[IPv6] Fix reconcileFrontendIPConfigs() #3914
Conversation
k8s-ci-robot
added
release-note
✅ Deploy Preview for kubernetes-sigs-cloud-provide-azure canceled.
|
k8s-ci-robot
added
the
size/L
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lzhecheng The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-capz |
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-capz |
pkg/provider/azure_loadbalancer.go
Outdated
| handleFrontendIPConfig := func(isIPv6 bool) error { | ||
| ownedFIPConfig, toDeleteConfigsSingleStack, changed, newConfigs, err := az.reconcileFrontendIPConfigsSingleStack(clusterName, service, lb, lbStatus, wantLb, isIPv6, lbFrontendIPConfigName[isIPv6], &subnet) | ||
| ownedFIPConfig, toDeleteConfigsSingleStack, changed, newConfigs, err := az.reconcileFrontendIPConfigsSingleStack(clusterName, service, lb, lbStatus, wantLb, isIPv6, newConfigs[isIPv6], lbFrontendIPConfigName[isIPv6], &subnet) |
There was a problem hiding this comment.
Since we have had lb here in the parameters, why bother to build a list fip configs outside of the function?
There was a problem hiding this comment.
Because vXEnabled -> handleFrontendIPConfig() -> reconcileFrontendIPConfigsSingleStack().
If the Service is single stack, we need to handle the newConfigs of the other IP family outside.
lzhecheng
force-pushed
the
fix-ipv6-fip
branch
3 times, most recently
from
66a7f31
to
1c4679d
Compare
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-capz |
|
LGTM |
pkg/provider/azure_utils.go
Outdated
| } | ||
| if pip.PublicIPAddressPropertiesFormat != nil { | ||
| if exist && pip.PublicIPAddressPropertiesFormat != nil { |
There was a problem hiding this comment.
Is it possible that the ipv6 public IP has not yet been created?
There was a problem hiding this comment.
It won't. One evidence is that the warning in isFIPIPv6() shouldn't appear in CCM log: "Checking IP Family of frontend IP configuration %q but it is not clear. It's considered to be IPv4".
pkg/provider/azure_utils.go
Outdated
| } | ||
|
|
||
| klog.Errorf("Checking IP Family of frontend IP configuration %q but it is not clear. It's considered to be IPv4", pointer.StringDeref(fip.Name, "")) |
There was a problem hiding this comment.
It should be Warningf here.
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
/hold |
k8s-ci-robot
added
the
do-not-merge/hold
|
/retest |
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-capz |
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-vmss-capz |
|
/test pull-cloud-provider-azure-e2e-ccm-vmss-capz |
|
/retest |
2 similar comments
|
/retest |
|
/retest |
| expectedDirty bool | ||
| expectedFIPs []network.FrontendIPConfiguration | ||
| }{ | ||
| { |
There was a problem hiding this comment.
can you add a test case for reconciling existing configs owned by the service without touching the others?
There was a problem hiding this comment.
also add some negative cases please
pkg/provider/azure_utils.go
Outdated
| // First check private | ||
| // For an external LB, the FIP's private IP address is empty. The logic will | ||
| // go through this part and check public IP address then. | ||
| if fip.FrontendIPConfigurationPropertiesFormat != nil { |
There was a problem hiding this comment.
I checked all the refs of this function. If we can make sure the fip is always owned by the service, the pip check is not needed.
There was a problem hiding this comment.
The FIP also needs to be isPrimaryService==true. If it is the secondary Service, I think the pip check is still needed.
There was a problem hiding this comment.
If the fip is owned by a single stack service, we can check the service instead of pip, no matter if it is primary or secondary.
There was a problem hiding this comment.
It makes sense for single stack svc. Updated.
lzhecheng
force-pushed
the
fix-ipv6-fip
branch
2 times, most recently
from
8169b11
to
98b7615
Compare
Have the test finished? |
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-capz @feiskyer the tests are manually triggered like above. Those runs before were successful |
Signed-off-by: Zhecheng Li <zhechengli@microsoft.com>
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-capz |
Current logic handles lb.FrontendIPConfigurations according to Service's IP family, which is incorrect. For an IPv6 cluster, there're still some IPv4 FIPs due to Azure limitation, which will be removed. For an IPv4 cluster, all resources are of IPv4, which is not affected. Signed-off-by: Zhecheng Li <zhechengli@microsoft.com>
|
/test pull-cloud-provider-azure-e2e-ccm-ipv6-capz |
|
/retest |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
| if err := az.fillSubnet(subnet, *subnetName); err != nil { | ||
| return false, err | ||
| if subnet == nil { | ||
| return false, fmt.Errorf("isFrontendIPChanged: Unexpected nil subnet") |
There was a problem hiding this comment.
nit: can we include subnet name in the error msg?
There was a problem hiding this comment.
Let's do it in the next PR.
|
/unhold |
k8s-ci-robot
removed
the
do-not-merge/hold
|
/retest |
What type of PR is this?
/kind bug
What this PR does / why we need it:
[IPv6] Fix reconcileFrontendIPConfigs(). Current logic handles lb.FrontendIPConfigurations according to Service's IP family, which is incorrect. For an IPv6 cluster, there're still some IPv4 FIPs due to Azure limitation, which will be removed. For an IPv4 cluster, all resources are of IPv4, which is not affected.
Which issue(s) this PR fixes:
Fixes #4038
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: