[DualStack] Support NSG and clean LBs #3898
Conversation
k8s-ci-robot
added
release-note
✅ Deploy Preview for kubernetes-sigs-cloud-provide-azure canceled.
|
k8s-ci-robot
added
the
size/XXL
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lzhecheng The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/retest |
k8s-ci-robot
added
the
needs-rebase
k8s-ci-robot
removed
the
needs-rebase
lzhecheng
force-pushed
the
dualstack-nsg
branch
3 times, most recently
from
a81bbfd
to
7217c25
Compare
lzhecheng
force-pushed
the
dualstack-nsg
branch
2 times, most recently
from
669012f
to
ed6e470
Compare
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-capz |
lzhecheng
force-pushed
the
dualstack-nsg
branch
2 times, most recently
from
d814ca9
to
59de6d3
Compare
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-capz |
|
/retest |
lzhecheng
force-pushed
the
dualstack-nsg
branch
2 times, most recently
from
4192a01
to
98a237d
Compare
|
/retest |
lzhecheng
force-pushed
the
dualstack-nsg
branch
2 times, most recently
from
e02069b
to
4ca9b1e
Compare
tests/e2e/network/node.go
Outdated
| @@ -197,7 +197,7 @@ var _ = Describe("Azure node resources", Label(utils.TestSuiteLabelNode), func() | |||
|
|
|||
| utils.Logf("getting all NICs of VMSS VMs") | |||
| for _, vmssVM := range vmssVMs { | |||
| utils.Logf("Checking %d VMSS VM %q", vmssVM.Name) | |||
| utils.Logf("Checking %d VMSS VM %q", *vmssVM.Name) | |||
pkg/provider/azure_vmssflex.go
Outdated
| @@ -989,7 +989,9 @@ func (fs *FlexScaleSet) ensureBackendPoolDeletedFromNode(vmssFlexVMNameMap map[s | |||
| nics[nicName] = nic | |||
| } | |||
| } | |||
| nicUpdaterLock := "nicUpdaterLock" | |||
There was a problem hiding this comment.
+1 atomic.Store() may be better than lock?
There was a problem hiding this comment.
Will update in the other PR and rebase.
| klog.V(2).Infof("IPv6 is not supported for private link service, skip reconcilePrivateLinkService for service(%s)", serviceName) | ||
| return nil | ||
| } | ||
| if !isDualStack { |
| @@ -135,10 +135,10 @@ func (bc *backendPoolTypeNodeIPConfig) CleanupVMSetFromBackendPoolByCondition(sl | |||
| }) | |||
| } | |||
| if v4Enabled { | |||
| findBackendpoolToBeDeleted(false) | |||
| findBackendpoolToBeDeleted(IsIPv4) | |||
There was a problem hiding this comment.
can we call findBackendpoolToBeDeleted directly?
pkg/provider/azure_standard.go
Outdated
| @@ -296,8 +296,8 @@ func getBackendPoolName(clusterName string, isIPv6 bool) string { | |||
| // getBackendPoolNames returns the IPv4 and IPv6 backend pool names. | |||
| func getBackendPoolNames(clusterName string) map[bool]string { | |||
| return map[bool]string{ | |||
| false: getBackendPoolName(clusterName, false), | |||
| true: getBackendPoolName(clusterName, true), | |||
| IsIPv4: getBackendPoolName(clusterName, IsIPv4), | |||
There was a problem hiding this comment.
can we define a enum type for IsIPv4 and IsIPv6? I'm not sure these two variables are mutually exclusive.
There was a problem hiding this comment.
IsIPv4 is actually NotIPv6, so they are mutually exclusive.
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-capz |
|
/test pull-cloud-provider-azure-e2e-ccm-capz |
tests/e2e/network/node.go
Outdated
| @@ -197,7 +197,7 @@ var _ = Describe("Azure node resources", Label(utils.TestSuiteLabelNode), func() | |||
|
|
|||
| utils.Logf("getting all NICs of VMSS VMs") | |||
| for _, vmssVM := range vmssVMs { | |||
| utils.Logf("Checking %d VMSS VM %q", vmssVM.Name) | |||
| utils.Logf("Checking VMSS VM %q", *vmssVM.Name) | |||
There was a problem hiding this comment.
shall we safely refer to this variable securely by invoking to. String?
|
/retest |
pkg/provider/azure_loadbalancer.go
Outdated
| @@ -68,10 +68,10 @@ func (az *Cloud) existsPip(clusterName string, service *v1.Service) bool { | |||
| return existingPip | |||
| } | |||
|
|
|||
| if v4Enabled && !existsPipSingleStack(false) { | |||
| if v4Enabled && !existsPipSingleStack(IsIPv4) { | |||
There was a problem hiding this comment.
I think a better name would be IPVersionIPv4. IsIPv4 sounds like a variable, not a constant.
pkg/provider/azure_loadbalancer.go
Outdated
| // Before DualStack support, old logic takes the first ingress IP as non-additional one | ||
| // and the second one as additional one. With DualStack support, the second IP may be | ||
| // the IP of another IP family so the new logic returns two variables. | ||
| func (az *Cloud) getServiceLoadBalancerStatus(service *v1.Service, lb *network.LoadBalancer) (status *v1.LoadBalancerStatus, lbIPsNoAdditionalPIPs []string, fipConfigs []*network.FrontendIPConfiguration, err error) { |
There was a problem hiding this comment.
is noAdditional means primary?
There was a problem hiding this comment.
It means compared to ingress IPs in status, lbIPsNoAdditionalPIPs doesn't include those IPs from service.beta.kubernetes.io/azure-additional-public-ips annotation.
There was a problem hiding this comment.
Will it be better to replace to primary?
There was a problem hiding this comment.
Yes, NoAdditional seems too straightforward. Replaced.
pkg/provider/azure_utils.go
Outdated
| @@ -34,6 +34,11 @@ import ( | |||
| "sigs.k8s.io/cloud-provider-azure/pkg/consts" | |||
| ) | |||
|
|
|||
| const ( | |||
| IsIPv6 bool = true | |||
lzhecheng
force-pushed
the
dualstack-nsg
branch
2 times, most recently
from
53d35e2
to
813fd2f
Compare
Signed-off-by: Zhecheng Li <zhechengli@microsoft.com>
* Support NSG and clean LBs for dualstack * Support related UTs for dualstack * Refactor Signed-off-by: Zhecheng Li <zhechengli@microsoft.com>
|
/lgtm |
k8s-ci-robot
added
the
lgtm
What type of PR is this?
/kind feature
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: