add route for service ip range when init vpc-nat-gw (#2821)

Author: hongzhen-ma

dist/images/vpcnatgateway/nat-gateway.sh

@@ -33,6 +33,15 @@ function init() {
     iptables -t nat -A POSTROUTING -j SNAT_FILTER
     iptables -t nat -A SNAT_FILTER -j EXCLUSIVE_SNAT
     iptables -t nat -A SNAT_FILTER -j SHARED_SNAT
+
+    for rule in $@
+    do
+        arr=(${rule//,/ })
+        cidr=${arr[0]}
+        nextHop=${arr[1]}
+
+        exec_cmd "ip route replace $cidr via $nextHop dev eth0"
+    done
 }
 
 

pkg/controller/vpc_nat_gateway.go

@@ -289,12 +289,7 @@ func (c *Controller) handleInitVpcNatGw(key string) error {
 		}
 		return err
 	}
-	var v4Cidr string
-	if subnet, ok := c.ipam.Subnets[gw.Spec.Subnet]; ok {
-		v4Cidr = subnet.V4CIDR.String()
-	} else {
-		return fmt.Errorf("failed to get subnet %s", gw.Spec.Subnet)
-	}
+	// subnet for vpc-nat-gw has been checked when create vpc-nat-gw
 
 	if err := c.updateCrdNatGw(gw.Name); err != nil {
 		klog.Errorf("failed to update nat gw: %v", gw.Name, err)
@@ -317,8 +312,10 @@ func (c *Controller) handleInitVpcNatGw(key string) error {
 	}
 	NAT_GW_CREATED_AT = pod.CreationTimestamp.Format("2006-01-02T15:04:05")
 	klog.V(3).Infof("nat gw pod '%s' inited at %s", key, NAT_GW_CREATED_AT)
-	if err = c.execNatGwRules(pod, natGwInit, []string{v4Cidr}); err != nil {
-		klog.Errorf("failed to init vpc nat gateway, %v", err)
+
+	if err = c.execNatGwRules(pod, natGwInit, []string{fmt.Sprintf("%s,%s", c.config.ServiceClusterIPRange, pod.Annotations[util.GatewayAnnotation])}); err != nil {
+		err = fmt.Errorf("failed to init vpc nat gateway, %v", err)
+		klog.Error(err)
 		return err
 	}
 	c.updateVpcFloatingIpQueue.Add(key)