refactor: updated IP controller for new ipam

Author: fra98

apis/ipam/v1alpha1/ip_types.go

@@ -49,10 +49,10 @@ type IPSpec struct {
 	// IP is the local IP.
 	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="IP field is immutable"
 	IP networkingv1beta1.IP `json:"ip"`
-	// CIDR is the network CIDR where the desired IP should be allocated from.
+	// NetworkRef is the reference to the Network CR containing the CIDR where the desired IP should be allocated from.
 	// It is optional, if left empty the IP will be allocated in a default network CIDR (e.g., external CIDR).
 	// +kubebuilder:validation:Optional
-	CIDR *networkingv1beta1.CIDR `json:"cidr,omitempty"`
+	NetworkRef *v1.ObjectReference `json:"networkRef,omitempty"`
 	// ServiceTemplate contains the template to create the associated service (and endpointslice) for the IP endopoint.
 	// If empty the creation of the service is disabled (default).
 	// +kubebuilder:validation:Optional
@@ -65,21 +65,21 @@ type IPSpec struct {
 
 // IPStatus defines remapped IPs.
 type IPStatus struct {
-	// IPMappings contains the mapping of the local IP for each remote cluster.
-	IPMappings map[string]networkingv1beta1.IP `json:"ipMappings,omitempty"`
 	// IP is the remapped IP.
 	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="IP field is immutable"
-	IP networkingv1beta1.IP `json:"ip"`
+	IP networkingv1beta1.IP `json:"ip,omitempty"`
 	// CIDR is the network CIDR where the IP is allocated.
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="CIDR field is immutable"
 	CIDR networkingv1beta1.CIDR `json:"cidr,omitempty"`
 }
 
 // +kubebuilder:object:root=true
 // +kubebuilder:resource:categories=liqo
 // +kubebuilder:subresource:status
 // +kubebuilder:printcolumn:name="Local IP",type=string,JSONPath=`.spec.ip`
+// +kubebuilder:printcolumn:name="Remapped IP",type=string,JSONPath=`.status.ip`
+// +kubebuilder:printcolumn:name="Remapped IP CIDR",type=string,JSONPath=`.status.cidr`
 // +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp`
-// +kubebuilder:printcolumn:name="Remapped IPs",type=string,JSONPath=`.status.ipMappings`,priority=1
 // +genclient
 
 // IP is the Schema for the IP API.

apis/ipam/v1alpha1/zz_generated.deepcopy.go

@@ -260,7 +260,7 @@ func main() {
 			ipamClient = ipam.NewIPAMClient(conn)
 		}
 
-		if err := modules.SetupNetworkingModule(ctx, mgr, &modules.NetworkingOption{
+		if err := modules.SetupNetworkingModule(mgr, &modules.NetworkingOption{
 			DynClient: dynClient,
 			Factory:   factory,
 

cmd/liqo-controller-manager/main.go

@@ -15,8 +15,6 @@
 package modules
 
 import (
-	"context"
-
 	"k8s.io/client-go/dynamic"
 	"k8s.io/klog/v2"
 	"sigs.k8s.io/controller-runtime/pkg/manager"
@@ -35,6 +33,7 @@ import (
 	nodecontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/networking/internal-network/node-controller"
 	"github.com/liqotech/liqo/pkg/liqo-controller-manager/networking/internal-network/route"
 	internalservercontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/networking/internal-network/server-controller"
+	ipctrl "github.com/liqotech/liqo/pkg/liqo-controller-manager/networking/ip-controller"
 	networkctrl "github.com/liqotech/liqo/pkg/liqo-controller-manager/networking/network-controller"
 	dynamicutils "github.com/liqotech/liqo/pkg/utils/dynamic"
 )
@@ -60,19 +59,18 @@ type NetworkingOption struct {
 }
 
 // SetupNetworkingModule setup the networking module and initializes its controllers .
-func SetupNetworkingModule(_ context.Context, mgr manager.Manager, opts *NetworkingOption) error {
+func SetupNetworkingModule(mgr manager.Manager, opts *NetworkingOption) error {
 	networkReconciler := networkctrl.NewNetworkReconciler(mgr.GetClient(), mgr.GetScheme(), opts.IpamClient)
 	if err := networkReconciler.SetupWithManager(mgr, opts.NetworkWorkers); err != nil {
 		klog.Errorf("Unable to start the networkReconciler: %v", err)
 		return err
 	}
 
-	// TODO: refactor IP reconciler with the new IPAM client.
-	// ipReconciler := ipctrl.NewIPReconciler(mgr.GetClient(), mgr.GetScheme(), opts.IpamClient)
-	// if err := ipReconciler.SetupWithManager(ctx, mgr, opts.IPWorkers); err != nil {
-	// 	klog.Errorf("Unable to start the ipReconciler: %v", err)
-	// 	return err
-	// }
+	ipReconciler := ipctrl.NewIPReconciler(mgr.GetClient(), mgr.GetScheme(), opts.IpamClient)
+	if err := ipReconciler.SetupWithManager(mgr, opts.IPWorkers); err != nil {
+		klog.Errorf("Unable to start the ipReconciler: %v", err)
+		return err
+	}
 
 	cfgReconciler := configuration.NewConfigurationReconciler(mgr.GetClient(), mgr.GetScheme(),
 		mgr.GetEventRecorderFor("configuration-controller"))

cmd/liqo-controller-manager/modules/networking.go

@@ -20,13 +20,15 @@ spec:
     - jsonPath: .spec.ip
       name: Local IP
       type: string
+    - jsonPath: .status.ip
+      name: Remapped IP
+      type: string
+    - jsonPath: .status.cidr
+      name: Remapped IP CIDR
+      type: string
     - jsonPath: .metadata.creationTimestamp
       name: Age
       type: date
-    - jsonPath: .status.ipMappings
-      name: Remapped IPs
-      priority: 1
-      type: string
     name: v1alpha1
     schema:
       openAPIV3Schema:
@@ -52,12 +54,6 @@ spec:
           spec:
             description: IPSpec defines a local IP.
             properties:
-              cidr:
-                description: |-
-                  CIDR is the network CIDR where the desired IP should be allocated from.
-                  It is optional, if left empty the IP will be allocated in a default network CIDR (e.g., external CIDR).
-                format: cidr
-                type: string
               ip:
                 description: IP is the local IP.
                 format: ipv4
@@ -70,6 +66,51 @@ spec:
                   Masquerade is a flag to enable masquerade for the local IP on nodes.
                   If empty the masquerade is disabled.
                 type: boolean
+              networkRef:
+                description: |-
+                  NetworkRef is the reference to the Network CR containing the CIDR where the desired IP should be allocated from.
+                  It is optional, if left empty the IP will be allocated in a default network CIDR (e.g., external CIDR).
+                properties:
+                  apiVersion:
+                    description: API version of the referent.
+                    type: string
+                  fieldPath:
+                    description: |-
+                      If referring to a piece of an object instead of an entire object, this string
+                      should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+                      For example, if the object reference is to a container within a pod, this would take on a value like:
+                      "spec.containers{name}" (where "name" refers to the name of the container that triggered
+                      the event) or if no container name is specified "spec.containers[2]" (container with
+                      index 2 in this pod). This syntax is chosen only to have some well-defined way of
+                      referencing a part of an object.
+                    type: string
+                  kind:
+                    description: |-
+                      Kind of the referent.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+                    type: string
+                  name:
+                    description: |-
+                      Name of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+                    type: string
+                  namespace:
+                    description: |-
+                      Namespace of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
+                    type: string
+                  resourceVersion:
+                    description: |-
+                      Specific resourceVersion to which this reference is made, if any.
+                      More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
+                    type: string
+                  uid:
+                    description: |-
+                      UID of the referent.
+                      More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+                    type: string
+                type: object
+                x-kubernetes-map-type: atomic
               serviceTemplate:
                 description: |-
                   ServiceTemplate contains the template to create the associated service (and endpointslice) for the IP endopoint.
@@ -449,23 +490,16 @@ spec:
                 description: CIDR is the network CIDR where the IP is allocated.
                 format: cidr
                 type: string
+                x-kubernetes-validations:
+                - message: CIDR field is immutable
+                  rule: self == oldSelf
               ip:
                 description: IP is the remapped IP.
                 format: ipv4
                 type: string
                 x-kubernetes-validations:
                 - message: IP field is immutable
                   rule: self == oldSelf
-              ipMappings:
-                additionalProperties:
-                  description: IP defines a syntax validated IP.
-                  format: ipv4
-                  type: string
-                description: IPMappings contains the mapping of the local IP for each
-                  remote cluster.
-                type: object
-            required:
-            - ip
             type: object
         required:
         - spec

deployments/liqo/charts/liqo-crds/crds/ipam.liqo.io_ips.yaml

@@ -59,8 +59,8 @@ apiVersion: ipam.liqo.io/v1alpha1
 kind: IP
 ...
 status:
-  ipMappings:
-    cluster1: <REMAPPED_IP>
+  ip: <REMAPPED_IP>
+  cidr: <CIDR_REMAPPED_IP>
 
 ```
 

docs/advanced/external-ip-remapping.md

@@ -50,6 +50,11 @@ const (
 	// IPTypeAPIServerProxy is the constant representing an IP of type APIServerProxy.
 	IPTypeAPIServerProxy = "api-server-proxy"
 
+	// NetworkNamespaceLabelKey is the label key used to indicate the namespace of a Network.
+	NetworkNamespaceLabelKey = "ipam.liqo.io/network-namespace"
+	// NetworkNameLabelKey is the label key used to indicate the name of a Network.
+	NetworkNameLabelKey = "ipam.liqo.io/network-name"
+
 	// DefaultCIDRValue is the default value for a string that contains a CIDR.
 	DefaultCIDRValue = "None"
 )

pkg/consts/ipam.go

@@ -18,6 +18,7 @@ import (
 	"context"
 	"time"
 
+	"github.com/google/nftables"
 	klog "k8s.io/klog/v2"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
@@ -64,8 +65,12 @@ func (lipam *LiqoIPAM) acquireIP(cidr string) (string, error) {
 	if lipam.cacheIPs == nil {
 		lipam.cacheIPs = make(map[string]ipInfo)
 	}
+	firstIP, _, err := nftables.NetFirstAndLastIP(cidr)
+	if err != nil {
+		return "", err
+	}
 	ip := ipCidr{
-		ip:   "",
+		ip:   firstIP.String(),
 		cidr: cidr,
 	}
 	lipam.cacheIPs[ip.String()] = ipInfo{

pkg/ipam/ips.go

@@ -22,7 +22,6 @@ import (
 	. "github.com/onsi/gomega"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes/scheme"
-	"k8s.io/utils/ptr"
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 
 	ipamv1alpha1 "github.com/liqotech/liqo/apis/ipam/v1alpha1"
@@ -81,8 +80,7 @@ var _ = Describe("Sync routine tests", func() {
 					Namespace: testNamespace,
 				},
 				Spec: ipamv1alpha1.IPSpec{
-					IP:   networkingv1beta1.IP(ip),
-					CIDR: ptr.To(networkingv1beta1.CIDR(cidr)),
+					IP: networkingv1beta1.IP(ip),
 				},
 				Status: ipamv1alpha1.IPStatus{
 					IP:   networkingv1beta1.IP(ip),

pkg/ipam/sync_test.go

@@ -0,0 +1,16 @@
+// Copyright 2019-2024 The Liqo Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package utils contain utility functions for the IPAM package.
+package utils