From 8da20f38eae76fdeb1efba4f06a1e0c01c82d48a Mon Sep 17 00:00:00 2001 From: Tim Froidcoeur Date: Tue, 30 Aug 2022 15:29:53 +0200 Subject: [PATCH] fix multiple default gw when the configuration specifies both an IPv4 and IPv6 default route, the IsFilterV4Gateway and IsFilterV6Gateway flags should both be false, to allow the gateway configuration. The logic in CheckGatewayConfig would do the inverse, setting both to true in case of both IPv4 and IPv6 gateway. Fixes: d52f2b6a ("Update libcni cache when default-route net selection is used") Signed-off-by: Tim Froidcoeur --- pkg/types/conf.go | 12 +++++------ pkg/types/conf_test.go | 47 ++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 50 insertions(+), 9 deletions(-) diff --git a/pkg/types/conf.go b/pkg/types/conf.go index 86d977de2..c5bfd35d1 100644 --- a/pkg/types/conf.go +++ b/pkg/types/conf.go @@ -628,16 +628,14 @@ func CheckGatewayConfig(delegates []*DelegateNetConf) error { // set filter flag for each delegate for i, delegate := range delegates { - // no GatewayRequest - if delegate.GatewayRequest == nil { - delegates[i].IsFilterV4Gateway = true - delegates[i].IsFilterV6Gateway = true - } else { + delegates[i].IsFilterV4Gateway = true + delegates[i].IsFilterV6Gateway = true + if delegate.GatewayRequest != nil { for _, gw := range *delegate.GatewayRequest { if gw.To4() != nil { - delegates[i].IsFilterV6Gateway = true + delegates[i].IsFilterV4Gateway = false } else { - delegates[i].IsFilterV4Gateway = true + delegates[i].IsFilterV6Gateway = false } } } diff --git a/pkg/types/conf_test.go b/pkg/types/conf_test.go index de3073880..65027d0dd 100644 --- a/pkg/types/conf_test.go +++ b/pkg/types/conf_test.go @@ -928,7 +928,12 @@ var _ = Describe("config operations", func() { netconf, err := LoadDelegateNetConf([]byte(conf), ns, "", "") Expect(err).NotTo(HaveOccurred()) + + Expect(CheckGatewayConfig([]*DelegateNetConf{netconf})).To(Succeed()) + Expect(netconf.GatewayRequest).To(BeNil()) + Expect(netconf.IsFilterV4Gateway).To(BeTrue()) + Expect(netconf.IsFilterV6Gateway).To(BeTrue()) }) It("test LoadDelegateNetConf keeps empty GatewayRequest", func() { @@ -950,8 +955,13 @@ var _ = Describe("config operations", func() { netconf, err := LoadDelegateNetConf([]byte(conf), ns, "", "") Expect(err).NotTo(HaveOccurred()) + + Expect(CheckGatewayConfig([]*DelegateNetConf{netconf})).To(Succeed()) + Expect(netconf.GatewayRequest).NotTo(BeNil()) - Expect(len(*netconf.GatewayRequest)).To(BeEquivalentTo(0)) + Expect(len(*netconf.GatewayRequest)).To(Equal(0)) + Expect(netconf.IsFilterV4Gateway).To(BeTrue()) + Expect(netconf.IsFilterV6Gateway).To(BeTrue()) }) It("test LoadDelegateNetConf keeps GatewayRequest", func() { @@ -973,8 +983,41 @@ var _ = Describe("config operations", func() { netconf, err := LoadDelegateNetConf([]byte(conf), ns, "", "") Expect(err).NotTo(HaveOccurred()) + + Expect(CheckGatewayConfig([]*DelegateNetConf{netconf})).To(Succeed()) + Expect(netconf.GatewayRequest).NotTo(BeNil()) - Expect(len(*netconf.GatewayRequest)).To(BeEquivalentTo(1)) + Expect(len(*netconf.GatewayRequest)).To(Equal(1)) + Expect(netconf.IsFilterV4Gateway).To(BeFalse()) + Expect(netconf.IsFilterV6Gateway).To(BeTrue()) + }) + + It("test LoadDelegateNetConf keeps dual GatewayRequest", func() { + conf := `{ + "name": "node-cni-network", + "type": "multus", + "kubeconfig": "/etc/kubernetes/node-kubeconfig.yaml", + "delegates": [{ + "name": "weave-list", + "plugins": [ {"type" :"weave"} ] + }] + }` + + nsJSON := `{ "name": "foobar", "default-route": [ "10.1.1.1", "fc00::1" ] }` + ns := &NetworkSelectionElement{} + + err := json.Unmarshal([]byte(nsJSON), ns) + Expect(err).NotTo(HaveOccurred()) + + netconf, err := LoadDelegateNetConf([]byte(conf), ns, "", "") + Expect(err).NotTo(HaveOccurred()) + + Expect(CheckGatewayConfig([]*DelegateNetConf{netconf})).To(Succeed()) + + Expect(netconf.GatewayRequest).NotTo(BeNil()) + Expect(len(*netconf.GatewayRequest)).To(Equal(2)) + Expect(netconf.IsFilterV4Gateway).To(BeFalse()) + Expect(netconf.IsFilterV6Gateway).To(BeFalse()) }) })