New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: support sharing IP address acorss services by public IP name #4257
feat: support sharing IP address acorss services by public IP name #4257
Conversation
pkg/provider/azure_loadbalancer.go
Outdated
@@ -821,20 +821,58 @@ func (az *Cloud) determinePublicIPName(clusterName string, service *v1.Service, | |||
return "", false, fmt.Errorf("user supplied IP Address %s was not found in resource group %s", loadBalancerIP, pipResourceGroup) | |||
} | |||
|
|||
func (az *Cloud) findMatchedPIPByLoadBalancerIP(service *v1.Service, loadBalancerIP, pipResourceGroup string) (*network.PublicIPAddress, error) { | |||
func (az *Cloud) findMatchedPIP(loadBalancerIP, pipName, pipResourceGroup string) (pip *network.PublicIPAddress, err error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I checked the usage and it seems findMatchedPIP
finds PIP with LB IP or PIP name. How about returning error if both 2 variables are set or both unset?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can cover it in the doc that ip will overweight the name.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, doc is good for both set.
How about both empty? I think at least a warning is needed. When somehow 2 empty values are passed in, it returns an empty PIP. It will add difficulty when debugging.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
They can't be both empty, we guard outside of the func.
pkg/provider/azure_loadbalancer.go
Outdated
return pip, nil | ||
} | ||
|
||
func (az *Cloud) findMatchedPIPByName(pips *[]network.PublicIPAddress, pipName, pipResourceGroup string) (*network.PublicIPAddress, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Isn't it getPublicIPAddress()
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I extract the list call from findMatchedPIPByLoadBalancerIP so that it can reuse.
return strings.EqualFold(pointer.StringDeref(pip.Name, ""), getServicePIPName(service, isIPV6)) | ||
} | ||
|
||
func isServiceSelectPIP(service *v1.Service, pip *network.PublicIPAddress, isIPV6 bool) bool { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As for the name, how about using own
instead of select
since we already have serviceOwnsFrontendIP
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We already have this function.
pkg/provider/azure_loadbalancer.go
Outdated
return nil, fmt.Errorf("findMatchedPIPByName: failed to find PIP %s in resource group %s", pipName, pipResourceGroup) | ||
} | ||
|
||
func (az *Cloud) findMatchedPIPByLoadBalancerIP(pips *[]network.PublicIPAddress, loadBalancerIP, pipResourceGroup string) (*network.PublicIPAddress, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since its logic is similar to getPublicIPAddress()
, how about moving it to pkg/provider/azure_publicip_repo.go
? We already have a large azure_loadbalancer.go
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will do.
pkg/provider/azure_loadbalancer.go
Outdated
} | ||
|
||
if pipResourceGroup != "" { | ||
pip, err = az.findMatchedPIPByName(&pips, pipName, pipResourceGroup) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After pip cache code refactored, I don't think we need to put PIPs as a parameter to other methods. We can listPIP
in findMatchedPIPByName
. Please correct me if I'm wrong @jwtty
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What will be the benefit?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few suggestions about memory leak.
fip.FrontendIPConfigurationPropertiesFormat != nil && | ||
fip.FrontendIPConfigurationPropertiesFormat.PublicIPAddress != nil { | ||
if strings.EqualFold(pointer.StringDeref(pip.ID, ""), pointer.StringDeref(fip.PublicIPAddress.ID, "")) { | ||
klog.V(6).Infof("publicIPOwnsFrontendIP:found secondary service %s of the frontend IP config %s", service.Name, *fip.Name) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
klog.V(6).Infof("publicIPOwnsFrontendIP:found secondary service %s of the frontend IP config %s", service.Name, *fip.Name) | |
klog.V(6).Infof("publicIPOwnsFrontendIP: found secondary service %s of the frontend IP config %s", service.Name, pointer.StringDeref(fip.Name, "")) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not the new code, and the name and id of any azure resource cannot be empty, so we can keep this safely.
@@ -362,6 +362,22 @@ func (az *Cloud) serviceOwnsRule(service *v1.Service, rule string) bool { | |||
return strings.HasPrefix(strings.ToUpper(rule), strings.ToUpper(prefix)) | |||
} | |||
|
|||
func publicIPOwnsFrontendIP(service *v1.Service, fip *network.FrontendIPConfiguration, pip *network.PublicIPAddress) bool { | |||
if pip != nil && | |||
pip.ID != nil && |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since pointer.StringDeref
is used on L373, I don't think this check is needed any more?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ditto, I personally do not intend to change existing code.
fip != nil && | ||
fip.FrontendIPConfigurationPropertiesFormat != nil && | ||
fip.FrontendIPConfigurationPropertiesFormat.PublicIPAddress != nil { | ||
if strings.EqualFold(pointer.StringDeref(pip.ID, ""), pointer.StringDeref(fip.PublicIPAddress.ID, "")) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to make sure ID is not an empty string.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: feiskyer, nilo19 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind feature
What this PR does / why we need it:
We used to support sharing one pip across services by setting the IP address. This PR supports sharing by pip name.
Which issue(s) this PR fixes:
Fixes #4243
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: