Skip to content

Commit

Permalink
fix br-external not init because of no permission after ovn-nat-gw co…
Browse files Browse the repository at this point in the history
…nfigmap created (#3902)

* fix gw

* fix sa


---------

Signed-off-by: bobz965 <[email protected]>
  • Loading branch information
bobz965 authored Apr 10, 2024
1 parent a6e9ef4 commit e0fffa6
Show file tree
Hide file tree
Showing 6 changed files with 35 additions and 8 deletions.
8 changes: 8 additions & 0 deletions charts/kube-ovn/templates/ovn-CR.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -231,6 +231,14 @@ rules:
- create
- patch
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch

---
apiVersion: rbac.authorization.k8s.io/v1
Expand Down
8 changes: 8 additions & 0 deletions dist/images/install.sh
Original file line number Diff line number Diff line change
Expand Up @@ -3101,6 +3101,14 @@ rules:
- create
- patch
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
Expand Down
8 changes: 5 additions & 3 deletions pkg/daemon/gateway_linux.go
Original file line number Diff line number Diff line change
Expand Up @@ -1383,11 +1383,12 @@ func (c *Controller) setExGateway() error {
klog.Errorf("failed to get ovn-external-gw-config, %v", err)
return err
}
// enable external-gw-config without 'external-gw-nic' configured
// to reuse existing physical network from arg 'external-gateway-net'

linkName, exist := cm.Data["external-gw-nic"]
if !exist || len(linkName) == 0 {
return nil
err = fmt.Errorf("external-gw-nic not configured in ovn-external-gw-config")
klog.Error(err)
return err
}
link, err := netlink.LinkByName(linkName)
if err != nil {
Expand All @@ -1414,6 +1415,7 @@ func (c *Controller) setExGateway() error {
}

if !externalBrReady {
klog.Infof("create external bridge %s and add nic %s", externalBridge, linkName)
if _, err := ovs.Exec(
ovs.MayExist, "add-br", externalBridge, "--",
ovs.MayExist, "add-port", externalBridge, linkName,
Expand Down
8 changes: 5 additions & 3 deletions pkg/daemon/gateway_windows.go
Original file line number Diff line number Diff line change
Expand Up @@ -54,12 +54,14 @@ func (c *Controller) setExGateway() error {
klog.Errorf("failed to get ovn-external-gw-config, %v", err)
return err
}
// enable external-gw-config without 'external-gw-nic' configured
// to reuse existing physical network from arg 'external-gateway-net'

linkName, exist := cm.Data["external-gw-nic"]
if !exist || len(linkName) == 0 {
return nil
err = fmt.Errorf("external-gw-nic not configured in ovn-external-gw-config")
klog.Error(err)
return err
}

externalBrReady := false
// if external nic already attached into another bridge
if existBr, err := ovs.Exec("port-to-br", linkName); err == nil {
Expand Down
3 changes: 1 addition & 2 deletions pkg/ovs/ovn-nb-bfd.go
Original file line number Diff line number Diff line change
Expand Up @@ -133,21 +133,20 @@ func (c *OVNNbClient) DeleteBFD(lrpName, dstIP string) error {
if len(bfdList) == 0 {
return nil
}

for _, bfd := range bfdList {
ops, err := c.Where(&bfd).Delete()
if err != nil {
err := fmt.Errorf("failed to generate operations for BFD deletion with UUID %s: %v", bfd.UUID, err)
klog.Error(err)
return err
}
klog.Infof("delete lrp %s BFD dst ip %s", lrpName, bfd.DstIP)
if err = c.Transact("bfd-del", ops); err != nil {
err := fmt.Errorf("failed to delete BFD with with UUID %s: %v", bfd.UUID, err)
klog.Error(err)
return err
}
}

return nil
}

Expand Down
8 changes: 8 additions & 0 deletions yamls/sa.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -274,6 +274,14 @@ rules:
- create
- patch
- update
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
Expand Down

0 comments on commit e0fffa6

Please sign in to comment.