Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support showing NSX LB SNAT IP in networkinfo CR #1018

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Support showing NSX LB SNAT IP in networkinfo CR #1018

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 24 additions & 6 deletions pkg/controllers/networkinfo/networkinfo_controller.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@ var (
nsMsgVPCCreateUpdateError = newNsUnreadyMessage("Error happened to create or update VPC: %v", NSReasonVPCNotReady)
nsMsgVPCNsxLBSNotReady = newNsUnreadyMessage("Error happened to get NSX LBS path in VPC: %v", NSReasonVPCNotReady)
nsMsgVPCAviSubnetError = newNsUnreadyMessage("Error happened to get Avi Load balancer Subnet info: %v", NSReasonVPCNotReady)
nsMsgVPCNSXLBSNATIPError = newNsUnreadyMessage("Error happened to get NSX Load balancer SNAT IP info: %v", NSReasonVPCNotReady)
nsMsgVPCGetExtIPBlockError = newNsUnreadyMessage("Error happened to get external IP blocks: %v", NSReasonVPCNotReady)
nsMsgVPCNoExternalIPBlock = newNsUnreadyMessage("System VPC has no external IP blocks", NSReasonVPCNotReady)
nsMsgVPCAutoSNATDisabled = newNsUnreadyMessage("SNAT is not enabled in System VPC", NSReasonVPCSnatNotReady)
Expand Down Expand Up @@ -125,6 +126,7 @@ func (r *NetworkInfoReconciler) GetVpcConnectivityProfilePathByVpcPath(vpcPath s
return "", err
}
}

func (r *NetworkInfoReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
startTime := time.Now()
defer func() {
Expand Down Expand Up @@ -252,7 +254,7 @@ func (r *NetworkInfoReconciler) Reconcile(ctx context.Context, req ctrl.Request)
nsxLBSPath = r.Service.GetDefaultNSXLBSPathByVPC(*createdVpc.Id)
}

snatIP, path, cidr := "", "", ""
snatIP, aviSubnetPath, aviSECIDR, nsxLBSNATIP, lbIP := "", "", "", "", ""

vpcConnectivityProfile, err := r.Service.GetVpcConnectivityProfile(&nc, vpcConnectivityProfilePath)
if err != nil {
Expand Down Expand Up @@ -302,30 +304,46 @@ func (r *NetworkInfoReconciler) Reconcile(ctx context.Context, req ctrl.Request)
// nsx bug, if set LoadBalancerVpcEndpoint.Enabled to false, when read this VPC back,
// LoadBalancerVpcEndpoint.Enabled will become a nil pointer.
if lbProvider == vpc.AVILB && createdVpc.LoadBalancerVpcEndpoint != nil && createdVpc.LoadBalancerVpcEndpoint.Enabled != nil && *createdVpc.LoadBalancerVpcEndpoint.Enabled {
path, cidr, err = r.Service.GetAVISubnetInfo(*createdVpc)
aviSubnetPath, aviSECIDR, err = r.Service.GetAVISubnetInfo(*createdVpc)
if err != nil {
log.Error(err, "Failed to read LB Subnet path and CIDR", "VPC", createdVpc.Id)
log.Error(err, "Failed to read AVI LB Subnet path and CIDR", "VPC", createdVpc.Id)
state := &v1alpha1.VPCState{
Name: *createdVpc.DisplayName,
DefaultSNATIP: snatIP,
LoadBalancerIPAddresses: "",
PrivateIPs: privateIPs,
}
r.StatusUpdater.UpdateFail(ctx, networkInfoCR, err, fmt.Sprintf("Failed to read LB Subnet path and CIDR, VPC: %s", *createdVpc.Id), setNetworkInfoVPCStatusWithError, state)
r.StatusUpdater.UpdateFail(ctx, networkInfoCR, err, fmt.Sprintf("Failed to read AVI LB Subnet path and CIDR, VPC: %s", *createdVpc.Id), setNetworkInfoVPCStatusWithError, state)
setNSNetworkReadyCondition(ctx, r.Client, req.Namespace, nsMsgVPCAviSubnetError.getNSNetworkCondition(err))
return common.ResultRequeueAfter10sec, err
}
lbIP = aviSECIDR
} else if lbProvider == vpc.NSXLB {
nsxLBSNATIP, err = r.Service.GetNSXLBSNATIP(*createdVpc)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could we return the VPC Tier1 LB SNAT IP in CreateOrUpdateVPC func when checking the realization state of VPC?
we can avoid a new NSX API call to get VPC realization state again.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could you also help check if VPC is created with AVI Subnet, we still can get the LB SNAT IP right?

if err != nil {
log.Error(err, "Failed to read NSX LB SNAT IP", "VPC", createdVpc.Id)
state := &v1alpha1.VPCState{
Name: *createdVpc.DisplayName,
DefaultSNATIP: snatIP,
LoadBalancerIPAddresses: "",
PrivateIPs: privateIPs,
}
r.StatusUpdater.UpdateFail(ctx, networkInfoCR, err, fmt.Sprintf("Failed to read NSX LB Subnet path and CIDR, VPC: %s", *createdVpc.Id), setNetworkInfoVPCStatusWithError, state)
setNSNetworkReadyCondition(ctx, r.Client, req.Namespace, nsMsgVPCNSXLBSNATIPError.getNSNetworkCondition(err))
return common.ResultRequeueAfter10sec, err
}
lbIP = nsxLBSNATIP
}

state := &v1alpha1.VPCState{
Name: *createdVpc.DisplayName,
DefaultSNATIP: snatIP,
LoadBalancerIPAddresses: cidr,
LoadBalancerIPAddresses: lbIP,
PrivateIPs: privateIPs,
}

// AKO needs to know the AVI subnet path created by NSX
setVPCNetworkConfigurationStatusWithLBS(ctx, r.Client, ncName, state.Name, path, nsxLBSPath, *createdVpc.Path)
setVPCNetworkConfigurationStatusWithLBS(ctx, r.Client, ncName, state.Name, aviSubnetPath, nsxLBSPath, *createdVpc.Path)
r.StatusUpdater.UpdateSuccess(ctx, networkInfoCR, setNetworkInfoVPCStatus, state)

if retryWithSystemVPC {
Expand Down
Loading
Loading