-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EndpointSlice Conditions semantics: Ready, Serving and Terminating #24174
Conversation
Commit a2ec7c754c1196638ad54a2a5dfc7539741d6674 does not contain "Signed-off-by". Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin |
/assign @aanm @squeed @aditighag I've verified that this commits fixes #18241, the e2e passes with this patch. However, I want to add some unit tests and a second commit to fix ProxyTerminatingEndpoints and implement https://github.com/kubernetes/enhancements/tree/master/keps/sig-network/1669-proxy-terminating-endpoints per Kubernetes KEP I'm sending this PR just for testing the CI and for guidance and early feedback, since is my first contribution to cilium Thanks |
Thanks for your PR. You probably already see the below page. Also, you can mark this PR as draft if you want. PS: Glad to see you here contributing to Cilium, we are heavily using Kind cluster as part our tests ;). The IPv6 related workflow was possible, thanks to your time helping me a few years back 👍. https://docs.cilium.io/en/v1.13/contributing/development/contributing_guide/ |
/test Job 'Cilium-PR-K8s-1.24-kernel-5.4' failed: Click to show.Test Name
Failure Output
If it is a flake and a GitHub issue doesn't already exist to track it, comment |
The travis failure is legit:
(You can run these with |
The affinity test is failing; probably need to do |
I've flagged this PR to be backported; it will happen automatically unless it needs manual intervention. |
I agree that we can backport this to 1.12. @aojea AFAIK, the delta between the master and 1.12 implementation might not be too big. But in case there are conflicts, will you be able to help in resolving the conflicts? |
absolutely, I joined cilium slack so I can be reachable, but in case I have slow response Casey knows how to contact me |
Hello! |
@xyll typically backporters will look at all PRs each week and start the backport. They will tag it so that it shows up in the breadcrumbs links here on this PR, so you should be able to find it by monitoring this PR. Typically after a couple of days it will be reviewed & merged, so a rough estimation would be late next week assuming something doesn't come up. At that point, it should be part of |
Unfortunately, this PR had some had some non-trivial conflicts against v1.12. This means that this needs PR needs to be backported manually to v1.12 from someone with expertise in the affected area. @aojea Would you be able to open a PR against the v1.12 branch? Otherwise, we'll have to find a Cilium committer who is knowledgeable in the code to backport it. |
I can do it, just need some guidance if there are some additional steps, or is just a normal cherry-pick and dealing with the conflicts? |
hmm, it interferes with #21161, it seems that backporting requires to bring some code that is not necessary ... it seems that users will have to update to 1.13 :/ |
Does this also fix #23744? It seems like it could. |
I expect it, but I don't have time to test it so I can only guess 😄 |
Per the contributor ladder document https://github.com/cilium/community/blob/main/CONTRIBUTOR-LADDER.md#organization-member I'd like to request membership in the org for myself, since I plan to contribute regularly, mainly in the areas related to Kubernetes where I'm sig-network and sig-testing member and Kind maintainer. I've already contributed adding more test coverage for the Kubernetes integration to the project - cilium/cilium#25258 - cilium/cilium#24209 fixing some bugs: - cilium/cilium#24202 - cilium/cilium#24174 and helping to triage issues Signed-off-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
Per the contributor ladder document https://github.com/cilium/community/blob/main/CONTRIBUTOR-LADDER.md#organization-member I'd like to request membership in the org for myself, since I plan to contribute regularly, mainly in the areas related to Kubernetes where I'm sig-network and sig-testing member and Kind maintainer. I've already contributed adding more test coverage for the Kubernetes integration to the project - cilium/cilium#25258 - cilium/cilium#24209 fixing some bugs: - cilium/cilium#24202 - cilium/cilium#24174 and helping to triage issues Signed-off-by: Antonio Ojea <antonio.ojea.garcia@gmail.com>
Fix the usage of the EndpointSlice Conditions semantics: Ready, Serving and Terminating.
Please ensure your pull request adheres to the following guidelines:
description and a
Fixes: #XXX
line if the commit addresses a particularGitHub issue.
Fixes: <commit-id>
tag, thenplease add the commit author[s] as reviewer[s] to this issue.
The EndpointSlice conditions describe 3 states for an Endpoint: Ready, Service and Terminating.
If the Endpoint is Ready it must leverage that value, independently of the other Conditions, this is the reason why the Kubernetes test mentioned in #18241 fails, since using
service.Spec.publishNotReadyAddresses
force this Ready state in the Endpoint.In addition, Terminating endpoints must be included only of they are Serving, since that indicates that the Endpoint is valid, this state has to be introduced in the API for handling backward compatibility between versions adding an undesired complexity to consumers, so apologize for that 😄
In KEP https://github.com/kubernetes/enhancements/tree/master/keps/sig-network/1669-proxy-terminating-endpoints we describe the behavior for Terminating Endpoints in case there are no existing Ready endpoints, to allow to implement zero downtime strategies during rolling updates.
Add a job to run Kubernetes sig-network tests, to guarantee that there is no regression and also benefit Cilium of these tests, that should guarantee a standard and conformance behavior with Kubernetes sig-network defined behaviors.
Fixes: #18241