KEP-1860: Make Kubernetes aware of the LoadBalancer behavior (reopen) #4114
Conversation
RyanAoh
commented
Jun 29, 2023
RyanAoh
commented
- One-line PR description: Add an IP mode field to service.status.loadBalancer.ingress to determine whether the rule (iptables or ipvs) for loadBalancer.ip should be added to the node by kube-proxy.
- Issue link: Make Kubernetes aware of the LoadBalancer behaviour #1860
- Other comments: Earlier discussions Make Kubernetes aware of the LoadBalancer behaviour #1392
k8s-ci-robot
added
cncf-cla: yes
k8s-ci-robot
added
the
kind/kep
k8s-ci-robot
added
the
sig/network
RyanAoh
force-pushed
the
kep-1860
branch
3 times, most recently
from
30b44f9
to
47dfa7a
Compare
thockin
changed the title
|
Thanks! /lgtm |
k8s-ci-robot
added
the
lgtm
|
/hold for some new changes according to the comments on kubernetes/kubernetes#118895 |
k8s-ci-robot
added
the
do-not-merge/hold
what changes? I think theKEP is ok, comments does not question the KEP itself, is more on the implementation details, can you elaborate? |
|
Got it. |
k8s-ci-robot
removed
the
do-not-merge/hold
|
/assign @johnbelamaric |
|
I had suggested reopening the KEP because it was approved 2 years ago and I didn't even remember it, and I thought we might want to make sure that we still agree with what 2-years-ago us decided. |
oh, I missed that, I thought that the person driving the PR was assuming all the comments there were pushing back ... sorry for the confusion 😅 |
|
/lgtm |
|
I think you can proceed with implementation while this is pending PRR. I know it's hard to make PRR time happen during the code window. |
k8s-ci-robot
removed
the
lgtm
| # of http://git.k8s.io/enhancements/OWNERS_ALIASES | ||
| kep-number: 1860 | ||
| alpha: | ||
| approver: "@wojtek-t" |
There was a problem hiding this comment.
I didn't realize initially, but you didn't fill in PRR section.
Please copy the whole PRR section from the template:
https://github.com/kubernetes/enhancements/blob/master/keps/NNNN-kep-template/README.md#production-readiness-review-questionnaire
and fill-in at least the ones that are required for Alpha (others may be left empty for now).
And ping me once done :)
k8s-ci-robot
added
size/L
|
|
||
| - [x] Feature gate (also fill in values in `kep.yaml`) | ||
| - Feature gate name: LoadBalancerIPMode | ||
| - Components depending on the feature gate: kube-proxy, kube-apiserver |
There was a problem hiding this comment.
Also cloud-controller-manager?
It will be [potentially] setting this field, right?
There was a problem hiding this comment.
Yes. I'll also add it in kep.yaml.
|
|
||
| ###### Can the feature be disabled once it has been enabled (i.e. can we roll back the enablement)? | ||
|
|
||
| Yes. |
There was a problem hiding this comment.
nit: Yes, by disabling the feature gate.
Probably worth mentioning that to get user-visible impact, disabling it in kube-proxy is enough, right?
There was a problem hiding this comment.
Yes. Thanks for your advice.
|
|
||
| ###### Are there any tests for feature enablement/disablement? | ||
|
|
||
| Yes. There are some unit tests and an integration test added for this feature enablement/disablement. |
There was a problem hiding this comment.
These tests have added in the implemention(kubernetes/kubernetes#118895).
There was a problem hiding this comment.
Please correct me if I'm wrong, but I don't see enablement/disablement features there.
I see tests that exercise the feature-gate being on and off, but I don't see tests that change it in the middle of the test [which is what the enablement/disablement is doing.]
On unrelated note - how the implementation PR got merged, given the feature didn't went through PRR and wasn't tracked as part of the release:
https://github.com/orgs/kubernetes/projects/140/views/1?filterQuery=
@thockin ^^
There was a problem hiding this comment.
On unrelated note - how the implementation PR got merged, given the feature didn't went through PRR and wasn't tracked as part of the release
I think the KEP was originally approved to be implemented before PRR existed (and then just didn't get implemented). I'm not sure what that means process-wise.
There was a problem hiding this comment.
@wojtek-t The test TestUpdateServiceLoadBalancerStatus in pkg/registry/core/service/storage/storage_test.go did this.
https://github.com/RyanAoh/kubernetes/blob/e6863757f4fd9b6997ca38dea549e3b370463db9/pkg/registry/core/service/storage/storage_test.go#L11935-L11947
There was a problem hiding this comment.
On unrelated note - how the implementation PR got merged, given the feature didn't went through PRR and wasn't tracked as part of the release: https://github.com/orgs/kubernetes/projects/140/views/1?filterQuery=
@wojtek-t kubernetes/kubernetes#118895 was reverted by kubernetes/kubernetes#119876 for release resons. And I have opened a new one kubernetes/kubernetes#119937, we can make this run into the right process.
| @@ -149,3 +159,284 @@ On downgrade, the feature gate will simply be disabled, and as long as `kube-pro | |||
| ### Version Skew Strategy | |||
|
|
|||
| Version skew from the control plane to `kube-proxy` should be trivial since `kube-proxy` will simply ignore the `ipMode` field. | |||
|
|
|||
There was a problem hiding this comment.
Since I can't comment on unchanged code, commenting here:
For Upgrade/Downgrade section:
"all the previous LoadBalancer service will get an ipMode of VIP."
Will cloud-controller-manager be explicitly setting those?
Or are we going to rely on this being defaulted to VIP on the first write by kube-apiserver?
There was a problem hiding this comment.
It will be defaulted to VIP when we get it from kube-apiserver in this case. Ref https://github.com/kubernetes/kubernetes/pull/118895/files#r1248316868
There was a problem hiding this comment.
Can you add that explicitly there (with the link - it seems helpful here too).
RyanAoh
force-pushed
the
kep-1860
branch
2 times, most recently
from
604170e
to
bbaa47a
Compare
|
Sorry for delay - was OOO for quite some time. Thanks for all your answers - this LGTM to me now. /lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: RyanAoh, thockin, wojtek-t The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
