New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ingress resource V0.2 #14459
Ingress resource V0.2 #14459
Conversation
692dad0
to
0f9812b
Compare
GCE e2e build/test passed for commit 692dad070cd04054feebd5266347df82b8a63745. |
Labelling this PR as size/XXL |
GCE e2e build/test passed for commit 0f9812b26a3f6a27eac2aea6593607e7ea1920eb. |
0f9812b
to
3c2c0d2
Compare
GCE e2e build/test passed for commit 3c2c0d246abaaaddc25eb4863078d3f1dd9503e3. |
Backend IngressBackend `json:"backend"` | ||
} | ||
|
||
// IngressBackend describes all endpoints for a given Service, port and protocol. | ||
// IngressBackend describes all endpoints for a given Service and port. | ||
type IngressBackend struct { | ||
// Specifies the referenced service. | ||
ServiceRef api.LocalObjectReference `json:"serviceRef"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LocalObjectReference has one field - Name. We have mixed conventions on this. Some places that reference another object in the same namespace say "FooName string" and others say "FooRef LocalObjectreference".
I prefer FooName for terseness.
@bgrant0607 I don't want you do to a full API review, just answer this one point where I argue with myself. ServiceRef or ServiceName?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I vote for Ref > Name
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ServiceName is fine if you don't expect to extend this to refer to services in other namespaces or to other kinds of resources.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ref = another object in api (regardless of typeof(ref)), that seems clear to me from a usability perspective. I initially had it as ServiceName string
, but in theory we could grow the local object ref, or create another object ref to contain more information (like object meta?) and that would be useful here.
Don't feel strongly eitherway, so defer back to @thockin for final call.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We decided on just ServiceName for now, to reduce yaml chatter
3c2c0d2
to
1c84252
Compare
I'm not clear why we need multiple hosts per ingress. Why not just make a new ingress? The only thing they share is a name, and they could easily share a label instead. Given that the rules are ordered, you don't need an explicit default service ref. Just put one at the end of the rule list with a nil or "/" path so that it catches everything not caught by previous rules. It seems like we could flatten and simplify the API significantly to improve UX. How about:
Example usage:
|
1c84252
to
389b326
Compare
Atomic updates for all urls associated with a site, blue green deployment type thing for maps.google.com, apis.google.com and so on (some discussion on #561).
I mean yeah, you can say everyone should have a catchall rule, but:
Yeah we discussed something like this in #13947 (comment), tldr being we want a resource that addresses Ingress, not just HTTP L7 Ingress, so it needs to be usable for defining L4, L7 and any other usecase that comes up that might or might not need paths (hence the IngressRule -> HTTPIngressRule bit). Things like SNI at L4 get a lot harder to think about if you have a flat url based structure. The eventual goal (hopefully eventual == 1.2) is to dovetail the TCP loadbalancer stuff into this. In theory you can have just one resource that has a mix of tcp and http rules, just like a off the shelf loadbalancer. |
GCE e2e build/test passed for commit 1c842524234c42f2cc5d31688ec3d6776c91cdad. |
@karlkfi We essentially have your resource, the default backend is optional. The reason we don't have rules going straight to a list of paths is #14459 (comment) (i.e we might, before this leaves experimental). |
Working through the alternate API proposal above, I got the feeling that the naming doesn't match the structure. An API resource called "Ingress" sounds like it should be from the perspective of a single Service. It's so much easier to talk about "Ingress routes to a Service", rather than the way the PR proposes, which is a many-to-many relationship or one-to-many relationship from Host(s) to Service Ports. I feel like the proposed structure (both mine and the PRs) is more closely describing a set of edge router rules where the router has a Host (like a static IP or dns) and can route/proxy port/paths permutations to different service ports. It seems like either the name should change to match the structure (e.g. Route or Router) or the structure should change to match the name (many-to-one Hosts to Service). |
func deleteIngress(expClient client.ExperimentalInterface, ns string) error { | ||
items, err := expClient.Ingress(ns).List(labels.Everything(), fields.Everything()) | ||
if err != nil { | ||
return err |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since we don't yet have a flag, do not return an error if you get a 404
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, it's either all or nothing, i mean the apiserver either has all experimental resources (exp=true) or doesn't. We're only in trouble if the controller manager is started with one of the exp flags and the apiserver isn't, in which case the autoscaler itself will fail. We have disjoint sets of flags that denote the same thing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, this is fine. I couldn't tell easily on phone if this was in the
experimental if block. Thanks!
On Monday, September 28, 2015, Prashanth B notifications@github.com wrote:
In pkg/controller/namespace/namespace_controller.go
#14459 (comment)
:@@ -478,3 +482,17 @@ func deleteDeployments(expClient client.ExperimentalInterface, ns string) error
}
return nil
}
+
+func deleteIngress(expClient client.ExperimentalInterface, ns string) error {
- items, err := expClient.Ingress(ns).List(labels.Everything(), fields.Everything())
- if err != nil {
return err
Hmm, it's either all or nothing, i mean the apiserver either has all
experimental resources (exp=true) or doesn't. We're only in trouble if the
controller manager is started with one of the exp flags and the apiserver
isn't, in which case the autoscaler itself will fail. We have disjoint sets
of flags that denote the same thing.—
Reply to this email directly or view it on GitHub
https://github.com/kubernetes/kubernetes/pull/14459/files#r40623670.
@k8s-bot test this please |
Unit, integration and GCE e2e test build/test passed for commit be094eaa976c454c63ba0525c16aa3f1827f69db. |
Tim, trap is green |
be094ea
to
c148332
Compare
Unit, integration and GCE e2e test build/test passed for commit c148332. |
LGTM was before last commit, removing LGTM |
@k8s-bot test this [submit-queue is verifying that this PR is safe to merge] |
Unit, integration and GCE e2e test build/test passed for commit c148332. |
Automatic merge from submit-queue |
Auto commit by PR queue bot
…4459-upstream-release-1.1 Automated cherry pick of #14459
…pick-of-#14459-upstream-release-1.1 Automated cherry pick of kubernetes#14459
…pick-of-#14459-upstream-release-1.1 Automated cherry pick of kubernetes#14459
Eg:
One can create an Ingress with either a default backend, ingress rules, or both but not neither.
Kubectl get ing:
#13947 #12827 #561