-
Notifications
You must be signed in to change notification settings - Fork 38.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deprecate Service.Spec.LoadBalancerIP #107235
Deprecate Service.Spec.LoadBalancerIP #107235
Conversation
@uablrek: This issue is currently awaiting triage. If a SIG or subproject determines this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/assign @thockin |
This PR may require API review. If so, when the changes are ready, complete the pre-review checklist and request an API review. Status of requested reviews is tracked in the API Review project. |
@liggitt do we need to add code for adding the warning headers? any pointer? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: thockin, uablrek The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
The Kubernetes project has merge-blocking tests that are currently too flaky to consistently pass. This bot retests PRs for certain kubernetes repos according to the following rules:
You can:
/retest |
@thockin @uablrek it seems that this fields is in use by all the cloud providers and the warning about removal is forcing them to move to annotations kubernetes/cloud-provider-gcp#371 I don't know if we can do a breaking change like that of removing it in the future, should we relax the wording ? |
I think that's the intention. I assume no cloud provider just use the LoadBalancerIP address without other configurations as well, so this really is a cloud provider specific setting and should be an annotation. |
But I don't think we can remove it without breaking users and keep compatibility with old clients?
@liggitt @thockin is realistic we can remove this field without going through a large process of deprecation? |
Agree we would not drop the field, but marking it deprecated/undefined behavior is fair game. |
Just to avoid more confusion on this topic, deprecating API and remove fields on GA APIs has to obey some rules See API changes https://kubernetes.io/docs/concepts/overview/kubernetes-api/#api-changes
See the rules https://kubernetes.io/docs/reference/using-api/deprecation-policy/#deprecating-parts-of-the-api
|
Related to jenkins-infra/helpdesk#3351 (comment) This PR adds a DNS record for the private Nginx ingress of the `publick8s` cluster. It's required to migrate keycloak (which exposes the `admin.accounts.jenkins.io` ingress through the private-nginx). Please note the following elements: - Nit: this PR renames the 2 terraform resources for the existing DNS records of the public loadbalancer, to have homogeneous names - Will need a subsequent PR to delete the `moved` blocks once applied - The private IP is written "raw": automation of this could be done through [AKS](https://learn.microsoft.com/en-us/azure/aks/static-ip#apply-a-dns-label-to-the-service) or as seen below, but it's not needed immediatly at all: - The change of value for this one does not happen often (once?) so automation value is not obvious on short term - The IP is created AFTER the whole cluster initialization, when the `private-nginx` helm release is installed for the first time: it dynamically allocates the IP in the private network as per a Kubernetes event: liefcylce is NOT coupeld to terraform - Automation could be to manage the private Azure LB as a Terraform resource and pass it as an argument to the private-nginx helm-release (like it's done witht the public one). But kubernetes/kubernetes#107235 shows that the `loadBalancdrIP` field for Service is uncertain (so another reason to delay automation) - No IPv6 DNS record for the private ingress. We don't need toi use Ipv6 today to reach these internal services. Signed-off-by: Damien Duportal <damien.duportal@gmail.com>
required, as spec.loadBalancerIP is deprecated kubernetes/kubernetes#107235
… use annotations (#650) **Description** <!-- Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change. --> ⚒️ Fixes # <!--(issue)--> kubernetes/kubernetes#107235 ```sh Failed to allocate IP for "ix-blocky/blocky-dot": service can not have both metallb.universe.tf/loadBalancerIPs and svc.Spec.LoadBalancerIP ``` **⚙️ Type of change** - [ ] ⚙️ Feature/App addition - [x] 🪛 Bugfix - [ ]⚠️ Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] 🔃 Refactor of current code **🧪 How Has This Been Tested?** <!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration --> **📃 Notes:** <!-- Please enter any other relevant information here --> **✔️ Checklist:** - [x] ⚖️ My code follows the style guidelines of this project - [x] 👀 I have performed a self-review of my own code - [x] #️⃣ I have commented my code, particularly in hard-to-understand areas - [ ] 📄 I have made corresponding changes to the documentation - [x]⚠️ My changes generate no new warnings - [x] 🧪 I have added tests to this description that prove my fix is effective or that my feature works - [x] ⬆️ I increased versions for any altered app according to semantic versioning **➕ App addition** If this PR is an app addition please make sure you have done the following. - [ ] 🪞 I have opened a PR on [truecharts/containers](https://github.com/truecharts/containers) adding the container to TrueCharts mirror repo. - [ ] 🖼️ I have added an icon in the Chart's root directory called `icon.png` --- _Please don't blindly check all the boxes. Read them and only check those that apply. Those checkboxes are there for the reviewer to see what is this all about and the status of this PR with a quick glance._
What type of PR is this?
/kind documentation
/kind deprecation
/sig network
What this PR does / why we need it:
Service.Spec.LoadBalancerIP can't be used for dual-stack services. A plural LoadBalancerIPs was proposed in PR1992. The discussions around that PR revealed that the Service.Spec.LoadBalancerIP field was under-specified and and its meaning varies across implementations. So the final proposal was to deprecate Service.Spec.LoadBalancerIP rather than introducing a plural LoadBalancerIPs.
Which issue(s) this PR fixes:
None
Special notes for your reviewer:
Please read the comments in PR1992.
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: