Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OCPBUGS-647: SDN branch: Fix Prefer local endpoints for cluster DNS service #1356

Merged
merged 3 commits into from Aug 30, 2022
Merged

OCPBUGS-647: SDN branch: Fix Prefer local endpoints for cluster DNS service #1356

merged 3 commits into from Aug 30, 2022

Conversation

martinkennelly
Copy link

Carry "Prefer local endpoint for cluster DNS service"
(54dc363) was incorrectly applied which did not restrict
DNS calls to a local endpoint.

Signed-off-by: Martin Kennelly mkennell@redhat.com

/cc @danwinship

@martinkennelly
Fix Prefer local endpoints for cluster DNS service
3b57265 
Carry "Perfer local endpoint for cluster DNS service"
(54dc363) was incorrectly applied which did not restrict
DNS calls to a local endpoint.

Signed-off-by: Martin Kennelly <mkennell@redhat.com>
@openshift-ci-robot openshift-ci-robot added the backports/unvalidated-commits Indicates that not all commits come to merged upstream PRs. label Aug 26, 2022
@openshift-ci openshift-ci bot requested a review from danwinship August 26, 2022 10:11
@openshift-ci-robot
Copy link

@martinkennelly: the contents of this pull request could not be automatically validated.

The following commits could not be validated and must be approved by a top-level approver:

Comment /validate-backports to re-evaluate validity of the upstream PRs, for example when they are merged upstream.

@openshift-ci
Copy link

openshift-ci bot commented Aug 26, 2022

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: martinkennelly
Once this PR has been reviewed and has the lgtm label, please assign knobunc for approval by writing /assign @knobunc in a comment. For more information see:The Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@danwinship
Copy link

I added a unit test for this in 4.11, 45738de#diff-92f41de420a097c0419a3cb53cf176a459a742c39f3fa482ab48b1c2fa6fd084. Can you add that here and confirm that it now passes? (go test -mod=vendor ./pkg/proxy/iptables). (It will need a little tweaking: the expected rules would be different in 4.10. But you can confirm that the generated rules in the first test use only the local endpoint and the rules in the second test use all endpoints.)

(Yeah, it's a bit late to be adding the test now, but this way, at least if we need to modify this code again in 4.10, we'll have the test there to confirm it. Maybe grab the local-with-fallback unit test from 16c6939 too?)

@martinkennelly
Add test case for OCP hack prefer local DNS endpoint
cdcd8b3 
* Test to ensure local DNS endpoint is selected if available
* Test to ensure if no local DNS endpoint available, fallback
to load balancing across remote endpoints.

All credit to Dan Winship/Miciah Masters.

Signed-off-by: Martin Kennelly <mkennell@redhat.com>
@martinkennelly
Add test case for OCP hack 'local-with-fallback'
e50bb74 
Credit to Dan Winship.

Signed-off-by: Martin Kennelly <mkennell@redhat.com>
@openshift-ci-robot
Copy link

@martinkennelly: the contents of this pull request could not be automatically validated.

The following commits could not be validated and must be approved by a top-level approver:

Comment /validate-backports to re-evaluate validity of the upstream PRs, for example when they are merged upstream.

@martinkennelly
Copy link
Author

But you can confirm that the generated rules in the first test use only the local endpoint and the rules in the second test use all endpoints.)

How do you want me to confirm? unit test in SDN repo? I was planning to do this once I vendor this in.
I have confirmed with manual testing but Id like to write a unit test.
I see OVN-K already has a unit test.

@danwinship
Copy link

How do you want me to confirm? unit test in SDN repo?

No, I meant you, personally, can just look at the rules, and say "yup, those are the expected rules".

It's awkward to have unit tests of this because (1) "go mod vendor" won't copy the unit tests over to sdn, (2) unit tests in sdn's pkg/network/ can't access the private methods in the vendored packages, and (3) "make verify-deps" in sdn won't let us manually add additional unit tests under vendor/. So basically we just depend on having unit tests in o/k and running them by hand.

@danwinship danwinship changed the title SDN branch: Fix Prefer local endpoints for cluster DNS service OCPBUGS-647: SDN branch: Fix Prefer local endpoints for cluster DNS service Aug 29, 2022
@openshift-ci-robot openshift-ci-robot added jira/severity-moderate Referenced Jira bug's severity is moderate for the branch this PR is targeting. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Aug 29, 2022
@openshift-ci-robot
Copy link

@martinkennelly: This pull request references Jira Issue OCPBUGS-647, which is invalid:

  • expected Jira Issue OCPBUGS-647 to depend on a bug in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), but no dependents were found

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

Carry "Prefer local endpoint for cluster DNS service"
(54dc363) was incorrectly applied which did not restrict
DNS calls to a local endpoint.

Signed-off-by: Martin Kennelly mkennell@redhat.com

/cc @danwinship

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@danwinship
Copy link

This looks good. Can you open a WIP PR against SDN, vendoring this commit in via your own fork (eg, like this commit) and then once it passes SDN CI, I'll merge this PR and you can update the SDN PR to use the real o/k commit.

@danwinship danwinship merged commit 9443ebd into openshift:sdn-4.10-kubernetes-1.23.4 Aug 30, 2022
@openshift-ci-robot
Copy link

@martinkennelly: All pull requests linked via external trackers have merged:

Jira Issue OCPBUGS-647 has been moved to the MODIFIED state.

In response to this:

Carry "Prefer local endpoint for cluster DNS service"
(54dc363) was incorrectly applied which did not restrict
DNS calls to a local endpoint.

Signed-off-by: Martin Kennelly mkennell@redhat.com

/cc @danwinship

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danwinship danwinship Awaiting requested review from danwinship

Assignees
No one assigned
Labels
backports/unvalidated-commits Indicates that not all commits come to merged upstream PRs. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. jira/severity-moderate Referenced Jira bug's severity is moderate for the branch this PR is targeting.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@martinkennelly @openshift-ci-robot @danwinship