feat: support sharing IP address acorss services by public IP name #4257
Conversation
k8s-ci-robot
added
kind/feature
k8s-ci-robot
added
approved
pkg/provider/azure_loadbalancer.go
Outdated
| @@ -821,20 +821,58 @@ func (az *Cloud) determinePublicIPName(clusterName string, service *v1.Service, | |||
| return "", false, fmt.Errorf("user supplied IP Address %s was not found in resource group %s", loadBalancerIP, pipResourceGroup) | |||
| } | |||
|
|
|||
| func (az *Cloud) findMatchedPIPByLoadBalancerIP(service *v1.Service, loadBalancerIP, pipResourceGroup string) (*network.PublicIPAddress, error) { | |||
| func (az *Cloud) findMatchedPIP(loadBalancerIP, pipName, pipResourceGroup string) (pip *network.PublicIPAddress, err error) { | |||
There was a problem hiding this comment.
I checked the usage and it seems findMatchedPIP finds PIP with LB IP or PIP name. How about returning error if both 2 variables are set or both unset?
There was a problem hiding this comment.
We can cover it in the doc that ip will overweight the name.
There was a problem hiding this comment.
Yes, doc is good for both set.
How about both empty? I think at least a warning is needed. When somehow 2 empty values are passed in, it returns an empty PIP. It will add difficulty when debugging.
There was a problem hiding this comment.
They can't be both empty, we guard outside of the func.
pkg/provider/azure_loadbalancer.go
Outdated
| return pip, nil | ||
| } | ||
|
|
||
| func (az *Cloud) findMatchedPIPByName(pips *[]network.PublicIPAddress, pipName, pipResourceGroup string) (*network.PublicIPAddress, error) { |
There was a problem hiding this comment.
Isn't it getPublicIPAddress()?
There was a problem hiding this comment.
I extract the list call from findMatchedPIPByLoadBalancerIP so that it can reuse.
| return strings.EqualFold(pointer.StringDeref(pip.Name, ""), getServicePIPName(service, isIPV6)) | ||
| } | ||
|
|
||
| func isServiceSelectPIP(service *v1.Service, pip *network.PublicIPAddress, isIPV6 bool) bool { |
There was a problem hiding this comment.
As for the name, how about using own instead of select since we already have serviceOwnsFrontendIP?
There was a problem hiding this comment.
We already have this function.
pkg/provider/azure_loadbalancer.go
Outdated
| return nil, fmt.Errorf("findMatchedPIPByName: failed to find PIP %s in resource group %s", pipName, pipResourceGroup) | ||
| } | ||
|
|
||
| func (az *Cloud) findMatchedPIPByLoadBalancerIP(pips *[]network.PublicIPAddress, loadBalancerIP, pipResourceGroup string) (*network.PublicIPAddress, error) { |
There was a problem hiding this comment.
Since its logic is similar to getPublicIPAddress(), how about moving it to pkg/provider/azure_publicip_repo.go? We already have a large azure_loadbalancer.go
pkg/provider/azure_loadbalancer.go
Outdated
| } | ||
|
|
||
| if pipResourceGroup != "" { | ||
| pip, err = az.findMatchedPIPByName(&pips, pipName, pipResourceGroup) |
There was a problem hiding this comment.
After pip cache code refactored, I don't think we need to put PIPs as a parameter to other methods. We can listPIP in findMatchedPIPByName. Please correct me if I'm wrong @jwtty
There was a problem hiding this comment.
What will be the benefit?
| fip.FrontendIPConfigurationPropertiesFormat != nil && | ||
| fip.FrontendIPConfigurationPropertiesFormat.PublicIPAddress != nil { | ||
| if strings.EqualFold(pointer.StringDeref(pip.ID, ""), pointer.StringDeref(fip.PublicIPAddress.ID, "")) { | ||
| klog.V(6).Infof("publicIPOwnsFrontendIP:found secondary service %s of the frontend IP config %s", service.Name, *fip.Name) |
There was a problem hiding this comment.
| klog.V(6).Infof("publicIPOwnsFrontendIP:found secondary service %s of the frontend IP config %s", service.Name, *fip.Name) | |
| klog.V(6).Infof("publicIPOwnsFrontendIP: found secondary service %s of the frontend IP config %s", service.Name, pointer.StringDeref(fip.Name, "")) |
There was a problem hiding this comment.
This is not the new code, and the name and id of any azure resource cannot be empty, so we can keep this safely.
| @@ -362,6 +362,22 @@ func (az *Cloud) serviceOwnsRule(service *v1.Service, rule string) bool { | |||
| return strings.HasPrefix(strings.ToUpper(rule), strings.ToUpper(prefix)) | |||
| } | |||
|
|
|||
| func publicIPOwnsFrontendIP(service *v1.Service, fip *network.FrontendIPConfiguration, pip *network.PublicIPAddress) bool { | |||
| if pip != nil && | |||
| pip.ID != nil && | |||
There was a problem hiding this comment.
Since pointer.StringDeref is used on L373, I don't think this check is needed any more?
There was a problem hiding this comment.
Ditto, I personally do not intend to change existing code.
| fip != nil && | ||
| fip.FrontendIPConfigurationPropertiesFormat != nil && | ||
| fip.FrontendIPConfigurationPropertiesFormat.PublicIPAddress != nil { | ||
| if strings.EqualFold(pointer.StringDeref(pip.ID, ""), pointer.StringDeref(fip.PublicIPAddress.ID, "")) { |
There was a problem hiding this comment.
I think we need to make sure ID is not an empty string.
k8s-ci-robot
added
size/XXL
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: feiskyer, nilo19 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind feature
What this PR does / why we need it:
We used to support sharing one pip across services by setting the IP address. This PR supports sharing by pip name.
Which issue(s) this PR fixes:
Fixes #4243
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: