add special handling for the route policy of the default VPC (#3194)

Signed-off-by: 夜微澜 <qiutingjun_yewu@cmss.chinamobile.com>

Author: qiutingjun

pkg/controller/gc.go

@@ -657,7 +657,13 @@ func (c *Controller) gcStaticRoute() error {
 				continue
 			}
 			klog.Infof("gc static route %s %v %s %s", route.RouteTable, route.Policy, route.IPPrefix, route.Nexthop)
-			if err = c.ovnNbClient.DeleteLogicalRouterStaticRoute(c.config.ClusterRouter, &route.RouteTable, route.Policy, route.IPPrefix, route.Nexthop); err != nil {
+			if err = c.deleteStaticRouteFromVpc(
+				c.config.ClusterRouter,
+				route.RouteTable,
+				route.IPPrefix,
+				route.Nexthop,
+				reversePolicy(*route.Policy),
+			); err != nil {
 				klog.Errorf("failed to delete stale route %s %v %s %s: %v", route.RouteTable, route.Policy, route.IPPrefix, route.Nexthop, err)
 			}
 		}

pkg/controller/init.go

@@ -712,29 +712,45 @@ func (c *Controller) initSyncCrdVlans() error {
 }
 
 func (c *Controller) migrateNodeRoute(af int, node, ip, nexthop string) error {
-	match := fmt.Sprintf("ip%d.dst == %s", af, ip)
-	action := ovnnb.LogicalRouterPolicyActionReroute
-	externalIDs := map[string]string{
-		"vendor": util.CniTypeName,
-		"node":   node,
-	}
+	var (
+		match       = fmt.Sprintf("ip%d.dst == %s", af, ip)
+		action      = kubeovnv1.PolicyRouteActionReroute
+		externalIDs = map[string]string{
+			"vendor": util.CniTypeName,
+			"node":   node,
+		}
+	)
 	klog.V(3).Infof("add policy route for router: %s, priority: %d, match %s, action %s, nexthop %s, extrenalID %v",
 		c.config.ClusterRouter, util.NodeRouterPolicyPriority, match, action, nexthop, externalIDs)
-	if err := c.ovnNbClient.AddLogicalRouterPolicy(c.config.ClusterRouter, util.NodeRouterPolicyPriority, match, action, []string{nexthop}, externalIDs); err != nil {
+	if err := c.addPolicyRouteToVpc(
+		c.config.ClusterRouter,
+		&kubeovnv1.PolicyRoute{
+			Priority:  util.NodeRouterPolicyPriority,
+			Match:     match,
+			Action:    action,
+			NextHopIP: nexthop,
+		},
+		externalIDs,
+	); err != nil {
 		klog.Errorf("failed to add logical router policy for node %s: %v", node, err)
 		return err
 	}
 
-	routeTable := util.MainRouteTable
-	if err := c.ovnNbClient.DeleteLogicalRouterStaticRoute(c.config.ClusterRouter, &routeTable, nil, ip, ""); err != nil {
+	if err := c.deleteStaticRouteFromVpc(
+		c.config.ClusterRouter,
+		util.MainRouteTable,
+		ip,
+		"",
+		kubeovnv1.PolicyDst,
+	); err != nil {
 		klog.Errorf("failed to delete obsolete static route for node %s: %v", node, err)
 		return err
 	}
 
 	asName := nodeUnderlayAddressSetName(node, af)
 	obsoleteMatch := fmt.Sprintf("ip%d.dst == %s && ip%d.src != $%s", af, ip, af, asName)
 	klog.V(3).Infof("delete policy route for router: %s, priority: %d, match %s", c.config.ClusterRouter, util.NodeRouterPolicyPriority, obsoleteMatch)
-	if err := c.ovnNbClient.DeleteLogicalRouterPolicy(c.config.ClusterRouter, util.NodeRouterPolicyPriority, obsoleteMatch); err != nil {
+	if err := c.deletePolicyRouteFromVpc(c.config.ClusterRouter, util.NodeRouterPolicyPriority, obsoleteMatch); err != nil {
 		klog.Errorf("failed to delete obsolete logical router policy for node %s: %v", node, err)
 		return err
 	}

pkg/controller/node.go

@@ -22,7 +22,6 @@ import (
 
 	kubeovnv1 "github.com/kubeovn/kube-ovn/pkg/apis/kubeovn/v1"
 	"github.com/kubeovn/kube-ovn/pkg/ovs"
-	"github.com/kubeovn/kube-ovn/pkg/ovsdb/ovnnb"
 	"github.com/kubeovn/kube-ovn/pkg/util"
 )
 
@@ -271,15 +270,26 @@ func (c *Controller) handleAddNode(key string) error {
 			nodeIP, af = nodeIPv6, 6
 		}
 		if nodeIP != "" {
-			match := fmt.Sprintf("ip%d.dst == %s", af, nodeIP)
-			action := ovnnb.LogicalRouterPolicyActionReroute
-			externalIDs := map[string]string{
-				"vendor":         util.CniTypeName,
-				"node":           node.Name,
-				"address-family": strconv.Itoa(af),
-			}
+			var (
+				match       = fmt.Sprintf("ip%d.dst == %s", af, nodeIP)
+				action      = kubeovnv1.PolicyRouteActionReroute
+				externalIDs = map[string]string{
+					"vendor":         util.CniTypeName,
+					"node":           node.Name,
+					"address-family": strconv.Itoa(af),
+				}
+			)
 			klog.Infof("add policy route for router: %s, match %s, action %s, nexthop %s, externalID %v", c.config.ClusterRouter, match, action, ip, externalIDs)
-			if err = c.ovnNbClient.AddLogicalRouterPolicy(c.config.ClusterRouter, util.NodeRouterPolicyPriority, match, action, []string{ip}, externalIDs); err != nil {
+			if err = c.addPolicyRouteToVpc(
+				c.config.ClusterRouter,
+				&kubeovnv1.PolicyRoute{
+					Priority:  util.NodeRouterPolicyPriority,
+					Match:     match,
+					Action:    action,
+					NextHopIP: ip,
+				},
+				externalIDs,
+			); err != nil {
 				klog.Errorf("failed to add logical router policy for node %s: %v", node.Name, err)
 				return err
 			}
@@ -1027,7 +1037,16 @@ func (c *Controller) addNodeGwStaticRoute() error {
 			if util.CheckProtocol(cidrBlock) != util.CheckProtocol(nextHop) {
 				continue
 			}
-			if err := c.ovnNbClient.AddLogicalRouterStaticRoute(c.config.ClusterRouter, util.MainRouteTable, ovnnb.LogicalRouterStaticRoutePolicyDstIP, cidrBlock, nil, nextHop); err != nil {
+
+			if err := c.addStaticRouteToVpc(
+				c.config.ClusterRouter,
+				&kubeovnv1.StaticRoute{
+					Policy:     kubeovnv1.PolicyDst,
+					CIDR:       cidrBlock,
+					NextHopIP:  nextHop,
+					RouteTable: util.MainRouteTable,
+				},
+			); err != nil {
 				klog.Errorf("failed to add static route for node gw: %v", err)
 				return err
 			}
@@ -1198,19 +1217,29 @@ func (c *Controller) addPolicyRouteForCentralizedSubnetOnNode(nodeName, nodeIP s
 	return nil
 }
 
-func (c *Controller) addPolicyRouteForLocalDnsCacheOnNode(nodePortName, nodeIP, nodeName string, af int) error {
-	externalIDs := map[string]string{
-		"vendor":          util.CniTypeName,
-		"node":            nodeName,
-		"address-family":  strconv.Itoa(af),
-		"isLocalDnsCache": "true",
-	}
-
-	pgAs := strings.Replace(fmt.Sprintf("%s_ip%d", nodePortName, af), "-", ".", -1)
-	match := fmt.Sprintf("ip%d.src == $%s && ip%d.dst == %s", af, pgAs, af, c.config.NodeLocalDnsIP)
-	action := ovnnb.LogicalRouterPolicyActionReroute
+func (c *Controller) addPolicyRouteForLocalDNSCacheOnNode(nodePortName, nodeIP, nodeName string, af int) error {
+	var (
+		externalIDs = map[string]string{
+			"vendor":          util.CniTypeName,
+			"node":            nodeName,
+			"address-family":  strconv.Itoa(af),
+			"isLocalDnsCache": "true",
+		}
+		pgAs   = strings.ReplaceAll(fmt.Sprintf("%s_ip%d", nodePortName, af), "-", ".")
+		match  = fmt.Sprintf("ip%d.src == $%s && ip%d.dst == %s", af, pgAs, af, c.config.NodeLocalDNSIP)
+		action = kubeovnv1.PolicyRouteActionReroute
+	)
 	klog.Infof("add node local dns cache policy route for router: %s, match %s, action %s, nexthop %s, externalID %v", c.config.ClusterRouter, match, action, nodeIP, externalIDs)
-	if err := c.ovnNbClient.AddLogicalRouterPolicy(c.config.ClusterRouter, util.NodeLocalDnsPolicyPriority, match, action, []string{nodeIP}, externalIDs); err != nil {
+	if err := c.addPolicyRouteToVpc(
+		c.config.ClusterRouter,
+		&kubeovnv1.PolicyRoute{
+			Priority:  util.NodeRouterPolicyPriority,
+			Match:     match,
+			Action:    action,
+			NextHopIP: nodeIP,
+		},
+		externalIDs,
+	); err != nil {
 		klog.Errorf("failed to add logical router policy for node %s: %v", nodeName, err)
 		return err
 	}

pkg/controller/ovn-ic.go

@@ -376,7 +376,13 @@ func (c *Controller) delLearnedRoute() error {
 			return err
 		}
 		for _, r := range routeList {
-			if err = c.ovnNbClient.DeleteLogicalRouterStaticRoute(lr.Name, &r.RouteTable, r.Policy, r.IPPrefix, r.Nexthop); err != nil {
+			if err = c.deleteStaticRouteFromVpc(
+				lr.Name,
+				r.RouteTable,
+				r.IPPrefix,
+				r.Nexthop,
+				reversePolicy(*r.Policy),
+			); err != nil {
 				klog.Errorf("failed to delete learned static route %#v on logical router %s: %v", r, lr.Name, err)
 				return err
 			}
@@ -489,14 +495,30 @@ func (c *Controller) syncOneRouteToPolicy(key, value string) {
 			var matchFiled string
 			if util.CheckProtocol(lrRoute.IPPrefix) == kubeovnv1.ProtocolIPv4 {
 				matchFiled = util.MatchV4Dst + " == " + lrRoute.IPPrefix
-				if err := c.ovnNbClient.AddLogicalRouterPolicy(lr.Name, util.OvnICPolicyPriority, matchFiled, ovnnb.LogicalRouterPolicyActionAllow, nil, map[string]string{key: value, "vendor": util.CniTypeName}); err != nil {
+				if err := c.addPolicyRouteToVpc(
+					lr.Name,
+					&kubeovnv1.PolicyRoute{
+						Priority: util.OvnICPolicyPriority,
+						Match:    matchFiled,
+						Action:   kubeovnv1.PolicyRouteActionAllow,
+					},
+					map[string]string{key: value, "vendor": util.CniTypeName},
+				); err != nil {
 					klog.Errorf("adding router policy failed %v", err)
 				}
 			}
 
 			if util.CheckProtocol(lrRoute.IPPrefix) == kubeovnv1.ProtocolIPv6 {
 				matchFiled = util.MatchV6Dst + " == " + lrRoute.IPPrefix
-				if err := c.ovnNbClient.AddLogicalRouterPolicy(lr.Name, util.OvnICPolicyPriority, matchFiled, ovnnb.LogicalRouterPolicyActionAllow, nil, map[string]string{key: value, "vendor": util.CniTypeName}); err != nil {
+				if err := c.addPolicyRouteToVpc(
+					lr.Name,
+					&kubeovnv1.PolicyRoute{
+						Priority: util.OvnICPolicyPriority,
+						Match:    matchFiled,
+						Action:   kubeovnv1.PolicyRouteActionAllow,
+					},
+					map[string]string{key: value, "vendor": util.CniTypeName},
+				); err != nil {
 					klog.Errorf("adding router policy failed %v", err)
 				}
 			}

pkg/controller/pod.go

@@ -802,8 +802,14 @@ func (c *Controller) reconcileRouteSubnets(cachedPod, pod *v1.Pod, needRoutePodN
 					nextHop = strings.Split(nextHop, "/")[0]
 				}
 
-				if err := c.ovnNbClient.AddLogicalRouterStaticRoute(
-					c.config.ClusterRouter, subnet.Spec.RouteTable, ovnnb.LogicalRouterStaticRoutePolicySrcIP, podIP, nil, nextHop,
+				if err := c.addStaticRouteToVpc(
+					c.config.ClusterRouter,
+					&kubeovnv1.StaticRoute{
+						Policy:     kubeovnv1.PolicySrc,
+						CIDR:       podIP,
+						NextHopIP:  nextHop,
+						RouteTable: subnet.Spec.RouteTable,
+					},
 				); err != nil {
 					klog.Errorf("failed to add static route, %v", err)
 					return err
@@ -846,15 +852,25 @@ func (c *Controller) reconcileRouteSubnets(cachedPod, pod *v1.Pod, needRoutePodN
 				}
 
 				if pod.Annotations[util.NorthGatewayAnnotation] != "" {
-					if err := c.ovnNbClient.AddLogicalRouterStaticRoute(
-						c.config.ClusterRouter, subnet.Spec.RouteTable, ovnnb.LogicalRouterStaticRoutePolicySrcIP, podIP, nil, pod.Annotations[util.NorthGatewayAnnotation],
+					if err := c.addStaticRouteToVpc(
+						subnet.Spec.RouteTable,
+						&kubeovnv1.StaticRoute{
+							Policy:     kubeovnv1.PolicySrc,
+							CIDR:       podIP,
+							NextHopIP:  pod.Annotations[util.NorthGatewayAnnotation],
+							RouteTable: subnet.Spec.RouteTable,
+						},
 					); err != nil {
 						klog.Errorf("failed to add static route, %v", err)
 						return err
 					}
 				} else if c.config.EnableEipSnat {
-					if err = c.ovnNbClient.DeleteLogicalRouterStaticRoute(
-						c.config.ClusterRouter, &subnet.Spec.RouteTable, nil, podIP, "",
+					if err = c.deleteStaticRouteFromVpc(
+						c.config.ClusterRouter,
+						subnet.Spec.RouteTable,
+						podIP,
+						"",
+						kubeovnv1.PolicyDst,
 					); err != nil {
 						return err
 					}
@@ -955,7 +971,13 @@ func (c *Controller) handleDeletePod(key string) error {
 			}
 			// If pod has snat or eip, also need delete staticRoute when delete pod
 			if vpc.Name == c.config.ClusterRouter {
-				if err = c.ovnNbClient.DeleteLogicalRouterStaticRoute(vpc.Name, &subnet.Spec.RouteTable, nil, address.Ip, ""); err != nil {
+				if err = c.deleteStaticRouteFromVpc(
+					vpc.Name,
+					subnet.Spec.RouteTable,
+					address.IP,
+					"",
+					kubeovnv1.PolicyDst,
+				); err != nil {
 					return err
 				}
 			}