From e00bf8bb2ad7729653d2864ec0cc8ba5bb0ec3ff Mon Sep 17 00:00:00 2001 From: Radim Hrazdil Date: Fri, 23 Jul 2021 12:18:01 +0200 Subject: [PATCH] network, istio: Introduce pkg/network/istio package Move Istio related constants and functions to separate package pkg/network/istio Signed-off-by: Radim Hrazdil --- cmd/virt-launcher/BUILD.bazel | 2 +- cmd/virt-launcher/virt-launcher.go | 6 +-- pkg/network/consts/BUILD.bazel | 8 --- pkg/network/consts/annotations.go | 5 -- pkg/network/infraconfigurators/BUILD.bazel | 2 +- pkg/network/infraconfigurators/masquerade.go | 50 ++++--------------- pkg/network/istio/BUILD.bazel | 13 +++++ pkg/network/istio/annotations.go | 24 +++++++++ pkg/network/istio/ports.go | 44 ++++++++++++++++ pkg/network/istio/proxy.go | 37 ++++++++++++++ pkg/virt-controller/services/BUILD.bazel | 4 +- pkg/virt-controller/services/template.go | 4 +- pkg/virt-controller/services/template_test.go | 4 +- .../virtwrap/network/BUILD.bazel | 2 +- .../virtwrap/network/podinterface_test.go | 13 +++-- tests/network/BUILD.bazel | 3 +- tests/network/vmi_istio.go | 7 ++- 17 files changed, 150 insertions(+), 78 deletions(-) delete mode 100644 pkg/network/consts/BUILD.bazel delete mode 100644 pkg/network/consts/annotations.go create mode 100644 pkg/network/istio/BUILD.bazel create mode 100644 pkg/network/istio/annotations.go create mode 100644 pkg/network/istio/ports.go create mode 100644 pkg/network/istio/proxy.go diff --git a/cmd/virt-launcher/BUILD.bazel b/cmd/virt-launcher/BUILD.bazel index 34c7b21c1a69..8d29592eee80 100644 --- a/cmd/virt-launcher/BUILD.bazel +++ b/cmd/virt-launcher/BUILD.bazel @@ -13,7 +13,7 @@ go_library( "//pkg/hooks:go_default_library", "//pkg/hotplug-disk:go_default_library", "//pkg/ignition:go_default_library", - "//pkg/network/infraconfigurators:go_default_library", + "//pkg/network/istio:go_default_library", "//pkg/util:go_default_library", "//pkg/virt-handler/cmd-client:go_default_library", "//pkg/virt-launcher:go_default_library", diff --git a/cmd/virt-launcher/virt-launcher.go b/cmd/virt-launcher/virt-launcher.go index 8e7d9ae45807..26c796f2f671 100644 --- a/cmd/virt-launcher/virt-launcher.go +++ b/cmd/virt-launcher/virt-launcher.go @@ -51,7 +51,7 @@ import ( "kubevirt.io/kubevirt/pkg/hooks" hotplugdisk "kubevirt.io/kubevirt/pkg/hotplug-disk" "kubevirt.io/kubevirt/pkg/ignition" - "kubevirt.io/kubevirt/pkg/network/infraconfigurators" + "kubevirt.io/kubevirt/pkg/network/istio" putil "kubevirt.io/kubevirt/pkg/util" cmdclient "kubevirt.io/kubevirt/pkg/virt-handler/cmd-client" virtlauncher "kubevirt.io/kubevirt/pkg/virt-launcher" @@ -639,7 +639,7 @@ func terminateIstioProxy() { return false } err := retry.OnError(retry.DefaultBackoff, isRetriable, func() error { - resp, err := httpClient.Post(fmt.Sprintf("http://localhost:%d/quitquitquit", infraconfigurators.EnvoyMergedPrometheusTelemetryPort), "", nil) + resp, err := httpClient.Post(fmt.Sprintf("http://localhost:%d/quitquitquit", istio.EnvoyMergedPrometheusTelemetryPort), "", nil) if err != nil { log.Log.Reason(err).Error("failed to request istio-proxy termination, retrying...") return err @@ -665,7 +665,7 @@ func istioProxyPresent(httpClient *http.Client) bool { return false } err := retry.OnError(retry.DefaultBackoff, isRetriable, func() error { - resp, err := httpClient.Get(fmt.Sprintf("http://localhost:%d/healthz/ready", infraconfigurators.EnvoyHealthCheckPort)) + resp, err := httpClient.Get(fmt.Sprintf("http://localhost:%d/healthz/ready", istio.EnvoyHealthCheckPort)) if err != nil { log.Log.Reason(err).Error("error when checking for istio-proxy presence") return err diff --git a/pkg/network/consts/BUILD.bazel b/pkg/network/consts/BUILD.bazel deleted file mode 100644 index eab2e489b31c..000000000000 --- a/pkg/network/consts/BUILD.bazel +++ /dev/null @@ -1,8 +0,0 @@ -load("@io_bazel_rules_go//go:def.bzl", "go_library") - -go_library( - name = "go_default_library", - srcs = ["annotations.go"], - importpath = "kubevirt.io/kubevirt/pkg/network/consts", - visibility = ["//visibility:public"], -) diff --git a/pkg/network/consts/annotations.go b/pkg/network/consts/annotations.go deleted file mode 100644 index 11c880853c0c..000000000000 --- a/pkg/network/consts/annotations.go +++ /dev/null @@ -1,5 +0,0 @@ -package consts - -const ( - ISTIO_INJECT_ANNOTATION = "sidecar.istio.io/inject" -) diff --git a/pkg/network/infraconfigurators/BUILD.bazel b/pkg/network/infraconfigurators/BUILD.bazel index 22a9a556c151..d1747724dd42 100644 --- a/pkg/network/infraconfigurators/BUILD.bazel +++ b/pkg/network/infraconfigurators/BUILD.bazel @@ -13,8 +13,8 @@ go_library( deps = [ "//pkg/network:go_default_library", "//pkg/network/cache:go_default_library", - "//pkg/network/consts:go_default_library", "//pkg/network/driver:go_default_library", + "//pkg/network/istio:go_default_library", "//pkg/network/link:go_default_library", "//pkg/util:go_default_library", "//pkg/virt-launcher/virtwrap/api:go_default_library", diff --git a/pkg/network/infraconfigurators/masquerade.go b/pkg/network/infraconfigurators/masquerade.go index e5a0dcaadc9d..e2516f5edb24 100644 --- a/pkg/network/infraconfigurators/masquerade.go +++ b/pkg/network/infraconfigurators/masquerade.go @@ -13,23 +13,16 @@ import ( "kubevirt.io/client-go/log" "kubevirt.io/kubevirt/pkg/network" "kubevirt.io/kubevirt/pkg/network/cache" - "kubevirt.io/kubevirt/pkg/network/consts" netdriver "kubevirt.io/kubevirt/pkg/network/driver" + "kubevirt.io/kubevirt/pkg/network/istio" virtnetlink "kubevirt.io/kubevirt/pkg/network/link" "kubevirt.io/kubevirt/pkg/util" "kubevirt.io/kubevirt/pkg/virt-launcher/virtwrap/api" ) const ( - LibvirtDirectMigrationPort = 49152 - LibvirtBlockMigrationPort = 49153 - EnvoyAdminPort = 15000 - EnvoyOutboundPort = 15001 - EnvoyInboundPort = 15006 - EnvoyTunnelPort = 15008 - EnvoyMergedPrometheusTelemetryPort = 15020 - EnvoyHealthCheckPort = 15021 - EnvoyPrometheusTelemetryPort = 15090 + LibvirtDirectMigrationPort = 49152 + LibvirtBlockMigrationPort = 49153 ) type MasqueradePodNetworkConfigurator struct { @@ -197,17 +190,6 @@ func (b *MasqueradePodNetworkConfigurator) createBridge() error { return nil } -func hasIstioSidecarInjectionEnabled(vmi *v1.VirtualMachineInstance) bool { - if val, ok := vmi.GetAnnotations()[consts.ISTIO_INJECT_ANNOTATION]; ok { - return strings.ToLower(val) == "true" - } - return false -} - -func GetEnvoyLoopbackAddress() string { - return "127.0.0.6" -} - func GetLoopbackAdrress(proto iptables.Protocol) string { if proto == iptables.ProtocolIPv4 { return "127.0.0.1" @@ -399,8 +381,8 @@ func (b *MasqueradePodNetworkConfigurator) createNatRulesUsingNftables(proto ipt } if len(b.vmiSpecIface.Ports) == 0 { - if hasIstioSidecarInjectionEnabled(b.vmi) { - err = b.skipForwardingForPortsUsingNftables(proto, PortsUsedByIstio()) + if istio.ProxyInjectionEnabled(b.vmi) { + err = b.skipForwardingForPortsUsingNftables(proto, istio.ReservedPorts()) if err != nil { return err } @@ -413,7 +395,7 @@ func (b *MasqueradePodNetworkConfigurator) createNatRulesUsingNftables(proto ipt return err } - if !hasIstioSidecarInjectionEnabled(b.vmi) { + if !istio.ProxyInjectionEnabled(b.vmi) { err = b.handler.NftablesAppendRule(proto, "nat", "KUBEVIRT_PREINBOUND", "counter", "dnat", "to", b.geVmIfaceIpByProtocol(proto)) if err != nil { @@ -446,7 +428,7 @@ func (b *MasqueradePodNetworkConfigurator) createNatRulesUsingNftables(proto ipt return err } - if !hasIstioSidecarInjectionEnabled(b.vmi) { + if !istio.ProxyInjectionEnabled(b.vmi) { err = b.handler.NftablesAppendRule(proto, "nat", "KUBEVIRT_PREINBOUND", strings.ToLower(port.Protocol), "dport", @@ -504,15 +486,15 @@ func (b *MasqueradePodNetworkConfigurator) geVmIfaceIpByProtocol(proto iptables. func (b *MasqueradePodNetworkConfigurator) getSrcAddressesToSnat(proto iptables.Protocol) string { addresses := []string{getLoopbackAdrress(proto)} - if hasIstioSidecarInjectionEnabled(b.vmi) && proto == iptables.ProtocolIPv4 { - addresses = append(addresses, GetEnvoyLoopbackAddress()) + if istio.ProxyInjectionEnabled(b.vmi) && proto == iptables.ProtocolIPv4 { + addresses = append(addresses, istio.GetLoopbackAddress()) } return fmt.Sprintf("{ %s }", strings.Join(addresses, ", ")) } func (b *MasqueradePodNetworkConfigurator) getDstAddressesToDnat(proto iptables.Protocol) (string, error) { addresses := []string{getLoopbackAdrress(proto)} - if hasIstioSidecarInjectionEnabled(b.vmi) && proto == iptables.ProtocolIPv4 { + if istio.ProxyInjectionEnabled(b.vmi) && proto == iptables.ProtocolIPv4 { ipv4, _, err := b.handler.ReadIPAddressesFromLink(b.podNicLink.Attrs().Name) if err != nil { return "", err @@ -536,15 +518,3 @@ func portsUsedByLiveMigration() []string { fmt.Sprint(LibvirtBlockMigrationPort), } } - -func PortsUsedByIstio() []string { - return []string{ - fmt.Sprint(EnvoyAdminPort), - fmt.Sprint(EnvoyOutboundPort), - fmt.Sprint(EnvoyInboundPort), - fmt.Sprint(EnvoyTunnelPort), - fmt.Sprint(EnvoyMergedPrometheusTelemetryPort), - fmt.Sprint(EnvoyHealthCheckPort), - fmt.Sprint(EnvoyPrometheusTelemetryPort), - } -} diff --git a/pkg/network/istio/BUILD.bazel b/pkg/network/istio/BUILD.bazel new file mode 100644 index 000000000000..27ab9a244b6b --- /dev/null +++ b/pkg/network/istio/BUILD.bazel @@ -0,0 +1,13 @@ +load("@io_bazel_rules_go//go:def.bzl", "go_library") + +go_library( + name = "go_default_library", + srcs = [ + "annotations.go", + "ports.go", + "proxy.go", + ], + importpath = "kubevirt.io/kubevirt/pkg/network/istio", + visibility = ["//visibility:public"], + deps = ["//staging/src/kubevirt.io/client-go/api/v1:go_default_library"], +) diff --git a/pkg/network/istio/annotations.go b/pkg/network/istio/annotations.go new file mode 100644 index 000000000000..ee14b68c6409 --- /dev/null +++ b/pkg/network/istio/annotations.go @@ -0,0 +1,24 @@ +/* + * This file is part of the KubeVirt project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Copyright 2021 Red Hat, Inc. + * + */ + +package istio + +const ( + ISTIO_INJECT_ANNOTATION = "sidecar.istio.io/inject" +) diff --git a/pkg/network/istio/ports.go b/pkg/network/istio/ports.go new file mode 100644 index 000000000000..3aa021d12c80 --- /dev/null +++ b/pkg/network/istio/ports.go @@ -0,0 +1,44 @@ +/* + * This file is part of the KubeVirt project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Copyright 2021 Red Hat, Inc. + * + */ + +package istio + +import "fmt" + +const ( + EnvoyAdminPort = 15000 + EnvoyOutboundPort = 15001 + EnvoyInboundPort = 15006 + EnvoyTunnelPort = 15008 + EnvoyMergedPrometheusTelemetryPort = 15020 + EnvoyHealthCheckPort = 15021 + EnvoyPrometheusTelemetryPort = 15090 +) + +func ReservedPorts() []string { + return []string{ + fmt.Sprint(EnvoyAdminPort), + fmt.Sprint(EnvoyOutboundPort), + fmt.Sprint(EnvoyInboundPort), + fmt.Sprint(EnvoyTunnelPort), + fmt.Sprint(EnvoyMergedPrometheusTelemetryPort), + fmt.Sprint(EnvoyHealthCheckPort), + fmt.Sprint(EnvoyPrometheusTelemetryPort), + } +} diff --git a/pkg/network/istio/proxy.go b/pkg/network/istio/proxy.go new file mode 100644 index 000000000000..671112d27658 --- /dev/null +++ b/pkg/network/istio/proxy.go @@ -0,0 +1,37 @@ +/* + * This file is part of the KubeVirt project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Copyright 2021 Red Hat, Inc. + * + */ + +package istio + +import ( + "strings" + + v1 "kubevirt.io/client-go/api/v1" +) + +func ProxyInjectionEnabled(vmi *v1.VirtualMachineInstance) bool { + if val, ok := vmi.GetAnnotations()[ISTIO_INJECT_ANNOTATION]; ok { + return strings.ToLower(val) == "true" + } + return false +} + +func GetLoopbackAddress() string { + return "127.0.0.6" +} diff --git a/pkg/virt-controller/services/BUILD.bazel b/pkg/virt-controller/services/BUILD.bazel index 773bd95c5328..0e889023810c 100644 --- a/pkg/virt-controller/services/BUILD.bazel +++ b/pkg/virt-controller/services/BUILD.bazel @@ -14,7 +14,7 @@ go_library( "//pkg/downwardmetrics:go_default_library", "//pkg/hooks:go_default_library", "//pkg/host-disk:go_default_library", - "//pkg/network/consts:go_default_library", + "//pkg/network/istio:go_default_library", "//pkg/util:go_default_library", "//pkg/util/hardware:go_default_library", "//pkg/util/net/dns:go_default_library", @@ -46,7 +46,7 @@ go_test( deps = [ "//pkg/config:go_default_library", "//pkg/hooks:go_default_library", - "//pkg/network/consts:go_default_library", + "//pkg/network/istio:go_default_library", "//pkg/testutils:go_default_library", "//pkg/util:go_default_library", "//pkg/virt-config:go_default_library", diff --git a/pkg/virt-controller/services/template.go b/pkg/virt-controller/services/template.go index c282c780337c..d45de975aeb9 100644 --- a/pkg/virt-controller/services/template.go +++ b/pkg/virt-controller/services/template.go @@ -47,7 +47,7 @@ import ( "kubevirt.io/kubevirt/pkg/config" containerdisk "kubevirt.io/kubevirt/pkg/container-disk" "kubevirt.io/kubevirt/pkg/hooks" - "kubevirt.io/kubevirt/pkg/network/consts" + "kubevirt.io/kubevirt/pkg/network/istio" "kubevirt.io/kubevirt/pkg/util" "kubevirt.io/kubevirt/pkg/util/hardware" "kubevirt.io/kubevirt/pkg/util/net/dns" @@ -1403,7 +1403,7 @@ func (t *templateService) renderLaunchManifest(vmi *v1.VirtualMachineInstance, t pod.Spec.ServiceAccountName = serviceAccountName automount := true pod.Spec.AutomountServiceAccountToken = &automount - } else if val, ok := vmi.GetAnnotations()[consts.ISTIO_INJECT_ANNOTATION]; ok && strings.ToLower(val) == "true" { + } else if istio.ProxyInjectionEnabled(vmi) { automount := true pod.Spec.AutomountServiceAccountToken = &automount } else { diff --git a/pkg/virt-controller/services/template_test.go b/pkg/virt-controller/services/template_test.go index fd0b6619e0b0..2466c5fb503f 100644 --- a/pkg/virt-controller/services/template_test.go +++ b/pkg/virt-controller/services/template_test.go @@ -48,7 +48,7 @@ import ( fakenetworkclient "kubevirt.io/client-go/generated/network-attachment-definition-client/clientset/versioned/fake" "kubevirt.io/client-go/kubecli" "kubevirt.io/kubevirt/pkg/hooks" - networkconsts "kubevirt.io/kubevirt/pkg/network/consts" + "kubevirt.io/kubevirt/pkg/network/istio" "kubevirt.io/kubevirt/pkg/testutils" "kubevirt.io/kubevirt/pkg/util" virtconfig "kubevirt.io/kubevirt/pkg/virt-config" @@ -999,7 +999,7 @@ var _ = Describe("Template", func() { Namespace: "default", UID: "1234", Annotations: map[string]string{ - networkconsts.ISTIO_INJECT_ANNOTATION: "true", + istio.ISTIO_INJECT_ANNOTATION: "true", }, }, } diff --git a/pkg/virt-launcher/virtwrap/network/BUILD.bazel b/pkg/virt-launcher/virtwrap/network/BUILD.bazel index a9e700fe0c5a..cbf0ed9ba8b1 100644 --- a/pkg/virt-launcher/virtwrap/network/BUILD.bazel +++ b/pkg/virt-launcher/virtwrap/network/BUILD.bazel @@ -37,11 +37,11 @@ go_test( "//pkg/ephemeral-disk-utils:go_default_library", "//pkg/network:go_default_library", "//pkg/network/cache:go_default_library", - "//pkg/network/consts:go_default_library", "//pkg/network/dhcp:go_default_library", "//pkg/network/driver:go_default_library", "//pkg/network/errors:go_default_library", "//pkg/network/infraconfigurators:go_default_library", + "//pkg/network/istio:go_default_library", "//pkg/virt-launcher/virtwrap/api:go_default_library", "//staging/src/kubevirt.io/client-go/api/v1:go_default_library", "//staging/src/kubevirt.io/client-go/testutils:go_default_library", diff --git a/pkg/virt-launcher/virtwrap/network/podinterface_test.go b/pkg/virt-launcher/virtwrap/network/podinterface_test.go index e53082249db5..1d33b91ea9de 100644 --- a/pkg/virt-launcher/virtwrap/network/podinterface_test.go +++ b/pkg/virt-launcher/virtwrap/network/podinterface_test.go @@ -27,8 +27,6 @@ import ( "runtime" "strings" - "kubevirt.io/kubevirt/pkg/network/consts" - "github.com/coreos/go-iptables/iptables" "github.com/golang/mock/gomock" @@ -42,6 +40,7 @@ import ( "kubevirt.io/kubevirt/pkg/network/cache" netdriver "kubevirt.io/kubevirt/pkg/network/driver" "kubevirt.io/kubevirt/pkg/network/infraconfigurators" + "kubevirt.io/kubevirt/pkg/network/istio" "kubevirt.io/kubevirt/pkg/virt-launcher/virtwrap/api" ) @@ -488,7 +487,7 @@ var _ = Describe("Pod Network", func() { for _, chain := range []string{"output", "KUBEVIRT_POSTINBOUND"} { mockNetwork.EXPECT().NftablesAppendRule(proto, "nat", - chain, "tcp", "dport", fmt.Sprintf("{ %s }", strings.Join(infraconfigurators.PortsUsedByIstio(), ", ")), + chain, "tcp", "dport", fmt.Sprintf("{ %s }", strings.Join(istio.ReservedPorts(), ", ")), GetNFTIPString(proto), "saddr", infraconfigurators.GetLoopbackAdrress(proto), "counter", "return").Return(nil) } @@ -498,7 +497,7 @@ var _ = Describe("Pod Network", func() { srcAddressesToSnat := []string{infraconfigurators.GetLoopbackAdrress(proto)} dstAddressesToDnat := []string{infraconfigurators.GetLoopbackAdrress(proto)} if proto == iptables.ProtocolIPv4 { - srcAddressesToSnat = append(srcAddressesToSnat, infraconfigurators.GetEnvoyLoopbackAddress()) + srcAddressesToSnat = append(srcAddressesToSnat, istio.GetLoopbackAddress()) dstAddressesToDnat = append(dstAddressesToDnat, fakeAddr.IP.String()) } mockNetwork.EXPECT().NftablesAppendRule(proto, "nat", @@ -515,7 +514,7 @@ var _ = Describe("Pod Network", func() { domain := NewDomainWithBridgeInterface() vm := newVMIMasqueradeInterface("testnamespace", "testVmName", masqueradeCidr, masqueradeIpv6Cidr) vm.Annotations = map[string]string{ - consts.ISTIO_INJECT_ANNOTATION: "true", + istio.ISTIO_INJECT_ANNOTATION: "true", } api.NewDefaulter(runtime.GOARCH).SetObjectDefaults_Domain(domain) @@ -534,7 +533,7 @@ var _ = Describe("Pod Network", func() { srcAddressesToSnat := []string{infraconfigurators.GetLoopbackAdrress(proto)} dstAddressesToDnat := []string{infraconfigurators.GetLoopbackAdrress(proto)} if proto == iptables.ProtocolIPv4 { - srcAddressesToSnat = append(srcAddressesToSnat, infraconfigurators.GetEnvoyLoopbackAddress()) + srcAddressesToSnat = append(srcAddressesToSnat, istio.GetLoopbackAddress()) dstAddressesToDnat = append(dstAddressesToDnat, fakeAddr.IP.String()) } mockNetwork.EXPECT().NftablesAppendRule(proto, "nat", @@ -557,7 +556,7 @@ var _ = Describe("Pod Network", func() { vm := newVMIMasqueradeInterface("testnamespace", "testVmName", masqueradeCidr, masqueradeIpv6Cidr) vm.Spec.Domain.Devices.Interfaces[0].Ports = []v1.Port{{Name: "test", Port: 80, Protocol: "TCP"}} vm.Annotations = map[string]string{ - consts.ISTIO_INJECT_ANNOTATION: "true", + istio.ISTIO_INJECT_ANNOTATION: "true", } api.NewDefaulter(runtime.GOARCH).SetObjectDefaults_Domain(domain) diff --git a/tests/network/BUILD.bazel b/tests/network/BUILD.bazel index 35e3092f4acd..e338b74e58fd 100644 --- a/tests/network/BUILD.bazel +++ b/tests/network/BUILD.bazel @@ -20,8 +20,7 @@ go_library( importpath = "kubevirt.io/kubevirt/tests/network", visibility = ["//visibility:public"], deps = [ - "//pkg/network/consts:go_default_library", - "//pkg/network/infraconfigurators:go_default_library", + "//pkg/network/istio:go_default_library", "//pkg/virt-config:go_default_library", "//pkg/virt-controller/services:go_default_library", "//pkg/virt-launcher/virtwrap/api:go_default_library", diff --git a/tests/network/vmi_istio.go b/tests/network/vmi_istio.go index 99c0ee5fbe50..296547dcfe39 100644 --- a/tests/network/vmi_istio.go +++ b/tests/network/vmi_istio.go @@ -42,8 +42,7 @@ import ( v1 "kubevirt.io/client-go/api/v1" "kubevirt.io/client-go/kubecli" - "kubevirt.io/kubevirt/pkg/network/consts" - "kubevirt.io/kubevirt/pkg/network/infraconfigurators" + "kubevirt.io/kubevirt/pkg/network/istio" "kubevirt.io/kubevirt/tests" "kubevirt.io/kubevirt/tests/console" "kubevirt.io/kubevirt/tests/libnet" @@ -57,7 +56,7 @@ const ( svcUndeclaredTestPort = 1501 // Istio uses certain ports for it's own purposes, this port server to verify that traffic is not routed // into the VMI for these ports. https://istio.io/latest/docs/ops/deployment/requirements/ - istioRestrictedPort = infraconfigurators.EnvoyTunnelPort + istioRestrictedPort = istio.EnvoyTunnelPort ) var _ = SIGDescribe("[Serial] Istio", func() { @@ -376,7 +375,7 @@ func newVMIWithIstioSidecar(ports []v1.Port) *v1.VirtualMachineInstance { libvmi.WithNetwork(v1.DefaultPodNetwork()), libvmi.WithInterface(libvmi.InterfaceDeviceWithMasqueradeBinding(ports...)), libvmi.WithLabel("app", vmiAppSelector), - libvmi.WithAnnotation(consts.ISTIO_INJECT_ANNOTATION, "true"), + libvmi.WithAnnotation(istio.ISTIO_INJECT_ANNOTATION, "true"), ) return vmi }