add support for single stack IPv6

This commit is contained in:
Anish Ramasekar 2020-02-23 20:15:58 -08:00
parent ac25069a05
commit ee00896712
No known key found for this signature in database
GPG Key ID: 57E2FE676FC346A6
6 changed files with 156 additions and 124 deletions

View File

@ -549,23 +549,21 @@ func (az *Cloud) ensurePublicIPExists(service *v1.Service, pipName string, domai
}
}
if az.ipv6DualStackEnabled {
// TODO: (khenidak) if we ever enable IPv6 single stack, then we should
// not wrap the following in a feature gate
ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP)
if ipv6 {
pip.PublicIPAddressVersion = network.IPv6
klog.V(2).Infof("service(%s): pip(%s) - creating as ipv6 for clusterIP:%v", serviceName, *pip.Name, service.Spec.ClusterIP)
// use the same family as the clusterIP as we support IPv6 single stack as well
// as dual-stack clusters
ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP)
if ipv6 {
pip.PublicIPAddressVersion = network.IPv6
klog.V(2).Infof("service(%s): pip(%s) - creating as ipv6 for clusterIP:%v", serviceName, *pip.Name, service.Spec.ClusterIP)
pip.PublicIPAddressPropertiesFormat.PublicIPAllocationMethod = network.Dynamic
if az.useStandardLoadBalancer() {
// standard sku must have static allocation method for ipv6
pip.PublicIPAddressPropertiesFormat.PublicIPAllocationMethod = network.Static
}
} else {
pip.PublicIPAddressVersion = network.IPv4
klog.V(2).Infof("service(%s): pip(%s) - creating as ipv4 for clusterIP:%v", serviceName, *pip.Name, service.Spec.ClusterIP)
pip.PublicIPAddressPropertiesFormat.PublicIPAllocationMethod = network.Dynamic
if az.useStandardLoadBalancer() {
// standard sku must have static allocation method for ipv6
pip.PublicIPAddressPropertiesFormat.PublicIPAllocationMethod = network.Static
}
} else {
pip.PublicIPAddressVersion = network.IPv4
klog.V(2).Infof("service(%s): pip(%s) - creating as ipv4 for clusterIP:%v", serviceName, *pip.Name, service.Spec.ClusterIP)
}
klog.V(2).Infof("ensurePublicIPExists for service(%s): pip(%s) - creating", serviceName, *pip.Name)
@ -685,7 +683,7 @@ func (az *Cloud) reconcileLoadBalancer(clusterName string, service *v1.Service,
klog.V(2).Infof("reconcileLoadBalancer for service(%s): lb(%s/%s) wantLb(%t) resolved load balancer name", serviceName, lbResourceGroup, lbName, wantLb)
lbFrontendIPConfigName := az.getFrontendIPConfigName(service)
lbFrontendIPConfigID := az.getFrontendIPConfigID(lbName, lbResourceGroup, lbFrontendIPConfigName)
lbBackendPoolName := getBackendPoolName(az.ipv6DualStackEnabled, clusterName, service)
lbBackendPoolName := getBackendPoolName(clusterName, service)
lbBackendPoolID := az.getBackendPoolID(lbName, lbResourceGroup, lbBackendPoolName)
lbIdleTimeout, err := getIdleTimeout(service)

View File

@ -363,7 +363,7 @@ func TestEnsureLoadBalancerDeleted(t *testing.T) {
}{
{
desc: "external service should be created and deleted successfully",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
},
{
desc: "internal service should be created and deleted successfully",
@ -612,7 +612,7 @@ func TestGetServiceLoadBalancer(t *testing.T) {
},
},
},
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
wantLB: false,
expectedLB: &network.LoadBalancer{
Name: to.StringPtr("lb1"),
@ -633,7 +633,7 @@ func TestGetServiceLoadBalancer(t *testing.T) {
},
{
desc: "getServiceLoadBalancer shall report error if there're loadbalancer mode annotations on a standard lb",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
annotations: map[string]string{ServiceAnnotationLoadBalancerMode: "__auto__"},
sku: "standard",
expectedExists: false,
@ -671,7 +671,7 @@ func TestGetServiceLoadBalancer(t *testing.T) {
},
},
},
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
annotations: map[string]string{ServiceAnnotationLoadBalancerMode: "__auto__"},
wantLB: true,
expectedLB: &network.LoadBalancer{
@ -687,7 +687,7 @@ func TestGetServiceLoadBalancer(t *testing.T) {
},
{
desc: "getServiceLoadBalancer shall create a new lb otherwise",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
expectedLB: &network.LoadBalancer{
Name: to.StringPtr("testCluster"),
Location: to.StringPtr("westus"),
@ -839,7 +839,7 @@ func TestIsFrontendIPChanged(t *testing.T) {
},
},
lbFrontendIPConfigName: "btest1-name",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
expectedFlag: false,
expectedError: false,
},
@ -852,7 +852,7 @@ func TestIsFrontendIPChanged(t *testing.T) {
},
},
lbFrontendIPConfigName: "btest1-name",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
loadBalancerIP: "1.1.1.1",
exsistingPIPs: []network.PublicIPAddress{
{
@ -875,7 +875,7 @@ func TestIsFrontendIPChanged(t *testing.T) {
},
},
lbFrontendIPConfigName: "btest1-name",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
loadBalancerIP: "1.1.1.1",
exsistingPIPs: []network.PublicIPAddress{
{
@ -898,7 +898,7 @@ func TestIsFrontendIPChanged(t *testing.T) {
},
},
lbFrontendIPConfigName: "btest1-name",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
loadBalancerIP: "1.1.1.1",
exsistingPIPs: []network.PublicIPAddress{
{
@ -978,7 +978,7 @@ func TestDeterminePublicIPName(t *testing.T) {
}
for i, test := range testCases {
az := GetTestCloud(ctrl)
service := getTestService("test1", v1.ProtocolTCP, nil, 80)
service := getTestService("test1", v1.ProtocolTCP, nil, false, 80)
service.Spec.LoadBalancerIP = test.loadBalancerIP
for _, existingPIP := range test.exsistingPIPs {
err := az.PublicIPAddressesClient.CreateOrUpdate(context.TODO(), "rg", "test", existingPIP)
@ -1007,12 +1007,12 @@ func TestReconcileLoadBalancerRule(t *testing.T) {
}{
{
desc: "reconcileLoadBalancerRule shall return nil if wantLb is false",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
wantLb: false,
},
{
desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule(blb)",
service: getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "true"}, 80),
service: getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "true"}, false, 80),
wantLb: true,
expectedProbes: []network.Probe{
{
@ -1053,7 +1053,7 @@ func TestReconcileLoadBalancerRule(t *testing.T) {
},
{
desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule (slb without tcp reset)",
service: getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "True"}, 80),
service: getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "True"}, false, 80),
loadBalancerSku: "standard",
wantLb: true,
expectedProbes: []network.Probe{
@ -1095,7 +1095,7 @@ func TestReconcileLoadBalancerRule(t *testing.T) {
},
{
desc: "reconcileLoadBalancerRule shall return corresponding probe and lbRule(slb with tcp reset)",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
loadBalancerSku: "standard",
wantLb: true,
expectedProbes: []network.Probe{
@ -1214,10 +1214,10 @@ func TestReconcileLoadBalancer(t *testing.T) {
ctrl := gomock.NewController(t)
defer ctrl.Finish()
service1 := getTestService("test1", v1.ProtocolTCP, nil, 80)
service1 := getTestService("test1", v1.ProtocolTCP, nil, false, 80)
basicLb1 := getTestLoadBalancer(to.StringPtr("lb1"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service1, "Basic")
service2 := getTestService("test1", v1.ProtocolTCP, nil, 80)
service2 := getTestService("test1", v1.ProtocolTCP, nil, false, 80)
basicLb2 := getTestLoadBalancer(to.StringPtr("lb1"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("btest1"), service2, "Basic")
basicLb2.Name = to.StringPtr("testCluster")
basicLb2.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{
@ -1229,7 +1229,7 @@ func TestReconcileLoadBalancer(t *testing.T) {
},
}
service3 := getTestService("test1", v1.ProtocolTCP, nil, 80)
service3 := getTestService("test1", v1.ProtocolTCP, nil, false, 80)
modifiedLb1 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service3, "Basic")
modifiedLb1.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{
{
@ -1280,7 +1280,7 @@ func TestReconcileLoadBalancer(t *testing.T) {
},
}
service4 := getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "true"}, 80)
service4 := getTestService("test1", v1.ProtocolTCP, map[string]string{"service.beta.kubernetes.io/azure-load-balancer-disable-tcp-reset": "true"}, false, 80)
existingSLB := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service4, "Standard")
existingSLB.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{
{
@ -1332,7 +1332,7 @@ func TestReconcileLoadBalancer(t *testing.T) {
},
}
service5 := getTestService("test1", v1.ProtocolTCP, nil, 80)
service5 := getTestService("test1", v1.ProtocolTCP, nil, false, 80)
slb5 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service5, "Standard")
slb5.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{
{
@ -1386,7 +1386,7 @@ func TestReconcileLoadBalancer(t *testing.T) {
},
}
service6 := getTestService("test1", v1.ProtocolUDP, nil, 80)
service6 := getTestService("test1", v1.ProtocolUDP, nil, false, 80)
lb6 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service6, "basic")
lb6.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{}
lb6.Probes = &[]network.Probe{}
@ -1405,7 +1405,7 @@ func TestReconcileLoadBalancer(t *testing.T) {
},
}
service7 := getTestService("test1", v1.ProtocolUDP, nil, 80)
service7 := getTestService("test1", v1.ProtocolUDP, nil, false, 80)
service7.Spec.HealthCheckNodePort = 10081
service7.Spec.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyTypeLocal
lb7 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("rg"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service7, "basic")
@ -1440,7 +1440,7 @@ func TestReconcileLoadBalancer(t *testing.T) {
},
}
service8 := getTestService("test1", v1.ProtocolTCP, nil, 80)
service8 := getTestService("test1", v1.ProtocolTCP, nil, false, 80)
lb8 := getTestLoadBalancer(to.StringPtr("testCluster"), to.StringPtr("anotherRG"), to.StringPtr("testCluster"), to.StringPtr("atest1"), service8, "Standard")
lb8.FrontendIPConfigurations = &[]network.FrontendIPConfiguration{}
lb8.Probes = &[]network.Probe{}
@ -1610,7 +1610,7 @@ func TestGetServiceLoadBalancerStatus(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
service := getTestService("test1", v1.ProtocolTCP, nil, 80)
service := getTestService("test1", v1.ProtocolTCP, nil, false, 80)
internalService := getInternalTestService("test1", 80)
PIPClient := newFakeAzurePIPClient(az.Config.SubscriptionID)
@ -1772,25 +1772,25 @@ func TestReconcileSecurityGroup(t *testing.T) {
},
{
desc: "reconcileSecurityGroup shall report error if no such sg can be found",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
expectedError: true,
},
{
desc: "reconcileSecurityGroup shall report error if wantLb is true and lbIP is nil",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
wantLb: true,
existingSgs: map[string]network.SecurityGroup{"nsg": {}},
expectedError: true,
},
{
desc: "reconcileSecurityGroup shall remain the existingSgs intact if nothing needs to be modified",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
existingSgs: map[string]network.SecurityGroup{"nsg": {}},
expectedSg: &network.SecurityGroup{},
},
{
desc: "reconcileSecurityGroup shall delete unwanted sgs and create needed ones",
service: getTestService("test1", v1.ProtocolTCP, nil, 80),
service: getTestService("test1", v1.ProtocolTCP, nil, false, 80),
existingSgs: map[string]network.SecurityGroup{"nsg": {
Name: to.StringPtr("nsg"),
SecurityGroupPropertiesFormat: &network.SecurityGroupPropertiesFormat{
@ -1896,7 +1896,7 @@ func TestSafeDeletePublicIP(t *testing.T) {
if err != nil {
t.Fatalf("TestCase[%d] meets unexpected error: %v", i, err)
}
service := getTestService("test1", v1.ProtocolTCP, nil, 80)
service := getTestService("test1", v1.ProtocolTCP, nil, false, 80)
rerr := az.safeDeletePublicIP(&service, "rg", test.pip, test.lb)
assert.Equal(t, 0, len(*test.lb.FrontendIPConfigurations), "TestCase[%d]: %s", i, test.desc)
assert.Equal(t, 0, len(*test.lb.LoadBalancingRules), "TestCase[%d]: %s", i, test.desc)
@ -2007,7 +2007,7 @@ func TestReconcilePublicIP(t *testing.T) {
for i, test := range testCases {
az := GetTestCloud(ctrl)
service := getTestService("test1", v1.ProtocolTCP, nil, 80)
service := getTestService("test1", v1.ProtocolTCP, nil, false, 80)
service.Annotations = test.annotations
for _, pip := range test.existingPIPs {
err := az.PublicIPAddressesClient.CreateOrUpdate(context.TODO(), "rg", to.String(pip.Name), pip)
@ -2036,6 +2036,7 @@ func TestEnsurePublicIPExists(t *testing.T) {
foundDNSLabelAnnotation bool
expectedPIP *network.PublicIPAddress
expectedID string
isIPv6 bool
expectedError bool
}{
{
@ -2072,6 +2073,7 @@ func TestEnsurePublicIPExists(t *testing.T) {
DNSSettings: &network.PublicIPAddressDNSSettings{
DomainNameLabel: to.StringPtr("newdns"),
},
PublicIPAddressVersion: "IPv4",
},
},
},
@ -2091,7 +2093,8 @@ func TestEnsurePublicIPExists(t *testing.T) {
ID: to.StringPtr("/subscriptions/subscription/resourceGroups/rg" +
"/providers/Microsoft.Network/publicIPAddresses/pip1"),
PublicIPAddressPropertiesFormat: &network.PublicIPAddressPropertiesFormat{
DNSSettings: nil,
DNSSettings: nil,
PublicIPAddressVersion: "IPv4",
},
},
},
@ -2114,6 +2117,33 @@ func TestEnsurePublicIPExists(t *testing.T) {
DNSSettings: &network.PublicIPAddressDNSSettings{
DomainNameLabel: to.StringPtr("previousdns"),
},
PublicIPAddressVersion: "IPv4",
},
},
},
{
desc: "ensurePublicIPExists shall update existed PIP's dns label for IPv6",
inputDNSLabel: "newdns",
foundDNSLabelAnnotation: true,
isIPv6: true,
existingPIPs: []network.PublicIPAddress{{
Name: to.StringPtr("pip1"),
PublicIPAddressPropertiesFormat: &network.PublicIPAddressPropertiesFormat{
DNSSettings: &network.PublicIPAddressDNSSettings{
DomainNameLabel: to.StringPtr("previousdns"),
},
},
}},
expectedPIP: &network.PublicIPAddress{
Name: to.StringPtr("pip1"),
ID: to.StringPtr("/subscriptions/subscription/resourceGroups/rg" +
"/providers/Microsoft.Network/publicIPAddresses/pip1"),
PublicIPAddressPropertiesFormat: &network.PublicIPAddressPropertiesFormat{
DNSSettings: &network.PublicIPAddressDNSSettings{
DomainNameLabel: to.StringPtr("newdns"),
},
PublicIPAllocationMethod: "Dynamic",
PublicIPAddressVersion: "IPv6",
},
},
},
@ -2121,7 +2151,7 @@ func TestEnsurePublicIPExists(t *testing.T) {
for i, test := range testCases {
az := GetTestCloud(ctrl)
service := getTestService("test1", v1.ProtocolTCP, nil, 80)
service := getTestService("test1", v1.ProtocolTCP, nil, test.isIPv6, 80)
for _, pip := range test.existingPIPs {
err := az.PublicIPAddressesClient.CreateOrUpdate(context.TODO(), "rg", to.String(pip.Name), pip)
if err != nil {
@ -2176,7 +2206,7 @@ func TestShouldUpdateLoadBalancer(t *testing.T) {
for i, test := range testCases {
az := GetTestCloud(ctrl)
service := getTestService("test1", v1.ProtocolTCP, nil, 80)
service := getTestService("test1", v1.ProtocolTCP, nil, false, 80)
if test.lbHasDeletionTimestamp {
service.ObjectMeta.DeletionTimestamp = &metav1.Time{Time: time.Now()}
}
@ -2271,7 +2301,7 @@ func TestIsBackendPoolPreConfigured(t *testing.T) {
if test.isInternalService {
service = getInternalTestService("test", 80)
} else {
service = getTestService("test", v1.ProtocolTCP, nil, 80)
service = getTestService("test", v1.ProtocolTCP, nil, false, 80)
}
isPreConfigured := az.isBackendPoolPreConfigured(&service)

View File

@ -297,16 +297,19 @@ func (az *Cloud) CreateRoute(ctx context.Context, clusterName string, nameHint s
return nil
}
if !az.ipv6DualStackEnabled {
CIDRv6 := utilnet.IsIPv6CIDRString(string(kubeRoute.DestinationCIDR))
// if single stack IPv4 then get the IP for the primary ip config
// single stack IPv6 is supported on dual stack host. So the IPv6 IP is secondary IP for both single stack IPv6 and dual stack
// Get all private IPs for the machine and find the first one that matches the IPv6 family
if !az.ipv6DualStackEnabled && !CIDRv6 {
targetIP, _, err = az.getIPForMachine(kubeRoute.TargetNode)
if err != nil {
return err
}
} else {
// for dual stack we need to select
// for dual stack and single stack IPv6 we need to select
// a private ip that matches family of the cidr
klog.V(4).Infof("CreateRoute: create route instance=%q cidr=%q is in dual stack mode", kubeRoute.TargetNode, kubeRoute.DestinationCIDR)
CIDRv6 := utilnet.IsIPv6CIDRString(string(kubeRoute.DestinationCIDR))
nodePrivateIPs, err := az.getPrivateIPsForMachine(kubeRoute.TargetNode)
if nil != err {
klog.V(3).Infof("CreateRoute: create route: failed(GetPrivateIPsByNodeName) instance=%q cidr=%q with error=%v", kubeRoute.TargetNode, kubeRoute.DestinationCIDR, err)

View File

@ -256,18 +256,14 @@ func isInternalLoadBalancer(lb *network.LoadBalancer) bool {
// getBackendPoolName the LB BackendPool name for a service.
// to ensure backword and forward compat:
// SingleStack -v4 (pre v1.16) => BackendPool name == clusterName
// SingleStack -v6 => BackendPool name == clusterName (all cluster bootstrap uses this name)
// SingleStack -v6 => BackendPool name == <clusterName>-IPv6 (all cluster bootstrap uses this name)
// DualStack
// => IPv4 BackendPool name == clusterName
// => IPv6 BackendPool name == <clusterName>-IPv6
// This means:
// clusters moving from IPv4 to duakstack will require no changes
// clusters moving from IPv6 (while not seen in the wild, we can not rule out their existence)
// to dualstack will require deleting backend pools (the reconciler will take care of creating correct backendpools)
func getBackendPoolName(ipv6DualStackEnabled bool, clusterName string, service *v1.Service) string {
if !ipv6DualStackEnabled {
return clusterName
}
// clusters moving from IPv4 to dualstack will require no changes
// clusters moving from IPv6 to dualstack will require no changes as the IPv4 backend pool will created with <clusterName>
func getBackendPoolName(clusterName string, service *v1.Service) string {
IPv6 := utilnet.IsIPv6String(service.Spec.ClusterIP)
if IPv6 {
return fmt.Sprintf("%v-IPv6", clusterName)
@ -738,13 +734,13 @@ func (as *availabilitySet) EnsureHostInPool(service *v1.Service, nodeName types.
}
var primaryIPConfig *network.InterfaceIPConfiguration
if !as.Cloud.ipv6DualStackEnabled {
ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP)
if !as.Cloud.ipv6DualStackEnabled && !ipv6 {
primaryIPConfig, err = getPrimaryIPConfig(nic)
if err != nil {
return err
}
} else {
ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP)
primaryIPConfig, err = getIPConfigByIPFamily(nic, ipv6)
if err != nil {
return err

View File

@ -45,7 +45,7 @@ var testClusterName = "testCluster"
// Test flipServiceInternalAnnotation
func TestFlipServiceInternalAnnotation(t *testing.T) {
svc := getTestService("servicea", v1.ProtocolTCP, nil, 80)
svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80)
svcUpdated := flipServiceInternalAnnotation(&svc)
if !requiresInternalLoadBalancer(svcUpdated) {
t.Errorf("Expected svc to be an internal service")
@ -73,7 +73,7 @@ func TestAddPort(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc := getTestService("servicea", v1.ProtocolTCP, nil, 80)
svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80)
clusterResources := getClusterResources(az, 1, 1)
svc.Spec.Ports = append(svc.Spec.Ports, v1.ServicePort{
@ -131,7 +131,7 @@ func testLoadBalancerServiceDefaultModeSelection(t *testing.T, isInternal bool)
svc = getInternalTestService(svcName, 8081)
validateTestSubnet(t, az, &svc)
} else {
svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081)
svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081)
}
lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes)
@ -189,7 +189,7 @@ func testLoadBalancerServiceAutoModeSelection(t *testing.T, isInternal bool) {
svc = getInternalTestService(svcName, 8081)
validateTestSubnet(t, az, &svc)
} else {
svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081)
svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081)
}
setLoadBalancerAutoModeAnnotation(&svc)
lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes)
@ -255,7 +255,7 @@ func testLoadBalancerServicesSpecifiedSelection(t *testing.T, isInternal bool) {
svc = getInternalTestService(svcName, 8081)
validateTestSubnet(t, az, &svc)
} else {
svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081)
svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081)
}
lbMode := fmt.Sprintf("%s,%s", selectedAvailabilitySetName1, selectedAvailabilitySetName2)
setLoadBalancerModeAnnotation(&svc, lbMode)
@ -300,7 +300,7 @@ func testLoadBalancerMaxRulesServices(t *testing.T, isInternal bool) {
svc = getInternalTestService(svcName, 8081)
validateTestSubnet(t, az, &svc)
} else {
svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081)
svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081)
}
lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes)
@ -329,7 +329,7 @@ func testLoadBalancerMaxRulesServices(t *testing.T, isInternal bool) {
svc = getInternalTestService(svcName, 8081)
validateTestSubnet(t, az, &svc)
} else {
svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081)
svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081)
}
_, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes)
if err == nil {
@ -362,7 +362,7 @@ func testLoadBalancerServiceAutoModeDeleteSelection(t *testing.T, isInternal boo
svc = getInternalTestService(svcName, 8081)
validateTestSubnet(t, az, &svc)
} else {
svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081)
svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081)
}
setLoadBalancerAutoModeAnnotation(&svc)
lbStatus, err := az.EnsureLoadBalancer(context.TODO(), testClusterName, &svc, clusterResources.nodes)
@ -381,7 +381,7 @@ func testLoadBalancerServiceAutoModeDeleteSelection(t *testing.T, isInternal boo
svc = getInternalTestService(svcName, 8081)
validateTestSubnet(t, az, &svc)
} else {
svc = getTestService(svcName, v1.ProtocolTCP, nil, 8081)
svc = getTestService(svcName, v1.ProtocolTCP, nil, false, 8081)
}
setLoadBalancerAutoModeAnnotation(&svc)
@ -431,7 +431,7 @@ func TestReconcileSecurityGroupFromAnyDestinationAddressPrefixToLoadBalancerIP(t
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc1 := getTestService("serviceea", v1.ProtocolTCP, nil, 80)
svc1 := getTestService("serviceea", v1.ProtocolTCP, nil, false, 80)
svc1.Spec.LoadBalancerIP = "192.168.0.0"
getTestSecurityGroup(az)
// Simulate a pre-Kubernetes 1.8 NSG, where we do not specify the destination address prefix
@ -451,7 +451,7 @@ func TestReconcileSecurityGroupDynamicLoadBalancerIP(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80)
svc1 := getTestService("servicea", v1.ProtocolTCP, nil, false, 80)
svc1.Spec.LoadBalancerIP = ""
getTestSecurityGroup(az)
dynamicallyAssignedIP := "192.168.0.0"
@ -469,7 +469,7 @@ func TestReconcileLoadBalancerAddServicesOnMultipleSubnets(t *testing.T) {
az := GetTestCloud(ctrl)
clusterResources := getClusterResources(az, 1, 1)
svc1 := getTestService("service1", v1.ProtocolTCP, nil, 8081)
svc1 := getTestService("service1", v1.ProtocolTCP, nil, false, 8081)
svc2 := getInternalTestService("service2", 8081)
// svc1 is using LB without "-internal" suffix
@ -541,7 +541,7 @@ func TestReconcileLoadBalancerNodeHealth(t *testing.T) {
az := GetTestCloud(ctrl)
clusterResources := getClusterResources(az, 1, 1)
svc := getTestService("servicea", v1.ProtocolTCP, nil, 80)
svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80)
svc.Spec.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyTypeLocal
svc.Spec.HealthCheckNodePort = int32(32456)
@ -565,7 +565,7 @@ func TestReconcileLoadBalancerRemoveService(t *testing.T) {
az := GetTestCloud(ctrl)
clusterResources := getClusterResources(az, 1, 1)
svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443)
svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443)
_, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */)
if err != nil {
@ -592,7 +592,7 @@ func TestReconcileLoadBalancerRemoveAllPortsRemovesFrontendConfig(t *testing.T)
az := GetTestCloud(ctrl)
clusterResources := getClusterResources(az, 1, 1)
svc := getTestService("servicea", v1.ProtocolTCP, nil, 80)
svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80)
lb, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */)
if err != nil {
@ -600,7 +600,7 @@ func TestReconcileLoadBalancerRemoveAllPortsRemovesFrontendConfig(t *testing.T)
}
validateLoadBalancer(t, lb, svc)
svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil)
svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, false)
lb, err = az.reconcileLoadBalancer(testClusterName, &svcUpdated, clusterResources.nodes, false /* wantLb*/)
if err != nil {
t.Errorf("Unexpected error: %q", err)
@ -622,13 +622,13 @@ func TestReconcileLoadBalancerRemovesPort(t *testing.T) {
az := GetTestCloud(ctrl)
clusterResources := getClusterResources(az, 1, 1)
svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443)
svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443)
_, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */)
if err != nil {
t.Errorf("Unexpected error: %q", err)
}
svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, 80)
svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, false, 80)
lb, err := az.reconcileLoadBalancer(testClusterName, &svcUpdated, clusterResources.nodes, true /* wantLb */)
if err != nil {
t.Errorf("Unexpected error: %q", err)
@ -644,8 +644,8 @@ func TestReconcileLoadBalancerMultipleServices(t *testing.T) {
az := GetTestCloud(ctrl)
clusterResources := getClusterResources(az, 1, 1)
svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443)
svc2 := getTestService("serviceb", v1.ProtocolTCP, nil, 80)
svc1 := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443)
svc2 := getTestService("serviceb", v1.ProtocolTCP, nil, false, 80)
_, err := az.reconcileLoadBalancer(testClusterName, &svc1, clusterResources.nodes, true /* wantLb */)
if err != nil {
@ -674,7 +674,7 @@ func TestServiceDefaultsToNoSessionPersistence(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc := getTestService("service-sa-omitted", v1.ProtocolTCP, nil, 7170)
svc := getTestService("service-sa-omitted", v1.ProtocolTCP, nil, false, 7170)
clusterResources := getClusterResources(az, 1, 1)
lb, err := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true /* wantLb */)
@ -697,7 +697,7 @@ func TestServiceRespectsNoSessionAffinity(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc := getTestService("service-sa-none", v1.ProtocolTCP, nil, 7170)
svc := getTestService("service-sa-none", v1.ProtocolTCP, nil, false, 7170)
svc.Spec.SessionAffinity = v1.ServiceAffinityNone
clusterResources := getClusterResources(az, 1, 1)
@ -723,7 +723,7 @@ func TestServiceRespectsClientIPSessionAffinity(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc := getTestService("service-sa-clientip", v1.ProtocolTCP, nil, 7170)
svc := getTestService("service-sa-clientip", v1.ProtocolTCP, nil, false, 7170)
svc.Spec.SessionAffinity = v1.ServiceAffinityClientIP
clusterResources := getClusterResources(az, 1, 1)
@ -750,7 +750,7 @@ func TestReconcileSecurityGroupNewServiceAddsPort(t *testing.T) {
az := GetTestCloud(ctrl)
getTestSecurityGroup(az)
svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80)
svc1 := getTestService("servicea", v1.ProtocolTCP, nil, false, 80)
clusterResources := getClusterResources(az, 1, 1)
lb, _ := az.reconcileLoadBalancer(testClusterName, &svc1, clusterResources.nodes, true)
lbStatus, _ := az.getServiceLoadBalancerStatus(&svc1, lb)
@ -788,8 +788,8 @@ func TestReconcileSecurityGroupRemoveService(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
service1 := getTestService("servicea", v1.ProtocolTCP, nil, 81)
service2 := getTestService("serviceb", v1.ProtocolTCP, nil, 82)
service1 := getTestService("servicea", v1.ProtocolTCP, nil, false, 81)
service2 := getTestService("serviceb", v1.ProtocolTCP, nil, false, 82)
clusterResources := getClusterResources(az, 1, 1)
lb, _ := az.reconcileLoadBalancer(testClusterName, &service1, clusterResources.nodes, true)
@ -813,11 +813,11 @@ func TestReconcileSecurityGroupRemoveServiceRemovesPort(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443)
svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443)
clusterResources := getClusterResources(az, 1, 1)
getTestSecurityGroup(az, svc)
svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, 80)
svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, false, 80)
lb, _ := az.reconcileLoadBalancer(testClusterName, &svc, clusterResources.nodes, true)
lbStatus, _ := az.getServiceLoadBalancerStatus(&svc, lb)
@ -834,7 +834,7 @@ func TestReconcileSecurityWithSourceRanges(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443)
svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443)
svc.Spec.LoadBalancerSourceRanges = []string{
"192.168.0.0/24",
"10.0.0.0/32",
@ -863,7 +863,7 @@ func TestReconcileSecurityGroupEtagMismatch(t *testing.T) {
cachedSG.Etag = to.StringPtr("1111111-0000-0000-0000-000000000000")
az.nsgCache.Set(to.String(sg.Name), &cachedSG)
svc1 := getTestService("servicea", v1.ProtocolTCP, nil, 80)
svc1 := getTestService("servicea", v1.ProtocolTCP, nil, false, 80)
clusterResources := getClusterResources(az, 1, 1)
lb, _ := az.reconcileLoadBalancer(testClusterName, &svc1, clusterResources.nodes, true)
lbStatus, _ := az.getServiceLoadBalancerStatus(&svc1, lb)
@ -883,7 +883,7 @@ func TestReconcilePuablicIPWithNewService(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443)
svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443)
pip, err := az.reconcilePublicIP(testClusterName, &svc, "", true /* wantLb*/)
if err != nil {
@ -907,7 +907,7 @@ func TestReconcilePublicIPRemoveService(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc := getTestService("servicea", v1.ProtocolTCP, nil, 80, 443)
svc := getTestService("servicea", v1.ProtocolTCP, nil, false, 80, 443)
pip, err := az.reconcilePublicIP(testClusterName, &svc, "", true /* wantLb*/)
if err != nil {
@ -954,7 +954,7 @@ func TestReconcilePublicIPWithExternalAndInternalSwitch(t *testing.T) {
validatePublicIP(t, pip, &svc, true)
// Update to external service
svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, 80)
svcUpdated := getTestService("servicea", v1.ProtocolTCP, nil, false, 80)
pip, err = az.reconcilePublicIP(testClusterName, &svcUpdated, "", true /* wantLb*/)
if err != nil {
t.Errorf("Unexpected error: %q", err)
@ -1097,7 +1097,7 @@ func getBackendPort(port int32) int32 {
return port + 10000
}
func getTestService(identifier string, proto v1.Protocol, annotations map[string]string, requestedPorts ...int32) v1.Service {
func getTestService(identifier string, proto v1.Protocol, annotations map[string]string, isIPv6 bool, requestedPorts ...int32) v1.Service {
ports := []v1.ServicePort{}
for _, port := range requestedPorts {
ports = append(ports, v1.ServicePort{
@ -1123,17 +1123,22 @@ func getTestService(identifier string, proto v1.Protocol, annotations map[string
svc.Annotations = annotations
}
svc.Spec.ClusterIP = "10.0.0.2"
if isIPv6 {
svc.Spec.ClusterIP = "fd00::1907"
}
return svc
}
func getInternalTestService(identifier string, requestedPorts ...int32) v1.Service {
svc := getTestService(identifier, v1.ProtocolTCP, nil, requestedPorts...)
svc := getTestService(identifier, v1.ProtocolTCP, nil, false, requestedPorts...)
svc.Annotations[ServiceAnnotationLoadBalancerInternal] = "true"
return svc
}
func getResourceGroupTestService(identifier, resourceGroup, loadBalancerIP string, requestedPorts ...int32) v1.Service {
svc := getTestService(identifier, v1.ProtocolTCP, nil, requestedPorts...)
svc := getTestService(identifier, v1.ProtocolTCP, nil, false, requestedPorts...)
svc.Spec.LoadBalancerIP = loadBalancerIP
svc.Annotations[ServiceAnnotationLoadBalancerResourceGroup] = resourceGroup
return svc
@ -1834,7 +1839,7 @@ func TestIfServiceSpecifiesSharedRuleAndRuleDoesNotExistItIsCreated(t *testing.T
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc := getTestService("servicesr", v1.ProtocolTCP, nil, 80)
svc := getTestService("servicesr", v1.ProtocolTCP, nil, false, 80)
svc.Spec.LoadBalancerIP = "192.168.77.88"
svc.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
@ -1876,7 +1881,7 @@ func TestIfServiceSpecifiesSharedRuleAndRuleExistsThenTheServicesPortAndAddressA
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc := getTestService("servicesr", v1.ProtocolTCP, nil, 80)
svc := getTestService("servicesr", v1.ProtocolTCP, nil, false, 80)
svc.Spec.LoadBalancerIP = "192.168.77.88"
svc.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
@ -1931,11 +1936,11 @@ func TestIfServicesSpecifySharedRuleButDifferentPortsThenSeparateRulesAreCreated
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444)
svc1.Spec.LoadBalancerIP = "192.168.77.88"
svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888)
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 8888)
svc2.Spec.LoadBalancerIP = "192.168.33.44"
svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
@ -2002,11 +2007,11 @@ func TestIfServicesSpecifySharedRuleButDifferentProtocolsThenSeparateRulesAreCre
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444)
svc1.Spec.LoadBalancerIP = "192.168.77.88"
svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc2 := getTestService("servicesr2", v1.ProtocolUDP, nil, 4444)
svc2 := getTestService("servicesr2", v1.ProtocolUDP, nil, false, 4444)
svc2.Spec.LoadBalancerIP = "192.168.77.88"
svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
@ -2071,12 +2076,12 @@ func TestIfServicesSpecifySharedRuleButDifferentSourceAddressesThenSeparateRules
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 80)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 80)
svc1.Spec.LoadBalancerIP = "192.168.77.88"
svc1.Spec.LoadBalancerSourceRanges = []string{"192.168.12.0/24"}
svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 80)
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 80)
svc2.Spec.LoadBalancerIP = "192.168.33.44"
svc2.Spec.LoadBalancerSourceRanges = []string{"192.168.34.0/24"}
svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
@ -2144,15 +2149,15 @@ func TestIfServicesSpecifySharedRuleButSomeAreOnDifferentPortsThenRulesAreSepara
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444)
svc1.Spec.LoadBalancerIP = "192.168.77.88"
svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888)
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 8888)
svc2.Spec.LoadBalancerIP = "192.168.33.44"
svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444)
svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, false, 4444)
svc3.Spec.LoadBalancerIP = "192.168.99.11"
svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
@ -2246,11 +2251,11 @@ func TestIfServiceSpecifiesSharedRuleAndServiceIsDeletedThenTheServicesPortAndAd
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 80)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 80)
svc1.Spec.LoadBalancerIP = "192.168.77.88"
svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 80)
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 80)
svc2.Spec.LoadBalancerIP = "192.168.33.44"
svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
@ -2303,15 +2308,15 @@ func TestIfSomeServicesShareARuleAndOneIsDeletedItIsRemovedFromTheRightRule(t *t
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444)
svc1.Spec.LoadBalancerIP = "192.168.77.88"
svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888)
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 8888)
svc2.Spec.LoadBalancerIP = "192.168.33.44"
svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444)
svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, false, 4444)
svc3.Spec.LoadBalancerIP = "192.168.99.11"
svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
@ -2412,15 +2417,15 @@ func TestIfServiceSpecifiesSharedRuleAndLastServiceIsDeletedThenRuleIsDeleted(t
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444)
svc1.Spec.LoadBalancerIP = "192.168.77.88"
svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888)
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 8888)
svc2.Spec.LoadBalancerIP = "192.168.33.44"
svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444)
svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, false, 4444)
svc3.Spec.LoadBalancerIP = "192.168.99.11"
svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
@ -2494,23 +2499,23 @@ func TestCanCombineSharedAndPrivateRulesInSameGroup(t *testing.T) {
defer ctrl.Finish()
az := GetTestCloud(ctrl)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, 4444)
svc1 := getTestService("servicesr1", v1.ProtocolTCP, nil, false, 4444)
svc1.Spec.LoadBalancerIP = "192.168.77.88"
svc1.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, 8888)
svc2 := getTestService("servicesr2", v1.ProtocolTCP, nil, false, 8888)
svc2.Spec.LoadBalancerIP = "192.168.33.44"
svc2.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, 4444)
svc3 := getTestService("servicesr3", v1.ProtocolTCP, nil, false, 4444)
svc3.Spec.LoadBalancerIP = "192.168.99.11"
svc3.Annotations[ServiceAnnotationSharedSecurityRule] = "true"
svc4 := getTestService("servicesr4", v1.ProtocolTCP, nil, 4444)
svc4 := getTestService("servicesr4", v1.ProtocolTCP, nil, false, 4444)
svc4.Spec.LoadBalancerIP = "192.168.22.33"
svc4.Annotations[ServiceAnnotationSharedSecurityRule] = "false"
svc5 := getTestService("servicesr5", v1.ProtocolTCP, nil, 8888)
svc5 := getTestService("servicesr5", v1.ProtocolTCP, nil, false, 8888)
svc5.Spec.LoadBalancerIP = "192.168.22.33"
svc5.Annotations[ServiceAnnotationSharedSecurityRule] = "false"

View File

@ -830,15 +830,15 @@ func (ss *scaleSet) EnsureHostInPool(service *v1.Service, nodeName types.NodeNam
}
var primaryIPConfiguration *compute.VirtualMachineScaleSetIPConfiguration
ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP)
// Find primary network interface configuration.
if !ss.Cloud.ipv6DualStackEnabled {
if !ss.Cloud.ipv6DualStackEnabled && !ipv6 {
// Find primary IP configuration.
primaryIPConfiguration, err = getPrimaryIPConfigFromVMSSNetworkConfig(primaryNetworkInterfaceConfiguration)
if err != nil {
return err
}
} else {
ipv6 := utilnet.IsIPv6String(service.Spec.ClusterIP)
primaryIPConfiguration, err = ss.getConfigForScaleSetByIPFamily(primaryNetworkInterfaceConfiguration, vmName, ipv6)
if err != nil {
return err