From d3df342a24450e8fdfe52c955c6fc62ccaabeebb Mon Sep 17 00:00:00 2001 From: Manuel Buil Date: Thu, 18 Jan 2024 12:37:15 +0100 Subject: [PATCH] Move sourceVIP reservation to CNI code Signed-off-by: Manuel Buil --- pkg/pebinaryexecutor/pebinary.go | 28 +++++++--------------------- pkg/windows/calico.go | 32 ++++++++++++++++++++++++++++++++ pkg/windows/types.go | 2 +- 3 files changed, 40 insertions(+), 22 deletions(-) diff --git a/pkg/pebinaryexecutor/pebinary.go b/pkg/pebinaryexecutor/pebinary.go index ead1b361a48..11a1718fa54 100644 --- a/pkg/pebinaryexecutor/pebinary.go +++ b/pkg/pebinaryexecutor/pebinary.go @@ -14,7 +14,6 @@ import ( "strings" "time" - "github.com/Microsoft/hcsshim" "github.com/Microsoft/hcsshim/hcn" "github.com/k3s-io/helm-controller/pkg/generated/controllers/helm.cattle.io" "github.com/k3s-io/k3s/pkg/cli/cmds" @@ -187,10 +186,17 @@ func (p *PEBinaryConfig) KubeProxy(ctx context.Context, args []string) error { } CNIConfig := p.CniPlugin.GetConfig() + vip, err := p.CniPlugin.ReserveSourceVip(ctx) + if err != nil || vip == "" { + logrus.Errorf("Failed to reserve VIP for kube-proxy: %s", err) + } + logrus.Infof("Reserved VIP for kube-proxy: %s", vip) + extraArgs := map[string]string{ "network-name": CNIConfig.OverlayNetName, "bind-address": CNIConfig.NodeIP, + "source-vip": vip, } if err := hcn.DSRSupported(); err == nil { @@ -199,26 +205,6 @@ func (p *PEBinaryConfig) KubeProxy(ctx context.Context, args []string) error { extraArgs["enable-dsr"] = "true" } - if CNIConfig.Name == "Calico" { - var vip string - for range time.Tick(time.Second * 5) { - endpoint, err := hcsshim.GetHNSEndpointByName("Calico_ep") - if err != nil { - logrus.WithError(err).Warning("can't find Calico_ep HNS endpoint, retrying") - continue - } - vip = endpoint.IPAddress.String() - break - } - extraArgs["source-vip"] = vip - } - - logrus.Infof("Deleting HNS policies before kube-proxy starts.") - policies, _ := hcsshim.HNSListPolicyListRequest() - for _, policy := range policies { - policy.Delete() - } - args = append(getArgs(extraArgs), args...) logrus.Infof("Running RKE2 kube-proxy %s", args) diff --git a/pkg/windows/calico.go b/pkg/windows/calico.go index 1635d729b3f..8b33ad97fc3 100644 --- a/pkg/windows/calico.go +++ b/pkg/windows/calico.go @@ -279,6 +279,18 @@ func (c *Calico) Start(ctx context.Context) error { go startConfd(ctx, c.CNICfg, logPath) } + // Reserve source VIP for kube-proxy + c.CNICfg.KubeProxySourceVIP := reserveSourceVip(ctx) + logrus.Infof("KubeProxy source VIP: %s", c.CNICfg.KubeProxySourceVIP) + + // Delete policies in case calico network is being reused + policies, _ := hcsshim.HNSListPolicyListRequest() + for _, policy := range policies { + policy.Delete() + } + + logrus.Info("Calico started correctly") + return nil } @@ -486,3 +498,23 @@ func generateGeneralCalicoEnvs(config *CalicoConfig) []string { fmt.Sprintf("USE_POD_CIDR=%t", autoConfigureIpam(config.IpamType)), } } + +// ReserveSourceVip reserves a source VIP for kube-proxy +func (c *Calico) ReserveSourceVip(ctx context.Context) (string, error) { + var vip string + + err := wait.PollImmediateWithContext(ctx, 5*time.Second, 5*time.Minute, func(ctx context.Context) (bool, error) { + // calico-node is creating an endpoint named Calico_ep for this purpose + endpoint, err := hcsshim.GetHNSEndpointByName("Calico_ep") + if err != nil { + logrus.WithError(err).Warning("can't find Calico_ep HNS endpoint, retrying") + return false, nil + } + vip = endpoint.IPAddress.String() + return true, nil + }); err != nil { + return "", err + } + + return vip, nil +} \ No newline at end of file diff --git a/pkg/windows/types.go b/pkg/windows/types.go index f2f6fb47462..4dac5f9c4be 100644 --- a/pkg/windows/types.go +++ b/pkg/windows/types.go @@ -15,6 +15,7 @@ type CniPlugin interface { Setup(ctx context.Context, nodeConfig *daemonconfig.Node, restConfig *rest.Config, dataDir string) error Start(ctx context.Context) error GetConfig() *CNICommonConfig + ReserveSourceVip(ctx context.Context) string } type KubeConfig struct { @@ -37,7 +38,6 @@ type CNICommonConfig struct { NodeIP string VxlanVNI string VxlanPort string - KubeProxySourceVIP string Interface string IpamType string CNIVersion string