Merge remote-tracking branch 'upstream/master' into d/s-merge-08-21-2025

Author: origin-release-container

contrib/kind-common

@@ -35,6 +35,7 @@ if_error_exit() {
 set_common_default_params() {
   KIND_IMAGE=${KIND_IMAGE:-kindest/node}
   K8S_VERSION=${K8S_VERSION:-v1.33.1}
+  KIND_SETTLE_DURATION=${KIND_SETTLE_DURATION:-30}
 }
 
 run_kubectl() {
@@ -369,8 +370,8 @@ calculate_timeout() {
 }
 
 sleep_until_pods_settle() {
-  echo "Pods are all up, allowing things settle for 30 seconds..."
-  sleep 30
+  echo "Pods are all up, allowing things settle for ${KIND_SETTLE_DURATION} seconds..."
+  sleep ${KIND_SETTLE_DURATION}
 }
 
 is_nested_virt_enabled() {

dist/templates/k8s.ovn.org_clusteruserdefinednetworks.yaml.j2

@@ -94,6 +94,48 @@ spec:
                   layer2:
                     description: Layer2 is the Layer2 topology configuration.
                     properties:
+                      defaultGatewayIPs:
+                        description: |-
+                          defaultGatewayIPs specifies the default gateway IP used in the internal OVN topology.
+
+                          Dual-stack clusters may set 2 IPs (one for each IP family), otherwise only 1 IP is allowed.
+                          This field is only allowed for "Primary" network.
+                          It is not recommended to set this field without explicit need and understanding of the OVN network topology.
+                          When omitted, an IP from the subnets field is used.
+                        items:
+                          type: string
+                          x-kubernetes-validations:
+                          - message: IP is invalid
+                            rule: isIP(self)
+                        maxItems: 2
+                        minItems: 1
+                        type: array
+                        x-kubernetes-validations:
+                        - message: When 2 IPs are set, they must be from different
+                            IP families
+                          rule: size(self) != 2 || !isIP(self[0]) || !isIP(self[1])
+                            || ip(self[0]).family() != ip(self[1]).family()
+                      infrastructureSubnets:
+                        description: |-
+                          infrastructureSubnets specifies a list of internal CIDR ranges that OVN-Kubernetes will reserve for internal network infrastructure.
+                          Any IP addresses within these ranges cannot be assigned to workloads.
+                          When omitted, OVN-Kubernetes will automatically allocate IP addresses from `subnets` for its infrastructure needs.
+                          When there are not enough available IPs in the provided infrastructureSubnets, OVN-Kubernetes will automatically allocate IP addresses from subnets for its infrastructure needs.
+                          When `reservedSubnets` is also specified the CIDRs cannot overlap.
+                          When `defaultGatewayIPs` is also specified, the default gateway IPs must belong to one of the infrastructure subnet CIDRs.
+                          Each item should be in range of the specified CIDR(s) in `subnets`.
+                          The maximum number of entries allowed is 4.
+                          The format should match standard CIDR notation (for example, "10.128.0.0/16").
+                          This field must be omitted if `subnets` is unset or `ipam.mode` is `Disabled`.
+                        items:
+                          maxLength: 43
+                          type: string
+                          x-kubernetes-validations:
+                          - message: CIDR is invalid
+                            rule: isCIDR(self)
+                        maxItems: 4
+                        minItems: 1
+                        type: array
                       ipam:
                         description: IPAM section contains IPAM-related configuration
                           for the network.
@@ -160,6 +202,24 @@ spec:
                         maximum: 65536
                         minimum: 576
                         type: integer
+                      reservedSubnets:
+                        description: |-
+                          reservedSubnets specifies a list of CIDRs reserved for static IP assignment, excluded from automatic allocation.
+                          reservedSubnets is optional. When omitted, all IP addresses in `subnets` are available for automatic assignment.
+                          IPs from these ranges can still be requested through static IP assignment.
+                          Each item should be in range of the specified CIDR(s) in `subnets`.
+                          The maximum number of entries allowed is 25.
+                          The format should match standard CIDR notation (for example, "10.128.0.0/16").
+                          This field must be omitted if `subnets` is unset or `ipam.mode` is `Disabled`.
+                        items:
+                          maxLength: 43
+                          type: string
+                          x-kubernetes-validations:
+                          - message: CIDR is invalid
+                            rule: isCIDR(self)
+                        maxItems: 25
+                        minItems: 1
+                        type: array
                       role:
                         description: |-
                           Role describes the network role in the pod.
@@ -212,6 +272,47 @@ spec:
                         subnet is used
                       rule: '!has(self.subnets) || !has(self.mtu) || !self.subnets.exists_one(i,
                         isCIDR(i) && cidr(i).ip().family() == 6) || self.mtu >= 1280'
+                    - message: defaultGatewayIPs is only supported for Primary network
+                      rule: '!has(self.defaultGatewayIPs) || has(self.role) && self.role
+                        == ''Primary'''
+                    - message: defaultGatewayIPs must belong to one of the subnets
+                        specified in the subnets field
+                      rule: '!has(self.defaultGatewayIPs) || self.defaultGatewayIPs.all(ip,
+                        self.subnets.exists(subnet, cidr(subnet).containsIP(ip)))'
+                    - message: defaultGatewayIPs must be specified for all IP families
+                      rule: '!has(self.defaultGatewayIPs) || size(self.defaultGatewayIPs)
+                        == size(self.subnets)'
+                    - message: reservedSubnets must be unset when subnets is unset
+                      rule: '!has(self.reservedSubnets) || has(self.subnets)'
+                    - message: reservedSubnets is only supported for Primary network
+                      rule: '!has(self.reservedSubnets) || has(self.role) && self.role
+                        == ''Primary'''
+                    - message: infrastructureSubnets must be unset when subnets is
+                        unset
+                      rule: '!has(self.infrastructureSubnets) || has(self.subnets)'
+                    - message: infrastructureSubnets is only supported for Primary
+                        network
+                      rule: '!has(self.infrastructureSubnets) || has(self.role) &&
+                        self.role == ''Primary'''
+                    - message: defaultGatewayIPs have to belong to infrastructureSubnets
+                      rule: '!has(self.infrastructureSubnets) || !has(self.defaultGatewayIPs)
+                        || self.defaultGatewayIPs.all(ip, self.infrastructureSubnets.exists(subnet,
+                        cidr(subnet).containsIP(ip)))'
+                    - fieldPath: .reservedSubnets
+                      message: reservedSubnets must be subnetworks of the networks
+                        specified in the subnets field
+                      rule: '!has(self.reservedSubnets) || self.reservedSubnets.all(e,
+                        self.subnets.exists(s, cidr(s).containsCIDR(cidr(e))))'
+                    - fieldPath: .infrastructureSubnets
+                      message: infrastructureSubnets must be subnetworks of the networks
+                        specified in the subnets field
+                      rule: '!has(self.infrastructureSubnets) || self.infrastructureSubnets.all(e,
+                        self.subnets.exists(s, cidr(s).containsCIDR(cidr(e))))'
+                    - message: infrastructureSubnets and reservedSubnets must not
+                        overlap
+                      rule: '!has(self.infrastructureSubnets) || !has(self.reservedSubnets)
+                        || self.infrastructureSubnets.all(infra, !self.reservedSubnets.exists(reserved,
+                        cidr(infra).containsCIDR(reserved) || cidr(reserved).containsCIDR(infra)))'
                   layer3:
                     description: Layer3 is the Layer3 topology configuration.
                     properties:

dist/templates/k8s.ovn.org_userdefinednetworks.yaml.j2

@@ -42,6 +42,48 @@ spec:
               layer2:
                 description: Layer2 is the Layer2 topology configuration.
                 properties:
+                  defaultGatewayIPs:
+                    description: |-
+                      defaultGatewayIPs specifies the default gateway IP used in the internal OVN topology.
+
+                      Dual-stack clusters may set 2 IPs (one for each IP family), otherwise only 1 IP is allowed.
+                      This field is only allowed for "Primary" network.
+                      It is not recommended to set this field without explicit need and understanding of the OVN network topology.
+                      When omitted, an IP from the subnets field is used.
+                    items:
+                      type: string
+                      x-kubernetes-validations:
+                      - message: IP is invalid
+                        rule: isIP(self)
+                    maxItems: 2
+                    minItems: 1
+                    type: array
+                    x-kubernetes-validations:
+                    - message: When 2 IPs are set, they must be from different IP
+                        families
+                      rule: size(self) != 2 || !isIP(self[0]) || !isIP(self[1]) ||
+                        ip(self[0]).family() != ip(self[1]).family()
+                  infrastructureSubnets:
+                    description: |-
+                      infrastructureSubnets specifies a list of internal CIDR ranges that OVN-Kubernetes will reserve for internal network infrastructure.
+                      Any IP addresses within these ranges cannot be assigned to workloads.
+                      When omitted, OVN-Kubernetes will automatically allocate IP addresses from `subnets` for its infrastructure needs.
+                      When there are not enough available IPs in the provided infrastructureSubnets, OVN-Kubernetes will automatically allocate IP addresses from subnets for its infrastructure needs.
+                      When `reservedSubnets` is also specified the CIDRs cannot overlap.
+                      When `defaultGatewayIPs` is also specified, the default gateway IPs must belong to one of the infrastructure subnet CIDRs.
+                      Each item should be in range of the specified CIDR(s) in `subnets`.
+                      The maximum number of entries allowed is 4.
+                      The format should match standard CIDR notation (for example, "10.128.0.0/16").
+                      This field must be omitted if `subnets` is unset or `ipam.mode` is `Disabled`.
+                    items:
+                      maxLength: 43
+                      type: string
+                      x-kubernetes-validations:
+                      - message: CIDR is invalid
+                        rule: isCIDR(self)
+                    maxItems: 4
+                    minItems: 1
+                    type: array
                   ipam:
                     description: IPAM section contains IPAM-related configuration
                       for the network.
@@ -108,6 +150,24 @@ spec:
                     maximum: 65536
                     minimum: 576
                     type: integer
+                  reservedSubnets:
+                    description: |-
+                      reservedSubnets specifies a list of CIDRs reserved for static IP assignment, excluded from automatic allocation.
+                      reservedSubnets is optional. When omitted, all IP addresses in `subnets` are available for automatic assignment.
+                      IPs from these ranges can still be requested through static IP assignment.
+                      Each item should be in range of the specified CIDR(s) in `subnets`.
+                      The maximum number of entries allowed is 25.
+                      The format should match standard CIDR notation (for example, "10.128.0.0/16").
+                      This field must be omitted if `subnets` is unset or `ipam.mode` is `Disabled`.
+                    items:
+                      maxLength: 43
+                      type: string
+                      x-kubernetes-validations:
+                      - message: CIDR is invalid
+                        rule: isCIDR(self)
+                    maxItems: 25
+                    minItems: 1
+                    type: array
                   role:
                     description: |-
                       Role describes the network role in the pod.
@@ -159,6 +219,44 @@ spec:
                     is used
                   rule: '!has(self.subnets) || !has(self.mtu) || !self.subnets.exists_one(i,
                     isCIDR(i) && cidr(i).ip().family() == 6) || self.mtu >= 1280'
+                - message: defaultGatewayIPs is only supported for Primary network
+                  rule: '!has(self.defaultGatewayIPs) || has(self.role) && self.role
+                    == ''Primary'''
+                - message: defaultGatewayIPs must belong to one of the subnets specified
+                    in the subnets field
+                  rule: '!has(self.defaultGatewayIPs) || self.defaultGatewayIPs.all(ip,
+                    self.subnets.exists(subnet, cidr(subnet).containsIP(ip)))'
+                - message: defaultGatewayIPs must be specified for all IP families
+                  rule: '!has(self.defaultGatewayIPs) || size(self.defaultGatewayIPs)
+                    == size(self.subnets)'
+                - message: reservedSubnets must be unset when subnets is unset
+                  rule: '!has(self.reservedSubnets) || has(self.subnets)'
+                - message: reservedSubnets is only supported for Primary network
+                  rule: '!has(self.reservedSubnets) || has(self.role) && self.role
+                    == ''Primary'''
+                - message: infrastructureSubnets must be unset when subnets is unset
+                  rule: '!has(self.infrastructureSubnets) || has(self.subnets)'
+                - message: infrastructureSubnets is only supported for Primary network
+                  rule: '!has(self.infrastructureSubnets) || has(self.role) && self.role
+                    == ''Primary'''
+                - message: defaultGatewayIPs have to belong to infrastructureSubnets
+                  rule: '!has(self.infrastructureSubnets) || !has(self.defaultGatewayIPs)
+                    || self.defaultGatewayIPs.all(ip, self.infrastructureSubnets.exists(subnet,
+                    cidr(subnet).containsIP(ip)))'
+                - fieldPath: .reservedSubnets
+                  message: reservedSubnets must be subnetworks of the networks specified
+                    in the subnets field
+                  rule: '!has(self.reservedSubnets) || self.reservedSubnets.all(e,
+                    self.subnets.exists(s, cidr(s).containsCIDR(cidr(e))))'
+                - fieldPath: .infrastructureSubnets
+                  message: infrastructureSubnets must be subnetworks of the networks
+                    specified in the subnets field
+                  rule: '!has(self.infrastructureSubnets) || self.infrastructureSubnets.all(e,
+                    self.subnets.exists(s, cidr(s).containsCIDR(cidr(e))))'
+                - message: infrastructureSubnets and reservedSubnets must not overlap
+                  rule: '!has(self.infrastructureSubnets) || !has(self.reservedSubnets)
+                    || self.infrastructureSubnets.all(infra, !self.reservedSubnets.exists(reserved,
+                    cidr(infra).containsCIDR(reserved) || cidr(reserved).containsCIDR(infra)))'
               layer3:
                 description: Layer3 is the Layer3 topology configuration.
                 properties:

go-controller/pkg/allocator/ip/allocator.go

@@ -27,18 +27,24 @@ import (
 	allocator "github.com/ovn-org/ovn-kubernetes/go-controller/pkg/allocator/bitmap"
 )
 
-// Interface manages the allocation of IP addresses out of a range. Interface
-// should be threadsafe.
-type Interface interface {
+// StaticAllocator provides IP allocation functionality for explicit/static allocations only.
+type StaticAllocator interface {
 	Allocate(net.IP) error
-	AllocateNext() (net.IP, error)
 	Release(net.IP)
 	ForEach(func(net.IP))
 	CIDR() net.IPNet
 	Has(ip net.IP) bool
 	Reserved(ip net.IP) bool
 }
 
+// ContinuousAllocator extends StaticAllocator with next-available allocation support.
+// This is the primary interface for IP allocation that supports both explicit
+// allocation and continuous allocation.
+type ContinuousAllocator interface {
+	StaticAllocator
+	AllocateNext() (net.IP, error)
+}
+
 var (
 	ErrFull      = errors.New("subnet address pool exhausted")
 	ErrAllocated = errors.New("provided IP is already allocated")
@@ -84,7 +90,30 @@ type Range struct {
 }
 
 // NewAllocatorCIDRRange creates a Range over a net.IPNet, calling allocatorFactory to construct the backing store.
+// It excludes the network address (.0) and broadcast address (IPv4 only) from allocation.
 func NewAllocatorCIDRRange(cidr *net.IPNet, allocatorFactory allocator.AllocatorFactory) (*Range, error) {
+	r, err := NewAllocatorFullCIDRRange(cidr, allocatorFactory)
+	if err != nil {
+		return nil, err
+	}
+
+	if utilnet.IsIPv4CIDR(cidr) {
+		// Don't use the IPv4 network's broadcast address.
+		r.max--
+	}
+	// Don't use the network's ".0" address.
+	r.base.Add(r.base, big.NewInt(1))
+	r.max--
+
+	r.max = maximum(0, r.max)
+	// Reconfigure the allocator to use the new max value
+	r.alloc, err = allocatorFactory(r.max, r.net.String())
+	return r, err
+}
+
+// NewAllocatorFullCIDRRange creates a Range over a net.IPNet without excluding any IPs,
+// calling allocatorFactory to construct the backing store.
+func NewAllocatorFullCIDRRange(cidr *net.IPNet, allocatorFactory allocator.AllocatorFactory) (*Range, error) {
 	max := utilnet.RangeSize(cidr)
 	base := utilnet.BigForIP(cidr.IP)
 	rangeSpec := cidr.String()
@@ -94,19 +123,11 @@ func NewAllocatorCIDRRange(cidr *net.IPNet, allocatorFactory allocator.Allocator
 		if max > 65536 {
 			max = 65536
 		}
-	} else {
-		// Don't use the IPv4 network's broadcast address.
-		max--
 	}
-
-	// Don't use the network's ".0" address.
-	base.Add(base, big.NewInt(1))
-	max--
-
 	r := Range{
 		net:  cidr,
 		base: base,
-		max:  maximum(0, int(max)),
+		max:  int(max),
 	}
 	var err error
 	r.alloc, err = allocatorFactory(r.max, rangeSpec)
@@ -207,14 +228,37 @@ func (r *Range) Has(ip net.IP) bool {
 }
 
 // Reserved returns true if the provided IP can't be allocated. This is *only*
-// true for the network and broadcast addresses.
+// true for the network and broadcast addresses of the original CIDR.
 func (r *Range) Reserved(ip net.IP) bool {
 	if !r.net.Contains(ip) {
 		return false
 	}
 
-	offset := calculateIPOffset(r.base, ip)
-	return offset == -1 || offset == r.max
+	// For IPv4, reserve network (.0) and broadcast addresses
+	if utilnet.IsIPv4CIDR(r.net) {
+		// Network address is the base IP of the original CIDR
+		networkAddr := r.net.IP
+		if ip.Equal(networkAddr) {
+			return true
+		}
+
+		// Broadcast address is the last IP in the original CIDR
+		rangeSize := utilnet.RangeSize(r.net)
+		broadcastAddr, _ := utilnet.GetIndexedIP(r.net, int(rangeSize)-1)
+		if ip.Equal(broadcastAddr) {
+			return true
+		}
+	}
+
+	// For IPv6, only reserve the network address (no broadcast concept)
+	if utilnet.IsIPv6CIDR(r.net) {
+		networkAddr := r.net.IP
+		if ip.Equal(networkAddr) {
+			return true
+		}
+	}
+
+	return false
 }
 
 // contains returns true and the offset if the ip is in the range, and false