Merge pull request #2918 from midavadim/427056894-reserve-static-ip

Avoid odd reservation calls for user specified IP addresses in "networking.gke.io/load-balancer-ip-addresses" annotation

Author: k8s-ci-robot

pkg/address/hold.go

@@ -45,10 +45,11 @@ func HoldExternalIPv4(cfg HoldConfig) (HoldResult, error) {
 	subnet := ""
 	name := utils.LegacyForwardingRuleName(cfg.Service)
 
+	var ipv4AddressName string
 	// Determine IP which will be used for this LB. If no forwarding rule has been established
 	// or specified in the Service spec, then requestedIP = "".
 	rule := pickForwardingRuleToInferIP(cfg.ExistingRules)
-	res.IP, err = IPv4ToUse(cfg.Cloud, cfg.Recorder, cfg.Service, rule, subnet)
+	res.IP, ipv4AddressName, err = IPv4ToUse(cfg.Cloud, cfg.Recorder, cfg.Service, rule, subnet)
 	if err != nil {
 		log.Error(err, "IPv4ToUse for service returned error")
 		return res, err
@@ -67,7 +68,7 @@ func HoldExternalIPv4(cfg HoldConfig) (HoldResult, error) {
 
 	addrMgr := NewManager(
 		cfg.Cloud, nm, cfg.Cloud.Region(),
-		subnet, name, res.IP,
+		subnet, name, ipv4AddressName, res.IP,
 		cloud.SchemeExternal, netTier, IPv4Version, cfg.Logger,
 	)
 

pkg/address/hold_test.go

@@ -65,7 +65,7 @@ func TestHoldExternalIPv4(t *testing.T) {
 			},
 			want: address.HoldResult{
 				IP:      reservedIPv4,
-				Managed: address.IPAddrManaged,
+				Managed: address.IPAddrUnmanaged,
 			},
 		},
 		{
@@ -266,6 +266,7 @@ func arrange(t *testing.T, existingRules []*composite.ForwardingRule, service *a
 		Region:      vals.Region,
 		Address:     reservedIPv4,
 		AddressType: "EXTERNAL",
+		NetworkTier: "PREMIUM",
 	}
 	if err := fakeGCE.ReserveRegionAddress(addr, vals.Region); err != nil {
 		t.Fatal(err)

pkg/address/manager.go

@@ -58,6 +58,7 @@ type Manager struct {
 	svc         gce.CloudAddressService
 	name        string
 	serviceName string
+	addressName string
 	targetIP    string
 	addressType cloud.LbScheme
 	region      string
@@ -69,7 +70,7 @@ type Manager struct {
 	frLogger klog.Logger
 }
 
-func NewManager(svc gce.CloudAddressService, serviceName, region, subnetURL, name, targetIP string, addressType cloud.LbScheme, networkTier cloud.NetworkTier, ipVersion IPVersion, frLogger klog.Logger) *Manager {
+func NewManager(svc gce.CloudAddressService, serviceName, region, subnetURL, name, addressName, targetIP string, addressType cloud.LbScheme, networkTier cloud.NetworkTier, ipVersion IPVersion, frLogger klog.Logger) *Manager {
 	if targetIP != "" {
 		// Store address in normalized format.
 		// This is required for IPv6 addresses, to be able to filter by exact address,
@@ -82,6 +83,7 @@ func NewManager(svc gce.CloudAddressService, serviceName, region, subnetURL, nam
 		region:      region,
 		serviceName: serviceName,
 		name:        name,
+		addressName: addressName,
 		targetIP:    targetIP,
 		addressType: addressType,
 		tryRelease:  true,
@@ -103,8 +105,31 @@ func (m *Manager) HoldAddress() (string, IPAddressType, error) {
 	// case of using a controller address, retrieving the address by name results in the fewest API
 	// calls since it indicates whether a Delete is necessary before Reserve.
 	m.frLogger.V(4).Info("Attempting hold of IP", "ip", m.targetIP, "addressType", m.addressType)
-	// Get the address in case it was orphaned earlier
-	addr, err := m.svc.GetRegionAddress(m.name, m.region)
+
+	// Name for default managed Address which is based on forwarding rule name
+	defaultName := m.name
+	addressName := defaultName
+	addressManagementType := IPAddrManaged
+
+	if m.addressName != "" {
+		// Name for custom unmanaged static Address which is reserved by user and specified in annotation
+		addressName = m.addressName
+		addressManagementType = IPAddrUnmanaged
+		m.tryRelease = false
+
+		// Custom reserved Address is specified so no possible orphaned default address should exist
+		if addressName != defaultName {
+			if addrDefault, _ := m.svc.GetRegionAddress(defaultName, m.region); addrDefault != nil {
+				releaseErr := m.removeAddress(defaultName, "address is orphaned and not needed anymore")
+				if releaseErr != nil {
+					m.frLogger.V(4).Info("Unable to release orphaned Address.", "addressName", defaultName, "err", releaseErr)
+				}
+			}
+		}
+	}
+
+	// Get and validate existing Address: user-specifed or default (orphaned)
+	addr, err := m.svc.GetRegionAddress(addressName, m.region)
 	if err != nil && !utils.IsNotFoundError(err) {
 		return "", IPAddrUndefined, err
 	}
@@ -114,19 +139,17 @@ func (m *Manager) HoldAddress() (string, IPAddressType, error) {
 		validationError := m.validateAddress(addr)
 		if validationError == nil {
 			m.frLogger.V(4).Info("Address already reserves IP. No further action required.", "addressName", addr.Name, "ip", addr.Address, "type", addr.AddressType)
-			return addr.Address, IPAddrManaged, nil
+			return addr.Address, addressManagementType, nil
 		}
 
-		m.frLogger.V(2).Info("Deleting existing address", "reason", validationError)
-		err := m.svc.DeleteRegionAddress(addr.Name, m.region)
-		if err != nil {
-			if utils.IsNotFoundError(err) {
-				m.frLogger.V(4).Info("Address was not found. Ignoring.", "addressName", addr.Name)
-			} else {
-				return "", IPAddrUndefined, err
-			}
+		if m.addressName != "" {
+			return "", IPAddrUndefined, fmt.Errorf("reserved address (%q) is not valid, err: %w", addr.Name, validationError)
 		} else {
-			m.frLogger.V(4).Info("Successfully deleted previous address", "addressName", addr.Name)
+			// Remove invalid orphaned default address. New Address will be reserved later in ensureAddressReservation()
+			releaseErr := m.removeAddress(defaultName, fmt.Sprintf("address is orphaned and not valid, err: %v", validationError))
+			if releaseErr != nil {
+				m.frLogger.V(4).Info("Unable to release orphaned Address.", "addressName", defaultName, "err", releaseErr)
+			}
 		}
 	}
 
@@ -140,19 +163,21 @@ func (m *Manager) ReleaseAddress() error {
 		return nil
 	}
 
-	m.frLogger.V(4).Info("Releasing address", "ip", m.targetIP, "addressName", m.name)
-	// Controller only ever tries to unreserve the address named with the load balancer's name.
-	err := m.svc.DeleteRegionAddress(m.name, m.region)
+	return m.removeAddress(m.name, "address was temporary reserved")
+}
+
+func (m *Manager) removeAddress(name, reason string) error {
+
+	m.frLogger.V(2).Info("Releasing existing address", "name", name, "reason", reason)
+	err := m.svc.DeleteRegionAddress(name, m.region)
 	if err != nil {
 		if utils.IsNotFoundError(err) {
-			m.frLogger.Info("Address was not found. Ignoring.", "addressName", m.name)
-			return nil
+			m.frLogger.V(4).Info("Address was not found. Ignoring.", "addressName", name)
+		} else {
+			return err
 		}
-
-		return err
 	}
-
-	m.frLogger.V(4).Info("Successfully released IP named", "ip", m.targetIP, "addressName", m.name)
+	m.frLogger.V(4).Info("Successfully released address", "addressName", name)
 	return nil
 }
 

pkg/address/manager_test.go

@@ -48,7 +48,7 @@ func TestAddressManagerNoRequestedIP(t *testing.T) {
 	require.NoError(t, err)
 	targetIP := ""
 
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeInternal, cloud.NetworkTierDefault, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeInternal, cloud.NetworkTierDefault, address.IPv4Version, klog.TODO())
 	testHoldAddress(t, mgr, svc, testLBName, vals.Region, targetIP, string(cloud.SchemeInternal), cloud.NetworkTierDefault.ToGCEValue())
 	testReleaseAddress(t, mgr, svc, testLBName, vals.Region)
 }
@@ -59,7 +59,7 @@ func TestAddressManagerBasic(t *testing.T) {
 	require.NoError(t, err)
 	targetIP := "1.1.1.1"
 
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeInternal, cloud.NetworkTierDefault, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeInternal, cloud.NetworkTierDefault, address.IPv4Version, klog.TODO())
 	testHoldAddress(t, mgr, svc, testLBName, vals.Region, targetIP, string(cloud.SchemeInternal), cloud.NetworkTierDefault.ToGCEValue())
 	testReleaseAddress(t, mgr, svc, testLBName, vals.Region)
 }
@@ -75,7 +75,7 @@ func TestAddressManagerOrphaned(t *testing.T) {
 	err = svc.ReserveRegionAddress(addr, vals.Region)
 	require.NoError(t, err)
 
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeInternal, cloud.NetworkTierDefault, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeInternal, cloud.NetworkTierDefault, address.IPv4Version, klog.TODO())
 	testHoldAddress(t, mgr, svc, testLBName, vals.Region, targetIP, string(cloud.SchemeInternal), cloud.NetworkTierDefault.ToGCEValue())
 	testReleaseAddress(t, mgr, svc, testLBName, vals.Region)
 }
@@ -87,7 +87,7 @@ func TestAddressManagerStandardNetworkTier(t *testing.T) {
 	require.NoError(t, err)
 	targetIP := "1.1.1.1"
 
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeExternal, cloud.NetworkTierStandard, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeExternal, cloud.NetworkTierStandard, address.IPv4Version, klog.TODO())
 	testHoldAddress(t, mgr, svc, testLBName, vals.Region, targetIP, string(cloud.SchemeExternal), cloud.NetworkTierStandard.ToGCEValue())
 	testReleaseAddress(t, mgr, svc, testLBName, vals.Region)
 }
@@ -98,7 +98,7 @@ func TestAddressManagerStandardNetworkTierNotAvailableForInternalAddress(t *test
 	require.NoError(t, err)
 	targetIP := "1.1.1.1"
 
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeInternal, cloud.NetworkTierStandard, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeInternal, cloud.NetworkTierStandard, address.IPv4Version, klog.TODO())
 	testHoldAddress(t, mgr, svc, testLBName, vals.Region, targetIP, string(cloud.SchemeInternal), cloud.NetworkTierPremium.ToGCEValue())
 	testReleaseAddress(t, mgr, svc, testLBName, vals.Region)
 }
@@ -115,7 +115,7 @@ func TestAddressManagerOutdatedOrphan(t *testing.T) {
 	err = svc.ReserveRegionAddress(addr, vals.Region)
 	require.NoError(t, err)
 
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeInternal, cloud.NetworkTierDefault, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeInternal, cloud.NetworkTierDefault, address.IPv4Version, klog.TODO())
 	testHoldAddress(t, mgr, svc, testLBName, vals.Region, targetIP, string(cloud.SchemeInternal), cloud.NetworkTierDefault.ToGCEValue())
 	testReleaseAddress(t, mgr, svc, testLBName, vals.Region)
 }
@@ -131,7 +131,7 @@ func TestAddressManagerExternallyOwned(t *testing.T) {
 	err = svc.ReserveRegionAddress(addr, vals.Region)
 	require.NoError(t, err)
 
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeInternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeInternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
 	ipToUse, ipType, err := mgr.HoldAddress()
 	require.NoError(t, err)
 	assert.NotEmpty(t, ipToUse)
@@ -144,14 +144,53 @@ func TestAddressManagerExternallyOwned(t *testing.T) {
 	testReleaseAddress(t, mgr, svc, testLBName, vals.Region)
 }
 
+// TestAddressManagerExternallyOwnedAndOrphaned tests the case where extrenal address is used
+// and obsolete orphaned address is removed
+func TestAddressManagerExternallyOwnedAndOrphaned(t *testing.T) {
+	svc, err := fakeGCECloud(vals)
+	require.NoError(t, err)
+
+	// ExternallyOwned IP
+	externalName := "my-important-address"
+	externalIP := "1.1.1.1"
+	addr := &compute.Address{Name: externalName, Address: externalIP, AddressType: string(cloud.SchemeInternal)}
+	err = svc.ReserveRegionAddress(addr, vals.Region)
+	require.NoError(t, err)
+
+	// Orphaned IP with default LBName name
+	orphanedName := testLBName
+	orphanedIP := "1.1.1.100"
+	orphaned_addr := &compute.Address{Name: orphanedName, Address: orphanedIP, AddressType: string(cloud.SchemeInternal)}
+	err = svc.ReserveRegionAddress(orphaned_addr, vals.Region)
+	require.NoError(t, err)
+
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, externalName, externalIP, cloud.SchemeInternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
+	ipToUse, ipType, err := mgr.HoldAddress()
+	require.NoError(t, err)
+	assert.Equal(t, ipToUse, externalIP)
+	assert.Equal(t, address.IPAddrUnmanaged, ipType, "IP Address should not be marked as controller's managed")
+
+	// Orphaned IP should be removed
+	_, err = svc.GetRegionAddress(testLBName, vals.Region)
+	assert.True(t, utils.IsNotFoundError(err), "Orphaned Address should be removed")
+
+	err = mgr.ReleaseAddress()
+	require.NoError(t, err)
+
+	// ExternallyOwned IP should stay untouched
+	addr, _ = svc.GetRegionAddress(externalName, vals.Region)
+	assert.NotNil(t, addr)
+
+}
+
 // TestAddressManagerNonExisting tests the case where the address can't be reserved
 // automatically and was not reserved by the user (external address case).
 func TestAddressManagerNonExisting(t *testing.T) {
 	svc, err := fakeGCECloud(vals)
 	require.NoError(t, err)
 	targetIP := "1.1.1.1"
 
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeExternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeExternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
 
 	svc.Compute().(*cloud.MockGCE).MockAddresses.InsertHook = test.InsertAddressNotAllocatedToProjectErrorHook
 	_, _, err = mgr.HoldAddress()
@@ -171,7 +210,7 @@ func TestAddressManagerWrongTypeReserved(t *testing.T) {
 		t.Errorf("svc.ReserveRegionAddress returned err: %v", err)
 	}
 
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeExternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeExternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
 
 	_, _, err = mgr.HoldAddress()
 	require.Error(t, err)
@@ -188,7 +227,7 @@ func TestAddressManagerExternallyOwnedWrongNetworkTier(t *testing.T) {
 	addr := &compute.Address{Name: "my-important-address", Address: targetIP, AddressType: string(cloud.SchemeInternal), NetworkTier: string(cloud.NetworkTierStandard)}
 	err = svc.ReserveRegionAddress(addr, vals.Region)
 	require.NoError(t, err, "")
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeInternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeInternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
 	svc.Compute().(*cloud.MockGCE).MockAddresses.InsertHook = test.InsertAddressNetworkErrorHook
 	_, _, err = mgr.HoldAddress()
 	if err == nil || !utils.IsNetworkTierError(err) {
@@ -207,12 +246,40 @@ func TestAddressManagerBadExternallyOwned(t *testing.T) {
 	err = svc.ReserveRegionAddress(addr, vals.Region)
 	require.NoError(t, err)
 
-	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, targetIP, cloud.SchemeInternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", targetIP, cloud.SchemeInternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
 	ad, _, err := mgr.HoldAddress()
 	assert.NotNil(t, err) // FIXME
 	require.Equal(t, ad, "")
 }
 
+// TestAddressManagerBadExternallyOwnedFromAnnotation tests the case where the address exists but isn't
+// owned by the controller. However, this address has the wrong type.
+func TestAddressManagerBadExternallyOwnedFromAnnotation(t *testing.T) {
+	svc, err := fakeGCECloud(vals)
+	require.NoError(t, err)
+	targetIP := "1.1.1.1"
+	addrName := "my-important-address"
+
+	addrExternal := &compute.Address{Name: addrName, Address: targetIP, AddressType: string(cloud.SchemeExternal)}
+	err = svc.ReserveRegionAddress(addrExternal, vals.Region)
+	require.NoError(t, err)
+
+	addrDefault := &compute.Address{Name: testLBName, Address: "1.1.1.100", AddressType: string(cloud.SchemeInternal)}
+	err = svc.ReserveRegionAddress(addrDefault, vals.Region)
+	require.NoError(t, err)
+
+	mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, addrName, targetIP, cloud.SchemeInternal, cloud.NetworkTierPremium, address.IPv4Version, klog.TODO())
+	ad, _, err := mgr.HoldAddress()
+	assert.NotNil(t, err) // FIXME
+	require.Equal(t, ad, "")
+
+	addrExternal, _ = svc.GetRegionAddress(addrName, vals.Region)
+	assert.NotNil(t, addrExternal, "ExternallyOwned IP should stay untouched")
+
+	_, err = svc.GetRegionAddress(testLBName, vals.Region)
+	assert.True(t, utils.IsNotFoundError(err), "Orphaned Address should be removed")
+}
+
 // TestAddressManagerIPv6 tests the typical case of reserving and releasing an IPv6 address.
 func TestAddressManagerIPv6(t *testing.T) {
 	testCases := []struct {
@@ -239,7 +306,7 @@ func TestAddressManagerIPv6(t *testing.T) {
 				t.Fatalf("fakeGCECloud(%v) returned error %v", vals, err)
 			}
 
-			mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, tc.targetIP, cloud.SchemeInternal, cloud.NetworkTierDefault, address.IPv6Version, klog.TODO())
+			mgr := address.NewManager(svc, testSvcName, vals.Region, testSubnet, testLBName, "", tc.targetIP, cloud.SchemeInternal, cloud.NetworkTierDefault, address.IPv6Version, klog.TODO())
 			testHoldAddress(t, mgr, svc, testLBName, vals.Region, tc.targetIP, string(cloud.SchemeInternal), cloud.NetworkTierDefault.ToGCEValue())
 			testReleaseAddress(t, mgr, svc, testLBName, vals.Region)
 		})