New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
allow the restclient to contact multiple apiservers #25428
Conversation
0e8433b
to
107a45d
Compare
107a45d
to
c2f21ce
Compare
a1bce58
to
a7d5f5d
Compare
this is turning out to be a pretty big change. I will invest more time into fixing tests if we decide this is an okay thing to do. |
3355e64
to
78ddf84
Compare
Is the intent to make clients know about multiple identical back ends? As a client I find that harder to use than an actual HA/load-balanced server |
Forgot to link the issue: #18174, the desire is to use this specifically for kube-proxy and kubelet. Everything else should communicate to the apiserver through the service vip.
This approach requires one less outside dependency and is thus more portable |
Overall this approach seems good to me. |
@@ -58,6 +58,8 @@ type Preferences struct { | |||
type Cluster struct { | |||
// Server is the address of the kubernetes cluster (https://hostname:port). | |||
Server string `json:"server"` | |||
// Servers is an array of addresses to the kubernetes apiservers with the format: (https://hostname:port) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Needs doc about how server overrides this. It might be better to make this alternateServers so that it's clear which one should be first
Any thoughts if this is a reasonable approach? I selfishly would love to have this in the 1.3 release, but I know the freeze is end of week. If it helps, I could try and take a look at updating the tests. |
@aaronlevy I will fix this up today. I'd appreciate you guys verifying the change on your deployment once it's ready. Currently we don't have any multimaster e2e ci setup. |
614f482
to
d86a29c
Compare
When this lands we will test it out in the Openshift multimaster setups.
My primary concern is the signature change for servers []string - that
was ugly in etcd and led to lots of bugs. The only option I could
suggest would be "server" and "alternateServers" which is more complex
to deal with. I'm also concerned with client cert flows, since some
of the patterns we've described might want multiple certs.
|
@mikedanese sure, happy to help with multi-master testing. |
d86a29c
to
4033ec4
Compare
4033ec4
to
8cb313c
Compare
8cb313c
to
0548a8e
Compare
0548a8e
to
013e134
Compare
013e134
to
1c2cff6
Compare
@mikedanese PR needs rebase |
I've been playing around with this change a bit, and noticed a couple things (also added some minor modifications: 1cdb969).
|
Is this still intended for 1.3? |
This has missed the cut-off date for 1.3. |
GCE e2e build/test passed for commit 1c2cff6. |
This PR hasn't been active in 54 days. Will be closed in 35 days. You can add 'keep-open' label to prevent this from happening. |
@mikedanese do you plan to work on this in nearest time? Asking because we can not rely on multiple dns records and i could try to fix it myself |
WIP
cc @krousey
fixes #18174