Skip to content

Commit

Permalink
Add toMultiClusterServices field for Antrea-native policies
Browse files Browse the repository at this point in the history 
Signed-off-by: Dyanngg <[email protected]>
  • Loading branch information
@Dyanngg
Dyanngg committed Nov 21, 2022
1 parent bd9d56d commit 36a37b9
Show file tree
Hide file tree
Showing 19 changed files with 299 additions and 26 deletions.
11 changes: 11 additions & 0 deletions build/charts/antrea/crds/clusternetworkpolicy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -604,6 +604,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down
11 changes: 11 additions & 0 deletions build/charts/antrea/crds/networkpolicy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -519,6 +519,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down
22 changes: 22 additions & 0 deletions build/yamls/antrea-aks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -982,6 +982,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down Expand Up @@ -2013,6 +2024,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down
22 changes: 22 additions & 0 deletions build/yamls/antrea-crds.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -975,6 +975,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down Expand Up @@ -1994,6 +2005,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down
22 changes: 22 additions & 0 deletions build/yamls/antrea-eks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -982,6 +982,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down Expand Up @@ -2013,6 +2024,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down
22 changes: 22 additions & 0 deletions build/yamls/antrea-gke.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -982,6 +982,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down Expand Up @@ -2013,6 +2024,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down
22 changes: 22 additions & 0 deletions build/yamls/antrea-ipsec.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -982,6 +982,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down Expand Up @@ -2013,6 +2024,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down
22 changes: 22 additions & 0 deletions build/yamls/antrea.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -982,6 +982,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down Expand Up @@ -2013,6 +2024,17 @@ spec:
type: string
namespace:
type: string
toMultiClusterServices:
type: array
items:
type: object
required:
- name
properties:
name:
type: string
namespace:
type: string
name:
type: string
enableLogging:
Expand Down
4 changes: 4 additions & 0 deletions multicluster/controllers/multicluster/common/helper.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,10 @@ func NamespacedName(namespace, name string) string {
return namespace + "/" + name
}

func ToMCResourceName(originalResourceName string) string {
return AntreaMCSPrefix + originalResourceName
}

func StringExistsInSlice(slice []string, s string) bool {
for _, item := range slice {
if item == s {
Expand Down
6 changes: 3 additions & 3 deletions multicluster/controllers/multicluster/commonarea/acnp_resourceimport_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ func (r *ResourceImportReconciler) handleResImpUpdateForClusterNetworkPolicy(ctx
}
acnpName := types.NamespacedName{
Namespace: "",
Name: common.AntreaMCSPrefix + resImp.Spec.Name,
Name: common.ToMCResourceName(resImp.Spec.Name),
}
klog.InfoS("Updating ACNP corresponding to ResourceImport",
"acnp", acnpName.String(), "resourceimport", klog.KObj(resImp))
Expand Down Expand Up @@ -111,7 +111,7 @@ func (r *ResourceImportReconciler) handleResImpUpdateForClusterNetworkPolicy(ctx
}

func (r *ResourceImportReconciler) handleResImpDeleteForClusterNetworkPolicy(ctx context.Context, resImp *multiclusterv1alpha1.ResourceImport) (ctrl.Result, error) {
acnpName := common.AntreaMCSPrefix + resImp.Spec.Name
acnpName := common.ToMCResourceName(resImp.Spec.Name)
klog.InfoS("Deleting ACNP corresponding to ResourceImport",
"acnp", acnpName, "resourceimport", klog.KObj(resImp))

Expand All @@ -132,7 +132,7 @@ func (r *ResourceImportReconciler) handleResImpDeleteForClusterNetworkPolicy(ctx
func getMCAntreaClusterPolicy(resImp *multiclusterv1alpha1.ResourceImport) *v1alpha1.ClusterNetworkPolicy {
return &v1alpha1.ClusterNetworkPolicy{
ObjectMeta: metav1.ObjectMeta{
Name: common.AntreaMCSPrefix + resImp.Spec.Name,
Name: common.ToMCResourceName(resImp.Spec.Name),
Annotations: map[string]string{
common.AntreaMCACNPAnnotation: "true",
},
Expand Down
12 changes: 6 additions & 6 deletions multicluster/controllers/multicluster/commonarea/resourceimport_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,7 @@ func (r *ResourceImportReconciler) Reconcile(ctx context.Context, req ctrl.Reque

func (r *ResourceImportReconciler) handleResImpUpdateForService(ctx context.Context, resImp *multiclusterv1alpha1.ResourceImport) (ctrl.Result, error) {
svcImpName := types.NamespacedName{Namespace: resImp.Spec.Namespace, Name: resImp.Spec.Name}
svcName := types.NamespacedName{Namespace: resImp.Spec.Namespace, Name: common.AntreaMCSPrefix + resImp.Spec.Name}
svcName := types.NamespacedName{Namespace: resImp.Spec.Namespace, Name: common.ToMCResourceName(resImp.Spec.Name)}
klog.InfoS("Updating Service and ServiceImport corresponding to ResourceImport",
"service", svcName.String(), "serviceimport", svcImpName.String(), "resourceimport", klog.KObj(resImp))

Expand Down Expand Up @@ -224,14 +224,14 @@ func (r *ResourceImportReconciler) handleResImpUpdateForService(ctx context.Cont

func (r *ResourceImportReconciler) handleResImpDeleteForService(ctx context.Context, resImp *multiclusterv1alpha1.ResourceImport) (ctrl.Result, error) {
svcImpName := common.NamespacedName(resImp.Spec.Namespace, resImp.Spec.Name)
svcName := common.NamespacedName(resImp.Spec.Namespace, common.AntreaMCSPrefix+resImp.Spec.Name)
svcName := common.NamespacedName(resImp.Spec.Namespace, common.ToMCResourceName(resImp.Spec.Name))
klog.InfoS("Deleting Service and ServiceImport corresponding to ResourceImport", "service", svcName,
"serviceImport", svcImpName, "resourceimport", klog.KObj(resImp))

svc := &corev1.Service{
ObjectMeta: metav1.ObjectMeta{
Namespace: resImp.Spec.Namespace,
Name: common.AntreaMCSPrefix + resImp.Spec.Name,
Name: common.ToMCResourceName(resImp.Spec.Name),
},
}
err := r.localClusterClient.Delete(ctx, svc, &client.DeleteOptions{})
Expand All @@ -256,7 +256,7 @@ func (r *ResourceImportReconciler) handleResImpDeleteForService(ctx context.Cont
}

func (r *ResourceImportReconciler) handleResImpUpdateForEndpoints(ctx context.Context, resImp *multiclusterv1alpha1.ResourceImport) (ctrl.Result, error) {
epName := common.AntreaMCSPrefix + resImp.Spec.Name
epName := common.ToMCResourceName(resImp.Spec.Name)
epNamespaced := types.NamespacedName{Namespace: resImp.Spec.Namespace, Name: epName}
klog.InfoS("Updating Endpoints corresponding to ResourceImport", "endpoints", epNamespaced.String(),
"resourceimport", klog.KObj(resImp))
Expand Down Expand Up @@ -311,7 +311,7 @@ func (r *ResourceImportReconciler) handleResImpUpdateForEndpoints(ctx context.Co
}

func (r *ResourceImportReconciler) handleResImpDeleteForEndpoints(ctx context.Context, resImp *multiclusterv1alpha1.ResourceImport) (ctrl.Result, error) {
epName := common.AntreaMCSPrefix + resImp.Spec.Name
epName := common.ToMCResourceName(resImp.Spec.Name)
epNamespacedName := common.NamespacedName(resImp.Spec.Namespace, epName)
klog.InfoS("Deleting Endpoints corresponding to ResourceImport", "endpoints", epNamespacedName,
"resourceimport", klog.KObj(resImp))
Expand Down Expand Up @@ -342,7 +342,7 @@ func getMCService(resImp *multiclusterv1alpha1.ResourceImport) *corev1.Service {
}
mcs := &corev1.Service{
ObjectMeta: metav1.ObjectMeta{
Name: common.AntreaMCSPrefix + resImp.Spec.Name,
Name: common.ToMCResourceName(resImp.Spec.Name),
Namespace: resImp.Spec.Namespace,
Annotations: map[string]string{
common.AntreaMCServiceAnnotation: "true",
Expand Down
2 changes: 2 additions & 0 deletions pkg/apis/crd/v1alpha1/types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -409,6 +409,8 @@ type Rule struct {
// destinations.
// +optional
ToServices []NamespacedName `json:"toServices,omitempty"`
// TODO: comment here
ToMultiClusterServices []NamespacedName `json:"toMultiClusterServices,omitempty"`
// Name describes the intention of this rule.
// Name should be unique within the policy.
// +optional
Expand Down
4 changes: 3 additions & 1 deletion pkg/controller/networkpolicy/antreanetworkpolicy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,9 @@ func (n *NetworkPolicyController) processAntreaNetworkPolicy(np *crdv1alpha1.Net
appliedToGroups = mergeAppliedToGroups(appliedToGroups, atgs...)
var peer *controlplane.NetworkPolicyPeer
if egressRule.ToServices != nil {
peer = n.svcRefToPeerForCRD(egressRule.ToServices, np.Namespace)
peer = n.svcRefToPeerForCRD(egressRule.ToServices, np.Namespace, crdv1alpha1.ScopeCluster)
} else if n.multiclusterEnabled && egressRule.ToMultiClusterServices != nil {
peer = n.svcRefToPeerForCRD(egressRule.ToMultiClusterServices, np.Namespace, crdv1alpha1.ScopeClusterSet)
} else {
var ags []*antreatypes.AddressGroup
peer, ags = n.toAntreaPeerForCRD(egressRule.To, np, controlplane.DirectionOut, namedPortExists)
Expand Down
Loading

0 comments on commit 36a37b9

Please sign in to comment.