Add annotation for exposing NEGs #284
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
k8s-ci-robot
added
do-not-merge/work-in-progress
agau4779
changed the title
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
/assign freehan |
|
/ok-to-test |
k8s-ci-robot
removed
the
needs-ok-to-test
freehan
reviewed
May 24, 2018
pkg/neg/controller.go
Outdated
| glog.V(2).Infof("Applying annotation to service: %s", annotation) | ||
|
|
||
| service.Annotations[negVisibilityAnnotationKey] = annotation | ||
| c.serviceLister.Update(service) |
pkg/neg/controller.go
Outdated
| res.NetworkEndpointGroups[port] = c.namer.NEG(namespace, name, port) | ||
| } | ||
|
|
||
| return fmt.Sprintf("%+v", res), nil |
There was a problem hiding this comment.
Use a struct to represent the annotation schema. And then use json.Marshal to convert it into json.
pkg/annotations/service.go
Outdated
| // To enable this feature, the value of the annotation must be "true". | ||
| // This annotation should be specified on services that are backing ingresses. | ||
| // WARNING: The feature will NOT be effective in the following circumstances: | ||
| // 1. NEG feature is not enabled in feature gate. | ||
| // 2. Service is not referenced in any ingress. | ||
| // 3. Adding this annotation on ingress. | ||
| NetworkEndpointGroupAlphaAnnotation = "alpha.cloud.google.com/load-balancer-neg" |
There was a problem hiding this comment.
let us keep the boolean trigger for now.
Add a separate annotation for expose neg
agau4779
force-pushed
the
expose-negs
branch
2 times, most recently
from
4a83279
to
80b03d8
Compare
freehan
reviewed
May 25, 2018
pkg/annotations/service.go
Outdated
| // ExposeNegAnnotation is the format of the annotation associated with the | ||
| // cloud.google.com/use-neg key. | ||
| type ExposeNegAnnotation struct { | ||
| SvcPorts map[string]NegAttributes |
There was a problem hiding this comment.
You can add json tags: https://eager.io/blog/go-and-json/
pkg/annotations/service.go
Outdated
| // NEGAnnotation is the annotation key to specify standalone NEGs associated | ||
| // with the service. This should be a valid JSON string, for example: | ||
| // {"SvcPorts":{"80":{"Enabled":true}}} | ||
| NEGAnnotation = "cloud.google.com/use-neg" |
pkg/annotations/service.go
Outdated
| func (svc Service) NEGEnabled() bool { | ||
| // NEGIngress returns true if the annotation is to be applied on | ||
| // Ingress-referenced ports | ||
| func (svc Service) NEGIngress() bool { | ||
| v, ok := svc.v[NetworkEndpointGroupAlphaAnnotation] |
There was a problem hiding this comment.
change to something like:
NEGEnabledForIngress
pkg/annotations/service.go
Outdated
| v, ok := svc.v[NetworkEndpointGroupAlphaAnnotation] | ||
| return ok && v == "true" | ||
| } | ||
|
|
||
| // NEGEnabled is true if the service uses NEGs. | ||
| func (svc Service) NEGEnabled() bool { |
pkg/annotations/service.go
Outdated
|
|
||
| var portMap ExposeNegAnnotation | ||
| if err := json.Unmarshal([]byte(v), &portMap); err != nil { | ||
| return nil, fmt.Errorf("NEG annotation %s is not well-formed", v) |
There was a problem hiding this comment.
Add a TODO or something to point to the documentation.
pkg/neg/controller.go
Outdated
| @@ -265,6 +294,30 @@ func (c *Controller) synced() bool { | |||
| c.ingressSynced() | |||
| } | |||
|
|
|||
| type negSvcState struct { | |||
| @@ -40,6 +41,11 @@ const ( | |||
| // 3. Adding this annotation on ingress. | |||
| NetworkEndpointGroupAlphaAnnotation = "alpha.cloud.google.com/load-balancer-neg" | |||
There was a problem hiding this comment.
cloud.google.com/use-load-balancer-neg
There was a problem hiding this comment.
this was the original annotation for NEG + Ingress - is it ok to change it?
There was a problem hiding this comment.
note that if we put beta, it will stay forever right now (new deprecation rules)
|
/assign |
agau4779
force-pushed
the
expose-negs
branch
2 times, most recently
from
70f9758
to
6a2cd8d
Compare
freehan
reviewed
May 29, 2018
pkg/annotations/service.go
Outdated
|
|
||
| // NEGAnnotation is the annotation key to specify standalone NEGs associated | ||
| // with the service. This should be a valid JSON string, for example: | ||
| // {"service_ports":{"80":{"enabled":true}}} |
There was a problem hiding this comment.
Let us do this:
{"service_ports":{"80":{}}}
pkg/annotations/service.go
Outdated
| @@ -57,6 +63,18 @@ const ( | |||
| ProtocolHTTP2 AppProtocol = "HTTP2" | |||
| ) | |||
|
|
|||
| // ExposeNegAnnotation is the format of the annotation associated with the | |||
| // NEGAnnotation key. | |||
| type ExposeNegAnnotation struct { | |||
There was a problem hiding this comment.
Make it empty for now. Leave a comment to say there will be future extensions in this struct
agau4779
force-pushed
the
expose-negs
branch
2 times, most recently
from
f57641d
to
9dfff4c
Compare
freehan
reviewed
May 30, 2018
pkg/neg/controller.go
Outdated
| if err == nil { | ||
| svcPorts = svcPorts.Union(negSvcPorts) | ||
| } else { | ||
| glog.Warning("Failed to parse %v annotation on Service, err: %v. Ignoring the annotation.", annotations.NEGAnnotation, err) |
There was a problem hiding this comment.
use event recorder to record and error event to the service object
There was a problem hiding this comment.
Also check if the service port actually exists. If not, record an event.
Add a TODO to say that will move the validation logic to validation webhook.
pkg/neg/controller.go
Outdated
| @@ -265,6 +294,30 @@ func (c *Controller) synced() bool { | |||
| c.ingressSynced() | |||
| } | |||
|
|
|||
| type negSvcState struct { | |||
freehan
reviewed
May 30, 2018
pkg/annotations/service.go
Outdated
| // ExposeNegAnnotation is the format of the annotation associated with the | ||
| // NEGAnnotation key. ServicePorts present in this map will be NEG-enabled. | ||
| type ExposeNegAnnotation struct { | ||
| SvcPorts map[string]NegAttributes `json:"service_ports,omitempty"` |
There was a problem hiding this comment.
Can we get rid of the service_ports key?
"cloud.google.com/expose-load-balancer-neg": "{"80":{}, "8080": {}}"
agau4779
force-pushed
the
expose-negs
branch
2 times, most recently
from
27998a4
to
a4aa68a
Compare
bowei
reviewed
Jun 1, 2018
pkg/annotations/service.go
Outdated
| NetworkEndpointGroupAlphaAnnotation = "cloud.google.com/use-load-balancer-neg" | ||
|
|
||
| // NEGAnnotation is the annotation key to specify standalone NEGs associated | ||
| // with the service. This should be a valid JSON string, for example: |
There was a problem hiding this comment.
can you put where the actual schema struct is defined?
pkg/annotations/service.go
Outdated
| func (svc Service) NEGEnabled() bool { | ||
| // NEGEnabledForIngress returns true if the annotation is to be applied on | ||
| // Ingress-referenced ports | ||
| func (svc Service) NEGEnabledForIngress() bool { |
There was a problem hiding this comment.
is using this as a value type on purpose? (svc *Service)
pkg/annotations/service.go
Outdated
| // NEGExposed is true if the service exposes NEGs | ||
| func (svc Service) NEGExposed() bool { | ||
| v, ok := svc.v[NEGAnnotation] | ||
| return ok && len(v) > 0 |
There was a problem hiding this comment.
wouldn't len(v) be == 0 if it didn't exist?
pkg/annotations/service.go
Outdated
| return nil, fmt.Errorf("No NEG ServicePorts specified") | ||
| } | ||
|
|
||
| // TODO: add link to documentation |
pkg/annotations/service.go
Outdated
| // TODO: add link to documentation | ||
| var portMap ExposeNegAnnotation | ||
| if err := json.Unmarshal([]byte(v), &portMap); err != nil { | ||
| return nil, fmt.Errorf("NEG annotation %s is not well-formed", v) |
There was a problem hiding this comment.
...well-formed: %v", v, err
might as well report the error so people know how to fix
pkg/neg/controller.go
Outdated
| if annotations.FromService(service).NEGExposed() { | ||
| negSvcPorts, err := annotations.FromService(service).NEGServicePorts() | ||
| if err == nil { | ||
| knownPorts := sets.NewString() |
There was a problem hiding this comment.
This feels like it should be a helper function.
pkg/neg/controller.go
Outdated
| negSvcPorts, err := annotations.FromService(service).NEGServicePorts() | ||
| if err == nil { | ||
| knownPorts := sets.NewString() | ||
| for _, sp := range service.Spec.Ports { |
There was a problem hiding this comment.
This block that collects the service ports should be a helper function and unit tested
pkg/neg/controller.go
Outdated
|
|
||
| if len(svcPorts) > 0 { | ||
| annotation, err := c.negVisibilityAnnotation(namespace, name, svcPorts.List()) | ||
| service.Annotations[negVisibilityAnnotationKey] = annotation |
There was a problem hiding this comment.
I would like this to be part of the annotations pkg to keep annotation related code together
pkg/neg/controller.go
Outdated
| @@ -265,6 +294,30 @@ func (c *Controller) synced() bool { | |||
| c.ingressSynced() | |||
| } | |||
|
|
|||
| type negSvcState struct { | |||
pkg/neg/controller.go
Outdated
| // associated with the given ports. | ||
| // NetworkEndpointGroups is a mapping between ServicePort and NEG name | ||
| // Zones is a list of zones where the NEGs exist. | ||
| func (c *Controller) negVisibilityAnnotation(namespace, name string, ports []string) (string, error) { |
agau4779
force-pushed
the
expose-negs
branch
2 times, most recently
from
73252dc
to
85f09ef
Compare
k8s-ci-robot
added
size/XXL
freehan
reviewed
Jun 19, 2018
| NEG: true, | ||
| Http2: true, | ||
| NEG: true, | ||
| NEGExposed: true, |
pkg/annotations/service.go
Outdated
|
|
||
| // NEGStatusKey is the annotation key whose value is the status of the NEGs | ||
| // on the Service, and is applied by the NEG Controller. | ||
| NEGStatusKey = "cloud.google.com/neg" |
There was a problem hiding this comment.
cloud.google.com/neg-status
pkg/annotations/service.go
Outdated
| // with the service. This should be a valid JSON string, as defined in | ||
| // ExposeNegAnnotation. | ||
| // example: {"80":{},"443":{}} | ||
| ExposeNEGAnnotationKey = "cloud.google.com/expose-load-balancer-neg" |
pkg/annotations/service.go
Outdated
|
|
||
| // NegAttributes houses the attributes of the NEGs that are associated with the | ||
| // service. Future extensions to the Expose NEGs annotation should be added here. | ||
| type NegAttributes struct{} |
pkg/neg/annotations.go
Outdated
|
|
||
| // NegServiceState contains name and zone of the Network Endpoint Group | ||
| // resources associated with this service | ||
| type NegServiceState struct { |
pkg/neg/annotations.go
Outdated
| // associated with the given ports. | ||
| // NetworkEndpointGroups is a mapping between ServicePort and NEG name | ||
| // Zones is a list of zones where the NEGs exist. | ||
| func GenNegServiceState(zones []string, portToNegs PortNameMap) NegServiceState { |
| testCases := []struct { | ||
| desc string | ||
| previousPortMap PortNameMap | ||
| portMap PortNameMap |
There was a problem hiding this comment.
add a boolean speicify expect service update or not
let me find an example for you.
agau4779
force-pushed
the
expose-negs
branch
3 times, most recently
from
0a7c879
to
4bb2b9c
Compare
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
k8s-ci-robot
removed
the
lgtm
|
/lgtm |
k8s-ci-robot
added
the
lgtm
k8s-github-robot
pushed a commit
to kubernetes/kubernetes
that referenced
this pull request
Jun 23, 2018
Automatic merge from submit-queue (batch tested with PRs 65338, 64535). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. [GCE] e2e test for expose neg on gce ingress **What this PR does / why we need it**: - Adds e2e test for the expose NEG annotation (which allows for standalone NEGs) **Special notes for your reviewer**: Note, kubernetes/ingress-gce#350 must be merged first before this is merged. `[Unreleased]` tag is on this PR because it depends on code from kubernetes/ingress-gce#350 and kubernetes/ingress-gce#284 being in an Ingress release. Will update this test and test-infra once this is released in the next Ingress. **Release note**: ```release-note NONE ```
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds a new annotation for exposing standalone NEGs on Services without requiring an Ingress.
Additionally:
/pkg/neg(PortNameMap type)To do in later PRs: