Allow egress-router to connect to DNS IP

Ravi Sankar Penta · Ravi Sankar Penta · commit c28619b22085 · 2018-06-26T23:00:23.000-07:00
diff --git a/pkg/cmd/server/kubernetes/network/sdn_linux.go b/pkg/cmd/server/kubernetes/network/sdn_linux.go
@@ -57,6 +57,7 @@ func NewSDNInterfaces(options configapi.NodeConfig, networkClient networkclient.
 		PluginName:         options.NetworkConfig.NetworkPluginName,
 		Hostname:           options.NodeName,
 		SelfIP:             options.NodeIP,
+		DNSIP:              options.DNSIP,
 		RuntimeEndpoint:    runtimeEndpoint,
 		CNIBinDir:          cniBinDir,
 		CNIConfDir:         cniConfDir,
diff --git a/pkg/network/node/cniserver/cniserver.go b/pkg/network/node/cniserver/cniserver.go
@@ -59,6 +59,7 @@ const CNIServerConfigFilePath string = CNIServerRunDir + "/" + CNIServerConfigFi
 type Config struct {
 	MTU                uint32 `json:"mtu"`
 	ServiceNetworkCIDR string `json:"serviceNetworkCIDR"`
+	DNSIP              string `json:"dnsIP"`
 }
 
 // Explicit type for CNI commands the server handles
diff --git a/pkg/network/node/cniserver/cniserver_test.go b/pkg/network/node/cniserver/cniserver_test.go
@@ -62,7 +62,7 @@ func TestCNIServer(t *testing.T) {
 	defer os.RemoveAll(tmpDir)
 	socketPath := filepath.Join(tmpDir, CNIServerSocketName)
 
-	s := NewCNIServer(tmpDir, &Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16"})
+	s := NewCNIServer(tmpDir, &Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16", DNSIP: "172.30.0.1"})
 	if err := s.Start(serverHandleCNI); err != nil {
 		t.Fatalf("error starting CNI server: %v", err)
 	}
diff --git a/pkg/network/node/node.go b/pkg/network/node/node.go
@@ -72,6 +72,7 @@ type OsdnNodeConfig struct {
 	PluginName      string
 	Hostname        string
 	SelfIP          string
+	DNSIP           string
 	RuntimeEndpoint string
 	MTU             uint32
 	EnableHostports bool
@@ -173,7 +174,7 @@ func New(c *OsdnNodeConfig) (*OsdnNode, error) {
 		networkClient:      c.NetworkClient,
 		recorder:           c.Recorder,
 		oc:                 oc,
-		podManager:         newPodManager(c.KClient, policy, c.MTU, c.CNIBinDir, oc, c.EnableHostports),
+		podManager:         newPodManager(c.KClient, policy, c.MTU, c.CNIBinDir, oc, c.EnableHostports, c.DNSIP),
 		localIP:            c.SelfIP,
 		hostName:           c.Hostname,
 		useConnTrack:       useConnTrack,
diff --git a/pkg/network/node/pod.go b/pkg/network/node/pod.go
@@ -83,10 +83,13 @@ type podManager struct {
 	// and thus can be set from Start()
 	ipamConfig     []byte
 	hostportSyncer kubehostport.HostportSyncer
+
+	// IP address that pods will use to access cluster DNS
+	dnsIP string
 }
 
 // Creates a new live podManager; used by node code0
-func newPodManager(kClient kclientset.Interface, policy osdnPolicy, mtu uint32, cniBinPath string, ovs *ovsController, enableHostports bool) *podManager {
+func newPodManager(kClient kclientset.Interface, policy osdnPolicy, mtu uint32, cniBinPath string, ovs *ovsController, enableHostports bool, dnsIP string) *podManager {
 	pm := newDefaultPodManager()
 	pm.kClient = kClient
 	pm.policy = policy
@@ -95,6 +98,7 @@ func newPodManager(kClient kclientset.Interface, policy osdnPolicy, mtu uint32,
 	pm.podHandler = pm
 	pm.ovs = ovs
 	pm.enableHostports = enableHostports
+	pm.dnsIP = dnsIP
 	return pm
 }
 
@@ -181,7 +185,7 @@ func (m *podManager) Start(rundir string, localSubnetCIDR string, clusterNetwork
 
 	go m.processCNIRequests()
 
-	m.cniServer = cniserver.NewCNIServer(rundir, &cniserver.Config{MTU: m.mtu, ServiceNetworkCIDR: serviceNetworkCIDR})
+	m.cniServer = cniserver.NewCNIServer(rundir, &cniserver.Config{MTU: m.mtu, ServiceNetworkCIDR: serviceNetworkCIDR, DNSIP: m.dnsIP})
 	return m.cniServer.Start(m.handleCNIRequest)
 }
 
diff --git a/pkg/network/sdn-cni-plugin/openshift-sdn.go b/pkg/network/sdn-cni-plugin/openshift-sdn.go
@@ -230,6 +230,22 @@ func (p *cniPlugin) CmdAdd(args *skel.CmdArgs) error {
 			if err := netlink.RouteAdd(route); err != nil {
 				return fmt.Errorf("failed to add route to service network: %v", err)
 			}
+
+			// Add a route to DNS IP via SDN
+			dnsIP := net.ParseIP(config.DNSIP)
+			if dnsIP == nil {
+				return fmt.Errorf("failed to parse dns IP: %v", err)
+			}
+			route = &netlink.Route{
+				Dst: &net.IPNet{
+					IP:   dnsIP,
+					Mask: net.CIDRMask(32, 32),
+				},
+				Gw: defaultGW,
+			}
+			if err := netlink.RouteAdd(route); err != nil {
+				return fmt.Errorf("failed to add route to dns IP: %v", err)
+			}
 		}
 
 		return nil
diff --git a/pkg/network/sdn-cni-plugin/sdn_cni_plugin_test.go b/pkg/network/sdn-cni-plugin/sdn_cni_plugin_test.go
@@ -83,7 +83,7 @@ func TestOpenshiftSdnCNIPlugin(t *testing.T) {
 	defer os.RemoveAll(tmpDir)
 
 	path := filepath.Join(tmpDir, cniserver.CNIServerSocketName)
-	server := cniserver.NewCNIServer(tmpDir, &cniserver.Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16"})
+	server := cniserver.NewCNIServer(tmpDir, &cniserver.Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16", DNSIP: "172.30.0.1"})
 	if err := server.Start(serverHandleCNI); err != nil {
 		t.Fatalf("error starting CNI server: %v", err)
 	}

Original file line number	Diff line number	Diff line change
`@@ -59,6 +59,7 @@ const CNIServerConfigFilePath string = CNIServerRunDir + "/" + CNIServerConfigFi`
`59`	`59`	`type Config struct {`
`60`	`60`	MTU uint32 `json:"mtu"`
`61`	`61`	ServiceNetworkCIDR string `json:"serviceNetworkCIDR"`
	`62`	+ DNSIP string `json:"dnsIP"`
`62`	`63`	`}`
`63`	`64`
`64`	`65`	`// Explicit type for CNI commands the server handles`
Original file line number	Diff line number	Diff line change
`@@ -62,7 +62,7 @@ func TestCNIServer(t *testing.T) {`
`62`	`62`	`defer os.RemoveAll(tmpDir)`
`63`	`63`	`socketPath := filepath.Join(tmpDir, CNIServerSocketName)`
`64`	`64`
`65`		`- s := NewCNIServer(tmpDir, &Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16"})`
	`65`	`+ s := NewCNIServer(tmpDir, &Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16", DNSIP: "172.30.0.1"})`
`66`	`66`	`if err := s.Start(serverHandleCNI); err != nil {`
`67`	`67`	`t.Fatalf("error starting CNI server: %v", err)`
`68`	`68`	`}`
Original file line number	Diff line number	Diff line change
`@@ -83,7 +83,7 @@ func TestOpenshiftSdnCNIPlugin(t *testing.T) {`
`83`	`83`	`defer os.RemoveAll(tmpDir)`
`84`	`84`
`85`	`85`	`path := filepath.Join(tmpDir, cniserver.CNIServerSocketName)`
`86`		`- server := cniserver.NewCNIServer(tmpDir, &cniserver.Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16"})`
	`86`	`+ server := cniserver.NewCNIServer(tmpDir, &cniserver.Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16", DNSIP: "172.30.0.1"})`
`87`	`87`	`if err := server.Start(serverHandleCNI); err != nil {`
`88`	`88`	`t.Fatalf("error starting CNI server: %v", err)`
`89`	`89`	`}`