WIP: Implement migration from L4 Legacy Target Pool based services to L4 RBS #1721
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
|
Hi @panslava. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
needs-ok-to-test
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: panslava The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
panslava
force-pushed
the
legacy-to-rbs-migration
branch
from
7fcc292 to
cf60083
Compare
| @@ -452,6 +466,19 @@ func (l4netlb *L4NetLB) deleteForwardingRule(name string, version meta.Version) | |||
| } | |||
| } | |||
|
|
|||
| // ConfigsEqual check if two forwarding rules are equal in configurations, except for backend targets | |||
There was a problem hiding this comment.
and description :)
For ILB and NetLB we have different "configs" if this function is only used by NetLB we can skip AllowGlobalAccess and Subnetwork checks (and changed the name to point to ExternalConfig)
There was a problem hiding this comment.
This is used not only for NetLB, I just took a part of Equals(fr1, fr2) (which was used by both ILB, NetLB) and moved it to separate function, so Equals now still calls ConfigsEqual
panslava
force-pushed
the
legacy-to-rbs-migration
branch
5 times, most recently
from
d8188e6 to
a0f8a02
Compare
|
|
||
| // Check if we transition from Target Pool Legacy Service to RBS based one. | ||
| // If configs are not equal, we should delete forwarding rule and recreate. | ||
| if existingFwdRule.Target != "" && ConfigsEqual(fr, existingFwdRule) { |
There was a problem hiding this comment.
is this 'if' enought to identify transition from Target Pool Legacy Service to RBS based?
There was a problem hiding this comment.
This is mostly business question, we can discuss it, but all the other functionality should stay pretty the same, so if needed we can change this condition
| lbRefStr := fmt.Sprintf("%v(%v)", loadBalancerName, serviceName) | ||
|
|
||
| errs := utilerrors.AggregateGoroutines( | ||
| func() error { |
There was a problem hiding this comment.
plese used named functions
| err := utils.IgnoreHTTPNotFound(l4netlb.cloud.DeleteFirewall(fwName)) | ||
| return err | ||
| }, | ||
| func() error { |
There was a problem hiding this comment.
plese used named functions
pkg/loadbalancers/l4netlb.go
Outdated
| // They both use legacy naming scheme, so they are not useful for RBS service, and it is safe to delete them | ||
| healthChecksToDelete := []string{loadBalancerName, gce.MakeNodesHealthCheckName(l4netlb.namer.ClusterID())} | ||
|
|
||
| for _, hcToDelete := range healthChecksToDelete { |
There was a problem hiding this comment.
- plese used named functions
- you can optimize this even furthrer by adding each HC deletion as one func in AggregateGoroutines
- wait for PR/1705 to be merged
pkg/loadbalancers/l4netlb_test.go
Outdated
| ) | ||
|
|
||
| func ensureFrontend(l4netlb *L4NetLB, nodeNames []string, svc *v1.Service) *L4NetLBSyncResult { |
There was a problem hiding this comment.
- why do you need this?
- put int after TestXXX funcs
panslava
force-pushed
the
legacy-to-rbs-migration
branch
2 times, most recently
from
85344cc to
39f0c90
Compare
k8s-ci-robot
added
size/XXL
- create a common singleton-like struct fot l4 health checks - new struct holds mutex for common resources (healthchecks and their firewall rules used for - [bugfix] delete shared healtcheck firewall rules safely - cross-check between ILB and NLB healthchecks is firewall rules are in use Logging New log line idicating firewall rule not deleted due to cross-check: "Failed to delete health check firewall rule %s: health check in use." Testing - healthcheck management is mostly covered (by existing tests), they required little update. - added test cases for sahred firewall rule deletion(lack of), named TestHealthCheckFirewallDeletionWithILB and TestHealthCheckFirewallDeletionWithNetLB - run test manual tests
|
Rebased on this #1705 , waiting to be merged |
panslava
force-pushed
the
legacy-to-rbs-migration
branch
4 times, most recently
from
cf109d6 to
6400ba5
Compare
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
EnsureL4HealthCheck: replace lengthy return value list in with named struct Improve firewall rule comparison Added debug logs Improved go fmt Renamed function names And many more small ones
k8s-ci-robot
added
the
needs-rebase
|
@panslava: PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
panslava
force-pushed
the
legacy-to-rbs-migration
branch
from
6400ba5 to
05c7fd9
Compare
- Switch target of existing forwarding rule from target pool to regional backend service - Clean up GCP resources used only by legacy service: target pool, health checks, firewall rules for health checks
panslava
force-pushed
the
legacy-to-rbs-migration
branch
from
05c7fd9 to
e7cb75c
Compare
|
@panslava: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
panslava
changed the title
k8s-ci-robot
added
the
do-not-merge/work-in-progress
|
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
k8s-ci-robot
added
the
lifecycle/stale
backend service
health checks, firewall rules for health checks