Add registry keys for prefix on nic scenario

Author: NihaNallappagari

cns/NetworkContainerContract.go

@@ -128,6 +128,7 @@ type CreateNetworkContainerRequest struct {
 	AllowNCToHostCommunication bool
 	EndpointPolicies           []NetworkContainerRequestPolicies
 	NCStatus                   v1alpha.NCStatus
+	SwiftV2PrefixOnNic         bool // Indicates if is swiftv2 nc, PrefixOnNic scenario (isSwiftV2 && nc.Type == VNETBlock)
 	NetworkInterfaceInfo       NetworkInterfaceInfo //nolint // introducing new field for backendnic, to be used later by cni code
 }
 

cns/kubecontroller/nodenetworkconfig/conversion.go

@@ -62,6 +62,7 @@ func CreateNCRequestFromDynamicNC(nc v1alpha.NetworkContainer) (*cns.CreateNetwo
 		NetworkContainerid:   nc.ID,
 		NetworkContainerType: cns.Docker,
 		Version:              strconv.FormatInt(nc.Version, 10), //nolint:gomnd // it's decimal
+		SwiftV2PrefixOnNic:   false, // Dynamic NCs don't use SwiftV2 PrefixOnNic
 		IPConfiguration: cns.IPConfiguration{
 			IPSubnet:         subnet,
 			GatewayIPAddress: nc.DefaultGateway,

cns/kubecontroller/nodenetworkconfig/conversion_linux.go

@@ -60,6 +60,7 @@ func createNCRequestFromStaticNCHelper(nc v1alpha.NetworkContainer, primaryIPPre
 			GatewayIPv6Address: nc.DefaultGatewayV6,
 		},
 		NCStatus: nc.Status,
+		SwiftV2PrefixOnNic: isSwiftV2 && nc.Type == v1alpha.VNETBlock,
 		NetworkInterfaceInfo: cns.NetworkInterfaceInfo{
 			MACAddress: nc.MacAddress,
 		},

cns/restserver/internalapi.go

@@ -15,6 +15,7 @@ import (
 	"strconv"
 	"strings"
 	"time"
+	"runtime"
 
 	"github.com/Azure/azure-container-networking/cns"
 	"github.com/Azure/azure-container-networking/cns/logger"
@@ -194,6 +195,16 @@ var errNonExistentContainerStatus = errors.New("nonExistantContainerstatus")
 // all NCs and update the CNS state accordingly. This function returns the the total number of NCs on this VM that have been programmed to
 // some version, NOT the number of NCs that are up-to-date.
 func (service *HTTPRestService) syncHostNCVersion(ctx context.Context, channelMode string) (int, error) {
+	// will remove it later
+	// hasVNETBlockNC1 := service.isPrefixonNicSwiftV2()
+	// logger.Printf("winDebug: syncHostNCVersion hasVNETBlockNC1 %v", hasVNETBlockNC1)
+	// if runtime.GOOS == "windows" {
+	// 	logger.Printf("winDebug: before setPrefixOnNICRegistry in syncHostNCVersion")
+	// 	err := service.setPrefixOnNICRegistry(true, "aa:bb:cc:dd:ee:ff")
+	// 	if err != nil {
+	// 		logger.Debugf("failed to add PrefixOnNic keys to Windows registry: %w", err)
+	// 	}
+	// }
 	outdatedNCs := map[string]struct{}{}
 	programmedNCs := map[string]struct{}{}
 	for idx := range service.state.ContainerStatus {
@@ -219,7 +230,7 @@ func (service *HTTPRestService) syncHostNCVersion(ctx context.Context, channelMo
 			programmedNCs[service.state.ContainerStatus[idx].ID] = struct{}{}
 		}
 	}
-	if len(outdatedNCs) == 0 {
+	if len(outdatedNCs) != 0 {
 		return len(programmedNCs), nil
 	}
 
@@ -717,8 +728,27 @@ func (service *HTTPRestService) GetIMDSNCs(ctx context.Context) (map[string]stri
 
 		if ncID != "" {
 			ncs[ncID] = PrefixOnNicNCVersion // for prefix on nic version scenario nc version is 1
+		} else if runtime.GOOS == "windows" && service.isPrefixonNicSwiftV2() {
+			err := service.setPrefixOnNICRegistry(true, iface.MacAddress.String())
+			if err != nil {
+				logger.Debugf("failed to add PrefixOnNic keys to Windows registry: %w", err)
+			}
 		}
 	}
 
 	return ncs, nil
 }
+
+// isPrefixonNicSwiftV2 checks if any NC in the container status should use SwiftV2 PrefixOnNic
+// Uses the SwiftV2PrefixOnNic field which captures the condition: isSwiftV2 && nc.Type == VNETBlock
+func (service *HTTPRestService) isPrefixonNicSwiftV2() bool {
+	for _, containerStatus := range service.state.ContainerStatus {
+		req := containerStatus.CreateNetworkContainerRequest
+
+		// Check if this NC is SwiftV2 PrefixOnNic setting
+		if req.SwiftV2PrefixOnNic {
+			return true
+		}
+	}
+	return false
+}

cns/restserver/internalapi_linux.go

@@ -181,3 +181,13 @@ func (service *HTTPRestService) programSNATRules(req *cns.CreateNetworkContainer
 func (service *HTTPRestService) setVFForAccelnetNICs() error {
 	return nil
 }
+
+func (service *HTTPRestService) setPrefixOnNICRegistry(enabled bool, infraNicMacAddress string) error {
+	logger.Printf("[setPrefixOnNicEnabled winDebug] No-op on Linux platform")
+	return nil
+}
+
+func (service *HTTPRestService) getPrefixOnNicEnabled() (bool, error) {
+	logger.Printf(" winDebug getPrefixOnNicEnabled is a no-op on non-Windows platforms")
+	return false, nil // Add this missing return statement
+}

cns/restserver/internalapi_windows.go

@@ -6,14 +6,20 @@ import (
 	"time"
 
 	"github.com/Azure/azure-container-networking/cns"
+	"github.com/Azure/azure-container-networking/cns/logger"
 	"github.com/Azure/azure-container-networking/cns/types"
 	"github.com/Microsoft/hcsshim"
 	"github.com/pkg/errors"
+	"golang.org/x/sys/windows/registry"
 )
 
 const (
 	// timeout for powershell command to return the interfaces list
-	pwshTimeout = 120 * time.Second
+		pwshTimeout             = 120 * time.Second
+	hnsRegistryPath         = `SYSTEM\CurrentControlSet\Services\HNS\wcna_state\config`
+	prefixOnNicRegistryPath = `SYSTEM\CurrentControlSet\Services\HNS\wcna_state\config\PrefixOnNic`
+	infraNicIfName          = "eth0"
+	enableSNAT              = false
 )
 
 var errUnsupportedAPI = errors.New("unsupported api")
@@ -75,3 +81,91 @@ func (service *HTTPRestService) getPrimaryNICMACAddress() (string, error) {
 	}
 	return macAddress, nil
 }
+
+func (service *HTTPRestService) enablePrefixOnNic(enabled bool) error {
+	return service.setRegistryValue(prefixOnNicRegistryPath, "enabled", enabled)
+}
+
+func (service *HTTPRestService) setInfraNicMacAddress(macAddress string) error {
+	return service.setRegistryValue(prefixOnNicRegistryPath, "infra_nic_mac_address", macAddress)
+}
+
+func (service *HTTPRestService) setInfraNicIfName(ifName string) error {
+	return service.setRegistryValue(prefixOnNicRegistryPath, "infra_nic_ifname", ifName)
+}
+
+func (service *HTTPRestService) setEnableSNAT(enabled bool) error {
+	return service.setRegistryValue(hnsRegistryPath, "EnableSNAT", enabled)
+}
+
+func (service *HTTPRestService) setPrefixOnNICRegistry(enablePrefixOnNic bool, infraNicMacAddress string) error {
+	if err := service.enablePrefixOnNic(enablePrefixOnNic); err != nil {
+		return fmt.Errorf("failed to set enablePrefixOnNic key to windows registry: %w", err)
+	}
+
+	if err := service.setInfraNicMacAddress(infraNicMacAddress); err != nil {
+		return fmt.Errorf("failed to set InfraNicMacAddress key to windows registry: %w", err)
+	}
+
+	if err := service.setInfraNicIfName(infraNicIfName); err != nil {
+		return fmt.Errorf("failed to set InfraNicIfName key to windows registry: %w", err)
+	}
+
+	if err := service.setEnableSNAT(enableSNAT); err != nil {
+		return fmt.Errorf("failed to set EnableSNAT key to windows registry: %w", err)
+	}
+
+	return nil
+}
+
+func (service *HTTPRestService) setRegistryValue(registryPath, keyName string, value interface{}) error {
+	key, _, err := registry.CreateKey(registry.LOCAL_MACHINE, registryPath, registry.SET_VALUE)
+	if err != nil {
+		return fmt.Errorf("failed to create/open registry key %s: %w", registryPath, err)
+	}
+	defer key.Close()
+
+	switch v := value.(type) {
+	case string:
+		err = key.SetStringValue(keyName, v)
+	case bool:
+		dwordValue := uint32(0)
+		if v {
+			dwordValue = 1
+		}
+		err = key.SetDWordValue(keyName, dwordValue)
+	case uint32:
+		err = key.SetDWordValue(keyName, v)
+	case int:
+		err = key.SetDWordValue(keyName, uint32(v))
+	default:
+		return fmt.Errorf("unsupported value type for registry key %s: %T", keyName, value)
+	}
+
+	if err != nil {
+		return fmt.Errorf("failed to set registry value '%s': %w", keyName, err)
+	}
+
+	logger.Printf("[setRegistryValue] Set %s\\%s = %v", registryPath, keyName, value) 
+	// have to remove this log later
+	// test, _ := service.getPrefixOnNicEnabled()
+	// logger.Printf("winDebug: setRegistryValue getPrefixOnNicEnabled %v", test)
+	return nil
+}
+
+// for testing purpose, will remove it later
+
+// func (service *HTTPRestService) getPrefixOnNicEnabled() (bool, error) {
+// 	key, err := registry.OpenKey(registry.LOCAL_MACHINE, prefixOnNicRegistryPath, registry.QUERY_VALUE)
+// 	if err != nil {
+// 		return false, nil // Key doesn't exist, default to false
+// 	}
+// 	defer key.Close()
+
+// 	value, _, err := key.GetIntegerValue("enabled")
+// 	if err != nil {
+// 		return false, nil // Value doesn't exist, default to false
+// 	}
+
+// 	return value == 1, nil
+// }