Have multiple egress IP ovscontroller methods rather than one confusing one

danwinship · danwinship · commit c8542165c678 · 2018-03-02T09:04:18.000-05:00
diff --git a/pkg/network/node/egressip.go b/pkg/network/node/egressip.go
@@ -194,7 +194,7 @@ func (eip *egressIPWatcher) maybeAddEgressIP(egressIP string) {
 		ns.assignedIP = egressIP
 		ns.nodeIP = nodeIP
 
-		err := eip.oc.UpdateNamespaceEgressRules(ns.vnid, ns.nodeIP, mark)
+		err := eip.oc.SetNamespaceEgressViaEgressIP(ns.vnid, ns.nodeIP, mark)
 		if err != nil {
 			utilruntime.HandleError(fmt.Errorf("Error updating Namespace egress rules: %v", err))
 		}
@@ -224,10 +224,10 @@ func (eip *egressIPWatcher) deleteEgressIP(egressIP string) {
 	var err error
 	if ns.requestedIP == "" {
 		// Namespace no longer wants EgressIP
-		err = eip.oc.UpdateNamespaceEgressRules(ns.vnid, "", "")
+		err = eip.oc.SetNamespaceEgressNormal(ns.vnid)
 	} else {
 		// Namespace still wants EgressIP but no node provides it
-		err = eip.oc.UpdateNamespaceEgressRules(ns.vnid, "", mark)
+		err = eip.oc.SetNamespaceEgressDropped(ns.vnid)
 	}
 	if err != nil {
 		utilruntime.HandleError(fmt.Errorf("Error updating Namespace egress rules: %v", err))
diff --git a/pkg/network/node/ovscontroller.go b/pkg/network/node/ovscontroller.go
@@ -686,23 +686,31 @@ func (oc *ovsController) ensureTunMAC() error {
 	return nil
 }
 
-func (oc *ovsController) UpdateNamespaceEgressRules(vnid uint32, nodeIP, mark string) error {
+func (oc *ovsController) SetNamespaceEgressNormal(vnid uint32) error {
 	otx := oc.ovs.NewTransaction()
 	otx.DeleteFlows("table=100, reg0=%d", vnid)
+	return otx.EndTransaction()
+}
 
-	if mark == "" {
-		// Namespace no longer has an EgressIP; no VNID-specific rules needed
-	} else if nodeIP == "" {
-		// Namespace has Egress IP, but it is unavailable, so drop egress traffic
+func (oc *ovsController) SetNamespaceEgressDropped(vnid uint32) error {
+	otx := oc.ovs.NewTransaction()
+	otx.DeleteFlows("table=100, reg0=%d", vnid)
+	otx.AddFlow("table=100, priority=100, reg0=%d, actions=drop", vnid)
+	return otx.EndTransaction()
+}
+
+func (oc *ovsController) SetNamespaceEgressViaEgressIP(vnid uint32, nodeIP, mark string) error {
+	otx := oc.ovs.NewTransaction()
+	otx.DeleteFlows("table=100, reg0=%d", vnid)
+	if nodeIP == "" {
+		// Namespace wants egress IP, but no node hosts it, so drop
 		otx.AddFlow("table=100, priority=100, reg0=%d, actions=drop", vnid)
 	} else if nodeIP == oc.localIP {
-		// Local Egress IP
 		if err := oc.ensureTunMAC(); err != nil {
 			return err
 		}
 		otx.AddFlow("table=100, priority=100, reg0=%d, ip, actions=set_field:%s->eth_dst,set_field:%s->pkt_mark,goto_table:101", vnid, oc.tunMAC, mark)
 	} else {
-		// Remote Egress IP; send via VXLAN
 		otx.AddFlow("table=100, priority=100, reg0=%d, ip, actions=move:NXM_NX_REG0[]->NXM_NX_TUN_ID[0..31],set_field:%s->tun_dst,output:1", vnid, nodeIP)
 	}
 	return otx.EndTransaction()
