Change loadbalancer type for HCP deployments #3307
Conversation
The Kubevirt(HCP) clusters do not have their loadbalancer installedand rely on the host loadblancer( like netallb) when a loadbalancer is created.So when the Submariner exposes the submariner-gateway loadbalancer service with ServiceExternalTrafficPolicy locally does not work, as the traffic from the remotecluster first lands on the host cluster. Hence the traffic policy is updated to clusterin these deployments. Signed-off-by: Aswin Suryanarayanan <asuryana@redhat.com>
aswinsuryan
requested review from
Oats87,
skitt,
sridhargaddam,
tpantelis and
vthapar
as code owners
|
🤖 Created branch: z_pr3307/aswinsuryan/hcp-lb |
| @@ -104,6 +106,8 @@ func newLoadBalancerService(instance *v1alpha1.Submariner, platformTypeOCP strin | |||
| "service.kubernetes.io/ibm-load-balancer-cloud-provider-ip-type": "public", | |||
| "service.kubernetes.io/ibm-load-balancer-cloud-provider-vpc-health-check-protocol": "http", | |||
| } | |||
| case string(configv1.KubevirtPlatformType): | |||
There was a problem hiding this comment.
Does setting externalTrafficPolicy to corev1.ServiceExternalTrafficPolicyTypeCluster will work for both kubevirt and HCP Kubevirt clusters ? or it is needed only for HCP
There was a problem hiding this comment.
IIUC [1] , setting externalTrafficPolicy to corev1.ServiceExternalTrafficPolicyTypeCluster may cause the client's IP address to change. Could this break Submariner inter-cluster traffic?
There was a problem hiding this comment.
In this particular case IP address was preserved, maybe we should check the setup again. There were two level of load balancer service one created in the HCP cluster and in response to that one will be created in the hosted cluster.
The platform type was kubevirt , do we have another way to identify kubevirt vs HCP kubevirt?
There was a problem hiding this comment.
AFAIK, several fields in managedcluster resource are checked to decide if cluster is hosted, check [1] .
The Kubevirt(HCP) clusters do not have their loadbalancer installedand rely on the host loadblancer( like netallb) when a loadbalancer is created.So when the Submariner exposes the submariner-gateway loadbalancer service with ServiceExternalTrafficPolicy locally does not work, as the traffic from the remotecluster first lands on the host cluster. Hence the traffic policy is updated to clusterin these deployments.