Fix the problem that if available ip is 0 but there is a value in excludeIPs, the fixed ip is used as the ip in excludeIPs but the error noAddressAvaliable is still reported. (#5561)

Signed-off-by: clyi <clyi@alauda.io>

Author: changluyi

pkg/controller/pod.go

@@ -1632,18 +1632,18 @@ func (c *Controller) getPodDefaultSubnet(pod *v1.Pod) (*kubeovnv1.Subnet, error)
 
 		switch subnet.Spec.Protocol {
 		case kubeovnv1.ProtocolDual:
-			if subnet.Status.V6AvailableIPs == 0 {
+			if subnet.Status.V6AvailableIPs == 0 && !c.podCanUseExcludeIPs(pod, subnet) {
 				klog.Infof("there's no available ipv6 address in subnet %s, try next one", subnet.Name)
 				continue
 			}
 			fallthrough
 		case kubeovnv1.ProtocolIPv4:
-			if subnet.Status.V4AvailableIPs == 0 {
+			if subnet.Status.V4AvailableIPs == 0 && !c.podCanUseExcludeIPs(pod, subnet) {
 				klog.Infof("there's no available ipv4 address in subnet %s, try next one", subnet.Name)
 				continue
 			}
 		case kubeovnv1.ProtocolIPv6:
-			if subnet.Status.V6AvailableIPs == 0 {
+			if subnet.Status.V6AvailableIPs == 0 && !c.podCanUseExcludeIPs(pod, subnet) {
 				klog.Infof("there's no available ipv6 address in subnet %s, try next one", subnet.Name)
 				continue
 			}
@@ -1653,6 +1653,36 @@ func (c *Controller) getPodDefaultSubnet(pod *v1.Pod) (*kubeovnv1.Subnet, error)
 	return nil, ipam.ErrNoAvailable
 }
 
+func (c *Controller) podCanUseExcludeIPs(pod *v1.Pod, subnet *kubeovnv1.Subnet) bool {
+	if ipAddr := pod.Annotations[util.IPAddressAnnotation]; ipAddr != "" {
+		return c.checkIPsInExcludeList(ipAddr, subnet.Spec.ExcludeIps, subnet.Spec.CIDRBlock)
+	}
+	if ipPool := pod.Annotations[util.IPPoolAnnotation]; ipPool != "" {
+		return c.checkIPsInExcludeList(ipPool, subnet.Spec.ExcludeIps, subnet.Spec.CIDRBlock)
+	}
+
+	return false
+}
+
+func (c *Controller) checkIPsInExcludeList(ips string, excludeIPs []string, cidr string) bool {
+	expandedExcludeIPs := util.ExpandExcludeIPs(excludeIPs, cidr)
+
+	for ipAddr := range strings.SplitSeq(strings.TrimSpace(ips), ",") {
+		ipAddr = strings.TrimSpace(ipAddr)
+		if ipAddr == "" {
+			continue
+		}
+
+		for _, excludeIP := range expandedExcludeIPs {
+			if util.ContainsIPs(excludeIP, ipAddr) {
+				klog.V(3).Infof("IP %s is found in exclude IP %s, allowing allocation", ipAddr, excludeIP)
+				return true
+			}
+		}
+	}
+	return false
+}
+
 type providerType int
 
 const (

test/e2e/kube-ovn/subnet/subnet.go

@@ -289,6 +289,71 @@ var _ = framework.Describe("[group:subnet]", func() {
 		}
 	})
 
+	framework.ConformanceIt("should allow pod with fixed IP or IP pool in excludeIPs when available IPs is 0", func() {
+		ginkgo.By("Creating a small subnet with very limited IP range")
+		var smallCIDR string
+		var excludeIPs []string
+		var usableIPs []string
+
+		switch f.ClusterIPFamily {
+		case "ipv4":
+			smallCIDR = "192.168.200.0/30"
+			excludeIPs = []string{"192.168.200.1", "192.168.200.2"}
+			usableIPs = []string{"192.168.200.2"}
+		case "ipv6":
+			smallCIDR = "fd00:192:168:200::/126"
+			excludeIPs = []string{"fd00:192:168:200::1", "fd00:192:168:200::2"}
+			usableIPs = []string{"fd00:192:168:200::2"}
+		case "dual":
+			smallCIDR = "192.168.200.0/30,fd00:192:168:200::/126"
+			excludeIPs = []string{"192.168.200.1", "192.168.200.2", "fd00:192:168:200::1", "fd00:192:168:200::2"}
+			usableIPs = []string{"192.168.200.2", "fd00:192:168:200::2"}
+		}
+
+		subnetName = "small-subnet-" + framework.RandomSuffix()
+		ginkgo.By(fmt.Sprintf("Creating small subnet %s with exclude IPs %v", subnetName, excludeIPs))
+		smallSubnet := framework.MakeSubnet(subnetName, "", smallCIDR, "", "", "", excludeIPs, nil, []string{namespaceName})
+		smallSubnet = subnetClient.CreateSync(smallSubnet)
+
+		ginkgo.By("Verifying available IPs is 0 after excluding the only usable IPs")
+		framework.ExpectZero(smallSubnet.Status.V4AvailableIPs + smallSubnet.Status.V6AvailableIPs)
+
+		// Test cases: both fixed IP and IP pool annotations
+		testCases := []struct {
+			name            string
+			annotationKey   string
+			annotationValue string
+		}{
+			{
+				name:            "fix ip",
+				annotationKey:   util.IPAddressAnnotation,
+				annotationValue: strings.Join(usableIPs, ","),
+			},
+			{
+				name:            "fix ip pool",
+				annotationKey:   util.IPPoolAnnotation,
+				annotationValue: strings.Join(usableIPs, ","),
+			},
+		}
+
+		for _, tc := range testCases {
+			ginkgo.By(fmt.Sprintf("Creating pod with %s annotation that matches excludeIPs", tc.name))
+			podName = fmt.Sprintf("pod-%s-%s", strings.ReplaceAll(tc.name, " ", "-"), framework.RandomSuffix())
+			annotations := map[string]string{
+				tc.annotationKey: tc.annotationValue,
+			}
+			cmd := []string{"sleep", "infinity"}
+			pod := framework.MakePrivilegedPod(namespaceName, podName, nil, annotations, f.KubeOVNImage, cmd, nil)
+			pod = podClient.CreateSync(pod)
+
+			ginkgo.By(fmt.Sprintf("Verifying pod gets the %s IPs despite availableIPs being 0", tc.name))
+			framework.ExpectHaveKeyWithValue(pod.Annotations, tc.annotationKey, tc.annotationValue)
+
+			ginkgo.By(fmt.Sprintf("Cleaning up test pod for %s", tc.name))
+			podClient.DeleteSync(podName)
+		}
+	})
+
 	framework.ConformanceIt("should create subnet with centralized gateway", func() {
 		ginkgo.By("Getting nodes")
 		nodes, err := e2enode.GetReadySchedulableNodes(context.Background(), cs)