NE-956: Configurable LB Source Ranges - Functional Implementation#817
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
|
Skipping CI for Draft Pull Request. |
suleymanakbas91
force-pushed
the
allowed-source-ranges
branch
from
2d3a696 to
518b09f
Compare
openshift-merge-robot
added
the
needs-rebase
suleymanakbas91
force-pushed
the
allowed-source-ranges
branch
from
a6684c9 to
bf6db4c
Compare
openshift-merge-robot
removed
the
needs-rebase
|
/retest |
suleymanakbas91
force-pushed
the
allowed-source-ranges
branch
from
22faea2 to
120d86b
Compare
|
/retest |
suleymanakbas91
force-pushed
the
allowed-source-ranges
branch
from
8ffefe6 to
92d23b7
Compare
openshift-merge-robot
added
the
needs-rebase
suleymanakbas91
force-pushed
the
allowed-source-ranges
branch
from
53700c0 to
6d0b18a
Compare
openshift-merge-robot
removed
the
needs-rebase
|
/retest |
suleymanakbas91
force-pushed
the
allowed-source-ranges
branch
6 times, most recently
from
5026ae3 to
e2e115c
Compare
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
suleymanakbas91
force-pushed
the
allowed-source-ranges
branch
4 times, most recently
from
38bb95b to
53de621
Compare
brandisher
left a comment
brandisher
left a comment
There was a problem hiding this comment.
Looks like the main changes are the test name and some formatting in the CRD.
/lgtm
|
/retest |
1 similar comment
|
/retest |
Miciah
left a comment
Miciah
left a comment
There was a problem hiding this comment.
I think moving some of the update logic from desiredLoadBalancerService to loadBalancerServiceChanged would simplify the code a bit, and I'm curious to know what you think of that idea. Otherwise, my main concerns are that it looks like desiredLoadBalancerService sets the annotation with the empty string as the value—am I reading that correctly?—and that IngressStatusesEqual appears to have a potential nil-pointer dereference. My other comments are pretty minor things. Looks good overall!
suleymanakbas91
force-pushed
the
allowed-source-ranges
branch
from
780fe1f to
3c38200
Compare
suleymanakbas91
force-pushed
the
allowed-source-ranges
branch
2 times, most recently
from
233ec66 to
03aa55e
Compare
|
/retest |
Miciah
left a comment
Miciah
left a comment
There was a problem hiding this comment.
Looks really good. I had a few more minor comments, but nothing that should hold up the PR. Thanks!
/approve
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Miciah The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
/retest |
suleymanakbas91
force-pushed
the
allowed-source-ranges
branch
from
03aa55e to
48cd426
Compare
|
/lgtm |
|
Looks like a few e2e test flakes which I don't think are related. /test e2e-aws-operator |
|
Doesn't look related. /test e2e-aws-operator |
|
/retest |
2 similar comments
|
/retest |
|
/retest |
|
@suleymanakbas91: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
8 participants
This PR provides the functional implementation for the new
AllowedSourceRangesAPI of IngressController which is used to setLoadBalancerSourceRangeson the loadbalancer-typed services.Epic: https://issues.redhat.com/browse/NE-555
EP: openshift/enhancements#1177
API: openshift/api#1222
pkg/operator/controller/ingress/controller.go: Adds a new condition typeEvaluationConditionsDetected.pkg/operator/controller/ingress/load_balancer_service.go:loadBalancerServiceIsProgressingto be used incomputeLoadBalancerProgressingStatusandloadBalancerServiceEvaluationConditionDetectedto be used incomputeIngressEvaluationConditionsDetectedConditiononingress/status.go, to compute load balancer service'sProgressingandEvaluationConditionDetectedconditions.LoadBalancerSourceRangesbased on theAllowedSourceRangesindesiredLoadBalancerServicefunction.loadBalancerServiceChangedfunction to setLoadBalancerSourceRangesand the annotation based on the expectedLoadBalancerSourceRangesvalue.loadBalancerSourceRangesAnnotationSetandloadBalancerSourceRangesMatchto help withProgressing=TrueandEvaluationConditionDetected=Truecondition calculations.pkg/operator/controller/ingress/load_balancer_service_test.go:LoadBalancerSourceRangesor the annotation are evaluated as service changed.pkg/operator/controller/ingress/status.go:computeAllowedSourceRangesto calculate the effective source ranges value by looking at the annotation and theLoadBalancerSourceRangesfield on the service. This calculated value is then used to setAllowedSourceRangesin IngressController's status.computeIngressEvaluationConditionsDetectedConditionto compute the newEvaluationConditionsDetectedcondition type.computeLoadBalancerProgressingStatusto use the newloadBalancerServiceIsProgressingfunction oningress/load_balancer_service.gopkg/operator/controller/ingress/status_test.go:Progressing=Truecondition is calculated correctly for two cases mentioned in the EP.computeIngressEvaluationConditionsDetectedConditionfunction that verifiesEvaluationConditionsDetected=Truecondition is calculated correctly for two cases mentioned in the EP.pkg/operator/controller/status/controller.go: Adds a new functioncomputeOperatorEvaluationConditionsDetectedConditionto compute operator's newEvaluationConditionsDetectedcondition.pkg/operator/controller/status/controller_test.go: Adds unit-tests for the newcomputeOperatorEvaluationConditionsDetectedConditionfunction.test/e2e/all_test.go: Adds new e2e tests to parallel tests.test/e2e/allowed_source_ranges_test.go: Adds e2e tests to verify the functionality. What each test verifies is explained in the function comments.