Bug 2079517: Use externalTrafficPolicy: Cluster with OVN #713
Conversation
openshift-ci
bot
added
do-not-merge/hold
|
@Miciah: This pull request references Bugzilla bug 2060542, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 6 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci
bot
requested review from
anuragthehatter,
ironcladlou and
lmzuccarelli
openshift-ci
bot
added
the
approved
| // externalTrafficPolicy: Local is unsupported by OVN in | ||
| // OpenShift 4.9 and earlier; see | ||
| // <https://bugzilla.redhat.com/show_bug.cgi?id=2060542>. | ||
| if networkType == "OVN-Kubernetes" { |
There was a problem hiding this comment.
its OVNKubernetes, we should probably hardcode tha value as a constant to avoid the typo?
reference: https://github.com/openshift/api/blob/fb6f933bb8d5ce8454a8777c0c4782c193ef5674/operator/v1/types_network.go#L536
There was a problem hiding this comment.
Thanks! I didn't think to check for named constants because the Spec.NetworkType field of the Network type in config/v1/types_network.go is a string type. I wonder whether the field could be changed to use the NetworkType type; I suppose if the same values are allowed, it may be all right to change the type, although it would require changes in any Go code using the Go type definitions.
| @@ -524,8 +530,8 @@ func loadBalancerServiceTagsModified(current, expected *corev1.Service) (bool, * | |||
| // return value is nil. Otherwise, if something or someone else has modified | |||
| // the service, then the return value is a non-nil error indicating that the | |||
| // modification must be reverted before upgrading is allowed. | |||
| func loadBalancerServiceIsUpgradeable(ic *operatorv1.IngressController, deploymentRef metav1.OwnerReference, current *corev1.Service, platform *configv1.PlatformStatus) error { | |||
| want, desired, err := desiredLoadBalancerService(ic, deploymentRef, platform) | |||
| func loadBalancerServiceIsUpgradeable(ic *operatorv1.IngressController, deploymentRef metav1.OwnerReference, current *corev1.Service, platform *configv1.PlatformStatus, networkConfig *configv1.Network) error { | |||
There was a problem hiding this comment.
@danwinship or @squeed : I have always been confused as to when to use the operv1 versus configv1 api for things. Could you please configm if using configv1 ^ is ok here? Seems like for config we support sdn and ovn: https://github.com/openshift/api/blob/d5252bac47154049f80d49eff7fec5bb642be9af/config/v1/types_network.go#L44 and for operator we support the other ones like kuryr etc..sorry for the dumb question, I probably should be knowing these things by now.
There was a problem hiding this comment.
It is confusing that operator/v1/types_network.go defines these named constants, but config/v1/types_network.go just uses a string type.
There was a problem hiding this comment.
@tssurya good question! In this case, it doesn't really matter, because configv1 NetworkType is inferred from configv1. Since configv1 is guaranteed to be set from cluster creation, it is slightly better to use. But it really, really, really doesn't matter.
There was a problem hiding this comment.
It is confusing that
operator/v1/types_network.godefines these named constants [but configv1 doesn't]
That's because you can run a cluster with a third-party network operator - so we need to support arbitrary network types in configv1. But operv1 defines what the openshift cluster network operator supports.
There was a problem hiding this comment.
because configv1 NetworkType is inferred from configv1.
you meant from operv1?
(later)... I see you meant configv1 that users set! got it :)
Since configv1 is guaranteed to be set from cluster creation, it is slightly better to use. But it really, really, really doesn't matter.
ack thanks casey! makes sense. @Miciah so I think we are good here.
|
thanks @Miciah for the quick fix, appreciate it! |
Miciah
force-pushed
the
BZ2060542-use-externalTrafficPolicy-Cluster-with-OVN
branch
from
a777e70
to
fddf13c
Compare
|
Bootstrap failures. |
| // OpenShift 4.9 and earlier; see | ||
| // <https://bugzilla.redhat.com/show_bug.cgi?id=2060542>. | ||
| if networkType == string(operatorv1.NetworkTypeOVNKubernetes) { | ||
| service.Spec.ExternalTrafficPolicy = "Cluster" |
There was a problem hiding this comment.
nit: we could use the https://github.com/kubernetes/kubernetes/blob/e6c093d87ea4cbb530a7b2ae91e54c0842d8308a/pkg/apis/core/types.go#L3672 constant from upstream
Miciah
force-pushed
the
BZ2060542-use-externalTrafficPolicy-Cluster-with-OVN
branch
from
fddf13c
to
15202ad
Compare
|
Failed to launch the cluster: /test e2e-aws-operator |
openshift-ci
bot
added
the
needs-rebase
Miciah
force-pushed
the
BZ2060542-use-externalTrafficPolicy-Cluster-with-OVN
branch
from
15202ad
to
7b3de00
Compare
openshift-ci
bot
removed
the
needs-rebase
|
#711 merged, and I've rebased this PR; ignoring the changes from #711, the diff for this PR is exactly the same but for some line numbers (compare https://github.com/openshift/cluster-ingress-operator/commit/15202ad247d0dedaadec7c2564b60db9800f50ff.patch and https://github.com/openshift/cluster-ingress-operator/commit/7b3de002a1bf5373504d2b5dde2985cec012aecf.patch). |
openshift-ci
bot
removed
the
do-not-merge/hold
|
/hold cancel |
OVN-Kubernetes in OpenShift 4.9 and earlier does not support externalTrafficPolicy: Local, and specifying it is reported to result in imbalanced traffic for some users. This commit checks the cluster network type and sets externalTrafficPolicy: Cluster on the LoadBalancer-type service that the operator creates for ingress if the network type is "OVN-Kubernetes". This commit fixes bug 2079517. https://bugzilla.redhat.com/show_bug.cgi?id=2079517 * pkg/operator/controller/ingress/controller.go (ensureIngressController): Pass the network config to ensureLoadBalancerService and syncIngressControllerStatus. * pkg/operator/controller/ingress/load_balancer_service.go (ensureLoadBalancerService, loadBalancerServiceIsUpgradeable): Add a parameter for the network config. Pass the network type from the network config to desiredLoadBalancerService. (desiredLoadBalancerService): Add a parameter for the network type. Set externalTrafficPolicy: Cluster if the network type is "OVN-Kubernetes". * pkg/operator/controller/ingress/load_balancer_service_test.go (TestDesiredLoadBalancerService): Add a test case for OVN-Kubernetes. * pkg/operator/controller/ingress/status.go (syncIngressControllerStatus): Add a parameter for the network config. Pass the config to computeIngressUpgradeableCondition. (computeIngressUpgradeableCondition): Add a parameter for the network config. Pass the network config to loadBalancerServiceIsUpgradeable. * pkg/operator/controller/ingress/status_test.go (TestComputeIngressUpgradeableCondition): Pass the network type to desiredLoadBalancerService and the network config to computeIngressUpgradeableCondition.
Miciah
force-pushed
the
BZ2060542-use-externalTrafficPolicy-Cluster-with-OVN
branch
from
7b3de00
to
e4aeaf7
Compare
Miciah
changed the title
|
@Miciah: An error was encountered querying GitHub for users with public email (hongli@redhat.com) for bug 2079517 on the Bugzilla server at https://bugzilla.redhat.com. No known errors were detected, please see the full error message for details. Full error message.
non-200 OK status code: 403 Forbidden body: "{\n \"documentation_url\": \"https://docs.github.com/en/free-pro-team@latest/rest/overview/resources-in-the-rest-api#secondary-rate-limits\",\n \"message\": \"You have exceeded a secondary rate limit. Please wait a few minutes before you try again.\"\n}\n"
Please contact an administrator to resolve this issue, then request a bug refresh with In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/retest-required |
| Spec: configv1.NetworkSpec{ | ||
| NetworkType: "OpenShiftSDN", | ||
| }, | ||
| } |
There was a problem hiding this comment.
Normally we would add a new variable to the test case itself, and add a couple of test cases to test the variant values.
|
@Miciah was there any update for e2e tests for this? |
|
Error: Failed to download metadata for repo 'localdev-rhel-8-server-ose-rpms': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried /test e2e-gcp-serial |
|
|
/retest |
|
/lgtm |
Miciah
added
the
backport-risk-assessed
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: candita, Miciah The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
verified with pre-merge test process, see https://bugzilla.redhat.com/show_bug.cgi?id=2079517#c1 |
openshift-ci
bot
added
the
qe-approved
|
/label cherry-pick-approved |
openshift-ci
bot
added
the
cherry-pick-approved
|
@Miciah: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
@Miciah: All pull requests linked via external trackers have merged: Bugzilla bug 2079517 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
OVN-Kubernetes in OpenShift 4.9 and earlier does not support
externalTrafficPolicy: Local, and specifying it is reported to result in imbalanced traffic for some users. This change checks the cluster network type and setsexternalTrafficPolicy: Clusteron the LoadBalancer-type service that the operator creates for ingress if the network type is "OVN-Kubernetes".pkg/operator/controller/ingress/controller.go(ensureIngressController): Pass the network config toensureLoadBalancerServiceandsyncIngressControllerStatus.pkg/operator/controller/ingress/load_balancer_service.go(ensureLoadBalancerService,loadBalancerServiceIsUpgradeable): Add a parameter for the network config. Pass the network type from the network config todesiredLoadBalancerService.(
desiredLoadBalancerService): Add a parameter for the network type. SetexternalTrafficPolicy: Clusterif the network type is "OVN-Kubernetes".pkg/operator/controller/ingress/load_balancer_service_test.go(TestDesiredLoadBalancerService): Add a test case for OVN-Kubernetes.pkg/operator/controller/ingress/status.go(syncIngressControllerStatus): Add a parameter for the network config. Pass the config tocomputeIngressUpgradeableCondition.(
computeIngressUpgradeableCondition): Add a parameter for the network config. Pass the network config toloadBalancerServiceIsUpgradeable.pkg/operator/controller/ingress/status_test.go(TestComputeIngressUpgradeableCondition): Pass the network type todesiredLoadBalancerServiceand the network config tocomputeIngressUpgradeableCondition.This PR includes commits from #711 because we want #711 to merge first, and it includes conflicting changes. The first two commits in this PR can be ignored by reviewers.
/hold
Surya, can you verify that this change is correct? In particular, I want to be sure we're checking the right API field for the right value and that the logic behind this PR is sound at a high level.
/assign @tssurya