[DigitalOcean] Add load balancer support for master HA #8237
Conversation
|
Hi @srikiz. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
needs-ok-to-test
srikiz
force-pushed
the
DO-AddLoadBalancer
branch
from
3dac7a1
to
54292fb
Compare
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
|
@timoreimann - Please review when you get a chance, thanks ! |
|
|
||
| lbSpec := b.Cluster.Spec.API.LoadBalancer | ||
| if lbSpec == nil { | ||
| // Skipping API ELB creation; not requested in Spec |
There was a problem hiding this comment.
ELB is probably from AWS? If so, we should just call it LB in my opinion.
Similar for several other occurrences in this PR.
| return fmt.Errorf("unhandled LoadBalancer type %q", lbSpec.Type) | ||
| } | ||
|
|
||
| loadbalancerName := "api-" + strings.Replace(b.ClusterName(), ".", "-", -1) |
There was a problem hiding this comment.
Nit: we could extract the result of the Replace call into a variable for reusage on the next line.
|
|
||
| // Create LoadBalancer for API ELB | ||
| var loadbalancer *dotasks.LoadBalancer | ||
| { |
There was a problem hiding this comment.
Is there a reason to have the extra scope?
To me it looks like we can get rid of it and use := to define loadbalancer directly.
pkg/resources/digitalocean/cloud.go
Outdated
| // Note that this must match Digital Ocean's lb name | ||
| klog.V(2).Infof("Querying DO to find Loadbalancers for API (%q)", cluster.Name) | ||
|
|
||
| loadBalaners, _, err := c.LoadBalancers().List(context.TODO(), nil) |
There was a problem hiding this comment.
Typo in the first variable name (missing c).
There was a problem hiding this comment.
Is List() from godo and thus needs paging?
There was a problem hiding this comment.
yeah, that was the godo api to retrieve all the load balancers, so needed paging.
| _, err := c.Client.LoadBalancers.Delete(context.TODO(), lb.ID) | ||
|
|
||
| if err != nil { | ||
| return fmt.Errorf("failed to delete load balancer with name %s", lb.Name) |
There was a problem hiding this comment.
Please include err in the output.
| } | ||
|
|
||
| for _, loadbalancer := range loadbalancers { | ||
| if loadbalancer.Name == fi.StringValue(lb.Name) { |
There was a problem hiding this comment.
Do you know if it's also possible to look up an LB by ID? That would allow us to do a single lookup using a different godo method, with no paging necessary whatsoever.
There was a problem hiding this comment.
This really helps, thanks for letting me know. Changed the logic to use LB ID instead.
There was a problem hiding this comment.
We should handle the case where the names don't match, e.g., logging.
I'm not sure I understand why we need the extra check though -- can we think of a case where the ID alone is insufficient?
| } | ||
|
|
||
| klog.Errorf("Error fetching IP Address for lb Name=%s", fi.StringValue(lb.Name)) | ||
| time.Sleep(10 * 3) |
There was a problem hiding this comment.
changed that to 10 seconds with time.Sleep(10 * time.Second)
| return nil, errors.New("IP Address is still empty.") | ||
| } | ||
|
|
||
| func is_ipv4(host string) bool { |
There was a problem hiding this comment.
AFAICS, another way to implement this is to invoke net.ParseIP followed by To4 while checking that we always get a non-nil result on each step. That is,
ip := net.ParseIP(host)
if ip == nil {
return false
}
return ip.To4() != nil| return nil, errors.New("IP Address is still empty.") | ||
| } | ||
|
|
||
| func is_ipv4(host string) bool { |
There was a problem hiding this comment.
Function name style should follow Go, i.e., be called isIPv4.
|
|
||
| address := loadBalancer.IP | ||
|
|
||
| if len(address) > 0 && is_ipv4(address) { |
There was a problem hiding this comment.
I think you can drop the len(address) > 0 check part, it's implicitly checked by is_ipv4.
srikiz
force-pushed
the
DO-AddLoadBalancer
branch
from
54292fb
to
d856dac
Compare
k8s-ci-robot
added
size/L
|
@timoreimann - I have incorporated all the comments. Please have a look when you get a chance. Thanks ! |
|
/test pull-kops-e2e-kubernetes-aws |
pkg/resources/digitalocean/cloud.go
Outdated
| // Note that this must match Digital Ocean's lb name | ||
| klog.V(2).Infof("Querying DO to find Loadbalancers for API (%q)", cluster.Name) | ||
|
|
||
| loadBalancers, _, err := c.LoadBalancers().List(context.TODO(), nil) |
There was a problem hiding this comment.
Does this need paging?
There was a problem hiding this comment.
yeah, I missed that. Updated it.
| } | ||
|
|
||
| for _, loadbalancer := range loadbalancers { | ||
| if loadbalancer.Name == fi.StringValue(lb.Name) { |
There was a problem hiding this comment.
We should handle the case where the names don't match, e.g., logging.
I'm not sure I understand why we need the extra check though -- can we think of a case where the ID alone is insufficient?
Add load balancer fi tasks Add load balancer builder for DO Fix go imports Implement FindIPAddress functionality Add load balancer api ingress status calls Add error checks for FindIPAddress Add delete LB option Update load balancer delete logic Revert make file changes revert utils code changes Revert NewDOCloud changes Remove minor code comments Update with gomod for dependencies
srikiz
force-pushed
the
DO-AddLoadBalancer
branch
from
1c5c54f
to
e440397
Compare
|
@timoreimann - I have incorporated the changes. |
| return nil, fmt.Errorf("load balancer service get request returned error %v", err) | ||
| } | ||
|
|
||
| // do another check to double-sure we are talking to the right load balancer. |
There was a problem hiding this comment.
This comment looks like it's obsolete by now?
| } | ||
|
|
||
| // Loadbalancer = nil if not found | ||
| return nil, nil |
There was a problem hiding this comment.
nit: if we do
if fi.StringValue(lb.ID) == "" {
// Loadbalancer = nil if not found
return nil, nil
}
cloud := c.Cloud.(*digitalocean.Cloud)
lbService := cloud.LoadBalancers()
loadbalancer, _, err := lbService.Get(context.TODO(), fi.StringValue(lb.ID))
[...]then we do not need to intend the if-branch for the case where the LB ID exists. The code also seems easier to read because the check for the empty LB ID and the action we take are not far apart anymore.
(I also moved the cloud and lbService variables next to their usage -- they are not needed unless we have an ID.)
There was a problem hiding this comment.
sure, that's a good suggestion. Updated accordingly.
| loadBalancerService := cloud.LoadBalancers() | ||
|
|
||
| klog.V(10).Infof("Find IP address for load balancer ID=%s", fi.StringValue(lb.ID)) | ||
| loadBalancer, _, err := loadBalancerService.Get(context.TODO(), fi.StringValue(lb.ID)) |
There was a problem hiding this comment.
Are we certain at this point that we have an LB ID? Genuine question as I don't know the kops work flow in this context that well.
There was a problem hiding this comment.
Yes @timoreimann - we are certain we have an LB ID, but not certain about the LB IP Address. FindAddress is only called after RenderDO is invoked - we create a new LB Request in RenderDO that returns a LB ID. We use this LB ID to find if the IP Address is available.
| return &address, nil | ||
| } | ||
|
|
||
| klog.Errorf("Error fetching IP Address for lb Name=%s", fi.StringValue(lb.Name)) |
There was a problem hiding this comment.
Can we match the description with the error below and mention that we are sleeping so that users aren't surprised by the delay, e.g.:
const lbWaitTime = 10 * time.Second
klog.Errorf("IP address for LB %s not yet available -- sleeping %s", fi.StringValue(lb.Name), lbWaitTime)
I also extracted the wait time into a const so that we can reuse it in the actual time.Sleep call.
| return &address, nil | ||
| } | ||
|
|
||
| klog.Errorf("Error fetching IP Address for lb Name=%s", fi.StringValue(lb.Name)) |
There was a problem hiding this comment.
Should we do a klog.Warnf here? The delay should be expected.
| klog.Errorf("Error fetching IP Address for lb Name=%s", fi.StringValue(lb.Name)) | ||
| time.Sleep(10 * time.Second) | ||
|
|
||
| klog.V(10).Infof("Sleeping for 10 seconds") |
There was a problem hiding this comment.
I'd drop this one given my improvement suggestion for the message above.
| return ip.To4() != nil | ||
| } | ||
|
|
||
| // terraformVolume represents the digitalocean_volume resource in terraform |
There was a problem hiding this comment.
This one looks like a trailing comment that shouldn't be here?
|
The E2E failures are unrelated, so we can move forward with this regardless. Thanks! /test pull-kops-e2e-kubernetes-aws /lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rifelpet, srikiz The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/test pull-kops-e2e-kubernetes-aws |
…pstream-release-1.17 Automated cherry pick of #8237: Initial changes for load balancer task
This PR adds load balancer support for digital ocean cloud provider.
It would add a new load balancer based on a cluster master tag.
Incorporated the new load balancer address as part of the kuber config file.
Tested with 3 masters and a load balancer and was able to access the kubernetes cluster via the load balancer address from outside.
Deleting the cluster also deletes the load balancer.
Created a new cluster with the below command
./kops create cluster --cloud=digitalocean --name=dev5.k8s.local --networking=cilium --api-loadbalancer-type=public --master-count=3 --networking=cilium --zones=tor1 --ssh-public-key=~/.ssh/id_rsa.pub -v 10 --yesWill be creating a new PR to add documentation for DO's support to multi-master with gossip based clustering.