Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Preserve IP client feature for VCD CPI #2612

Closed
vxav opened this issue Jun 22, 2023 · 7 comments
Closed

Preserve IP client feature for VCD CPI #2612

vxav opened this issue Jun 22, 2023 · 7 comments
Assignees
@erkanerol @vxav
Labels
epic/capvcd team/rocket Team Rocket

Comments

@vxav
Copy link

vxav commented Jun 22, 2023
edited

The customer requires to be able to enable the Preserve Client IP feature on the virtual services backing their ingresses.

This feature can only be enabled when an IP Set is used (Load balancer pool members set to Group) so that would require some changes in the CPI logic and flags as it was added only in VCD 10.4.

If IP Set isn't used in the referenced LB pool, enabling the feature fails with

Error: [ 42e8ac57-8659-4ca9-93eb-802e97bbd658 ] Unable to enable Preserve Client IP for Virtual Service test-NO_RDE_e781ea9d-349d-42b2-8354-26e32f35b89c-tcp as referenced pool test-NO_RDE_e781ea9d-349d-42b2-8354-26e32f35b89c-tcp is not configured with group-based membership.

The workflow would look something like this:

  • Maintain the same global logic for VS and LB creation - but then
  • Create new empty IP set
  • Configure load balancer pool members to group with the IP set
  • Enable Preserve client IP on the virtual service
  • provision nodes .......
  • Add IPs of the nodes to the IP set.

Link to upstream issue
@vxav
Copy link
Author

vxav commented Jun 22, 2023

This need to be discussed with maintainers on 28/06 to understand how much they prioritize it.

If it is low priority for them, we should probably look into implementing it ourselves.

@vxav vxav mentioned this issue Jun 22, 2023
Open
@erkanerol
Copy link
Member

We discussed this yesterday. We will wait for Arun's opinion for a few days.

@erkanerol
Copy link
Member

@vxav Do you know if there is any update regarding this? I

@vxav
Copy link
Author

vxav commented Jul 6, 2023

Waiting for a reply from Arun

@vxav
Copy link
Author

vxav commented Aug 3, 2023

Meeting 02/08:
They haven't looked at your proposal yet as they are busy with other things. They have pretty much no bandwidth to work on anything else than their own agenda.
They will welcome our contribution for this. According to Arun the 2 ways to do this is either:

  • Through configMap which applies to all LBs
  • Through annotation, which is per load balancer

I think the second option is the best as it doesn't break VCD constructs.
Arun mentioned they added integration tests to cpi/csi that we should be using.

@vxav
Copy link
Author

vxav commented Aug 17, 2023

Good news, the customer got the transparent IP to work via Proxy protocol so the Preserve IP client feature is no longer a priority.
This can be deprioritised for the foreseeable future.
Ping @gawertm

@gawertm
Copy link

gawertm commented Aug 22, 2023

closing then for now. if upstream maintainers inform us about this feature being implemented, then we can go back to the customer and use it and they can remove their workaround

@gawertm gawertm closed this as completed Aug 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@erkanerol erkanerol

@vxav vxav

Labels
epic/capvcd team/rocket Team Rocket
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@erkanerol @vxav @gawertm