udn, nad template: Support localnet topology

ormergi · ormergi · commit 8efb425d0cff · 2025-04-16T18:30:10.000+03:00
When CUDN network.spec specifies Localnet topology, generate the NAD
accordingly.

Signed-off-by: Or Mergi &lt;ormergi@redhat.com&gt;
diff --git a/go-controller/pkg/clustermanager/userdefinednetwork/template/net-attach-def-template.go b/go-controller/pkg/clustermanager/userdefinednetwork/template/net-attach-def-template.go
@@ -31,6 +31,7 @@ type SpecGetter interface {
 	GetTopology() userdefinednetworkv1.NetworkTopology
 	GetLayer3() *userdefinednetworkv1.Layer3Config
 	GetLayer2() *userdefinednetworkv1.Layer2Config
+	GetLocalnet() *userdefinednetworkv1.LocalnetConfig
 }
 
 func RenderNetAttachDefManifest(obj client.Object, targetNamespace string) (*netv1.NetworkAttachmentDefinition, error) {
@@ -109,7 +110,8 @@ func renderNADLabels(obj client.Object) map[string]string {
 
 func validateTopology(spec SpecGetter) error {
 	if spec.GetTopology() == userdefinednetworkv1.NetworkTopologyLayer3 && spec.GetLayer3() == nil ||
-		spec.GetTopology() == userdefinednetworkv1.NetworkTopologyLayer2 && spec.GetLayer2() == nil {
+		spec.GetTopology() == userdefinednetworkv1.NetworkTopologyLayer2 && spec.GetLayer2() == nil ||
+		spec.GetTopology() == userdefinednetworkv1.NetworkTopologyLocalnet && spec.GetLocalnet() == nil {
 		return fmt.Errorf("topology %[1]s is specified but %[1]s config is nil", spec.GetTopology())
 	}
 	return nil
@@ -150,6 +152,18 @@ func renderCNINetworkConfig(networkName, nadName string, spec SpecGetter) (map[s
 		netConfSpec.AllowPersistentIPs = cfg.IPAM != nil && cfg.IPAM.Lifecycle == userdefinednetworkv1.IPAMLifecyclePersistent
 		netConfSpec.Subnets = cidrString(cfg.Subnets)
 		netConfSpec.JoinSubnet = cidrString(renderJoinSubnets(cfg.Role, cfg.JoinSubnets))
+	case userdefinednetworkv1.NetworkTopologyLocalnet:
+		cfg := spec.GetLocalnet()
+		netConfSpec.Role = strings.ToLower(string(cfg.Role))
+		netConfSpec.MTU = int(cfg.MTU)
+		netConfSpec.AllowPersistentIPs = cfg.IPAM != nil && cfg.IPAM.Lifecycle == userdefinednetworkv1.IPAMLifecyclePersistent
+		netConfSpec.Subnets = cidrString(cfg.Subnets)
+		netConfSpec.ExcludeSubnets = cidrString(cfg.ExcludeSubnets)
+		netConfSpec.PhysicalNetworkName = cfg.PhysicalNetworkName
+
+		if cfg.VLAN != nil && cfg.VLAN.Access != nil {
+			netConfSpec.VLANID = int(cfg.VLAN.Access.ID)
+		}
 	}
 
 	if err := util.ValidateNetConf(nadName, netConfSpec); err != nil {
@@ -185,7 +199,15 @@ func renderCNINetworkConfig(networkName, nadName string, spec SpecGetter) (map[s
 	if netConfSpec.AllowPersistentIPs {
 		cniNetConf["allowPersistentIPs"] = netConfSpec.AllowPersistentIPs
 	}
-
+	if netConfSpec.PhysicalNetworkName != "" {
+		cniNetConf["physicalNetworkName"] = netConfSpec.PhysicalNetworkName
+	}
+	if len(netConfSpec.ExcludeSubnets) > 0 {
+		cniNetConf["excludeSubnets"] = netConfSpec.ExcludeSubnets
+	}
+	if netConfSpec.VLANID != 0 {
+		cniNetConf["vlanID"] = netConfSpec.VLANID
+	}
 	return cniNetConf, nil
 }
 
diff --git a/go-controller/pkg/clustermanager/userdefinednetwork/template/net-attach-def-template_test.go b/go-controller/pkg/clustermanager/userdefinednetwork/template/net-attach-def-template_test.go
@@ -169,7 +169,7 @@ var _ = Describe("NetAttachDefTemplate", func() {
 		),
 	)
 
-	DescribeTable("should fail to render NAD, given",
+	DescribeTable("should fail to render NAD manifest, given",
 		func(obj client.Object) {
 			_, err := RenderNetAttachDefManifest(obj, "test")
 			Expect(err).To(HaveOccurred())
@@ -223,10 +223,35 @@ var _ = Describe("NetAttachDefTemplate", func() {
 			&udnv1.ClusterUserDefinedNetwork{Spec: udnv1.ClusterUserDefinedNetworkSpec{Network: udnv1.NetworkSpec{
 				Topology: udnv1.NetworkTopologyLayer2, Layer3: &udnv1.Layer3Config{}}}},
 		),
+		Entry("CUDN, invalid topology: topology layer2 & localnet config",
+			&udnv1.ClusterUserDefinedNetwork{Spec: udnv1.ClusterUserDefinedNetworkSpec{Network: udnv1.NetworkSpec{
+				Topology: udnv1.NetworkTopologyLayer2, Localnet: &udnv1.LocalnetConfig{}}}},
+		),
 		Entry("CUDN, invalid topology: topology layer3 & layer2 config",
 			&udnv1.ClusterUserDefinedNetwork{Spec: udnv1.ClusterUserDefinedNetworkSpec{Network: udnv1.NetworkSpec{
 				Topology: udnv1.NetworkTopologyLayer3, Layer2: &udnv1.Layer2Config{}}}},
 		),
+		Entry("CUDN, invalid topology: topology layer3 & localnet config",
+			&udnv1.ClusterUserDefinedNetwork{Spec: udnv1.ClusterUserDefinedNetworkSpec{Network: udnv1.NetworkSpec{
+				Topology: udnv1.NetworkTopologyLayer3, Localnet: &udnv1.LocalnetConfig{}}}},
+		),
+		Entry("CUDN, invalid topology: topology localnet & layer2 config",
+			&udnv1.ClusterUserDefinedNetwork{Spec: udnv1.ClusterUserDefinedNetworkSpec{Network: udnv1.NetworkSpec{
+				Topology: udnv1.NetworkTopologyLocalnet, Layer2: &udnv1.Layer2Config{}}}},
+		),
+		Entry("CUDN, invalid topology: topology localnet & layer3 config",
+			&udnv1.ClusterUserDefinedNetwork{Spec: udnv1.ClusterUserDefinedNetworkSpec{Network: udnv1.NetworkSpec{
+				Topology: udnv1.NetworkTopologyLocalnet, Layer3: &udnv1.Layer3Config{}}}},
+		),
+		Entry("CUDN, localnet: excludeSubnets not in range of subnets",
+			&udnv1.ClusterUserDefinedNetwork{Spec: udnv1.ClusterUserDefinedNetworkSpec{Network: udnv1.NetworkSpec{
+				Topology: udnv1.NetworkTopologyLocalnet,
+				Localnet: &udnv1.LocalnetConfig{Role: udnv1.NetworkRoleSecondary, PhysicalNetworkName: "localnet1",
+					Subnets:        udnv1.DualStackCIDRs{"192.168.0.0/16", "2001:dbb::/64"},
+					ExcludeSubnets: []udnv1.CIDR{"192.200.0.0/30", "2001:aaa::/127", "192.300.0.1/32", "2001:bbb::1/120"},
+				},
+			}}},
+		),
 	)
 
 	It("should return no error given no UDN", func() {
@@ -492,7 +517,7 @@ var _ = Describe("NetAttachDefTemplate", func() {
 			  "allowPersistentIPs": true
 			}`,
 		),
-		Entry("secondary network",
+		Entry("secondary network, layer2",
 			udnv1.NetworkSpec{
 				Topology: udnv1.NetworkTopologyLayer2,
 				Layer2: &udnv1.Layer2Config{
@@ -516,5 +541,35 @@ var _ = Describe("NetAttachDefTemplate", func() {
 			  "allowPersistentIPs": true
 			}`,
 		),
+		Entry("secondary network, localnet",
+			udnv1.NetworkSpec{
+				Topology: udnv1.NetworkTopologyLocalnet,
+				Localnet: &udnv1.LocalnetConfig{
+					Role:                udnv1.NetworkRoleSecondary,
+					PhysicalNetworkName: "mylocalnet1",
+					MTU:                 1600,
+					VLAN:                &udnv1.VLANConfig{Mode: udnv1.VLANModeAccess, Access: &udnv1.AccessVLANConfig{ID: 200}},
+					Subnets:             udnv1.DualStackCIDRs{"192.168.100.0/24", "2001:dbb::/64"},
+					ExcludeSubnets:      []udnv1.CIDR{"192.168.100.1/32", "2001:dbb::0/128"},
+					IPAM: &udnv1.IPAMConfig{
+						Lifecycle: udnv1.IPAMLifecyclePersistent,
+					},
+				},
+			},
+			`{
+			  "cniVersion": "1.0.0",
+			  "type": "ovn-k8s-cni-overlay",
+			  "name": "cluster_udn_test-net",
+			  "netAttachDefName": "mynamespace/test-net",
+			  "role": "secondary",
+			  "topology": "localnet",
+		      "physicalNetworkName": "mylocalnet1",
+			  "subnets": "192.168.100.0/24,2001:dbb::/64",
+              "excludeSubnets": "192.168.100.1/32,2001:dbb::0/128",
+			  "mtu": 1600,
+              "vlanID": 200, 
+			  "allowPersistentIPs": true
+			}`,
+		),
 	)
 })
diff --git a/go-controller/pkg/crd/userdefinednetwork/v1/cudn.go b/go-controller/pkg/crd/userdefinednetwork/v1/cudn.go
@@ -85,6 +85,8 @@ type ClusterUserDefinedNetworkList struct {
 	Items           []ClusterUserDefinedNetwork `json:"items"`
 }
 
+const NetworkTopologyLocalnet NetworkTopology = "Localnet"
+
 // +kubebuilder:validation:XValidation:rule="!has(self.ipam) || !has(self.ipam.mode) || self.ipam.mode == 'Enabled' ? has(self.subnets) : !has(self.subnets)", message="Subnets is required with ipam.mode is Enabled or unset, and forbidden otherwise"
 // +kubebuilder:validation:XValidation:rule="!has(self.excludeSubnets) || has(self.subnets)", message="excludeSubnets must be unset when subnets is unset"
 // +kubebuilder:validation:XValidation:rule="!has(self.subnets) || !has(self.mtu) || !self.subnets.exists_one(i, isCIDR(i) && cidr(i).ip().family() == 6) || self.mtu >= 1280", message="MTU should be greater than or equal to 1280 when an IPv6 subnet is used"
diff --git a/go-controller/pkg/crd/userdefinednetwork/v1/spec.go b/go-controller/pkg/crd/userdefinednetwork/v1/spec.go
@@ -12,6 +12,11 @@ func (s *UserDefinedNetworkSpec) GetLayer2() *Layer2Config {
 	return s.Layer2
 }
 
+func (s *UserDefinedNetworkSpec) GetLocalnet() *LocalnetConfig {
+	// localnet is not supported
+	return nil
+}
+
 func (s *NetworkSpec) GetTopology() NetworkTopology {
 	return s.Topology
 }
@@ -23,3 +28,7 @@ func (s *NetworkSpec) GetLayer3() *Layer3Config {
 func (s *NetworkSpec) GetLayer2() *Layer2Config {
 	return s.Layer2
 }
+
+func (s *NetworkSpec) GetLocalnet() *LocalnetConfig {
+	return s.Localnet
+}

Original file line number	Diff line number	Diff line change
`@@ -85,6 +85,8 @@ type ClusterUserDefinedNetworkList struct {`
`85`	`85`	Items []ClusterUserDefinedNetwork `json:"items"`
`86`	`86`	`}`
`87`	`87`
	`88`	`+const NetworkTopologyLocalnet NetworkTopology = "Localnet"`
	`89`	`+`
`88`	`90`	`// +kubebuilder:validation:XValidation:rule="!has(self.ipam) \|\| !has(self.ipam.mode) \|\| self.ipam.mode == 'Enabled' ? has(self.subnets) : !has(self.subnets)", message="Subnets is required with ipam.mode is Enabled or unset, and forbidden otherwise"`
`89`	`91`	`// +kubebuilder:validation:XValidation:rule="!has(self.excludeSubnets) \|\| has(self.subnets)", message="excludeSubnets must be unset when subnets is unset"`
`90`	`92`	`// +kubebuilder:validation:XValidation:rule="!has(self.subnets) \|\| !has(self.mtu) \|\| !self.subnets.exists_one(i, isCIDR(i) && cidr(i).ip().family() == 6) \|\| self.mtu >= 1280", message="MTU should be greater than or equal to 1280 when an IPv6 subnet is used"`
Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,11 @@ func (s UserDefinedNetworkSpec) GetLayer2() Layer2Config {`
`12`	`12`	`return s.Layer2`
`13`	`13`	`}`
`14`	`14`
	`15`	`+func (s UserDefinedNetworkSpec) GetLocalnet() LocalnetConfig {`
	`16`	`+ // localnet is not supported`
	`17`	`+ return nil`
	`18`	`+}`
	`19`	`+`
`15`	`20`	`func (s *NetworkSpec) GetTopology() NetworkTopology {`
`16`	`21`	`return s.Topology`
`17`	`22`	`}`
`@@ -23,3 +28,7 @@ func (s NetworkSpec) GetLayer3() Layer3Config {`
`23`	`28`	`func (s NetworkSpec) GetLayer2() Layer2Config {`
`24`	`29`	`return s.Layer2`
`25`	`30`	`}`
	`31`	`+`
	`32`	`+func (s NetworkSpec) GetLocalnet() LocalnetConfig {`
	`33`	`+ return s.Localnet`
	`34`	`+}`