From df42d3e745f947225e65f19b2b07e8f574659a6c Mon Sep 17 00:00:00 2001 From: mwindower Date: Fri, 6 Nov 2020 13:21:38 +0100 Subject: [PATCH] Snat (#23) --- go.mod | 2 +- go.sum | 4 ++-- pkg/controllers/loadbalancer/loadbalancer.go | 5 ++++- pkg/tags/tagUtils.go | 9 +++++++-- 4 files changed, 14 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index be6e211..3012fd3 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/google/uuid v1.1.2 github.com/googleapis/gnostic v0.2.0 // indirect github.com/metal-stack/metal-go v0.10.0 - github.com/metal-stack/metal-lib v0.6.3 + github.com/metal-stack/metal-lib v0.6.4 github.com/metal-stack/v v1.0.2 github.com/pkg/errors v0.9.1 github.com/spf13/pflag v1.0.5 diff --git a/go.sum b/go.sum index 73bdde1..976afc9 100644 --- a/go.sum +++ b/go.sum @@ -661,8 +661,8 @@ github.com/metal-stack/metal-go v0.10.0 h1:XlZpuHd5wWr9oVY+uxNjzoCDq4QJQrcZBx+97 github.com/metal-stack/metal-go v0.10.0/go.mod h1:5emMVOjVD2tj6OxCBUYB8Xo1ruBnoP6idwypVV1pzec= github.com/metal-stack/metal-lib v0.5.0 h1:C3QScS7+wNWMiERB+j0x06WpRuTHW6A3rpuILMOAgss= github.com/metal-stack/metal-lib v0.5.0/go.mod h1:Vxr1OwM8fef1gtIv9fUiVU4Gq5mkd4ElHMpTjfuuSFQ= -github.com/metal-stack/metal-lib v0.6.3 h1:iQOyLKnqqSJGpl++YgnbrW7DYbyC+1VVW2izoQlrcLk= -github.com/metal-stack/metal-lib v0.6.3/go.mod h1:r8qhfX72eAzClR/pEaQvdwM//Otx9gegYoOphLPmmQ4= +github.com/metal-stack/metal-lib v0.6.4 h1:7lvQcjGrZa3gUIzlbFi61fqFatDzlmWWMvXoqOi5HHM= +github.com/metal-stack/metal-lib v0.6.4/go.mod h1:r8qhfX72eAzClR/pEaQvdwM//Otx9gegYoOphLPmmQ4= github.com/metal-stack/security v0.3.0 h1:YJL0qlsXlvA9O3iIWuk5YqF02IX9f6I60n93FkQpV4k= github.com/metal-stack/security v0.3.0/go.mod h1:xa0eka4HttrfhDTJPzcSDBGgaFyNBGXhz0B5YGqtKuU= github.com/metal-stack/security v0.4.0 h1:NrPm5srgmgeS9UdQmGKLEJ3P7BSsV2Gm7P781LmM0Xo= diff --git a/pkg/controllers/loadbalancer/loadbalancer.go b/pkg/controllers/loadbalancer/loadbalancer.go index 115ce1a..a0000b2 100644 --- a/pkg/controllers/loadbalancer/loadbalancer.go +++ b/pkg/controllers/loadbalancer/loadbalancer.go @@ -225,7 +225,10 @@ func (l *LoadBalancerController) UpdateMetalLBConfig(nodes []v1.Node) error { func (l *LoadBalancerController) useIPInCluster(ip models.V1IPResponse, clusterID string, s v1.Service) (*metalgo.IPDetailResponse, error) { for _, t := range ip.Tags { if tags.IsMachine(t) { - return nil, fmt.Errorf("ip is used for a machine, can not use it for a service, machine: %v", ip.Tags) + return nil, fmt.Errorf("ip is used for a machine, can not use it for a service, ip tags: %v", ip.Tags) + } + if tags.IsEgress(t) { + return nil, fmt.Errorf("ip is used for egress purposes, can not use it for a service, ip tags: %v", ip.Tags) } } diff --git a/pkg/tags/tagUtils.go b/pkg/tags/tagUtils.go index 1fe14ab..29f8119 100644 --- a/pkg/tags/tagUtils.go +++ b/pkg/tags/tagUtils.go @@ -2,8 +2,9 @@ package tags import ( "fmt" - t "github.com/metal-stack/metal-lib/pkg/tag" "strings" + + t "github.com/metal-stack/metal-lib/pkg/tag" ) // BuildClusterServiceFQNTag returns the ClusterServiceFQN tag populated with the given arguments. @@ -16,6 +17,11 @@ func IsMachine(tag string) bool { return strings.HasPrefix(tag, t.MachineID) } +// IsEgress returns true if the given tag is an egress-tag +func IsEgress(tag string) bool { + return strings.HasPrefix(tag, t.ClusterEgress) +} + // IsMemberOfCluster returns true of the given tag is a cluster-tag and clusterID matches. func IsMemberOfCluster(tag, clusterID string) bool { if strings.HasPrefix(tag, t.ClusterID) { @@ -29,4 +35,3 @@ func IsMemberOfCluster(tag, clusterID string) bool { } return false } -