Modify the NEG controller to also create NEGs for L4 External Load Ba… #2155
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
k8s-ci-robot
added
the
needs-ok-to-test
|
Hi @mmamczur. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
size/L
|
nit: modify the commit message:
https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html |
| return false | ||
| } | ||
|
|
||
| if val, ok := service.Annotations[RBSAnnotationKey]; ok && val == RBSEnabled { |
There was a problem hiding this comment.
nit: Do you want to add check for ok as well? Like it was done in func WantsL4NetLB(
There was a problem hiding this comment.
I'm not sure what you mean, this code does check the ok variable: ok && val == RBSEnabled
I actually just copied an old function from netlb controller and use this one instead not to duplicate
There was a problem hiding this comment.
but this reminded me that I forgot to remove the old function
There was a problem hiding this comment.
I mean that maybe it's nice to return the error in case it is not ok.
There was a problem hiding this comment.
But I don't have a strong opinion on it
There was a problem hiding this comment.
not ok means the annotation is not present at all, which means the service doesn't have it, that isn't an error state
mmamczur
force-pushed
the
mult-networking-neg-netlb
branch
from
6d972f9
to
bd657d2
Compare
done |
mmamczur
force-pushed
the
mult-networking-neg-netlb
branch
from
bd657d2
to
813d355
Compare
| @@ -371,7 +372,7 @@ func runControllers(ctx *ingctx.ControllerContext) { | |||
| flags.F.NumNegGCWorkers, | |||
| flags.F.EnableReadinessReflector, | |||
| flags.F.RunIngressController, | |||
| flags.F.RunL4Controller, | |||
| flags.F.RunL4Controller || enableNEGsForNetLB, | |||
There was a problem hiding this comment.
discussed offline: RunL4Controller is a name for Run Internal L4 Controller. Usually there is a naming:
- just LB means internal
- NetLB means external
There was a problem hiding this comment.
Does that mean we do not support having ILB subsetting disabled when L4 Net LB negs is enabled?
There was a problem hiding this comment.
I think I forgot to hit send on the comment I wrote before
there is another check to see if the service is really subsetting. So it will be possible to have non subsetting ILBs and multinet at the same time (but legacy ILB won't support multinet so I see no point in doing that)
| return true | ||
| } | ||
| return false | ||
| return annotations.HasRBSAnnotation(svc) || utils.HasL4NetLBFinalizerV2(svc) || lc.hasRBSForwardingRule(svc) |
There was a problem hiding this comment.
I know that this is not related to your change, but maybe you know why do we say that it's RBS if it has Netlb Finalizer? Or it is about the fact that it's Finalizer V2?
There was a problem hiding this comment.
@cezarygerard Could you please elaborate on this logic?
There was a problem hiding this comment.
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
| @@ -371,7 +372,7 @@ func runControllers(ctx *ingctx.ControllerContext) { | |||
| flags.F.NumNegGCWorkers, | |||
| flags.F.EnableReadinessReflector, | |||
| flags.F.RunIngressController, | |||
| flags.F.RunL4Controller, | |||
| flags.F.RunL4Controller || enableNEGsForNetLB, | |||
There was a problem hiding this comment.
Does that mean we do not support having ILB subsetting disabled when L4 Net LB negs is enabled?
| if wantsILB, _ := annotations.WantsL4ILB(service); !wantsILB { | ||
| wantsILB, _ := annotations.WantsL4ILB(service) | ||
| wantsNetLB, _ := annotations.WantsL4NetLB(service) | ||
| needsNEGForNetLB := wantsNetLB && !networkInfo.IsDefault && annotations.HasRBSAnnotation(service) |
There was a problem hiding this comment.
does this mean we only support NEGs for NEGLB if using the non default network?
There was a problem hiding this comment.
yes
The reason for this is that NetLB NEG will not be GA when we preview this. With non multinet NetLB being GA, I don't think we can use backends that are not GA.
There was a problem hiding this comment.
as for the quetion about - subsetting, there is another check https://github.com/kubernetes/ingress-gce/pull/2155/files/813d3551b391e33b4a00a9bb1003555fad0b4ce8#diff-6fdd3264dcdaccfcfd6c0a41aee9fbf719529a11b24c94609de61b1f038306efR599 if wantsILB && !utils.IsSubsettingL4ILBService(service) - the controller will ignore the service if it isn't subsetting ILB
| validateSyncerManagerWithPortInfoMap(t, controller, testServiceNamespace, testServiceName, expectedPortInfoMap) | ||
| validateServiceAnnotationWithPortInfoMap(t, svc, expectedPortInfoMap, expectZones) | ||
|
|
||
| time.Sleep(1 * time.Second) |
There was a problem hiding this comment.
What is the sleep here for?
There was a problem hiding this comment.
I actually copied and modified an existing testcase (check line 414 in this file). I assume it has something to do with waiting before GC?
|
Mostly looks good to me. Just a few clarification questions |
| return true | ||
| } | ||
| return false | ||
| return annotations.HasRBSAnnotation(svc) || utils.HasL4NetLBFinalizerV2(svc) || lc.hasRBSForwardingRule(svc) |
There was a problem hiding this comment.
pkg/neg/controller.go
Outdated
| @@ -589,11 +589,14 @@ func (c *Controller) mergeStandaloneNEGsPortInfo(service *apiv1.Service, name ty | |||
|
|
|||
| // mergeVmIpNEGsPortInfo merges the PortInfo for ILB services using GCE_VM_IP NEGs into portInfoMap | |||
There was a problem hiding this comment.
please update this comment
There was a problem hiding this comment.
this is just bad naming
HasL4NetLBFinalizerV2 maybe it should be HasRBSFinalizer
I haven't touched this function actually, I only moved HasRBSAnnotation to another place
I can rename HasL4NetLBFinalizerV2 but it's not directly related to this change
There was a problem hiding this comment.
please update this comment
updated
|
it's LGTM overall from my side |
The NEG controller should create NEGs for the L4 External Load Balancers that use multinetworking.
mmamczur
force-pushed
the
mult-networking-neg-netlb
branch
from
813d355
to
917c531
Compare
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cezarygerard, mmamczur The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
…lancers that are using multinetworking.