Remove hardcoded values for the tenant network

gthiemonge · gthiemonge · commit d36c6df2a253 · 2024-06-07T15:14:19.000Z
The parameters are computed by using the destination of the route of the NAD
diff --git a/api/bases/octavia.openstack.org_octavias.yaml b/api/bases/octavia.openstack.org_octavias.yaml
@@ -103,7 +103,6 @@ spec:
               lbMgmtNetwork:
                 default:
                   manageLbMgmtNetworks: true
-                  subnetIpVersion: 4
                 description: OctaviaLbMgmtNetworks Settings for Octavia management
                   networks
                 properties:
@@ -116,10 +115,6 @@ spec:
                   manageLbMgmtNetworks:
                     default: true
                     type: boolean
-                  subnetIpVersion:
-                    default: 4
-                    description: IP Version of the managed subnets
-                    type: integer
                 type: object
               nodeSelector:
                 additionalProperties:
diff --git a/api/v1beta1/octavia_types.go b/api/v1beta1/octavia_types.go
@@ -160,7 +160,7 @@ type OctaviaSpecBase struct {
 	TenantName string `json:"tenantName"`
 
 	// +kubebuilder:validation:Optional
-	// +kubebuilder:default={manageLbMgmtNetworks: true, subnetIpVersion: 4}
+	// +kubebuilder:default={manageLbMgmtNetworks: true}
 	LbMgmtNetworks OctaviaLbMgmtNetworks `json:"lbMgmtNetwork"`
 
 	// +kubebuilder:validation:Optional
@@ -218,11 +218,6 @@ type OctaviaLbMgmtNetworks struct {
 	// +kubebuilder:default=true
 	ManageLbMgmtNetworks bool `json:"manageLbMgmtNetworks,omitempty"`
 
-	// +kubebuilder:validation:Optional
-	// +kubebuilder:default=4
-	// IP Version of the managed subnets
-	SubnetIPVersion int `json:"subnetIpVersion,omitempty"`
-
 	// +kubebuilder:validation:Optional
 	// Availability zones for the octavia management network resources
 	AvailabilityZones []string `json:"availabilityZones,omitempty"`
diff --git a/config/crd/bases/octavia.openstack.org_octavias.yaml b/config/crd/bases/octavia.openstack.org_octavias.yaml
@@ -103,7 +103,6 @@ spec:
               lbMgmtNetwork:
                 default:
                   manageLbMgmtNetworks: true
-                  subnetIpVersion: 4
                 description: OctaviaLbMgmtNetworks Settings for Octavia management
                   networks
                 properties:
@@ -116,10 +115,6 @@ spec:
                   manageLbMgmtNetworks:
                     default: true
                     type: boolean
-                  subnetIpVersion:
-                    default: 4
-                    description: IP Version of the managed subnets
-                    type: integer
                 type: object
               nodeSelector:
                 additionalProperties:
diff --git a/pkg/octavia/lb_mgmt_network.go b/pkg/octavia/lb_mgmt_network.go
@@ -72,12 +72,8 @@ func findPort(client *gophercloud.ServiceClient, networkID string, ipAddress str
 }
 
 func ensurePort(client *gophercloud.ServiceClient, tenantNetwork *networks.Network, tenantSubnet *subnets.Subnet,
-	securityGroups *[]string, log *logr.Logger) (*ports.Port, error) {
-	ipAddress := LbMgmtRouterPortIPv4
-	if tenantSubnet.IPVersion == 6 {
-		ipAddress = LbMgmtRouterPortIPv6
-	}
-
+	securityGroups *[]string, networkParameters *NetworkParameters, log *logr.Logger) (*ports.Port, error) {
+	ipAddress := networkParameters.TenantGateway.String()
 	p, err := findPort(client, tenantNetwork.ID, ipAddress, log)
 	if err != nil {
 		return nil, err
@@ -297,23 +293,18 @@ func ensureProvSubnet(
 	networkParameters *NetworkParameters,
 	log *logr.Logger,
 ) (*subnets.Subnet, error) {
-	var gatewayIP string
-	if networkParameters.Gateway.IsValid() {
-		gatewayIP = networkParameters.Gateway.String()
-	} else {
-		gatewayIP = ""
-	}
+	gatewayIP := ""
 	createOpts := subnets.CreateOpts{
 		Name:        LbProvSubnetName,
 		Description: LbProvSubnetDescription,
 		NetworkID:   providerNetwork.ID,
 		TenantID:    providerNetwork.TenantID,
-		CIDR:        networkParameters.CIDR.String(),
+		CIDR:        networkParameters.ProviderCIDR.String(),
 		IPVersion:   gophercloud.IPVersion(4),
 		AllocationPools: []subnets.AllocationPool{
 			{
-				Start: networkParameters.AllocationStart.String(),
-				End:   networkParameters.AllocationEnd.String(),
+				Start: networkParameters.ProviderAllocationStart.String(),
+				End:   networkParameters.ProviderAllocationEnd.String(),
 			},
 		},
 		GatewayIP: &gatewayIP,
@@ -346,12 +337,16 @@ func ensureProvNetwork(client *gophercloud.ServiceClient, netDetails *octaviav1.
 
 func ensureLbMgmtSubnet(
 	client *gophercloud.ServiceClient,
-	networkDetails *octaviav1.OctaviaLbMgmtNetworks,
 	tenantNetwork *networks.Network,
 	networkParameters *NetworkParameters,
 	log *logr.Logger,
 ) (*subnets.Subnet, error) {
-	ipVersion := networkDetails.SubnetIPVersion
+	var ipVersion int
+	if networkParameters.TenantCIDR.Addr().Is6() {
+		ipVersion = 6
+	} else {
+		ipVersion = 4
+	}
 
 	var createOpts subnets.CreateOpts
 	if ipVersion == 6 {
@@ -361,14 +356,14 @@ func ensureLbMgmtSubnet(
 			Description:     LbMgmtSubnetDescription,
 			NetworkID:       tenantNetwork.ID,
 			TenantID:        tenantNetwork.TenantID,
-			CIDR:            LbMgmtSubnetIPv6CIDR,
+			CIDR:            networkParameters.TenantCIDR.String(),
 			IPVersion:       gophercloud.IPVersion(ipVersion),
 			IPv6AddressMode: LbMgmtSubnetIPv6AddressMode,
 			IPv6RAMode:      LbMgmtSubnetIPv6RAMode,
 			AllocationPools: []subnets.AllocationPool{
 				{
-					Start: LbMgmtSubnetIPv6AllocationPoolStart,
-					End:   LbMgmtSubnetIPv6AllocationPoolEnd,
+					Start: networkParameters.TenantAllocationStart.String(),
+					End:   networkParameters.TenantAllocationEnd.String(),
 				},
 			},
 			GatewayIP: &gatewayIP,
@@ -381,18 +376,18 @@ func ensureLbMgmtSubnet(
 			Description: LbMgmtSubnetDescription,
 			NetworkID:   tenantNetwork.ID,
 			TenantID:    tenantNetwork.TenantID,
-			CIDR:        LbMgmtSubnetCIDR,
+			CIDR:        networkParameters.TenantCIDR.String(),
 			IPVersion:   gophercloud.IPVersion(ipVersion),
 			AllocationPools: []subnets.AllocationPool{
 				{
-					Start: LbMgmtSubnetAllocationPoolStart,
-					End:   LbMgmtSubnetAllocationPoolEnd,
+					Start: networkParameters.TenantAllocationStart.String(),
+					End:   networkParameters.TenantAllocationEnd.String(),
 				},
 			},
 			HostRoutes: []subnets.HostRoute{
 				{
-					DestinationCIDR: networkParameters.CIDR.String(),
-					NextHop:         LbMgmtRouterPortIPv4,
+					DestinationCIDR: networkParameters.ProviderCIDR.String(),
+					NextHop:         networkParameters.TenantGateway.String(),
 				},
 			},
 			GatewayIP: &gatewayIP,
@@ -435,7 +430,7 @@ func ensureLbMgmtNetwork(client *gophercloud.ServiceClient, networkDetails *octa
 func externalFixedIPs(subnetID string, networkParameters *NetworkParameters) []routers.ExternalFixedIP {
 	ips := []routers.ExternalFixedIP{
 		{
-			IPAddress: networkParameters.RouterIPAddress.String(),
+			IPAddress: networkParameters.ProviderGateway.String(),
 			SubnetID:  subnetID,
 		},
 	}
@@ -784,7 +779,7 @@ func EnsureAmphoraManagementNetwork(
 	if err != nil {
 		return NetworkProvisioningSummary{}, err
 	}
-	tenantSubnet, err := ensureLbMgmtSubnet(client, netDetails, tenantNetwork, networkParameters, log)
+	tenantSubnet, err := ensureLbMgmtSubnet(client, tenantNetwork, networkParameters, log)
 	if err != nil {
 		return NetworkProvisioningSummary{}, err
 	}
@@ -800,7 +795,7 @@ func EnsureAmphoraManagementNetwork(
 
 	securityGroups := []string{lbMgmtSecurityGroupID, lbHealthSecurityGroupID}
 
-	tenantRouterPort, err := ensurePort(client, tenantNetwork, tenantSubnet, &securityGroups, log)
+	tenantRouterPort, err := ensurePort(client, tenantNetwork, tenantSubnet, &securityGroups, networkParameters, log)
 	if err != nil {
 		return NetworkProvisioningSummary{}, err
 	}
diff --git a/pkg/octavia/network_consts.go b/pkg/octavia/network_consts.go
@@ -35,31 +35,9 @@ const (
 
 	// IPv4 consts
 
-	// LbMgmtSubnetCIDR -
-	LbMgmtSubnetCIDR = "172.24.0.0/16"
-
-	// LbMgmtSubnetAllocationPoolStart -
-	LbMgmtSubnetAllocationPoolStart = "172.24.0.5"
-
-	// LbMgmtSubnetAllocationPoolEnd -
-	LbMgmtSubnetAllocationPoolEnd = "172.24.255.254"
-
 	// LbMgmtSubnetGatewayIP -
 	LbMgmtSubnetGatewayIP = ""
 
-	// IPv6 consts
-	// using Unique local address (fc00::/7)
-	// with Global ID 6c:6261:6173 ("lbaas")
-
-	// LbMgmtSubnetIPv6CIDR -
-	LbMgmtSubnetIPv6CIDR = "fd6c:6261:6173:0001::/64"
-
-	// LbMgmtSubnetIPv6AllocationPoolStart -
-	LbMgmtSubnetIPv6AllocationPoolStart = "fd6c:6261:6173:0001::5"
-
-	// LbMgmtSubnetIPv6AllocationPoolEnd -
-	LbMgmtSubnetIPv6AllocationPoolEnd = "fd6c:6261:6173:0001:ffff:ffff:ffff:ffff"
-
 	// LbMgmtSubnetIPv6AddressMode -
 	LbMgmtSubnetIPv6AddressMode = "slaac"
 
@@ -98,12 +76,6 @@ const (
 	// LbMgmtRouterPortName
 	LbMgmtRouterPortName = "lb-mgmt-router-port"
 
-	// LbMgmtRouterPortIPv4
-	LbMgmtRouterPortIPv4 = "172.24.0.3"
-
-	// LbMgmtRouterPortIPv6
-	LbMgmtRouterPortIPv6 = "fd6c:6261:6173:0001::3"
-
 	// Network attachment details
 	// LbNetworkAttachmentName
 	LbNetworkAttachmentName = "octavia"
diff --git a/pkg/octavia/network_parameters.go b/pkg/octavia/network_parameters.go
@@ -10,11 +10,14 @@ import (
 
 // NetworkParameters - Parameters for the Octavia networks, based on the config of the NAD
 type NetworkParameters struct {
-	CIDR            netip.Prefix
-	AllocationStart netip.Addr
-	AllocationEnd   netip.Addr
-	Gateway         netip.Addr
-	RouterIPAddress netip.Addr
+	ProviderCIDR            netip.Prefix
+	ProviderAllocationStart netip.Addr
+	ProviderAllocationEnd   netip.Addr
+	ProviderGateway         netip.Addr
+	TenantCIDR              netip.Prefix
+	TenantAllocationStart   netip.Addr
+	TenantAllocationEnd     netip.Addr
+	TenantGateway           netip.Addr
 }
 
 // NADConfig - IPAM parameters of the NAD
@@ -31,7 +34,8 @@ type NADIpam struct {
 }
 
 type NADRoute struct {
-	Gateway netip.Addr `json:"gw"`
+	Gateway     netip.Addr   `json:"gw"`
+	Destination netip.Prefix `json:"dst"`
 }
 
 func getConfigFromNAD(
@@ -47,6 +51,38 @@ func getConfigFromNAD(
 	return nadConfig, nil
 }
 
+func getRangeAndGatewayFromCIDR(
+	cidr netip.Prefix,
+) (start netip.Addr, end netip.Addr, gateway netip.Addr) {
+	addr := cidr.Addr()
+	if addr.Is6() {
+		addrBytes := addr.As16()
+		for i := 8; i < 15; i++ {
+			addrBytes[i] = 0
+		}
+		addrBytes[15] = 3
+		gateway = netip.AddrFrom16(addrBytes)
+		addrBytes[15] = 5
+		start = netip.AddrFrom16(addrBytes)
+		for i := 8; i < 15; i++ {
+			addrBytes[i] = 0xff
+		}
+		addrBytes[15] = 0xfe
+		end = netip.AddrFrom16(addrBytes)
+	} else {
+		addrBytes := addr.As4()
+		addrBytes[2] = 0
+		addrBytes[3] = 3
+		gateway = netip.AddrFrom4(addrBytes)
+		addrBytes[3] = 5
+		start = netip.AddrFrom4(addrBytes)
+		addrBytes[2] = 0xff
+		addrBytes[3] = 0xfe
+		end = netip.AddrFrom4(addrBytes)
+	}
+	return
+}
+
 func GetNetworkParametersFromNAD(
 	nad *networkv1.NetworkAttachmentDefinition,
 ) (*NetworkParameters, error) {
@@ -57,24 +93,41 @@ func GetNetworkParametersFromNAD(
 		return nil, fmt.Errorf("cannot read network parameters: %w", err)
 	}
 
-	networkParameters.CIDR = nadConfig.IPAM.CIDR
+	// Provider subnet parameters
+	networkParameters.ProviderCIDR = nadConfig.IPAM.CIDR
 
-	networkParameters.AllocationStart = nadConfig.IPAM.RangeEnd.Next()
-	end := networkParameters.AllocationStart
+	networkParameters.ProviderAllocationStart = nadConfig.IPAM.RangeEnd.Next()
+	end := networkParameters.ProviderAllocationStart
 	for i := 0; i < LbProvSubnetPoolSize; i++ {
-		if !networkParameters.CIDR.Contains(end) {
-			return nil, fmt.Errorf("cannot allocate %d IP addresses in %s", LbProvSubnetPoolSize, networkParameters.CIDR)
+		if !networkParameters.ProviderCIDR.Contains(end) {
+			return nil, fmt.Errorf("cannot allocate %d IP addresses in %s", LbProvSubnetPoolSize, networkParameters.ProviderCIDR)
 		}
 		end = end.Next()
 	}
-	networkParameters.AllocationEnd = end
-	// TODO(gthiemonge) Remove routes from NAD, manage them in the operator
+	networkParameters.ProviderAllocationEnd = end
 	if len(nadConfig.IPAM.Routes) > 0 {
-		networkParameters.RouterIPAddress = nadConfig.IPAM.Routes[0].Gateway
+		networkParameters.ProviderGateway = nadConfig.IPAM.Routes[0].Gateway
 	} else {
 		return nil, fmt.Errorf("cannot find gateway information in network attachment")
 	}
-	// Gateway is currently unset
+
+	// Tenant subnet parameters
+	networkParameters.TenantCIDR = nadConfig.IPAM.Routes[0].Destination
+	var bitlen int
+	if networkParameters.TenantCIDR.Addr().Is6() {
+		bitlen = 64
+	} else {
+		bitlen = 16
+	}
+
+	if networkParameters.TenantCIDR.Bits() != bitlen {
+		return nil, fmt.Errorf("the tenant CIDR is /%d, it should be /%d", networkParameters.TenantCIDR.Bits(), bitlen)
+	}
+
+	start, end, gateway := getRangeAndGatewayFromCIDR(networkParameters.TenantCIDR)
+	networkParameters.TenantAllocationStart = start
+	networkParameters.TenantAllocationEnd = end
+	networkParameters.TenantGateway = gateway
 
 	return networkParameters, err
 }
