diff --git a/.github/workflows/auto-upgrade-ci.yaml b/.github/workflows/auto-upgrade-ci.yaml index 8486de5f8..0e089721c 100644 --- a/.github/workflows/auto-upgrade-ci.yaml +++ b/.github/workflows/auto-upgrade-ci.yaml @@ -325,7 +325,6 @@ jobs: - name: Upgrade to version ${{ needs.get_ref.outputs.new_version }} id: upgrade - continue-on-error: true run: | RESULT=0 make upgrade_e2e_spiderpool -e E2E_CLUSTER_NAME=${{ env.E2E_CLUSTER_NAME }} \ diff --git a/Makefile b/Makefile index 9cc27a2a8..68b67ee21 100644 --- a/Makefile +++ b/Makefile @@ -431,7 +431,7 @@ clean_e2e_spiderpool: .PHONY: upgrade_e2e_spiderpool upgrade_e2e_spiderpool: - $(QUIET) make -C test upgrade_spiderpool + $(QUIET) make -C test helm_upgrade_spiderpool .PHONY: codegen codegen: diff --git a/docs/usage/install/upgrade-zh_CN.md b/docs/usage/install/upgrade-zh_CN.md index a380e21f9..3c967bf3c 100644 --- a/docs/usage/install/upgrade-zh_CN.md +++ b/docs/usage/install/upgrade-zh_CN.md @@ -153,6 +153,10 @@ kubectl patch sp ${auto-pool} --type merge --patch '{"metadata": {"labels": {"ip 在 0.9.4 以下的版本中,statefulSet 应用在快速扩缩容场景下,Spiderpool GC 可能会错误的回收掉 IPPool 中的 IP 地址,导致同一个 IP 被分配给 K8S 集群的多个 Pod,从而出现 IP 地址冲突。该问题已修复,参考[修复](https://github.com/spidernet-io/spiderpool/pull/3778),但在升级后,冲突的 IP 地址并不能自动被 Spiderpool 纠正回来,您需要通过手动重启冲突 IP 的 Pod 来辅助解决,在新版本中不会再出现错误 GC IP 而导致 IP 冲突的问题。 +### 低于 0.9.5 (不包含 0.9.5) 升级到最高版本的注意事项 + +在 0.9.5 以下的版本中,Spiderpool Charts values.yaml 中的 spiderSubnet 字段发生变更,由 `ipam.spidersubnet` 变更为 `ipam.spiderSubnet`,因此,您无法可以安全地使用 `--reuse-values` 标志从 0.9.5 以下版本升级到 0.9.5 及以上版本。请修改 values.yaml 文件,或者使用 `--set ipam.spiderSubnet.enable=true` 标志来覆盖 values.yaml 文件中的值。 + ### 更多版本升级的注意事项 *TODO.* diff --git a/docs/usage/install/upgrade.md b/docs/usage/install/upgrade.md index 6454a780b..019eb3f19 100644 --- a/docs/usage/install/upgrade.md +++ b/docs/usage/install/upgrade.md @@ -178,6 +178,10 @@ Due to the addition of the `txQueueLen` field to the [SpiderCoordinator CRD](./. In versions below 0.9.4, when statefulSet is rapidly scaling up or down, Spiderpool GC may mistakenly reclaim IP addresses in IPPool, causing the same IP to be assigned to multiple Pods in the K8S cluster, resulting in IP address conflicts. This issue has been fixed, see [Fix](https://github.com/spidernet-io/spiderpool/pull/3778), but after the upgrade, the conflicting IP addresses cannot be automatically corrected by Spiderpool. You need to manually restart the Pod with the conflicting IP to assist in resolving the issue. In the new version, there will no longer be an issue with IP conflicts caused by incorrect GC IPs. +### Upgrading from a version below 0.9.5 (Excludes 0.9.5) to a higher version + +In versions lower than 0.9.5, the spiderSubnet field in Spiderpool Charts values.yaml changed from `ipam.spidersubnet` to `ipam.spiderSubnet`, so you cannot safely use the `--reuse-values` flag to upgrade from versions < 0.9.5 to 0.9.5 and above. Please modify the values.yaml file or use the `--set ipam.spiderSubnet.enable=true` flag to override the value in the values.yaml file. + ### More notes on version upgrades *TODO.* diff --git a/pkg/coordinatormanager/coordinator_validate.go b/pkg/coordinatormanager/coordinator_validate.go index d060938f3..6f69859a3 100644 --- a/pkg/coordinatormanager/coordinator_validate.go +++ b/pkg/coordinatormanager/coordinator_validate.go @@ -150,12 +150,6 @@ func validateCoordinatorPodMACPrefix(prefix *string) *field.Error { return errInvalid } - // the lowest bit of first byte must be 0 - // example: 0*:** - if string(parts[0][0]) != "0" { - return field.Invalid(podMACPrefixField, *prefix, "the lowest bit of the first byte must be 0") - } - fb, err := strconv.ParseInt(parts[0], 16, 0) if err != nil { return errInvalid @@ -167,7 +161,7 @@ func validateCoordinatorPodMACPrefix(prefix *string) *field.Error { bb := fmt.Sprintf("%08b", fb) if string(bb[7]) != "0" { - return field.Invalid(podMACPrefixField, *prefix, "not a unicast MAC") + return field.Invalid(podMACPrefixField, *prefix, "not a unicast MAC: the lowest bit of the first byte must be 0") } return nil diff --git a/test/Makefile b/test/Makefile index 6c04d4e49..23a43b239 100644 --- a/test/Makefile +++ b/test/Makefile @@ -399,11 +399,6 @@ uninstall_spiderpool: done ; \ done -.PHONY: upgrade_spiderpool -upgrade_spiderpool: - @echo -e "\033[35m [upgrade spiderpool] \033[0m" - @make helm_upgrade_spiderpool - .PHONY: helm_upgrade_spiderpool helm_upgrade_spiderpool: @echo -e "\033[35m [helm upgrade spiderpool] \033[0m" @@ -411,16 +406,38 @@ helm_upgrade_spiderpool: HELM_OPTION="";\ HELM_OPTION+=" --set spiderpoolController.replicas=1 " ; \ HELM_OPTION+=" --set spiderpoolAgent.image.registry="" \ - --set spiderpoolAgent.image.repository=$(SPIDERPOOL_AGENT_IMAGE_NAME) \ - --set spiderpoolAgent.image.tag=$(E2E_SPIDERPOOL_TAG) \ - --set spiderpoolController.image.registry="" \ - --set spiderpoolController.image.repository=$(SPIDERPOOL_CONTROLLER_IMAGE_NAME) \ - --set spiderpoolController.image.tag=$(E2E_SPIDERPOOL_TAG) \ - --set spiderpoolInit.image.registry="" \ - --set spiderpoolInit.image.repository=$(SPIDERPOOL_CONTROLLER_IMAGE_NAME) \ - --set spiderpoolInit.image.tag=$(E2E_SPIDERPOOL_TAG) " \ - helm --kubeconfig $(E2E_KUBECONFIG) upgrade $(RELEASE_NAME) $(ROOT_DIR)/charts/spiderpool $${HELM_OPTION} \ - -n $(RELEASE_NAMESPACE) ; \ + --set spiderpoolAgent.image.repository=$(SPIDERPOOL_AGENT_IMAGE_NAME) \ + --set spiderpoolAgent.image.tag=$(E2E_SPIDERPOOL_TAG) \ + --set spiderpoolController.image.registry="" \ + --set spiderpoolController.image.repository=$(SPIDERPOOL_CONTROLLER_IMAGE_NAME) \ + --set spiderpoolController.image.tag=$(E2E_SPIDERPOOL_TAG) \ + --set spiderpoolInit.image.registry="" \ + --set spiderpoolInit.image.repository=$(SPIDERPOOL_CONTROLLER_IMAGE_NAME) \ + --set spiderpoolInit.image.tag=$(E2E_SPIDERPOOL_TAG) \ + --set multus.multusCNI.uninstall=false " ; \ + if [ "$(E2E_SPIDERPOOL_ENABLE_SUBNET)" == "true" ] ; then \ + HELM_OPTION+=" --set ipam.spiderSubnet.enable=true " ; \ + HELM_OPTION+=" --set ipam.spiderSubnet.autoPool.enable=true " ; \ + HELM_OPTION+=" --set ipam.spiderSubnet.autoPool.defaultRedundantIPNumber=1 " ; \ + else \ + HELM_OPTION+=" --set ipam.spiderSubnet.enable=false " ; \ + HELM_OPTION+=" --set ipam.spiderSubnet.autoPool.enable=true " ; \ + HELM_OPTION+=" --set ipam.spiderSubnet.autoPool.defaultRedundantIPNumber=1 " ; \ + fi ; \ + ALL_IMAGES=`helm template $(RELEASE_NAME) $(ROOT_DIR)/charts/spiderpool $${HELM_OPTION} | grep ' image: ' | tr -d '"' | awk -F 'image: ' '{print $$2}' | sort | uniq | tr '\n' ' '` ; \ + echo "ALL_IMAGES: $${ALL_IMAGES} " ; \ + for IMAGE in $${ALL_IMAGES}; do \ + if ! grep "$${IMAGE}" <<< `docker images | awk '{printf("%s:%s\n",$$1,$$2)}'`; then \ + echo "==> $${IMAGE} no found, pulling...." ; \ + docker pull $${IMAGE} ; \ + fi ; \ + kind load docker-image $${IMAGE} --name $(E2E_CLUSTER_NAME); \ + done ; \ + echo "upgrade spiderpool with image $(SPIDERPOOL_AGENT_IMAGE_NAME):$(E2E_SPIDERPOOL_TAG) and $(SPIDERPOOL_CONTROLLER_IMAGE_NAME):$(E2E_SPIDERPOOL_TAG) " ; \ + set -x ; \ + helm --kubeconfig $(E2E_KUBECONFIG) upgrade $(RELEASE_NAME) $(ROOT_DIR)/charts/spiderpool \ + $${HELM_OPTION} \ + -n $(RELEASE_NAMESPACE) --debug --reuse-values ; \ cd $(ROOT_DIR)/charts/spiderpool/crds ; \ ls | grep '\.yaml$$' | xargs -I {} kubectl apply -f {} --kubeconfig $(E2E_KUBECONFIG) ; \ kubectl wait --for=condition=ready -l app.kubernetes.io/instance=spiderpool --timeout=300s pod -n kube-system --kubeconfig $(E2E_KUBECONFIG) || true; \ diff --git a/test/doc/spidermultus.md b/test/doc/spidermultus.md index eb706dd15..9bf7f9c71 100644 --- a/test/doc/spidermultus.md +++ b/test/doc/spidermultus.md @@ -23,3 +23,4 @@ | M00026 | set spidermultusconfig.spec to empty and see if works | p3 | | | | | M00027 | test podRPFilter and hostRPFilter in spidermultusconfig | p3 | | done | | M00028 | set hostRPFilter and podRPFilter to a invalid value | p3 | | done | +| M00029 | verify the podMACPrefix filed | p3 | | done | | diff --git a/test/e2e/spidermultus/spidermultus_test.go b/test/e2e/spidermultus/spidermultus_test.go index 16d583838..6e001f443 100644 --- a/test/e2e/spidermultus/spidermultus_test.go +++ b/test/e2e/spidermultus/spidermultus_test.go @@ -440,7 +440,6 @@ var _ = Describe("test spidermultus", Label("SpiderMultusConfig"), func() { It("set hostRPFilter and podRPFilter to a invalid value", Label("M00028"), func() { var smcName string = "invalid-rpfilter-multus-" + common.GenerateString(10, true) - smc := &spiderpoolv2beta1.SpiderMultusConfig{ ObjectMeta: metav1.ObjectMeta{ Name: smcName, @@ -462,4 +461,56 @@ var _ = Describe("test spidermultus", Label("SpiderMultusConfig"), func() { err := frame.CreateSpiderMultusInstance(smc) Expect(err).To(HaveOccurred(), "create spiderMultus instance failed: %v\n", err) }) + + It("verify the podMACPrefix filed", Label("M00028"), func() { + smcName := "test-multus-" + common.GenerateString(10, true) + smc := &spiderpoolv2beta1.SpiderMultusConfig{ + ObjectMeta: metav1.ObjectMeta{ + Name: smcName, + Namespace: namespace, + }, + Spec: spiderpoolv2beta1.MultusCNIConfigSpec{ + CniType: constant.MacvlanCNI, + MacvlanConfig: &v2beta1.SpiderMacvlanCniConfig{ + Master: []string{"eth0"}, + SpiderpoolConfigPools: &v2beta1.SpiderpoolPools{ + IPv4IPPool: []string{"spiderpool-ipv4-ippool"}, + }, + }, + EnableCoordinator: ptr.To(true), + CoordinatorConfig: &spiderpoolv2beta1.CoordinatorSpec{ + PodMACPrefix: ptr.To("9e:10"), + }, + }, + } + + By("create a spiderMultusConfig with valid podMACPrefix") + err := frame.CreateSpiderMultusInstance(smc) + Expect(err).NotTo(HaveOccurred()) + + tmpName := "invalid-macprefix" + common.GenerateString(10, true) + invalid := &spiderpoolv2beta1.SpiderMultusConfig{ + ObjectMeta: metav1.ObjectMeta{ + Name: tmpName, + Namespace: namespace, + }, + Spec: spiderpoolv2beta1.MultusCNIConfigSpec{ + CniType: constant.MacvlanCNI, + MacvlanConfig: &v2beta1.SpiderMacvlanCniConfig{ + Master: []string{"eth0"}, + SpiderpoolConfigPools: &v2beta1.SpiderpoolPools{ + IPv4IPPool: []string{"spiderpool-ipv4-ippool"}, + }, + }, + EnableCoordinator: ptr.To(true), + CoordinatorConfig: &spiderpoolv2beta1.CoordinatorSpec{ + PodMACPrefix: ptr.To("01:10"), + }, + }, + } + + By("create a spiderMultusConfig with invalid podMACPrefix") + err = frame.CreateSpiderMultusInstance(invalid) + Expect(err).To(HaveOccurred(), "create invalid spiderMultusConfig should fail: %v", err) + }) }) diff --git a/test/scripts/install-default-cni.sh b/test/scripts/install-default-cni.sh index 4b35cc595..35f7ad0e1 100755 --- a/test/scripts/install-default-cni.sh +++ b/test/scripts/install-default-cni.sh @@ -191,7 +191,6 @@ function install_cilium() { CILIUM_HELM_OPTIONS+=" --set ipam.operator.clusterPoolIPv6PodCIDRList=${CILIUM_CLUSTER_POD_SUBNET_V6} \ --set ipv4.enabled=false \ --set ipv6.enabled=true \ - --set tunnel=disabled \ --set ipv6NativeRoutingCIDR=${CILIUM_CLUSTER_POD_SUBNET_V6} \ --set autoDirectNodeRoutes=true \ --set enableIPv6Masquerade=true \