Skip to content

Commit

Permalink
fix(kuma-cni): ipv6 iptables with provided gateway and CNI V2 (backport
Browse files Browse the repository at this point in the history
#6374) (#6376)

* fix(kuma-cni): ipv6 iptables with provided gateway and CNI V2 (#6374)

fix(kuma-cni): IPV6 iptables with provided gateway and CNI V2

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>

* fix(e2e): adjust e2e test

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>

---------

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
Co-authored-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
  • Loading branch information
mergify[bot] and jakubdyszkiewicz committed Mar 29, 2023
1 parent 80f608f commit d584e8a
Show file tree
Hide file tree
Showing 3 changed files with 66 additions and 10 deletions.
19 changes: 9 additions & 10 deletions app/cni/pkg/cni/injector_linux.go
Original file line number Diff line number Diff line change
Expand Up @@ -96,23 +96,22 @@ func mapToConfig(intermediateConfig *IntermediateConfig, logWriter *bufio.Writer
if err != nil {
return nil, err
}
inboundPortV6, err := convertToUint16("inbound port ipv6", intermediateConfig.inboundPortV6)
if err != nil {
return nil, err
}
enableIpV6, err := transparentproxy.ShouldEnableIPv6(inboundPortV6)
if err != nil {
return nil, err
}
cfg.IPv6 = enableIpV6
redirectInbound := !isGateway
if redirectInbound {
inboundPort, err := convertToUint16("inbound port", intermediateConfig.inboundPort)
if err != nil {
return nil, err
}

inboundPortV6, err := convertToUint16("inbound port ipv6", intermediateConfig.inboundPortV6)
if err != nil {
return nil, err
}
enableIpV6, err := transparentproxy.ShouldEnableIPv6(inboundPortV6)
if err != nil {
return nil, err
}
cfg.IPv6 = enableIpV6

excludedPorts, err := convertCommaSeparatedString(intermediateConfig.excludeInboundPorts)
if err != nil {
return nil, err
Expand Down
56 changes: 56 additions & 0 deletions test/e2e_env/multizone/connectivity/cni_v2_ipv6_gateway.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
package connectivity

import (
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"

"github.com/kumahq/kuma/pkg/plugins/runtime/k8s/metadata"
. "github.com/kumahq/kuma/test/framework"
"github.com/kumahq/kuma/test/framework/client"
"github.com/kumahq/kuma/test/framework/deployments/testserver"
"github.com/kumahq/kuma/test/framework/envs/multizone"
)

func GatewayIPV6CNIV2() {
namespace := "gw-ipv6-cniv2"
meshName := "gw-ipv6-cniv2"

BeforeAll(func() {
Expect(multizone.Global.Install(MTLSMeshUniversal(meshName))).To(Succeed())
Expect(WaitForMesh(meshName, multizone.Zones())).To(Succeed())

err := NewClusterSetup().
Install(NamespaceWithSidecarInjection(namespace)).
Install(testserver.Install(
testserver.WithName("demo-client"),
testserver.WithNamespace(namespace),
testserver.WithMesh(meshName),
testserver.WithPodAnnotations(map[string]string{
metadata.KumaGatewayAnnotation: "enabled",
}),
testserver.WithEchoArgs("echo", "--instance", "demo-client"),
)).
Install(testserver.Install(
testserver.WithNamespace(namespace),
testserver.WithMesh(meshName),
testserver.WithEchoArgs("echo", "--instance", "kube-test-server"),
)).
Setup(multizone.KubeZone2)
Expect(err).ToNot(HaveOccurred())
})

E2EAfterAll(func() {
Expect(multizone.KubeZone2.TriggerDeleteNamespace(namespace)).To(Succeed())
Expect(multizone.Global.DeleteMesh(meshName)).To(Succeed())
})

It("client should communicate with server", func() {
Eventually(func(g Gomega) {
response, err := client.CollectResponse(multizone.KubeZone2, "demo-client", "http://test-server_gw-ipv6-cniv2_svc_80.mesh",
client.FromKubernetesPod(meshName, "demo-client"),
)
g.Expect(err).ToNot(HaveOccurred())
g.Expect(response.Instance).To(Equal("kube-test-server"))
}, "30s", "1s").Should(Succeed())
})
}
1 change: 1 addition & 0 deletions test/e2e_env/multizone/multizone_suite_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -237,5 +237,6 @@ var _ = Describe("InboundPassthrough", inbound_communication.InboundPassthrough,
var _ = Describe("InboundPassthroughDisabled", inbound_communication.InboundPassthroughDisabled, Ordered)
var _ = Describe("ZoneEgress Internal Services", zoneegress.InternalServices, Ordered)
var _ = Describe("Connectivity", connectivity.Connectivity, Ordered)
var _ = Describe("Connectivity Gateway IPV6 CNI V2", connectivity.GatewayIPV6CNIV2, Ordered)
var _ = Describe("Sync", multizone_sync.Sync, Ordered)
var _ = Describe("MeshTrafficPermission", meshtrafficpermission.MeshTrafficPermission, Ordered)

0 comments on commit d584e8a

Please sign in to comment.