Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[jjo] support also using status.loadBalancer.ingress IPs via annotation #339

Closed
wants to merge 7 commits into from
Closed

[jjo] support also using status.loadBalancer.ingress IPs via annotation #339

wants to merge 7 commits into from

Conversation

jjo
Copy link
Contributor

@jjo jjo commented Mar 13, 2018

No description provided.

@jjo jjo force-pushed the jjo-add-loadbalancer-ips-support branch 2 times, most recently from c15f784 to 449a887 Compare March 15, 2018 11:49
@SEJeff SEJeff mentioned this pull request Mar 15, 2018
Open
@SEJeff
Copy link
Contributor

SEJeff commented Mar 15, 2018

👍 nicely done! Tests would be nice though

@jjo jjo force-pushed the jjo-add-loadbalancer-ips-support branch from eb3ca2e to f30795d Compare March 16, 2018 13:43
@jjo
Copy link
Contributor Author

jjo commented Mar 16, 2018

nicely done! Tests would be nice though
@SEJeff: tnx! , added tests at f30795d ;)

@murali-reddy murali-reddy mentioned this pull request Mar 21, 2018
Closed
@murali-reddy
Copy link
Member

@jjo Can you please rebase. Apologies for delay in the review.

Wondering do we need an annotation? If the load balancer IP is set would it make sense to interpret it just as external IP.

@jjo jjo force-pushed the jjo-add-loadbalancer-ips-support branch from f30795d to a2daf09 Compare March 21, 2018 20:43
@jjo
Copy link
Contributor Author

jjo commented Mar 21, 2018

@jjo Can you please rebase. Apologies for delay in the review.

nw, just done it.

Wondering do we need an annotation? If the load balancer IP is set would it make sense to interpret it just as external IP.

Afaics the (only?) use case for landing LB IPs locally at nodes would
be indeed baremetal loadbalancing, as cloud-y LBs will obviously
handle those public IPs themselves, that's why I chose to keep the
current behavior unless annotated.
One clear consequence of above would be that a kube-router deploy
on cloud would start advertising those LB IPs towards k8s nodes,
possibly interfering with cloud provider net infra.

@jjo jjo mentioned this pull request Mar 21, 2018
Merged
jjo added 4 commits March 22, 2018 01:58
@jjo
[jjo] support status.loadBalancer.ingress IPs
b2da4e3 
* support also using status.loadBalancer.ingress IPs via
    kube-router.io/service.uselbips: "true"
  annotation

* this annotation is set for a LoadBalancer service, the
  ingress IP(s) set by the LoadBalancer will:
  - be locally added to nodes (to `kube-dummy-if` network iface, to LVS)
  - be advertised to BGP peers
@jjo
add some logging
f033a07
@jjo
add bit more logic to getExternalIps, call it from advertiseExternalI…
a9b671b 
…Ps() to reuse essentially same pre-existing code
@jjo
[jjo] add service.uselbips testing
488fbf0
@jjo jjo force-pushed the jjo-add-loadbalancer-ips-support branch from e21b3df to 488fbf0 Compare March 22, 2018 04:59
@murali-reddy
Copy link
Member

murali-reddy commented Mar 22, 2018
edited
Loading

Afaics the (only?) use case for landing LB IPs locally at nodes would
be indeed baremetal loadbalancing, as cloud-y LBs will obviously
handle those public IPs themselves, that's why I chose to keep the
current behavior unless annotated.
One clear consequence of above would be that a kube-router deploy
on cloud would start advertising those LB IPs towards k8s nodes,
possibly interfering with cloud provider net infra.

So i see two different aspects here. One aspect is setting up service proxy to the LoadBalancer IP as VIP and setting up its endpoints. Second is how the traffic really ends up at a node for load-balncer IP.

In baremetal deployments each node (through kube-router) can advertises the loadbalancer IP so we have ECMP load balancing. Kube-router already does this with --advertise-cluster-ip and --advertise-external-ip. IMO we could have similar flag for load balancer IP's.

I have to test it though, with your changes to network service controller, service of LoadBalancer type should work in cloud provider environments.

I am not sure what benefit we get enabling selectivley few services with annotation.

@SEJeff
Copy link
Contributor

SEJeff commented Mar 23, 2018

Concur. Perhaps flip it to have an annotation to turn it off (if a user is worried about it interfering with cloud provider networking), or as a kube-router flag. This has the benefit of being a massively better user experience for both on premise clusters (like mine) and cloud clusters running kube-router.

@jjo
Copy link
Contributor Author

jjo commented Mar 23, 2018

Thanks @murali-reddy @SEJeff for the feedback, I still think the user
should be able to selectively dis/en-able which LB services to treat "as"
externalIPs, concur on having for a more useful default behavior,
I like @SEJeff take on having sth like --advertise-loadbalancer-ip plus
per-service annotation to disable it, I'll implement it.

@murali-reddy
Copy link
Member

murali-reddy commented Mar 23, 2018
edited
Loading

Thanks @jjo for your patience :) i will test it out today this functionality with ELB to see what would be ideal default behaviour.

andrewsykim
andrewsykim reviewed Mar 23, 2018
View reviewed changes
app/controllers/network_routes_controller.go Outdated

if !nodeHasEndpoints {
for _, externalIP := range svc.Spec.ExternalIPs {
err := nrc.UnadvertiseClusterIp(externalIP)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think it makes sense to call UnadvertiseClusterIp in getExternalIps(). WDTY?

andrewsykim
andrewsykim reviewed Mar 23, 2018
View reviewed changes
app/controllers/network_services_controller.go
if svc.uselbips {
extIPSet = extIPSet.Union(sets.NewString(svc.loadBalancerIPs...))
}
glog.V(2).Infof("Service \"%s\" using extIPSet: %v", svc.name, extIPSet.List())
Copy link
Collaborator

@andrewsykim andrewsykim Mar 23, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: you can use %q if you want quotes on your strings

SEJeff
SEJeff reviewed Mar 24, 2018
View reviewed changes
Documentation/README.md Outdated
If you want to also advertise loadbalancer set IPs
(`status.loadBalancer.ingress` IPs), e.g. when using it with MetalLb,
add the `--advertise-loadbalancer-ip` flag (`false` by default).

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is perfect from a user workflow. Thanks for humoring me!

@jjo jjo closed this Mar 25, 2018
@jjo jjo deleted the jjo-add-loadbalancer-ips-support branch March 25, 2018 00:38
@jjo
Copy link
Contributor Author

jjo commented Mar 25, 2018

Thanks folks for the reviews - I've messed with the branches while
rebasing against master, will reopen another PR from a cleanup tree
(and refer to this one for the discussion)

@jjo jjo mentioned this pull request Mar 25, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewsykim andrewsykim andrewsykim left review comments

@SEJeff SEJeff SEJeff left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jjo @SEJeff @murali-reddy @andrewsykim