✨ Allow adding custom HA proxy config for CAPD load balancer #8785
Conversation
k8s-ci-robot
added
cncf-cla: yes
|
/test pull-cluster-api-e2e-full-main |
| // should be equal to 'value'. | ||
| // The content of the config map will be appended to the HAProxy config file. Please use it with caution, | ||
| // as there are no checks to ensure the validity of the configuration. | ||
| AdditionalProxyConfigRef *corev1.LocalObjectReference `json:"additionalProxyConfigRef,omitempty"` |
There was a problem hiding this comment.
What about
| AdditionalProxyConfigRef *corev1.LocalObjectReference `json:"additionalProxyConfigRef,omitempty"` | |
| UnsafeHAProxyConfigTemplateRef *corev1.LocalObjectReference `json:"additionalProxyConfigRef,omitempty"` |
So we are explicity about "use at your own risk"; also, dropped additional according to latest discussion in the issue (it should be replace)
|
/test pull-cluster-api-e2e-full-main |
| // where the key is the server name and the value is the address. This map is dynamic and is updated every time a new control plane | ||
| // node is added or removed. The template will also support the JoinHostPort function to join the host and port of the backend server. | ||
| // +optional | ||
| UnsafeHAProxyConfigTemplateRef *corev1.LocalObjectReference `json:"additionalProxyConfigRef,omitempty"` |
There was a problem hiding this comment.
Not sure i like the use of Unsafe as that sounds scary 💀 Could we use something like CustomHAProxyConfigTemplateRef or CustomLoadBalancerConfigRef
| @@ -53,6 +54,17 @@ type DockerClusterSpec struct { | |||
| type DockerLoadBalancer struct { | |||
| // ImageMeta allows customizing the image used for the cluster load balancer. | |||
| ImageMeta `json:",inline"` | |||
|
|
|||
| // UnsafeHAProxyConfigTemplateRef allows you to replace the HAProxy config file. | |||
There was a problem hiding this comment.
| // UnsafeHAProxyConfigTemplateRef allows you to replace the HAProxy config file. | |
| // UnsafeHAProxyConfigTemplateRef allows you to replace the default HAProxy config file. |
test/infrastructure/docker/internal/controllers/dockermachine_controller.go
Outdated
Show resolved
Hide resolved
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: 3a72949a4180f9981c207ba1a3e11e0ee06455e0
|
test/infrastructure/docker/internal/controllers/dockermachine_controller.go
Outdated
Show resolved
Hide resolved
k8s-ci-robot
added
needs-rebase
k8s-ci-robot
removed
the
needs-rebase
|
@chrischdi Thanks! all fixed |
|
/test pull-cluster-api-e2e-full-main |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: 166a5864042e1fdafd44a0bb9313586112cb1747
|
test/infrastructure/docker/internal/controllers/dockermachine_controller.go
Outdated
Show resolved
Hide resolved
test/infrastructure/docker/internal/controllers/dockermachine_controller.go
Outdated
Show resolved
Hide resolved
test/infrastructure/docker/internal/controllers/dockermachine_controller.go
Outdated
Show resolved
Hide resolved
test/infrastructure/docker/internal/controllers/dockermachine_controller.go
Outdated
Show resolved
Hide resolved
| // where the key is the server name and the value is the address. This map is dynamic and is updated every time a new control plane | ||
| // node is added or removed. The template will also support the JoinHostPort function to join the host and port of the backend server. | ||
| // +optional | ||
| UnsafeHAProxyConfigTemplateRef *corev1.LocalObjectReference `json:"unsafeHAProxyConfigTemplateRef,omitempty"` |
There was a problem hiding this comment.
Re-raising this as i think it got lost.
Not sure i like the use of Unsafe as that sounds scary 💀 Could we use something like CustomHAProxyConfigTemplateRef or CustomLoadBalancerConfigRef ?
There was a problem hiding this comment.
I don't have a strong opinion here, not sure what other think
There was a problem hiding this comment.
No big opinions on my side either :-) I think the unsafe comes from:
Let's [...] make sure to clearly document the contract about it: e.g. no validation, use at your own risk, etc.
There was a problem hiding this comment.
There are a number of areas where there is no/little validation, and you can do lots of damage. For example PreKubeadmCommands.
If we have a warning in the documentation of the field that states "you better know what you are doing" then that's probably enough.
There was a problem hiding this comment.
I agree with Richard. I think we don't need Unsafe in the field name
There are so many ways to misconfigure Cluster API easily in which it's totally impossible for us to validate. I think it's not necessary to additional communicate it here by adding an Unsafe prefix to the field.
k8s-ci-robot
removed
the
lgtm
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: 6b2485fb36b25688ff1f397857d201b8b0c177e2
|
|
/lgtm pending getting consensus on the field name (no strong opinion from my side) |
|
/unassign |
k8s-ci-robot
removed
the
lgtm
|
Thanks @alexander-demicev for the name change :) For me: /lgtm |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: 616f0c5b39a6ea9067b2d43db9842dc741bd4f5f
|
|
/lgtm |
|
Thank you very much! /lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: sbueringer The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/area provider/infrastructure-docker |
k8s-ci-robot
added
the
area/provider/infrastructure-docker
What this PR does / why we need it:
Allow adding custom HA proxy config for CAPD load balancer. With this change, an additional load balancer configuration can be added using a config map. For more details see #7684
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #7684