Prefix on NIC v6 support

Author: kadevu

azure-ipam/ipam.go

@@ -81,7 +81,7 @@ func (p *IPAMPlugin) CmdAdd(args *cniSkel.CmdArgs) error {
 	p.logger.Debug("Making request to CNS")
 	// if this fails, the caller plugin should execute again with cmdDel before returning error.
 	// https://www.cni.dev/docs/spec/#delegated-plugin-execution-procedure
-	resp, err := p.cnsClient.RequestIPs(context.TODO(), req) // need to add interfaces to this response
+	resp, err := p.cnsClient.RequestIPs(context.TODO(), req)
 	if err != nil {
 		if cnscli.IsUnsupportedAPI(err) {
 			p.logger.Error("Failed to request IPs using RequestIPs from CNS, going to try RequestIPAddress", zap.Error(err), zap.Any("request", req))
@@ -113,10 +113,9 @@ func (p *IPAMPlugin) CmdAdd(args *cniSkel.CmdArgs) error {
 		}
 	}
 	p.logger.Debug("Received CNS IP config response", zap.Any("response", resp))
-	// resp.PodIPInfo
 
 	// Get Pod IP and gateway IP from ip config response
-	podIPNet, gatewayIP, err := ipconfig.ProcessIPConfigsResp(resp) // need to get interfaces out of the response and add it here
+	podIPNet, gatewayIP, err := ipconfig.ProcessIPConfigsResp(resp)
 	if err != nil {
 		p.logger.Error("Failed to interpret CNS IPConfigResponse", zap.Error(err), zap.Any("response", resp))
 		return cniTypes.NewError(ErrProcessIPConfigResponse, err.Error(), "failed to interpret CNS IPConfigResponse")
@@ -131,37 +130,43 @@ func (p *IPAMPlugin) CmdAdd(args *cniSkel.CmdArgs) error {
 				IP:   net.ParseIP(ipNet.Addr().String()),
 				Mask: net.CIDRMask(ipNet.Bits(), 32), // nolint
 			}
-
-			ipConfig.Gateway = (*gatewayIP)[i]
-			p.logger.Debug("Gatewayv4", zap.String("Gatewayv4", ipConfig.Gateway.String()))
 		} else {
 			ipConfig.Address = net.IPNet{
 				IP:   net.ParseIP(ipNet.Addr().String()),
 				Mask: net.CIDRMask(ipNet.Bits(), 128), // nolint
 			}
-
-			ipConfig.Gateway = (*gatewayIP)[i]
-			p.logger.Debug("Gatewayv6", zap.String("Gatewayv6", ipConfig.Gateway.String()))
-			//ipConfig.Gateway = net.ParseIP("fd00:aec6:6946:1::")
-			if ipConfig.Gateway == nil {
-				//ipConfig.Gateway = net.ParseIP("fd00:aec6:6946:1::")
-				//p.logger.Debug("DummyGatewayv6", zap.String("Gatewayv6", ipConfig.Gateway.String()))
-			}
 		}
+		ipConfig.Gateway = (*gatewayIP)[i]
 		cniResult.IPs[i] = ipConfig
 	}
 
-	p.logger.Info("MACAddress:", zap.Any("MACAddress", resp.PodIPInfo[0].MacAddress))
+	cniResult.Interfaces = []*types100.Interface{}
+	seenInterfaces := map[string]bool{}
 
-	cniResult.Interfaces = make([]*types100.Interface, 1)
-	interface_test := &types100.Interface{
-		Name: "eth1",
-		//Mac:  "00-0D-3A-6F-11-DE",
-		Mac: resp.PodIPInfo[0].MacAddress,
-	}
-	cniResult.Interfaces[0] = interface_test
+	for _, podIPInfo := range resp.PodIPInfo {
+		if podIPInfo.MacAddress == "" {
+			continue
+		}
 
-	p.logger.Info("Created CNIResult:", zap.Any("result", cniResult))
+		// Skip if interface already seen
+		// This is to avoid duplicate interfaces in the result
+		// which can happen if multiple IPs are assigned to the same interface
+		// or if multiple interfaces are assigned to the same pod
+		if seenInterfaces[podIPInfo.MacAddress] {
+			continue
+		}
+
+		infMac, err := net.ParseMAC(podIPInfo.MacAddress)
+		if err != nil {
+			p.logger.Error("Failed to parse interface MAC address", zap.Error(err), zap.String("macAddress", podIPInfo.MacAddress))
+			return cniTypes.NewError(cniTypes.ErrUnsupportedField, err.Error(), "failed to parse interface MAC address")
+		}
+
+		cniResult.Interfaces = append(cniResult.Interfaces, &types100.Interface{
+			Mac: infMac.String(),
+		})
+		seenInterfaces[podIPInfo.MacAddress] = true
+	}
 
 	// Get versioned result
 	versionedCniResult, err := cniResult.GetAsVersion(nwCfg.CNIVersion)

azure-ipam/ipconfig/ipconfig.go

@@ -69,6 +69,8 @@ func ProcessIPConfigsResp(resp *cns.IPConfigsResponse) (*[]netip.Prefix, *[]net.
 	gatewaysIPs := make([]net.IP, len(resp.PodIPInfo))
 
 	for i := range resp.PodIPInfo {
+		var gatewayIP net.IP
+
 		podCIDR := fmt.Sprintf(
 			"%s/%d",
 			resp.PodIPInfo[i].PodIPConfig.IPAddress,
@@ -81,21 +83,14 @@ func ProcessIPConfigsResp(resp *cns.IPConfigsResponse) (*[]netip.Prefix, *[]net.
 		podIPNets[i] = podIPNet
 
 		if podIPNet.Addr().Is4() {
-			gatewayIP := net.ParseIP(resp.PodIPInfo[i].NetworkContainerPrimaryIPConfig.GatewayIPAddress)
-
-			if gatewayIP == nil {
-				return nil, nil, errors.New("cns returned invalid gateway IP address")
-			}
-			gatewaysIPs[i] = gatewayIP
+			gatewayIP = net.ParseIP(resp.PodIPInfo[i].NetworkContainerPrimaryIPConfig.GatewayIPAddress)
 		} else if podIPNet.Addr().Is6() {
-			gatewayIP := net.ParseIP(resp.PodIPInfo[i].NetworkContainerPrimaryIPConfig.GatewayIPv6Address)
+			gatewayIP = net.ParseIP(resp.PodIPInfo[i].NetworkContainerPrimaryIPConfig.GatewayIPv6Address)
+		}
 
-			if gatewayIP == nil {
-				return nil, nil, errors.New("cns returned invalid gateway IPv6 address")
-			}
+		if gatewayIP != nil {
 			gatewaysIPs[i] = gatewayIP
 		}
-
 	}
 
 	return &podIPNets, &gatewaysIPs, nil

cns/NetworkContainerContract.go

@@ -129,7 +129,6 @@ type CreateNetworkContainerRequest struct {
 	EndpointPolicies           []NetworkContainerRequestPolicies
 	NCStatus                   v1alpha.NCStatus
 	NetworkInterfaceInfo       NetworkInterfaceInfo //nolint // introducing new field for backendnic, to be used later by cni code
-	IPFamilies                 map[IPFamily]struct{}
 }
 
 func (req *CreateNetworkContainerRequest) Validate() error {

cns/imds/client.go

@@ -6,12 +6,9 @@ package imds
 import (
 	"context"
 	"encoding/json"
-	"fmt"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 
-	"github.com/Azure/azure-container-networking/cns/logger"
 	"github.com/avast/retry-go/v4"
 	"github.com/pkg/errors"
 )
@@ -62,17 +59,6 @@ var (
 	ErrUnexpectedStatusCode = errors.New("imds returned an unexpected status code")
 )
 
-// Define struct for Network Interface
-type NetworkInterface struct {
-	MacAddress string `json:"macAddress"`
-	NcID       string `json:"ncId"`
-}
-
-// Define struct for Network
-type Network struct {
-	Interface []NetworkInterface `json:"interface"`
-}
-
 // NewClient creates a new imds client
 func NewClient(opts ...ClientOption) *Client {
 	config := clientConfig{
@@ -94,41 +80,15 @@ func (c *Client) GetVMUniqueID(ctx context.Context) (string, error) {
 	var vmUniqueID string
 	err := retry.Do(func() error {
 		computeDoc, err := c.getInstanceComputeMetadata(ctx)
-
 		if err != nil {
 			return errors.Wrap(err, "error getting IMDS compute metadata")
 		}
-
-		// logger.Printf("Complete IMDS call response: %v", computeDoc)
-		// macaddressData, ok1 := computeDoc["macaddress"].(string)
-		// if !ok1 {
-		// 	return errors.New("unable to parse IMDS macaddress metadata")
-		// }
-		// logger.Printf("Complete IMDS call response[network]: %v", macaddressData)
-
-		// ncidData, ok2 := computeDoc["ncId"].(string)
-		// if !ok2 {
-		// 	return errors.New("unable to parse IMDS ncid metadata")
-		// }
-		// logger.Printf("Complete IMDS call response[network][macaddress]: %v", ncidData)
-
 		vmUniqueIDUntyped := computeDoc[vmUniqueIDProperty]
 		var ok bool
 		vmUniqueID, ok = vmUniqueIDUntyped.(string)
 		if !ok {
 			return errors.New("unable to parse IMDS compute metadata, vmId property is not a string")
 		}
-
-		networkDoc, err := c.getInstanceInterfaceMacaddress(ctx)
-
-		if err != nil {
-			errors.Wrap(err, "error getting IMDS interface metadata")
-		} else {
-			for _, int := range networkDoc.Interface {
-				logger.Printf("Complete IMDS call [macaddress]: %s, [ncId]: %s", int.MacAddress, int.NcID)
-			}
-		}
-
 		return nil
 	}, retry.Context(ctx), retry.Attempts(c.config.retryAttempts), retry.DelayType(retry.BackOffDelay))
 	if err != nil {
@@ -166,52 +126,10 @@ func (c *Client) getInstanceComputeMetadata(ctx context.Context) (map[string]any
 		return nil, errors.Wrapf(ErrUnexpectedStatusCode, "unexpected status code %d", resp.StatusCode)
 	}
 
-	logger.Printf("Complete IMDS call response body: %v", resp.Body)
-
 	var m map[string]any
 	if err := json.NewDecoder(resp.Body).Decode(&m); err != nil {
 		return nil, errors.Wrap(err, "error decoding IMDS response as json")
 	}
 
 	return m, nil
 }
-
-func (c *Client) getInstanceInterfaceMacaddress(ctx context.Context) (Network, error) {
-	imdsComputeURL, err := url.JoinPath(c.config.endpoint, "/metadata/instance/network")
-	if err != nil {
-		return Network{}, errors.Wrap(err, "unable to build path to IMDS interface metadata")
-	}
-	imdsComputeURL = imdsComputeURL + "?" + imdsComputeAPIVersion + "&" + imdsFormatJSON
-
-	req, err := http.NewRequestWithContext(ctx, http.MethodGet, imdsComputeURL, http.NoBody)
-	if err != nil {
-		return Network{}, errors.Wrap(err, "error building IMDS http request")
-	}
-
-	// IMDS requires the "Metadata: true" header
-	req.Header.Add(metadataHeaderKey, metadataHeaderValue)
-	resp, err := c.cli.Do(req)
-	if err != nil {
-		return Network{}, errors.Wrap(err, "error querying IMDS")
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode != http.StatusOK {
-		return Network{}, errors.Wrapf(ErrUnexpectedStatusCode, "unexpected status code %d", resp.StatusCode)
-	}
-
-	body, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		fmt.Println("Error reading response:", err)
-		return Network{}, err
-	}
-
-	logger.Printf("Complete IMDS call response body: %v", body)
-
-	var m Network
-	if err := json.Unmarshal(body, &m); err != nil { // .NewDecoder(resp.Body).Decode(&m); err != nil {
-		return Network{}, errors.Wrap(err, "error decoding IMDS response as json")
-	}
-
-	return m, nil
-}

cns/kubecontroller/nodenetworkconfig/conversion.go

@@ -7,9 +7,7 @@ import (
 	"strings"
 
 	"github.com/Azure/azure-container-networking/cns"
-	"github.com/Azure/azure-container-networking/cns/logger"
 	"github.com/Azure/azure-container-networking/crd/nodenetworkconfig/api/v1alpha"
-	"github.com/Azure/azure-container-networking/netlink"
 	"github.com/pkg/errors"
 )
 
@@ -104,46 +102,5 @@ func CreateNCRequestFromStaticNC(nc v1alpha.NetworkContainer) (*cns.CreateNetwor
 		return nil, errors.Wrapf(err, "error while creating NC request from static NC")
 	}
 
-	logger.Printf("[CreateNCRequestFromStaticNC] Created NC request %+v", req)
-
-	err = assignIPToDelegatedNIC(nc)
-
 	return req, err
 }
-
-func assignIPToDelegatedNIC(nc v1alpha.NetworkContainer) error {
-	logger.Printf("[assignIPToDelegatedNIC] Before Assign IP to the Delegated NIC")
-
-	// Assign IP to the Delegated NIC
-	nl := netlink.NewNetlink()
-
-	if nl == nil {
-		logger.Printf("failed to create netlink handle")
-		return errors.New("failed to create netlink handle")
-	}
-
-	ip, addr, _ := net.ParseCIDR(nc.PrimaryIP)
-
-	logger.Printf("[assignIPToDelegatedNIC] ip %s addr %s", ip, addr)
-
-	err := nl.AddIPAddress("eth1", ip, addr)
-
-	if err != nil {
-		errors.Wrapf(err, "failed to assign IP to delegated NIC")
-	}
-
-	ipv6, addrv6, _ := net.ParseCIDR(nc.PrimaryIPv6)
-
-	logger.Printf("[assignIPToDelegatedNIC] ip %s addr %s", ipv6, addrv6)
-
-	if ipv6 != nil {
-		errv6 := nl.AddIPAddress("eth1", ipv6, addrv6)
-
-		if errv6 != nil {
-			errors.Wrapf(errv6, "failed to assign V6 IP to delegated NIC")
-		}
-	}
-
-	logger.Printf("[assignIPToDelegatedNIC] After Assign IP to the Delegated NIC")
-	return err
-}

cns/kubecontroller/nodenetworkconfig/conversion_linux.go

@@ -1,7 +1,6 @@
 package nodenetworkconfig
 
 import (
-	"fmt"
 	"net/netip"
 	"strconv"
 
@@ -16,7 +15,6 @@ import (
 //nolint:gocritic //ignore hugeparam
 func createNCRequestFromStaticNCHelper(nc v1alpha.NetworkContainer, primaryIPPrefix netip.Prefix, subnet cns.IPSubnet) (*cns.CreateNetworkContainerRequest, error) {
 	secondaryIPConfigs := map[string]cns.SecondaryIPConfig{}
-	ipFamilies := map[cns.IPFamily]struct{}{}
 
 	// in the case of vnet prefix on swift v2 the primary IP is a /32 and should not be added to secondary IP configs
 	if !primaryIPPrefix.IsSingleIP() {
@@ -28,20 +26,12 @@ func createNCRequestFromStaticNCHelper(nc v1alpha.NetworkContainer, primaryIPPre
 				NCVersion: int(nc.Version),
 			}
 		}
-
-		// adds the IPFamily of the primary CIDR to the set
-		if primaryIPPrefix.Addr().Is4() {
-			ipFamilies[cns.IPv4Family] = struct{}{}
-		} else {
-			ipFamilies[cns.IPv6Family] = struct{}{}
-		}
 	}
 
 	// Add IPs from CIDR block to the secondary IPConfigs
 	if nc.Type == v1alpha.VNETBlock {
 
 		for _, ipAssignment := range nc.IPAssignments {
-			// Here we would need to check all other assigned CIDR Blocks that aren't the primary.
 			cidrPrefix, err := netip.ParsePrefix(ipAssignment.IP)
 			if err != nil {
 				return nil, errors.Wrapf(err, "invalid CIDR block: %s", ipAssignment.IP)
@@ -55,18 +45,9 @@ func createNCRequestFromStaticNCHelper(nc v1alpha.NetworkContainer, primaryIPPre
 					NCVersion: int(nc.Version),
 				}
 			}
-
-			// adds the IPFamily of the secondary CIDR to the set
-			if cidrPrefix.Addr().Is4() {
-				ipFamilies[cns.IPv4Family] = struct{}{}
-			} else {
-				ipFamilies[cns.IPv6Family] = struct{}{}
-			}
 		}
 	}
 
-	fmt.Printf("IPFamilies found on NC %+v are %+v", nc.ID, ipFamilies)
-
 	return &cns.CreateNetworkContainerRequest{
 		HostPrimaryIP:        nc.NodeIP,
 		SecondaryIPConfigs:   secondaryIPConfigs,
@@ -76,10 +57,9 @@ func createNCRequestFromStaticNCHelper(nc v1alpha.NetworkContainer, primaryIPPre
 		IPConfiguration: cns.IPConfiguration{
 			IPSubnet:           subnet,
 			GatewayIPAddress:   nc.DefaultGateway,
-			GatewayIPv6Address: nc.DefaultGatewayIPv6,
+			GatewayIPv6Address: nc.DefaultGatewayV6,
 		},
-		NCStatus:   nc.Status,
-		IPFamilies: ipFamilies,
+		NCStatus: nc.Status,
 		NetworkInterfaceInfo: cns.NetworkInterfaceInfo{
 			MACAddress: nc.MacAddress,
 		},