Promote feature gate NodePortLocal to GA

Signed-off-by: hujiajing <[email protected]>
antrea-io · Sep 20, 2023 · a37cb8e · a37cb8e
1 parent 1e5cce8
commit a37cb8e
Show file tree

Hide file tree

Showing 12 changed files with 39 additions and 34 deletions.
diff --git a/build/charts/antrea/conf/antrea-agent.conf b/build/charts/antrea/conf/antrea-agent.conf
@@ -244,8 +244,7 @@ flowExporter:
 nodePortLocal:
 {{- with .Values.nodePortLocal }}
 # Enable NodePortLocal, a feature used to make Pods reachable using port forwarding on the host. To
-# enable this feature, you need to set "enable" to true, and ensure that the NodePortLocal feature
-# gate is also enabled (which is the default).
+# enable this feature, you need to set "enable" to true.
   enable: {{ .enable }}
 # Provide the port range used by NodePortLocal. When the NodePortLocal feature is enabled, a port
 # from that range will be assigned whenever a Pod's container defines a specific port to be exposed

diff --git a/build/yamls/antrea-aks.yml b/build/yamls/antrea-aks.yml
@@ -5689,8 +5689,7 @@ data:
 
     nodePortLocal:
     # Enable NodePortLocal, a feature used to make Pods reachable using port forwarding on the host. To
-    # enable this feature, you need to set "enable" to true, and ensure that the NodePortLocal feature
-    # gate is also enabled (which is the default).
+    # enable this feature, you need to set "enable" to true.
       enable: false
     # Provide the port range used by NodePortLocal. When the NodePortLocal feature is enabled, a port
     # from that range will be assigned whenever a Pod's container defines a specific port to be exposed
@@ -6819,7 +6818,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 3f29ab6bd7105c6a6b30dafad282ac88a606e7aefe5914b7787aeeaafa7b4f8d
+        checksum/config: 5c3e4867d5b5680084dd97a6edd76f01197d41fcafcbfff8366c104454a7ba1a
       labels:
         app: antrea
         component: antrea-agent
@@ -7060,7 +7059,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 3f29ab6bd7105c6a6b30dafad282ac88a606e7aefe5914b7787aeeaafa7b4f8d
+        checksum/config: 5c3e4867d5b5680084dd97a6edd76f01197d41fcafcbfff8366c104454a7ba1a
       labels:
         app: antrea
         component: antrea-controller

diff --git a/build/yamls/antrea-eks.yml b/build/yamls/antrea-eks.yml
@@ -5689,8 +5689,7 @@ data:
 
     nodePortLocal:
     # Enable NodePortLocal, a feature used to make Pods reachable using port forwarding on the host. To
-    # enable this feature, you need to set "enable" to true, and ensure that the NodePortLocal feature
-    # gate is also enabled (which is the default).
+    # enable this feature, you need to set "enable" to true.
       enable: false
     # Provide the port range used by NodePortLocal. When the NodePortLocal feature is enabled, a port
     # from that range will be assigned whenever a Pod's container defines a specific port to be exposed
@@ -6819,7 +6818,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 3f29ab6bd7105c6a6b30dafad282ac88a606e7aefe5914b7787aeeaafa7b4f8d
+        checksum/config: 5c3e4867d5b5680084dd97a6edd76f01197d41fcafcbfff8366c104454a7ba1a
       labels:
         app: antrea
         component: antrea-agent
@@ -7061,7 +7060,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 3f29ab6bd7105c6a6b30dafad282ac88a606e7aefe5914b7787aeeaafa7b4f8d
+        checksum/config: 5c3e4867d5b5680084dd97a6edd76f01197d41fcafcbfff8366c104454a7ba1a
       labels:
         app: antrea
         component: antrea-controller

diff --git a/build/yamls/antrea-gke.yml b/build/yamls/antrea-gke.yml
@@ -5689,8 +5689,7 @@ data:
 
     nodePortLocal:
     # Enable NodePortLocal, a feature used to make Pods reachable using port forwarding on the host. To
-    # enable this feature, you need to set "enable" to true, and ensure that the NodePortLocal feature
-    # gate is also enabled (which is the default).
+    # enable this feature, you need to set "enable" to true.
       enable: false
     # Provide the port range used by NodePortLocal. When the NodePortLocal feature is enabled, a port
     # from that range will be assigned whenever a Pod's container defines a specific port to be exposed
@@ -6819,7 +6818,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: f72133ab696861e8ad657749229d1449f856a7b84fb37c933db72debf8c57a30
+        checksum/config: 5f53d47847c278741d03f478d3f3eac163608fabbb0e67c50573d257cc744ad0
       labels:
         app: antrea
         component: antrea-agent
@@ -7058,7 +7057,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: f72133ab696861e8ad657749229d1449f856a7b84fb37c933db72debf8c57a30
+        checksum/config: 5f53d47847c278741d03f478d3f3eac163608fabbb0e67c50573d257cc744ad0
       labels:
         app: antrea
         component: antrea-controller

diff --git a/build/yamls/antrea-ipsec.yml b/build/yamls/antrea-ipsec.yml
@@ -5702,8 +5702,7 @@ data:
 
     nodePortLocal:
     # Enable NodePortLocal, a feature used to make Pods reachable using port forwarding on the host. To
-    # enable this feature, you need to set "enable" to true, and ensure that the NodePortLocal feature
-    # gate is also enabled (which is the default).
+    # enable this feature, you need to set "enable" to true.
       enable: false
     # Provide the port range used by NodePortLocal. When the NodePortLocal feature is enabled, a port
     # from that range will be assigned whenever a Pod's container defines a specific port to be exposed
@@ -6832,7 +6831,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 62fe59882b960435e6de67c414b3ea71463d9c1eb97a024a69dd0aa6e506deff
+        checksum/config: 2da5242dc4766a6bf3bf4395642fd4f98986bddba2dd49da3dc8ae4b9e8cc45c
         checksum/ipsec-secret: d0eb9c52d0cd4311b6d252a951126bf9bea27ec05590bed8a394f0f792dcb2a4
       labels:
         app: antrea
@@ -7117,7 +7116,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 62fe59882b960435e6de67c414b3ea71463d9c1eb97a024a69dd0aa6e506deff
+        checksum/config: 2da5242dc4766a6bf3bf4395642fd4f98986bddba2dd49da3dc8ae4b9e8cc45c
       labels:
         app: antrea
         component: antrea-controller

diff --git a/build/yamls/antrea.yml b/build/yamls/antrea.yml
@@ -5689,8 +5689,7 @@ data:
 
     nodePortLocal:
     # Enable NodePortLocal, a feature used to make Pods reachable using port forwarding on the host. To
-    # enable this feature, you need to set "enable" to true, and ensure that the NodePortLocal feature
-    # gate is also enabled (which is the default).
+    # enable this feature, you need to set "enable" to true.
       enable: false
     # Provide the port range used by NodePortLocal. When the NodePortLocal feature is enabled, a port
     # from that range will be assigned whenever a Pod's container defines a specific port to be exposed
@@ -6819,7 +6818,7 @@ spec:
         kubectl.kubernetes.io/default-container: antrea-agent
         # Automatically restart Pods with a RollingUpdate if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 0916c9bded20cacbfe338c02c0128325d00b246fabb96488a95baa2a54ad7616
+        checksum/config: 1702e2f76b72c55e60e66c4c9c2c200eaa8e8fcfb865d5c4cb12c7094b5569b7
       labels:
         app: antrea
         component: antrea-agent
@@ -7058,7 +7057,7 @@ spec:
       annotations:
         # Automatically restart Pod if the ConfigMap changes
         # See https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments
-        checksum/config: 0916c9bded20cacbfe338c02c0128325d00b246fabb96488a95baa2a54ad7616
+        checksum/config: 1702e2f76b72c55e60e66c4c9c2c200eaa8e8fcfb865d5c4cb12c7094b5569b7
       labels:
         app: antrea
         component: antrea-controller

diff --git a/cmd/antrea-agent/agent.go b/cmd/antrea-agent/agent.go
@@ -137,7 +137,11 @@ func run(o *Options) error {
 
 	enableAntreaIPAM := features.DefaultFeatureGate.Enabled(features.AntreaIPAM)
 	enableBridgingMode := enableAntreaIPAM && o.config.EnableBridgingMode
-	enableNodePortLocal := features.DefaultFeatureGate.Enabled(features.NodePortLocal) && o.config.NodePortLocal.Enable
+	enableNodePortLocal := o.config.NodePortLocal.Enable
+	if !features.DefaultFeatureGate.Enabled(features.NodePortLocal) {
+		enableNodePortLocal = false
+		klog.InfoS("Feature gate `enableNodePortLocal` is deprecated, please use option `enableNodePortLocal.enable` to disable NodePortLocal")
+	}
 	l7NetworkPolicyEnabled := features.DefaultFeatureGate.Enabled(features.L7NetworkPolicy)
 	enableMulticlusterGW := features.DefaultFeatureGate.Enabled(features.Multicluster) && o.config.Multicluster.EnableGateway
 	enableMulticlusterNP := features.DefaultFeatureGate.Enabled(features.Multicluster) && o.config.Multicluster.EnableStretchedNetworkPolicy

diff --git a/cmd/antrea-agent/options.go b/cmd/antrea-agent/options.go
@@ -449,7 +449,7 @@ func (o *Options) setK8sNodeDefaultOptions() {
 		}
 	}
 
-	if features.DefaultFeatureGate.Enabled(features.NodePortLocal) {
+	if o.config.NodePortLocal.Enable {
 		switch {
 		case o.config.NodePortLocal.PortRange != "":
 		case o.config.NPLPortRange != "":
@@ -579,15 +579,13 @@ func (o *Options) validateK8sNodeOptions() error {
 		return err
 	}
 
-	if features.DefaultFeatureGate.Enabled(features.NodePortLocal) {
+	if o.config.NodePortLocal.Enable {
 		startPort, endPort, err := parsePortRange(o.config.NodePortLocal.PortRange)
 		if err != nil {
 			return fmt.Errorf("NodePortLocal portRange is not valid: %v", err)
 		}
 		o.nplStartPort = startPort
 		o.nplEndPort = endPort
-	} else if o.config.NodePortLocal.Enable {
-		klog.InfoS("The nodePortLocal.enable config option is set to true, but it will be ignored because the NodePortLocal feature gate is disabled")
 	}
 	if err := o.validateAntreaIPAMConfig(); err != nil {
 		return fmt.Errorf("failed to validate AntreaIPAM config: %v", err)

diff --git a/docs/feature-gates.md b/docs/feature-gates.md
@@ -33,7 +33,7 @@ edit the Agent configuration in the
 ## List of Available Features
 
 | Feature Name                  | Component          | Default | Stage | Alpha Release | Beta Release | GA Release | Extra Requirements | Notes                                         |
-|-------------------------------|--------------------|---------|-------|---------------|--------------|------------|--------------------|-----------------------------------------------|
+| ----------------------------- | ------------------ | ------- | ----- | ------------- | ------------ | ---------- | ------------------ | --------------------------------------------- |
 | `AntreaProxy`                 | Agent              | `true`  | Beta  | v0.8          | v0.11        | N/A        | Yes                | Must be enabled for Windows.                  |
 | `EndpointSlice`               | Agent              | `true`  | Beta  | v0.13.0       | v1.11        | N/A        | Yes                |                                               |
 | `TopologyAwareHints`          | Agent              | `true`  | Beta  | v1.8          | v1.12        | N/A        | Yes                |                                               |
@@ -43,7 +43,7 @@ edit the Agent configuration in the
 | `Traceflow`                   | Agent + Controller | `true`  | Beta  | v0.8          | v0.11        | N/A        | Yes                |                                               |
 | `FlowExporter`                | Agent              | `false` | Alpha | v0.9          | N/A          | N/A        | Yes                |                                               |
 | `NetworkPolicyStats`          | Agent + Controller | `true`  | Beta  | v0.10         | v1.2         | N/A        | No                 |                                               |
-| `NodePortLocal`               | Agent              | `true`  | Beta  | v0.13         | v1.4         | N/A        | Yes                | Important user-facing change in v1.2.0        |
+| `NodePortLocal`               | Agent              | `true`  | Beta  | v0.13         | v1.4         | v1.14      | Yes                | Important user-facing change in v1.2.0        |
 | `Egress`                      | Agent + Controller | `true`  | Beta  | v1.0          | v1.6         | N/A        | Yes                |                                               |
 | `NodeIPAM`                    | Controller         | `true`  | Beta  | v1.4          | v1.12        | N/A        | Yes                |                                               |
 | `AntreaIPAM`                  | Agent + Controller | `false` | Alpha | v1.4          | N/A          | N/A        | Yes                |                                               |

diff --git a/docs/node-port-local.md b/docs/node-port-local.md
@@ -31,6 +31,8 @@ NodePortLocal was introduced in v0.13 as an alpha feature, and was graduated to
 beta in v1.4, at which time it was enabled by default. Prior to v1.4, a feature
 gate, `NodePortLocal`, must be enabled on the antrea-agent for the feature to
 work. Starting from Antrea v1.7, NPL is supported on the Windows antrea-agent.
+From Antrea v1.14, NPL is GA. To enable this feature, you need to ensure that the
+`nodePortLocal.enable` flag is set to true in Antrea Agent configuration.
 
 ## Usage
 

diff --git a/pkg/features/antrea_features.go b/pkg/features/antrea_features.go
@@ -75,6 +75,7 @@ const (
 
 	// alpha: v0.13
 	// beta: v1.4
+	// GA: v1.14
 	// Expose Pod ports through NodePort
 	NodePortLocal featuregate.Feature = "NodePortLocal"
 
@@ -162,7 +163,7 @@ var (
 		AntreaIPAM:                  {Default: false, PreRelease: featuregate.Alpha},
 		FlowExporter:                {Default: false, PreRelease: featuregate.Alpha},
 		NetworkPolicyStats:          {Default: true, PreRelease: featuregate.Beta},
-		NodePortLocal:               {Default: true, PreRelease: featuregate.Beta},
+		NodePortLocal:               {Default: true, PreRelease: featuregate.GA},
 		NodeIPAM:                    {Default: true, PreRelease: featuregate.Beta},
 		Multicast:                   {Default: true, PreRelease: featuregate.Beta},
 		Multicluster:                {Default: false, PreRelease: featuregate.Alpha},

diff --git a/test/e2e/nodeportlocal_test.go b/test/e2e/nodeportlocal_test.go
@@ -32,7 +32,6 @@ import (
 	npltesting "antrea.io/antrea/pkg/agent/nodeportlocal/testing"
 	"antrea.io/antrea/pkg/agent/nodeportlocal/types"
 	agentconfig "antrea.io/antrea/pkg/config/agent"
-	"antrea.io/antrea/pkg/features"
 )
 
 const (
@@ -55,8 +54,14 @@ func newExpectedNPLAnnotations(nplStartPort, nplEndPort int) *npltesting.Expecte
 	return npltesting.NewExpectedNPLAnnotations(nil, nplStartPort, nplEndPort)
 }
 
-func skipIfNodePortLocalDisabled(tb testing.TB) {
-	skipIfFeatureDisabled(tb, features.NodePortLocal, true, false)
+func skipIfNodePortLocalDisabled(tb testing.TB, data *TestData) {
+	agentConf, err := data.GetAntreaAgentConf()
+	if err != nil {
+		tb.Fatalf("Error getting Antrea Agent configuration: %v:", err)
+	}
+	if !agentConf.NodePortLocal.Enable {
+		tb.Skipf("Skipping test because NodePortLocal is not enabled")
+	}
 }
 
 func configureNPLForAgent(t *testing.T, data *TestData, startPort, endPort int) {
@@ -74,14 +79,15 @@ func configureNPLForAgent(t *testing.T, data *TestData, startPort, endPort int)
 // NodePortLocal related test cases so they can share setup, teardown.
 func TestNodePortLocal(t *testing.T) {
 	skipIfNotIPv4Cluster(t)
-	skipIfNodePortLocalDisabled(t)
 
 	data, err := setupTest(t)
 	if err != nil {
 		t.Fatalf("Error when setting up test: %v", err)
 	}
 	defer teardownTest(t, data)
 
+	skipIfNodePortLocalDisabled(t, data)
+
 	configureNPLForAgent(t, data, defaultStartPort, defaultEndPort)
 	t.Run("testNPLAddPod", func(t *testing.T) { testNPLAddPod(t, data) })
 	t.Run("testNPLMultiplePodsAgentRestart", func(t *testing.T) { testNPLMultiplePodsAgentRestart(t, data) })