You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by GitBox <gi...@apache.org> on 2020/08/14 11:20:18 UTC

[GitHub] [cloudstack-kubernetes-provider] joschi36 commented on pull request #9: Support loadBalancerSourceRanges

joschi36 commented on pull request #9:
URL: https://github.com/apache/cloudstack-kubernetes-provider/pull/9#issuecomment-674026470


   Hi @onitake 
   I tested the CCM and saw some issues, here my tests:
   
   ## Tests:
   
   ### :ballot_box_with_check:  Creating Service LoadBalancer without `loadBalancerSourceRanges`
   #### Configured:
   No `loadBalancerSourceRanges`
   #### Expected
   ```
   0.0.0.0/0
   ```
   
   #### Got
   ```
   0.0.0.0/0
   ```
   
   ### :ballot_box_with_check:  Creating Service LoadBalancer with one `loadBalancerSourceRanges` entry
   #### Configured:
   ```yaml
   loadBalancerSourceRanges:
   - 1.2.3.4/32
   ```
   #### Expected
   ```
   1.2.3.4/32
   ```
   
   #### Got
   ```
   1.2.3.4/32
   ```
   
   ### :negative_squared_cross_mark: Extending Service LoadBalancer with one `loadBalancerSourceRanges` entry
   #### Before:
   ```yaml
   loadBalancerSourceRanges:
   - 1.2.3.4/32
   ```
   #### Configured:
   ```yaml
   loadBalancerSourceRanges:
   - 1.2.3.4/32
   - 5.6.7.8/32
   ```
   #### Expected
   ```
   1.2.3.4/32,5.6.7.8/32
   ```
   
   #### Got
   ```
   1.2.3.4/32
   ```
   
   #### Log
   ```
   I0814 11:10:41.639262       1 reflector.go:243] k8s.io/client-go/informers/factory.go:133: forcing resync
   I0814 11:10:48.523517       1 service_controller.go:329] Ensuring load balancer for service http-echo/test
   I0814 11:10:48.524439       1 event.go:258] Event(v1.ObjectReference{Kind:"Service", Namespace:"http-echo", Name:"test", UID:"2364b2e3-78a2-4ab6-92cf-3f42942ac88a", APIVersion:"v1", ResourceVersion:"79821811", FieldPath:""}): type: 'Normal' reason: 'LoadBalancerSourceRanges' [1.2.3.4/32] -> [1.2.3.4/32 5.6.7.8/32]
   I0814 11:10:48.524551       1 event.go:258] Event(v1.ObjectReference{Kind:"Service", Namespace:"http-echo", Name:"test", UID:"2364b2e3-78a2-4ab6-92cf-3f42942ac88a", APIVersion:"v1", ResourceVersion:"79821811", FieldPath:""}): type: 'Normal' reason: 'EnsuringLoadBalancer' Ensuring load balancer
   I0814 11:10:48.523610       1 cloudstack_loadbalancer.go:77] EnsureLoadBalancer(kubernetes, http-echo, test, , [{ TCP 80 {0 80 } 31324}], REDACT METADATA (useless info)
   I0814 11:10:48.994986       1 cloudstack_loadbalancer.go:330] Load balancer a2364b2e378a24ab692cf3f42942ac88 contains 1 rule(s)
   I0814 11:10:49.165197       1 cloudstack_loadbalancer.go:122] Load balancer a2364b2e378a24ab692cf3f42942ac88 is associated with IP 10.101.47.58
   I0814 11:10:49.165241       1 cloudstack_loadbalancer.go:152] Load balancer rule a2364b2e378a24ab692cf3f42942ac88-tcp-80 is up-to-date
   I0814 11:10:49.165250       1 cloudstack_loadbalancer.go:170] Creating firewall rules for load balancer rule: a2364b2e378a24ab692cf3f42942ac88-tcp-80 (tcp:10.101.47.58:80)
   I0814 11:10:49.165260       1 cloudstack_loadbalancer.go:646] Listing firewall rules for &{map[ipaddressid:f309a2f1-7d27-4e1c-87ce-644372347c92 listall:true projectid:175d37b9-0478-4f9e-ab23-9ebba6c1eb64]}
   I0814 11:10:49.216858       1 cloudstack_loadbalancer.go:651] All firewall rules for 10.101.47.58: [0xc000b237a0]
   I0814 11:10:49.216889       1 cloudstack_loadbalancer.go:662] Matching rules for 10.101.47.58: map[0xc000b237a0:true]
   E0814 11:10:49.300285       1 cloudstack_loadbalancer.go:172] Error updating firewall rules for load balancer rule a2364b2e378a24ab692cf3f42942ac88-tcp-80: error creating new firewall rule for public IP f309a2f1-7d27-4e1c-87ce-644372347c92, proto tcp, port 80, allowed [1.2.3.4/32 5.6.7.8/32]: CloudStack API error 537 (CSExceptionErrorCode: 9999): The range specified, 80-80, conflicts with rule 50627 which has 80-80
   I0814 11:10:49.300378       1 service_controller.go:719] Finished syncing service "http-echo/test" (776.883593ms)
   I0814 11:10:49.300476       1 event.go:258] Event(v1.ObjectReference{Kind:"Service", Namespace:"http-echo", Name:"test", UID:"2364b2e3-78a2-4ab6-92cf-3f42942ac88a", APIVersion:"v1", ResourceVersion:"79821811", FieldPath:""}): type: 'Normal' reason: 'EnsuredLoadBalancer' Ensured load balancer
   ```
   
   ### :ballot_box_with_check: Removing `loadBalancerSourceRanges` with one entry from Service LoadBalancer
   
   #### Before:
   ```yaml
   loadBalancerSourceRanges:
   - 1.2.3.4/32
   ```
   
   #### Expected
   ```
   0.0.0.0/0
   ```
   
   #### Got
   ```
   0.0.0.0/0
   ```
   
   ### :ballot_box_with_check: Creating Service LoadBalancer with two `loadBalancerSourceRanges`
   
   #### Configured:
   ```yaml
   loadBalancerSourceRanges:
   - 1.2.3.4/32
   - 5.6.7.8/32
   ```
   #### Expected
   ```
   1.2.3.4/32,5.6.7.8/32
   ```
   
   #### Got
   ```
   1.2.3.4/32,5.6.7.8/32
   ```
   
   ### :ballot_box_with_check: Removing `loadBalancerSourceRanges` with two entries from Service LoadBalancer
   
   #### Before:
   ```yaml
   loadBalancerSourceRanges:
   - 1.2.3.4/32
   - 5.6.7.8/32
   ```
   #### Expected
   ```
   0.0.0.0/0
   ```
   
   #### Got
   ```
   0.0.0.0/0
   ```


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org