New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for route53 in the us-isob-east-1 region #703
Conversation
Hi @dmc5179. Thanks for your PR. I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/assign @Miciah |
…egions which can change
@@ -142,23 +142,28 @@ func NewProvider(config Config, operatorReleaseVersion string) (*Provider, error | |||
elbConfig := aws.NewConfig().WithRegion(region) | |||
tagConfig := aws.NewConfig() | |||
|
|||
partition, ok := endpoints.PartitionForRegion(endpoints.DefaultPartitions(), region) | |||
if !ok { | |||
return nil, fmt.Errorf("Unable to determine partition from region: %q", region) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't know if it may be better here to continue on with an unknown partition and use the default case in the following switch--as opposed to failing when the partition cannot be determined.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll update the code to use the default case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this change still planned? I also agree that it'd be preferable to use the default for unknown regions, rather than error out
tagConfig = nil | ||
// Do not override the region in C2s | ||
// Do not override the region in C2S or SC2S |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does the AWS behavior in C2S and SC2S follow other partitions where there is one region used for global resources? In particular, if the region used for the cluster is us-iso-west-1, will the us-iso-east-1 region need to be used when querying the resource tagging API for route53 resources?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have to ask AWS about this. I will submit a support case to AWS when I go on site today but might not hear back from them until next week.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I submitted a case to AWS on this topic and heard back today. The "correct" method is to point all route53 requests to route53.c2s.ic.gov but AWS is leaving the route53.us-iso-east-1.c2s.ic.gov alias in place because it has been around for so long that they don't want to break anything by removing it. This means that I need to change the PR because the us-iso-west-1 region will result in route53.us-iso-west-1.cs2.ic.gov which will not exist.
I could change the code to say, if isoB, use route53.sc2s.sgov.gov, if iso use route53.c2s.ic.gov
Thoughts?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think that we need any of the special logic in this switch any more, regardless of the partition. The AWS SDK selects the correct endpoints to use, and we should be making use of the selections made by the SDK.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
cluster-ingress-operator/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
Lines 10893 to 10905 in fe11656
"route53": service{ | |
PartitionEndpoint: "aws-iso-b-global", | |
IsRegionalized: boxedFalse, | |
Endpoints: endpoints{ | |
"aws-iso-b-global": endpoint{ | |
Hostname: "route53.sc2s.sgov.gov", | |
CredentialScope: credentialScope{ | |
Region: "us-isob-east-1", | |
}, | |
}, | |
}, | |
}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suppose we can save the removal of redundant logic for future work.
/lgtm |
/label ok-to-test |
@staebler: The label(s) In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: dmc5179, staebler The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/ok-to-test |
/retest |
@dmc5179: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
This is for https://issues.redhat.com/browse/NE-792 |
Providing doc ack. No doc is required for this PR |
/qe-approved |
/label qe-approved |
/label docs-approved |
Currently the operator defaults to using the us-east-1 region endpoint for route53 in the us-isob-east-1 region which does not work. Add support for the route53 in the us-isob-east-1 region.