GCE: Use network project id for firewall/route mgmt and zone listing #48560
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
|
/assign @bowei |
k8s-ci-robot
added
sig/network
k8s-github-robot
added
needs-rebase
| @@ -132,6 +134,7 @@ type Config struct { | |||
| TokenURL string `gcfg:"token-url"` | |||
| TokenBody string `gcfg:"token-body"` | |||
| ProjectID string `gcfg:"project-id"` | |||
| NetworkProjectID string `gcfg:"network-project-id"` | |||
There was a problem hiding this comment.
might want to have a comment here why this is different than ProjectID
There was a problem hiding this comment.
Add documentation about which objects are associated with instances vs network...
| @@ -157,26 +160,38 @@ func (g *GCECloud) GetComputeService() *compute.Service { | |||
| // newGCECloud creates a new instance of GCECloud. | |||
| func newGCECloud(config io.Reader) (*GCECloud, error) { | |||
| apiEndpoint := "" | |||
| projectID, zone, err := getProjectAndZone() | |||
|
|
|||
| // projectNumber is a project identifier known to be numeric | |||
There was a problem hiding this comment.
This comment is somewhat confusing. Probably should expand to something like:
// projectNumber is the numeric identifier. Note: there is also a unique string-based project identifier as well (see https://cloud.google.com/resource-manager/docs/creating-managing-projects#identifying_projects)
| @@ -132,6 +134,7 @@ type Config struct { | |||
| TokenURL string `gcfg:"token-url"` | |||
| TokenBody string `gcfg:"token-body"` | |||
| ProjectID string `gcfg:"project-id"` | |||
There was a problem hiding this comment.
Add comment // ProjectID can either be the numeric or string-based unique identifier that starts with [a-z]
| // Default networkProjectID to known network project number | ||
| networkProjectID := networkProjectNumber | ||
|
|
||
| // Rebuild the network URL |
| networkProjectID = cfg.Global.NetworkProjectID | ||
| } | ||
|
|
||
| // Determine if cluster is on shared VPC network based off config |
There was a problem hiding this comment.
[minor] seems clearer:
... VPC network according to config
| @@ -46,6 +46,8 @@ import ( | |||
| const ( | |||
| ProviderName = "gce" | |||
|
|
|||
| defaultAPIEndpoint = "https://www.googleapis.com/compute/v1/" | |||
There was a problem hiding this comment.
[minor] looks a bit better below if leave off the trailing '/'
| if err != nil { | ||
| return nil, mc.Observe(err) | ||
| } | ||
| return list.Items, mc.Observe(err) | ||
| } | ||
|
|
||
| func (gce *GCECloud) getRegionLink(region string) string { | ||
| return fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%v/regions/%v", gce.projectID, region) | ||
| return fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%v/regions/%v", gce.networkProjectID, region) |
nicksardo
force-pushed
the
gce-network-project
branch
from
0d67e66
to
7f12eb3
Compare
k8s-github-robot
removed
the
needs-rebase
nicksardo
force-pushed
the
gce-network-project
branch
3 times, most recently
from
741c5ea
to
c255635
Compare
nicksardo
force-pushed
the
gce-network-project
branch
from
c255635
to
06e3286
Compare
|
#48574 uses |
|
/test pull-kubernetes-kubemark-e2e-gce |
1 similar comment
|
/test pull-kubernetes-kubemark-e2e-gce |
k8s-ci-robot
added
the
lgtm
|
/assign @vishh |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lavalamp, nicksardo Associated issue: 48515 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
k8s-github-robot
added
the
approved
|
Automatic merge from submit-queue (batch tested with PRs 48497, 48604, 48599, 48560, 48546) |
Revert "Merge pull request #48560 from nicksardo/gce-network-project"
ifconditions: fixes GCE: Config's network name ignored when it's not a url #48521getNetworkNameViaAPICallwhich was used as a last resort for thenetworkURL(if empty) which was previously filled with the metadata network project & name.Release note: