Release cce-network-v2/2.12.3

build.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 cd cce-network-v2
-
+PWD=~
 # 生产镜像发布
-export EXTRA_GO_BUILD_FLAGS=-gcflags=-trimpath=$GOPATH/src
+export EXTRA_GO_BUILD_FLAGS=-gcflags=-trimpath=$PWD
 make docker PROFILE=pro PUSH_IMAGE_FLAGS=--push
 make docker-arm GOARCH=arm64 PROFILE=pro PUSH_IMAGE_FLAGS=--push

cce-network-v2/GO_VERSION

@@ -1 +1 @@
-go version go1.21.4 linux/amd64
+go version go1.22.5 linux/amd64

cce-network-v2/VERSION

@@ -1 +1 @@
-2.12.2
+2.12.3

cce-network-v2/docs/release.md

@@ -7,7 +7,12 @@ v2 版本新架构，支持VPC-ENI 辅助IP和vpc路由。版本发布历史如
 2. 增加 eni 安全组同步功能， 保持CCE ENI 和节点安全组同步。
 3. 增加节点网络配置集功能 NetResourceConfigSet，支持指定节点独立配置网络资源。
 
-#### 2.12.2 [2024/07/09]
+#### 2.12.3 [20240730]
+1. [Bug] 修复cpsts配置namespaceSelector时误判断Selector导致没有配置namespaceSelector时的空指针问题及namespaceSelector在没有配置Selector时无法生效的问题
+2. [Optimize] 优化 psts 在没有填写子网 IP 选择策略时的本地 IP 申请器的默认工作区间，避免没有填写 IP 地址族时无法申请 IP 的问题
+3. [Bug] 修复 cilium ipam 保留 IP 时无法保留首个 IP 的问题
+
+#### 2.12.2 [2024/07/24]
 1. [Feature] 支持borrowed subnet 可观测，新增 cce_subnet_ips_guage 指标代表子网可用 IP 地址数量
 2. [Optimize] borrowed subnet 支持定时同步能力，避免因单次 IP 计算错误，导致错误借用未归还的问题。
 3. [Optimize] 更新子网可用 IP 借用语义，单个 ENI 从子网借用 IP 地址数以最新一次为准

cce-network-v2/operator/watchers/cpsts.go

@@ -171,7 +171,7 @@ func (s *cpstsSyncher) Update(resource *ccev2alpha1.ClusterPodSubnetTopologySpre
 		return err
 	}
 
-	if resource.Spec.Selector != nil {
+	if resource.Spec.NamespaceSelector != nil {
 		selector = labels.Set(resource.Spec.NamespaceSelector.MatchLabels).AsSelector()
 	}
 	affectNamespaces, err = k8s.WatcherClient().Informers.Core().V1().Namespaces().Lister().List(selector)

cce-network-v2/pkg/endpoint/operator_psts_manager_provider.go

@@ -213,50 +213,61 @@ func (local *localAllocator) allocateNext() (ipv4, ipv6 *ccev2.AddressPair, rele
 	return
 }
 
+// allocateFromLocalPool allocates IPs from local pool
+// num 1 means allocate one ip, and this function usual usage is to return only one IP address
 func (local *localAllocator) allocateFromLocalPool(family ccev2.IPFamily, num int) (map[string][]net.IP, []func()) {
 	var (
 		subnetAvailableIPs          = make(map[string][]net.IP)
 		releaseIPFuncs     []func() = make([]func(), 0)
 		count                       = 0
 	)
 	for _, subnet := range local.subnets {
+		allocator := local.localPool.getPool(subnet.Name, string(family))
+		if allocator == nil {
+			local.log.WithField("step", "get customer range allocator").
+				WithField("subnet", subnet.Name).
+				Error("no available pool")
+			continue
+		}
+
+		// allocate ip from local pool
+		allocate := func(startIP, endIP net.IP) bool {
+			if count >= num {
+				return false
+			}
+			ips, err := allocator.ReservedAllocateMany(startIP, endIP, 1)
+			if err != nil {
+				local.log.WithField("step", "allocate local ip").WithError(err).Debug("allocate local ip failed")
+				return false
+			}
+			local.log.WithField("step", "allocate local ip").Debug("allocate local ip success")
+			subnetAvailableIPs[subnet.Name] = append(subnetAvailableIPs[subnet.Name], ips...)
+			releaseIPFuncs = append(releaseIPFuncs, func() {
+				allocator.ReleaseMany(ips)
+			})
+			count++
+			return true
+		}
+
 		customs := local.psts.Spec.Subnets[subnet.Name]
+		if len(customs) == 0 {
+			allocate(nil, nil)
+		}
 		for _, custom := range customs {
 			if custom.Family != family {
 				continue
 			}
-			allocator := local.localPool.getPool(subnet.Name, string(custom.Family))
-			if allocator == nil {
-				local.log.WithField("step", "get customer range allocator").
-					WithField("subnet", subnet.Name).
-					Error("no available pool")
-				continue
-			}
-
-			// allocate ip from local pool
-			allocate := func(startIP, endIP net.IP) bool {
-				if count >= num {
-					return false
-				}
-				ips, err := allocator.ReservedAllocateMany(startIP, endIP, 1)
-				if err != nil {
-					local.log.WithField("step", "allocate local ip").WithError(err).Debug("allocate local ip failed")
-					return false
-				}
-				local.log.WithField("step", "allocate local ip").Debug("allocate local ip success")
-				subnetAvailableIPs[subnet.Name] = append(subnetAvailableIPs[subnet.Name], ips...)
-				releaseIPFuncs = append(releaseIPFuncs, func() {
-					allocator.ReleaseMany(ips)
-				})
-				count++
-				return true
+			if count >= num {
+				break
 			}
-
 			// allocate ip from customer range
 			if custom.Range == nil {
 				allocate(nil, nil)
 			} else {
 				for _, rg := range custom.Range {
+					if count >= num {
+						break
+					}
 					allocate(net.ParseIP(rg.Start), net.ParseIP(rg.End))
 				}
 			}

cce-network-v2/pkg/ipam/allocator/pool_allocator.go

@@ -21,6 +21,7 @@ import (
 	"net"
 
 	"github.com/cilium/ipam/service/ipallocator"
+	"github.com/sirupsen/logrus"
 
 	"github.com/baidubce/baiducloud-cce-cni-driver/cce-network-v2/pkg/cidr"
 	"github.com/baidubce/baiducloud-cce-cni-driver/cce-network-v2/pkg/ipam/types"
@@ -90,11 +91,21 @@ func NewSubRangePoolAllocator(poolID types.PoolID, allocationCIDR *cidr.CIDR, re
 	if err != nil {
 		return nil, err
 	}
+
+	subAllocator := &SubRangePoolAllocator{allocator}
+
 	// reserve the first ip
-	allocator.AllocateMany(reserve)
-	return &SubRangePoolAllocator{allocator}, nil
+	ips, err := subAllocator.ReservedAllocateMany(nil, nil, reserve)
+	log.WithFields(logrus.Fields{
+		"poolID":         poolID,
+		"allocationCIDR": allocationCIDR.String(),
+		"reserve":        reserve,
+		"ips":            ips,
+	}).Infof("new sub range pool allocator ips: %v", ips)
+	return subAllocator, err
 }
 
+// ReservedAllocateMany reserves a slice of IP addresses
 func (s *SubRangePoolAllocator) ReservedAllocateMany(startIP, endIP net.IP, num int) ([]net.IP, error) {
 	ips := make([]net.IP, 0, num)
 

cce-network-v2/pkg/ipam/allocator/pool_allocator_test.go

@@ -19,11 +19,13 @@ package allocator
 
 import (
 	"net"
+	"testing"
 
 	"gopkg.in/check.v1"
 
 	"github.com/baidubce/baiducloud-cce-cni-driver/cce-network-v2/pkg/cidr"
 	"github.com/baidubce/baiducloud-cce-cni-driver/cce-network-v2/pkg/ipam/types"
+	"github.com/stretchr/testify/assert"
 )
 
 func (e *AllocatorSuite) TestPoolID(c *check.C) {
@@ -124,3 +126,20 @@ func (e *AllocatorSuite) TestPoolAllocatorRelease(c *check.C) {
 	c.Assert(err, check.IsNil)
 	c.Assert(len(ips), check.Equals, 3)
 }
+
+func TestSubRangePoolAllocator_ReservedAllocateMany(t *testing.T) {
+	_, ipnet, err := net.ParseCIDR("10.10.10.0/24")
+
+	poolID := types.PoolID("test-pool")
+	s, err := NewSubRangePoolAllocator(poolID, &cidr.CIDR{ipnet}, 0)
+	ips, err := s.ReservedAllocateMany(nil, nil, 2)
+	assert.NoError(t, err)
+
+	assert.Equal(t, len(ips), 2)
+	for _, ip := range ips {
+		assert.True(t, ipnet.Contains(ip))
+	}
+
+	assert.Equal(t, s.Free(), 252)
+	assert.Equal(t, []net.IP{net.ParseIP("10.10.10.1"), net.ParseIP("10.10.10.2")}, ips)
+}

cce-network-v2/pkg/nodediscovery/rdmadiscovery.go

@@ -85,7 +85,8 @@ func canUseIPVlanOnRdmaNode() (isCan bool, err error) {
 		return false, err
 	}
 
-	// load kernel module
+	// GetModules returns all installed kernel modules which match ipvlanKernelModuleName.
+	// Try to load the required kernel modules which are named in ipvlanKernelModuleName if not built in.
 	kernelModules, err := kernelhandler.GetModules(context.TODO(), []string{ipvlanKernelModuleName})
 	if err != nil {
 		rdLog.Errorf("get kernel modules failed: %v", err)

cce-network-v2/pkg/os/kernel_detect.go

@@ -57,7 +57,8 @@ func (kh *LinuxKernelHandler) DetectKernelVersion(ctx context.Context) (string,
 	return strings.TrimSpace(string(fileContent)), nil
 }
 
-// GetModules returns all installed kernel modules.
+// GetModules returns all installed kernel modules which match any of the specified names.
+// Try to load the required kernel modules if not built in.
 func (kh *LinuxKernelHandler) GetModules(ctx context.Context, wantedModules []string) ([]string, error) {
 	var bmods, lmods []string
 
@@ -103,8 +104,8 @@ func (kh *LinuxKernelHandler) GetModules(ctx context.Context, wantedModules []st
 			// Try to load the required IPVS kernel modules if not built in
 			err := kh.executor.Command("modprobe", "--", module).Run()
 			if err != nil {
-				kernelLog.Infof("failed to load kernel module %v with modprobe. "+
-					"You can ignore this message when this is running inside container without mounting /lib/modules", module)
+				kernelLog.Infof("failed to load kernel module %v with modprobe. The error is %v."+
+					"You can ignore this message when this is running inside container without mounting /lib/modules", module, err)
 			} else {
 				lmods = append(lmods, module)
 			}