From 5db63786feb98fd8fa4b69309e82f5a805e9219d Mon Sep 17 00:00:00 2001 From: Patryk Diak Date: Thu, 5 Sep 2024 16:29:43 +0200 Subject: [PATCH] UDN: Allow access to kubernetes/default and dns-default/openshift-dns Signed-off-by: Patryk Diak --- .../ovn-kubernetes/managed/004-config.yaml | 2 ++ .../ovn-kubernetes/self-hosted/004-config.yaml | 1 + pkg/network/ovn_kubernetes_test.go | 18 ++++++++++++++++-- 3 files changed, 19 insertions(+), 2 deletions(-) diff --git a/bindata/network/ovn-kubernetes/managed/004-config.yaml b/bindata/network/ovn-kubernetes/managed/004-config.yaml index 460ac7118b..5fc9da0449 100644 --- a/bindata/network/ovn-kubernetes/managed/004-config.yaml +++ b/bindata/network/ovn-kubernetes/managed/004-config.yaml @@ -17,6 +17,7 @@ data: enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation={{.EnableUDPAggregation}} + udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="{{.OVN_service_cidr}}" @@ -108,6 +109,7 @@ data: encap-port="{{.GenevePort}}" enable-lflow-cache=true lflow-cache-limit-kb=1048576 + udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="{{.OVN_service_cidr}}" diff --git a/bindata/network/ovn-kubernetes/self-hosted/004-config.yaml b/bindata/network/ovn-kubernetes/self-hosted/004-config.yaml index 4efdb24848..a7f1c8839d 100644 --- a/bindata/network/ovn-kubernetes/self-hosted/004-config.yaml +++ b/bindata/network/ovn-kubernetes/self-hosted/004-config.yaml @@ -17,6 +17,7 @@ data: enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation={{.EnableUDPAggregation}} + udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="{{.OVN_service_cidr}}" diff --git a/pkg/network/ovn_kubernetes_test.go b/pkg/network/ovn_kubernetes_test.go index 87bd797b3b..f7b23cfc30 100644 --- a/pkg/network/ovn_kubernetes_test.go +++ b/pkg/network/ovn_kubernetes_test.go @@ -27,12 +27,13 @@ import ( configv1 "github.com/openshift/api/config/v1" apifeatures "github.com/openshift/api/features" operv1 "github.com/openshift/api/operator/v1" + "github.com/openshift/library-go/pkg/operator/configobserver/featuregates" + mcfgv1 "github.com/openshift/machine-config-operator/pkg/apis/machineconfiguration.openshift.io/v1" + "github.com/openshift/cluster-network-operator/pkg/bootstrap" cnofake "github.com/openshift/cluster-network-operator/pkg/client/fake" "github.com/openshift/cluster-network-operator/pkg/hypershift" "github.com/openshift/cluster-network-operator/pkg/names" - "github.com/openshift/library-go/pkg/operator/configobserver/featuregates" - mcfgv1 "github.com/openshift/machine-config-operator/pkg/apis/machineconfiguration.openshift.io/v1" ) var ( @@ -260,6 +261,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -301,6 +303,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -356,6 +359,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -414,6 +418,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -472,6 +477,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -529,6 +535,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -576,6 +583,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -625,6 +633,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=false +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -667,6 +676,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -709,6 +719,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -755,6 +766,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -798,6 +810,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16" @@ -842,6 +855,7 @@ encap-port="8061" enable-lflow-cache=true lflow-cache-limit-kb=1048576 enable-udp-aggregation=true +udn-allowed-default-services="default/kubernetes,openshift-dns/dns-default" [kubernetes] service-cidrs="172.30.0.0/16"