1. patch the pod ip after allocated the eip

2. add the flag --patch-podip which deside wheather patch podIP to kube-apiserver
zhiyuan0x · Dec 6, 2019 · b4392ce · b4392ce
1 parent 3a8cd9a
commit b4392ce
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 6 deletions.
diff --git a/daemon/daemon.go b/daemon/daemon.go
@@ -42,6 +42,7 @@ type networkService struct {
 	//networkResourceMgr ResourceManager
 	mgrForResource  map[string]ResourceManager
 	pendingPods     map[string]interface{}
+	patchPodIP      bool
 	pendingPodsLock sync.RWMutex
 	sync.RWMutex
 }
@@ -198,6 +199,7 @@ func (networkService *networkService) AllocIP(grpcContext context.Context, r *rp
 	}
 
 	// 3. Allocate network resource for pod
+	var podIP string
 	switch podinfo.PodNetworkType {
 	case podNetworkTypeENIMultiIP:
 		var eniMultiIP *types.ENIIP
@@ -219,7 +221,7 @@ func (networkService *networkService) AllocIP(grpcContext context.Context, r *rp
 		if err != nil {
 			return nil, errors.Wrapf(err, "error put resource into store")
 		}
-
+		podIP = eniMultiIP.SecAddress.String()
 		allocIPReply.IPType = rpc.IPType_TypeENIMultiIP
 		allocIPReply.Success = true
 		allocIPReply.NetworkInfo = &rpc.AllocIPReply_ENIMultiIP{
@@ -259,6 +261,7 @@ func (networkService *networkService) AllocIP(grpcContext context.Context, r *rp
 		if err != nil {
 			return nil, errors.Wrapf(err, "error put resource into store")
 		}
+		podIP = vpcEni.Address.IP.String()
 		allocIPReply.IPType = rpc.IPType_TypeVPCENI
 		allocIPReply.Success = true
 		allocIPReply.NetworkInfo = &rpc.AllocIPReply_VpcEni{
@@ -320,7 +323,14 @@ func (networkService *networkService) AllocIP(grpcContext context.Context, r *rp
 		return nil, errors.Wrapf(err, "error on grpc connection")
 	}
 
-	// 4. return allocate result
+	// 4. patch podIP to kube-apiserver
+	if allocIPReply.Success && podIP != "" && networkService.patchPodIP {
+		if _, err := networkService.k8s.PatchAllocatedPodIP(podinfo, podIP); err != nil {
+			return nil, errors.Wrapf(err, fmt.Sprintf("failed to patch podIP to pod %s.", podInfoKey(podinfo.Namespace, podinfo.Name)))
+		}
+	}
+
+	// 5. return allocate result
 	return allocIPReply, err
 }
 
@@ -540,9 +550,10 @@ func (networkService *networkService) startGarbageCollectionLoop() {
 	}()
 }
 
-func newNetworkService(configFilePath, kubeconfig, master, daemonMode string) (rpc.TerwayBackendServer, error) {
+func newNetworkService(configFilePath, kubeconfig, master, daemonMode string, patchPodIP bool) (rpc.TerwayBackendServer, error) {
 	log.Debugf("start network service with: %s, %s", configFilePath, daemonMode)
 	netSrv := &networkService{
+		patchPodIP:      patchPodIP,
 		pendingPods:     map[string]interface{}{},
 		pendingPodsLock: sync.RWMutex{},
 	}

diff --git a/daemon/k8s.go b/daemon/k8s.go
@@ -50,6 +50,7 @@ type Kubernetes interface {
 	GetServiceCidr() *net.IPNet
 	GetNodeCidr() *net.IPNet
 	SetNodeAllocatablePod(count int) error
+	PatchAllocatedPodIP(podInfo *podInfo, podIP string) (*corev1.Pod, error)
 }
 
 type k8s struct {
@@ -371,6 +372,21 @@ func (k *k8s) GetLocalPods() ([]*podInfo, error) {
 
 	return ret, nil
 }
+
+func (k *k8s) PatchAllocatedPodIP(podInfo *podInfo, podIP string) (*corev1.Pod, error) {
+	pod, err := k.client.CoreV1().Pods(podInfo.Namespace).Get(podInfo.Name, metav1.GetOptions{
+		ResourceVersion: "0",
+	})
+	if err != nil || pod == nil {
+		return nil, err
+	}
+	if pod.Status.PodIP != "" {
+		return nil, err
+	}
+	pod.Status.PodIP = podIP
+	return k.client.CoreV1().Pods(podInfo.Namespace).UpdateStatus(pod)
+}
+
 func (k *k8s) GetServiceCidr() *net.IPNet {
 	return k.svcCidr
 }

diff --git a/daemon/server.go b/daemon/server.go
@@ -49,7 +49,7 @@ func stackTriger() {
 }
 
 // Run terway daemon
-func Run(pidFilePath, socketFilePath, debugSocketListen, configFilePath, kubeconfig, master, daemonMode, logLevel string) error {
+func Run(pidFilePath, socketFilePath, debugSocketListen, configFilePath, kubeconfig, master, daemonMode, logLevel string, patchPodIP bool) error {
 	level, err := log.ParseLevel(logLevel)
 	if err != nil {
 		return errors.Wrapf(err, "error set log level: %s", logLevel)
@@ -84,7 +84,7 @@ func Run(pidFilePath, socketFilePath, debugSocketListen, configFilePath, kubecon
 		return fmt.Errorf("error listen at %s: %v", socketFilePath, err)
 	}
 
-	networkService, err := newNetworkService(configFilePath, kubeconfig, master, daemonMode)
+	networkService, err := newNetworkService(configFilePath, kubeconfig, master, daemonMode, patchPodIP)
 	if err != nil {
 		return err
 	}

diff --git a/main.go b/main.go
@@ -19,6 +19,7 @@ var (
 	readonlyListen string
 	kubeconfig     string
 	master         string
+	patchPodIP     bool
 )
 
 func init() {
@@ -27,13 +28,14 @@ func init() {
 	flag.StringVar(&readonlyListen, "readonly-listen", debugSocketPath, "terway readonly listen")
 	flag.StringVar(&master, "master", "", "The address of the Kubernetes API server (overrides any value in kubeconfig).")
 	flag.StringVar(&kubeconfig, "kubeconfig", "", "Path to kubeconfig file with authorization and master location information.")
+	flag.BoolVar(&patchPodIP, "patch-podip", false, "Whether patch the podIP to kube-apiserver after setting up the pod network.")
 
 }
 
 func main() {
 	flag.Parse()
 	log.Infof("Starting terway of version: %s", gitVer)
-	if err := daemon.Run(defaultPidPath, defaultSocketPath, readonlyListen, defaultConfigPath, kubeconfig, master, daemonMode, logLevel); err != nil {
+	if err := daemon.Run(defaultPidPath, defaultSocketPath, readonlyListen, defaultConfigPath, kubeconfig, master, daemonMode, logLevel, patchPodIP); err != nil {
 		log.Fatal(err)
 	}
 }