MGMT-22237: Implement the required changes for IP Configuration flow: IP configuration is a new flow which will be introduced soon in LCA. The flow essentialy performs IP change in SNO clusters. To perform the change correctly, we need to change the IP in the pods statuses as well and delete the old node for regenration. IBU doesn't require this logic because it changes the hostname and in that case recert deletes the pods and node anyway.

Author: danmanor

src/etcd_encoding.rs

@@ -5,7 +5,7 @@ use super::protobuf_gen::{
             admissionregistration::v1::{MutatingWebhookConfiguration, ValidatingWebhookConfiguration},
             apps::v1::{ControllerRevision, DaemonSet, Deployment, StatefulSet},
             batch::v1::{CronJob, Job},
-            core::v1::{ConfigMap, Node, Secret},
+            core::v1::{ConfigMap, Node, Pod, Secret},
         },
         apimachinery::pkg::runtime::{TypeMeta, Unknown},
     },
@@ -58,6 +58,7 @@ k8s_type!(StatefulSetWithMeta, StatefulSet);
 k8s_type!(ConfigMapWithMeta, ConfigMap);
 k8s_type!(NodeWithMeta, Node);
 k8s_type!(SecretWithMeta, Secret);
+k8s_type!(PodWithMeta, Pod);
 k8s_type!(ValidatingWebhookConfigurationWithMeta, ValidatingWebhookConfiguration);
 k8s_type!(MutatingWebhookConfigurationWithMeta, MutatingWebhookConfiguration);
 k8s_type!(OAuthClientWithMeta, OAuthClient);
@@ -89,6 +90,7 @@ pub(crate) async fn decode(data: &[u8]) -> Result<Vec<u8>> {
         "ConfigMap" => serde_json::to_vec(&ConfigMapWithMeta::try_from(unknown)?)?,
         "Node" => serde_json::to_vec(&NodeWithMeta::try_from(unknown)?)?,
         "Secret" => serde_json::to_vec(&SecretWithMeta::try_from(unknown)?)?,
+        "Pod" => serde_json::to_vec(&PodWithMeta::try_from(unknown)?)?,
         "ValidatingWebhookConfiguration" => serde_json::to_vec(&ValidatingWebhookConfigurationWithMeta::try_from(unknown)?)?,
         "MutatingWebhookConfiguration" => serde_json::to_vec(&MutatingWebhookConfigurationWithMeta::try_from(unknown)?)?,
         "OAuthClient" => serde_json::to_vec(&OAuthClientWithMeta::try_from(unknown)?)?,
@@ -111,6 +113,8 @@ pub(crate) async fn encode(data: &[u8]) -> Result<Vec<u8>> {
             "ConfigMap" => Unknown::from(serde_json::from_slice::<ConfigMapWithMeta>(data)?),
             "Route" => Unknown::from(serde_json::from_slice::<RouteWithMeta>(data)?),
             "Secret" => Unknown::from(serde_json::from_slice::<SecretWithMeta>(data)?),
+            "Node" => Unknown::from(serde_json::from_slice::<NodeWithMeta>(data)?),
+            "Pod" => Unknown::from(serde_json::from_slice::<PodWithMeta>(data)?),
             "Deployment" => Unknown::from(serde_json::from_slice::<DeploymentWithMeta>(data)?),
             "ControllerRevision" => Unknown::from(serde_json::from_slice::<ControllerRevisionWithMeta>(data)?),
             "Job" => Unknown::from(serde_json::from_slice::<JobWithMeta>(data)?),

src/ocp_postprocess/ip_rename.rs

@@ -149,6 +149,14 @@ async fn fix_etcd_resources_for_ip_pair(etcd_client: &Arc<InMemoryK8sEtcd>, orig
         .await
         .context("fixing etcd member")?;
 
+    etcd_rename::fix_pods_status(etcd_client, original_ip, new_ip)
+        .await
+        .context("fixing pods status")?;
+
+    etcd_rename::delete_minions_if_exist(etcd_client)
+        .await
+        .context("deleting minions if exist")?;
+
     Ok(())
 }
 

src/ocp_postprocess/ip_rename/etcd_rename.rs

@@ -597,6 +597,108 @@ pub(crate) async fn fix_etcd_member(etcd_client: &Arc<InMemoryK8sEtcd>, original
     Ok(())
 }
 
+pub(crate) async fn fix_pods_status(etcd_client: &Arc<InMemoryK8sEtcd>, original_ip: &str, ip: &str) -> Result<()> {
+    // Only mutate known Pod status IP fields if they equal the original IP
+    fn replace_status_ips(pod: &mut Value, original_ip: &str, new_ip: &str) -> Result<bool> {
+        let mut changed = false;
+
+        // status.podIP
+        if let Some(v) = pod.pointer_mut("/status/podIP") {
+            if let Some(curr) = v.as_str() {
+                if curr == original_ip {
+                    *v = Value::String(new_ip.to_string());
+                    changed = true;
+                }
+            }
+        }
+
+        // status.hostIP
+        if let Some(v) = pod.pointer_mut("/status/hostIP") {
+            if let Some(curr) = v.as_str() {
+                if curr == original_ip {
+                    *v = Value::String(new_ip.to_string());
+                    changed = true;
+                }
+            }
+        }
+
+        // status.podIPs (array of objects {ip: string} or strings)
+        if let Some(arr) = pod.pointer_mut("/status/podIPs").and_then(|v| v.as_array_mut()) {
+            for entry in arr.iter_mut() {
+                if let Some(s) = entry.as_str() {
+                    if s == original_ip {
+                        *entry = Value::String(new_ip.to_string());
+                        changed = true;
+                    }
+                    continue;
+                }
+                if let Some(ip_field) = entry.as_object_mut().and_then(|m| m.get_mut("ip")) {
+                    if let Some(s) = ip_field.as_str() {
+                        if s == original_ip {
+                            *ip_field = Value::String(new_ip.to_string());
+                            changed = true;
+                        }
+                    }
+                }
+            }
+        }
+
+        // status.hostIPs (array of objects {ip: string} or strings) - if present
+        if let Some(arr) = pod.pointer_mut("/status/hostIPs").and_then(|v| v.as_array_mut()) {
+            for entry in arr.iter_mut() {
+                if let Some(s) = entry.as_str() {
+                    if s == original_ip {
+                        *entry = Value::String(new_ip.to_string());
+                        changed = true;
+                    }
+                    continue;
+                }
+                if let Some(ip_field) = entry.as_object_mut().and_then(|m| m.get_mut("ip")) {
+                    if let Some(s) = ip_field.as_str() {
+                        if s == original_ip {
+                            *ip_field = Value::String(new_ip.to_string());
+                            changed = true;
+                        }
+                    }
+                }
+            }
+        }
+
+        Ok(changed)
+    }
+
+    join_all(etcd_client.list_keys("pods/").await?.into_iter().map(|key| async move {
+        let etcd_result = etcd_client
+            .get(key.clone())
+            .await
+            .with_context(|| format!("getting key {:?}", key))?
+            .context("key disappeared")?;
+        let value: Value =
+            serde_yaml::from_slice(etcd_result.value.as_slice()).with_context(|| format!("deserializing value of key {:?}", key,))?;
+        let k8s_resource_location = K8sResourceLocation::try_from(&value)?;
+
+        let mut pod = get_etcd_json(etcd_client, &k8s_resource_location).await?.context("getting pod")?;
+
+        if replace_status_ips(&mut pod, original_ip, ip)? {
+            put_etcd_yaml(etcd_client, &k8s_resource_location, pod).await?;
+        }
+
+        Ok(())
+    }))
+    .await
+    .into_iter()
+    .collect::<Result<Vec<_>>>()?;
+
+    Ok(())
+}
+
+pub(crate) async fn delete_minions_if_exist(etcd_client: &Arc<InMemoryK8sEtcd>) -> Result<()> {
+    for key in etcd_client.list_keys("minions").await? {
+        etcd_client.delete(&key).await.context(format!("deleting {}", key))?;
+    }
+    Ok(())
+}
+
 fn replace_etcd_servers(cluster: &mut Value, original_ip: &str, ip: &str) -> Result<()> {
     let observed_config = cluster.pointer_mut("/spec/observedConfig").context("no /spec/observedConfig")?;
 

src/ocp_postprocess/ip_rename/filesystem_rename.rs

@@ -11,6 +11,7 @@ pub(crate) async fn fix_filesystem_ip(original_ip: &str, ip: &str, dir: &Path) -
         file_utils::globvec(dir, "**/etcd-pod.yaml")?
             .into_iter()
             .chain(file_utils::globvec(dir, "**/*etcd-pod/pod.yaml")?)
+            .chain(file_utils::globvec(dir, "**/restore-etcd-pod/quorum-restore-pod.yaml")?)
             .chain(file_utils::globvec(dir, "**/etcd-scripts/etcd.env")?)
             .chain(file_utils::globvec(dir, "**/etcd-endpoints/*")?)
             .chain(file_utils::globvec(dir, "**/kube-apiserver-pod-*/configmaps/config/config.yaml")?)