Skip to content

Commit

Permalink
Change loadbalancer type for HCP deployments
Browse files Browse the repository at this point in the history
The Kubevirt(HCP) clusters do not have their loadbalancer installed and rely
on the host loadblancer( like netallb) when a loadbalancer is created.So when
the Submariner exposes the submariner-gateway loadbalancer service with
ServiceExternalTrafficPolicy locally does not work, as the traffic from
the remotecluster first lands on the host cluster. Hence the traffic policy
need to be updated to cluster in these deployments.

A new parameter hostedCluster is added to submariner config, if set the
traffic policy will be set to cluster

Signed-off-by: Aswin Suryanarayanan <[email protected]>
  • Loading branch information
aswinsuryan committed Jan 14, 2025
1 parent 003d454 commit eb1caf9
Show file tree
Hide file tree
Showing 7 changed files with 31 additions and 4 deletions.
13 changes: 11 additions & 2 deletions api/v1alpha1/submariner_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -160,10 +160,14 @@ type SubmarinerSpec struct {
// Enable NAT between clusters.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Enable NAT"
// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
NatEnabled bool `json:"natEnabled"`

NatEnabled bool `json:"natEnabled"`
AirGappedDeployment bool `json:"airGappedDeployment,omitempty"`

// Is the cluster a hosted cluster.
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Hosted Cluster"
// +operator-sdk:csv:customresourcedefinitions:type=status,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
HostedCluster bool `json:"hostedCluster,omitempty"`

// Enable automatic Load Balancer in front of the gateways.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Enable Load Balancer"
// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
Expand Down Expand Up @@ -228,6 +232,11 @@ type SubmarinerStatus struct {

AirGappedDeployment bool `json:"airGappedDeployment,omitempty"`

// Is the cluster a hosted cluster.
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Hosted Cluster"
// +operator-sdk:csv:customresourcedefinitions:type=status,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:text"}
HostedCluster bool `json:"hostedCluster,omitempty"`

ColorCodes string `json:"colorCodes,omitempty"`

// The current cluster ID.
Expand Down
2 changes: 2 additions & 0 deletions config/crd/bases/submariner.io_submariners.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,8 @@ spec:
haltOnCertificateError:
description: Halt on certificate error (so the pod gets restarted).
type: boolean
hostedCluster:
type: boolean
imageOverrides:
additionalProperties:
type: string
Expand Down
8 changes: 7 additions & 1 deletion internal/controllers/submariner/loadbalancer_resources.go
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,8 @@ func (r *Reconciler) getOCPPlatformType(ctx context.Context) (string, error) {
}

func newLoadBalancerService(instance *v1alpha1.Submariner, platformTypeOCP string) *corev1.Service {
externalTrafficPolicy := corev1.ServiceExternalTrafficPolicyTypeLocal

var svcAnnotations map[string]string

switch platformTypeOCP {
Expand All @@ -104,6 +106,10 @@ func newLoadBalancerService(instance *v1alpha1.Submariner, platformTypeOCP strin
"service.kubernetes.io/ibm-load-balancer-cloud-provider-ip-type": "public",
"service.kubernetes.io/ibm-load-balancer-cloud-provider-vpc-health-check-protocol": "http",
}
case string(configv1.KubevirtPlatformType):
if instance.Spec.HostedCluster {
externalTrafficPolicy = corev1.ServiceExternalTrafficPolicyTypeCluster
}
default:
svcAnnotations = map[string]string{}
}
Expand All @@ -115,7 +121,7 @@ func newLoadBalancerService(instance *v1alpha1.Submariner, platformTypeOCP strin
Annotations: svcAnnotations,
},
Spec: corev1.ServiceSpec{
ExternalTrafficPolicy: corev1.ServiceExternalTrafficPolicyTypeLocal,
ExternalTrafficPolicy: externalTrafficPolicy,
Type: corev1.ServiceTypeLoadBalancer,
Selector: map[string]string{
// Traffic is directed to the active gateway
Expand Down
1 change: 1 addition & 0 deletions internal/controllers/submariner/submariner_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -222,6 +222,7 @@ func (r *Reconciler) Reconcile(ctx context.Context, request reconcile.Request) (
instance.Status.Version = instance.Spec.Version
instance.Status.NatEnabled = instance.Spec.NatEnabled
instance.Status.AirGappedDeployment = instance.Spec.AirGappedDeployment
instance.Status.HostedCluster = instance.Spec.HostedCluster
instance.Status.ColorCodes = instance.Spec.ColorCodes
instance.Status.ClusterID = instance.Spec.ClusterID
instance.Status.GlobalCIDR = instance.Spec.GlobalCIDR
Expand Down
2 changes: 2 additions & 0 deletions internal/controllers/submariner/submariner_controller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ func testSubmarinerResourceReconciliation() {
BeforeEach(func() {
t.submariner.Spec.NatEnabled = true
t.submariner.Spec.AirGappedDeployment = true
t.submariner.Spec.HostedCluster = true
})

It("should populate general Submariner resource Status fields from the Spec", func(ctx SpecContext) {
Expand All @@ -91,6 +92,7 @@ func testSubmarinerResourceReconciliation() {
updated := t.getSubmariner(ctx)
Expect(updated.Status.NatEnabled).To(BeTrue())
Expect(updated.Status.AirGappedDeployment).To(BeTrue())
Expect(updated.Status.HostedCluster).To(BeTrue())
Expect(updated.Status.ClusterID).To(Equal(t.submariner.Spec.ClusterID))
Expect(updated.Status.GlobalCIDR).To(Equal(t.submariner.Spec.GlobalCIDR))
Expect(updated.Status.NetworkPlugin).To(Equal(t.clusterNetwork.NetworkPlugin))
Expand Down
6 changes: 6 additions & 0 deletions pkg/embeddedyamls/yamls.go
Original file line number Diff line number Diff line change
Expand Up @@ -248,6 +248,9 @@ spec:
haltOnCertificateError:
description: Halt on certificate error (so the pod gets restarted).
type: boolean
hostedCluster:
description: Is the cluster a hosted cluster.
type: boolean
imageOverrides:
additionalProperties:
type: string
Expand Down Expand Up @@ -840,6 +843,9 @@ spec:
required:
- mismatchedContainerImages
type: object
hostedCluster:
description: Is the cluster a hosted cluster.
type: boolean
loadBalancerStatus:
description: The status of the load balancer DaemonSet.
properties:
Expand Down
3 changes: 2 additions & 1 deletion tools/go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
module github.com/submariner-io/submariner-operator/tools

go 1.22.10
go 1.23.4

require (
github.com/operator-framework/operator-sdk v1.39.0
github.com/uw-labs/lichen v0.1.7
Expand Down

0 comments on commit eb1caf9

Please sign in to comment.