Switch to EndpointSlices #154
Conversation
openshift-ci-robot
added
the
do-not-merge/work-in-progress
openshift-ci-robot
added
the
approved
|
Expecting this to fail without openshift/cluster-ingress-operator#426 and currently testing via cluster-bot. /hold |
frobware
force-pushed
the
endpointslices
branch
4 times, most recently
from
fd483ce
to
a52dacd
Compare
frobware
force-pushed
the
endpointslices
branch
6 times, most recently
from
9147242
to
fc04b2f
Compare
|
(I think) This is currently failing some of the haproxy tests because the dependency on openshift/cluster-ingress-operator#426 is not in any CI release at the moment. 426 was in this build/release https://openshift-release.apps.ci.l2s4.p1.openshiftapps.com/releasestream/4.6.0-0.ci/release/4.6.0-0.ci-2020-07-22-003338 but latest CI release is currently https://openshift-release.apps.ci.l2s4.p1.openshiftapps.com/releasestream/4.6.0-0.ci/release/4.6.0-0.ci-2020-07-21-114552. |
root cause is lack of RBAC for endpointslices. But this may be for just new routers. Investigating. |
pkg/router/template/plugin.go
Outdated
| formatIPAddr := func(addr string) string { | ||
| ip := net.ParseIP(addr) | ||
| if ip != nil && strings.Count(addr, ":") >= 2 { | ||
| return "[" + addr + "]" |
There was a problem hiding this comment.
Would it be better to use ip in this return line than addr? Also, I believe a valid ipv6 addr parsed by net.ParseIP(addr) will meet the condition strings.Count(addr, ":") >= 2. Thoughts?
There was a problem hiding this comment.
Edge cases:
Would it be better to use
ipin this return line thanaddr? Also, I believe a valid ipv6 addr parsed bynet.ParseIP(addr)will meet the conditionstrings.Count(addr, ":") >= 2. Thoughts?
This needs more thought and unit tests:
package main
import (
"fmt"
"net"
)
func main() {
ip := net.ParseIP("::FFFF:127.0.0.1")
fmt.Println(ip)
fmt.Println("is IPv4", ip.To4())
}There was a problem hiding this comment.
Still expecting this to fail CI haproxy tests where the system:router cluster role does not have privileges to list/watch endpointslices.
Known failures are:
"[sig-network][Feature:Router] The HAProxy router converges when multiple routers are writing status [Suite:openshift/conformance/parallel]"
"[sig-network][Feature:Router] The HAProxy router should override the route host for overridden domains with a custom value [Suite:openshift/conformance/parallel]"
"[sig-network][Feature:Router] The HAProxy router should override the route host with a custom value [Suite:openshift/conformance/parallel]"
"[sig-network][Feature:Router] The HAProxy router should run even if it has no access to update status [Suite:openshift/conformance/parallel]"
"[sig-network][Feature:Router] The HAProxy router should serve a route that points to two services and respect weights [Suite:openshift/conformance/parallel]"
"[sig-network][Feature:Router] The HAProxy router should serve the correct routes when scoped to a single namespace and label set [Suite:openshift/conformance/parallel]"
There was a problem hiding this comment.
With latest changes all are now passing with the exception of:
"[sig-network][Feature:Router] The HAProxy router should serve a route that points to two services and respect weights [Suite:openshift/conformance/parallel]"
|
Still expecting this to fail CI haproxy tests where the system:router cluster role does not have privileges to list/watch endpointslices. |
|
@sgreene570 thanks for the reviews. Continuously pushing changes as I run into issues. |
| if serviceName := endpointSliceServiceName(eps); serviceName == "" { | ||
| utilruntime.HandleError(fmt.Errorf("EndpointSlice %s/%s has no %q label", eps.Namespace, eps.Name, ServiceNameLabel)) | ||
| } else { | ||
| objMeta := eps.ObjectMeta.DeepCopy() |
|
|
||
| for i := range objs { | ||
| eps := objs[i].(*discoveryv1beta1.EndpointSlice) | ||
| fullSet = append(fullSet, *eps.DeepCopy()) |
There was a problem hiding this comment.
Is using a copy necessary here?
There was a problem hiding this comment.
It comes out of the store. But will look to see if we mutate at all and if not we can use it as-is.
|
/retest |
|
I tried to use the auto commit suggestions - does this still build? /retest |
frobware
force-pushed
the
endpointslices
branch
2 times, most recently
from
dfa50bd
to
1e94a11
Compare
|
@Miciah thanks for the review and suggestions. Mostly taken all in the now squashed commits. Currently debugging one CI flake which may be related to the change. Need to discuss what it means to sort the complete subset of endpoints. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
5 similar comments
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
Last failure was: |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/hold Not sure if openshift/kubernetes#300 is the fix for upgrade failures but there's no point continuously failing here (on the upgrade job). |
openshift-ci-robot
added
the
do-not-merge/hold
|
/hold cancel openshift/kubernetes#300 now merged. |
openshift-ci-robot
removed
the
do-not-merge/hold
|
/retest |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
2 similar comments
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
/hold I pushed a2e6e2c to flush out whether shifting to endpointslices and the CI failures are related. |
openshift-ci-robot
added
the
do-not-merge/hold
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: frobware, Miciah The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/test e2e |
|
/retest |
|
/hold cancel |
openshift-ci-robot
removed
the
do-not-merge/hold
Handle endpoint slices so that we can deal with dual-stack pods.
Needs: openshift/cluster-ingress-operator#426- now mergedNeeds: openshift/openshift-apiserver#125- now mergedopenshift/cluster-ingress-operator#428 allows us to turn on/off support for endpointslices via an ingresscontroller or the ingress config.