pkg/ipam: dynamically fetch the allocatable ipv4 addresses amount from instance limits #10831
Conversation
|
Commit 0c7a2a8bbb31504ba2e6b060ffce9e56597936e9 does not contain "Signed-off-by". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
maintainer-s-little-helper
bot
added
the
dont-merge/needs-sign-off
|
Please set the appropriate release note label. |
|
Please set the appropriate release note label. |
mvisonneau
force-pushed
the
ipam/maxAllocateFromLimits
branch
from
0c7a2a8
to
53c96a5
Compare
|
Commit 0c7a2a8bbb31504ba2e6b060ffce9e56597936e9 does not contain "Signed-off-by". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
mvisonneau
force-pushed
the
ipam/maxAllocateFromLimits
branch
from
53c96a5
to
79001e3
Compare
|
Commit 0c7a2a8bbb31504ba2e6b060ffce9e56597936e9 does not contain "Signed-off-by". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
|
I have just tested it on an EKS cluster in conjuction with #10786. Only updated the deployment image of the operator: The logs have been dropping instantly 👌
|
joestringer
added
the
release-note/bug
|
Nice! Looks like Travis is failing ( |
|
test-me-please |
|
thanks @joestringer, I reckon it is ready to be reviewed. As it is including 366b94ef4f4d82196b7dfc4cad69e1c498d3ed10 from #10786 I was waiting for it to be merged before though. Do you want to superseed it? |
|
I think github requires the first PR to be merged first, then to rebase this PR once the first one is merged. I note that the various checks have a lot of failures, at the very least I think it's worth digging into what Travis has to say as it has a lower false-positive rate. Glancing at the Also the Maintainer's little helper has provided instructions how to sign off your commits, which is a prerequisite for merging code into Cilium. |
|
Indeed, I'll have a look into this issue right away! Regarding the commits signoff I reckon that both of them already are. unless I missed something 🤔 |
|
Maybe there was a hiccup with the commits signoff checker, they look good to me. It may resolve itself when you rebase / re-push. If this is not the case, we can investigate further. |
mvisonneau
force-pushed
the
ipam/maxAllocateFromLimits
branch
from
79001e3
to
7071b33
Compare
maintainer-s-little-helper
bot
removed
the
dont-merge/needs-sign-off
mvisonneau
force-pushed
the
ipam/maxAllocateFromLimits
branch
4 times, most recently
from
275793c
to
88d08c1
Compare
|
@joestringer thanks for the merge of #10786 🙇 I rebased this one and fixed the failing unit test, it is now ready to be reviewed. |
|
test-me-please failed to provision https://jenkins.cilium.io/job/Cilium-PR-Ginkgo-Tests-Validated/18818/ |
mvisonneau
force-pushed
the
ipam/maxAllocateFromLimits
branch
2 times, most recently
from
880026e
to
c3465b7
Compare
|
Not sure which of @aanm @tgraf @ungureanuvladvictor would be best situated to look over the latest version of the core changes from this PR. |
mvisonneau
force-pushed
the
ipam/maxAllocateFromLimits
branch
3 times, most recently
from
0e419bc
to
7a79f03
Compare
pkg/azure/ipam/node.go
Outdated
|
|
||
| // GetMaximumAllocatableIPv4 returns the maximum amount of IPv4 addresses | ||
| // that can be allocated to the instance | ||
| // TODO: If this is necessary for Azure, need to figure out how to get or |
There was a problem hiding this comment.
The limits for Azure are 256 across a node (also 256 on a NIC). So in total you can every combination but in total across all NICs on a node needs to be max 256.
https://github.com/MicrosoftDocs/azure-docs/blob/master/includes/azure-virtual-network-limits.md#networking-limits---azure-resource-manager for deets on it.
There was a problem hiding this comment.
@ungureanuvladvictor @mvisonneau do you want to address this in this PR or do you think it's more appropriate to split out into a separate PR to enable this functionality on the Azure side?
There was a problem hiding this comment.
I know this went through many iterations so I approved it so it does not stay in the queue much time.
If @mvisonneau wants to fix this I'm happy to take another look.
There was a problem hiding this comment.
oh thanks for the info, I will update it 👍
|
test-me-please |
|
test-gke |
|
Looks like GKE hit known flake #11105 , also GKE is not required to merge the PR. Safe to ignore. |
pkg/azure/ipam/node.go
Outdated
| // TODO: If this is necessary for Azure, need to figure out how to get or | ||
| // compute the limits | ||
| func (n *Node) GetMaximumAllocatableIPv4() int { | ||
| return 0 |
There was a problem hiding this comment.
This can just return InterfaceAddressLimit from pkg/azure/types
There was a problem hiding this comment.
very cool, thanks for the info! I will configure it and try to work on a few additionnal tests 👍
There was a problem hiding this comment.
done, I also added some more tests on both aws and azure functions (TestGetMaximumAllocatableIPv4)
I haven't done any addtional tests on the azure side on how this integrates with the node_manager though.
mvisonneau
force-pushed
the
ipam/maxAllocateFromLimits
branch
from
7a79f03
to
8abf889
Compare
|
test-me-please |
|
test-me-please |
… types limits Signed-off-by: Maxime VISONNEAU <maxime.visonneau@gmail.com>
mvisonneau
force-pushed
the
ipam/maxAllocateFromLimits
branch
from
8abf889
to
0682e48
Compare
|
test-me-please |
ungureanuvladvictor
added
the
integration/cloud
maintainer-s-little-helper
bot
added
the
ready-to-merge
This PR is a follow-up of #10786
It primarily focuses on AWS, dynamically figuring out how many addresses we could potentially be allocated to an instance. This will ensure the
cilium-operatordoes not go into a IP deficit loop whenever all the IPv4s of have been allocated and used.