feat: CNS generates chained cni conflist with cilium

Author: jpayne3506

cns/cniconflist/generator.go

@@ -71,6 +71,10 @@ type SWIFTGenerator struct {
 	Writer io.WriteCloser
 }
 
+type AzureCNIChainedCiliumGenerator struct {
+	Writer io.WriteCloser
+}
+
 func (v *V4OverlayGenerator) Close() error {
 	if err := v.Writer.Close(); err != nil {
 		return errors.Wrap(err, "error closing generator")
@@ -110,3 +114,11 @@ func (v *SWIFTGenerator) Close() error {
 
 	return nil
 }
+
+func (v *AzureCNIChainedCiliumGenerator) Close() error {
+	if err := v.Writer.Close(); err != nil {
+		return errors.Wrap(err, "error closing generator")
+	}
+
+	return nil
+}

cns/cniconflist/generator_linux.go

@@ -161,3 +161,33 @@ func (v *SWIFTGenerator) Generate() error {
 
 	return nil
 }
+
+func (v *AzureCNIChainedCiliumGenerator) Generate() error {
+	conflist := cniConflist{
+		CNIVersion: azurecniVersion,
+		Name:       azureName,
+		Plugins: []any{
+			cni.NetworkConfig{
+				Type:              azureType,
+				Mode:              cninet.OpModeTransparent,
+				IPsToRouteViaHost: []string{nodeLocalDNSIP},
+				ExecutionMode:     string(util.V4Swift),
+				IPAM: cni.IPAM{
+					Type: network.AzureCNS,
+				},
+			},
+			cni.NetworkConfig{
+				Name: ciliumcniName,
+				Type: ciliumcniType,
+			},
+		},
+	}
+
+	enc := json.NewEncoder(v.Writer)
+	enc.SetIndent("", "\t")
+	if err := enc.Encode(conflist); err != nil {
+		return errors.Wrap(err, "error encoding conflist to json")
+	}
+
+	return nil
+}

cns/cniconflist/generator_linux_test.go

@@ -92,6 +92,21 @@ func TestGenerateSWIFTConflist(t *testing.T) {
 	assert.Equal(t, removeNewLines(fixtureBytes), removeNewLines(buffer.Bytes()))
 }
 
+func TestGenerateAzurecniCiliumConflist(t *testing.T) {
+	fixture := "testdata/fixtures/azure-chained-cilium.conflist"
+
+	buffer := new(bytes.Buffer)
+	g := cniconflist.AzureCNIChainedCiliumGenerator{Writer: &bufferWriteCloser{buffer}}
+	err := g.Generate()
+	assert.NoError(t, err)
+
+	fixtureBytes, err := os.ReadFile(fixture)
+	assert.NoError(t, err)
+
+	// remove newlines and carriage returns in case these UTs are running on Windows
+	assert.Equal(t, removeNewLines(fixtureBytes), removeNewLines(buffer.Bytes()))
+}
+
 // removeNewLines will remove the newlines and carriage returns from the byte slice
 func removeNewLines(b []byte) []byte {
 	var bb []byte //nolint:prealloc // can't prealloc since we don't know how many bytes will get removed

cns/cniconflist/generator_windows.go

@@ -25,3 +25,7 @@ func (v *CiliumGenerator) Generate() error {
 func (v *SWIFTGenerator) Generate() error {
 	return errNotImplemented
 }
+
+func (v *AzureCNIChainedCiliumGenerator) Generate() error {
+	return errNotImplemented
+}

cns/cniconflist/testdata/fixtures/azure-chained-cilium.conflist

@@ -0,0 +1,34 @@
+{
+	"cniVersion": "0.3.0",
+	"name": "azure",
+	"plugins": [
+		{
+			"type": "azure-vnet",
+			"mode": "transparent",
+			"ipsToRouteViaHost": [
+				"169.254.20.10"
+			],
+			"executionMode": "v4swift",
+			"ipam": {
+				"type": "azure-cns"
+			},
+			"dns": {},
+			"runtimeConfig": {
+				"dns": {}
+			},
+			"windowsSettings": {}
+		},
+		{
+			"name": "cilium",
+			"type": "cilium-cni",
+			"ipam": {
+				"type": ""
+			},
+			"dns": {},
+			"runtimeConfig": {
+				"dns": {}
+			},
+			"windowsSettings": {}
+		}
+	]
+}

cns/service/main.go

@@ -121,11 +121,12 @@ const (
 type cniConflistScenario string
 
 const (
-	scenarioV4Overlay        cniConflistScenario = "v4overlay"
-	scenarioDualStackOverlay cniConflistScenario = "dualStackOverlay"
-	scenarioOverlay          cniConflistScenario = "overlay"
-	scenarioCilium           cniConflistScenario = "cilium"
-	scenarioSWIFT            cniConflistScenario = "swift"
+	scenarioV4Overlay             cniConflistScenario = "v4overlay"
+	scenarioDualStackOverlay      cniConflistScenario = "dualStackOverlay"
+	scenarioOverlay               cniConflistScenario = "overlay"
+	scenarioCilium                cniConflistScenario = "cilium"
+	scenarioSWIFT                 cniConflistScenario = "swift"
+	scenarioAzurecniChainedCilium cniConflistScenario = "azurecni-chained-cilium"
 )
 
 var (
@@ -623,6 +624,8 @@ func main() {
 			conflistGenerator = &cniconflist.CiliumGenerator{Writer: writer}
 		case scenarioSWIFT:
 			conflistGenerator = &cniconflist.SWIFTGenerator{Writer: writer}
+		case scenarioAzurecniChainedCilium:
+			conflistGenerator = &cniconflist.AzureCNIChainedCiliumGenerator{Writer: writer}
 		default:
 			logger.Errorf("unable to generate cni conflist for unknown scenario: %s", scenario)
 			os.Exit(1)

test/integration/manifests/cnsconfig/azclichainedciliumconfigmap.yaml

@@ -0,0 +1,46 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: cns-config
+  namespace: kube-system
+data:
+  cns_config.json: |
+    {
+      "CNIConflistFilepath": "/etc/cni/net.d/05-azure-chained-cilium.conflist",
+      "CNIConflistScenario": "azurecni-chained-cilium",
+      "ChannelMode": "CRD",
+      "EnableAsyncPodDelete": true,
+      "EnableCNIConflistGeneration": true,
+      "EnableIPAMv2": true,
+      "EnableK8sDevicePlugin": true,
+      "EnableLoggerV2": true,
+      "EnableStateMigration": true,
+      "EnableSubnetScarcity": false,
+      "InitializeFromCNI": false,
+      "Logger": {
+        "file": {
+          "filepath": "/var/log/azure-cns/azure-cns.log",
+          "level": "info",
+          "maxBackups": 5,
+          "maxSize": 5
+        }
+      },
+      "ManageEndpointState": true,
+      "ManagedSettings": {
+        "InfrastructureNetworkID": "",
+        "NodeID": "",
+        "NodeSyncIntervalInSeconds": 30,
+        "PrivateEndpoint": ""
+      },
+      "MetricsBindAddress": ":10092",
+      "ProgramSNATIPTables": false,
+      "TelemetrySettings": {
+        "DebugMode": false,
+        "DisableAll": false,
+        "HeartBeatIntervalInMins": 30,
+        "RefreshIntervalInSecs": 15,
+        "SnapshotIntervalInMins": 60,
+        "TelemetryBatchIntervalInSecs": 15,
+        "TelemetryBatchSizeBytes": 16384
+      }
+    }