Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PRR for 2593-multiple-cluster-cidrs #3839

Merged
merged 1 commit into from
Feb 8, 2023
Merged

PRR for 2593-multiple-cluster-cidrs #3839

merged 1 commit into from
Feb 8, 2023

Conversation

sarveshr7
Copy link
Contributor

  • One-line PR description:
    Adds a PRR for KEP-2593 to graduate to beta
  • Other comments:

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Feb 3, 2023
@k8s-ci-robot
Copy link
Contributor

Hi @sarveshr7. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Feb 3, 2023
@k8s-ci-robot k8s-ci-robot added kind/kep Categorizes KEP tracking issues and PRs modifying the KEP directory sig/network Categorizes an issue or PR as relevant to SIG Network. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Feb 3, 2023
@sarveshr7
Copy link
Contributor Author

/cc @aojea

aojea
aojea reviewed Feb 4, 2023
View reviewed changes
keps/sig-network/2593-multiple-cluster-cidrs/README.md
- cidrset_usage_cidrs - Gauge messuring the percentage of the provided CIDRs
- multicidrset_cidrs_allocations_total - Count of total number of CIDR allcoations
- multicidrset_cidrs_releases_total - Count of total number of CIDR releases
- multicidrset_usage_cidrs - Gauge messuring the percentage of the provided CIDRs
that have been allocated

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The health of the service can be determined if the *_total metrics increase with the number of nodes and the usage_cidrs metric is greater or equal than the number of nodes

It is important to mention that the Service is optional, it depends on the CNI implemented in the cluster, you can have the multicidr allocator and be a noOp in the cluster, if the CNI doesn't make use of the information provided

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

I added that it is optional and based on --allocate-node-cidrs being set to true in kube-controller-manager

I am not sure about the CNI specific behavior.

I believe when --allocate-node-cidrs is set to true, this controller will still add the PodCIDRs to the Node object. However the CNI can ignore if it manages the ipam?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes,, the field is optional to consume, it doesn't imply the cluster will use it

@aojea
Copy link
Member

aojea commented Feb 4, 2023

/ok-to-test
/lgtm
/assign @wojtek-t

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. lgtm "Looks good to me", indicates that a PR is ready to be merged. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Feb 4, 2023
@aojea aojea mentioned this pull request Feb 4, 2023
Open
@uablrek
Copy link

uablrek commented Feb 5, 2023

Great feature! I plan a gist to show how this can be used to solve kubernetes/kubernetes#109814.

This feature can be useful for secondary networks when they become supported by K8s. I would like some pro-active preparation for multi-network already now. Perhaps something as simple as a label;

apiVersion: networking.k8s.io/v1alpha1
kind: ClusterCIDR
metadata:
  name: default
  labels:
    ipam.kubernetes.io/range-controller: my-net
spec:
  perNodeHostBits: 8
  ipv4: "11.0.0.0/16"
  ipv6: "1100::/112"

telling the Node IPAMController to ignore this ClusterCIDR.

But I think the work you have already done will be repeated, so a perhaps better way is to allow the current IPAMController to create the ranges in some not-yet-existing network object instead of the node object (will not be called "network" though).

@uablrek
Copy link

uablrek commented Feb 5, 2023

The KEP should contain a working yaml manifest. Below is the one I am currently using. It took while to figure out, so to save time for other please include something similar;

apiVersion: networking.k8s.io/v1alpha1
kind: ClusterCIDR
metadata:
  name: ipv4
spec:
  nodeSelector:
    nodeSelectorTerms:
      - matchExpressions:
        - {key: wantIPv4, operator: In, values: ["true"]}
  perNodeHostBits: 7
  ipv4: "172.20.0.0/24"
  ipv6: "fd00:1000::/120"
---
apiVersion: networking.k8s.io/v1alpha1
kind: ClusterCIDR
metadata:
  name: default
spec:
  perNodeHostBits: 16
  ipv6: "fc00:2000::/96"

wojtek-t
wojtek-t reviewed Feb 6, 2023
View reviewed changes
Copy link
Member

@wojtek-t wojtek-t left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Couple more comments from me, but overall it looks reasonable.

keps/sig-network/2593-multiple-cluster-cidrs/README.md Show resolved Hide resolved
keps/sig-network/2593-multiple-cluster-cidrs/README.md Outdated Show resolved Hide resolved
keps/sig-network/2593-multiple-cluster-cidrs/README.md Show resolved Hide resolved
keps/sig-network/2593-multiple-cluster-cidrs/README.md Outdated Show resolved Hide resolved
keps/sig-network/2593-multiple-cluster-cidrs/README.md Show resolved Hide resolved
@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 8, 2023
@sarveshr7
Copy link
Contributor Author

Great feature! I plan a gist to show how this can be used to solve kubernetes/kubernetes#109814.

This feature can be useful for secondary networks when they become supported by K8s. I would like some pro-active preparation for multi-network already now. Perhaps something as simple as a label;

apiVersion: networking.k8s.io/v1alpha1
kind: ClusterCIDR
metadata:
  name: default
  labels:
    ipam.kubernetes.io/range-controller: my-net
spec:
  perNodeHostBits: 8
  ipv4: "11.0.0.0/16"
  ipv6: "1100::/112"

telling the Node IPAMController to ignore this ClusterCIDR.

But I think the work you have already done will be repeated, so a perhaps better way is to allow the current IPAMController to create the ranges in some not-yet-existing network object instead of the node object (will not be called "network" though).

@uablrek Thanks for the suggestion. I think @mskrocki is already considering it in the multi network design

wojtek-t
wojtek-t reviewed Feb 8, 2023
View reviewed changes
Copy link
Member

@wojtek-t wojtek-t left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is good for go to Beta.

/approve PRR

keps/sig-network/2593-multiple-cluster-cidrs/README.md Show resolved Hide resolved
@aojea
Copy link
Member

aojea commented Feb 8, 2023

/lgtm
/approve

/assign @thockin

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Feb 8, 2023
@thockin
Copy link
Member

thockin commented Feb 8, 2023

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aojea, sarveshr7, thockin, wojtek-t

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 8, 2023
@k8s-ci-robot k8s-ci-robot merged commit b680006 into kubernetes:master Feb 8, 2023
@k8s-ci-robot k8s-ci-robot added this to the v1.27 milestone Feb 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wojtek-t wojtek-t wojtek-t left review comments

@aojea aojea aojea left review comments

@caseydavenport caseydavenport Awaiting requested review from caseydavenport

@dcbw dcbw Awaiting requested review from dcbw

Assignees

@thockin thockin

@aojea aojea

@wojtek-t wojtek-t

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/kep Categorizes KEP tracking issues and PRs modifying the KEP directory lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. sig/network Categorizes an issue or PR as relevant to SIG Network. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
v1.27
Development

Successfully merging this pull request may close these issues.
6 participants
@sarveshr7 @k8s-ci-robot @aojea @uablrek @thockin @wojtek-t