Validate when Cilium is in ENI mode that IPv4 is enabled

[soumynathan]

The patch checks the Cilium ENI mode and IPv4 when ENI functions
are called.

Fixes: #11272
Signed-off-by: Swaminathan Vasudevan svasudevan@suse.com

[maintainer-s-little-helper]

Please set the appropriate release note label.

[coveralls]

Coverage decreased (-0.02%) to 37.849% when pulling f62a4a0 on soumynathan:check-ipv4-with-eni-mode into 78739a1 on cilium:master.

[aanm]

if you invert this if statement this function can return earlier and we can avoid touching the remaining code of this function.

[soumynathan]

agreed

[aanm]

if you invert this if statement this function can return earlier and we can avoid touching the remaining code of this function.

[soumynathan]

agreed

[christarazi]

test-me-please

Edit: vagrant failure https://jenkins.cilium.io/job/Cilium-PR-Ginkgo-Tests-Validated/19499/

[christarazi]

Thanks for the PR! Overall, I think the changes are good. There's currently this PR pending which should be merging pretty soon. I'd like to get that in before merging this. #11208

I am wondering though if just validating whether we have option.Config.EnableIPv4 and option.Config.IPAM == option.IPAMENI at the daemon level is enough. We could just have it be fatal if the above condition does not hold. 🤔 /cc @aanm

@joestringer I recall we had a conversation about this in another PR. Any thoughts?

[christarazi]

restart-ginkgo

Edit: weird flake with vagrant index

22:22:10  Pruning vagrant images
22:22:11  The following boxes will be kept...
22:22:11  cilium/ubuntu      (virtualbox, 170)
22:22:11  cilium/ubuntu-4-19 (virtualbox, 12)
22:22:11  cilium/ubuntu-next (virtualbox, 53)
22:22:11  
22:22:11  Checking for older boxes...
22:22:11  The machine index which stores all required information about
22:22:11  running Vagrant environments has become corrupt. This is usually
22:22:11  caused by external tampering of the Vagrant data folder.
22:22:11  
22:22:11  Vagrant cannot manage any Vagrant environments if the index is
22:22:11  corrupt. Please attempt to manually correct it. If you are unable
22:22:11  to manually correct it, then remove the data file at the path below.
22:22:11  This will leave all existing Vagrant environments "orphaned" and
22:22:11  they'll have to be destroyed manually.
22:22:11  
22:22:11  Path: /root/.vagrant.d/data/machine-index/index

[soumynathan]

Thanks for the PR! Overall, I think the changes are good. There's currently this PR pending which should be merging pretty soon. I'd like to get that in before merging this. #11208

I am wondering though if just validating whether we have option.Config.EnableIPv4 and option.Config.IPAM == option.IPAMENI at the daemon level is enough. We could just have it be fatal if the above condition does not hold. /cc @aanm

@joestringer I recall we had a conversation about this in another PR. Any thoughts?

@christarazi @joestringer At the daemon level there is already a check between IPAMMode and IPv6 and throws an error if IPv6 is configured along with IPAMMode, so I think indirectly it is testing for the IPv4 with IPAMMode there. But there was comment in this bug that said that we are not validating in the calling function. Let me know your thoughts.

Also I had added couple of comments in two files where we can split. Let me if that is required.

[christarazi]

Same as the other similar spot.

[christarazi]

restart-ginkgo

[joestringer]

@christarazi @joestringer At the daemon level there is already a check between IPAMMode and IPv6 and throws an error if IPv6 is configured along with IPAMMode, so I think indirectly it is testing for the IPv4 with IPAMMode there. But there was comment in this bug that said that we are not validating in the calling function. Let me know your thoughts.

If we're already validating the commandline arguments to ensure that this case won't be hit, then I think we're satisfying the main concern here. It's slightly nicer to make sure that this errors out if the wrong address type is specified just to future-proof a bit but I wouldn't expect commandline argument combinations to be validated this deep; it should be occurring much earlier in the initial daemon configuration checks.

[christarazi]

Some minor nits. There also seems to be a conflict, please rebase.

[christarazi]

Looking good, a few minor comments. Also, please add test coverage now that there's an extra case for both functions.

[christarazi]

Just a minor change and we should be good to go!

[christarazi]

🎉

[christarazi]

test-me-please

[christarazi]

Added backport label as I'd like to backport this to 1.7 since it'll be a branch we support for a while and this PR has changed code which was recently backported, so it'll be good to keep the divergence to a minimum.