Allow egress-router to connect to cluster service network for DNS, etc.

Ravi Sankar Penta · Ravi Sankar Penta · commit d7c576bb271a · 2018-06-25T13:37:13.000-07:00
#19885 allows egress routers to connect to the node IP but when openshift node is configured to use service network IP as DNS IP then egress router pod will not be able to resolve DNS requests. This change will address this issue.
diff --git a/pkg/network/node/cniserver/cniserver.go b/pkg/network/node/cniserver/cniserver.go
@@ -51,13 +51,14 @@ const CNIServerRunDir string = "/var/run/openshift-sdn"
 const CNIServerSocketName string = "cni-server.sock"
 const CNIServerSocketPath string = CNIServerRunDir + "/" + CNIServerSocketName
 
-// Config file containing MTU, and default full path
+// Config file contains server to plugin config data
 const CNIServerConfigFileName string = "config.json"
 const CNIServerConfigFilePath string = CNIServerRunDir + "/" + CNIServerConfigFileName
 
 // Server-to-plugin config data
 type Config struct {
-	MTU uint32 `json:"mtu"`
+	MTU                uint32 `json:"mtu"`
+	ServiceNetworkCIDR string `json:"serviceNetworkCIDR"`
 }
 
 // Explicit type for CNI commands the server handles
diff --git a/pkg/network/node/cniserver/cniserver_test.go b/pkg/network/node/cniserver/cniserver_test.go
@@ -62,7 +62,7 @@ func TestCNIServer(t *testing.T) {
 	defer os.RemoveAll(tmpDir)
 	socketPath := filepath.Join(tmpDir, CNIServerSocketName)
 
-	s := NewCNIServer(tmpDir, &Config{MTU: 1500})
+	s := NewCNIServer(tmpDir, &Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16"})
 	if err := s.Start(serverHandleCNI); err != nil {
 		t.Fatalf("error starting CNI server: %v", err)
 	}
diff --git a/pkg/network/node/node.go b/pkg/network/node/node.go
@@ -349,7 +349,8 @@ func (node *OsdnNode) Start() error {
 	}
 
 	glog.V(2).Infof("Starting openshift-sdn pod manager")
-	if err := node.podManager.Start(cniserver.CNIServerRunDir, node.localSubnetCIDR, node.networkInfo.ClusterNetworks); err != nil {
+	if err := node.podManager.Start(cniserver.CNIServerRunDir, node.localSubnetCIDR,
+		node.networkInfo.ClusterNetworks, node.networkInfo.ServiceNetwork.String()); err != nil {
 		return err
 	}
 
diff --git a/pkg/network/node/pod.go b/pkg/network/node/pod.go
@@ -168,7 +168,7 @@ func getIPAMConfig(clusterNetworks []common.ClusterNetwork, localSubnet string)
 }
 
 // Start the CNI server and start processing requests from it
-func (m *podManager) Start(rundir string, localSubnetCIDR string, clusterNetworks []common.ClusterNetwork) error {
+func (m *podManager) Start(rundir string, localSubnetCIDR string, clusterNetworks []common.ClusterNetwork, serviceNetworkCIDR string) error {
 	if m.enableHostports {
 		iptInterface := utiliptables.New(utilexec.New(), utildbus.New(), utiliptables.ProtocolIpv4)
 		m.hostportSyncer = kubehostport.NewHostportSyncer(iptInterface)
@@ -181,7 +181,7 @@ func (m *podManager) Start(rundir string, localSubnetCIDR string, clusterNetwork
 
 	go m.processCNIRequests()
 
-	m.cniServer = cniserver.NewCNIServer(rundir, &cniserver.Config{MTU: m.mtu})
+	m.cniServer = cniserver.NewCNIServer(rundir, &cniserver.Config{MTU: m.mtu, ServiceNetworkCIDR: serviceNetworkCIDR})
 	return m.cniServer.Start(m.handleCNIRequest)
 }
 
diff --git a/pkg/network/sdn-cni-plugin/openshift-sdn.go b/pkg/network/sdn-cni-plugin/openshift-sdn.go
@@ -213,11 +213,23 @@ func (p *cniPlugin) CmdAdd(args *skel.CmdArgs) error {
 					},
 					Gw: defaultGW,
 				}
-				err = netlink.RouteAdd(route)
-				if err != nil {
-					return fmt.Errorf("failed to configure macvlan device: %v", err)
+				if err := netlink.RouteAdd(route); err != nil {
+					return fmt.Errorf("failed to add route to node IP: %v", err)
 				}
 			}
+
+			// Add a route to service network via SDN
+			_, serviceIPNet, err := net.ParseCIDR(config.ServiceNetworkCIDR)
+			if err != nil {
+				return fmt.Errorf("failed to parse ServiceNetworkCIDR: %v", err)
+			}
+			route := &netlink.Route{
+				Dst: serviceIPNet,
+				Gw:  defaultGW,
+			}
+			if err := netlink.RouteAdd(route); err != nil {
+				return fmt.Errorf("failed to add route to service network: %v", err)
+			}
 		}
 
 		return nil
diff --git a/pkg/network/sdn-cni-plugin/sdn_cni_plugin_test.go b/pkg/network/sdn-cni-plugin/sdn_cni_plugin_test.go
@@ -83,7 +83,7 @@ func TestOpenshiftSdnCNIPlugin(t *testing.T) {
 	defer os.RemoveAll(tmpDir)
 
 	path := filepath.Join(tmpDir, cniserver.CNIServerSocketName)
-	server := cniserver.NewCNIServer(tmpDir, &cniserver.Config{MTU: 1500})
+	server := cniserver.NewCNIServer(tmpDir, &cniserver.Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16"})
 	if err := server.Start(serverHandleCNI); err != nil {
 		t.Fatalf("error starting CNI server: %v", err)
 	}

Original file line number	Diff line number	Diff line change
`@@ -62,7 +62,7 @@ func TestCNIServer(t *testing.T) {`
`62`	`62`	`defer os.RemoveAll(tmpDir)`
`63`	`63`	`socketPath := filepath.Join(tmpDir, CNIServerSocketName)`
`64`	`64`
`65`		`- s := NewCNIServer(tmpDir, &Config{MTU: 1500})`
	`65`	`+ s := NewCNIServer(tmpDir, &Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16"})`
`66`	`66`	`if err := s.Start(serverHandleCNI); err != nil {`
`67`	`67`	`t.Fatalf("error starting CNI server: %v", err)`
`68`	`68`	`}`
Original file line number	Diff line number	Diff line change
`@@ -349,7 +349,8 @@ func (node *OsdnNode) Start() error {`
`349`	`349`	`}`
`350`	`350`
`351`	`351`	`glog.V(2).Infof("Starting openshift-sdn pod manager")`
`352`		`- if err := node.podManager.Start(cniserver.CNIServerRunDir, node.localSubnetCIDR, node.networkInfo.ClusterNetworks); err != nil {`
	`352`	`+ if err := node.podManager.Start(cniserver.CNIServerRunDir, node.localSubnetCIDR,`
	`353`	`+ node.networkInfo.ClusterNetworks, node.networkInfo.ServiceNetwork.String()); err != nil {`
`353`	`354`	`return err`
`354`	`355`	`}`
`355`	`356`
Original file line number	Diff line number	Diff line change
`@@ -168,7 +168,7 @@ func getIPAMConfig(clusterNetworks []common.ClusterNetwork, localSubnet string)`
`168`	`168`	`}`
`169`	`169`
`170`	`170`	`// Start the CNI server and start processing requests from it`
`171`		`-func (m *podManager) Start(rundir string, localSubnetCIDR string, clusterNetworks []common.ClusterNetwork) error {`
	`171`	`+func (m *podManager) Start(rundir string, localSubnetCIDR string, clusterNetworks []common.ClusterNetwork, serviceNetworkCIDR string) error {`
`172`	`172`	`if m.enableHostports {`
`173`	`173`	`iptInterface := utiliptables.New(utilexec.New(), utildbus.New(), utiliptables.ProtocolIpv4)`
`174`	`174`	`m.hostportSyncer = kubehostport.NewHostportSyncer(iptInterface)`
`@@ -181,7 +181,7 @@ func (m *podManager) Start(rundir string, localSubnetCIDR string, clusterNetwork`
`181`	`181`
`182`	`182`	`go m.processCNIRequests()`
`183`	`183`
`184`		`- m.cniServer = cniserver.NewCNIServer(rundir, &cniserver.Config{MTU: m.mtu})`
	`184`	`+ m.cniServer = cniserver.NewCNIServer(rundir, &cniserver.Config{MTU: m.mtu, ServiceNetworkCIDR: serviceNetworkCIDR})`
`185`	`185`	`return m.cniServer.Start(m.handleCNIRequest)`
`186`	`186`	`}`
`187`	`187`
Original file line number	Diff line number	Diff line change
`@@ -83,7 +83,7 @@ func TestOpenshiftSdnCNIPlugin(t *testing.T) {`
`83`	`83`	`defer os.RemoveAll(tmpDir)`
`84`	`84`
`85`	`85`	`path := filepath.Join(tmpDir, cniserver.CNIServerSocketName)`
`86`		`- server := cniserver.NewCNIServer(tmpDir, &cniserver.Config{MTU: 1500})`
	`86`	`+ server := cniserver.NewCNIServer(tmpDir, &cniserver.Config{MTU: 1500, ServiceNetworkCIDR: "172.30.0.0/16"})`
`87`	`87`	`if err := server.Start(serverHandleCNI); err != nil {`
`88`	`88`	`t.Fatalf("error starting CNI server: %v", err)`
`89`	`89`	`}`