New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
vSphere: zonal with external lb #1277
Conversation
Skipping CI for Draft Pull Request. |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Currently working with haproxy and zonal, with changes to the installer. Obviously this isn't complete just a test. |
Describes the requirements for a MVP implementation of a external lb and the use of multiple subnets.
5ff57cb
to
2e33b46
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know we have similar requests for other on-prem platforms (https://issues.redhat.com/browse/OPNET-14 ) so I'd be interested in a cross-platform solution to this. My thought was less removing all of the IPI components and making it behave like UPI, and more allow the DNS records to be pointed at an external loadbalancer.
That said I don't know all the details about your use cases. There are situations my idea would not support.
|
||
## Summary | ||
|
||
The goal of this enhancement is to provide the ability to install vSphere IPI zonal on separate L2 segments. As of this writing the only way to |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this distinct from the remote workers functionality that we already have for baremetal? AFAIK that should already work for vsphere, we just haven't tested it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ingress was resolved for vsphere
https://issues.redhat.com/browse/SPLAT-409
The scope is install time use of a external lb without the static pods of IPI with support for api and ingress.
@jcpowermac: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
||
## Summary | ||
|
||
The goal of this enhancement is to provide the ability to install vSphere IPI zonal on separate L2 segments without the static pods (keepalived, haproxy, coredns). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why without coredns?
|
||
### MCO | ||
|
||
The existing switch to deploy keepalived, haproxy and coredns static pods in the machine config operator is the apivip variable. This would change to be the Infrastructure status parameter: `LoadBalancerType`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
for all on prem platforms or only for vsphere?
I would prefer to have it a generic enhancement to the on prem networking
) | ||
|
||
// Platform stores any global configuration used for vsphere platforms | ||
type Platform struct { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why is this vpshere specific?
@@ -0,0 +1,201 @@ | |||
--- | |||
title: vsphere-ipi-zonal-external-lb |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
general thought:
The fact that there is a inter-dependency between IPI and onprem networking is a big limitation that we've been imposing on our customers. Hence I think having this enhancement is a great step forward. I do believe that it should be solved in a holistic manner - for all on prem platforms, rather than for vpshere only.
In assisted - the way we are categorizing it is - CMN (cluster managed netoworking) and UMN (user managed networking) - where, currently, it boils down to ipi/upi manifests (which define the networking yamls). Once this enhancement is implemented, we'll have to adjust our logic there.
- "@jcpowermac" | ||
reviewers: | ||
- "@rvanderp3" | ||
- "@bostrt" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
|
||
### api | ||
|
||
#### Infrastructure Status |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what about existence / non-existence of VIPs - why it cannot be the signal? then it will be aligned with upi/ipi networking parts
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and, the installer can set the lodbalancer type as the derivative of those values, without letting the user specifying it
/hold After a slack thread chat last week with @tsorya this enhancement will change significantly. |
/close |
@jcpowermac: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
No description provided.