fix eniInfo from annotation (kubernetes-sigs#1529)

Author: M00nF1sh

pkg/k8s/pod_info.go

@@ -23,14 +23,17 @@ type PodInfo struct {
 	Conditions     []corev1.PodCondition
 	PodIP          string
 
-	ENIInfo *PodENIInfo
+	ENIInfos []PodENIInfo
 }
 
 // PodENIInfo is a json convertible structure that stores the Branch ENI details that can be
 // used by the CNI plugin or the component consuming the resource
 type PodENIInfo struct {
 	// ENIID is the network interface id of the branch interface
 	ENIID string `json:"eniId"`
+
+	// PrivateIP is the primary IP of the branch Network interface
+	PrivateIP string `json:"privateIp"`
 }
 
 // HasAnyOfReadinessGates returns whether podInfo has any of these readinessGates
@@ -81,10 +84,10 @@ func (i *PodInfo) LookupContainerPort(port intstr.IntOrString) (int64, error) {
 func buildPodInfo(pod *corev1.Pod) PodInfo {
 	podKey := NamespacedName(pod)
 
-	var podENIInfo *PodENIInfo
+	var podENIInfos []PodENIInfo
 	// we kept podENIInfo as nil if the eniInfo via annotation is malformed.
-	if eniInfo, err := buildPodENIInfo(pod); err == nil {
-		podENIInfo = eniInfo
+	if eniInfo, err := buildPodENIInfos(pod); err == nil {
+		podENIInfos = eniInfo
 	}
 
 	var containerPorts []corev1.ContainerPort
@@ -100,21 +103,21 @@ func buildPodInfo(pod *corev1.Pod) PodInfo {
 		Conditions:     pod.Status.Conditions,
 		PodIP:          pod.Status.PodIP,
 
-		ENIInfo: podENIInfo,
+		ENIInfos: podENIInfos,
 	}
 }
 
 // buildPodENIInfo will construct PodENIInfo for given pod if any.
-func buildPodENIInfo(pod *corev1.Pod) (*PodENIInfo, error) {
+func buildPodENIInfos(pod *corev1.Pod) ([]PodENIInfo, error) {
 	rawAnnotation, ok := pod.Annotations[annotationKeyPodENIInfo]
 	if !ok {
 		return nil, nil
 	}
 
-	var podENIInfo PodENIInfo
-	if err := json.Unmarshal([]byte(rawAnnotation), &podENIInfo); err != nil {
+	var podENIInfos []PodENIInfo
+	if err := json.Unmarshal([]byte(rawAnnotation), &podENIInfos); err != nil {
 		return nil, err
 	}
 
-	return &podENIInfo, nil
+	return podENIInfos, nil
 }

pkg/k8s/pod_info_test.go

@@ -411,6 +411,109 @@ func Test_buildPodInfo(t *testing.T) {
 				PodIP: "192.168.1.1",
 			},
 		},
+		{
+			name: "standard case - with ENIInfo",
+			args: args{
+				pod: &corev1.Pod{
+					ObjectMeta: metav1.ObjectMeta{
+						Namespace: "my-ns",
+						Name:      "pod-1",
+						UID:       "pod-uuid",
+						Annotations: map[string]string{
+							"vpc.amazonaws.com/pod-eni": `[{"eniId":"eni-06a712e1622fda4a0","ifAddress":"02:34:a5:25:0b:63","privateIp":"192.168.219.103","vlanId":3,"subnetCidr":"192.168.192.0/19"}]`,
+						},
+					},
+					Spec: corev1.PodSpec{
+						Containers: []corev1.Container{
+							{
+								Ports: []corev1.ContainerPort{
+									{
+										Name:          "ssh",
+										ContainerPort: 22,
+									},
+									{
+										Name:          "http",
+										ContainerPort: 8080,
+									},
+								},
+							},
+							{
+								Ports: []corev1.ContainerPort{
+									{
+										Name:          "https",
+										ContainerPort: 8443,
+									},
+								},
+							},
+						},
+						ReadinessGates: []corev1.PodReadinessGate{
+							{
+								ConditionType: "ingress.k8s.aws/cond-1",
+							},
+							{
+								ConditionType: "ingress.k8s.aws/cond-2",
+							},
+						},
+					},
+					Status: corev1.PodStatus{
+						Conditions: []corev1.PodCondition{
+							{
+								Type:   corev1.ContainersReady,
+								Status: corev1.ConditionFalse,
+							},
+							{
+								Type:   "ingress.k8s.aws/cond-2",
+								Status: corev1.ConditionTrue,
+							},
+						},
+						PodIP: "192.168.1.1",
+					},
+				},
+			},
+			want: PodInfo{
+				Key: types.NamespacedName{Namespace: "my-ns", Name: "pod-1"},
+				UID: "pod-uuid",
+				ContainerPorts: []corev1.ContainerPort{
+					{
+						Name:          "ssh",
+						ContainerPort: 22,
+					},
+					{
+						Name:          "http",
+						ContainerPort: 8080,
+					},
+					{
+						Name:          "https",
+						ContainerPort: 8443,
+					},
+				},
+				ReadinessGates: []corev1.PodReadinessGate{
+					{
+						ConditionType: "ingress.k8s.aws/cond-1",
+					},
+					{
+						ConditionType: "ingress.k8s.aws/cond-2",
+					},
+				},
+				Conditions: []corev1.PodCondition{
+					{
+						Type:   corev1.ContainersReady,
+						Status: corev1.ConditionFalse,
+					},
+					{
+						Type:   "ingress.k8s.aws/cond-2",
+						Status: corev1.ConditionTrue,
+					},
+				},
+				PodIP: "192.168.1.1",
+				ENIInfos: []PodENIInfo{
+					{
+						ENIID:     "eni-06a712e1622fda4a0",
+						PrivateIP: "192.168.219.103",
+					},
+				},
+			},
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@@ -427,24 +530,27 @@ func Test_buildPodENIInfo(t *testing.T) {
 	tests := []struct {
 		name    string
 		args    args
-		want    *PodENIInfo
+		want    []PodENIInfo
 		wantErr error
 	}{
-		//{
-		//	name: "pod-eni annotation exists and valid",
-		//	args: args{
-		//		pod: &corev1.Pod{
-		//			ObjectMeta: metav1.ObjectMeta{
-		//				Annotations: map[string]string{
-		//					"vpc.amazonaws.com/pod-eni": `[{"eniId":"eni-04df112df841b9465","ifAddress":"02:2d:47:ec:a5:e3","privateIp":"192.168.129.175","vlanId":1,"subnetCidr":"192.168.128.0/19"}]`,
-		//				},
-		//			},
-		//		},
-		//	},
-		//	want: &PodENIInfo{
-		//		ENIID: "eni-04df112df841b9465",
-		//	},
-		//},
+		{
+			name: "pod-eni annotation exists and valid",
+			args: args{
+				pod: &corev1.Pod{
+					ObjectMeta: metav1.ObjectMeta{
+						Annotations: map[string]string{
+							"vpc.amazonaws.com/pod-eni": `[{"eniId":"eni-06a712e1622fda4a0","ifAddress":"02:34:a5:25:0b:63","privateIp":"192.168.219.103","vlanId":3,"subnetCidr":"192.168.192.0/19"}]`,
+						},
+					},
+				},
+			},
+			want: []PodENIInfo{
+				{
+					ENIID:     "eni-06a712e1622fda4a0",
+					PrivateIP: "192.168.219.103",
+				},
+			},
+		},
 		{
 			name: "pod-eni annotation didn't exist",
 			args: args{
@@ -472,7 +578,7 @@ func Test_buildPodENIInfo(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			got, err := buildPodENIInfo(tt.args.pod)
+			got, err := buildPodENIInfos(tt.args.pod)
 			if tt.wantErr != nil {
 				assert.EqualError(t, err, tt.wantErr.Error())
 			} else {

pkg/networking/pod_eni_info_resolver.go

@@ -155,13 +155,17 @@ func (r *defaultPodENIInfoResolver) resolveViaCascadedLookup(ctx context.Context
 func (r *defaultPodENIInfoResolver) resolveViaPodENIAnnotation(ctx context.Context, pods []k8s.PodInfo) (map[types.NamespacedName]ENIInfo, error) {
 	podKeysByENIID := make(map[string][]types.NamespacedName)
 	for _, pod := range pods {
-		podENIInfo := pod.ENIInfo
-		if podENIInfo == nil {
+		var eniID string
+		for _, podENIInfo := range pod.ENIInfos {
+			if podENIInfo.PrivateIP == pod.PodIP {
+				eniID = podENIInfo.ENIID
+			}
+		}
+		if len(eniID) == 0 {
 			continue
 		}
 
 		podKey := pod.Key
-		eniID := podENIInfo.ENIID
 		podKeysByENIID[eniID] = append(podKeysByENIID[eniID], podKey)
 	}
 	if len(podKeysByENIID) == 0 {