diff --git a/examples/multi-cluster/deploy-one/kustomization.yaml b/examples/multi-cluster/deploy-one/kustomization.yaml index 2816251..8712721 100644 --- a/examples/multi-cluster/deploy-one/kustomization.yaml +++ b/examples/multi-cluster/deploy-one/kustomization.yaml @@ -4,6 +4,7 @@ kind: Kustomization namespace: kube-system resources: - ../../../deploy +- cluster-two-peering.yaml labels: - includeSelectors: true pairs: diff --git a/examples/multi-cluster/deploy-two/kustomization.yaml b/examples/multi-cluster/deploy-two/kustomization.yaml index f8845bc..160cafe 100644 --- a/examples/multi-cluster/deploy-two/kustomization.yaml +++ b/examples/multi-cluster/deploy-two/kustomization.yaml @@ -4,6 +4,7 @@ kind: Kustomization namespace: kube-system resources: - ../../../deploy +- cluster-one-peering.yaml labels: - includeSelectors: true pairs: diff --git a/internal/controllers/remotenetwork_controller.go b/internal/controllers/remotenetwork_controller.go index c710bf2..018f294 100644 --- a/internal/controllers/remotenetwork_controller.go +++ b/internal/controllers/remotenetwork_controller.go @@ -241,6 +241,27 @@ func (r *RemoteNetworkReconciler) reconcileNetwork(ctx context.Context, key clie return ctx.Err() } + log.Info("Ensuring local routes to remote network") + err := r.Provider.MeshDB().Networking().PutRoute(ctx, meshtypes.Route{ + Route: &v1.Route{ + Name: r.localRouteName(nw), + Node: r.HostNode.ID().String(), + DestinationCIDRs: func() []string { + var out []string + if bridge.Network().NetworkV4().IsValid() { + out = append(out, bridge.Network().NetworkV4().String()) + } + if bridge.Network().NetworkV6().IsValid() { + out = append(out, bridge.Network().NetworkV6().String()) + } + return out + }(), + }, + }) + if err != nil { + log.Error(err, "Failed to add local routes to remote network") + return fmt.Errorf("failed to add local routes to remote network: %w", err) + } return bridge.Network().Peers().Sync(ctx) } @@ -504,6 +525,7 @@ func (r *RemoteNetworkReconciler) connectWithKubeconfig(ctx context.Context, nw func (r *RemoteNetworkReconciler) reconcileRemove(ctx context.Context, key client.ObjectKey, nw *cniv1.RemoteNetwork) error { log := log.FromContext(ctx) + // Make sure the bridge connection is shutdown if bridge, ok := r.bridges[key]; ok { err := bridge.Close(ctx) if err != nil { @@ -511,6 +533,14 @@ func (r *RemoteNetworkReconciler) reconcileRemove(ctx context.Context, key clien } delete(r.bridges, key) } + // Make sure we've removed routes to the remote network. + err := r.Provider.MeshDB().Networking().DeleteRoute(ctx, r.localRouteName(nw)) + if err != nil { + log.Error(err, "Failed to remove local routes to remote network") + // Try again on the next reconcile. + return fmt.Errorf("failed to remove local routes to remote network: %w", err) + } + // Remove the finalizer if controllerutil.ContainsFinalizer(nw, cniv1.RemoteNetworkFinalizer) { updated := controllerutil.RemoveFinalizer(nw, cniv1.RemoteNetworkFinalizer) if updated { @@ -523,6 +553,10 @@ func (r *RemoteNetworkReconciler) reconcileRemove(ctx context.Context, key clien return nil } +func (r *RemoteNetworkReconciler) localRouteName(nw *cniv1.RemoteNetwork) string { + return fmt.Sprintf("%s-%s-bridge", r.HostNode.ID(), nw.GetName()) +} + func (r *RemoteNetworkReconciler) setFailedStatus(ctx context.Context, bridge *cniv1.RemoteNetwork, reason error) { bridge.Status.BridgeStatus = cniv1.BridgeStatusFailed bridge.Status.Error = reason.Error()