Make VNet and NSGs reconcile/delete async#1684
Conversation
k8s-ci-robot
added
the
release-note
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
k8s-ci-robot
added
sig/cluster-lifecycle
| }, nil | ||
| } | ||
|
|
||
| // TODO: review this logic and make sure it is what we want. It seems incorrect to skip rules that don't have a certain protocol, etc. |
There was a problem hiding this comment.
this logic smells fishy to me, not sure why we're doing a continue when the rule has certain properties. That being said I didn't want to introduce bug fixes/behavior changes as part of this already large refactor so I kept the logic as is from https://github.com/kubernetes-sigs/cluster-api-provider-azure/pull/1684/files#diff-5bb14c98c52ecfa3dad6cf4745c9378b7624fdc60f0910343534ddac18408fb1L115
|
/retest |
CecileRobertMichon
force-pushed
the
async-vnets
branch
3 times, most recently
from
d50304a to
4b651a6
Compare
CecileRobertMichon
force-pushed
the
async-vnets
branch
from
4b651a6 to
7a76e16
Compare
k8s-ci-robot
added
the
needs-rebase
|
@CecileRobertMichon I was looking at the implementation of async reconcile of NSGs in this PR to replicate it for public ips to fix #1716 . I have a question regarding the status updates of NSGs. I see that we are storing only one error as a result for the |
CecileRobertMichon
force-pushed
the
async-vnets
branch
from
7a76e16 to
a856742
Compare
k8s-ci-robot
removed
the
needs-rebase
CecileRobertMichon
force-pushed
the
async-vnets
branch
3 times, most recently
from
bcedf3d to
674701c
Compare
CecileRobertMichon
force-pushed
the
async-vnets
branch
3 times, most recently
from
e0c47c5 to
dd601d8
Compare
CecileRobertMichon
force-pushed
the
async-vnets
branch
2 times, most recently
from
c08c457 to
9a1bb8c
Compare
|
Rebased/tests updated/fixed issues, this should be ready to go! |
|
/retest |
k8s-ci-robot
added
the
needs-rebase
CecileRobertMichon
force-pushed
the
async-vnets
branch
from
9a1bb8c to
dcacc0b
Compare
k8s-ci-robot
removed
the
needs-rebase
|
Can't repro the private cluster deletion issue locally. Trying one more time... /retest |
CecileRobertMichon
force-pushed
the
async-vnets
branch
2 times, most recently
from
2ac0140 to
c7b57f0
Compare
| func (s *ClusterScope) IsVnetManaged(ctx context.Context) (bool, error) { | ||
| var err error | ||
| if s.cache.IsVnetManaged == nil { | ||
| vnetSvc := virtualnetworks.New(s) |
There was a problem hiding this comment.
@shysank PTAL. I had to go back on our conversation in #1610 (comment) because it doesn't work for Delete() as we call services in the opposite order as Reconcile() (eg. the subnets need to be deleted before the vnet is deleted) so this means the vnet service isn't the first one to be reconciled which means we have to do this before we get to the vnet service. I'm not sure how to work around that constraint without calling the virtual network from either the scope or other services (eg. from the subnet service). Thoughts?
There was a problem hiding this comment.
can we think of IsManaged as something that identifies whether that resource is managed by capz instead of checking IsVnetManaged? Every Service can implement IsManaged behaviour, and internally a service can depend on another service or another service's client to determine whether it is managed or not. The cache will be shared among all services. In this way, we can make clear abstractions. Concretely: SubnetSvc.IsManaged() will check if vnet is managed either through virtualNetworksClient (we can write a helper if it is used in more than one place) or by exposing virtualNetworksSvc.IsManaged, and updates the cache through scope which can be used by subsequent services. wdyt?
There was a problem hiding this comment.
let me try some things once #1874 is merged and I can rebase on top of it
k8s-ci-robot
added
the
needs-rebase
CecileRobertMichon
force-pushed
the
async-vnets
branch
from
c7b57f0 to
634c9f6
Compare
k8s-ci-robot
removed
the
needs-rebase
|
@CecileRobertMichon: PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
needs-rebase
|
@CecileRobertMichon: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
/hold |
k8s-ci-robot
added
the
do-not-merge/hold
|
@CecileRobertMichon: Closed this PR. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
4 participants
What type of PR is this?
/kind cleanup
/kind feature
What this PR does / why we need it: Follow up on #1610 and implementation of #1541 for virtual networks and security groups (bundled together because they were both part of the original #1610 PR and share the managed vnet logic).
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
Please confirm that if this PR changes any image versions, then that's the sole change this PR makes.
TODOs:
Release note: