != nil { + klog.Errorf("failed to sync finalizer for fip %s, %v", cachedFip.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().IptablesFIPRules().Patch(context.Background(), cachedFip.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for fip %s, %v", cachedFip.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddIptablesFipFinalizer(key string) error { cachedIptablesFip, err := c.iptablesFipsLister.Get(key) if err != nil { @@ -1054,12 +1084,12 @@ func (c *Controller) handleAddIptablesFipFinalizer(key string) error { return err } if cachedIptablesFip.DeletionTimestamp.IsZero() { - if slices.Contains(cachedIptablesFip.Finalizers, util.ControllerName) { + if slices.Contains(cachedIptablesFip.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newIptablesFip := cachedIptablesFip.DeepCopy() - controllerutil.AddFinalizer(newIptablesFip, util.ControllerName) + controllerutil.AddFinalizer(newIptablesFip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesFip, newIptablesFip) if err != nil { klog.Errorf("failed to generate patch payload for iptables fip '%s', %v", cachedIptablesFip.Name, err) @@ -1089,7 +1119,7 @@ func (c *Controller) handleDelIptablesFipFinalizer(key string) error { return nil } newIptablesFip := cachedIptablesFip.DeepCopy() - controllerutil.RemoveFinalizer(newIptablesFip, util.ControllerName) + controllerutil.RemoveFinalizer(newIptablesFip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesFip, newIptablesFip) if err != nil { klog.Errorf("failed to generate patch payload for iptables fip '%s', %v", cachedIptablesFip.Name, err) @@ -1106,6 +1136,36 @@ func (c *Controller) handleDelIptablesFipFinalizer(key string) error { return nil } +func (c *Controller) syncIptablesDnatFinalizer() error { + // migrate depreciated finalizer to new finalizer + dnats, err := c.iptablesDnatRulesLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list dnats, %v", err) + return err + } + for _, cachedDnat := range dnats { + patch, err := c.ReplaceFinalizer(cachedDnat) + if err != nil { + klog.Errorf("failed to sync finalizer for dnat %s, %v", cachedDnat.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().IptablesDnatRules().Patch(context.Background(), cachedDnat.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for dnat %s, %v", cachedDnat.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddIptablesDnatFinalizer(key string) error { cachedIptablesDnat, err := c.iptablesDnatRulesLister.Get(key) if err != nil { @@ -1116,12 +1176,12 @@ func (c *Controller) handleAddIptablesDnatFinalizer(key string) error { return err } if cachedIptablesDnat.DeletionTimestamp.IsZero() { - if slices.Contains(cachedIptablesDnat.Finalizers, util.ControllerName) { + if slices.Contains(cachedIptablesDnat.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newIptablesDnat := cachedIptablesDnat.DeepCopy() - controllerutil.AddFinalizer(newIptablesDnat, util.ControllerName) + controllerutil.AddFinalizer(newIptablesDnat, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesDnat, newIptablesDnat) if err != nil { klog.Errorf("failed to generate patch payload for iptables dnat '%s', %v", cachedIptablesDnat.Name, err) @@ -1151,7 +1211,7 @@ func (c *Controller) handleDelIptablesDnatFinalizer(key string) error { return nil } newIptablesDnat := cachedIptablesDnat.DeepCopy() - controllerutil.RemoveFinalizer(newIptablesDnat, util.ControllerName) + controllerutil.RemoveFinalizer(newIptablesDnat, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesDnat, newIptablesDnat) if err != nil { klog.Errorf("failed to generate patch payload for iptables dnat '%s', %v", cachedIptablesDnat.Name, err) @@ -1219,6 +1279,36 @@ func (c *Controller) patchFipLabel(key string, eip *kubeovnv1.IptablesEIP) error return nil } +func (c *Controller) syncIptablesSnatFinalizer() error { + // migrate depreciated finalizer to new finalizer + snats, err := c.iptablesSnatRulesLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list snats, %v", err) + return err + } + for _, cachedSnat := range snats { + patch, err := c.ReplaceFinalizer(cachedSnat) + if err != nil { + klog.Errorf("failed to sync finalizer for snat %s, %v", cachedSnat.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().IptablesSnatRules().Patch(context.Background(), cachedSnat.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for dnat %s, %v", cachedSnat.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddIptablesSnatFinalizer(key string) error { cachedIptablesSnat, err := c.iptablesSnatRulesLister.Get(key) if err != nil { @@ -1229,12 +1319,12 @@ func (c *Controller) handleAddIptablesSnatFinalizer(key string) error { return err } if cachedIptablesSnat.DeletionTimestamp.IsZero() { - if slices.Contains(cachedIptablesSnat.Finalizers, util.ControllerName) { + if slices.Contains(cachedIptablesSnat.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newIptablesSnat := cachedIptablesSnat.DeepCopy() - controllerutil.AddFinalizer(newIptablesSnat, util.ControllerName) + controllerutil.AddFinalizer(newIptablesSnat, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesSnat, newIptablesSnat) if err != nil { klog.Errorf("failed to generate patch payload for iptables snat '%s', %v", cachedIptablesSnat.Name, err) @@ -1264,7 +1354,7 @@ func (c *Controller) handleDelIptablesSnatFinalizer(key string) error { return nil } newIptablesSnat := cachedIptablesSnat.DeepCopy() - controllerutil.RemoveFinalizer(newIptablesSnat, util.ControllerName) + controllerutil.RemoveFinalizer(newIptablesSnat, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesSnat, newIptablesSnat) if err != nil { klog.Errorf("failed to generate patch payload for iptables snat '%s', %v", cachedIptablesSnat.Name, err) diff --git a/pkg/util/const.go b/pkg/util/const.go index 30cc990e313..6a391d89f4f 100644 --- a/pkg/util/const.go +++ b/pkg/util/const.go @@ -3,7 +3,8 @@ package util const ( CniTypeName = "kube-ovn" - ControllerName = "kube-ovn-controller" + DepreciatedFinalizerName = "kube-ovn-controller" + KubeOVNControllerFinalizer = "kubeovn.io/kube-ovn-controller" AllocatedAnnotation = "ovn.kubernetes.io/allocated" RoutedAnnotation = "ovn.kubernetes.io/routed" diff --git a/test/e2e/kube-ovn/subnet/subnet.go b/test/e2e/kube-ovn/subnet/subnet.go index cddea940ee4..8c784c3ba88 100644 --- a/test/e2e/kube-ovn/subnet/subnet.go +++ b/test/e2e/kube-ovn/subnet/subnet.go @@ -148,7 +148,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -206,7 +206,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -251,7 +251,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -301,7 +301,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -345,7 +345,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -388,7 +388,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.PatchSync(subnet, modifiedSubnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -444,7 +444,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating centralized subnet with active-standby mode") framework.ExpectFalse(subnet.Spec.EnableEcmp) @@ -947,7 +947,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet load-balancer records exist") - framework.ExpectContainElement(subnet.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.Finalizers, util.KubeOVNControllerFinalizer) execCmd := "kubectl ko nbctl --format=csv --data=bare --no-heading --columns=load_balancer find logical-switch " + fmt.Sprintf("name=%s", subnetName) output, err := exec.Command("bash", "-c", execCmd).CombinedOutput() framework.ExpectNoError(err)