Merge pull request #44387 from jamiehannaford/fix-port-allocation

Automatic merge from submit-queue

Use provided VipPortID for OpenStack LB

**What this PR does / why we need it**:

When creating an OpenStack LoadBalancer, Kubernetes will search through the tenant trying to match the LB's VIP with a port. This is problematic because multiple ports may have the same fixed IP, therefore leading to routing inconsistencies. We should use the port ID provided by the LB's response body instead.

**Which issue this PR fixes**:

https://github.com/kubernetes/kubernetes/issues/43909

**Special notes for your reviewer**:

Since this involves non-deterministic testing, it'd be best if we can run this in a staging environment for a few days before merging (say until early next week).

**Release note**:
```release-note
Fixes issue during LB creation where ports where incorrectly assigned to a floating IP
```

pkg/cloudprovider/providers/openstack/openstack_loadbalancer.go

@@ -828,19 +828,16 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 
 	status.Ingress = []v1.LoadBalancerIngress{{IP: loadbalancer.VipAddress}}
 
-	port, err := getPortByIP(lbaas.network, loadbalancer.VipAddress)
+	portID := loadbalancer.VipPortID
-	if err != nil {
+	floatIP, err := getFloatingIPByPortID(lbaas.network, portID)
-		return nil, fmt.Errorf("Error getting port for LB vip %s: %v", loadbalancer.VipAddress, err)
-	}
-	floatIP, err := getFloatingIPByPortID(lbaas.network, port.ID)
 	if err != nil && err != ErrNotFound {
-		return nil, fmt.Errorf("Error getting floating ip for port %s: %v", port.ID, err)
+		return nil, fmt.Errorf("Error getting floating ip for port %s: %v", portID, err)
 	}
 	if floatIP == nil && lbaas.opts.FloatingNetworkId != "" {
-		glog.V(4).Infof("Creating floating ip for loadbalancer %s port %s", loadbalancer.ID, port.ID)
+		glog.V(4).Infof("Creating floating ip for loadbalancer %s port %s", loadbalancer.ID, portID)
 		floatIPOpts := floatingips.CreateOpts{
 			FloatingNetworkID: lbaas.opts.FloatingNetworkId,
-			PortID:            port.ID,
+			PortID:            portID,
 		}
 		floatIP, err = floatingips.Create(lbaas.network, floatIPOpts).Extract()
 		if err != nil {
@@ -945,25 +942,15 @@ func (lbaas *LbaasV2) EnsureLoadBalancer(clusterName string, apiService *v1.Serv
 			return nil, err
 		}
 
-		// Get the port ID
+		portID := loadbalancer.VipPortID
-		port, err := getPortByIP(lbaas.network, loadbalancer.VipAddress)
-		if err != nil {
-			// cleanup what was created so far
-			_ = lbaas.EnsureLoadBalancerDeleted(clusterName, apiService)
-			return nil, err
-		}
-
 		update_opts := neutronports.UpdateOpts{SecurityGroups: []string{lbSecGroup.ID}}
-
+		res := neutronports.Update(lbaas.network, portID, update_opts)
-		res := neutronports.Update(lbaas.network, port.ID, update_opts)
-
 		if res.Err != nil {
-			glog.Errorf("Error occured updating port: %s", port.ID)
+			glog.Errorf("Error occured updating port: %s", portID)
 			// cleanup what was created so far
 			_ = lbaas.EnsureLoadBalancerDeleted(clusterName, apiService)
 			return nil, res.Err
 		}
-
 	}
 
 	return status, nil
@@ -1129,12 +1116,8 @@ func (lbaas *LbaasV2) EnsureLoadBalancerDeleted(clusterName string, service *v1.
 	}
 
 	if lbaas.opts.FloatingNetworkId != "" && loadbalancer != nil {
-		port, err := getPortByIP(lbaas.network, loadbalancer.VipAddress)
+		portID := loadbalancer.VipPortID
-		if err != nil {
+		floatingIP, err := getFloatingIPByPortID(lbaas.network, portID)
-			return err
-		}
-
-		floatingIP, err := getFloatingIPByPortID(lbaas.network, port.ID)
 		if err != nil && err != ErrNotFound {
 			return err
 		}