From 39a33b1bbd6a2d3b134a0e393ac7b67b037d737e Mon Sep 17 00:00:00 2001
From: augabet <aurelien.gabet@gmail.com>
Date: Thu, 1 Feb 2018 18:03:11 +0100
Subject: [PATCH] check taints when allocating CIDR for the cloud

---
 pkg/controller/nodeipam/ipam/BUILD                   | 2 ++
 pkg/controller/nodeipam/ipam/cloud_cidr_allocator.go | 5 ++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/pkg/controller/nodeipam/ipam/BUILD b/pkg/controller/nodeipam/ipam/BUILD
index 5a1e1018a20..80805c05b12 100644
--- a/pkg/controller/nodeipam/ipam/BUILD
+++ b/pkg/controller/nodeipam/ipam/BUILD
@@ -49,7 +49,9 @@ go_library(
         "//pkg/controller/nodeipam/ipam/cidrset:go_default_library",
         "//pkg/controller/nodeipam/ipam/sync:go_default_library",
         "//pkg/controller/util/node:go_default_library",
+        "//pkg/scheduler/algorithm:go_default_library",
         "//pkg/util/node:go_default_library",
+        "//pkg/util/taints:go_default_library",
         "//vendor/github.com/golang/glog:go_default_library",
         "//vendor/k8s.io/api/core/v1:go_default_library",
         "//vendor/k8s.io/apimachinery/pkg/api/errors:go_default_library",
diff --git a/pkg/controller/nodeipam/ipam/cloud_cidr_allocator.go b/pkg/controller/nodeipam/ipam/cloud_cidr_allocator.go
index 6f4e4cfcc7a..da7ff245722 100644
--- a/pkg/controller/nodeipam/ipam/cloud_cidr_allocator.go
+++ b/pkg/controller/nodeipam/ipam/cloud_cidr_allocator.go
@@ -41,7 +41,9 @@ import (
 	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce"
 	"k8s.io/kubernetes/pkg/controller"
 	nodeutil "k8s.io/kubernetes/pkg/controller/util/node"
+	"k8s.io/kubernetes/pkg/scheduler/algorithm"
 	utilnode "k8s.io/kubernetes/pkg/util/node"
+	utiltaints "k8s.io/kubernetes/pkg/util/taints"
 )
 
 // cloudCIDRAllocator allocates node CIDRs according to IP address aliases
@@ -108,8 +110,9 @@ func NewCloudCIDRAllocator(client clientset.Interface, cloud cloudprovider.Inter
 			}
 			// Even if PodCIDR is assigned, but NetworkUnavailable condition is
 			// set to true, we need to process the node to set the condition.
+			networkUnavailableTaint := &v1.Taint{Key: algorithm.TaintNodeNetworkUnavailable, Effect: v1.TaintEffectNoSchedule}
 			_, cond := v1node.GetNodeCondition(&newNode.Status, v1.NodeNetworkUnavailable)
-			if cond == nil || cond.Status != v1.ConditionFalse {
+			if cond == nil || cond.Status != v1.ConditionFalse || !utiltaints.TaintExists(newNode.Spec.Taints, networkUnavailableTaint) {
 				return ca.AllocateOrOccupyCIDR(newNode)
 			}
 			return nil