From 1960a980d573faf7f880fd93fc0f9da5b7551479 Mon Sep 17 00:00:00 2001 From: Ram Lavi Date: Sun, 4 Aug 2024 11:50:50 +0300 Subject: [PATCH] network/kubevirt-ipam-controller: Add new net-attach-def resource This resource does not belong to kubevirt-ipam-controller, but is currently piggy-backing this component in order to deploy the primary user-defined-network net-attach-def [0]. This net-attach-def is deployed on default namespace, as this way it will be available to all VMs that need to consume it. [0] https://kubevirt.io/user-guide/network/network_binding_plugins/#deployment Signed-off-by: Ram Lavi --- .../004-primary-udn-networkattachdef.yaml | 18 ++++++ .../bump-kubevirt-ipam-controller.sh | 2 +- pkg/network/kubevirt_ipam_controller.go | 1 + pkg/network/kubevirt_ipam_controller_test.go | 63 +++++++++++++++++++ test/check/check.go | 10 +++ test/check/components.go | 12 ++-- 6 files changed, 100 insertions(+), 6 deletions(-) create mode 100644 data/kubevirt-ipam-controller/004-primary-udn-networkattachdef.yaml create mode 100644 pkg/network/kubevirt_ipam_controller_test.go diff --git a/data/kubevirt-ipam-controller/004-primary-udn-networkattachdef.yaml b/data/kubevirt-ipam-controller/004-primary-udn-networkattachdef.yaml new file mode 100644 index 0000000000..2916e9eec0 --- /dev/null +++ b/data/kubevirt-ipam-controller/004-primary-udn-networkattachdef.yaml @@ -0,0 +1,18 @@ +{{ if .EnableNetworkAttachmentDefinition }} +--- +apiVersion: "k8s.cni.cncf.io/v1" +kind: NetworkAttachmentDefinition +metadata: + name: primary-user-defined-network + namespace: default +spec: + config: '{ + "cniVersion": "1.0.0", + "name": "primary-user-defined-network", + "plugins": [ + { + "type": "cni-passt-binding-plugin" + } + ] +}' +{{ end }} diff --git a/hack/components/bump-kubevirt-ipam-controller.sh b/hack/components/bump-kubevirt-ipam-controller.sh index ebfac4b77f..00d7bb1f86 100755 --- a/hack/components/bump-kubevirt-ipam-controller.sh +++ b/hack/components/bump-kubevirt-ipam-controller.sh @@ -148,7 +148,7 @@ echo 'Adjust kubevirt-ipam-controller to CNAO' echo 'Copy manifests' shopt -s extglob -rm -rf data/kubevirt-ipam-controller/!(002-rbac.yaml) +rm -rf data/kubevirt-ipam-controller/!(002-rbac.yaml|004-primary-udn-networkattachdef.yaml) # CRD crd_manifest="https://raw.githubusercontent.com/k8snetworkplumbingwg/ipamclaims/${IPAMCLAIMS_CRD_VERSION}/artifacts/k8s.cni.cncf.io_ipamclaims.yaml" diff --git a/pkg/network/kubevirt_ipam_controller.go b/pkg/network/kubevirt_ipam_controller.go index ee6cf90a0e..b1ddac5109 100644 --- a/pkg/network/kubevirt_ipam_controller.go +++ b/pkg/network/kubevirt_ipam_controller.go @@ -49,6 +49,7 @@ func renderKubevirtIPAMController(conf *cnao.NetworkAddonsConfigSpec, manifestDi } data.Data["IsOpenshift"] = clusterInfo.OpenShift4 data.Data["EnableSCC"] = clusterInfo.SCCAvailable + data.Data["EnableNetworkAttachmentDefinition"] = clusterInfo.NetAttachDefAvailable objs, err := render.RenderDir(filepath.Join(manifestDir, "kubevirt-ipam-controller"), &data) if err != nil { diff --git a/pkg/network/kubevirt_ipam_controller_test.go b/pkg/network/kubevirt_ipam_controller_test.go new file mode 100644 index 0000000000..13939dbb41 --- /dev/null +++ b/pkg/network/kubevirt_ipam_controller_test.go @@ -0,0 +1,63 @@ +package network + +import ( + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + + osv1 "github.com/openshift/api/operator/v1" + v1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime/schema" + + cnao "github.com/kubevirt/cluster-network-addons-operator/pkg/apis/networkaddonsoperator/shared" +) + +var _ = Describe("Testing kubevirt ipam controller", func() { + Context("Render KubevirtIpamController", func() { + conf := &cnao.NetworkAddonsConfigSpec{ImagePullPolicy: v1.PullAlways, Multus: &cnao.Multus{}, KubevirtIpamController: &cnao.KubevirtIpamController{}, PlacementConfiguration: &cnao.PlacementConfiguration{Workloads: &cnao.Placement{}}} + manifestDir := "../../data" + openshiftNetworkConf := &osv1.Network{} + clusterInfo := &ClusterInfo{SCCAvailable: true, OpenShift4: false} + expectedGroupVersionKind := schema.GroupVersionKind{ + Group: "k8s.cni.cncf.io", + Kind: "NetworkAttachmentDefinition", + Version: "v1", + } + const expectedName = "primary-user-defined-network" + + It("and NetAttachDefAvailable resource is available, should add the primary-udn network-attach-def obj", func() { + clusterInfo.NetAttachDefAvailable = true + objs, err := Render(conf, manifestDir, openshiftNetworkConf, clusterInfo) + Expect(err).NotTo(HaveOccurred()) + Expect(objs).NotTo(BeEmpty()) + + Expect(objs).To(ContainElement( + SatisfyAll( + WithTransform(func(obj *unstructured.Unstructured) string { + return obj.GetName() + }, Equal(expectedName)), + WithTransform(func(obj *unstructured.Unstructured) schema.GroupVersionKind { + return obj.GetObjectKind().GroupVersionKind() + }, Equal(expectedGroupVersionKind)), + ), + )) + }) + It("and NetAttachDefAvailable resource is not available, should not add the primary-udn network-attach-def obj", func() { + clusterInfo.NetAttachDefAvailable = false + objs, err := Render(conf, manifestDir, openshiftNetworkConf, clusterInfo) + Expect(err).NotTo(HaveOccurred()) + Expect(objs).NotTo(BeEmpty()) + + Expect(objs).ToNot(ContainElement( + SatisfyAll( + WithTransform(func(obj *unstructured.Unstructured) string { + return obj.GetName() + }, Equal(expectedName)), + WithTransform(func(obj *unstructured.Unstructured) schema.GroupVersionKind { + return obj.GetObjectKind().GroupVersionKind() + }, Equal(expectedGroupVersionKind)), + ), + )) + }) + }) +}) diff --git a/test/check/check.go b/test/check/check.go index e47f3ab60d..4128b5119a 100644 --- a/test/check/check.go +++ b/test/check/check.go @@ -13,6 +13,7 @@ import ( . "github.com/onsi/gomega" monitoringv1 "github.com/coreos/prometheus-operator/pkg/apis/monitoring/v1" + k8snetworkplumbingwgv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1" testenv "github.com/kubevirt/cluster-network-addons-operator/test/env" conditionsv1 "github.com/openshift/custom-resource-status/conditions/v1" securityapi "github.com/openshift/origin/pkg/security/apis/security" @@ -389,6 +390,10 @@ func checkForComponentRemoval(component *Component) error { errsAppend(checkForPrometheusRuleRemoval(component.PrometheusRule)) } + if component.networkAttachmentDefinition != "" { + errsAppend(checkForNetworkAttachmentDefinitionRemoval(component.PrometheusRule)) + } + return errsToErr(errs) } @@ -708,6 +713,11 @@ func checkForPrometheusRuleRemoval(name string) error { return isNotFound("PrometheusRule", name, err) } +func checkForNetworkAttachmentDefinitionRemoval(name string) error { + err := testenv.Client.Get(context.Background(), types.NamespacedName{Name: name, Namespace: corev1.NamespaceDefault}, &k8snetworkplumbingwgv1.NetworkAttachmentDefinition{}) + return isNotFound("NetworkAttachmentDefinition", name, err) +} + func getMonitoringEndpoint() (*corev1.Endpoints, error) { By("Finding CNAO prometheus endpoint") endpoint := &corev1.Endpoints{} diff --git a/test/check/components.go b/test/check/components.go index ebd5ee0fd8..7a4be9af5a 100644 --- a/test/check/components.go +++ b/test/check/components.go @@ -20,6 +20,7 @@ type Component struct { Service string ServiceMonitor string PrometheusRule string + networkAttachmentDefinition string } var ( @@ -87,11 +88,12 @@ var ( Deployments: []string{"secondary-dns"}, } KubevirtIpamController = Component{ - ComponentName: "KubevirtIpamController", - ClusterRole: "kubevirt-ipam-controller-manager-role", - ClusterRoleBinding: "kubevirt-ipam-controller-manager-rolebinding", - Deployments: []string{"kubevirt-ipam-controller-manager"}, - DaemonSets: []string{"passt-binding-cni"}, + ComponentName: "KubevirtIpamController", + ClusterRole: "kubevirt-ipam-controller-manager-role", + ClusterRoleBinding: "kubevirt-ipam-controller-manager-rolebinding", + Deployments: []string{"kubevirt-ipam-controller-manager"}, + DaemonSets: []string{"passt-binding-cni"}, + networkAttachmentDefinition: "primary-user-defined-network", } AllComponents = []Component{ KubeMacPoolComponent,