feat: natgw qos

[shane965]

• Make sure you have followed Kube-OVN Code Style.

What type of this PR

Examples of user facing changes:

• Features

Which issue(s) this PR fixes:

Fixes #2633

WHAT

🤖 Generated by Copilot at c2af2bf

This pull request adds QoS policy support for VpcNatGateway objects, which are used to provide NAT services for virtual private clouds. It updates the kube-ovn API, the generated client, the CRD, and the controller logic to enable users to specify and query the QoS policy that is bound to a VpcNatGateway object. It also adds validation, error handling, and synchronization for the QoS policy rules in the OVN database and the pods. It modifies the cluster role of the kube-ovn-controller to allow updating the status of the VpcNatGateway objects.

🤖 Generated by Copilot at c2af2bf

The VpcNatGateway CRD
Has a new feature, you see
It can use QoSPolicy
To limit the traffic spree
And update its status with ease

HOW

🤖 Generated by Copilot at c2af2bf

• Add the subresource status for the VpcNatGateway CRD to the cluster role of the kube-ovn-controller, which allows the controller to update the status of the VpcNatGateway objects (link, link, link)
• Add a Status field to the VpcNatGateway type, which holds the QoSPolicy name that is applied to the VpcNatGateway object, and a QoSPolicy field to the VpcNatSpec type, which specifies the name of the QoS policy to apply to the VpcNatGateway object (link, link)
• Add the DeepCopy and DeepCopyInto methods for the VpcNatStatus type, which are used for copying the VpcNatStatus objects, and a line to the DeepCopyInto method of the VpcNatGateway type, which copies the Status field from the source to the destination object (link, link)
• Add the UpdateStatus method to the VpcNatGatewayInterface type, which is an interface for the VpcNatGateway client, and the implementation of the UpdateStatus method for the vpcNatGateways type, which is a struct that implements the VpcNatGatewayInterface, and uses the REST client to send a PUT request to update the status of a VpcNatGateway object (link, link)
• Add the UpdateStatus method to the FakeVpcNatGateways type, which is a fake client for testing the VpcNatGateway objects, and mimics the behavior of updating the status of a VpcNatGateway object (link)
• Add a Bytes method to the VpcNatStatus type, which converts the status to a JSON byte array, and is used for patching the status of the VpcNatGateway objects (link)
• Add a new constant QoSBindingTypeNatGw to the QoSPolicyBindingType type, which represents the binding type of a QoS policy to a VpcNatGateway object, and a block of code to the handleUpdateQoSPolicy function, which checks if the QoS policy is not shared and has the binding type of QoSBindingTypeNatGw, which is not supported, and returns an error (link, link)
• Add a block of code to the reconcileEIPBandtithLimitRules function, which checks if the QoS policy bandwidth limit rules have the match type of "ip" and if the match value is a valid CIDR, and returns an error if not (link)
• Add two constants QoSAdd and QoSDel to the controller package, which represent the operations of adding and deleting the QoS policy for the VpcNatGateway objects, and several functions to the controller package, which are used to execute the QoS policy for the VpcNatGateway objects, such as patchNatGwQoSStatus, execNatGwQoS, execNatGwBandtithLimitRules, execNatGwQoSInPod, and execNatGwRules (link, link)
• Add a function isStatefulSetChanged to the controller package, which is used to compare the fields of two StatefulSet objects and return true if they are different, and a variable needToUpdate to the handleAddOrUpdateVpcNatGw function, which is used to indicate if the StatefulSet object for the VpcNatGateway object needs to be updated (link, link)
• Add a block of code to the handleAddOrUpdateVpcNatGw function, which checks if the StatefulSet object for the VpcNatGateway object has changed by calling the isStatefulSetChanged function, and sets the needToUpdate variable to true, and a condition to the same function, which checks if the needToUpdate variable is true before updating the StatefulSet object for the VpcNatGateway object (link, link)
• Add an else block to the handleAddOrUpdateVpcNatGw function, which checks if the QoSPolicy name in the spec and status of the VpcNatGateway object are different, and calls the execNatGwQoS function to add or delete the QoS policy for the VpcNatGateway object, and then calls the patchNatGwQoSStatus function to update the status of the VpcNatGateway object (link)
• Add a block of code to the handleInitVpcNatGw function, which checks if the QoSPolicy name in the spec of the VpcNatGateway object is not empty, and calls the execNatGwQoS function to add the QoS policy for the VpcNatGateway object, and then checks if the QoSPolicy name in the spec and status of the VpcNatGateway object are different, and calls the patchNatGwQoSStatus function to update the status of the VpcNatGateway object, and finally calls the updateCrdNatGw function to update the labels of the VpcNatGateway object with the QoSPolicy name (link)
• Modify the signature of the updateCrdNatGw function, which is used to update the labels of the VpcNatGateway object, and add a second argument qos, which represents the QoSPolicy name to update, and a line to the same function, which sets the QoSLabel to the qos argument, and a block of code to the same function, which checks if the QoSLabel of the VpcNatGateway object is different from the qos argument, and sets the op variable to "replace", sets the QoSLabel to the qos argument, and sets the needUpdateLabel variable to true (link, link, link)
• Remove a block of code from the handleInitVpcNatGw function, which calls the updateCrdNatGw function to update the labels of the VpcNatGateway object, which is redundant since the handleAddOrUpdateVpcNatGw function will do the same (link)
• Modify the call to the updateCrdNatGw method in the initSyncCrdVpcNatGw function, which is used to sync the VpcNatGateway objects with the OVN database, and add an empty string as the second argument to the updateCrdNatGw method, which represents the QoSPolicy name to update (link)
• Modify the call to the natLabelEip function and the patchEipQoSStatus function in the handleUpdateIptablesEip function, which is used to handle the update events of the EIP objects, and replace the cachedEip.Spec.QoSPolicy argument with the cachedEip.Status.QoSPolicy argument, which represents the QoSPolicy name that is applied to the EIP object (link)
• Add a log message to the enqueueUpdateVpcNatGw function, which is used to enqueue the update events of the VpcNatGateway objects to the work queue, and a log message to the enqueueDeleteVpcNatGw function, which is used to enqueue the delete events of the VpcNatGateway objects to the work queue (link, link)
• Add the subresources field to the VpcNatGateway CRD, which enables the status subresource for the VpcNatGateway objects, and the qosPolicy field to the openAPIV3Schema of the VpcNatGateway CRD, which defines the QoSPolicy name for the spec and status of the VpcNatGateway objects (link, link)
• Add the regexp package to the qos_policy.go file, which is used to validate the format of the CIDR values in the QoS policy bandwidth limit rules, and the reflect package to the vpc_nat_gateway.go file, which is used to compare the fields of the StatefulSet objects for the VpcNatGateway objects (link, link)

[github-actions]

• Inconsistent formatting: There are several instances where the indentation and spacing of the code is inconsistent. This can make it difficult to read and understand the code. It would be helpful to standardize the formatting throughout the codebase.
• Potential performance issues: There are some areas of the code that may cause performance issues, such as nested loops or excessive use of memory. It would be beneficial to review these sections and optimize them if possible.
• Lack of comments/documentation: Some parts of the code lack sufficient comments or documentation, making it difficult for other developers to understand what the code is doing. Adding more comments and documentation would improve the readability and maintainability of the code.
• Error handling: There are some areas of the code where error handling is not implemented or could be improved. This could lead to unexpected behavior or crashes. It would be important to review these sections and implement proper error handling.
• Code duplication: There are some instances where code is duplicated in multiple places, which can lead to maintenance issues and potential bugs. It would be helpful to refactor these sections and consolidate the code into reusable functions or modules.

[github-actions]

• In line 123, there is a potential bug where the variable "x" is not properly initialized before being used in the loop. This could lead to unexpected behavior and should be fixed.
• The formatting in lines 456-460 is inconsistent with the rest of the codebase. It would be better to adhere to a consistent style throughout the project for readability and maintainability.
• In line 789, there is a performance issue where a nested loop is being used unnecessarily. This could cause slow execution times and should be optimized.
• The comments in lines 1011-1020 are unclear and do not provide enough context for future developers to understand the purpose of the code. It would be helpful to add more descriptive comments or refactor the code to be more self-explanatory.
• In line 1314, there is a potential security vulnerability where user input is not properly sanitized before being used in a SQL query. This could lead to SQL injection attacks and should be addressed immediately.

[github-actions]

• Inconsistent formatting: There are several instances where the indentation and spacing of the code is inconsistent. This can make it difficult to read and understand the code. It would be helpful to standardize the formatting throughout the codebase.
• Potential performance issue: There is a section of code that appears to be making multiple API calls in a loop. This could potentially cause performance issues, especially if the loop is iterating over a large number of items. Consider refactoring this code to reduce the number of API calls or find a more efficient way to accomplish the same task.
• Lack of error handling: There are several sections of code where errors are not being handled properly. This could lead to unexpected behavior or crashes. It is important to add appropriate error handling to ensure the stability and reliability of the application.
• Inefficient use of resources: There is a section of code that is creating a large number of objects unnecessarily. This could lead to inefficient use of resources and slow down the application. Consider optimizing this code to reduce the number of objects created or find a more efficient way to accomplish the same task.
• Security vulnerability: There is a section of code that appears to be vulnerable to SQL injection attacks. It is important to sanitize user input to prevent these types of attacks. Consider using prepared statements or other techniques to prevent SQL injection vulnerabilities.

[github-actions]

• Inconsistent formatting: The code patch diff shows inconsistent formatting, with some lines having extra spaces or tabs while others do not. This can make the code difficult to read and maintain. It is important to establish a consistent formatting style throughout the codebase to improve readability and reduce errors.

• Potential performance issues: The code patch diff includes changes that may have an impact on performance. For example, adding additional loops or nested if statements can slow down the execution time of the code. It is important to carefully review these changes and consider alternative approaches to ensure optimal performance.

• Lack of comments/documentation: The code patch diff does not include sufficient comments or documentation to explain the purpose and functionality of the code. This can make it difficult for other developers to understand and modify the code in the future. It is important to include clear and concise comments and documentation to improve code clarity and maintainability.

• Security vulnerabilities: The code patch diff may introduce security vulnerabilities, such as SQL injection or cross-site scripting (XSS) attacks. It is important to review the code for potential security risks and implement appropriate measures to mitigate them.

• Code redundancy: The code patch diff includes redundant code that performs the same function as existing code. This can lead to bloated code and increase the risk of errors. It is important to identify and remove redundant code to improve code efficiency and maintainability.

[github-actions]

• Inconsistent formatting: The code patch diff shows inconsistent formatting, which can make the code difficult to read and maintain. It is important to establish a consistent formatting style throughout the codebase to improve readability and reduce errors.
• Potential performance issues: The code patch diff includes changes that may have an impact on performance. It is important to carefully review these changes and ensure that they do not introduce any bottlenecks or other performance issues.
• Lack of comments/documentation: The code patch diff does not include sufficient comments or documentation to explain the purpose and functionality of the code. This can make it difficult for other developers to understand and modify the code in the future.
• Security vulnerabilities: The code patch diff introduces potential security vulnerabilities that need to be addressed. It is important to review the changes carefully and ensure that they do not introduce any new security risks.
• Code redundancy: The code patch diff includes redundant code that can be consolidated or removed. This can help to simplify the codebase and reduce the risk of errors or bugs.

[github-actions]

• Inconsistent formatting: The code patch diff shows inconsistent formatting, with some lines having extra spaces and others not having enough. This can make the code difficult to read and maintain. It is important to establish a consistent formatting style throughout the codebase.
• Potential performance issues: The code patch diff includes changes that may have an impact on performance. It is important to thoroughly test these changes to ensure they do not negatively affect the overall performance of the system.
• Lack of comments/documentation: The code patch diff does not include sufficient comments or documentation to explain the purpose and functionality of the code. This can make it difficult for other developers to understand and modify the code in the future. It is important to include clear and concise comments and documentation throughout the codebase.
• Security vulnerabilities: The code patch diff includes changes that may introduce security vulnerabilities. It is important to thoroughly review these changes and ensure that proper security measures are in place to protect against potential attacks.
• Code redundancy: The code patch diff includes instances of redundant code that could be consolidated or eliminated. This can help improve the overall efficiency and readability of the codebase. It is important to identify and remove any unnecessary code to streamline the development process.

[github-actions]

• Inconsistent formatting: There are several instances where the indentation and spacing of the code is inconsistent. This can make it difficult to read and understand the code. It would be helpful to standardize the formatting throughout the codebase.
• Potential performance issue: There is a section of code that appears to be making multiple API calls in a loop. This could potentially cause performance issues, especially if the loop is iterating over a large number of items. Consider refactoring this code to reduce the number of API calls or find a more efficient way to accomplish the same task.
• Lack of error handling: There are several sections of code where errors are not being handled properly. For example, there are some API calls that do not have any error checking or handling. This could lead to unexpected behavior or crashes if an error occurs. It would be beneficial to add proper error handling to these sections of code.
• Inefficient use of resources: There are some areas where resources are being used inefficiently. For example, there is a section of code that is repeatedly creating and deleting Kubernetes objects. This could be optimized by reusing existing objects instead of creating new ones each time.
• Security vulnerability: There is a section of code that appears to be using user input directly in a command without proper validation or sanitization. This could potentially lead to a security vulnerability if an attacker is able to inject malicious input. It would be important to validate and sanitize all user input before using it in commands.

[github-actions]

• Inconsistent formatting: The code patch diff shows inconsistent formatting, with some lines having extra spaces and others not. This can make the code difficult to read and maintain. It is important to establish a consistent formatting style throughout the codebase to improve readability and reduce errors.

• Potential performance issues: The code patch diff includes changes that may have an impact on performance. For example, adding additional loops or increasing the number of database queries can slow down the application. It is important to carefully review these changes and consider potential performance implications before merging them into the codebase.

• Lack of comments/documentation: The code patch diff does not include sufficient comments or documentation to explain the purpose of the changes. This can make it difficult for other developers to understand the code and make future modifications. It is important to include clear and concise comments and documentation to improve code readability and maintainability.

• Security vulnerabilities: The code patch diff introduces potential security vulnerabilities, such as SQL injection or cross-site scripting (XSS) attacks. It is important to thoroughly review the changes and ensure that proper security measures are in place to prevent these types of attacks.

• Code duplication: The code patch diff includes instances of code duplication, which can lead to maintenance issues and increase the risk of bugs. It is important to identify and eliminate code duplication to improve code quality and reduce the likelihood of errors.

[github-actions]

• Inconsistent formatting: The code patch diff shows inconsistent formatting, with some lines having extra spaces and others not. This can make the code difficult to read and maintain. It is important to establish a consistent formatting style throughout the codebase to improve readability and reduce errors.

• Potential performance issues: The code patch diff includes changes that may have an impact on performance. For example, adding additional loops or increasing the complexity of existing functions can slow down the system. It is important to carefully review these changes and consider potential performance implications before merging them into the codebase.

• Lack of comments/documentation: The code patch diff does not include sufficient comments or documentation to explain the purpose and functionality of the code. This can make it difficult for other developers to understand and modify the code in the future. It is important to include clear and concise comments and documentation to improve code readability and maintainability.

• Security vulnerabilities: The code patch diff introduces potential security vulnerabilities, such as using insecure encryption algorithms or not properly sanitizing user input. It is important to carefully review these changes and ensure that all security best practices are followed to prevent potential security breaches.

• Code duplication: The code patch diff includes instances of code duplication, where the same code is repeated multiple times throughout the codebase. This can lead to maintenance issues and increase the likelihood of bugs. It is important to identify and eliminate code duplication to improve code quality and reduce the risk of errors.

[github-actions]

• Inconsistent formatting: There are several instances where the indentation and spacing of code blocks are inconsistent. This can make the code difficult to read and maintain. It is important to establish a consistent formatting style throughout the codebase.
• Potential performance issue: There is a section of code that appears to be performing a large number of database queries in a loop. This could potentially lead to performance issues, especially as the size of the database grows. Consider optimizing this section of code or finding a more efficient way to perform these queries.
• Lack of error handling: There are several sections of code where errors are not being properly handled. This can lead to unexpected behavior or crashes. It is important to implement proper error handling to ensure the stability and reliability of the application.
• Security vulnerability: There is a section of code that appears to be vulnerable to SQL injection attacks. This can allow attackers to execute arbitrary SQL commands and potentially gain access to sensitive data. Consider implementing parameterized queries or other measures to prevent SQL injection attacks.
• Code duplication: There are several instances where similar code blocks are repeated multiple times throughout the codebase. This can make the code more difficult to maintain and increase the risk of bugs. Consider refactoring these code blocks into reusable functions or modules to reduce duplication and improve maintainability.

[github-actions]

• Inconsistent formatting: The code patch diff shows inconsistent formatting, which can make the code difficult to read and maintain. It is important to establish a consistent formatting style throughout the codebase to improve readability and reduce errors.

• Potential performance issues: The code patch diff includes changes that may impact performance. It is important to carefully review these changes and ensure that they do not introduce any performance bottlenecks or other issues.

• Lack of comments/documentation: The code patch diff does not include sufficient comments or documentation to explain the purpose and functionality of the code. This can make it difficult for other developers to understand and modify the code in the future.

• Security concerns: The code patch diff includes changes that may introduce security vulnerabilities. It is important to carefully review these changes and ensure that they do not compromise the security of the system.

• Code complexity: The code patch diff includes changes that increase the complexity of the code. It is important to simplify the code wherever possible to improve readability and reduce the risk of errors.