New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Service Load Balancer finalizer support #78262
Conversation
37b0b5a
to
f8c5e6a
Compare
/test all |
b1deee2
to
8cc9c3b
Compare
8cc9c3b
to
c195103
Compare
So I'm having trouble with unit testing:
It seems like the fake kube client doesn't properly support directive delete for patch operation, hence all the test cases that require removing fields failed. As I can confirm the generated patch bytes indeed contain directive:
My current plan is fixing that fake kube client. |
c195103
to
63f0876
Compare
- Always try to remove finalizer upon load balancer cleanup - Add finalizer prior to load balancer creation (feature gated) - Cache logic fix-ups - Event type/message fix-ups - Use runtime.HandleError() on eaten errors Co-authored-by: Josh Horwitz <horwitzja@gmail.com>
0bcc94a
to
64198a4
Compare
@andrewsykim Sorry, I rebased to fix the merge conflict in |
/lgtm |
/retest |
@MrHohn apologies for commenting on this merged PR with a late thought: Is there a need to consider the edge case where the type is changed from It didn't become immediately clear to me by looking at the change, but my familiarity with the code is limited. |
While the object is in a finalization state, I would imagine changing the fields in the object should not have any effect. In other words, the user would have to wait for the finalizers to be done processing and the object has been fully removed before recreating the object. |
@timoreimann No worries at all and thanks for giving thoughts on this. For the case you mentioned (type changed from The first outcome is "Delete and Recreate". It happens if service controller starts processing the The second outcome is "No-op or Reconciling". It happens if service controller hasn't got to process the |
Note that in this case, the behavior in fact stays the same as before this finalizer support. As the LB deletion action is triggered by a type change update, instead of an object deletion with finalizer. But yes, for the cases where the object is in a finalization state, update won't have any effect. |
If proven effective could this be backported til 1.13 ? |
@sylr Unfortunately it seems less likely we will backport a feature to 1.13. |
Backporting to v1.13 will also break backwards compatibility for the finalizer in v1.12. |
What type of PR is this?
/kind feature
What this PR does / why we need it:
KEP link: https://github.com/kubernetes/enhancements/blob/master/keps/sig-network/20190423-service-lb-finalizer.md
This PR adds finalizer protection for service LoadBalancers. It defines an alpha feature gate for the finalizer addition part while the removal part is always on.
Note that is is largely based off of #54569 and #65912. While one significant difference is that I haven't removed the cached service layer given the complexity and risks of hosting both pre-finalizer and with-finalizer control flow logic. Keeping the cache layer makes this easier.
End-to-end tests is being added in #78410.
Which issue(s) this PR fixes:
Fixes #53451. Also ref kubernetes/enhancements#980 and kubernetes/cloud-provider#16.
Special notes for your reviewer:
Does this PR introduce a user-facing change?: