diff --git a/CHANGELOG.md b/CHANGELOG.md index 21b3da736387..588c305a87cf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,80 @@ # Changelog +## v1.12.5 (2024-02-21) + + * [b45c8339](https://github.com/kubeovn/kube-ovn/commit/b45c8339ab370c3c68d532ebbe475781d982251c) release v1.12.5 + * [aeeb3c7b](https://github.com/kubeovn/kube-ovn/commit/aeeb3c7b562e312e108db7bf46b463cba34f76aa) ci: bump github actions + * [71e5da7b](https://github.com/kubeovn/kube-ovn/commit/71e5da7b13a1e5adc2ca90e2cacaf45ca8497b0a) ci: bump azure/setup-helm to v4.0.0 (#3743) + * [1d544554](https://github.com/kubeovn/kube-ovn/commit/1d544554c231eb4e86ed28056d720e2bb4fee8bd) base: install libmnl0 instead of libmnl-dev (#3745) + * [669ed067](https://github.com/kubeovn/kube-ovn/commit/669ed067e0374344a2b86a8eacb8ad14b3ca0cf3) ci: collect ko logs for all kind clusters (#3744) + * [b9224483](https://github.com/kubeovn/kube-ovn/commit/b9224483defc22663368bad0ac6e00ec596f524c) ci: fix ovn ic log file name (#3742) + * [5e5fd728](https://github.com/kubeovn/kube-ovn/commit/5e5fd728d06d7b3f4c7dabc853f3cae10c45d267) ci: bump kind and node image + * [cc8c9ab6](https://github.com/kubeovn/kube-ovn/commit/cc8c9ab664b19adbcd4ef95a6f23468c393b7e9d) update chart relase action workflow (#3728,#3734,#3691) (#3738) + * [b3d8fca7](https://github.com/kubeovn/kube-ovn/commit/b3d8fca7d21e88708fedbb0095ccf7d229714ef8) remove invalid ovs build option (#3733) + * [2aa3311e](https://github.com/kubeovn/kube-ovn/commit/2aa3311e92ba54d4285c904016db89877243b361) dpdk: remove unnecessary ovn patch (#3736) + * [8e0e4b17](https://github.com/kubeovn/kube-ovn/commit/8e0e4b17fd08891a5bd3dd98a6d7c9855ef5cbe2) Fix: Resolve issue with skipped execution of sg annotations (#3700) + * [ae895e2e](https://github.com/kubeovn/kube-ovn/commit/ae895e2e3b458a2d09325d903685f45ea3e342cf) fix: all gw nodes (#3723) + * [bffef867](https://github.com/kubeovn/kube-ovn/commit/bffef867bec988e882543983559346fbc95e57b9) ovn: remove unnecessary patch (#3720) + * [764580fa](https://github.com/kubeovn/kube-ovn/commit/764580fa86453d51aeff81c2eb9892dcb3811854) ci: fix artifact upload + * [c71e3949](https://github.com/kubeovn/kube-ovn/commit/c71e3949b1cba6fdd253f8d320f57d6e31ed361e) bump k8s to v1.27.10 (#3693) + * [f9c80e12](https://github.com/kubeovn/kube-ovn/commit/f9c80e12735f1db13e17fdd979118c5bcf9a3ec4) fix backport (#3697) + * [50b6506d](https://github.com/kubeovn/kube-ovn/commit/50b6506d6350cecdd30692be2bda093821063d12) remove unused (#3696) + * [a0e3b679](https://github.com/kubeovn/kube-ovn/commit/a0e3b67986458081ece100ed91f232419b720060) kube-ovn-controller: remove unused codes (#3692) + * [8da2239c](https://github.com/kubeovn/kube-ovn/commit/8da2239c8689bff681f59a9885e9d05cb0046f32) remove fip controller (#3684) + * [51a3c1e4](https://github.com/kubeovn/kube-ovn/commit/51a3c1e40867f42e349b6bdd704c98340945139d) build(deps): bump github.com/osrg/gobgp/v3 from 3.22.0 to 3.23.0 (#3688) + * [6d1cbd3c](https://github.com/kubeovn/kube-ovn/commit/6d1cbd3c9634e46501bfd55888caf571ef2bd655) Compatible with controller deployment methods before kube-ovn 1.11.16 (#3677) + * [ea918989](https://github.com/kubeovn/kube-ovn/commit/ea918989b5e907cbfafbcdd054e9ab37a95c2da7) set after genev_sys_6081 started (#3680) + * [c16b634e](https://github.com/kubeovn/kube-ovn/commit/c16b634e5396c116ae2dcee8233180315f016fe8) ovn: add nb option version_compatibility (#3671) + * [29587118](https://github.com/kubeovn/kube-ovn/commit/295871187c68448e93ea904e7f2fad1a0659e5f0) Makefile: fix install/upgrade chart (#3678) + * [822df375](https://github.com/kubeovn/kube-ovn/commit/822df3752e9a37a4de8d955156a5a3007bd25e98) ovn: do not send direct traffic between lports to conntrack (#3663) + * [130f06cb](https://github.com/kubeovn/kube-ovn/commit/130f06cb73c6d21c89a651b10b5b94925d62cc25) ovn-ic-ecmp refactor 1.12 (#3637) + * [8c75820a](https://github.com/kubeovn/kube-ovn/commit/8c75820aa4b5cb582db95976fb233e2d92c32d00) build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0 (#3669) + * [0da94b58](https://github.com/kubeovn/kube-ovn/commit/0da94b5893a21bb9a2143167fb0491b2b175a781) fix 409 (#3662) + * [b2f7da5f](https://github.com/kubeovn/kube-ovn/commit/b2f7da5fc24bb50ae3358e05c065b35eda9c5e54) fix nil pointer (#3661) + * [51e32914](https://github.com/kubeovn/kube-ovn/commit/51e32914a870dd76d984c8132ac462dfc66139f2) chart: fix parsing image tag when the image url contains a port (#3644) + * [a9d896ab](https://github.com/kubeovn/kube-ovn/commit/a9d896ab4164fdbd41b1cde2fff98be6263c2d7b) ovs: reduce cpu utilization (#3650) + * [2f7fdb29](https://github.com/kubeovn/kube-ovn/commit/2f7fdb29a6412130f2ad08a7bd71ab7ed58deab9) kube-ovn-monitor and kube-ovn-pinger export pprof path (#3657) + * [62568275](https://github.com/kubeovn/kube-ovn/commit/62568275e92657fbb9c2edf179cbc813296bc97c) build(deps): bump github.com/onsi/gomega from 1.30.0 to 1.31.0 (#3641) + * [53e712d2](https://github.com/kubeovn/kube-ovn/commit/53e712d2e63edb81595afcad04eb9535962d1edd) build(deps): bump actions/cache from 3 to 4 (#3643) + * [4dbe9342](https://github.com/kubeovn/kube-ovn/commit/4dbe93429fb97ab36a5c5e905bb07e9c10cdb856) build(deps): bump github.com/onsi/ginkgo/v2 from 2.14.0 to 2.15.0 (#3642) + * [141ceaaa](https://github.com/kubeovn/kube-ovn/commit/141ceaaa381ca49fa848e10b18c58e60a961eb90) SYSCTL_IPV4_IP_NO_PMTU_DISC set default to 0 + * [754b172c](https://github.com/kubeovn/kube-ovn/commit/754b172c93678eb69863a9922580403d61eba18b) build(deps): bump github.com/evanphx/json-patch/v5 from 5.7.0 to 5.8.0 (#3628) + * [fc988842](https://github.com/kubeovn/kube-ovn/commit/fc988842abd33f55462e26fb8054c13f878c1a31) chart: fix ovs-ovn upgrade (#3613) + * [216c9292](https://github.com/kubeovn/kube-ovn/commit/216c92927a32ce1c3709d66f0a4c3227c8463680) build(deps): bump github.com/emicklei/go-restful/v3 (#3619) + * [74c5b8a0](https://github.com/kubeovn/kube-ovn/commit/74c5b8a03881af867a4ed9e22b537daea77ce36e) build(deps): bump github.com/emicklei/go-restful/v3 (#3606) + * [91be66f1](https://github.com/kubeovn/kube-ovn/commit/91be66f1ee16d8adb52e2f09e2944468abd2a364) update policy route when subnet cidr is changed (#3587) + * [c3f6e3c2](https://github.com/kubeovn/kube-ovn/commit/c3f6e3c245d949a7c781c7f60c33114087741e92) update ipset to v7.17 (#3601) + * [05d0334e](https://github.com/kubeovn/kube-ovn/commit/05d0334e965d22dca9abd0ee85726f58dbb7c919) ovs: increase cpu limit to 2 cores (#3530) + * [8f4220c6](https://github.com/kubeovn/kube-ovn/commit/8f4220c613f5ec6ef4aaa525468b5b892c9b7ba5) build(deps): bump github.com/osrg/gobgp/v3 from 3.21.0 to 3.22.0 (#3603) + * [4b859054](https://github.com/kubeovn/kube-ovn/commit/4b859054fc7f29f6a4730fc9b20ba9b3305a853a) do not count ips in excludeIPs as available and using IPs (#3582) + * [f4311ab0](https://github.com/kubeovn/kube-ovn/commit/f4311ab07f5785a6a7a2a1131f404a89bcd80006) fix security issue (#3588) + * [9f74ee32](https://github.com/kubeovn/kube-ovn/commit/9f74ee32d18cfebee61b1e7e17ec39cebbe04cc4) ovn0 ipv6 addr gen mode set 0 (#3579) + * [958aab96](https://github.com/kubeovn/kube-ovn/commit/958aab96fb1e3daa4e2f60412ab32ea673690949) fix: add err log (#3572) + * [ad3f674a](https://github.com/kubeovn/kube-ovn/commit/ad3f674a289c2a73aecb2c67c54cf9b7f6c258fe) build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (#3571) + * [acb9e97f](https://github.com/kubeovn/kube-ovn/commit/acb9e97fa6a38f9c89193ca25a51e0c2f6ccd01c) Makefile: fix kwok installation (#3561) + * [db2aeeba](https://github.com/kubeovn/kube-ovn/commit/db2aeeba2a0673d770213a89043b3505cc753a5d) fix u2o infinity recycle + * [32604cf1](https://github.com/kubeovn/kube-ovn/commit/32604cf135c9b2fb1a06f3db4c154d082efcdc80) do not calculate subnet.spec.excludeIPs as availableIPs (#3550) + * [999dc618](https://github.com/kubeovn/kube-ovn/commit/999dc618c77a11bec314013ded0c0985ccd4a271) add np prefix to networkpolicy name when networkpolicy's name starts with number (#3551) + * [2249e24e](https://github.com/kubeovn/kube-ovn/commit/2249e24e900687525ac6ed5712e7d3084789990a) fix: apply changes to the latest version (#3514) + * [1b27c414](https://github.com/kubeovn/kube-ovn/commit/1b27c414c37fa8382a3a2ae10a26dfa89f393096) fix ovn ic not clean lsp and lrp when az name contains "-" (#3541) + * [81ef8ff4](https://github.com/kubeovn/kube-ovn/commit/81ef8ff44e703fbcb21f784290ff9901ea6e0f6e) build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#3544) + * [cd28464f](https://github.com/kubeovn/kube-ovn/commit/cd28464f4ded3c50462b2fdae722945f7bde1752) Revert "ovn-central: check raft inconsistency from nb/sb logs (#3532)" + * [e88e5b2b](https://github.com/kubeovn/kube-ovn/commit/e88e5b2bbb4f253352570eb4ebcfcbc972bb2194) ovn-central: check raft inconsistency from nb/sb logs (#3532) + * [2a499b42](https://github.com/kubeovn/kube-ovn/commit/2a499b424f19af0ae7246f989c0a21f1773949ab) fix chassis gc (#3525) + * [f07aef03](https://github.com/kubeovn/kube-ovn/commit/f07aef0341ffb5d8fd3d173b69e116d452292c04) prepare for next release + +### Contributors + + * Changlu Yi + * Qinghao Huang + * Zhao Congqi + * bobz965 + * changluyi + * dependabot[bot] + * hzma + * zhangzujian + * 张祖建 + ## v1.12.4 (2023-12-14) * [366e7995](https://github.com/kubeovn/kube-ovn/commit/366e799579d6c485d329dd32ddbb1aba684a47f0) set release v1.12.4 diff --git a/hack/release.sh b/hack/release.sh new file mode 100755 index 000000000000..a05d7d78732d --- /dev/null +++ b/hack/release.sh @@ -0,0 +1,58 @@ +#!/bin/bash +set -euo pipefail +# run hack/release.sh from the project root directory to publish the release + +echo "check status of last commit build" +commit=$(git rev-parse HEAD) +check_status=$(curl https://api.github.com/repos/kubeovn/kube-ovn/commits/$commit/check-runs) +if ! echo $check_status | grep -q '"conclusion": "failure"'; then + echo "last commit build successed" +else + echo "last commit build failed" +fi + + +echo "tag and push image" +VERSION=$(cat VERSION) +docker manifest rm kubeovn/kube-ovn:${VERSION} +docker manifest rm kubeovn/vpc-nat-gateway:${VERSION} + +docker pull kubeovn/kube-ovn:${VERSION}-x86 +docker pull kubeovn/kube-ovn:${VERSION}-arm +docker pull kubeovn/vpc-nat-gateway:${VERSION}-x86 +docker pull kubeovn/vpc-nat-gateway:${VERSION}-arm + +docker manifest create kubeovn/kube-ovn:${VERSION} kubeovn/kube-ovn:${VERSION}-x86 kubeovn/kube-ovn:${VERSION}-arm +docker manifest create kubeovn/vpc-nat-gateway:${VERSION} kubeovn/vpc-nat-gateway:${VERSION}-x86 kubeovn/vpc-nat-gateway:${VERSION}-arm + +docker manifest push kubeovn/kube-ovn:${VERSION} +docker manifest push kubeovn/vpc-nat-gateway:${VERSION} + +echo "modify tag in install.sh and values.yaml" +sed -i '/^VERSION=/c\VERSION="'"${VERSION}"'"' dist/images/install.sh +sed -i 's/tag:\ .*/tag:\ '"${VERSION}"'/' charts/kube-ovn/values.yaml +sed -i 's/version:\ .*/version:\ '"${VERSION}"'/' charts/kube-ovn/Chart.yaml + +echo "commit, tag and push" +git add dist/images/install.sh +git add charts/kube-ovn/values.yaml +git add charts/kube-ovn/Chart.yaml +git commit -m "release ${VERSION}" +git tag ${VERSION} +git push +git push origin --tags + +echo "modify version to next patch number" +NEXT_VERSION=$(cat VERSION | awk -F '.' '{print $1"."$2"."$3+1}') +echo ${NEXT_VERSION} > VERSION +git add VERSION +git commit -m "prepare for next release" +git push + +echo "draft a release" +gh release create $VERSION --draft + +echo "trigger action to build new base" +gh workflow run build-kube-ovn-base.yaml --ref $(git branch --show-current) + +echo "Need to modify the doc version number manually" \ No newline at end of file diff --git a/pkg/controller/controller.go b/pkg/controller/controller.go index b35a2acf7cbb..1c6036b950e6 100644 --- a/pkg/controller/controller.go +++ b/pkg/controller/controller.go @@ -764,6 +764,10 @@ func (c *Controller) Run(ctx context.Context) { util.LogFatalAndExit(err, "failed to sync crd ips") } + if err := c.syncFinalizers(); err != nil { + util.LogFatalAndExit(err, "failed to initialize crd finalizers") + } + if err := c.InitIPAM(); err != nil { util.LogFatalAndExit(err, "failed to initialize ipam") } diff --git a/pkg/controller/endpoint.go b/pkg/controller/endpoint.go index 9115611ad95a..e1184a09fcb3 100644 --- a/pkg/controller/endpoint.go +++ b/pkg/controller/endpoint.go @@ -3,6 +3,7 @@ package controller import ( "context" "fmt" + "time" v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/errors" @@ -202,7 +203,7 @@ func (c *Controller) handleUpdateEndpoint(key string) error { vip = util.JoinHostPort(lbVip, port.Port) if !ignoreHealthCheck { - if checkIP, err = c.getHealthCheckVip(vpcName, subnetName, lbVip); err != nil { + if checkIP, err = c.getHealthCheckVip(subnetName, lbVip); err != nil { klog.Error(err) return err } @@ -294,36 +295,50 @@ func (c *Controller) getVpcSubnetName(pods []*v1.Pod, endpoints *v1.Endpoints, s return vpcName, subnetName } -func (c *Controller) getHealthCheckVip(vpcName, subnetName, lbVip string) (string, error) { +func (c *Controller) getHealthCheckVip(subnetName, lbVip string) (string, error) { var ( - checkVip *kubeovnv1.Vip - checkIP string - err error + needCreateHealthCheckVip bool + checkVip *kubeovnv1.Vip + checkIP string + err error ) - if checkVip, err = c.config.KubeOvnClient.KubeovnV1().Vips().Get(context.Background(), subnetName, metav1.GetOptions{}); err != nil { + checkVip, err = c.virtualIpsLister.Get(subnetName) + if err != nil { if errors.IsNotFound(err) { - if checkVip, err = c.config.KubeOvnClient. - KubeovnV1(). - Vips(). - Create(context.Background(), - &kubeovnv1.Vip{ - ObjectMeta: metav1.ObjectMeta{ - Name: subnetName, - }, - Spec: kubeovnv1.VipSpec{ - Subnet: subnetName, - }, - }, - metav1.CreateOptions{}, - ); err != nil { - klog.Errorf("failed to create health check vip from vpc %s subnet %s, %v", vpcName, subnetName, err) - return checkIP, err - } + needCreateHealthCheckVip = true } else { - klog.Errorf("failed to get health check vip from vpc %s subnet %s, %v", vpcName, subnetName, err) - return checkIP, err + klog.Errorf("failed to get health check vip %s, %v", subnetName, err) + return "", err + } + } + if needCreateHealthCheckVip { + vip := &kubeovnv1.Vip{ + ObjectMeta: metav1.ObjectMeta{ + Name: subnetName, + }, + Spec: kubeovnv1.VipSpec{ + Subnet: subnetName, + }, + } + if _, err = c.config.KubeOvnClient.KubeovnV1().Vips().Create(context.Background(), vip, metav1.CreateOptions{}); err != nil { + klog.Errorf("failed to create health check vip %s, %v", subnetName, err) + return "", err } + + // wait for vip created + time.Sleep(1 * time.Second) + checkVip, err = c.virtualIpsLister.Get(subnetName) + if err != nil { + klog.Errorf("failed to get health check vip %s, %v", subnetName, err) + return "", err + } + } + + if checkVip.Status.V4ip == "" && checkVip.Status.V6ip == "" { + err = fmt.Errorf("failed to get health check vip %s address", subnetName) + klog.Error(err) + return "", err } switch util.CheckProtocol(lbVip) { @@ -333,9 +348,9 @@ func (c *Controller) getHealthCheckVip(vpcName, subnetName, lbVip string) (strin checkIP = checkVip.Status.V6ip } if checkIP == "" { - err = fmt.Errorf("failed to get health check vip from vpc %s subnet %s", vpcName, subnetName) + err = fmt.Errorf("failed to get health check vip subnet %s", subnetName) klog.Error(err) - return checkIP, err + return "", err } return checkIP, nil diff --git a/pkg/controller/init.go b/pkg/controller/init.go index 40944c429c73..5c55f259ea9c 100644 --- a/pkg/controller/init.go +++ b/pkg/controller/init.go @@ -15,6 +15,8 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" "k8s.io/klog/v2" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" kubeovnv1 "github.com/kubeovn/kube-ovn/pkg/apis/kubeovn/v1" "github.com/kubeovn/kube-ovn/pkg/ovs" @@ -585,7 +587,7 @@ func (c *Controller) syncIPCR() error { for _, ipCR := range ips { ip := ipCR.DeepCopy() - if ip.DeletionTimestamp != nil && slices.Contains(ip.Finalizers, util.ControllerName) { + if ip.DeletionTimestamp != nil && slices.Contains(ip.Finalizers, util.KubeOVNControllerFinalizer) { klog.Infof("enqueue update for deleting ip %s", ip.Name) c.updateIPQueue.Add(ip.Name) } @@ -835,3 +837,73 @@ func (c *Controller) initNodeChassis() error { } return nil } + +func (c *Controller) syncFinalizers() error { + // migrate depreciated finalizer to new finalizer + klog.Info("start to sync finalizers") + if err := c.syncIPFinalizer(); err != nil { + klog.Errorf("failed to sync ip finalizer: %v", err) + return err + } + if err := c.syncOvnDnatFinalizer(); err != nil { + klog.Errorf("failed to sync ovn dnat finalizer: %v", err) + return err + } + if err := c.syncOvnEipFinalizer(); err != nil { + klog.Errorf("failed to sync ovn eip finalizer: %v", err) + return err + } + if err := c.syncOvnFipFinalizer(); err != nil { + klog.Errorf("failed to sync ovn fip finalizer: %v", err) + return err + } + if err := c.syncOvnSnatFinalizer(); err != nil { + klog.Errorf("failed to sync ovn snat finalizer: %v", err) + return err + } + if err := c.syncQoSPolicyFinalizer(); err != nil { + klog.Errorf("failed to sync qos policy finalizer: %v", err) + return err + } + if err := c.syncSubnetFinalizer(); err != nil { + klog.Errorf("failed to sync subnet finalizer: %v", err) + return err + } + if err := c.syncVipFinalizer(); err != nil { + klog.Errorf("failed to sync vip finalizer: %v", err) + return err + } + if err := c.syncIptablesEipFinalizer(); err != nil { + klog.Errorf("failed to sync iptables eip finalizer: %v", err) + return err + } + if err := c.syncIptablesFipFinalizer(); err != nil { + klog.Errorf("failed to sync iptables fip finalizer: %v", err) + return err + } + if err := c.syncIptablesDnatFinalizer(); err != nil { + klog.Errorf("failed to sync iptables dnat finalizer: %v", err) + return err + } + if err := c.syncIptablesSnatFinalizer(); err != nil { + klog.Errorf("failed to sync iptables snat finalizer: %v", err) + return err + } + klog.Info("sync finalizers done") + return nil +} + +func (c *Controller) ReplaceFinalizer(cachedObj client.Object) ([]byte, error) { + if controllerutil.ContainsFinalizer(cachedObj, util.DepreciatedFinalizerName) { + newObj := cachedObj.DeepCopyObject().(client.Object) + controllerutil.RemoveFinalizer(newObj, util.DepreciatedFinalizerName) + controllerutil.AddFinalizer(newObj, util.KubeOVNControllerFinalizer) + patch, err := util.GenerateMergePatchPayload(cachedObj, newObj) + if err != nil { + klog.Errorf("failed to generate patch payload for %s, %v", newObj.GetName(), err) + return nil, err + } + return patch, nil + } + return nil, nil +} diff --git a/pkg/controller/ip.go b/pkg/controller/ip.go index b489a0ef350e..d185c7f0f15e 100644 --- a/pkg/controller/ip.go +++ b/pkg/controller/ip.go @@ -11,6 +11,7 @@ import ( k8serrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/client-go/tools/cache" @@ -325,7 +326,7 @@ func (c *Controller) handleUpdateIP(key string) error { klog.Infof("ip cr %s release ipam pod key %s from subnet %s", cachedIP.Name, podKey, cachedIP.Spec.Subnet) c.ipam.ReleaseAddressByPod(podKey, cachedIP.Spec.Subnet) } - if err = c.handleDelIPFinalizer(cachedIP, util.ControllerName); err != nil { + if err = c.handleDelIPFinalizer(cachedIP, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to handle del ip finalizer %v", err) return err } @@ -343,6 +344,36 @@ func (c *Controller) handleDelIP(ip *kubeovnv1.IP) error { return nil } +func (c *Controller) syncIPFinalizer() error { + // migrate depreciated finalizer to new finalizer + ips, err := c.ipsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list ips, %v", err) + return err + } + for _, cachedIP := range ips { + patch, err := c.ReplaceFinalizer(cachedIP) + if err != nil { + klog.Errorf("failed to sync finalizer for ip %s, %v", cachedIP.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().IPs().Patch(context.Background(), cachedIP.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for ip %s, %v", cachedIP.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddIPFinalizer(cachedIP *kubeovnv1.IP, finalizer string) error { if cachedIP.DeletionTimestamp.IsZero() { if slices.Contains(cachedIP.Finalizers, finalizer) { @@ -537,7 +568,7 @@ func (c *Controller) createOrUpdateIPCR(ipCRName, podName, ip, mac, subnetName, } } - if err := c.handleAddIPFinalizer(ipCR, util.ControllerName); err != nil { + if err := c.handleAddIPFinalizer(ipCR, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to handle add ip finalizer %v", err) return err } diff --git a/pkg/controller/ovn_dnat.go b/pkg/controller/ovn_dnat.go index 65c35f843ca4..f9f5c32647df 100644 --- a/pkg/controller/ovn_dnat.go +++ b/pkg/controller/ovn_dnat.go @@ -302,7 +302,7 @@ func (c *Controller) handleAddOvnDnatRule(key string) error { return err } - if err := c.handleAddOvnDnatFinalizer(cachedDnat, util.ControllerName); err != nil { + if err := c.handleAddOvnDnatFinalizer(cachedDnat, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to add finalizer for ovn dnat %s, %v", cachedDnat.Name, err) return err } @@ -349,7 +349,7 @@ func (c *Controller) handleDelOvnDnatRule(key string) error { return err } } - if err = c.handleDelOvnDnatFinalizer(cachedDnat, util.ControllerName); err != nil { + if err = c.handleDelOvnDnatFinalizer(cachedDnat, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to remove finalizer for ovn dnat %s, %v", cachedDnat.Name, err) return err } @@ -661,6 +661,39 @@ func (c *Controller) DelDnatRule(vpcName, dnatName, externalIP, externalPort str return nil } +func (c *Controller) syncOvnDnatFinalizer() error { + // migrate depreciated finalizer to new finalizer + dnats, err := c.ovnDnatRulesLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list dnats, %v", err) + return err + } + for _, cachedDnat := range dnats { + if len(cachedDnat.Finalizers) == 0 { + continue + } + patch, err := c.ReplaceFinalizer(cachedDnat) + if err != nil { + klog.Errorf("failed to sync finalizer for dnat %s, %v", cachedDnat.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().OvnDnatRules().Patch(context.Background(), cachedDnat.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for dnat %s, %v", cachedDnat.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddOvnDnatFinalizer(cachedDnat *kubeovnv1.OvnDnatRule, finalizer string) error { if cachedDnat.DeletionTimestamp.IsZero() { if slices.Contains(cachedDnat.Finalizers, finalizer) { diff --git a/pkg/controller/ovn_eip.go b/pkg/controller/ovn_eip.go index 85ddb9360dbc..0e3c22b32b42 100644 --- a/pkg/controller/ovn_eip.go +++ b/pkg/controller/ovn_eip.go @@ -268,7 +268,7 @@ func (c *Controller) handleAddOvnEip(key string) error { return err } } - if err = c.handleAddOvnEipFinalizer(cachedEip, util.ControllerName); err != nil { + if err = c.handleAddOvnEipFinalizer(cachedEip, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to add finalizer for ovn eip, %v", err) return err } @@ -343,7 +343,7 @@ func (c *Controller) handleDelOvnEip(key string) error { } } - if err = c.handleDelOvnEipFinalizer(eip, util.ControllerName); err != nil { + if err = c.handleDelOvnEipFinalizer(eip, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to handle remove ovn eip finalizer , %v", err) return err } @@ -585,6 +585,39 @@ func (c *Controller) natLabelAndAnnoOvnEip(eipName, natName, vpcName string) err return err } +func (c *Controller) syncOvnEipFinalizer() error { + // migrate depreciated finalizer to new finalizer + eips, err := c.ovnEipsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list eips, %v", err) + return err + } + for _, cachedEip := range eips { + if len(cachedEip.Finalizers) == 0 { + continue + } + patch, err := c.ReplaceFinalizer(cachedEip) + if err != nil { + klog.Errorf("failed to sync finalizer for eip %s, %v", cachedEip.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().OvnEips().Patch(context.Background(), cachedEip.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for eip %s, %v", cachedEip.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddOvnEipFinalizer(cachedEip *kubeovnv1.OvnEip, finalizer string) error { if cachedEip.DeletionTimestamp.IsZero() { if slices.Contains(cachedEip.Finalizers, finalizer) { diff --git a/pkg/controller/ovn_fip.go b/pkg/controller/ovn_fip.go index f5b58bf236dd..3cacba361ab0 100644 --- a/pkg/controller/ovn_fip.go +++ b/pkg/controller/ovn_fip.go @@ -296,7 +296,7 @@ func (c *Controller) handleAddOvnFip(key string) error { return err } - if err = c.handleAddOvnFipFinalizer(cachedFip, util.ControllerName); err != nil { + if err = c.handleAddOvnFipFinalizer(cachedFip, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to add finalizer for ovn fip, %v", err) return err } @@ -464,7 +464,7 @@ func (c *Controller) handleDelOvnFip(key string) error { return err } } - if err = c.handleDelOvnFipFinalizer(cachedFip, util.ControllerName); err != nil { + if err = c.handleDelOvnFipFinalizer(cachedFip, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to remove finalizer for ovn fip %s, %v", cachedFip.Name, err) return err } @@ -600,6 +600,36 @@ func (c *Controller) GetOvnEip(eipName string) (*kubeovnv1.OvnEip, error) { return cachedEip, nil } +func (c *Controller) syncOvnFipFinalizer() error { + // migrate depreciated finalizer to new finalizer + fips, err := c.ovnFipsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list fips, %v", err) + return err + } + for _, cachedFip := range fips { + patch, err := c.ReplaceFinalizer(cachedFip) + if err != nil { + klog.Errorf("failed to sync finalizer for fip %s, %v", cachedFip.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().OvnFips().Patch(context.Background(), cachedFip.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for fip %s, %v", cachedFip.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddOvnFipFinalizer(cachedFip *kubeovnv1.OvnFip, finalizer string) error { if cachedFip.DeletionTimestamp.IsZero() { if slices.Contains(cachedFip.Finalizers, finalizer) { diff --git a/pkg/controller/ovn_snat.go b/pkg/controller/ovn_snat.go index a49b3af2a1a2..1be94d1f31e5 100644 --- a/pkg/controller/ovn_snat.go +++ b/pkg/controller/ovn_snat.go @@ -8,6 +8,7 @@ import ( k8serrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/client-go/tools/cache" @@ -257,7 +258,7 @@ func (c *Controller) handleAddOvnSnatRule(key string) error { klog.Errorf("failed to create snat, %v", err) return err } - if err := c.handleAddOvnSnatFinalizer(cachedSnat, util.ControllerName); err != nil { + if err := c.handleAddOvnSnatFinalizer(cachedSnat, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to add finalizer for ovn snat %s, %v", cachedSnat.Name, err) return err } @@ -419,7 +420,7 @@ func (c *Controller) handleDelOvnSnatRule(key string) error { return err } } - if err = c.handleDelOvnSnatFinalizer(cachedSnat, util.ControllerName); err != nil { + if err = c.handleDelOvnSnatFinalizer(cachedSnat, util.KubeOVNControllerFinalizer); err != nil { klog.Errorf("failed to remove finalizer for ovn snat %s, %v", cachedSnat.Name, err) return err } @@ -542,6 +543,36 @@ func (c *Controller) ovnSnatChangeEip(snat *kubeovnv1.OvnSnatRule, eip *kubeovnv return false } +func (c *Controller) syncOvnSnatFinalizer() error { + // migrate depreciated finalizer to new finalizer + snats, err := c.ovnSnatRulesLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list snats, %v", err) + return err + } + for _, cachedSnat := range snats { + patch, err := c.ReplaceFinalizer(cachedSnat) + if err != nil { + klog.Errorf("failed to sync finalizer for snat %s, %v", cachedSnat.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().OvnSnatRules().Patch(context.Background(), cachedSnat.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for snat %s, %v", cachedSnat.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddOvnSnatFinalizer(cachedSnat *kubeovnv1.OvnSnatRule, finalizer string) error { if cachedSnat.DeletionTimestamp.IsZero() { if slices.Contains(cachedSnat.Finalizers, finalizer) { diff --git a/pkg/controller/pod.go b/pkg/controller/pod.go index 50ba334cb692..da3ec17f7179 100644 --- a/pkg/controller/pod.go +++ b/pkg/controller/pod.go @@ -259,13 +259,13 @@ func (c *Controller) enqueueUpdatePod(oldObj, newObj interface{}) { oldAAPs := strings.Split(oldPod.Annotations[util.AAPsAnnotation], ",") newAAPs := strings.Split(newPod.Annotations[util.AAPsAnnotation], ",") var vipNames []string - for _, oldAAp := range oldAAPs { - vipNames = append(vipNames, strings.TrimSpace(oldAAp)) + for _, vipName := range oldAAPs { + vipNames = append(vipNames, strings.TrimSpace(vipName)) } - for _, newAAP := range newAAPs { - newAAP = strings.TrimSpace(newAAP) - if !slices.Contains(vipNames, newAAP) { - vipNames = append(vipNames, newAAP) + for _, vipName := range newAAPs { + vipName = strings.TrimSpace(vipName) + if !slices.Contains(vipNames, vipName) { + vipNames = append(vipNames, vipName) } } for _, vipName := range vipNames { diff --git a/pkg/controller/qos_policy.go b/pkg/controller/qos_policy.go index a0f667f55cd6..86e46ad72cd5 100644 --- a/pkg/controller/qos_policy.go +++ b/pkg/controller/qos_policy.go @@ -265,7 +265,7 @@ func (c *Controller) handleDelQoSPoliciesFinalizer(key string) error { return nil } newQoSPolicies := cachedQoSPolicies.DeepCopy() - controllerutil.RemoveFinalizer(newQoSPolicies, util.ControllerName) + controllerutil.RemoveFinalizer(newQoSPolicies, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedQoSPolicies, newQoSPolicies) if err != nil { klog.Errorf("failed to generate patch payload for qos '%s', %v", cachedQoSPolicies.Name, err) @@ -282,6 +282,36 @@ func (c *Controller) handleDelQoSPoliciesFinalizer(key string) error { return nil } +func (c *Controller) syncQoSPolicyFinalizer() error { + // migrate depreciated finalizer to new finalizer + qosPolicies, err := c.qosPoliciesLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list policy, %v", err) + return err + } + for _, cachedPolicy := range qosPolicies { + patch, err := c.ReplaceFinalizer(cachedPolicy) + if err != nil { + klog.Errorf("failed to sync finalizer for policy %s, %v", cachedPolicy.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().QoSPolicies().Patch(context.Background(), cachedPolicy.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for policy %s, %v", cachedPolicy.Name, err) + return err + } + } + } + return nil +} + func diffQoSPolicyBandwidthLimitRules(oldList, newList kubeovnv1.QoSPolicyBandwidthLimitRules) (added, deleted, updated kubeovnv1.QoSPolicyBandwidthLimitRules) { added = kubeovnv1.QoSPolicyBandwidthLimitRules{} deleted = kubeovnv1.QoSPolicyBandwidthLimitRules{} @@ -521,12 +551,12 @@ func (c *Controller) handleAddQoSPolicyFinalizer(key string) error { return err } if cachedQoSPolicy.DeletionTimestamp.IsZero() { - if slices.Contains(cachedQoSPolicy.Finalizers, util.ControllerName) { + if slices.Contains(cachedQoSPolicy.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newQoSPolicy := cachedQoSPolicy.DeepCopy() - controllerutil.AddFinalizer(newQoSPolicy, util.ControllerName) + controllerutil.AddFinalizer(newQoSPolicy, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedQoSPolicy, newQoSPolicy) if err != nil { klog.Errorf("failed to generate patch payload for qos '%s', %v", cachedQoSPolicy.Name, err) diff --git a/pkg/controller/subnet.go b/pkg/controller/subnet.go index 8e4b3293bec4..7ebbda9005ae 100644 --- a/pkg/controller/subnet.go +++ b/pkg/controller/subnet.go @@ -479,10 +479,40 @@ func checkAndUpdateExcludeIPs(subnet *kubeovnv1.Subnet) bool { return changed } +func (c *Controller) syncSubnetFinalizer() error { + // migrate depreciated finalizer to new finalizer + subnets, err := c.subnetsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list subnets, %v", err) + return err + } + for _, cachedSubnet := range subnets { + patch, err := c.ReplaceFinalizer(cachedSubnet) + if err != nil { + klog.Errorf("failed to sync finalizer for subnet %s, %v", cachedSubnet.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().Subnets().Patch(context.Background(), cachedSubnet.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for subnet %s, %v", cachedSubnet.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleSubnetFinalizer(subnet *kubeovnv1.Subnet) (bool, error) { - if subnet.DeletionTimestamp.IsZero() && !slices.Contains(subnet.Finalizers, util.ControllerName) { + if subnet.DeletionTimestamp.IsZero() && !slices.Contains(subnet.Finalizers, util.KubeOVNControllerFinalizer) { newSubnet := subnet.DeepCopy() - newSubnet.Finalizers = append(newSubnet.Finalizers, util.ControllerName) + newSubnet.Finalizers = append(newSubnet.Finalizers, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(subnet, newSubnet) if err != nil { klog.Errorf("failed to generate patch payload for subnet '%s', %v", subnet.Name, err) @@ -506,7 +536,7 @@ func (c *Controller) handleSubnetFinalizer(subnet *kubeovnv1.Subnet) (bool, erro u2oInterconnIP := subnet.Status.U2OInterconnectionIP if !subnet.DeletionTimestamp.IsZero() && (usingIPs == 0 || (usingIPs == 1 && u2oInterconnIP != "")) { newSubnet := subnet.DeepCopy() - newSubnet.Finalizers = util.RemoveString(newSubnet.Finalizers, util.ControllerName) + newSubnet.Finalizers = util.RemoveString(newSubnet.Finalizers, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(subnet, newSubnet) if err != nil { klog.Errorf("failed to generate patch payload for subnet '%s', %v", subnet.Name, err) diff --git a/pkg/controller/vip.go b/pkg/controller/vip.go index aad8729b9d51..cd774c15dcd5 100644 --- a/pkg/controller/vip.go +++ b/pkg/controller/vip.go @@ -10,6 +10,7 @@ import ( k8serrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/client-go/tools/cache" @@ -289,7 +290,9 @@ func (c *Controller) handleAddVirtualIP(key string) error { return err } if err := c.handleUpdateVirtualParents(key); err != nil { - return fmt.Errorf("error syncing virtual parents for vip '%s': %s", key, err.Error()) + err := fmt.Errorf("error syncing virtual parents for vip '%s': %s", key, err.Error()) + klog.Error(err) + return err } return nil } @@ -382,6 +385,7 @@ func (c *Controller) handleUpdateVirtualParents(key string) error { if (cachedVip.Status.V4ip == "" && cachedVip.Status.V6ip == "") || cachedVip.Spec.Namespace == "" { return nil } + // add new virtual port if not exist ipStr := util.GetStringIP(cachedVip.Status.V4ip, cachedVip.Status.V6ip) if err = c.OVNNbClient.CreateVirtualLogicalSwitchPort(cachedVip.Name, cachedVip.Spec.Subnet, ipStr); err != nil { @@ -389,6 +393,13 @@ func (c *Controller) handleUpdateVirtualParents(key string) error { return err } + // update virtual parents + if cachedVip.Spec.Type == util.SwitchLBRuleVip { + // switch lb rule vip no need to have virtual parents + return nil + } + + // vip cloud use selector to select pods as its virtual parents selectors := make(map[string]string) for _, v := range cachedVip.Spec.Selector { parts := strings.Split(strings.TrimSpace(v), ":") @@ -461,14 +472,14 @@ func (c *Controller) createOrUpdateVipCR(key, ns, subnet, v4ip, v6ip, mac, pV4ip ParentMac: pmac, }, }, metav1.CreateOptions{}); err != nil { - errMsg := fmt.Errorf("failed to create crd vip '%s', %v", key, err) - klog.Error(errMsg) - return errMsg + err := fmt.Errorf("failed to create crd vip '%s', %v", key, err) + klog.Error(err) + return err } } else { - errMsg := fmt.Errorf("failed to get crd vip '%s', %v", key, err) - klog.Error(errMsg) - return errMsg + err := fmt.Errorf("failed to get crd vip '%s', %v", key, err) + klog.Error(err) + return err } } else { vip := vipCR.DeepCopy() @@ -491,9 +502,9 @@ func (c *Controller) createOrUpdateVipCR(key, ns, subnet, v4ip, v6ip, mac, pV4ip vip.Status.Pmac = pmac vip.Status.Type = vip.Spec.Type if _, err := c.config.KubeOvnClient.KubeovnV1().Vips().Update(context.Background(), vip, metav1.UpdateOptions{}); err != nil { - errMsg := fmt.Errorf("failed to update vip '%s', %v", key, err) - klog.Error(errMsg) - return errMsg + err := fmt.Errorf("failed to update vip '%s', %v", key, err) + klog.Error(err) + return err } } var needUpdateLabel bool @@ -639,12 +650,12 @@ func (c *Controller) handleAddVipFinalizer(key string) error { return err } if cachedVip.DeletionTimestamp.IsZero() { - if slices.Contains(cachedVip.Finalizers, util.ControllerName) { + if slices.Contains(cachedVip.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newVip := cachedVip.DeepCopy() - controllerutil.AddFinalizer(newVip, util.ControllerName) + controllerutil.AddFinalizer(newVip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedVip, newVip) if err != nil { klog.Errorf("failed to generate patch payload for ovn eip '%s', %v", cachedVip.Name, err) @@ -674,7 +685,7 @@ func (c *Controller) handleDelVipFinalizer(key string) error { return nil } newVip := cachedVip.DeepCopy() - controllerutil.RemoveFinalizer(newVip, util.ControllerName) + controllerutil.RemoveFinalizer(newVip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedVip, newVip) if err != nil { klog.Errorf("failed to generate patch payload for ovn eip '%s', %v", cachedVip.Name, err) @@ -690,3 +701,33 @@ func (c *Controller) handleDelVipFinalizer(key string) error { } return nil } + +func (c *Controller) syncVipFinalizer() error { + // migrate depreciated finalizer to new finalizer + vips, err := c.virtualIpsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list vips, %v", err) + return err + } + for _, cachedVip := range vips { + patch, err := c.ReplaceFinalizer(cachedVip) + if err != nil { + klog.Errorf("failed to sync finalizer for vip %s, %v", cachedVip.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().Vips().Patch(context.Background(), cachedVip.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for vip %s, %v", cachedVip.Name, err) + return err + } + } + } + return nil +} diff --git a/pkg/controller/vpc.go b/pkg/controller/vpc.go index 06568d53faeb..69cd30863e5f 100644 --- a/pkg/controller/vpc.go +++ b/pkg/controller/vpc.go @@ -324,7 +324,7 @@ func (c *Controller) handleAddOrUpdateVpc(key string) error { if c.config.EnableEipSnat { externalSubnet, err = c.subnetsLister.Get(c.config.ExternalGatewaySwitch) if err != nil { - klog.Errorf("failed to get external subnet %s: %v", c.config.ExternalGatewaySwitch, err) + klog.Warningf("enable-eip-snat need external subnet %s to be exist: %v", c.config.ExternalGatewaySwitch, err) } else { externalSubnetExist = true } diff --git a/pkg/controller/vpc_nat_gw_eip.go b/pkg/controller/vpc_nat_gw_eip.go index 017a4eacfdb8..dd8fbdd936ec 100644 --- a/pkg/controller/vpc_nat_gw_eip.go +++ b/pkg/controller/vpc_nat_gw_eip.go @@ -750,6 +750,36 @@ func (c *Controller) createOrUpdateEipCR(key, v4ip, v6ip, mac, natGwDp, qos, ext return nil } +func (c *Controller) syncIptablesEipFinalizer() error { + // migrate depreciated finalizer to new finalizer + eips, err := c.iptablesEipsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list eips, %v", err) + return err + } + for _, cachedEip := range eips { + patch, err := c.ReplaceFinalizer(cachedEip) + if err != nil { + klog.Errorf("failed to sync finalizer for eip %s, %v", cachedEip.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().IptablesEIPs().Patch(context.Background(), cachedEip.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for eip %s, %v", cachedEip.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddIptablesEipFinalizer(key string) error { cachedIptablesEip, err := c.iptablesEipsLister.Get(key) if err != nil { @@ -760,12 +790,12 @@ func (c *Controller) handleAddIptablesEipFinalizer(key string) error { return err } if cachedIptablesEip.DeletionTimestamp.IsZero() { - if slices.Contains(cachedIptablesEip.Finalizers, util.ControllerName) { + if slices.Contains(cachedIptablesEip.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newIptablesEip := cachedIptablesEip.DeepCopy() - controllerutil.AddFinalizer(newIptablesEip, util.ControllerName) + controllerutil.AddFinalizer(newIptablesEip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesEip, newIptablesEip) if err != nil { klog.Errorf("failed to generate patch payload for iptables eip '%s', %v", cachedIptablesEip.Name, err) @@ -795,7 +825,7 @@ func (c *Controller) handleDelIptablesEipFinalizer(key string) error { return nil } newIptablesEip := cachedIptablesEip.DeepCopy() - controllerutil.RemoveFinalizer(newIptablesEip, util.ControllerName) + controllerutil.RemoveFinalizer(newIptablesEip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesEip, newIptablesEip) if err != nil { klog.Errorf("failed to generate patch payload for iptables eip '%s', %v", cachedIptablesEip.Name, err) diff --git a/pkg/controller/vpc_nat_gw_nat.go b/pkg/controller/vpc_nat_gw_nat.go index 41e1693cea62..fef59e0e5c6f 100644 --- a/pkg/controller/vpc_nat_gw_nat.go +++ b/pkg/controller/vpc_nat_gw_nat.go @@ -1045,6 +1045,36 @@ func (c *Controller) handleDelIptablesSnatRule(key string) error { return nil } +func (c *Controller) syncIptablesFipFinalizer() error { + // migrate depreciated finalizer to new finalizer + fips, err := c.iptablesFipsLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list fips, %v", err) + return err + } + for _, cachedFip := range fips { + patch, err := c.ReplaceFinalizer(cachedFip) + if err != nil { + klog.Errorf("failed to sync finalizer for fip %s, %v", cachedFip.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().IptablesFIPRules().Patch(context.Background(), cachedFip.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for fip %s, %v", cachedFip.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddIptablesFipFinalizer(key string) error { cachedIptablesFip, err := c.iptablesFipsLister.Get(key) if err != nil { @@ -1055,12 +1085,12 @@ func (c *Controller) handleAddIptablesFipFinalizer(key string) error { return err } if cachedIptablesFip.DeletionTimestamp.IsZero() { - if slices.Contains(cachedIptablesFip.Finalizers, util.ControllerName) { + if slices.Contains(cachedIptablesFip.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newIptablesFip := cachedIptablesFip.DeepCopy() - controllerutil.AddFinalizer(newIptablesFip, util.ControllerName) + controllerutil.AddFinalizer(newIptablesFip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesFip, newIptablesFip) if err != nil { klog.Errorf("failed to generate patch payload for iptables fip '%s', %v", cachedIptablesFip.Name, err) @@ -1090,7 +1120,7 @@ func (c *Controller) handleDelIptablesFipFinalizer(key string) error { return nil } newIptablesFip := cachedIptablesFip.DeepCopy() - controllerutil.RemoveFinalizer(newIptablesFip, util.ControllerName) + controllerutil.RemoveFinalizer(newIptablesFip, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesFip, newIptablesFip) if err != nil { klog.Errorf("failed to generate patch payload for iptables fip '%s', %v", cachedIptablesFip.Name, err) @@ -1107,6 +1137,36 @@ func (c *Controller) handleDelIptablesFipFinalizer(key string) error { return nil } +func (c *Controller) syncIptablesDnatFinalizer() error { + // migrate depreciated finalizer to new finalizer + dnats, err := c.iptablesDnatRulesLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list dnats, %v", err) + return err + } + for _, cachedDnat := range dnats { + patch, err := c.ReplaceFinalizer(cachedDnat) + if err != nil { + klog.Errorf("failed to sync finalizer for dnat %s, %v", cachedDnat.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().IptablesDnatRules().Patch(context.Background(), cachedDnat.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for dnat %s, %v", cachedDnat.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddIptablesDnatFinalizer(key string) error { cachedIptablesDnat, err := c.iptablesDnatRulesLister.Get(key) if err != nil { @@ -1117,12 +1177,12 @@ func (c *Controller) handleAddIptablesDnatFinalizer(key string) error { return err } if cachedIptablesDnat.DeletionTimestamp.IsZero() { - if slices.Contains(cachedIptablesDnat.Finalizers, util.ControllerName) { + if slices.Contains(cachedIptablesDnat.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newIptablesDnat := cachedIptablesDnat.DeepCopy() - controllerutil.AddFinalizer(newIptablesDnat, util.ControllerName) + controllerutil.AddFinalizer(newIptablesDnat, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesDnat, newIptablesDnat) if err != nil { klog.Errorf("failed to generate patch payload for iptables dnat '%s', %v", cachedIptablesDnat.Name, err) @@ -1152,7 +1212,7 @@ func (c *Controller) handleDelIptablesDnatFinalizer(key string) error { return nil } newIptablesDnat := cachedIptablesDnat.DeepCopy() - controllerutil.RemoveFinalizer(newIptablesDnat, util.ControllerName) + controllerutil.RemoveFinalizer(newIptablesDnat, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesDnat, newIptablesDnat) if err != nil { klog.Errorf("failed to generate patch payload for iptables dnat '%s', %v", cachedIptablesDnat.Name, err) @@ -1222,6 +1282,36 @@ func (c *Controller) patchFipLabel(key string, eip *kubeovnv1.IptablesEIP) error return nil } +func (c *Controller) syncIptablesSnatFinalizer() error { + // migrate depreciated finalizer to new finalizer + snats, err := c.iptablesSnatRulesLister.List(labels.Everything()) + if err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to list snats, %v", err) + return err + } + for _, cachedSnat := range snats { + patch, err := c.ReplaceFinalizer(cachedSnat) + if err != nil { + klog.Errorf("failed to sync finalizer for snat %s, %v", cachedSnat.Name, err) + return err + } + if patch != nil { + if _, err := c.config.KubeOvnClient.KubeovnV1().IptablesSnatRules().Patch(context.Background(), cachedSnat.Name, + types.MergePatchType, patch, metav1.PatchOptions{}, ""); err != nil { + if k8serrors.IsNotFound(err) { + return nil + } + klog.Errorf("failed to sync finalizer for dnat %s, %v", cachedSnat.Name, err) + return err + } + } + } + return nil +} + func (c *Controller) handleAddIptablesSnatFinalizer(key string) error { cachedIptablesSnat, err := c.iptablesSnatRulesLister.Get(key) if err != nil { @@ -1232,12 +1322,12 @@ func (c *Controller) handleAddIptablesSnatFinalizer(key string) error { return err } if cachedIptablesSnat.DeletionTimestamp.IsZero() { - if slices.Contains(cachedIptablesSnat.Finalizers, util.ControllerName) { + if slices.Contains(cachedIptablesSnat.Finalizers, util.KubeOVNControllerFinalizer) { return nil } } newIptablesSnat := cachedIptablesSnat.DeepCopy() - controllerutil.AddFinalizer(newIptablesSnat, util.ControllerName) + controllerutil.AddFinalizer(newIptablesSnat, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesSnat, newIptablesSnat) if err != nil { klog.Errorf("failed to generate patch payload for iptables snat '%s', %v", cachedIptablesSnat.Name, err) @@ -1267,7 +1357,7 @@ func (c *Controller) handleDelIptablesSnatFinalizer(key string) error { return nil } newIptablesSnat := cachedIptablesSnat.DeepCopy() - controllerutil.RemoveFinalizer(newIptablesSnat, util.ControllerName) + controllerutil.RemoveFinalizer(newIptablesSnat, util.KubeOVNControllerFinalizer) patch, err := util.GenerateMergePatchPayload(cachedIptablesSnat, newIptablesSnat) if err != nil { klog.Errorf("failed to generate patch payload for iptables snat '%s', %v", cachedIptablesSnat.Name, err) diff --git a/pkg/util/const.go b/pkg/util/const.go index 30cc990e3132..6a391d89f4fe 100644 --- a/pkg/util/const.go +++ b/pkg/util/const.go @@ -3,7 +3,8 @@ package util const ( CniTypeName = "kube-ovn" - ControllerName = "kube-ovn-controller" + DepreciatedFinalizerName = "kube-ovn-controller" + KubeOVNControllerFinalizer = "kubeovn.io/kube-ovn-controller" AllocatedAnnotation = "ovn.kubernetes.io/allocated" RoutedAnnotation = "ovn.kubernetes.io/routed" diff --git a/test/e2e/kube-ovn/subnet/subnet.go b/test/e2e/kube-ovn/subnet/subnet.go index cddea940ee44..8c784c3ba884 100644 --- a/test/e2e/kube-ovn/subnet/subnet.go +++ b/test/e2e/kube-ovn/subnet/subnet.go @@ -148,7 +148,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -206,7 +206,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -251,7 +251,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -301,7 +301,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -345,7 +345,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -388,7 +388,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.PatchSync(subnet, modifiedSubnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.ObjectMeta.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating subnet spec fields") framework.ExpectFalse(subnet.Spec.Default) @@ -444,7 +444,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet finalizers") - framework.ExpectContainElement(subnet.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.Finalizers, util.KubeOVNControllerFinalizer) ginkgo.By("Validating centralized subnet with active-standby mode") framework.ExpectFalse(subnet.Spec.EnableEcmp) @@ -947,7 +947,7 @@ var _ = framework.Describe("[group:subnet]", func() { subnet = subnetClient.CreateSync(subnet) ginkgo.By("Validating subnet load-balancer records exist") - framework.ExpectContainElement(subnet.Finalizers, util.ControllerName) + framework.ExpectContainElement(subnet.Finalizers, util.KubeOVNControllerFinalizer) execCmd := "kubectl ko nbctl --format=csv --data=bare --no-heading --columns=load_balancer find logical-switch " + fmt.Sprintf("name=%s", subnetName) output, err := exec.Command("bash", "-c", execCmd).CombinedOutput() framework.ExpectNoError(err)