Use NodeIPAM code from K8S (#1561)

Import K8S NodeIPAM Controller code into third_party, use it within
Antrea Controller.

Signed-off-by: Kobi Samoray <[email protected]>

README.md

@@ -32,6 +32,8 @@ Antrea has been tested with Kubernetes clusters running version 1.16 or later.
 * `NodeIPAMController` must be enabled in the Kubernetes cluster.\
   When deploying a cluster with kubeadm the `--pod-network-cidr <cidr>`
   option must be specified.
+  Alternately, NodeIPAM feature of Antrea Controller should be enabled and
+  configured.
 * Open vSwitch kernel module must be present on every Kubernetes node.
 
 ## Getting Started

build/yamls/antrea-aks.yml

@@ -3344,7 +3344,6 @@ rules:
 - apiGroups:
   - ""
   resources:
-  - nodes
   - pods
   - namespaces
   - services
@@ -3353,6 +3352,15 @@ rules:
   - get
   - watch
   - list
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - get
+  - watch
+  - list
+  - patch
 - apiGroups:
   - networking.k8s.io
   resources:
@@ -3409,7 +3417,7 @@ rules:
 - apiGroups:
   - ""
   resourceNames:
-  - antrea-config-7t2f9tfctm
+  - antrea-config-99dtkgmckh
   resources:
   - configmaps
   verbs:
@@ -3859,6 +3867,9 @@ data:
     # Enable controlling SNAT IPs of Pod egress traffic.
     #  Egress: false
 
+    # Run Kubernetes NodeIPAMController with Antrea.
+    #  NodeIPAM: false
+
     # The port for the antrea-controller APIServer to serve on.
     # Note that if it's set to another value, the `containerPort` of the `api` port of the
     # `antrea-controller` container must be set to the same value.
@@ -3901,12 +3912,32 @@ data:
 
     # Enable usage reporting (telemetry) to VMware.
     #enableUsageReporting: false
+    nodeIPAM:
+    # Enable the integrated Node IPAM controller within the Antrea controller.
+    #  enableNodeIPAM: false
+
+    # CIDR Ranges for Pods in cluster. Value can contain a single CIDR range, or multiple ranges, separated by commas.
+    # The CIDRs could be either IPv4 or IPv6. Value ignored when enableNodeIPAM is false.
+    #  clusterCIDRs:
+
+    # CIDR Ranges for Services in cluster. It is not necessary to specify it when there is no overlap with clusterCIDRs.
+    # Value ignored when enableNodeIPAM is false.
+    #  serviceCIDR:
+    #  secondaryServiceCIDR:
+
+    # Mask size for IPv4 Node CIDR in IPv4 or dual-stack cluster. Value ignored when enableNodeIPAM is false
+    # or when IPv4 Pod CIDR is not configured. Valid range is 16 to 30.
+    #  nodeCIDRMaskSizeIPv4: 24
+
+    # Mask size for IPv6 Node CIDR in IPv6 or dual-stack cluster. Value ignored when enableNodeIPAM is false
+    # or when IPv6 Pod CIDR is not configured. Valid range is 64 to 126.
+    #  nodeCIDRMaskSizeIPv6: 64
 kind: ConfigMap
 metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-7t2f9tfctm
+  name: antrea-config-99dtkgmckh
   namespace: kube-system
 ---
 apiVersion: v1
@@ -3977,7 +4008,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-7t2f9tfctm
+          value: antrea-config-99dtkgmckh
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4028,7 +4059,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-7t2f9tfctm
+          name: antrea-config-99dtkgmckh
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4324,7 +4355,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-config-7t2f9tfctm
+          name: antrea-config-99dtkgmckh
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

build/yamls/antrea-eks.yml

@@ -3344,7 +3344,6 @@ rules:
 - apiGroups:
   - ""
   resources:
-  - nodes
   - pods
   - namespaces
   - services
@@ -3353,6 +3352,15 @@ rules:
   - get
   - watch
   - list
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - get
+  - watch
+  - list
+  - patch
 - apiGroups:
   - networking.k8s.io
   resources:
@@ -3409,7 +3417,7 @@ rules:
 - apiGroups:
   - ""
   resourceNames:
-  - antrea-config-7t2f9tfctm
+  - antrea-config-99dtkgmckh
   resources:
   - configmaps
   verbs:
@@ -3859,6 +3867,9 @@ data:
     # Enable controlling SNAT IPs of Pod egress traffic.
     #  Egress: false
 
+    # Run Kubernetes NodeIPAMController with Antrea.
+    #  NodeIPAM: false
+
     # The port for the antrea-controller APIServer to serve on.
     # Note that if it's set to another value, the `containerPort` of the `api` port of the
     # `antrea-controller` container must be set to the same value.
@@ -3901,12 +3912,32 @@ data:
 
     # Enable usage reporting (telemetry) to VMware.
     #enableUsageReporting: false
+    nodeIPAM:
+    # Enable the integrated Node IPAM controller within the Antrea controller.
+    #  enableNodeIPAM: false
+
+    # CIDR Ranges for Pods in cluster. Value can contain a single CIDR range, or multiple ranges, separated by commas.
+    # The CIDRs could be either IPv4 or IPv6. Value ignored when enableNodeIPAM is false.
+    #  clusterCIDRs:
+
+    # CIDR Ranges for Services in cluster. It is not necessary to specify it when there is no overlap with clusterCIDRs.
+    # Value ignored when enableNodeIPAM is false.
+    #  serviceCIDR:
+    #  secondaryServiceCIDR:
+
+    # Mask size for IPv4 Node CIDR in IPv4 or dual-stack cluster. Value ignored when enableNodeIPAM is false
+    # or when IPv4 Pod CIDR is not configured. Valid range is 16 to 30.
+    #  nodeCIDRMaskSizeIPv4: 24
+
+    # Mask size for IPv6 Node CIDR in IPv6 or dual-stack cluster. Value ignored when enableNodeIPAM is false
+    # or when IPv6 Pod CIDR is not configured. Valid range is 64 to 126.
+    #  nodeCIDRMaskSizeIPv6: 64
 kind: ConfigMap
 metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-7t2f9tfctm
+  name: antrea-config-99dtkgmckh
   namespace: kube-system
 ---
 apiVersion: v1
@@ -3977,7 +4008,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-7t2f9tfctm
+          value: antrea-config-99dtkgmckh
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4028,7 +4059,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-7t2f9tfctm
+          name: antrea-config-99dtkgmckh
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4326,7 +4357,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-config-7t2f9tfctm
+          name: antrea-config-99dtkgmckh
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d

build/yamls/antrea-gke.yml

@@ -3344,7 +3344,6 @@ rules:
 - apiGroups:
   - ""
   resources:
-  - nodes
   - pods
   - namespaces
   - services
@@ -3353,6 +3352,15 @@ rules:
   - get
   - watch
   - list
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - get
+  - watch
+  - list
+  - patch
 - apiGroups:
   - networking.k8s.io
   resources:
@@ -3409,7 +3417,7 @@ rules:
 - apiGroups:
   - ""
   resourceNames:
-  - antrea-config-45gtmm99g7
+  - antrea-config-cf84k5688d
   resources:
   - configmaps
   verbs:
@@ -3859,6 +3867,9 @@ data:
     # Enable controlling SNAT IPs of Pod egress traffic.
     #  Egress: false
 
+    # Run Kubernetes NodeIPAMController with Antrea.
+    #  NodeIPAM: false
+
     # The port for the antrea-controller APIServer to serve on.
     # Note that if it's set to another value, the `containerPort` of the `api` port of the
     # `antrea-controller` container must be set to the same value.
@@ -3901,12 +3912,32 @@ data:
 
     # Enable usage reporting (telemetry) to VMware.
     #enableUsageReporting: false
+    nodeIPAM:
+    # Enable the integrated Node IPAM controller within the Antrea controller.
+    #  enableNodeIPAM: false
+
+    # CIDR Ranges for Pods in cluster. Value can contain a single CIDR range, or multiple ranges, separated by commas.
+    # The CIDRs could be either IPv4 or IPv6. Value ignored when enableNodeIPAM is false.
+    #  clusterCIDRs:
+
+    # CIDR Ranges for Services in cluster. It is not necessary to specify it when there is no overlap with clusterCIDRs.
+    # Value ignored when enableNodeIPAM is false.
+    #  serviceCIDR:
+    #  secondaryServiceCIDR:
+
+    # Mask size for IPv4 Node CIDR in IPv4 or dual-stack cluster. Value ignored when enableNodeIPAM is false
+    # or when IPv4 Pod CIDR is not configured. Valid range is 16 to 30.
+    #  nodeCIDRMaskSizeIPv4: 24
+
+    # Mask size for IPv6 Node CIDR in IPv6 or dual-stack cluster. Value ignored when enableNodeIPAM is false
+    # or when IPv6 Pod CIDR is not configured. Valid range is 64 to 126.
+    #  nodeCIDRMaskSizeIPv6: 64
 kind: ConfigMap
 metadata:
   annotations: {}
   labels:
     app: antrea
-  name: antrea-config-45gtmm99g7
+  name: antrea-config-cf84k5688d
   namespace: kube-system
 ---
 apiVersion: v1
@@ -3977,7 +4008,7 @@ spec:
             fieldRef:
               fieldPath: spec.serviceAccountName
         - name: ANTREA_CONFIG_MAP_NAME
-          value: antrea-config-45gtmm99g7
+          value: antrea-config-cf84k5688d
         image: projects.registry.vmware.com/antrea/antrea-ubuntu:latest
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -4028,7 +4059,7 @@ spec:
         key: node-role.kubernetes.io/master
       volumes:
       - configMap:
-          name: antrea-config-45gtmm99g7
+          name: antrea-config-cf84k5688d
         name: antrea-config
       - name: antrea-controller-tls
         secret:
@@ -4327,7 +4358,7 @@ spec:
           path: /home/kubernetes/bin
         name: host-cni-bin
       - configMap:
-          name: antrea-config-45gtmm99g7
+          name: antrea-config-cf84k5688d
         name: antrea-config
       - hostPath:
           path: /etc/cni/net.d