CORS-4229: Revert "dns/gcp: Allow configuring custom endpoints" #1302
Conversation
barbacbd
changed the title
openshift-ci-robot
added
the
jira/valid-reference
|
@barbacbd: This pull request references CORS-4229 which is a valid jira issue. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/retest-required |
|
/cc @Miciah |
|
/approve @barbacbd, would you mind adding a link to https://issues.redhat.com/browse/CORS-4229 to the commit message, and a brief explanation and reference to the alternative implementation that supersedes the feature that your PR removes (for example, a link to an EP, Jira ticket, or some other kind of sharable documentation)? |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Miciah The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
This reverts commit 95b36d0. The revert is occurring because the Openshift Installer will be creating a Private Zone where the traffic to *.googleapis.com will go to the ip address of a private service connect endpoint. The changes for the Openshift Installer can be found here: openshift/installer#9992. This means that we do not need to explicitly override the api endpoints in each cluster component. For example a proxy server log from a bastion host shows this: 1762508378.713 91253 10.0.0.5 TCP_TUNNEL/200 11968 CONNECT iamcredentials.googleapis.com:443 - HIER_DIRECT/10.1.0.100 - 1762508378.970 90258 10.0.0.5 TCP_TUNNEL/200 5988 CONNECT compute.googleapis.com:443 - HIER_DIRECT/10.1.0.100 - We can see that the ip address for the default endpoints above is now going to 10.1.0.100 which was the ip address of the private service connect endpoint. This achieves the same result as setting the API Endpoint override to https://compute-<endpoint-name>.p.googleapis.com/.
barbacbd
force-pushed
the
revert-gcp-custom-endpoints
branch
from
2934e3c to
92625c1
Compare
|
Thanks! /lgtm |
|
This As Brent mentioned, we changed the implementation to use DNS records rather than WithEndpoint. This was necessary to support STS & oauth API calls, but also turned out to be a simpler implementation which also supports all day-2 operators. A better solution all around, but we realized it late. |
|
/verified by e2e-gcp-operator |
openshift-ci-robot
added
the
verified
|
@patrickdillon: This PR has been marked as verified by DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci
bot
added
the
do-not-merge/hold
|
/hold cancel |
openshift-ci
bot
removed
the
do-not-merge/hold
|
/retest-required |
|
@barbacbd: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/test e2e-aws-ovn-serial-1of2 one last try, otherwise we will need to investigate this |
openshift-merge-bot
bot
merged commit b62dd27
into
openshift:master
6 participants
This reverts commit 95b36d0.