daemon: add flag to control patch podIP annotations

Signed-off-by: l1b0k <[email protected]>
l1b0k · Jan 16, 2025 · 487e0ff · 487e0ff
1 parent d4a58b4
commit 487e0ff
Show file tree

Hide file tree

Showing 5 changed files with 118 additions and 5 deletions.
diff --git a/daemon/builder.go b/daemon/builder.go
@@ -83,6 +83,8 @@ func (b *NetworkServiceBuilder) LoadGlobalConfig() *NetworkServiceBuilder {
 		b.err = err
 		return b
 	}
+	globalConfig.Populate()
+
 	switch globalConfig.IPStack {
 	case "ipv4":
 		b.service.enableIPv4 = true
@@ -99,7 +101,7 @@ func (b *NetworkServiceBuilder) LoadGlobalConfig() *NetworkServiceBuilder {
 	}
 
 	b.service.ipamType = globalConfig.IPAMType
-
+	b.service.enablePatchPodIPs = *globalConfig.EnablePatchPodIPs
 	return b
 }
 
@@ -146,7 +148,6 @@ func (b *NetworkServiceBuilder) LoadDynamicConfig() *NetworkServiceBuilder {
 	serviceLog.Info("got config", "config", fmt.Sprintf("%+v", config))
 
 	b.config = config
-
 	return b
 }
 

diff --git a/daemon/builder_test.go b/daemon/builder_test.go
@@ -2,6 +2,7 @@ package daemon
 
 import (
 	"context"
+	"os"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -72,3 +73,103 @@ func TestInitService(t *testing.T) {
 		})
 	}
 }
+
+func TestNetworkServiceBuilder_LoadGlobalConfig(t *testing.T) {
+	tmpFile, err := os.CreateTemp("", "config-*.yaml")
+	if err != nil {
+		t.Fatalf("Failed to create temp file: %v", err)
+	}
+	defer tmpFile.Close()
+	configContent := `
+{
+      "version": "1",
+      "max_pool_size": 5,
+      "min_pool_size": 0,
+      "credential_path": "/var/addon/token-config",
+      "ipam_type": "crd"
+    }`
+	err = os.WriteFile(tmpFile.Name(), []byte(configContent), os.ModeDir)
+	assert.NoError(t, err)
+	builder := &NetworkServiceBuilder{
+		configFilePath: tmpFile.Name(),
+		service:        &networkService{},
+	}
+	builder.LoadGlobalConfig()
+	assert.True(t, *builder.config.EnablePatchPodIPs)
+}
+
+func TestNetworkServiceBuilder_LoadGlobalConfig2(t *testing.T) {
+	tmpFile, err := os.CreateTemp("", "config-*.yaml")
+	if err != nil {
+		t.Fatalf("Failed to create temp file: %v", err)
+	}
+	defer tmpFile.Close()
+	configContent := `
+{
+      "version": "1",
+      "max_pool_size": 5,
+      "min_pool_size": 0,
+      "credential_path": "/var/addon/token-config",
+      "enable_patch_pod_ips": false,
+      "ipam_type": "crd"
+    }`
+	err = os.WriteFile(tmpFile.Name(), []byte(configContent), os.ModeDir)
+	assert.NoError(t, err)
+	builder := &NetworkServiceBuilder{
+		configFilePath: tmpFile.Name(),
+		service:        &networkService{},
+	}
+	builder.LoadGlobalConfig()
+	assert.False(t, *builder.config.EnablePatchPodIPs)
+}
+
+func TestNetworkServiceBuilder_GetConfigFromFileWithMerge_1(t *testing.T) {
+	tmpFile, err := os.CreateTemp("", "config-*.yaml")
+	if err != nil {
+		t.Fatalf("Failed to create temp file: %v", err)
+	}
+	defer tmpFile.Close()
+	configContent := `
+{
+      "version": "1",
+      "max_pool_size": 5,
+      "min_pool_size": 0,
+      "credential_path": "/var/addon/token-config",
+      "ipam_type": "crd"
+    }`
+
+	dynamicCfg := ""
+	err = os.WriteFile(tmpFile.Name(), []byte(configContent), os.ModeDir)
+	assert.NoError(t, err)
+	config, err := daemon.GetConfigFromFileWithMerge(tmpFile.Name(), []byte(dynamicCfg))
+	assert.NoError(t, err)
+	config.Populate()
+
+	assert.True(t, *config.EnablePatchPodIPs)
+}
+
+func TestNetworkServiceBuilder_GetConfigFromFileWithMerge_2(t *testing.T) {
+	tmpFile, err := os.CreateTemp("", "config-*.yaml")
+	if err != nil {
+		t.Fatalf("Failed to create temp file: %v", err)
+	}
+	defer tmpFile.Close()
+	configContent := `
+{
+      "version": "1",
+      "max_pool_size": 5,
+      "min_pool_size": 0,
+      "credential_path": "/var/addon/token-config",
+      "enable_patch_pod_ips": false,
+      "ipam_type": "crd"
+    }`
+
+	dynamicCfg := ""
+	err = os.WriteFile(tmpFile.Name(), []byte(configContent), os.ModeDir)
+	assert.NoError(t, err)
+	config, err := daemon.GetConfigFromFileWithMerge(tmpFile.Name(), []byte(dynamicCfg))
+	assert.NoError(t, err)
+	config.Populate()
+
+	assert.False(t, *config.EnablePatchPodIPs)
+}
diff --git a/daemon/daemon.go b/daemon/daemon.go
@@ -78,6 +78,8 @@ type networkService struct {
 
 	gcRulesOnce sync.Once
 
+	enablePatchPodIPs bool
+
 	rpc.UnimplementedTerwayBackendServer
 }
 
@@ -267,9 +269,11 @@ func (n *networkService) AllocIP(ctx context.Context, r *rpc.AllocIPRequest) (*r
 		}
 	}
 
-	ips := getPodIPs(netConf)
-	if len(ips) > 0 {
-		_ = n.k8s.PatchPodIPInfo(pod, strings.Join(ips, ","))
+	if n.enablePatchPodIPs {
+		ips := getPodIPs(netConf)
+		if len(ips) > 0 {
+			_ = n.k8s.PatchPodIPInfo(pod, strings.Join(ips, ","))
+		}
 	}
 
 	// 4. Record resource info

diff --git a/types/daemon/config.go b/types/daemon/config.go
@@ -58,6 +58,7 @@ type Config struct {
 	KubeClientBurst             int                     `json:"kube_client_burst"`
 	ResourceGroupID             string                  `json:"resource_group_id"`
 	RateLimit                   map[string]int          `json:"rate_limit"`
+	EnablePatchPodIPs           *bool                   `json:"enable_patch_pod_ips,omitempty"  mod:"default=true"`
 }
 
 func (c *Config) GetSecurityGroups() []string {
@@ -97,6 +98,11 @@ func (c *Config) Populate() {
 	if c.IPStack == "" {
 		c.IPStack = string(types.IPStackIPv4)
 	}
+
+	if c.EnablePatchPodIPs == nil {
+		enable := true
+		c.EnablePatchPodIPs = &enable
+	}
 }
 
 func (c *Config) Validate() error {

diff --git a/types/daemon/config_test.go b/types/daemon/config_test.go
@@ -152,6 +152,7 @@ func TestPopulateSetsDefaultValues(t *testing.T) {
 	assert.Equal(t, 1.0, cfg.EniCapRatio)
 	assert.Equal(t, VSwitchSelectionPolicyRandom, cfg.VSwitchSelectionPolicy)
 	assert.Equal(t, string(types.IPStackIPv4), cfg.IPStack)
+	assert.True(t, *cfg.EnablePatchPodIPs)
 }
 
 func TestPopulateDoesNotOverrideExistingValues(t *testing.T) {