Bug 1891625: Support changing ingresscontroller load balancer scope #472
Conversation
openshift-ci-robot
added
the
do-not-merge/work-in-progress
openshift-ci-robot
added
the
approved
Miciah
force-pushed
the
mutable-publishing-scope
branch
2 times, most recently
from
0483460 to
6cd8ed8
Compare
|
/test e2e-azure |
Miciah
force-pushed
the
mutable-publishing-scope
branch
from
6cd8ed8 to
395121e
Compare
|
Latest push adds new |
| if currentAnnotations[name] != expectedAnnotations[name] { | ||
| scopeChanged = true | ||
| } | ||
| } |
There was a problem hiding this comment.
At this point, it seems that if the needsRecreate determination were moved here and if scopeChanged && needsRecreate you could return immediately, bypassing all the irrelevant diffing logic for the case when an update is possible.
There was a problem hiding this comment.
Hmm, that makes sense. It would incur a second update if the user modified the scope and another field, but scope is really the only thing we expect users to modify at this time.
There was a problem hiding this comment.
Latest push implements something along these lines.
There was a problem hiding this comment.
Hmm, that makes sense. It would incur a second update if the user modified the scope and another field, but scope is really the only thing we expect users to modify at this time.
This is something I hadn't considered. Given that scenario I would expect the scope change to be batched with all other possible changes. I retract my suggestion
There was a problem hiding this comment.
I don't feel too strongly about it... but since you retracted the suggestion, I've reverted the change. * grin *.
There was a problem hiding this comment.
(But I kept the change where I factored loadBalancerServiceScopeChanged out of loadBalancerServiceChanged: https://github.com/openshift/cluster-ingress-operator/compare/395121e5f4daa1fb4d3bc4a8145aa0324627dba1..328e6f49ceae326c0ca8e3c7d34535787d00a36f)
Miciah
force-pushed
the
mutable-publishing-scope
branch
3 times, most recently
from
e608f60 to
328e6f4
Compare
|
@Miciah: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
The ingress operator logs from the last CI run appear to be incomplete— the test output indicates that the operator created resources for the ingresscontroller named "scope", but the logs do not mention the ingresscontroller. (Or did some recent change break logging?) Let's see if another CI run gets us some useful logs. |
Miciah
force-pushed
the
mutable-publishing-scope
branch
from
328e6f4 to
20c3d84
Compare
Add support for changing ingresscontroller load balancer scope. On AWS and IBM cloud, this requires deleting the existing load balancer service and recreating it with the desired scope. On Azure and GCP, it suffices to update the existing service's annotations. This commit also adds logic to remove the service finalizer, which is no longer needed to clean up DNS records since the DNSRecord CRD was added. * pkg/operator/controller/ingress/controller.go (setDefaultPublishingStrategy): Update scope if needed. * pkg/operator/controller/ingress/load_balancer_service.go (externalLBAnnotations): New variable. Map platform type to the annotation for that platform that makes the load balancer external, if the platform requires an explicit annotation. (ensureLoadBalancerService): Add delete and update logic. Use the new deleteLoadBalancerServiceFinalizer method to delete any finalizer on any existing service. Use the new createLoadBalancerService, deleteLoadBalancerService, and updateLoadBalancerService methods to create, update, or delete the service as needed. (desiredLoadBalancerService): Delete logic to add a finalizer to the service. Use new externalLBAnnotations variable to simplify logic. (finalizeLoadBalancerService): Refactor to use the new deleteLoadBalancerServiceFinalizer method. (createLoadBalancerService, deleteLoadBalancerService): New methods. (updateLoadBalancerService): New methods. Update the LoadBalancer service, using the new loadBalancerServiceChanged function. (loadBalancerServiceScopeChanged): New function. Check if the load balancer's scope changed. (loadBalancerServiceChanged): New function. Check if the current service needs to be updated, and if so, whether it needs to be modified or deleted and recreated. (deleteLoadBalancerServiceFinalizer): New method. Delete any finalizer from the service. * pkg/operator/controller/ingress/load_balancer_service_test.go (TestLoadBalancerServiceChanged): New test. (TestLoadBalancerServiceChangedScopeNeedsRecreate): New test. * test/e2e/operator_test.go (isServiceInternal): New function. Return a Boolean value indicating whether the provided service is annotated to request an internal load-balancer. (TestScopeChange): New test. Verify that mutating scope from the default external scope to internal scope and from internal back to external succeeds on AWS, Azure, GCP, and IBM Cloud. Co-authored-by: Dan Mace <ironcladlou@gmail.com>
Miciah
force-pushed
the
mutable-publishing-scope
branch
from
20c3d84 to
982682f
Compare
Miciah
changed the title
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
|
/retest |
|
which Jira is this related to? |
|
|
Linking a BZ to facilitate backports. |
openshift-ci-robot
changed the title
openshift-ci-robot
added
the
bugzilla/severity-high
|
@Miciah: This pull request references Bugzilla bug 1891625, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 3 validation(s) were run on this bug
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
bugzilla/valid-bug
|
/cherry-pick release-4.6 |
|
@Miciah: once the present PR merges, I will cherry-pick it on top of release-4.6 in a new PR and assign it to you. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Miciah, sgreene570 The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@Miciah: All pull requests linked via external trackers have merged: Bugzilla bug 1891625 has been moved to the MODIFIED state. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@Miciah: new pull request created: #482 DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
7 participants
Add support for changing ingresscontroller load balancer scope. On AWS and IBM cloud, this requires deleting the existing load balancer service and recreating it with the desired scope. On Azure and GCP, it suffices to update the existing service's annotations.
This change also adds logic to remove the service finalizer, which is no longer needed to clean up DNS records since the DNSRecord CRD was added.
pkg/operator/controller/ingress/controller.go(setDefaultPublishingStrategy): Update scope if needed.pkg/operator/controller/ingress/load_balancer_service.go(externalLBAnnotations): New variable. Map platform type to the annotation for that platform that makes the load balancer external, if the platform requires an explicit annotation.(
ensureLoadBalancerService): Add delete and update logic. Use the newdeleteLoadBalancerServiceFinalizermethod to delete any finalizer on any existing service. Use the newcreateLoadBalancerService,deleteLoadBalancerService, andupdateLoadBalancerServicemethods to create, update, or delete the service as needed.(
desiredLoadBalancerService): Delete logic to add a finalizer to the service. Use new externalLBAnnotations variable to simplify logic.(
finalizeLoadBalancerService): Refactor to use the newdeleteLoadBalancerServiceFinalizermethod.(
createLoadBalancerService,deleteLoadBalancerService): New methods.(
updateLoadBalancerService): New method. Update the LoadBalancer service, using the newloadBalancerServiceChangedfunction.(
loadBalancerServiceScopeChanged): New function. Check if the load balancer's scope changed.(
loadBalancerServiceChanged): New function. Check if the current service needs to be updated, and if so, whether it needs to be modified or deleted and recreated.(
deleteLoadBalancerServiceFinalizer): New method. Delete any finalizer from the service.pkg/operator/controller/ingress/load_balancer_service_test.go(TestLoadBalancerServiceChanged): New test.(
TestLoadBalancerServiceChangedScopeNeedsRecreate): New test.test/e2e/operator_test.go(isServiceInternal): New function. Return a Boolean value indicating whether the provided service is annotated to request an internal load-balancer.(
TestScopeChange): New test. Verify that mutating scope from the default external scope to internal scope and from internal back to external succeeds on AWS, Azure, GCP, and IBM Cloud.Based on #394.