Allowing multiple CIDR addresses for an openshift cluster to allocate nodes from

This is all the human edited files pretaining to that so far

Author: JacobTanenbaum

pkg/cmd/cli/describe/printer.go

@@ -1002,9 +1002,16 @@ func printNetNamespaceList(list *sdnapi.NetNamespaceList, w io.Writer, opts kpri
 }
 
 func printClusterNetwork(n *sdnapi.ClusterNetwork, w io.Writer, opts kprinters.PrintOptions) error {
+	var cidrList []string
 	name := formatResourceName(opts.Kind, n.Name, opts.WithKind)
-	_, err := fmt.Fprintf(w, "%s\t%s\t%d\t%s\t%s\n", name, n.Network, n.HostSubnetLength, n.ServiceNetwork, n.PluginName)
-	return err
+	for _, cidr := range n.ClusterNetworks {
+		cidrList = append(cidrList, cidr.CIDR)
+		_, err := fmt.Fprintf(w, "%s\t%s\t%d\t%s\t%s\n", name, cidr.CIDR, n.HostSubnetLength, n.ServiceNetwork, n.PluginName)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
 }
 
 func printClusterNetworkList(list *sdnapi.ClusterNetworkList, w io.Writer, opts kprinters.PrintOptions) error {

pkg/cmd/server/api/types.go

@@ -611,10 +611,11 @@ type UserAgentDenyRule struct {
 
 // MasterNetworkConfig to be passed to the compiled in network plugin
 type MasterNetworkConfig struct {
-	NetworkPluginName  string
-	ClusterNetworkCIDR string
-	HostSubnetLength   uint32
-	ServiceNetworkCIDR string
+	NetworkPluginName    string
+	DeprecatedClusterNetworkCIDR   string
+	ClusterNetworks []ClusterNetworkEntry
+	HostSubnetLength     uint32
+	ServiceNetworkCIDR   string
 	// ExternalIPNetworkCIDRs controls what values are acceptable for the service external IP field. If empty, no externalIP
 	// may be set. It may contain a list of CIDRs which are checked for access. If a CIDR is prefixed with !, IPs in that
 	// CIDR will be rejected. Rejections will be applied first, then the IP checked against one of the allowed CIDRs. You
@@ -627,6 +628,10 @@ type MasterNetworkConfig struct {
 	IngressIPNetworkCIDR string
 }
 
+type ClusterNetworkEntry struct {
+	CIDR string
+}
+
 type ImageConfig struct {
 	// Format describes how to determine image names for system components
 	Format string

pkg/cmd/server/api/v1/conversions.go

@@ -78,6 +78,9 @@ func addDefaultingFuncs(scheme *runtime.Scheme) error {
 			}
 			setDefault_ClientConnectionOverrides(obj.MasterClients.ExternalKubernetesClientConnectionOverrides)
 
+			if len(obj.NetworkConfig.ClusterNetworks) == 0 {
+				obj.NetworkConfig.ClusterNetworks = []ClusterNetworkEntry{{CIDR: obj.NetworkConfig.DeprecatedClusterNetworkCIDR}}
+			}
 			// Populate the new NetworkConfig.ServiceNetworkCIDR field from the KubernetesMasterConfig.ServicesSubnet field if needed
 			if len(obj.NetworkConfig.ServiceNetworkCIDR) == 0 {
 				if obj.KubernetesMasterConfig != nil && len(obj.KubernetesMasterConfig.ServicesSubnet) > 0 {
@@ -95,8 +98,10 @@ func addDefaultingFuncs(scheme *runtime.Scheme) error {
 
 			if noCloudProvider && len(obj.NetworkConfig.IngressIPNetworkCIDR) == 0 {
 				cidr := internal.DefaultIngressIPNetworkCIDR
-				if !(internal.CIDRsOverlap(cidr, obj.NetworkConfig.ClusterNetworkCIDR) || internal.CIDRsOverlap(cidr, obj.NetworkConfig.ServiceNetworkCIDR)) {
-					obj.NetworkConfig.IngressIPNetworkCIDR = cidr
+				for _, entry := range obj.NetworkConfig.ClusterNetworks {
+					if !(internal.CIDRsOverlap(cidr, entry.CIDR) || internal.CIDRsOverlap(cidr, obj.NetworkConfig.ServiceNetworkCIDR)) {
+						obj.NetworkConfig.IngressIPNetworkCIDR = cidr
+					}
 				}
 			}
 

pkg/cmd/server/api/v1/types.go

@@ -495,8 +495,10 @@ type RoutingConfig struct {
 type MasterNetworkConfig struct {
 	// NetworkPluginName is the name of the network plugin to use
 	NetworkPluginName string `json:"networkPluginName"`
-	// ClusterNetworkCIDR is the CIDR string to specify the global overlay network's L3 space
-	ClusterNetworkCIDR string `json:"clusterNetworkCIDR"`
+	// Deprecated and maintained for backwards compatibility, use ClusterNetworks instead
+	DeprecatedClusterNetworkCIDR string `json:"clusterNetworkCIDR,omitempty`
+	// ClusterNetworks is a list of cluster networks that defines the global overlay network's L3 space
+	ClusterNetworks []ClusterNetworkEntry `json:"clusterNetworks"`
 	// HostSubnetLength is the number of bits to allocate to each host's subnet e.g. 8 would mean a /24 network on the host
 	HostSubnetLength uint32 `json:"hostSubnetLength"`
 	// ServiceNetwork is the CIDR string to specify the service networks
@@ -513,6 +515,11 @@ type MasterNetworkConfig struct {
 	IngressIPNetworkCIDR string `json:"ingressIPNetworkCIDR"`
 }
 
+// ClusterNetworkEntry defines an L3 space for the global overlay network
+type ClusterNetworkEntry struct {
+	CIDR string `json:"cidr"`
+}
+
 // ImageConfig holds the necessary configuration options for building image names for system components
 type ImageConfig struct {
 	// Format is the format of the name to be built for the system component

pkg/cmd/server/api/v1/types_test.go

@@ -216,6 +216,7 @@ masterClients:
 masterPublicURL: ""
 networkConfig:
   clusterNetworkCIDR: ""
+  clusterNetworkConfig: null
   externalIPNetworkCIDRs: null
   hostSubnetLength: 0
   ingressIPNetworkCIDR: ""

pkg/cmd/server/api/validation/master.go

@@ -766,8 +766,10 @@ func ValidateIngressIPNetworkCIDR(config *api.MasterConfig, fldPath *field.Path)
 	noCloudProvider := kubeConfig != nil && (len(kubeConfig.ControllerArguments["cloud-provider"]) == 0 || kubeConfig.ControllerArguments["cloud-provider"][0] == "")
 
 	if noCloudProvider {
-		if api.CIDRsOverlap(cidr, config.NetworkConfig.ClusterNetworkCIDR) {
-			addError("conflicts with cluster network CIDR")
+		for _, entry := range config.NetworkConfig.ClusterNetworks {
+			if api.CIDRsOverlap(cidr, entry.CIDR) {
+				addError("conflicts with cluster network CIDR")
+			}
 		}
 		if api.CIDRsOverlap(cidr, config.NetworkConfig.ServiceNetworkCIDR) {
 			addError("conflicts with service network CIDR")

pkg/cmd/server/origin/master_config.go

@@ -823,7 +823,12 @@ func newAdmissionChain(pluginNames []string, admissionConfigFilename string, plu
 
 		case serviceadmit.RestrictedEndpointsPluginName:
 			// we need to set some customer parameters, so create by hand
-			restrictedNetworks, err := serviceadmit.ParseSimpleCIDRRules([]string{options.NetworkConfig.ClusterNetworkCIDR, options.NetworkConfig.ServiceNetworkCIDR})
+			var restricted []string
+			restricted = append(restricted, options.NetworkConfig.ServiceNetworkCIDR)
+			for _, cidr := range options.NetworkConfig.ClusterNetworks {
+				restricted = append(restricted, cidr.CIDR)
+			}
+			restrictedNetworks, err := serviceadmit.ParseSimpleCIDRRules(restricted)
 			if err != nil {
 				// should have been caught with validation
 				return nil, err

pkg/cmd/server/start/master_args.go

@@ -6,6 +6,7 @@ import (
 	"net/url"
 	"path"
 	"strconv"
+	"strings"
 
 	"github.com/spf13/pflag"
 
@@ -188,6 +189,15 @@ func (args MasterArgs) BuildSerializeableMasterConfig() (*configapi.MasterConfig
 
 	dnsServingInfo := servingInfoForAddr(&dnsBindAddr)
 
+	var clusterNetworkConfig []configapi.ClusterNetworkEntry
+
+	for _, cidr := range strings.Split(args.NetworkArgs.ClusterNetworkCIDR, ",") {
+		clusterNetworkEntry := configapi.ClusterNetworkEntry{
+			CIDR: cidr,
+		}
+		clusterNetworkConfig = append(clusterNetworkConfig, clusterNetworkEntry)
+	}
+
 	config := &configapi.MasterConfig{
 		ServingInfo: configapi.HTTPServingInfo{
 			ServingInfo: listenServingInfo,
@@ -263,10 +273,10 @@ func (args MasterArgs) BuildSerializeableMasterConfig() (*configapi.MasterConfig
 		},
 
 		NetworkConfig: configapi.MasterNetworkConfig{
-			NetworkPluginName:  args.NetworkArgs.NetworkPluginName,
-			ClusterNetworkCIDR: args.NetworkArgs.ClusterNetworkCIDR,
-			HostSubnetLength:   args.NetworkArgs.HostSubnetLength,
-			ServiceNetworkCIDR: args.NetworkArgs.ServiceNetworkCIDR,
+			NetworkPluginName:    args.NetworkArgs.NetworkPluginName,
+			ClusterNetworks: clusterNetworkConfig,
+			HostSubnetLength:     args.NetworkArgs.HostSubnetLength,
+			ServiceNetworkCIDR:   args.NetworkArgs.ServiceNetworkCIDR,
 		},
 
 		VolumeConfig: configapi.MasterVolumeConfig{

pkg/sdn/apis/network/types.go

@@ -16,11 +16,16 @@ type ClusterNetwork struct {
 	metav1.ObjectMeta
 
 	Network          string
+	ClusterNetworks  []ClusterNetworkEntry
 	HostSubnetLength uint32
 	ServiceNetwork   string
 	PluginName       string
 }
 
+type ClusterNetworkEntry struct {
+	CIDR string
+}
+
 type ClusterNetworkList struct {
 	metav1.TypeMeta
 	metav1.ListMeta

pkg/sdn/apis/network/v1/types.go

@@ -20,6 +20,8 @@ type ClusterNetwork struct {
 
 	// Network is a CIDR string specifying the global overlay network's L3 space
 	Network string `json:"network" protobuf:"bytes,2,opt,name=network"`
+	// PLACEHOLDER
+	ClusterNetworks []ClusterNetworkEntry `json:"clusterNetworks" protobuf:"bytes,6,rep,name=clusterNetworks"`
 	// HostSubnetLength is the number of bits of network to allocate to each node. eg, 8 would mean that each node would have a /24 slice of the overlay network for its pods
 	HostSubnetLength uint32 `json:"hostsubnetlength" protobuf:"varint,3,opt,name=hostsubnetlength"`
 	// ServiceNetwork is the CIDR range that Service IP addresses are allocated from
@@ -28,6 +30,11 @@ type ClusterNetwork struct {
 	PluginName string `json:"pluginName,omitempty" protobuf:"bytes,5,opt,name=pluginName"`
 }
 
+// PLACEHOLDER
+type ClusterNetworkEntry struct {
+	CIDR string `json:"CIDR" protobuf:"bytes,1,opt,name=CIDR"`
+}
+
 // ClusterNetworkList is a collection of ClusterNetworks
 type ClusterNetworkList struct {
 	metav1.TypeMeta `json:",inline"`

pkg/sdn/apis/network/validation/validation.go

@@ -20,38 +20,52 @@ func SetDefaultClusterNetwork(cn sdnapi.ClusterNetwork) {
 	defaultClusterNetwork = &cn
 }
 
+
 // ValidateClusterNetwork tests if required fields in the ClusterNetwork are set, and ensures that the "default" ClusterNetwork can only be set to the correct values
 func ValidateClusterNetwork(clusterNet *sdnapi.ClusterNetwork) field.ErrorList {
 	allErrs := validation.ValidateObjectMeta(&clusterNet.ObjectMeta, false, path.ValidatePathSegmentName, field.NewPath("metadata"))
 
-	clusterIPNet, err := netutils.ParseCIDRMask(clusterNet.Network)
-	if err != nil {
-		allErrs = append(allErrs, field.Invalid(field.NewPath("network"), clusterNet.Network, err.Error()))
-	} else {
-		maskLen, addrLen := clusterIPNet.Mask.Size()
-		if clusterNet.HostSubnetLength > uint32(addrLen-maskLen) {
-			allErrs = append(allErrs, field.Invalid(field.NewPath("hostSubnetLength"), clusterNet.HostSubnetLength, "subnet length is too large for clusterNetwork"))
-		} else if clusterNet.HostSubnetLength < 2 {
-			allErrs = append(allErrs, field.Invalid(field.NewPath("hostSubnetLength"), clusterNet.HostSubnetLength, "subnet length must be at least 2"))
-		}
-	}
-
-	serviceIPNet, err := netutils.ParseCIDRMask(clusterNet.ServiceNetwork)
-	if err != nil {
-		allErrs = append(allErrs, field.Invalid(field.NewPath("serviceNetwork"), clusterNet.ServiceNetwork, err.Error()))
+	if len(clusterNet.ClusterNetworks) == 0 {
+		allErrs = append(allErrs, field.Invalid(field.NewPath("clusterNetworks"), clusterNet.ClusterNetworks, "empty"))
 	}
+	for _, cidr := range clusterNet.ClusterNetworks {
+		clusterIPNet, err := netutils.ParseCIDRMask(cidr.CIDR)
+		if err != nil {
+			allErrs = append(allErrs, field.Invalid(field.NewPath("network"), cidr.CIDR, err.Error()))
+		} else {
+			maskLen, addrLen := clusterIPNet.Mask.Size()
+			if clusterNet.HostSubnetLength > uint32(addrLen-maskLen) {
+				allErrs = append(allErrs, field.Invalid(field.NewPath("hostSubnetLength"), clusterNet.HostSubnetLength, "subnet length is too large for clusterNetwork"))
+			} else if clusterNet.HostSubnetLength < 2 {
+				allErrs = append(allErrs, field.Invalid(field.NewPath("hostSubnetLength"), clusterNet.HostSubnetLength, "subnet length must be at least 2"))
+			}
+		}
 
-	if (clusterIPNet != nil) && (serviceIPNet != nil) && clusterIPNet.Contains(serviceIPNet.IP) {
-		allErrs = append(allErrs, field.Invalid(field.NewPath("serviceNetwork"), clusterNet.ServiceNetwork, "service network overlaps with cluster network"))
-	}
-	if (serviceIPNet != nil) && (clusterIPNet != nil) && serviceIPNet.Contains(clusterIPNet.IP) {
-		allErrs = append(allErrs, field.Invalid(field.NewPath("network"), clusterNet.Network, "cluster network overlaps with service network"))
+		serviceIPNet, err := netutils.ParseCIDRMask(clusterNet.ServiceNetwork)
+		if err != nil {
+			allErrs = append(allErrs, field.Invalid(field.NewPath("serviceNetwork"), clusterNet.ServiceNetwork, err.Error()))
+		}
+		if (clusterIPNet != nil) && (serviceIPNet != nil) && clusterIPNet.Contains(serviceIPNet.IP) {
+			allErrs = append(allErrs, field.Invalid(field.NewPath("serviceNetwork"), clusterNet.ServiceNetwork, "service network overlaps with cluster network"))
+		}
+		if (serviceIPNet != nil) && (clusterIPNet != nil) && serviceIPNet.Contains(clusterIPNet.IP) {
+			allErrs = append(allErrs, field.Invalid(field.NewPath("network"), clusterNet.Network, "cluster network overlaps with service network"))
+		}
 	}
 
 	if clusterNet.Name == sdnapi.ClusterNetworkDefault && defaultClusterNetwork != nil {
-		if clusterNet.Network != defaultClusterNetwork.Network {
-			allErrs = append(allErrs, field.Invalid(field.NewPath("network"), clusterNet.Network, "cannot change the default ClusterNetwork record via API."))
+		if len(clusterNet.ClusterNetworks) == len(defaultClusterNetwork.ClusterNetworks){
+			for index := range defaultClusterNetwork.ClusterNetworks {
+				if clusterNet.ClusterNetworks[index] != defaultClusterNetwork.ClusterNetworks[index] {
+					allErrs = append(allErrs, field.Invalid(field.NewPath("ClusterNetworks"), clusterNet.ClusterNetworks, "cannot change the default ClusterNetwork record via API"))
+				}
+			}
+		} else {
+			allErrs = append(allErrs, field.Invalid(field.NewPath("ClusterDef"), clusterNet.ClusterNetworks, "cannot change the default ClusterNetwork record via API"))
 		}
+		//		if clusterNet.Network != defaultClusterNetwork.Network {
+		//			allErrs = append(allErrs, field.Invalid(field.NewPath("network"), clusterNet.Network, "cannot change the default ClusterNetwork record via API."))
+		//		}
 		if clusterNet.HostSubnetLength != defaultClusterNetwork.HostSubnetLength {
 			allErrs = append(allErrs, field.Invalid(field.NewPath("hostSubnetLength"), clusterNet.HostSubnetLength, "cannot change the default ClusterNetwork record via API."))
 		}