-
Notifications
You must be signed in to change notification settings - Fork 138
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OCPBUGS-39157,SDN-4930: Downstream Merge Sept 4th #2286
OCPBUGS-39157,SDN-4930: Downstream Merge Sept 4th #2286
Conversation
This is to change POD and join subnet used with couple of net-attach-def in unit tests to satisfy newly introduced subnet overlap check with ClusterNetwork, ServiceNetwork, join switch and masquerade CIDR. Signed-off-by: Arnab Ghosh <[email protected]>
UDN API referance generated using the following command: crd-ref-docs --source-path ./go-controller/pkg/crd/userdefinednetwork --config=crd-docs-config.yaml --renderer=markdown --output-path=./docs/api-reference/userdefinednetwork-api-spec.md Signed-off-by: Or Mergi <[email protected]>
Signed-off-by: Surya Seetharaman <[email protected]>
UDN: Add `MASQUERADE` IPTable Rules
status. Signed-off-by: Nadia Pinaeva <[email protected]>
Signed-off-by: Surya Seetharaman <[email protected]>
UDN: allow multiple conditions from different fieldManagers to co-exist in the status.
…nagement-port UDN: Add RPFilter Loose Mode for management port
Signed-off-by: Riccardo Ravaioli <[email protected]>
Everytime a UDN was created, we were adding the all remote nodes for every network all over again, including the default network. This makes the checks on the annotations network aware. Signed-off-by: Tim Rozet <[email protected]>
Services controller: - move it to base network controller - start one services controller per primary network - set up filter in the informer so that only endpointslices for the given network are considered - pass switch and router names according to the network for a given node. Move getActiveNetworkForNamespace to CommonNetworkControllerInfo, because the services controller only has access to CommonNetworkControllerInfo at initialization and needs to run getActiveNetworkForNamespace. Make LBs and LB groups network scoped Add network name & role to OVN external IDs. In a few places in the code we retrieve all logical switches, routers and load balancers to initialize the services controller or to delete stale entries. With one services controller per network, the OVN lookup must only return OVN elements in the network we're interested in. This is achieved by adding the network name and network role (default, primary, secondary) to the ExternalIDs field of logical switches, routers and load balancers. Signed-off-by: Riccardo Ravaioli <[email protected]>
Signed-off-by: Riccardo Ravaioli <[email protected]>
Signed-off-by: Riccardo Ravaioli <[email protected]>
The existing unit tests for services in services_controller_test are now run for UDN as well. At the same time, a cleanup of unit tests was needed, especially since there was a lot of repetition in the surrounding code, also with respect to global and test-specific variables between services_controller_test.go and lb_config_test.go Finally, Test_ETPCluster_NodePort_Service_WithMultipleIPAddresses follows the exact same logic found in TestSyncServices, so let's move it there Signed-off-by: Riccardo Ravaioli <[email protected]>
Allows the execution of the network segmentation tests that are in network_segmentation_*.go (e.g. services, endpoint slice mirrorring). For instance: make control-plane WHAT="Network Segmentation: services" Signed-off-by: Riccardo Ravaioli <[email protected]>
The test creates a client and nodeport service in a UDN backed by one pod and similarly a nodeport service and a client in the default network. We verify that: - UDN client --> UDN service, with backend pod and client running on the same node, is possible through: + clusterIP + nodeIP:nodePort, where we only target the node where the client runs (*) - UDN client --> UDN service, with backend pod and client running on different nodes, is possible through: + clusterIP + nodeIP:nodePort, where we only target the node where the client runs (*) - default-network client --> UDN service is NOT possible through: + clusterIP + nodeIP:nodePort, where we only target the node where the client runs (*) - UDN service --> default-network client is NOT possible through: + clusterIP + nodeIP:nodePort, where we only target the node where the client runs (*) (*) TODO connect to other nodes too once ovnkube-node fully supports UDN TODO: use the same logic as in network_segmentation.go Signed-off-by: Riccardo Ravaioli <[email protected]>
Signed-off-by: Jaime Caamaño Ruiz <[email protected]>
Remove tabs. Signed-off-by: Nadia Pinaeva <[email protected]>
UDN L3 support for services
Use faked iptables in UDN gateway tests
Update Dockerfile.fedora to use pre-released 24.09 ovn rpm.
Fixes remote node checks to be network aware
Signed-off-by: Dumitru Ceara <[email protected]>
UDN layer 3 networks also have a join switch and gateway router. Signed-off-by: Dumitru Ceara <[email protected]>
In the "delete" case we don't need the cookie, move the code that builds the cookie after the section that checks and takes care of deletes. Signed-off-by: Dumitru Ceara <[email protected]>
Signed-off-by: Dumitru Ceara <[email protected]>
… namespace active network Signed-off-by: Dumitru Ceara <[email protected]>
Signed-off-by: Surya Seetharaman <[email protected]>
Signed-off-by: Surya Seetharaman <[email protected]>
Signed-off-by: Dumitru Ceara <[email protected]>
/test e2e-aws-ovn-serial |
/test e2e-aws-ovn-upgrade-local-gateway
|
/test e2e-aws-ovn-upgrade
Looks like test exceeded deadline. |
/test e2e-azure-ovn-upgrade watchdog log collection failure |
/test e2e-metal-ipi-ovn-ipv6-techpreview |
/retitle OCPBUGS-39157,SDN-4930: Downstream Merge Sept 4th |
@martinkennelly: This pull request references Jira Issue OCPBUGS-39157, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. This pull request references SDN-4930 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
@martinkennelly: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
/assign @tssurya PTAL |
@martinkennelly: GitHub didn't allow me to assign the following users: PTAL. Note that only openshift members with read permissions, repo collaborators and people who have commented on this issue/PR can be assigned. Additionally, issues/PRs can only have 10 assignees at the same time. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
CI is looking good including payload tests. |
There was also a green nightly for 4.18 that including the last merge. |
cc @tssurya |
upgrades payloads look good here.
|
/lgtm great job here @martinkennelly |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: martinkennelly, tssurya The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/tide refresh |
14fb7c4
into
openshift:master
@martinkennelly: Jira Issue OCPBUGS-39157: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-39157 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
[ART PR BUILD NOTIFIER] Distgit: ovn-kubernetes-base |
[ART PR BUILD NOTIFIER] Distgit: ovn-kubernetes-microshift |
[ART PR BUILD NOTIFIER] Distgit: ose-ovn-kubernetes |
/payload ? |
@martinkennelly: it appears that you have attempted to use some version of the payload command, but your comment was incorrectly formatted and cannot be acted upon. See the docs for usage info. |
Please add any bugs to the title.
cc @arghosh93 , @ormergi , @ricky-rav , @tssurya