-
Notifications
You must be signed in to change notification settings - Fork 92
OpenStack discoverer: Improve handling of LB and Listener names #71
Comments
We must also ensure that we do not produce kubernetes identifier that have uppercase letters, as they are invalid according to the Kubernetes DNS_LABEL specification. We might have to lowercase any incoming name from OpenStack. Additionally, Kubernetes label values are also subject to length constraints. |
Working through this issue raised a couple of things in the OpenStack discoverer that we should improve. Currently, the name of a discovered service is derived from the OpenStack load balancer ID and name as follows: a) When the LB is unnamed, use the load balancer’s ID (UUID) as the service name and append the cluster name. Additionally, if the final name is longer than 63 characters, we attempt to shorten the name using a hash of the final name. If the source names are long enough, and we cannot shorten them to 63 chars, we simply use the hash as the final name. EndpointPort names are derived in a similar manner, but we use the Load Balancer’s Listener’s name and port number. Both service names and EndpointPort names must adhere to the Kubernetes DNS_LABEL spec, which allows a max of 63 chars and requires names to start with a letter, contain lowercase, alphanumeric characters (a-z and 0-9) and allows the Following is a table that lists scenarios we don't handle well, the current outcome and proposed change:
Label values are also subject to a similar set of requirements. Given that they are a superset of the DNS_LABEL reqs, we should be able to use the same approach we end up using for service names. Thoughts? cc @stevesloka @davecheney @rosskukulinski |
|
Definitely agree. Whatever solution we come up with, we should document this in the user documentation so that it is very clear what is going on. I usually err on the side of predictability instead of "magic". With that said, prefixing the load balancer and listener names with a known value to make it fit into a k8s DNS_LABEL could work, and doesn't seem like that much magic (as long as we document it). Additionally, going down this route means that users don't have to rename pre-existing load balancers to fit our needs. Happy to explore this option! |
Prefixing the name works for cases where there are no invalid characters in the names (e.g. I am starting to wonder if we should always just use IDs regardless of whether the OpenStack resource has a name. With that said, we would still have somewhat of a similar issue when adding the load balancer name as a label, given that Kubernetes label values also have character and length restrictions. |
Chatted with some openstack users:
|
@rosskukulinski Thanks! In yesterday's conversation we arrived at always using UUIDs. Given point 1, should we reverse that decision and continue using name+UUID when the name is valid? |
We use the LBaaS listener name as the port name. When the name is long enough, it can result in an invalid port name.
The text was updated successfully, but these errors were encountered: