From ee00896712c9a3521470ba364dd1a151d81559bf Mon Sep 17 00:00:00 2001 From: Anish Ramasekar Date: Sun, 23 Feb 2020 20:15:58 -0800 Subject: [PATCH] add support for single stack IPv6 --- .../azure/azure_loadbalancer.go | 30 ++--- .../azure/azure_loadbalancer_test.go | 96 +++++++++----- .../azure/azure_routes.go | 9 +- .../azure/azure_standard.go | 16 +-- .../azure/azure_test.go | 125 +++++++++--------- .../azure/azure_vmss.go | 4 +- 6 files changed, 156 insertions(+), 124 deletions(-) diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go index 1a178b7f436..a880c3ccb97 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer.go @@ -549,23 +549,21 @@ func (az *Cloud) ensurePublicIPExists(service *v1.Service, pipName string, domai } } - if az.ipv6DualStackEnabled { - // TODO: (khenidak) if we ever enable IPv6 single stack, then we should - // not wrap the following in a feature gate - ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP) - if ipv6 { - pip.PublicIPAddressVersion = network.IPv6 - klog.V(2).Infof("service(%s): pip(%s) - creating as ipv6 for clusterIP:%v", serviceName, *pip.Name, service.Spec.ClusterIP) + // use the same family as the clusterIP as we support IPv6 single stack as well + // as dual-stack clusters + ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP) + if ipv6 { + pip.PublicIPAddressVersion = network.IPv6 + klog.V(2).Infof("service(%s): pip(%s) - creating as ipv6 for clusterIP:%v", serviceName, *pip.Name, service.Spec.ClusterIP) - pip.PublicIPAddressPropertiesFormat.PublicIPAllocationMethod = network.Dynamic - if az.useStandardLoadBalancer() { - // standard sku must have static allocation method for ipv6 - pip.PublicIPAddressPropertiesFormat.PublicIPAllocationMethod = network.Static - } - } else { - pip.PublicIPAddressVersion = network.IPv4 - klog.V(2).Infof("service(%s): pip(%s) - creating as ipv4 for clusterIP:%v", serviceName, *pip.Name, service.Spec.ClusterIP) + pip.PublicIPAddressPropertiesFormat.PublicIPAllocationMethod = network.Dynamic + if az.useStandardLoadBalancer() { + // standard sku must have static allocation method for ipv6 + pip.PublicIPAddressPropertiesFormat.PublicIPAllocationMethod = network.Static } + } else { + pip.PublicIPAddressVersion = network.IPv4 + klog.V(2).Infof("service(%s): pip(%s) - creating as ipv4 for clusterIP:%v", serviceName, *pip.Name, service.Spec.ClusterIP) } klog.V(2).Infof("ensurePublicIPExists for service(%s): pip(%s) - creating", serviceName, *pip.Name) @@ -685,7 +683,7 @@ func (az *Cloud) reconcileLoadBalancer(clusterName string, service *v1.Service, klog.V(2).Infof("reconcileLoadBalancer for service(%s): lb(%s/%s) wantLb(%t) resolved load balancer name", serviceName, lbResourceGroup, lbName, wantLb) lbFrontendIPConfigName := az.getFrontendIPConfigName(service) lbFrontendIPConfigID := az.getFrontendIPConfigID(lbName, lbResourceGroup, lbFrontendIPConfigName) - lbBackendPoolName := getBackendPoolName(az.ipv6DualStackEnabled, clusterName, service) + lbBackendPoolName := getBackendPoolName(clusterName, service) lbBackendPoolID := az.getBackendPoolID(lbName, lbResourceGroup, lbBackendPoolName) lbIdleTimeout, err := getIdleTimeout(service) diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer_test.go b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer_test.go index ea61a875735..614210693ed 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer_test.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_loadbalancer_test.go @@ -363,7 +363,7 @@ func TestEnsureLoadBalancerDeleted(t *testing.T) { }{ { desc: "external service should be created and deleted successfully", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), }, { desc: "internal service should be created and deleted successfully", @@ -612,7 +612,7 @@ func TestGetServiceLoadBalancer(t *testing.T) { }, }, }, - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), wantLB: false, expectedLB: &network.LoadBalancer{ Name: to.StringPtr("lb1"), @@ -633,7 +633,7 @@ func TestGetServiceLoadBalancer(t *testing.T) { }, { desc: "getServiceLoadBalancer shall report error if there're loadbalancer mode annotations on a standard lb", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), annotations: map[string]string{ServiceAnnotationLoadBalancerMode: "__auto__"}, sku: "standard", expectedExists: false, @@ -671,7 +671,7 @@ func TestGetServiceLoadBalancer(t *testing.T) { }, }, }, - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), annotations: map[string]string{ServiceAnnotationLoadBalancerMode: "__auto__"}, wantLB: true, expectedLB: &network.LoadBalancer{ @@ -687,7 +687,7 @@ func TestGetServiceLoadBalancer(t *testing.T) { }, { desc: "getServiceLoadBalancer shall create a new lb otherwise", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), expectedLB: &network.LoadBalancer{ Name: to.StringPtr("testCluster"), Location: to.StringPtr("westus"), @@ -839,7 +839,7 @@ func TestIsFrontendIPChanged(t *testing.T) { }, }, lbFrontendIPConfigName: "btest1-name", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), expectedFlag: false, expectedError: false, }, @@ -852,7 +852,7 @@ func TestIsFrontendIPChanged(t *testing.T) { }, }, lbFrontendIPConfigName: "btest1-name", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), loadBalancerIP: "1.1.1.1", exsistingPIPs: []network.PublicIPAddress{ { @@ -875,7 +875,7 @@ func TestIsFrontendIPChanged(t *testing.T) { }, }, lbFrontendIPConfigName: "btest1-name", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), loadBalancerIP: "1.1.1.1", exsistingPIPs: []network.PublicIPAddress{ { @@ -898,7 +898,7 @@ func TestIsFrontendIPChanged(t *testing.T) { }, }, lbFrontendIPConfigName: "btest1-name", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), loadBalancerIP: "1.1.1.1", exsistingPIPs: []network.PublicIPAddress{ { @@ -978,7 +978,7 @@ func TestDeterminePublicIPName(t *testing.T) { } for i, test := range testCases { az := GetTestCloud(ctrl) - service := getTestService("test1", v1.ProtocolTCP, nil, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, false, 80) service.Spec.LoadBalancerIP = test.loadBalancerIP for _, existingPIP := range test.exsistingPIPs { err := az.PublicIPAddressesClient.CreateOrUpdate(context.TODO(), "rg", "test", existingPIP) @@ -1007,12 +1007,12 @@ func TestReconcileLoadBalancerRule(t *testing.T) { }{ { desc: "reconcileLoadBalancerRule shall return nil if wantLb is false", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), wantLb: false, }, { desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule(blb)", - service: getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "true"}, 80), + service: getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "true"}, false, 80), wantLb: true, expectedProbes: []network.Probe{ { @@ -1053,7 +1053,7 @@ func TestReconcileLoadBalancerRule(t *testing.T) { }, { desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule (slb without tcp reset)", - service: getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "True"}, 80), + service: getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "True"}, false, 80), loadBalancerSku: "standard", wantLb: true, expectedProbes: []network.Probe{ @@ -1095,7 +1095,7 @@ func TestReconcileLoadBalancerRule(t *testing.T) { }, { desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule(slb with tcp reset)", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), loadBalancerSku: "standard", wantLb: true, expectedProbes: []network.Probe{ @@ -1214,10 +1214,10 @@ func TestReconcileLoadBalancer(t *testing.T) { ctrl := gomock.NewController(t) defer ctrl.Finish() - service1 := getTestService("test1", v1.ProtocolTCP, nil, 80) + service1 := getTestService("test1", v1.ProtocolTCP, nil, false, 80) basicLb1 := getTestLoadBalancer(to.StringPtr("lb1"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service1, "Basic") - service2 := getTestService("test1", v1.ProtocolTCP, nil, 80) + service2 := getTestService("test1", v1.ProtocolTCP, nil, false, 80) basicLb2 := getTestLoadBalancer(to.StringPtr("lb1"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("btest1"), service2, "Basic") basicLb2.Name = to.StringPtr("testCluster") basicLb2.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ @@ -1229,7 +1229,7 @@ func TestReconcileLoadBalancer(t *testing.T) { }, } - service3 := getTestService("test1", v1.ProtocolTCP, nil, 80) + service3 := getTestService("test1", v1.ProtocolTCP, nil, false, 80) modifiedLb1 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service3, "Basic") modifiedLb1.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ { @@ -1280,7 +1280,7 @@ func TestReconcileLoadBalancer(t *testing.T) { }, } - service4 := getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "true"}, 80) + service4 := getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "true"}, false, 80) existingSLB := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service4, "Standard") existingSLB.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ { @@ -1332,7 +1332,7 @@ func TestReconcileLoadBalancer(t *testing.T) { }, } - service5 := getTestService("test1", v1.ProtocolTCP, nil, 80) + service5 := getTestService("test1", v1.ProtocolTCP, nil, false, 80) slb5 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service5, "Standard") slb5.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{ { @@ -1386,7 +1386,7 @@ func TestReconcileLoadBalancer(t *testing.T) { }, } - service6 := getTestService("test1", v1.ProtocolUDP, nil, 80) + service6 := getTestService("test1", v1.ProtocolUDP, nil, false, 80) lb6 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service6, "basic") lb6.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{} lb6.Probes = &[]network.Probe{} @@ -1405,7 +1405,7 @@ func TestReconcileLoadBalancer(t *testing.T) { }, } - service7 := getTestService("test1", v1.ProtocolUDP, nil, 80) + service7 := getTestService("test1", v1.ProtocolUDP, nil, false, 80) service7.Spec.HealthCheckNodePort = 10081 service7.Spec.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyTypeLocal lb7 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service7, "basic") @@ -1440,7 +1440,7 @@ func TestReconcileLoadBalancer(t *testing.T) { }, } - service8 := getTestService("test1", v1.ProtocolTCP, nil, 80) + service8 := getTestService("test1", v1.ProtocolTCP, nil, false, 80) lb8 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("anotherRG"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service8, "Standard") lb8.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{} lb8.Probes = &[]network.Probe{} @@ -1610,7 +1610,7 @@ func TestGetServiceLoadBalancerStatus(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - service := getTestService("test1", v1.ProtocolTCP, nil, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, false, 80) internalService := getInternalTestService("test1", 80) PIPClient := newFakeAzurePIPClient(az.Config.SubscriptionID) @@ -1772,25 +1772,25 @@ func TestReconcileSecurityGroup(t *testing.T) { }, { desc: "reconcileSecurityGroup shall report error if no such sg can be found", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), expectedError: true, }, { desc: "reconcileSecurityGroup shall report error if wantLb is true and lbIP is nil", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), wantLb: true, existingSgs: map[string]network.SecurityGroup{"nsg": {}}, expectedError: true, }, { desc: "reconcileSecurityGroup shall remain the existingSgs intact if nothing needs to be modified", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), existingSgs: map[string]network.SecurityGroup{"nsg": {}}, expectedSg: &network.SecurityGroup{}, }, { desc: "reconcileSecurityGroup shall delete unwanted sgs and create needed ones", - service: getTestService("test1", v1.ProtocolTCP, nil, 80), + service: getTestService("test1", v1.ProtocolTCP, nil, false, 80), existingSgs: map[string]network.SecurityGroup{"nsg": { Name: to.StringPtr("nsg"), SecurityGroupPropertiesFormat: &network.SecurityGroupPropertiesFormat{ @@ -1896,7 +1896,7 @@ func TestSafeDeletePublicIP(t *testing.T) { if err != nil { t.Fatalf("TestCase[%d] meets unexpected error: %v", i, err) } - service := getTestService("test1", v1.ProtocolTCP, nil, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, false, 80) rerr := az.safeDeletePublicIP(&service, "rg", test.pip, test.lb) assert.Equal(t, 0, len(*test.lb.FrontendIPConfigurations), "TestCase[%d]: %s", i, test.desc) assert.Equal(t, 0, len(*test.lb.LoadBalancingRules), "TestCase[%d]: %s", i, test.desc) @@ -2007,7 +2007,7 @@ func TestReconcilePublicIP(t *testing.T) { for i, test := range testCases { az := GetTestCloud(ctrl) - service := getTestService("test1", v1.ProtocolTCP, nil, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, false, 80) service.Annotations = test.annotations for _, pip := range test.existingPIPs { err := az.PublicIPAddressesClient.CreateOrUpdate(context.TODO(), "rg", to.String(pip.Name), pip) @@ -2036,6 +2036,7 @@ func TestEnsurePublicIPExists(t *testing.T) { foundDNSLabelAnnotation bool expectedPIP *network.PublicIPAddress expectedID string + isIPv6 bool expectedError bool }{ { @@ -2072,6 +2073,7 @@ func TestEnsurePublicIPExists(t *testing.T) { DNSSettings: &network.PublicIPAddressDNSSettings{ DomainNameLabel: to.StringPtr("newdns"), }, + PublicIPAddressVersion: "IPv4", }, }, }, @@ -2091,7 +2093,8 @@ func TestEnsurePublicIPExists(t *testing.T) { ID: to.StringPtr("/subscriptions/subscription/resourceGroups/rg" + "/providers/Microsoft.Network/publicIPAddresses/pip1"), PublicIPAddressPropertiesFormat: &network.PublicIPAddressPropertiesFormat{ - DNSSettings: nil, + DNSSettings: nil, + PublicIPAddressVersion: "IPv4", }, }, }, @@ -2114,6 +2117,33 @@ func TestEnsurePublicIPExists(t *testing.T) { DNSSettings: &network.PublicIPAddressDNSSettings{ DomainNameLabel: to.StringPtr("previousdns"), }, + PublicIPAddressVersion: "IPv4", + }, + }, + }, + { + desc: "ensurePublicIPExists shall update existed PIP's dns label for IPv6", + inputDNSLabel: "newdns", + foundDNSLabelAnnotation: true, + isIPv6: true, + existingPIPs: []network.PublicIPAddress{{ + Name: to.StringPtr("pip1"), + PublicIPAddressPropertiesFormat: &network.PublicIPAddressPropertiesFormat{ + DNSSettings: &network.PublicIPAddressDNSSettings{ + DomainNameLabel: to.StringPtr("previousdns"), + }, + }, + }}, + expectedPIP: &network.PublicIPAddress{ + Name: to.StringPtr("pip1"), + ID: to.StringPtr("/subscriptions/subscription/resourceGroups/rg" + + "/providers/Microsoft.Network/publicIPAddresses/pip1"), + PublicIPAddressPropertiesFormat: &network.PublicIPAddressPropertiesFormat{ + DNSSettings: &network.PublicIPAddressDNSSettings{ + DomainNameLabel: to.StringPtr("newdns"), + }, + PublicIPAllocationMethod: "Dynamic", + PublicIPAddressVersion: "IPv6", }, }, }, @@ -2121,7 +2151,7 @@ func TestEnsurePublicIPExists(t *testing.T) { for i, test := range testCases { az := GetTestCloud(ctrl) - service := getTestService("test1", v1.ProtocolTCP, nil, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, test.isIPv6, 80) for _, pip := range test.existingPIPs { err := az.PublicIPAddressesClient.CreateOrUpdate(context.TODO(), "rg", to.String(pip.Name), pip) if err != nil { @@ -2176,7 +2206,7 @@ func TestShouldUpdateLoadBalancer(t *testing.T) { for i, test := range testCases { az := GetTestCloud(ctrl) - service := getTestService("test1", v1.ProtocolTCP, nil, 80) + service := getTestService("test1", v1.ProtocolTCP, nil, false, 80) if test.lbHasDeletionTimestamp { service.ObjectMeta.DeletionTimestamp = &metav1.Time{Time: time.Now()} } @@ -2271,7 +2301,7 @@ func TestIsBackendPoolPreConfigured(t *testing.T) { if test.isInternalService { service = getInternalTestService("test", 80) } else { - service = getTestService("test", v1.ProtocolTCP, nil, 80) + service = getTestService("test", v1.ProtocolTCP, nil, false, 80) } isPreConfigured := az.isBackendPoolPreConfigured(&service) diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_routes.go b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_routes.go index c60d82f75b4..e25ce1c6516 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_routes.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_routes.go @@ -297,16 +297,19 @@ func (az *Cloud) CreateRoute(ctx context.Context, clusterName string, nameHint s return nil } - if !az.ipv6DualStackEnabled { + CIDRv6 := utilnet.IsIPv6CIDRString(string(kubeRoute.DestinationCIDR)) + // if single stack IPv4 then get the IP for the primary ip config + // single stack IPv6 is supported on dual stack host. So the IPv6 IP is secondary IP for both single stack IPv6 and dual stack + // Get all private IPs for the machine and find the first one that matches the IPv6 family + if !az.ipv6DualStackEnabled && !CIDRv6 { targetIP, _, err = az.getIPForMachine(kubeRoute.TargetNode) if err != nil { return err } } else { - // for dual stack we need to select + // for dual stack and single stack IPv6 we need to select // a private ip that matches family of the cidr klog.V(4).Infof("CreateRoute: create route instance=%q cidr=%q is in dual stack mode", kubeRoute.TargetNode, kubeRoute.DestinationCIDR) - CIDRv6 := utilnet.IsIPv6CIDRString(string(kubeRoute.DestinationCIDR)) nodePrivateIPs, err := az.getPrivateIPsForMachine(kubeRoute.TargetNode) if nil != err { klog.V(3).Infof("CreateRoute: create route: failed(GetPrivateIPsByNodeName) instance=%q cidr=%q with error=%v", kubeRoute.TargetNode, kubeRoute.DestinationCIDR, err) diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_standard.go b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_standard.go index 6c7293200ef..a462ea9caec 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_standard.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_standard.go @@ -256,18 +256,14 @@ func isInternalLoadBalancer(lb *network.LoadBalancer) bool { // getBackendPoolName the LB BackendPool name for a service. // to ensure backword and forward compat: // SingleStack -v4 (pre v1.16) => BackendPool name == clusterName -// SingleStack -v6 => BackendPool name == clusterName (all cluster bootstrap uses this name) +// SingleStack -v6 => BackendPool name == -IPv6 (all cluster bootstrap uses this name) // DualStack // => IPv4 BackendPool name == clusterName // => IPv6 BackendPool name == -IPv6 // This means: -// clusters moving from IPv4 to duakstack will require no changes -// clusters moving from IPv6 (while not seen in the wild, we can not rule out their existence) -// to dualstack will require deleting backend pools (the reconciler will take care of creating correct backendpools) -func getBackendPoolName(ipv6DualStackEnabled bool, clusterName string, service *v1.Service) string { - if !ipv6DualStackEnabled { - return clusterName - } +// clusters moving from IPv4 to dualstack will require no changes +// clusters moving from IPv6 to dualstack will require no changes as the IPv4 backend pool will created with +func getBackendPoolName(clusterName string, service *v1.Service) string { IPv6 := utilnet.IsIPv6String(service.Spec.ClusterIP) if IPv6 { return fmt.Sprintf("%v-IPv6", clusterName) @@ -738,13 +734,13 @@ func (as *availabilitySet) EnsureHostInPool(service *v1.Service, nodeName types. } var primaryIPConfig *network.InterfaceIPConfiguration - if !as.Cloud.ipv6DualStackEnabled { + ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP) + if !as.Cloud.ipv6DualStackEnabled && !ipv6 { primaryIPConfig, err = getPrimaryIPConfig(nic) if err != nil { return err } } else { - ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP) primaryIPConfig, err = getIPConfigByIPFamily(nic, ipv6) if err != nil { return err diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_test.go b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_test.go index 2d1df26fced..b50e64a5329 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_test.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_test.go @@ -45,7 +45,7 @@ var testClusterName = "testCluster" // Test flipServiceInternalAnnotation func TestFlipServiceInternalAnnotation(t *testing.T) { - svc := getTestService("servicea", v1.ProtocolTCP, nil, 80) + svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80) svcUpdated := flipServiceInternalAnnotation(&svc) if !requiresInternalLoadBalancer(svcUpdated) { t.Errorf("Expected svc to be an internal service") @@ -73,7 +73,7 @@ func TestAddPort(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - svc := getTestService("servicea", v1.ProtocolTCP, nil, 80) + svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80) clusterResources := getClusterResources(az, 1, 1) svc.Spec.Ports = append(svc.Spec.Ports, v1.ServicePort{ @@ -131,7 +131,7 @@ func testLoadBalancerServiceDefaultModeSelection(t *testing.T, isInternal bool) svc = getInternalTestService(svcName, 8081) validateTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081) } lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes) @@ -189,7 +189,7 @@ func testLoadBalancerServiceAutoModeSelection(t *testing.T, isInternal bool) { svc = getInternalTestService(svcName, 8081) validateTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081) } setLoadBalancerAutoModeAnnotation(&svc) lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes) @@ -255,7 +255,7 @@ func testLoadBalancerServicesSpecifiedSelection(t *testing.T, isInternal bool) { svc = getInternalTestService(svcName, 8081) validateTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081) } lbMode := fmt.Sprintf("%s,%s", selectedAvailabilitySetName1, selectedAvailabilitySetName2) setLoadBalancerModeAnnotation(&svc, lbMode) @@ -300,7 +300,7 @@ func testLoadBalancerMaxRulesServices(t *testing.T, isInternal bool) { svc = getInternalTestService(svcName, 8081) validateTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081) } lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes) @@ -329,7 +329,7 @@ func testLoadBalancerMaxRulesServices(t *testing.T, isInternal bool) { svc = getInternalTestService(svcName, 8081) validateTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081) } _, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes) if err == nil { @@ -362,7 +362,7 @@ func testLoadBalancerServiceAutoModeDeleteSelection(t *testing.T, isInternal boo svc = getInternalTestService(svcName, 8081) validateTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081) } setLoadBalancerAutoModeAnnotation(&svc) lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes) @@ -381,7 +381,7 @@ func testLoadBalancerServiceAutoModeDeleteSelection(t *testing.T, isInternal boo svc = getInternalTestService(svcName, 8081) validateTestSubnet(t, az, &svc) } else { - svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081) + svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081) } setLoadBalancerAutoModeAnnotation(&svc) @@ -431,7 +431,7 @@ func TestReconcileSecurityGroupFromAnyDestinationAddressPrefixToLoadBalancerIP(t defer ctrl.Finish() az := GetTestCloud(ctrl) - svc1 := getTestService("serviceea", v1.ProtocolTCP, nil, 80) + svc1 := getTestService("serviceea", v1.ProtocolTCP, nil, false, 80) svc1.Spec.LoadBalancerIP = "192.168.0.0" getTestSecurityGroup(az) // Simulate a pre-Kubernetes 1.8 NSG, where we do not specify the destination address prefix @@ -451,7 +451,7 @@ func TestReconcileSecurityGroupDynamicLoadBalancerIP(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80) + svc1 := getTestService("servicea", v1.ProtocolTCP, nil, false, 80) svc1.Spec.LoadBalancerIP = "" getTestSecurityGroup(az) dynamicallyAssignedIP := "192.168.0.0" @@ -469,7 +469,7 @@ func TestReconcileLoadBalancerAddServicesOnMultipleSubnets(t *testing.T) { az := GetTestCloud(ctrl) clusterResources := getClusterResources(az, 1, 1) - svc1 := getTestService("service1", v1.ProtocolTCP, nil, 8081) + svc1 := getTestService("service1", v1.ProtocolTCP, nil, false, 8081) svc2 := getInternalTestService("service2", 8081) // svc1 is using LB without "-internal" suffix @@ -541,7 +541,7 @@ func TestReconcileLoadBalancerNodeHealth(t *testing.T) { az := GetTestCloud(ctrl) clusterResources := getClusterResources(az, 1, 1) - svc := getTestService("servicea", v1.ProtocolTCP, nil, 80) + svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80) svc.Spec.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyTypeLocal svc.Spec.HealthCheckNodePort = int32(32456) @@ -565,7 +565,7 @@ func TestReconcileLoadBalancerRemoveService(t *testing.T) { az := GetTestCloud(ctrl) clusterResources := getClusterResources(az, 1, 1) - svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443) _, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */) if err != nil { @@ -592,7 +592,7 @@ func TestReconcileLoadBalancerRemoveAllPortsRemovesFrontendConfig(t *testing.T) az := GetTestCloud(ctrl) clusterResources := getClusterResources(az, 1, 1) - svc := getTestService("servicea", v1.ProtocolTCP, nil, 80) + svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80) lb, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */) if err != nil { @@ -600,7 +600,7 @@ func TestReconcileLoadBalancerRemoveAllPortsRemovesFrontendConfig(t *testing.T) } validateLoadBalancer(t, lb, svc) - svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil) + svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, false) lb, err = az.reconcileLoadBalancer(testClusterName, &svcUpdated, clusterResources.nodes, false /* wantLb*/) if err != nil { t.Errorf("Unexpected error: %q", err) @@ -622,13 +622,13 @@ func TestReconcileLoadBalancerRemovesPort(t *testing.T) { az := GetTestCloud(ctrl) clusterResources := getClusterResources(az, 1, 1) - svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443) _, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */) if err != nil { t.Errorf("Unexpected error: %q", err) } - svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, 80) + svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, false, 80) lb, err := az.reconcileLoadBalancer(testClusterName, &svcUpdated, clusterResources.nodes, true /* wantLb */) if err != nil { t.Errorf("Unexpected error: %q", err) @@ -644,8 +644,8 @@ func TestReconcileLoadBalancerMultipleServices(t *testing.T) { az := GetTestCloud(ctrl) clusterResources := getClusterResources(az, 1, 1) - svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) - svc2 := getTestService("serviceb", v1.ProtocolTCP, nil, 80) + svc1 := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443) + svc2 := getTestService("serviceb", v1.ProtocolTCP, nil, false, 80) _, err := az.reconcileLoadBalancer(testClusterName, &svc1, clusterResources.nodes, true /* wantLb */) if err != nil { @@ -674,7 +674,7 @@ func TestServiceDefaultsToNoSessionPersistence(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - svc := getTestService("service-sa-omitted", v1.ProtocolTCP, nil, 7170) + svc := getTestService("service-sa-omitted", v1.ProtocolTCP, nil, false, 7170) clusterResources := getClusterResources(az, 1, 1) lb, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */) @@ -697,7 +697,7 @@ func TestServiceRespectsNoSessionAffinity(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - svc := getTestService("service-sa-none", v1.ProtocolTCP, nil, 7170) + svc := getTestService("service-sa-none", v1.ProtocolTCP, nil, false, 7170) svc.Spec.SessionAffinity = v1.ServiceAffinityNone clusterResources := getClusterResources(az, 1, 1) @@ -723,7 +723,7 @@ func TestServiceRespectsClientIPSessionAffinity(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - svc := getTestService("service-sa-clientip", v1.ProtocolTCP, nil, 7170) + svc := getTestService("service-sa-clientip", v1.ProtocolTCP, nil, false, 7170) svc.Spec.SessionAffinity = v1.ServiceAffinityClientIP clusterResources := getClusterResources(az, 1, 1) @@ -750,7 +750,7 @@ func TestReconcileSecurityGroupNewServiceAddsPort(t *testing.T) { az := GetTestCloud(ctrl) getTestSecurityGroup(az) - svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80) + svc1 := getTestService("servicea", v1.ProtocolTCP, nil, false, 80) clusterResources := getClusterResources(az, 1, 1) lb, _ := az.reconcileLoadBalancer(testClusterName, &svc1, clusterResources.nodes, true) lbStatus, _ := az.getServiceLoadBalancerStatus(&svc1, lb) @@ -788,8 +788,8 @@ func TestReconcileSecurityGroupRemoveService(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - service1 := getTestService("servicea", v1.ProtocolTCP, nil, 81) - service2 := getTestService("serviceb", v1.ProtocolTCP, nil, 82) + service1 := getTestService("servicea", v1.ProtocolTCP, nil, false, 81) + service2 := getTestService("serviceb", v1.ProtocolTCP, nil, false, 82) clusterResources := getClusterResources(az, 1, 1) lb, _ := az.reconcileLoadBalancer(testClusterName, &service1, clusterResources.nodes, true) @@ -813,11 +813,11 @@ func TestReconcileSecurityGroupRemoveServiceRemovesPort(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443) clusterResources := getClusterResources(az, 1, 1) getTestSecurityGroup(az, svc) - svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, 80) + svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, false, 80) lb, _ := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true) lbStatus, _ := az.getServiceLoadBalancerStatus(&svc, lb) @@ -834,7 +834,7 @@ func TestReconcileSecurityWithSourceRanges(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443) svc.Spec.LoadBalancerSourceRanges = []string{ "192.168.0.0/24", "10.0.0.0/32", @@ -863,7 +863,7 @@ func TestReconcileSecurityGroupEtagMismatch(t *testing.T) { cachedSG.Etag = to.StringPtr("1111111-0000-0000-0000-000000000000") az.nsgCache.Set(to.String(sg.Name), &cachedSG) - svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80) + svc1 := getTestService("servicea", v1.ProtocolTCP, nil, false, 80) clusterResources := getClusterResources(az, 1, 1) lb, _ := az.reconcileLoadBalancer(testClusterName, &svc1, clusterResources.nodes, true) lbStatus, _ := az.getServiceLoadBalancerStatus(&svc1, lb) @@ -883,7 +883,7 @@ func TestReconcilePuablicIPWithNewService(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443) pip, err := az.reconcilePublicIP(testClusterName, &svc, "", true /* wantLb*/) if err != nil { @@ -907,7 +907,7 @@ func TestReconcilePublicIPRemoveService(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443) + svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443) pip, err := az.reconcilePublicIP(testClusterName, &svc, "", true /* wantLb*/) if err != nil { @@ -954,7 +954,7 @@ func TestReconcilePublicIPWithExternalAndInternalSwitch(t *testing.T) { validatePublicIP(t, pip, &svc, true) // Update to external service - svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, 80) + svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, false, 80) pip, err = az.reconcilePublicIP(testClusterName, &svcUpdated, "", true /* wantLb*/) if err != nil { t.Errorf("Unexpected error: %q", err) @@ -1097,7 +1097,7 @@ func getBackendPort(port int32) int32 { return port + 10000 } -func getTestService(identifier string, proto v1.Protocol, annotations map[string]string, requestedPorts ...int32) v1.Service { +func getTestService(identifier string, proto v1.Protocol, annotations map[string]string, isIPv6 bool, requestedPorts ...int32) v1.Service { ports := []v1.ServicePort{} for _, port := range requestedPorts { ports = append(ports, v1.ServicePort{ @@ -1123,17 +1123,22 @@ func getTestService(identifier string, proto v1.Protocol, annotations map[string svc.Annotations = annotations } + svc.Spec.ClusterIP = "10.0.0.2" + if isIPv6 { + svc.Spec.ClusterIP = "fd00::1907" + } + return svc } func getInternalTestService(identifier string, requestedPorts ...int32) v1.Service { - svc := getTestService(identifier, v1.ProtocolTCP, nil, requestedPorts...) + svc := getTestService(identifier, v1.ProtocolTCP, nil, false, requestedPorts...) svc.Annotations[ServiceAnnotationLoadBalancerInternal] = "true" return svc } func getResourceGroupTestService(identifier, resourceGroup, loadBalancerIP string, requestedPorts ...int32) v1.Service { - svc := getTestService(identifier, v1.ProtocolTCP, nil, requestedPorts...) + svc := getTestService(identifier, v1.ProtocolTCP, nil, false, requestedPorts...) svc.Spec.LoadBalancerIP = loadBalancerIP svc.Annotations[ServiceAnnotationLoadBalancerResourceGroup] = resourceGroup return svc @@ -1834,7 +1839,7 @@ func TestIfServiceSpecifiesSharedRuleAndRuleDoesNotExistItIsCreated(t *testing.T defer ctrl.Finish() az := GetTestCloud(ctrl) - svc := getTestService("servicesr", v1.ProtocolTCP, nil, 80) + svc := getTestService("servicesr", v1.ProtocolTCP, nil, false, 80) svc.Spec.LoadBalancerIP = "192.168.77.88" svc.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -1876,7 +1881,7 @@ func TestIfServiceSpecifiesSharedRuleAndRuleExistsThenTheServicesPortAndAddressA defer ctrl.Finish() az := GetTestCloud(ctrl) - svc := getTestService("servicesr", v1.ProtocolTCP, nil, 80) + svc := getTestService("servicesr", v1.ProtocolTCP, nil, false, 80) svc.Spec.LoadBalancerIP = "192.168.77.88" svc.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -1931,11 +1936,11 @@ func TestIfServicesSpecifySharedRuleButDifferentPortsThenSeparateRulesAreCreated defer ctrl.Finish() az := GetTestCloud(ctrl) - svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 8888) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2002,11 +2007,11 @@ func TestIfServicesSpecifySharedRuleButDifferentProtocolsThenSeparateRulesAreCre defer ctrl.Finish() az := GetTestCloud(ctrl) - svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolUDP, nil, 4444) + svc2 := getTestService("servicesr2", v1.ProtocolUDP, nil, false, 4444) svc2.Spec.LoadBalancerIP = "192.168.77.88" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2071,12 +2076,12 @@ func TestIfServicesSpecifySharedRuleButDifferentSourceAddressesThenSeparateRules defer ctrl.Finish() az := GetTestCloud(ctrl) - svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 80) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 80) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Spec.LoadBalancerSourceRanges = []string{"192.168.12.0/24"} svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 80) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 80) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Spec.LoadBalancerSourceRanges = []string{"192.168.34.0/24"} svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2144,15 +2149,15 @@ func TestIfServicesSpecifySharedRuleButSomeAreOnDifferentPortsThenRulesAreSepara defer ctrl.Finish() az := GetTestCloud(ctrl) - svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 8888) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444) + svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, false, 4444) svc3.Spec.LoadBalancerIP = "192.168.99.11" svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2246,11 +2251,11 @@ func TestIfServiceSpecifiesSharedRuleAndServiceIsDeletedThenTheServicesPortAndAd defer ctrl.Finish() az := GetTestCloud(ctrl) - svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 80) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 80) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 80) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 80) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2303,15 +2308,15 @@ func TestIfSomeServicesShareARuleAndOneIsDeletedItIsRemovedFromTheRightRule(t *t defer ctrl.Finish() az := GetTestCloud(ctrl) - svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 8888) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444) + svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, false, 4444) svc3.Spec.LoadBalancerIP = "192.168.99.11" svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2412,15 +2417,15 @@ func TestIfServiceSpecifiesSharedRuleAndLastServiceIsDeletedThenRuleIsDeleted(t defer ctrl.Finish() az := GetTestCloud(ctrl) - svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 8888) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444) + svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, false, 4444) svc3.Spec.LoadBalancerIP = "192.168.99.11" svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true" @@ -2494,23 +2499,23 @@ func TestCanCombineSharedAndPrivateRulesInSameGroup(t *testing.T) { defer ctrl.Finish() az := GetTestCloud(ctrl) - svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444) + svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444) svc1.Spec.LoadBalancerIP = "192.168.77.88" svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888) + svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 8888) svc2.Spec.LoadBalancerIP = "192.168.33.44" svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444) + svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, false, 4444) svc3.Spec.LoadBalancerIP = "192.168.99.11" svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true" - svc4 := getTestService("servicesr4", v1.ProtocolTCP, nil, 4444) + svc4 := getTestService("servicesr4", v1.ProtocolTCP, nil, false, 4444) svc4.Spec.LoadBalancerIP = "192.168.22.33" svc4.Annotations[ServiceAnnotationSharedSecurityRule] = "false" - svc5 := getTestService("servicesr5", v1.ProtocolTCP, nil, 8888) + svc5 := getTestService("servicesr5", v1.ProtocolTCP, nil, false, 8888) svc5.Spec.LoadBalancerIP = "192.168.22.33" svc5.Annotations[ServiceAnnotationSharedSecurityRule] = "false" diff --git a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_vmss.go b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_vmss.go index be008c287d5..b1c422f93a1 100644 --- a/staging/src/k8s.io/legacy-cloud-providers/azure/azure_vmss.go +++ b/staging/src/k8s.io/legacy-cloud-providers/azure/azure_vmss.go @@ -830,15 +830,15 @@ func (ss *scaleSet) EnsureHostInPool(service *v1.Service, nodeName types.NodeNam } var primaryIPConfiguration *compute.VirtualMachineScaleSetIPConfiguration + ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP) // Find primary network interface configuration. - if !ss.Cloud.ipv6DualStackEnabled { + if !ss.Cloud.ipv6DualStackEnabled && !ipv6 { // Find primary IP configuration. primaryIPConfiguration, err = getPrimaryIPConfigFromVMSSNetworkConfig(primaryNetworkInterfaceConfiguration) if err != nil { return err } } else { - ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP) primaryIPConfiguration, err = ss.getConfigForScaleSetByIPFamily(primaryNetworkInterfaceConfiguration, vmName, ipv6) if err != nil { return err