OCM-11581 | feat: edit/cluster support for SDN->OVN migrations

Author: hunterkepley

cmd/edit/cluster/cmd.go

@@ -69,6 +69,10 @@ var args struct {
 	allowedRegistriesForImport string
 	platformAllowlist          string
 	additionalTrustedCa        string
+
+	// SDN -> OVN Migration
+	networkType        string
+	ovnInternalSubnets string
 }
 
 var clusterRegistryConfigArgs *clusterregistryconfig.ClusterRegistryConfigArgs
@@ -186,6 +190,23 @@ func init() {
 		"",
 		"Account ID used for billing subscriptions purchased through the AWS console for ROSA",
 	)
+
+	flags.StringVar(
+		&args.networkType,
+		"network-type",
+		"",
+		"Migrate a cluster's network type from OpenShiftSDN to OVN-Kubernetes",
+	)
+
+	flags.StringVar(
+		&args.ovnInternalSubnets,
+		ocm.OvnInternalSubnetsFlagName,
+		"",
+		"OVN-Kubernetes internal subnet configuration for migrating 'network-type' from OpenShiftSDN -> "+
+			"OVN-Kubernetes. Must be supplied as a string=value pair with any of 'join', 'transit', 'masquerade' "+
+			"followed by a CIDR. \nExample: '--ovn-internal-subnets=\"join=192.168.255.0/24,transit=192.168.255.0/24,"+
+			"masquerade=192.168.255.0/24\"'",
+	)
 }
 
 func run(cmd *cobra.Command, _ []string) {
@@ -223,6 +244,18 @@ func run(cmd *cobra.Command, _ []string) {
 		os.Exit(1)
 	}
 
+	ovnInternalSubnets, err := validateOvnInternalSubnetConfiguration()
+	if err != nil {
+		r.Reporter.Errorf(fmt.Sprintf("%s", err))
+		os.Exit(1)
+	}
+
+	networkType, err := validateNetworkType()
+	if err != nil {
+		r.Reporter.Errorf(fmt.Sprintf("%s", err))
+		os.Exit(1)
+	}
+
 	if interactive.Enabled() {
 		r.Reporter.Infof("Interactive mode enabled.\n" +
 			"Any optional fields can be ignored and will not be updated.")
@@ -702,6 +735,93 @@ func run(cmd *cobra.Command, _ []string) {
 		}
 	}
 
+	// SDN -> OVN Migration
+	var clusterNetworkType string
+	if !cmd.Flags().Changed(ocm.NetworkTypeFlagName) {
+		var ok bool
+		if cluster.Network() == nil {
+			ok = false
+		} else {
+			networkType, ok = cluster.Network().GetType()
+			clusterNetworkType = networkType // Store the cluster's current network type for interactive usage
+		}
+		if !ok {
+			r.Reporter.Errorf("Unable to get cluster's network type")
+			os.Exit(1)
+		}
+	}
+
+	var migrateNetworkType bool
+	// Only prompt user with migrating the cluster's network type when it is not OVN-Kubernetes
+	if interactive.Enabled() && clusterNetworkType != "" && clusterNetworkType != ocm.NetworkTypeOvn &&
+		clusterNetworkType != ocm.NetworkTypeOvnAlias {
+
+		migrateNetworkType, err = interactive.GetBool(interactive.Input{
+			Question: "Migrate cluster network type from OpenShiftSDN -> OVN-Kubernetes",
+			Help: "Clusters are required to migrate from network type 'OpenShiftSDN' to 'OVN-Kubernetes', this allows " +
+				"you to do this along with your cluster changes",
+			Default: false,
+		})
+
+		if err != nil {
+			r.Reporter.Errorf("%s", err)
+			os.Exit(1)
+		}
+
+		if migrateNetworkType {
+			migrateNetworkType, err = confirmMigration()
+
+			if err != nil {
+				r.Reporter.Errorf("%s", err)
+				os.Exit(1)
+			}
+		}
+
+		if migrateNetworkType && interactive.Enabled() {
+			networkType, err = interactive.GetString(interactive.Input{
+				Question: "Network type for cluster",
+				Help:     cmd.Flags().Lookup(ocm.NetworkTypeFlagName).Usage,
+				Default:  ocm.NetworkTypeOvn,
+			})
+			if err != nil {
+				r.Reporter.Errorf("Expected a valid value: %v", err)
+				os.Exit(1)
+			}
+
+			ovnSubnets, err := interactive.GetString(interactive.Input{
+				Question: "OVN-Kubernetes internal subnet configuration for cluster",
+				Help:     cmd.Flags().Lookup(ocm.OvnInternalSubnetsFlagName).Usage,
+				Default:  ovnInternalSubnets,
+				Options:  []string{ocm.SubnetConfigTransit, ocm.SubnetConfigJoin, ocm.SubnetConfigMasquerade},
+				Required: false,
+			})
+			if err != nil {
+				r.Reporter.Errorf("Expected a valid value: %v", err)
+			}
+			ovnInternalSubnets, err = ocm.ParseAndValidateOvnInternalSubnets(ovnSubnets)
+			if err != nil {
+				r.Reporter.Errorf("Failed to parse '%s': %s", ocm.OvnInternalSubnetsFlagName, err)
+			}
+		}
+	}
+
+	if cmd.Flags().Changed(ocm.NetworkTypeFlagName) && networkType == ocm.NetworkTypeOvn {
+
+		migrateNetworkType, err = confirmMigration()
+
+		if err != nil {
+			r.Reporter.Errorf("%s", err)
+			os.Exit(1)
+		}
+	}
+
+	if networkType == ocm.NetworkTypeOvn && migrateNetworkType {
+		clusterConfig.NetworkType = networkType
+		if len(ovnInternalSubnets) > 0 {
+			clusterConfig.OvnInternalSubnetConfiguration = ovnInternalSubnets
+		}
+	}
+
 	var billingAccount string
 	if cmd.Flags().Changed("billing-account") {
 		billingAccount = args.billingAccount
@@ -841,6 +961,32 @@ func validateExpiration() (expiration time.Time, err error) {
 	return
 }
 
+// SDN -> OVN migration subnet configuration validator
+func validateOvnInternalSubnetConfiguration() (ovnInternalSubnets map[string]string, err error) {
+	if len(args.ovnInternalSubnets) > 0 {
+		if args.networkType == "" {
+			err = fmt.Errorf("Expected a value for %s when supplying the flag %s", ocm.NetworkTypeFlagName,
+				ocm.OvnInternalSubnetsFlagName)
+			return
+		}
+		ovnInternalSubnets, err = ocm.ParseAndValidateOvnInternalSubnets(args.ovnInternalSubnets)
+	}
+	return
+}
+
+// SDN -> OVN migration network type validator (one option)
+func validateNetworkType() (networkConfig string, err error) {
+	if len(args.networkType) > 0 {
+		if args.networkType != ocm.NetworkTypeOvn && args.networkType != ocm.NetworkTypeOvnAlias {
+			err = fmt.Errorf("Incorrect network type '%s', please use '%s' or remove the flag",
+				args.networkType, ocm.NetworkTypeOvn)
+		} else {
+			networkConfig = ocm.NetworkTypeOvn // allows use of alias (OVN-Kubernetes)- but sets it to correct value for API
+		}
+	}
+	return
+}
+
 // parseRFC3339 parses an RFC3339 date in either RFC3339Nano or RFC3339 format.
 func parseRFC3339(s string) (time.Time, error) {
 	if t, timeErr := time.Parse(time.RFC3339Nano, s); timeErr == nil {
@@ -979,3 +1125,14 @@ func BuildClusterConfigWithRegistry(clusterConfig ocm.Spec, allowedRegistries []
 	clusterConfig.AllowedRegistriesForImport = allowedRegistriesForImport
 	return clusterConfig, nil
 }
+
+func confirmMigration() (bool, error) {
+	return interactive.GetBool(interactive.Input{
+		Question: "Changing the network plugin will reboot cluster nodes, can not be interrupted or rolled " +
+			"back, and can not be combined with other operations such as cluster upgrades. \n\nConfirm that " +
+			"you want to proceed with migrating from 'OpenShiftSDN' to 'OVN-Kubernetes",
+		Help: "Confirm that you are wanting to migrate your cluster's network type, it may be safer to do " +
+			"this migration with no other changes",
+		Default: false,
+	})
+}

cmd/rosa/structure_test/command_args/rosa/edit/cluster/command_args.yml

@@ -21,3 +21,5 @@
 - name: registry-config-platform-allowlist
 - name: registry-config-additional-trusted-ca
 - name: billing-account
+- name: network-type
+- name: ovn-internal-subnets

pkg/ocm/clusters.go

@@ -93,13 +93,15 @@ type Spec struct {
 	AvailabilityZones []string
 
 	// Network config
-	NetworkType string
-	MachineCIDR net.IPNet
-	ServiceCIDR net.IPNet
-	PodCIDR     net.IPNet
-	HostPrefix  int
-	Private     *bool
-	PrivateLink *bool
+	NetworkType                    string
+	SubnetConfiguration            string
+	OvnInternalSubnetConfiguration map[string]string
+	MachineCIDR                    net.IPNet
+	ServiceCIDR                    net.IPNet
+	PodCIDR                        net.IPNet
+	HostPrefix                     int
+	Private                        *bool
+	PrivateLink                    *bool
 
 	// Properties
 	CustomProperties map[string]string
@@ -619,6 +621,40 @@ func (c *Client) UpdateCluster(clusterKey string, creator *aws.Creator, config S
 		clusterBuilder = clusterBuilder.DisableUserWorkloadMonitoring(*config.DisableWorkloadMonitoring)
 	}
 
+	// SDN -> OVN Migration
+	if config.NetworkType == NetworkTypes[1] {
+		// Create a request body for the specific cluster migration.
+		requestBuilder := v1.ClusterMigrationBuilder{}
+		requestBuilder.Type(v1.ClusterMigrationTypeSdnToOvn) // Type is required
+
+		if len(config.OvnInternalSubnetConfiguration) > 0 {
+			// Create a builder for the specific migration type's configuration if necessary
+			sdnToOvnBuilder := &v1.SdnToOvnClusterMigrationBuilder{}
+			if _, ok := config.OvnInternalSubnetConfiguration[JoinIpv4]; ok {
+				sdnToOvnBuilder.JoinIpv4(config.OvnInternalSubnetConfiguration[JoinIpv4])
+			}
+			if _, ok := config.OvnInternalSubnetConfiguration[TransitIpv4]; ok {
+				sdnToOvnBuilder.TransitIpv4(config.OvnInternalSubnetConfiguration[TransitIpv4])
+			}
+			if _, ok := config.OvnInternalSubnetConfiguration[MasqueradeIpv4]; ok {
+				sdnToOvnBuilder.MasqueradeIpv4(config.OvnInternalSubnetConfiguration[MasqueradeIpv4])
+			}
+			requestBuilder.SdnToOvn(sdnToOvnBuilder)
+		}
+
+		requestBody, err := requestBuilder.Build()
+		if err != nil {
+			return errors.UserWrapf(err, "Unable to create cluster migration request")
+		}
+
+		// Send the request to add a cluster migration.
+		response, err := c.ocm.ClustersMgmt().V1().Clusters().
+			Cluster(cluster.ID()).Migrations().Add().Body(requestBody).Send()
+		if err != nil {
+			return handleErr(response.Error(), err)
+		}
+	}
+
 	if config.HTTPProxy != nil || config.HTTPSProxy != nil || config.NoProxy != nil {
 		clusterProxyBuilder := cmv1.NewProxy()
 		if config.HTTPProxy != nil {

pkg/ocm/migrations.go

@@ -1,10 +1,28 @@
 package ocm
 
 import (
+	"net"
+	"strings"
+
 	cmv1 "github.com/openshift-online/ocm-sdk-go/clustersmgmt/v1"
 	errors "github.com/zgalor/weberr"
 )
 
+const (
+	TransitIpv4    = "transit_ipv4"
+	JoinIpv4       = "join_ipv4"
+	MasqueradeIpv4 = "masquerade_ipv4"
+
+	SubnetConfigTransit    = "transit"
+	SubnetConfigMasquerade = "masquerade"
+	SubnetConfigJoin       = "join"
+
+	OvnInternalSubnetsFlagName = "ovn-internal-subnets"
+	NetworkTypeFlagName        = "network-type"
+	NetworkTypeOvn             = "OVNKubernetes"
+	NetworkTypeOvnAlias        = "OVN-Kubernetes"
+)
+
 func (c *Client) FetchClusterMigrations(clusterId string) (*cmv1.ClusterMigrationsListResponse,
 	error) {
 	collection := c.ocm.ClustersMgmt().V1().Clusters().Cluster(clusterId)
@@ -17,3 +35,43 @@ func (c *Client) FetchClusterMigrations(clusterId string) (*cmv1.ClusterMigratio
 
 	return clusterMigrations, nil
 }
+
+// SDN -> OVN migration key=value parser
+func ParseAndValidateOvnInternalSubnets(internalSubnets string) (map[string]string, error) {
+	subnetMap := make(map[string]string)
+	if internalSubnets == "" || internalSubnets == `""` {
+		return nil, errors.UserErrorf("Expected value for '%s'",
+			OvnInternalSubnetsFlagName)
+	} else {
+		possibleConfigs := strings.Split(internalSubnets, ",")
+		for i, config := range possibleConfigs {
+			// Skip last one if empty, keep the ones leading up to it
+			if config == "" && i == len(possibleConfigs)-1 {
+				continue
+			}
+			if !strings.Contains(config, "=") {
+				return nil, errors.UserErrorf("Expected key=value format for labels")
+			}
+			tokens := strings.Split(config, "=")
+			// Validate key is correct
+			if tokens[0] != SubnetConfigTransit && tokens[0] != SubnetConfigMasquerade && tokens[0] != SubnetConfigJoin {
+				return nil, errors.UserErrorf("Expected 'join', 'transit', or "+
+					"'masquerade' as keys for '%s'", OvnInternalSubnetsFlagName)
+			}
+			// Validate value
+			_, _, err := net.ParseCIDR(tokens[1])
+			if err != nil {
+				return nil, errors.UserErrorf("Expected valid CIDR as value "+
+					"for '%s'", tokens[0])
+			}
+			key := strings.TrimSpace(tokens[0])
+			value := strings.TrimSpace(tokens[1])
+			if _, exists := subnetMap[key]; exists {
+				return nil, errors.UserErrorf("Duplicated subnet configuration key "+
+					"'%s' used", key)
+			}
+			subnetMap[key] = value
+		}
+	}
+	return subnetMap, nil
+}