-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
KEP-4020: Unknown Version Interoperability Proxy #4015
Conversation
richabanker
commented
May 17, 2023
•
edited
Loading
edited
- One-line PR description: Adds a KEP
- Issue link: Unknown Version Interoperability Proxy #4020
- Other comments: Taken over from [WIP] KEP-3903: Unknown Version Interoperability Proxy #3903
amend UVIP KEP with some additional details
Add a note about large request volume proxied to the apiserver
|
dfd9b62
to
ccea337
Compare
keps/sig-api-machinery/4020-unknown-version-interoperability-proxy/README.md
Show resolved
Hide resolved
keps/sig-api-machinery/4020-unknown-version-interoperability-proxy/README.md
Show resolved
Hide resolved
Had a discussion with Joe earlier today and wanted to write down some thoughts from that here. We should be make sure that this feature (as it moves to GA) remains useful to folks who decide to opt out of the proxying aspect. So consider a future where the storage version API and this feature are all GA but the admin has opt-ed out of allowing API servers to communicate to each other (however that ends up being expressed - and it should be something that can be expressed - there needs to be way to opt out of attempting the network calls to begin with instead of trying them and having them fail). We should make is so that the new handler is still active in that case, and when it sees a request for an API that it does not know about, before returning a |
4b4529d
to
01637e1
Compare
keps/sig-api-machinery/4020-unknown-version-interoperability-proxy/README.md
Show resolved
Hide resolved
keps/sig-api-machinery/4020-unknown-version-interoperability-proxy/README.md
Show resolved
Hide resolved
2. The StorageVersion informer cache hasn't synced yet or if `StorageVersionManager.Completed()` has returned false. We will serve error 503 in this case | ||
3. The request has a header `X-Kubernetes-UVIP-Rerouted:true` that indicates that this request has been proxied once already. If for some reason the resource is not found locally, we will serve error 503 | ||
4. No StorageVersion was retrieved for it, meaning the request is for an aggregated API or for a custom resource | ||
5. If the local apiserver ID is found in the list of serviceable-by server IDs from the internal map |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is an implementation detail, but I'll mention it here so I don't forget-- To determine if the local apiserver can handle a GVK, I'd prefer check the apiserver's already available in-memory registry of available GVKs directly than to check the data loaded in from StorageVersion API. This will be fast and low risk.
keps/sig-api-machinery/4020-unknown-version-interoperability-proxy/README.md
Show resolved
Hide resolved
keps/sig-api-machinery/4020-unknown-version-interoperability-proxy/README.md
Show resolved
Hide resolved
Added some minor comments and naming nits. LGTM once those are reviewed. @deads2k: PRR also looks good to me for alpha. |
LGTM from the networking pov |
/lgtm Thank you @richabanker! |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: deads2k, jpbetz, Richabanker The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Sorry for the delay in getting to the nits. Sending those out in a separate PR. Thanks all for the review! |