Skip to content

Commit

Permalink
Merge pull request #958 from chenlin07/topic/chenlin/fix-empty-ip-poo…
Browse files Browse the repository at this point in the history
…l-type

Fix empty pod ip pool type check
  • Loading branch information
k8s-ci-robot authored Mar 26, 2024
2 parents 0f58145 + f4667f8 commit b7b7109
Show file tree
Hide file tree
Showing 3 changed files with 82 additions and 19 deletions.
22 changes: 3 additions & 19 deletions pkg/cloudprovider/vsphereparavirtual/cloud.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,12 +46,6 @@ const (

// CloudControllerManagerNS is the namespace for vsphere paravirtual cluster cloud provider
CloudControllerManagerNS = "vmware-system-cloud-provider"

// PublicIPPoolType allows Pod IP address routable outside of Tier 0 router.
PublicIPPoolType = "Public"

// PrivateIPPoolType allows Pod IP address routable within VPC router.
PrivateIPPoolType = "Private"
)

var (
Expand Down Expand Up @@ -111,19 +105,9 @@ func newVSphereParavirtual(cfg *cpcfg.Config) (*VSphereParavirtual, error) {
func (cp *VSphereParavirtual) Initialize(clientBuilder cloudprovider.ControllerClientBuilder, stop <-chan struct{}) {
klog.V(0).Info("Initing vSphere Paravirtual Cloud Provider")

if vpcModeEnabled {
if podIPPoolType != PublicIPPoolType && podIPPoolType != PrivateIPPoolType {
klog.Fatalf("Pod IP Pool Type can be either Public or Private in VPC network, %s is not supported", podIPPoolType)
}

if podIPPoolType == "" {
podIPPoolType = PrivateIPPoolType
}
} else {
// NSX-T T1 or VDS network
if podIPPoolType != "" {
klog.Fatal("Pod IP Pool Type can be set only when the network is VPC")
}
err := checkPodIPPoolType(vpcModeEnabled, podIPPoolType)
if err != nil {
klog.Fatalf("Invalid IP pool type: %v", err)
}

ownerRef, err := readOwnerRef(VsphereParavirtualCloudProviderConfigPath)
Expand Down
23 changes: 23 additions & 0 deletions pkg/cloudprovider/vsphereparavirtual/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,10 @@ const (
SupervisorServiceAccountNameEnv string = "SUPERVISOR_CLUSTER_SERVICEACCOUNT_SECRET_NAME"
// SupervisorAPIServerFQDN reads supervisor service API server's fully qualified domain name from env
SupervisorAPIServerFQDN string = "supervisor.default.svc"
// PublicIPPoolType allows Pod IP address routable outside of Tier 0 router.
PublicIPPoolType = "Public"
// PrivateIPPoolType allows Pod IP address routable within VPC router.
PrivateIPPoolType = "Private"
)

// SupervisorEndpoint is the supervisor cluster endpoint
Expand Down Expand Up @@ -135,3 +139,22 @@ func getRestConfig(svConfigPath string) (*rest.Config, error) {
BearerToken: string(token),
}, nil
}

func checkPodIPPoolType(vpcModeEnabled bool, podIPPoolType string) error {
if vpcModeEnabled {
if podIPPoolType == "" {
return errors.New("--pod-ip-pool-type is required in the NSX-T VPC network")
}

if podIPPoolType != PublicIPPoolType && podIPPoolType != PrivateIPPoolType {
return errors.New("--pod-ip-pool-type can be either Public or Private in NSX-T VPC network, " + podIPPoolType + " is not supported")

}
} else {
// NSX-T T1 or VDS network
if podIPPoolType != "" {
return errors.New("--pod-ip-pool-type can be set only when the network is VPC")
}
}
return nil
}
56 changes: 56 additions & 0 deletions pkg/cloudprovider/vsphereparavirtual/config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ import (
"os"
"testing"

"github.com/stretchr/testify/assert"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
)
Expand Down Expand Up @@ -267,6 +268,61 @@ func TestGetRestConfig(t *testing.T) {
}
}

func TestCheckPodIPPoolType(t *testing.T) {
tests := []struct {
vpcModeEnabled bool
podIPPoolType string
expectedErrorMsg string
name string
}{
{
name: "If VPC mode is not enabled, --pod-ip-pool-type should be empty",
vpcModeEnabled: false,
podIPPoolType: "",
expectedErrorMsg: "",
},
{
name: "If VPC mode is not enabled, throw out error if --pod-ip-pool-type is not empty",
vpcModeEnabled: false,
podIPPoolType: "test-ns",
expectedErrorMsg: "--pod-ip-pool-type can be set only when the network is VPC",
},
{
name: "If VPC mode is enabled, throw error if --pod-ip-pool-type is not Public or Private",
vpcModeEnabled: true,
podIPPoolType: "test-ns",
expectedErrorMsg: "--pod-ip-pool-type can be either Public or Private in NSX-T VPC network, test-ns is not supported",
},
{
name: "If VPC mode is enabled, throw error if --pod-ip-pool-type is empty",
vpcModeEnabled: true,
podIPPoolType: "",
expectedErrorMsg: "--pod-ip-pool-type is required in the NSX-T VPC network",
},
{
name: "Pod IP Pool type should be successfully set as Public",
vpcModeEnabled: true,
podIPPoolType: "Public",
expectedErrorMsg: "",
},
{
name: "Pod IP Pool type should be successfully set as Private",
vpcModeEnabled: true,
podIPPoolType: "Private",
expectedErrorMsg: "",
},
}

for _, test := range tests {
err := checkPodIPPoolType(test.vpcModeEnabled, test.podIPPoolType)
if test.expectedErrorMsg == "" {
assert.Equal(t, err, nil)
} else {
assert.Equal(t, err.Error(), test.expectedErrorMsg)
}
}
}

func createTestFile(dir, filename, content string) error {
tmpFile, err := os.Create(dir + "/" + filename)
if err != nil {
Expand Down

0 comments on commit b7b7109

Please sign in to comment.