fix pod mac may conflict with gateway mac

Signed-off-by: clyi <clyi@alauda.io>

Author: changluyi

pkg/controller/subnet.go

@@ -705,6 +705,18 @@ func (c *Controller) handleAddOrUpdateSubnet(key string) error {
 		}
 	}
 
+	// Record the gateway MAC in ipam if router port exists
+	if needRouter {
+		routerPortName := ovs.LogicalRouterPortName(vpc.Status.Router, subnet.Name)
+		if mac, err := c.ovnClient.GetLogicalRouterPortMAC(routerPortName); err == nil {
+			if err := c.ipam.RecordGatewayMAC(subnet.Name, mac); err != nil {
+				klog.Warningf("failed to record gateway MAC %s for subnet %s: %v", mac, subnet.Name, err)
+			}
+		} else {
+			klog.V(3).Infof("router port %s not found or has no MAC, skipping gateway MAC record", routerPortName)
+		}
+	}
+
 	var mtu int
 	if subnet.Spec.Mtu > 0 {
 		mtu = int(subnet.Spec.Mtu)

pkg/ipam/ipam.go

@@ -277,3 +277,17 @@ func (ipam *IPAM) GetSubnetV4Mask(subnetName string) (string, error) {
 		return "", ErrNoAvailable
 	}
 }
+
+func (ipam *IPAM) RecordGatewayMAC(subnetName, gatewayMAC string) error {
+	ipam.mutex.Lock()
+	defer ipam.mutex.Unlock()
+
+	subnet, ok := ipam.Subnets[subnetName]
+	if !ok {
+		return fmt.Errorf("subnet %s not found in ipam", subnetName)
+	}
+
+	subnet.GatewayMAC = gatewayMAC
+	klog.Infof("recorded gateway MAC %s for subnet %s", gatewayMAC, subnetName)
+	return nil
+}

pkg/ipam/subnet.go

@@ -33,6 +33,7 @@ type Subnet struct {
 	PodToNicList     map[string][]string
 	V4Gw             string
 	V6Gw             string
+	GatewayMAC       string
 }
 
 func NewSubnet(name, cidrStr string, excludeIps []string) (*Subnet, error) {
@@ -72,6 +73,7 @@ func NewSubnet(name, cidrStr string, excludeIps []string) (*Subnet, error) {
 			MacToPod:         map[string]string{},
 			NicToMac:         map[string]string{},
 			PodToNicList:     map[string][]string{},
+			GatewayMAC:       "",
 		}
 		subnet.joinFreeWithReserve()
 	} else if protocol == kubeovnv1.ProtocolIPv6 {
@@ -93,6 +95,7 @@ func NewSubnet(name, cidrStr string, excludeIps []string) (*Subnet, error) {
 			MacToPod:         map[string]string{},
 			NicToMac:         map[string]string{},
 			PodToNicList:     map[string][]string{},
+			GatewayMAC:       "",
 		}
 		subnet.joinFreeWithReserve()
 	} else {
@@ -121,6 +124,7 @@ func NewSubnet(name, cidrStr string, excludeIps []string) (*Subnet, error) {
 			MacToPod:         map[string]string{},
 			NicToMac:         map[string]string{},
 			PodToNicList:     map[string][]string{},
+			GatewayMAC:       "",
 		}
 		subnet.joinFreeWithReserve()
 	}
@@ -132,7 +136,7 @@ func (subnet *Subnet) GetRandomMac(podName, nicName string) string {
 		return mac
 	}
 	for {
-		mac := util.GenerateMac()
+		mac := util.GenerateMacWithExclusion([]string{subnet.GatewayMAC})
 		if _, ok := subnet.MacToPod[mac]; !ok {
 			subnet.MacToPod[mac] = podName
 			subnet.NicToMac[nicName] = mac
@@ -142,6 +146,11 @@ func (subnet *Subnet) GetRandomMac(podName, nicName string) string {
 }
 
 func (subnet *Subnet) GetStaticMac(podName, nicName, mac string, checkConflict bool) error {
+	if subnet.GatewayMAC != "" && mac == subnet.GatewayMAC {
+		klog.Errorf("mac %s conflicts with gateway MAC %s", mac, subnet.GatewayMAC)
+		return ErrConflict
+	}
+
 	if checkConflict {
 		if p, ok := subnet.MacToPod[mac]; ok && p != podName {
 			klog.Errorf("mac %s has been allocated to pod %s", mac, p)

pkg/ovs/ovn-nb-logical_router_port.go

@@ -82,3 +82,16 @@ func (c OvnClient) LogicalRouterPortExists(name string) (bool, error) {
 	lrp, err := c.GetLogicalRouterPort(name, true)
 	return lrp != nil, err
 }
+
+func (c OvnClient) GetLogicalRouterPortMAC(name string) (string, error) {
+	lrp, err := c.GetLogicalRouterPort(name, false)
+	if err != nil {
+		return "", fmt.Errorf("failed to get logical router port %s: %v", name, err)
+	}
+
+	if lrp == nil {
+		return "", fmt.Errorf("logical router port %s not found", name)
+	}
+
+	return lrp.MAC, nil
+}

pkg/ovs/ovn-nbctl-legacy.go

@@ -136,6 +136,21 @@ func (c LegacyClient) DeleteLogicalRouterPort(port string) error {
 	return nil
 }
 
+// GetLogicalRouterPortMAC get logical router port mac address
+func (c LegacyClient) GetLogicalRouterPortMAC(port string) (string, error) {
+	output, err := c.ovnNbCommand("--data=bare", "--no-heading", "--columns=mac", "find", "logical_router_port", fmt.Sprintf("name=%s", port))
+	if err != nil {
+		return "", fmt.Errorf("failed to get logical router port %s mac: %v", port, err)
+	}
+
+	mac := strings.TrimSpace(output)
+	if mac == "" {
+		return "", fmt.Errorf("logical router port %s not found or has no mac address", port)
+	}
+
+	return mac, nil
+}
+
 func (c LegacyClient) CreateICLogicalRouterPort(az, ts, mac, subnet string, chassises []string) error {
 	lspName := fmt.Sprintf("%s-%s", ts, az)
 	lrpName := fmt.Sprintf("%s-%s", az, ts)

pkg/util/net.go

@@ -7,6 +7,7 @@ import (
 	"math"
 	"math/big"
 	"net"
+	"slices"
 	"strconv"
 	"strings"
 	"time"
@@ -46,6 +47,15 @@ func GenerateMac() string {
 	return net.HardwareAddr(buf).String()
 }
 
+func GenerateMacWithExclusion(exclusionMACs []string) string {
+	for {
+		mac := GenerateMac()
+		if !slices.Contains(exclusionMACs, mac) {
+			return mac
+		}
+	}
+}
+
 func Ip2BigInt(ipStr string) *big.Int {
 	ipBigInt := big.NewInt(0)
 	if CheckProtocol(ipStr) == kubeovnv1.ProtocolIPv4 {