allow the restclient to contact multiple apiservers #25428
Conversation
k8s-github-robot
added
size/L
mikedanese
force-pushed
the
multi-apiserver-client
branch
from
0e8433b
to
107a45d
Compare
k8s-github-robot
added
the
needs-rebase
mikedanese
force-pushed
the
multi-apiserver-client
branch
from
107a45d
to
c2f21ce
Compare
k8s-github-robot
removed
the
needs-rebase
mikedanese
force-pushed
the
multi-apiserver-client
branch
2 times, most recently
from
a1bce58
to
a7d5f5d
Compare
|
this is turning out to be a pretty big change. I will invest more time into fixing tests if we decide this is an okay thing to do. |
mikedanese
force-pushed
the
multi-apiserver-client
branch
3 times, most recently
from
3355e64
to
78ddf84
Compare
|
Is the intent to make clients know about multiple identical back ends? As a client I find that harder to use than an actual HA/load-balanced server |
|
Forgot to link the issue: #18174, the desire is to use this specifically for kube-proxy and kubelet. Everything else should communicate to the apiserver through the service vip.
This approach requires one less outside dependency and is thus more portable |
|
Overall this approach seems good to me. |
| @@ -58,6 +58,8 @@ type Preferences struct { | |||
| type Cluster struct { | |||
| // Server is the address of the kubernetes cluster (https://hostname:port). | |||
| Server string `json:"server"` | |||
| // Servers is an array of addresses to the kubernetes apiservers with the format: (https://hostname:port) | |||
There was a problem hiding this comment.
Needs doc about how server overrides this. It might be better to make this alternateServers so that it's clear which one should be first
|
Any thoughts if this is a reasonable approach? I selfishly would love to have this in the 1.3 release, but I know the freeze is end of week. If it helps, I could try and take a look at updating the tests. |
|
@aaronlevy I will fix this up today. I'd appreciate you guys verifying the change on your deployment once it's ready. Currently we don't have any multimaster e2e ci setup. |
mikedanese
force-pushed
the
multi-apiserver-client
branch
2 times, most recently
from
614f482
to
d86a29c
Compare
|
When this lands we will test it out in the Openshift multimaster setups.
My primary concern is the signature change for servers []string - that
was ugly in etcd and led to lots of bugs. The only option I could
suggest would be "server" and "alternateServers" which is more complex
to deal with. I'm also concerned with client cert flows, since some
of the patterns we've described might want multiple certs.
|
|
@mikedanese sure, happy to help with multi-master testing. |
mikedanese
force-pushed
the
multi-apiserver-client
branch
from
d86a29c
to
4033ec4
Compare
mikedanese
force-pushed
the
multi-apiserver-client
branch
from
4033ec4
to
8cb313c
Compare
mikedanese
force-pushed
the
multi-apiserver-client
branch
from
8cb313c
to
0548a8e
Compare
k8s-github-robot
added
size/XL
mikedanese
force-pushed
the
multi-apiserver-client
branch
from
0548a8e
to
013e134
Compare
mikedanese
force-pushed
the
multi-apiserver-client
branch
from
013e134
to
1c2cff6
Compare
|
@mikedanese PR needs rebase |
k8s-github-robot
added
the
needs-rebase
|
I've been playing around with this change a bit, and noticed a couple things (also added some minor modifications: 1cdb969).
|
|
Is this still intended for 1.3? |
|
This has missed the cut-off date for 1.3. |
|
GCE e2e build/test passed for commit 1c2cff6. |
|
This PR hasn't been active in 54 days. Will be closed in 35 days. You can add 'keep-open' label to prevent this from happening. |
|
@mikedanese do you plan to work on this in nearest time? Asking because we can not rely on multiple dns records and i could try to fix it myself |
WIP
cc @krousey
fixes #18174