[WIP][TEST] New service controller using endpoint slices#392
[WIP][TEST] New service controller using endpoint slices#392aojea wants to merge 8 commits intoopenshift:masterfrom aojea:slices
Conversation
openshift-ci-robot
added
the
do-not-merge/work-in-progress
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: aojea The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
/retest |
|
this doesn't make any sense, now the gcp job works without any change, it was failing to install before |
|
/retest |
ok, I think that this may explain it, the kubernetes version has to be bumped independently in each component |
|
/retest |
1 similar comment
|
/retest |
|
Ok, this time it went through the 3 cloud providers, the |
|
/retest |
3 similar comments
|
/retest |
|
/retest |
|
/retest |
openshift-ci-robot
added
needs-rebase
Signed-off-by: Antonio Ojea <aojea@redhat.com>
We were looking for the kubernetes version to detect if the cluster had enabled the DualStack API, however, this detection fails if the apiserver version is built from a "dirty" git branch. Instead, we can detect if the services has enabled the ClusterIPs field, that is much more reliable. Signed-off-by: Antonio Ojea <aojea@redhat.com>
The new service controller for endpoint slices has a repair loop that runs once, during the controller startup process, so we can delete out of sync data between OVN and Kubernetes, specially to deal with upgrades and OVN new features. The repair loop was using the controller service tracker as a source of true, but this is racy because the service tracker is updated just after the OVN Load Balancer has been configured, so it can happen that the Service has an OVN loadbalancer, but doesn´t exist on the service tracker. As a consequence the repair loops things that is a stale loadbalancer and deletes it. The repair loop must use the informer cache as source of true, also it must run before starting the informers workers, so we avoid any races. Signed-off-by: Antonio Ojea <aojea@redhat.com>
The new service controller was removing the reject ACL independently that the service had or not endpoints. It must remove the ACL only if the service doesn´t exist or if it has endpoints. Signed-off-by: Antonio Ojea <aojea@redhat.com>
We were detecting the default gateway based in the assumption that the netlink library was populating the de Gw field with it, however, it turns out that when multipath is enabled that field is empty and the corresponding information is in the MultiPath field. Also, in order to obtain the default gateway, we were dumping all routes filtering by FAMILY_ALL, and iterating on the results to get the ones we are interested. We can filter directly by the IP Family instead, to avoid future possibles problems with the FAMILY_ALL interpretion. Signed-off-by: Antonio Ojea <aojea@redhat.com>
OVN automatically rejects packets to loadbalancer vips without backends, so we don´t need to handle that logic anymore in OVN-Kube. Signed-off-by: Antonio Ojea <aojea@redhat.com>
Signed-off-by: Antonio Ojea <aojea@redhat.com>
|
/test all |
|
/test all |
|
@aojea: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
3 participants
test only