LBaaS v2 Support for Openstack Cloud Provider Plugin #25987
Conversation
|
Can one of the admins verify that this patch is reasonable to test? If so, please reply "ok to test". This message may repeat a few times in short succession due to jenkinsci/ghprb-plugin#292. Sorry. Otherwise, if this message is too spammy, please complain to ixdy. |
2 similar comments
|
Can one of the admins verify that this patch is reasonable to test? If so, please reply "ok to test". This message may repeat a few times in short succession due to jenkinsci/ghprb-plugin#292. Sorry. Otherwise, if this message is too spammy, please complain to ixdy. |
|
Can one of the admins verify that this patch is reasonable to test? If so, please reply "ok to test". This message may repeat a few times in short succession due to jenkinsci/ghprb-plugin#292. Sorry. Otherwise, if this message is too spammy, please complain to ixdy. |
k8s-github-robot
added
size/XXL
| return nil, err | ||
| } | ||
|
|
||
| waitLoadbalancerActiveProvisioningStatus(lbaas.network, loadbalancer.ID) |
There was a problem hiding this comment.
Are all these waitLoadbalancerActiveProvisioningStatus calls required before proceeding to each next step? If so, that's a shame :(
There was a problem hiding this comment.
yeah, unfortunately anytime a change is made to a component, the respective load balancer changes state to "... pending". During this time, any changes made will return with failure bc the load balancer state is not ACTIVE
There was a problem hiding this comment.
Does the underlying library have a equivalent of --wait that does this under the covers?
There was a problem hiding this comment.
There is https://godoc.org/github.com/rackspace/gophercloud#WaitFor, but it doesn't do anything more magic than repeatedly polling until a provided predicate returns true (so very similar to waitLoadbalancerActiveProvisioningStatus)
|
lgtm, nice work. My only high-level comment is that it'd be nice to automatically determine v1 vs v2 by querying available neutron extensions (use v2 if available, fallback to v1) - rather than force deployers to have to specify. |
|
Thanks @anguslees. Ok, that would be nice, let me look into that. If it's small enough I can include it as part of this PR, otherwise I can address in a separate PR. |
dagnello
force-pushed
the
openstack-lbaas-v2
branch
from
0c1a9a9 to
cc915fa
Compare
k8s-github-robot
added
the
needs-rebase
| @@ -1,5 +1,5 @@ | |||
| /* | |||
| Copyright 2014 The Kubernetes Authors All rights reserved. | |||
| Copyright 2016 The Kubernetes Authors All rights reserved. | |||
There was a problem hiding this comment.
I don't think we want to change this.
|
@k8s-bot ok to test |
|
I'm happy to merge once nits are addressed assuming CI passes, sorry for the delay @dagnello |
sputnik13
force-pushed
the
openstack-lbaas-v2
branch
from
cc915fa to
14025be
Compare
|
We found a Contributor License Agreement for you (the sender of this pull request) and all commit authors, but as best as we can tell these commits were authored by someone else. If that's the case, please add them to this pull request and have them confirm that they're okay with these commits being contributed to Google. If we're mistaken and you did author these commits, just reply here to confirm. |
k8s-github-robot
removed
the
needs-rebase
sputnik13
force-pushed
the
openstack-lbaas-v2
branch
from
acf9d82 to
ddf3b46
Compare
|
@googlebot We did author this pull request yeah this doesn't seem to do anything, how do we get rid of that cla:no, I signed both corporate and individual CLAs... I have all the CLAs |
sputnik13
force-pushed
the
openstack-lbaas-v2
branch
from
ddf3b46 to
bc5c3ac
Compare
|
@sputnik13 we can human verify. It's not a problem. |
|
@mikedanese that sounds good, thanks. I just realized we didn't address your comment about changing the copyright date. Should it be 2014-2016 instead of just 2016, or do you want it to stay 2014? It's been standard practice on our team to update copyright notices to include the year that it was last updated. I think that's why @dagnello updated that, but we'd be fine with following the standard practice of the k8s community. |
sputnik13
force-pushed
the
openstack-lbaas-v2
branch
from
f1c3e35 to
3348b3b
Compare
k8s-github-robot
added
the
needs-rebase
|
CLAs look good, thanks! |
|
@lavalamp @mikedanese updated |
|
LGTM. |
|
@lavalamp @mikedanese any other updates required? |
|
LGTM still |
mikedanese
added
the
lgtm
k8s-github-robot
added
the
needs-rebase
dagnello
force-pushed
the
openstack-lbaas-v2
branch
from
fc256c4 to
bb1ae12
Compare
k8s-github-robot
removed
lgtm
|
GCE e2e build/test passed for commit bb1ae12. |
mikedanese
added
the
lgtm
|
@k8s-bot node e2e test this please, issue: #IGNORE |
|
@mikedanese build test failed with error: failed: No test report files were found. Configuration error? |
|
this is almost certainly a flake @k8s-bot node e2e test this please, issue: #IGNORE |
|
Automatic merge from submit-queue |
| waitLoadbalancerActiveProvisioningStatus(lbaas.network, loadbalancer.ID) | ||
|
|
||
| _, err = v2_pools.CreateAssociateMember(lbaas.network, pool.ID, v2_pools.MemberCreateOpts{ | ||
| Name: name, |
There was a problem hiding this comment.
there is no name for pool members according to https://wiki.openstack.org/wiki/Neutron/LBaaS/API_2.0#Add_a_New_Member_to_a_Pool, I got the error "create failed (client error): Unrecognized attribute(s) 'name'" when creating a service.
I had to remove this line to be able to successfully create a service with lbv2 on openstack liberty
There was a problem hiding this comment.
Perhaps member's name is supported in Mitaka and beyond. Can you verify this?
There was a problem hiding this comment.
This works for latest/Mitaka but will remove it so this will work for liberty as well.
|
Do you think the plugin should ask for a default security group id? Once the LB is created for the service, a security group has to be applied to the LB VIP port manually via neutron. |
|
Currently in LBaaS in openstack (v1 and v2), it put the LBaaS port in the default security group only. Most environments have that set not to allow any traffic. There's a bug open to ask for a security group when creating an LB, but it hasn't gone anywhere. This means if you use this plugin with kubernetes, it with create the LB and assign a floating ip, but no one will be able to access it. the best fix is allow the config file to specify a security group id- the plugin would get the port_id of the LB after its created and then use update-port (http://gophercloud.io/docs/networking/#update-port) to add the security group to the port. if no security group was supplied in the config file it would behave as it does now. |
|
@vmtyler that looks like a good extension of the current implementation. Can you raise an issue in Kubernetes for this? |
|
yes, will do now. |
Automatic merge from submit-queue Openstack heat network add lbaas subnet and floating network configuration support lbaas v2 add environment variable for fixed network ~~fix lb creation failed because of no 'name' for pool members according to lbaas v2 api~~ #27810 #25987 @dagnello @lavalamp @mikedanese []()
Automatic merge from submit-queue LBaaS v2 Support for Openstack Cloud Provider Plugin Resolves kubernetes#19774. This work is based on Gophercloud support for LBaaS v2 currently in review (this will have to merge first): rackspace/gophercloud#575 These changes includes the addition of a new loadbalancer configuration option: **LBVersion**. If this configuration attribute is missing or anything other than "v2", lbaas v1 implementation will be used.
Resolves #19774.
This work is based on Gophercloud support for LBaaS v2 currently in review (this will have to merge first):
rackspace/gophercloud#575
These changes includes the addition of a new loadbalancer configuration option: LBVersion. If this configuration attribute is missing or anything other than "v2", lbaas v1 implementation will be used.