From 9dc733d6bee1ba9eb7b8a62a7bb9e10717ee4c49 Mon Sep 17 00:00:00 2001 From: Yury Kulazhenkov Date: Thu, 4 Apr 2024 15:04:37 +0300 Subject: [PATCH] Allow switchdev+externallyManged configs in webhook Current implementation supports this combination. NIC should be already in switchdev mode and have enough VFs to pass the check. Signed-off-by: Yury Kulazhenkov --- pkg/webhook/validate.go | 18 -------- pkg/webhook/validate_test.go | 80 ------------------------------------ 2 files changed, 98 deletions(-) diff --git a/pkg/webhook/validate.go b/pkg/webhook/validate.go index 07ea8ea82..bd2a6117e 100644 --- a/pkg/webhook/validate.go +++ b/pkg/webhook/validate.go @@ -225,13 +225,6 @@ func staticValidateSriovNetworkNodePolicy(cr *sriovnetworkv1.SriovNetworkNodePol if (cr.Spec.VdpaType == consts.VdpaTypeVirtio || cr.Spec.VdpaType == consts.VdpaTypeVhost) && cr.Spec.EswitchMode != sriovnetworkv1.ESwithModeSwitchDev { return false, fmt.Errorf("vdpa requires the device to be configured in switchdev mode") } - - // Externally created: we don't support ExternallyManaged + EswitchMode - //TODO: if needed we will need to add this in the future as today EswitchMode is for HWOFFLOAD - if cr.Spec.ExternallyManaged && cr.Spec.EswitchMode == sriovnetworkv1.ESwithModeSwitchDev { - return false, fmt.Errorf("ExternallyManaged doesn't support the device to be configured in switchdev mode") - } - return true, nil } @@ -390,17 +383,6 @@ func validatePfNames(current *sriovnetworkv1.SriovNetworkNodePolicy, previous *s if current.Spec.ExternallyManaged != previous.Spec.ExternallyManaged { return fmt.Errorf("externallyManage is inconsistent with existing policy %s", previous.GetName()) } - - // reject policy with externallyManage if there is a policy on the same PF with switch dev - if current.Spec.ExternallyManaged && previous.Spec.EswitchMode == sriovnetworkv1.ESwithModeSwitchDev { - return fmt.Errorf("externallyManage overlap with switchdev mode in existing policy %s", previous.GetName()) - } - - // reject policy with externallyManage if there is a policy on the same PF with switch dev - if previous.Spec.ExternallyManaged && current.Spec.EswitchMode == sriovnetworkv1.ESwithModeSwitchDev { - return fmt.Errorf("switchdev overlap with externallyManage mode in existing policy %s", previous.GetName()) - } - // Check for overlapping ranges if curRngEnd < preRngSt || curRngSt > preRngEnd { return nil diff --git a/pkg/webhook/validate_test.go b/pkg/webhook/validate_test.go index 2f1f2ffab..ce079d3db 100644 --- a/pkg/webhook/validate_test.go +++ b/pkg/webhook/validate_test.go @@ -472,62 +472,6 @@ func TestValidatePolicyForNodePolicyWithExternallyManageConflict(t *testing.T) { g.Expect(err).To(MatchError(ContainSubstring(fmt.Sprintf("externallyManage is inconsistent with existing policy %s", appliedPolicy.ObjectMeta.Name)))) } -func TestValidatePolicyForNodePolicyWithExternallyManageConflictWithSwitchDev(t *testing.T) { - appliedPolicy := newNodePolicy() - appliedPolicy.Spec.EswitchMode = ESwithModeSwitchDev - - policy := &SriovNetworkNodePolicy{ - ObjectMeta: metav1.ObjectMeta{ - Name: "p0", - }, - Spec: SriovNetworkNodePolicySpec{ - DeviceType: "netdevice", - NicSelector: SriovNetworkNicSelector{ - PfNames: []string{"ens803f1#3-4"}, - Vendor: "8086", - }, - NodeSelector: map[string]string{ - "feature.node.kubernetes.io/network-sriov.capable": "true", - }, - NumVfs: 63, - Priority: 99, - ResourceName: "p0", - ExternallyManaged: true, - }, - } - g := NewGomegaWithT(t) - err := validatePolicyForNodePolicy(policy, appliedPolicy) - g.Expect(err).To(HaveOccurred()) -} - -func TestValidatePolicyForNodePolicyWithSwitchDevConflictWithExternallyManage(t *testing.T) { - appliedPolicy := newNodePolicy() - appliedPolicy.Spec.ExternallyManaged = true - - policy := &SriovNetworkNodePolicy{ - ObjectMeta: metav1.ObjectMeta{ - Name: "p0", - }, - Spec: SriovNetworkNodePolicySpec{ - DeviceType: "netdevice", - NicSelector: SriovNetworkNicSelector{ - PfNames: []string{"ens803f1#3-4"}, - Vendor: "8086", - }, - NodeSelector: map[string]string{ - "feature.node.kubernetes.io/network-sriov.capable": "true", - }, - NumVfs: 63, - Priority: 99, - ResourceName: "p0", - EswitchMode: ESwithModeSwitchDev, - }, - } - g := NewGomegaWithT(t) - err := validatePolicyForNodePolicy(policy, appliedPolicy) - g.Expect(err).To(HaveOccurred()) -} - func TestValidatePolicyForNodeStateWithExternallyManageAndMTU(t *testing.T) { state := newNodeState() policy := &SriovNetworkNodePolicy{ @@ -999,30 +943,6 @@ func TestStaticValidateSriovNetworkNodePolicyVhostVdpaMustSpecifySwitchDev(t *te g.Expect(ok).To(Equal(false)) } -func TestStaticValidateSriovNetworkNodePolicyWithExternallyCreatedAndSwitchDev(t *testing.T) { - policy := &SriovNetworkNodePolicy{ - Spec: SriovNetworkNodePolicySpec{ - DeviceType: "netdevice", - NicSelector: SriovNetworkNicSelector{ - Vendor: "8086", - DeviceID: "158b", - }, - NodeSelector: map[string]string{ - "feature.node.kubernetes.io/network-sriov.capable": "true", - }, - NumVfs: 63, - Priority: 99, - ResourceName: "p0", - EswitchMode: "switchdev", - ExternallyManaged: true, - }, - } - g := NewGomegaWithT(t) - ok, err := staticValidateSriovNetworkNodePolicy(policy) - g.Expect(err).To(HaveOccurred()) - g.Expect(ok).To(BeFalse()) -} - func TestValidatePolicyForNodeStateVirtioVdpaWithNotSupportedVendor(t *testing.T) { state := newNodeState() policy := &SriovNetworkNodePolicy{