From 7210da356744925e6ee12d347a8d813ba98ece33 Mon Sep 17 00:00:00 2001
From: "M. Oleske" <michael@oleske.engineer>
Date: Fri, 24 May 2024 15:01:41 -0700
Subject: [PATCH] Remove vip usage

---
 jobs/cloud_controller_ng/spec                 | 13 ---------
 .../templates/cloud_controller_ng.yml.erb     | 10 -------
 jobs/cloud_controller_worker/spec             |  8 -----
 .../templates/cloud_controller_ng.yml.erb     | 10 -------
 .../cloud_controller_ng_spec.rb               | 29 -------------------
 5 files changed, 70 deletions(-)

diff --git a/jobs/cloud_controller_ng/spec b/jobs/cloud_controller_ng/spec
index 1229d5950a..5bbd876a24 100644
--- a/jobs/cloud_controller_ng/spec
+++ b/jobs/cloud_controller_ng/spec
@@ -110,10 +110,6 @@ provides:
   - cc.mutual_tls.ca_cert
   - cc.prom_metrics_server_tls_port
   - cc.prom_scraper_tls.ca_cert
-- name: cloud_controller_container_networking_info
-  type: cloud_controller_container_networking_info
-  properties:
-  - cc.internal_route_vip_range
 - name: cloud_controller_internal
   type: cloud_controller_internal
   properties:
@@ -213,7 +209,6 @@ provides:
   - cc.system_hostnames
   - cc.tls_port
   - cc.uaa.client_timeout
-  - cc.internal_route_vip_range
   - cc.volume_services_enabled
   - credhub_api.ca_cert
   - credhub_api.hostname
@@ -1210,14 +1205,6 @@ properties:
     description: "Controls whether CredHub credentials are automatically interpolated in VCAP_SERVICES"
     default: true
 
-  cc.internal_route_vip_range:
-    default: "127.128.0.0/9"
-    description: "The IPv4 CIDR range of virtual IP addresses to be assigned to routes on internal domains.
-                  WARNING: Changing this range is not supported, and has undefined behaviors.
-                  It is recommended to leave this value as the default.
-                  If this range is changed, it is likely the routes on the internal service mesh domain
-                  will need to be recreated."
-
   cc.log_audit_events:
     default: true
     description: "Log audit events"
diff --git a/jobs/cloud_controller_ng/templates/cloud_controller_ng.yml.erb b/jobs/cloud_controller_ng/templates/cloud_controller_ng.yml.erb
index bc0b77953b..1d0b5df92d 100644
--- a/jobs/cloud_controller_ng/templates/cloud_controller_ng.yml.erb
+++ b/jobs/cloud_controller_ng/templates/cloud_controller_ng.yml.erb
@@ -525,16 +525,6 @@ perm:
 max_labels_per_resource: <%= p("cc.max_labels_per_resource") %>
 max_annotations_per_resource: <%= p("cc.max_annotations_per_resource") %>
 
-<%
-  internal_vip_range =  p("cc.internal_route_vip_range")
-  raise StandardError.new("invalid cc.internal_route_vip_range: #{internal_vip_range}") unless internal_vip_range =~ /\A (?:\d{1,3}\.){3} \d{1,3} \/ \d{1,3} \z/x
-
-  parts = internal_vip_range.split(/[\.\/]/).map(&:to_i)
-  raise StandardError.new("invalid cc.internal_route_vip_range: #{internal_vip_range}") if parts[0..3].any? {|x| x > 255} || parts[4] > 32
-%>
-
-internal_route_vip_range: <%= internal_vip_range %>
-
 threadpool_size: <%= p("cc.experimental.thin_server.thread_pool_size") %>
 
 default_app_lifecycle: buildpack
diff --git a/jobs/cloud_controller_worker/spec b/jobs/cloud_controller_worker/spec
index d6ae6fc327..1e2492d462 100644
--- a/jobs/cloud_controller_worker/spec
+++ b/jobs/cloud_controller_worker/spec
@@ -530,14 +530,6 @@ properties:
     description: "Maximum PID limit for containerized work running user-provided code"
     default: 1024
 
-  cc.internal_route_vip_range:
-    default: "127.128.0.0/9"
-    description: "The IPv4 CIDR range of virtual IP addresses to be assigned to routes on internal domains.
-                  WARNING: Changing this range is not supported, and has undefined behaviors.
-                  It is recommended to leave this value as the default.
-                  If this range is changed, it is likely the routes on the internal service mesh domain
-                  will need to be recreated."
-
   cc.loggregator.internal_url:
     description: "Internal URL used to communicate with traffic_controller"
     default: "http://loggregator-trafficcontroller.service.cf.internal:8081"
diff --git a/jobs/cloud_controller_worker/templates/cloud_controller_ng.yml.erb b/jobs/cloud_controller_worker/templates/cloud_controller_ng.yml.erb
index 7e038c9d68..437bf04a75 100644
--- a/jobs/cloud_controller_worker/templates/cloud_controller_ng.yml.erb
+++ b/jobs/cloud_controller_worker/templates/cloud_controller_ng.yml.erb
@@ -331,16 +331,6 @@ perform_blob_cleanup: <%= p("cc.perform_blob_cleanup") %>
 system_domain: <%= p("system_domain") %>
 system_hostnames: <%= link("cloud_controller_internal").p("cc.system_hostnames") %>
 
-<%
-  internal_vip_range =  p("cc.internal_route_vip_range")
-  raise StandardError.new("invalid cc.internal_route_vip_range: #{internal_vip_range}") unless internal_vip_range =~ /\A (?:\d{1,3}\.){3} \d{1,3} \/ \d{1,3} \z/x
-
-  parts = internal_vip_range.split(/[\.\/]/).map(&:to_i)
-  raise StandardError.new("invalid cc.internal_route_vip_range: #{internal_vip_range}") if parts[0..3].any? {|x| x > 255} || parts[4] > 32
-%>
-
-internal_route_vip_range: <%= internal_vip_range %>
-
 disable_private_domain_cross_space_context_path_route_sharing: <%= link("cloud_controller_internal").p("cc.disable_private_domain_cross_space_context_path_route_sharing") %>
 
 max_labels_per_resource: <%= link("cloud_controller_internal").p("cc.max_labels_per_resource") %>
diff --git a/spec/cloud_controller_ng/cloud_controller_ng_spec.rb b/spec/cloud_controller_ng/cloud_controller_ng_spec.rb
index cf819c2153..8b94cccfc8 100644
--- a/spec/cloud_controller_ng/cloud_controller_ng_spec.rb
+++ b/spec/cloud_controller_ng/cloud_controller_ng_spec.rb
@@ -193,35 +193,6 @@ module Test
             end
           end
 
-          describe 'internal route vip range' do
-            it 'has a default range' do
-              rendered_hash = YAML.safe_load(template.render(merged_manifest_properties, consumes: links))
-              expect(rendered_hash['internal_route_vip_range']).to eq('127.128.0.0/9')
-            end
-
-            describe 'when a range is specified in manifest properties' do
-              it 'validates they are valid CIDRs' do
-                merged_manifest_properties['cc']['internal_route_vip_range'] = '10.16.255.0/777'
-                expect do
-                  YAML.safe_load(template.render(merged_manifest_properties, consumes: links))
-                end.to raise_error(StandardError, 'invalid cc.internal_route_vip_range: 10.16.255.0/777')
-              end
-
-              it 'does not allow ipv6 addresses' do
-                merged_manifest_properties['cc']['internal_route_vip_range'] = '2001:0db8:85a3:0000:0000:8a2e:0370:7334/21'
-                expect do
-                  YAML.safe_load(template.render(merged_manifest_properties, consumes: links))
-                end.to raise_error(StandardError, 'invalid cc.internal_route_vip_range: 2001:0db8:85a3:0000:0000:8a2e:0370:7334/21')
-              end
-
-              it 'renders valid CIDRs' do
-                merged_manifest_properties['cc']['internal_route_vip_range'] = '10.16.255.0/24'
-                rendered_hash = YAML.safe_load(template.render(merged_manifest_properties, consumes: links))
-                expect(rendered_hash['internal_route_vip_range']).to eq('10.16.255.0/24')
-              end
-            end
-          end
-
           describe 'database_encryption block' do
             context 'when the database_encryption block is not present' do
               before do