📖proposal for multi-az apiserver loadbalancer#2660
📖proposal for multi-az apiserver loadbalancer#2660sebltm wants to merge 2 commits intokubernetes-sigs:mainfrom
Conversation
k8s-ci-robot
added
the
do-not-merge/hold
✅ Deploy Preview for kubernetes-sigs-cluster-api-openstack ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
k8s-ci-robot
added
cncf-cla: yes
|
Hi @sebltm. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
lentzi90
left a comment
lentzi90
left a comment
There was a problem hiding this comment.
Interesting proposal! It will need some polishing though.
I think all the links are broken, so that would perhaps be the first thing to fix.
| - status.apiServerLoadBalancers is populated alongside legacy status until further cleanup. | ||
| - Disabling multi-AZ: | ||
| - Remove the mapping; controller maintains single-LB behavior. | ||
| - Per-AZ LBs are not automatically deleted; operators may clean up unused resources. |
There was a problem hiding this comment.
Why would we not clean them up automatically?
|
The Kubernetes project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
k8s-ci-robot
added
the
lifecycle/stale
|
/remove-lifecycle stale |
k8s-ci-robot
removed
the
lifecycle/stale
lentzi90
left a comment
lentzi90
left a comment
There was a problem hiding this comment.
Looking pretty good!
Could you squash the commits?
I would also be interested in other maintainers opinion on this.
/cc @mandre @stephenfin
Add a design proposal for first-class Multi-AZ support for the Kubernetes control plane LoadBalancer in CAPO. The feature reconciles one Octavia LoadBalancer per Availability Zone via an explicit AZ-to-Subnet mapping, registers control plane nodes with the LB in their AZ by default, and relies on external DNS multi-value A records for client-side failover.
sebltm
force-pushed
the
multi-az-lb-proposal
branch
from
de80459 to
660f634
Compare
|
@nikParasyr have you seen this proposal? I would be interested in your thoughts, especially when considering v1beta2 changes we want to make (e.g. #2899). |
There was a problem hiding this comment.
I have 3 main "concerns" here:
- The change to
OSC.statuswill be a breaking change as we will need to go fromstatus.apiServerLoadBalancertostatus.apiServerLoadBalancer[]. We could introduce is at as a new field and deprecate the other but its something to keep in mind. - There are some fields of the current api that are not covered by the proposal. For example
.spec.apiServerFloatingIP. I suspect that being able to predefine the floating ip per LB/AZ would be nice as it would allow users to create the FIPs & records beforehand (or through a lifecycleHook) and let the cluster roll out nicely. This would affect the current v1beta2 proposed changes as we will probably have to opt for option 2 and might even have to change the managedLoadbalancer to a list. - The request in #2999 has to be incorporated in this proposal i think. It doesnt feel usable to me (but might be missing something as openstack deployments vary) if we can create LBs per AZ on different subnets but cannot put the control-plane nodes on these subnets.
My other concern is that this will be tricky to test in e2e, but lets see
| - Add observability for per-AZ LB counts and reconciliation timings (non-breaking). | ||
|
|
||
| ## Open questions | ||
| - Should we add a future explicit field to declare the endpoint strategy (single VIP vs external DNS multi-A)? Current design preserves user-provided DNS and documents multi-A. No newline at end of file |
There was a problem hiding this comment.
Not sure about the field, but there should be clear documentation on how to achieve the different strategies
|
Thanks for the review feedback. I took a pass at addressing some of the comments.
Let me know if that aligns with that you were thinking |
lentzi90
left a comment
lentzi90
left a comment
There was a problem hiding this comment.
I am happy with this now. Let's see what others think.
/approve
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lentzi90 The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/cc @bnallapeta |
5 participants
What this PR does / why we need it:
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
TODOs:
/hold