Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rebase to upstream 2019-10-08 #30

Merged
merged 6 commits into from Oct 14, 2019

Conversation

danwinship
Copy link
Contributor

In particular to get the NetworkPolicy deadlock fix so we can backport it to 4.2.

/assign @dcbw

winsopc and others added 6 commits October 2, 2019 14:40
We add a default route to ovn_cluster_router that points to a L3
gateway router as the next hop. When the node that hosts the L3 gateway
router is deleted from the cluster, the default route still points to
the same l3 gateway router chassis. We also need to move all the
External IPs related Load Balancer rules to a different default gateway
router.

Signed-off-by: Zhen Wang <zhewang@nvidia.com>
The spare interface gateway mode allows one to take a spare interface
on the node and attach the interface directly to br-int. When you do
that, all the North-South traffic from the Pod will exit out through
the spare interface.

However, the issue with this mode is that the NodePort services aren't
supported (and therefore LoadBalancer type services).

This is a severe drawback with this mode, and we know that no one in
the community is using this mode. So, we should just remove this mode
to facilitate some of the upcoming PRs (annotate node with L3 gateway
information and move gateway creations to master node).

Signed-off-by: Girish Moodalbail <gmoodalbail@nvidia.com>
ovn: fix a deadlock in the NetworkPolicy code
Packets entering the OVN pipeline from the host or hostNetwork pods are
now SNAT'ed to management port IP. This is done so that the response
packets come back through the management port IP itself. However, the
rule is now just added to POSTROUTING chain. This fix moves the SNAT
rule to its own chain called OVN-KUBE-SNAT-MGMTPORT and delete the
chain on node deletion.

Signed-off-by: Zhen Wang <zhewang@nvidia.com>
@openshift-ci-robot openshift-ci-robot added the size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. label Oct 8, 2019
@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 8, 2019
@dcbw
Copy link
Member

dcbw commented Oct 14, 2019

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Oct 14, 2019
@openshift-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: danwinship, dcbw

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-robot openshift-merge-robot merged commit 916b7e0 into openshift:master Oct 14, 2019
Billy99 added a commit to Billy99/ovn-kubernetes that referenced this pull request Nov 2, 2022
Fix cmd of getting kubernetes API endpoint port
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

6 participants