-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow configuration of the subnet the LB is placed in #287
Conversation
6212876
to
9984ad6
Compare
Thanks for your contribution 🥳 Can you please add a test to check that |
I added tests for the loadbalancermachine controller behavior. Please let me know if there is more testing needed! |
Can you please add one more test for the yawol-cloud-controller. To test that it also works that a subnet can be set via an annotation. yawol/controllers/yawol-cloud-controller/targetcontroller/service_controller_test.go Line 2187 in 19dcae4
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your contribution 😍, just a few additional comments 🙂
controllers/yawol-controller/loadbalancermachine/loadbalancermachine_controller_test.go
Outdated
Show resolved
Hide resolved
controllers/yawol-controller/loadbalancer/loadbalancer_controller.go
Outdated
Show resolved
Hide resolved
810433c
to
e406d69
Compare
e406d69
to
447ed9d
Compare
This is an optional parameter that can either be left uninitialized to keep the old behavior or be set as a helm value or per LB.
447ed9d
to
7093b22
Compare
Thanks for your contribution! ❤️ |
This is an optional parameter that can either be left uninitialized to keep the old behavior or be set as a helm value or per LB.
We at edgeless systems have a use-case for yawol where we need the loadbalancer to be in the same network but a different subnet (cidr) than the kubernetes nodes.
This is a requirement for the network encryption we are using in our clusters.
Basically, we need to enforce that any traffic in the node subnet cidr belongs to a k8s node (and can thus enforce it to be encrypted).
Loadbalancer traffic must therefore be part of a separate subnet.