Do we plan to support BGP-based address management?

I don't know, it's more a question for @thomasdanan
But to me, since it's built-in metallb it's only some field to fill in the metallb config it's easy to "support" it

But then we need to test it and make it configurable... If most of our customer base and target audience for ARTESCA is OK with the L2 approach, I think we should try to keep it constrained. Once we get a clear use-case to address, we can add it easily using your suggested approach 👌

Yes I agree, I can remove it for the moment and stay on Layer2 only.
Maybe @xaf-scality you have an opinion on this one as well ?

How is this done? What's for configuration format? How is this backwards-compatible? How can it be made forward-compatible?

You can check #3418, basically, I have a metallb key in networks:controlPlane and in this dict I have enabled (which default to false) and an optional config field that get merge with a default MetalLB configuration

But as I answered in another comment below, if we do not support BGP we do not need to expose config and we can also hide "metallb" from Bootstrap config and documentation, and just put manageVIP: true/false (or something else) in the bootstrap config

Let's find a more descriptive name.

Sure, any suggestion?
Maybe metalk8s-control-plane-entrypoint-ip ?

control-plane-ingress-ip?

This implies we'd support BGP-based environments. Should we, now? Could we, later?

We can say we will do this later, just it's really easy to expose this MetalLB functionally, but maybe we do not want to expose it for the moment and do not talk about it at all

So we'd directly expose (a subset of) the MetalLB configuration in BootstrapConfiguration? Not sure that's wise. What if we want to switch MetalLB to something else later? If it really required to have access to all of MetalLBs tunables? Is that a feature we provide?

Depends if we want to support BGP or not, if we only support Layer2 mode then we do not need to expose MetalLB config and just add "something" to enable or not MetalLB (talking about MetaLLB directly in doc/bootstrap config or not)

But then we need to test it and make it configurable... If most of our customer base and target audience for ARTESCA is OK with the L2 approach, I think we should try to keep it constrained. Once we get a clear use-case to address, we can add it easily using your suggested approach 👌

not a real HA

Meaning...? Something along the lines of "transparent for clients", which isn't the case for DNS-based failover?

It may be transparent if the DNS server is active and properly switch from an IP to another in case of failure, but as is it's a "False HA" since we do not have any HA we just move the "problem": "we do not need the IP to be HA but a specific DNS"

this will change with oauth2-proxy I think, but we'll need to reconfigure the proxy anyway 😇

Likely yes, but since we do not have any design for oauth2-proxy yet I do not mention it

control-plane-ingress-ip?

Won't this cause unnecessary mesh networking? I guess it's not super critical for control plane, but I don't really see the benefit of switching to a Deployment.

It's less ressources, here we stick with 2 replicas for the full cluster (no matter the number of Control Plane nodes).
To me it's more like, "why should we use a DaemonSet when we can use a Deployment ?"
I think @NicolasT also had other arguments

OK OK, I would just vote for lowering the priority of this switch:

• it's an architecture change, so it has an impact on users willing to operate/monitor our stuff
• it's not a huge win (an idle Ingress controller doesn't take much resources)

If we use Local, why don't we set up the Ingress controller pods to run locally to each node? What happens if no replica runs locally?

Hmm to me, when you use Local anyway the VIP will sit on one node that has some "pod" of the Service running locally,so it cannot happens

Ah OK, I misunderstood this behaviour then.