Merge pull request #2021 from gauravkghildiyal/neg-ipv6

Add feature flag for IPv6 NEGs support
kubernetes · Apr 3, 2023 · d007e55 · d007e55
2 parents 8e31883 + 3fca41c
commit d007e55
Show file tree

Hide file tree

Showing 11 changed files with 55 additions and 17 deletions.
diff --git a/cmd/glbc/main.go b/cmd/glbc/main.go
@@ -365,6 +365,7 @@ func runControllers(ctx *ingctx.ControllerContext) {
 		flags.F.RunIngressController,
 		flags.F.RunL4Controller,
 		flags.F.EnableNonGCPMode,
+		flags.F.EnableDualStackNEG,
 		enableAsm,
 		asmServiceNEGSkipNamespaces,
 		lpConfig,

diff --git a/pkg/flags/flags.go b/pkg/flags/flags.go
@@ -119,6 +119,7 @@ var (
 		EnableNEGLabelPropagation                bool
 		MaxIGSize                                int
 		EnableDegradedMode                       bool
+		EnableDualStackNEG                       bool
 	}{
 		GCERateLimitScale: 1.0,
 	}
@@ -271,6 +272,7 @@ L7 load balancing. CSV values accepted. Example: -node-port-ranges=80,8080,400-5
 	flag.DurationVar(&F.NegMetricsExportInterval, "neg-metrics-export-interval", 5*time.Second, `Period for calculating and exporting internal neg controller metrics, not usage.`)
 	flag.BoolVar(&F.EnableDegradedMode, "enable-degraded-mode", false, `Enable endpoint calculation using degraded mode procedures`)
 	flag.BoolVar(&F.EnableNEGLabelPropagation, "enable-label-propagation", false, "Enable NEG endpoint label propagation")
+	flag.BoolVar(&F.EnableDualStackNEG, "enable-dual-stack-neg", false, `Enable support for Dual-Stack NEGs within the NEG Controller`)
 }
 
 type RateLimitSpecs struct {

diff --git a/pkg/neg/controller.go b/pkg/neg/controller.go
@@ -128,6 +128,7 @@ func NewController(
 	runIngress bool,
 	runL4Controller bool,
 	enableNonGcpMode bool,
+	enableDualStackNEG bool,
 	enableAsm bool,
 	asmServiceNEGSkipNamespaces []string,
 	lpConfig labels.PodLabelPropagationConfig,
@@ -169,6 +170,7 @@ func NewController(
 		svcNegInformer.GetIndexer(),
 		syncerMetrics,
 		enableNonGcpMode,
+		enableDualStackNEG,
 		numGCWorkers,
 		lpConfig,
 		logger)

diff --git a/pkg/neg/controller_test.go b/pkg/neg/controller_test.go
@@ -135,10 +135,11 @@ func newTestControllerWithParamsAndContext(kubeClient kubernetes.Interface, test
 		testContext.ResyncPeriod,
 		testContext.NumGCWorkers,
 		// TODO(freehan): enable readiness reflector for unit tests
-		false,     // enableReadinessReflector
-		true,      // runIngress
-		runL4,     //runL4Controller
-		false,     //enableNonGcpMode
+		false, // enableReadinessReflector
+		true,  // runIngress
+		runL4, //runL4Controller
+		false, //enableNonGcpMode
+		testContext.EnableDualStackNEG,
 		enableASM, //enableAsm
 		[]string{},
 		labels.PodLabelPropagationConfig{},

diff --git a/pkg/neg/manager.go b/pkg/neg/manager.go
@@ -95,6 +95,10 @@ type syncerManager struct {
 	// This will make all NEGs created by NEG controller to be NON_GCP_PRIVATE_IP_PORT type.
 	enableNonGcpMode bool
 
+	// enableDualStackNEG indicates if IPv6 endpoints should be considered while
+	// reconciling NEGs.
+	enableDualStackNEG bool
+
 	// Number of goroutines created for NEG garbage collection. This value
 	// controls the maximum number of concurrent calls that can be made to the GCE
 	// NEG Delete API.
@@ -124,6 +128,7 @@ func newSyncerManager(namer negtypes.NetworkEndpointGroupNamer,
 	svcNegLister cache.Indexer,
 	syncerMetrics *metrics.SyncerMetrics,
 	enableNonGcpMode bool,
+	enableDualStackNEG bool,
 	numGCWorkers int,
 	lpConfig podlabels.PodLabelPropagationConfig,
 	logger klog.Logger) *syncerManager {
@@ -148,6 +153,7 @@ func newSyncerManager(namer negtypes.NetworkEndpointGroupNamer,
 		svcNegClient:        svcNegClient,
 		kubeSystemUID:       kubeSystemUID,
 		enableNonGcpMode:    enableNonGcpMode,
+		enableDualStackNEG:  enableDualStackNEG,
 		numGCWorkers:        numGCWorkers,
 		logger:              logger,
 		vmIpZoneMap:         vmIpZoneMap,
@@ -221,8 +227,15 @@ func (manager *syncerManager) EnsureSyncers(namespace, name string, newPorts neg
 			}
 
 			// determine the implementation that calculates NEG endpoints on each sync.
-			epc := negsyncer.GetEndpointsCalculator(manager.nodeLister, manager.podLister, manager.zoneGetter,
-				syncerKey, portInfo.EpCalculatorMode, manager.logger.WithValues("service", klog.KRef(syncerKey.Namespace, syncerKey.Name), "negName", syncerKey.NegName))
+			epc := negsyncer.GetEndpointsCalculator(
+				manager.nodeLister,
+				manager.podLister,
+				manager.zoneGetter,
+				syncerKey,
+				portInfo.EpCalculatorMode,
+				manager.logger.WithValues("service", klog.KRef(syncerKey.Namespace, syncerKey.Name), "negName", syncerKey.NegName),
+				manager.enableDualStackNEG,
+			)
 			syncer = negsyncer.NewTransactionSyncer(
 				syncerKey,
 				manager.recorder,
@@ -241,6 +254,7 @@ func (manager *syncerManager) EnsureSyncers(namespace, name string, newPorts neg
 				!manager.namer.IsNEG(portInfo.NegName),
 				manager.logger,
 				manager.lpConfig,
+				manager.enableDualStackNEG,
 			)
 			manager.syncerMap[syncerKey] = syncer
 		}

diff --git a/pkg/neg/manager_test.go b/pkg/neg/manager_test.go
@@ -94,6 +94,7 @@ func NewTestSyncerManager(kubeClient kubernetes.Interface) (*syncerManager, *gce
 		testContext.SvcNegInformer.GetIndexer(),
 		metrics.FakeSyncerMetrics(),
 		false, //enableNonGcpMode
+		testContext.EnableDualStackNEG,
 		testContext.NumGCWorkers,
 		labels.PodLabelPropagationConfig{},
 		klog.TODO(),

diff --git a/pkg/neg/syncers/endpoints_calculator.go b/pkg/neg/syncers/endpoints_calculator.go
@@ -177,15 +177,17 @@ type L7EndpointsCalculator struct {
 	servicePortName     string
 	podLister           cache.Indexer
 	networkEndpointType types.NetworkEndpointType
+	enableDualStackNEG  bool
 	logger              klog.Logger
 }
 
-func NewL7EndpointsCalculator(zoneGetter types.ZoneGetter, podLister cache.Indexer, svcPortName string, endpointType types.NetworkEndpointType, logger klog.Logger) *L7EndpointsCalculator {
+func NewL7EndpointsCalculator(zoneGetter types.ZoneGetter, podLister cache.Indexer, svcPortName string, endpointType types.NetworkEndpointType, logger klog.Logger, enableDualStackNEG bool) *L7EndpointsCalculator {
 	return &L7EndpointsCalculator{
 		zoneGetter:          zoneGetter,
 		servicePortName:     svcPortName,
 		podLister:           podLister,
 		networkEndpointType: endpointType,
+		enableDualStackNEG:  enableDualStackNEG,
 		logger:              logger.WithName("L7EndpointsCalculator"),
 	}
 }

diff --git a/pkg/neg/syncers/endpoints_calculator_test.go b/pkg/neg/syncers/endpoints_calculator_test.go
@@ -233,7 +233,7 @@ func TestValidateEndpoints(t *testing.T) {
 	testContext := negtypes.NewTestContext()
 	podLister := testContext.PodInformer.GetIndexer()
 	nodeLister := listers.NewNodeLister(testContext.NodeInformer.GetIndexer())
-	L7EndpointsCalculator := NewL7EndpointsCalculator(zoneGetter, podLister, testPortName, negtypes.VmIpPortEndpointType, klog.TODO())
+	L7EndpointsCalculator := NewL7EndpointsCalculator(zoneGetter, podLister, testPortName, negtypes.VmIpPortEndpointType, klog.TODO(), testContext.EnableDualStackNEG)
 	L4LocalEndpointCalculator := NewLocalL4ILBEndpointsCalculator(nodeLister, zoneGetter, svcKey, klog.TODO())
 	L4ClusterEndpointCalculator := NewClusterL4ILBEndpointsCalculator(nodeLister, zoneGetter, svcKey, klog.TODO())
 

diff --git a/pkg/neg/syncers/transaction.go b/pkg/neg/syncers/transaction.go
@@ -112,6 +112,10 @@ type transactionSyncer struct {
 
 	// podLabelPropagationConfig configures the pod label to be propagated to NEG endpoints
 	podLabelPropagationConfig labels.PodLabelPropagationConfig
+
+	// enableDualStackNEG indicates if IPv6 endpoints should be considered while
+	// reconciling NEGs.
+	enableDualStackNEG bool
 }
 
 func NewTransactionSyncer(
@@ -131,7 +135,8 @@ func NewTransactionSyncer(
 	syncerMetrics *metrics.SyncerMetrics,
 	customName bool,
 	log klog.Logger,
-	lpConfig labels.PodLabelPropagationConfig) negtypes.NegSyncer {
+	lpConfig labels.PodLabelPropagationConfig,
+	enableDualStackNEG bool) negtypes.NegSyncer {
 
 	logger := log.WithName("Syncer").WithValues("service", klog.KRef(negSyncerKey.Namespace, negSyncerKey.Name), "negName", negSyncerKey.NegName)
 
@@ -158,6 +163,7 @@ func NewTransactionSyncer(
 		logger:                    logger,
 		enableDegradedMode:        flags.F.EnableDegradedMode,
 		podLabelPropagationConfig: lpConfig,
+		enableDualStackNEG:        enableDualStackNEG,
 	}
 	// Syncer implements life cycle logic
 	syncer := newSyncer(negSyncerKey, serviceLister, recorder, ts, logger)
@@ -167,7 +173,7 @@ func NewTransactionSyncer(
 	return syncer
 }
 
-func GetEndpointsCalculator(nodeLister, podLister cache.Indexer, zoneGetter negtypes.ZoneGetter, syncerKey negtypes.NegSyncerKey, mode negtypes.EndpointsCalculatorMode, logger klog.Logger) negtypes.NetworkEndpointsCalculator {
+func GetEndpointsCalculator(nodeLister, podLister cache.Indexer, zoneGetter negtypes.ZoneGetter, syncerKey negtypes.NegSyncerKey, mode negtypes.EndpointsCalculatorMode, logger klog.Logger, enableDualStackNEG bool) negtypes.NetworkEndpointsCalculator {
 	serviceKey := strings.Join([]string{syncerKey.Name, syncerKey.Namespace}, "/")
 	if syncerKey.NegType == negtypes.VmIpEndpointType {
 		nodeLister := listers.NewNodeLister(nodeLister)
@@ -178,8 +184,14 @@ func GetEndpointsCalculator(nodeLister, podLister cache.Indexer, zoneGetter negt
 			return NewClusterL4ILBEndpointsCalculator(nodeLister, zoneGetter, serviceKey, logger)
 		}
 	}
-	return NewL7EndpointsCalculator(zoneGetter, podLister, syncerKey.PortTuple.Name,
-		syncerKey.NegType, logger)
+	return NewL7EndpointsCalculator(
+		zoneGetter,
+		podLister,
+		syncerKey.PortTuple.Name,
+		syncerKey.NegType,
+		logger,
+		enableDualStackNEG,
+	)
 }
 
 func (s *transactionSyncer) sync() error {

diff --git a/pkg/neg/syncers/transaction_test.go b/pkg/neg/syncers/transaction_test.go
@@ -1391,7 +1391,7 @@ func TestUnknownNodes(t *testing.T) {
 
 func newL4ILBTestTransactionSyncer(fakeGCE negtypes.NetworkEndpointGroupCloud, mode negtypes.EndpointsCalculatorMode) (negtypes.NegSyncer, *transactionSyncer) {
 	negsyncer, ts := newTestTransactionSyncer(fakeGCE, negtypes.VmIpEndpointType, false)
-	ts.endpointsCalculator = GetEndpointsCalculator(ts.nodeLister, ts.podLister, ts.zoneGetter, ts.NegSyncerKey, mode, klog.TODO())
+	ts.endpointsCalculator = GetEndpointsCalculator(ts.nodeLister, ts.podLister, ts.zoneGetter, ts.NegSyncerKey, mode, klog.TODO(), ts.enableDualStackNEG)
 	return negsyncer, ts
 }
 
@@ -1432,13 +1432,14 @@ func newTestTransactionSyncer(fakeGCE negtypes.NetworkEndpointGroupCloud, negTyp
 		testContext.NodeInformer.GetIndexer(),
 		testContext.SvcNegInformer.GetIndexer(),
 		reflector,
-		GetEndpointsCalculator(testContext.NodeInformer.GetIndexer(), testContext.PodInformer.GetIndexer(), fakeZoneGetter, svcPort, mode, klog.TODO()),
+		GetEndpointsCalculator(testContext.NodeInformer.GetIndexer(), testContext.PodInformer.GetIndexer(), fakeZoneGetter, svcPort, mode, klog.TODO(), testContext.EnableDualStackNEG),
 		string(kubeSystemUID),
 		testContext.SvcNegClient,
 		metrics.FakeSyncerMetrics(),
 		customName,
 		klog.TODO(),
 		labels.PodLabelPropagationConfig{},
+		testContext.EnableDualStackNEG,
 	)
 	transactionSyncer := negsyncer.(*syncer).core.(*transactionSyncer)
 	indexers := map[string]cache.IndexFunc{

diff --git a/pkg/neg/types/testing.go b/pkg/neg/types/testing.go
@@ -60,9 +60,10 @@ type TestContext struct {
 	EndpointSliceInformer cache.SharedIndexInformer
 	SvcNegInformer        cache.SharedIndexInformer
 
-	KubeSystemUID types.UID
-	ResyncPeriod  time.Duration
-	NumGCWorkers  int
+	KubeSystemUID      types.UID
+	ResyncPeriod       time.Duration
+	NumGCWorkers       int
+	EnableDualStackNEG bool
 }
 
 func NewTestContext() *TestContext {
@@ -94,5 +95,6 @@ func NewTestContextWithKubeClient(kubeClient kubernetes.Interface) *TestContext
 		KubeSystemUID:         kubeSystemUID,
 		ResyncPeriod:          resyncPeriod,
 		NumGCWorkers:          numGCWorkers,
+		EnableDualStackNEG:    false,
 	}
 }