Update Egress API to support multiple Egress IPs and pools

[tnqn]

Nodes in a cluster could reside in multiple subnets, but the egress IP needs to be routable in the underlay network and usually resides in the same subnet of the Node hosting it. Therefore, there may be a situation where no available nodes are eligible to host an egress IP address if all Nodes in a subnet are down, interrupting egress traffic of the workloads that use the IP.

As the first step of supporting the above scenario, the patch extends the Egress IP to support multiple Egress IPs and pools so that one Egress IP can be configured for each subnet, making Egress failover across the whole cluster possible.

Besides, it also adds a field, status.egressIP, to represent the effective Egress IP. When there is no eligible Node for any of the Egress IPs, the field will be empty.

[codecov]

Codecov Report

Merging #4603 (567e2b3) into main (272b56c) will decrease coverage by 3.12%.
The diff coverage is 56.66%.

❗ Current head 567e2b3 differs from pull request most recent head 58e97ac. Consider uploading reports for the commit 58e97ac to get more accurate results

@@            Coverage Diff             @@
##             main    #4603      +/-   ##
==========================================
- Coverage   71.99%   68.87%   -3.12%     
==========================================
  Files         406      403       -3     
  Lines       60856    59797    -1059     
==========================================
- Hits        43812    41187    -2625     
- Misses      14132    15773    +1641     
+ Partials     2912     2837      -75     

Flag	Coverage Δ		*Carryforward flag
e2e-tests	38.33% <ø> (-0.05%)	⬇️	Carriedforward from d5dd02e
integration-tests	34.45% <ø> (+0.62%)	⬆️
kind-e2e-tests	41.03% <50.00%> (-6.35%)	⬇️
unit-tests	59.92% <56.66%> (-2.79%)	⬇️

*This pull request uses carry forward flags. Click here to find out more.

Impacted Files	Coverage Δ
pkg/controller/egress/controller.go	87.50% <50.00%> (-1.20%)	⬇️
pkg/agent/controller/egress/egress_controller.go	83.68% <59.09%> (+0.03%)	⬆️

... and 106 files with indirect coverage changes

[tnqn]

/test-all

[XinShuYang]

/test-all

[tnqn]

/test-all

[jianjuns]

Maybe we can deprecate this field in a future release?

[tnqn]

Do you mean both EgressIP and ExternalIPPool, the singular fields?

[jianjuns]

Yes.

[jianjuns]

Do we require each IP must be from different ExternalIPPools?

[tnqn]

We probably should check the uniqueness of the pools because:

1. Using same ExternalIPPools multiple times is meaningless
2. It may cause trouble to the implementation, e.g. we might use map to track pool -> ip allocation.

[jianjuns]

Ok. Would you add comments for that?

[tnqn]

updated the comment of ExternalIPPools

[jianjuns]

Should we say IPs must be in ExternalIPPools? And move "Entries with the same index in EgressIPs and ExternalIPPools are correlated." here?

[tnqn]

But we could also support IPs not allocated from pools. For example, users could get HA support when they have two Nodes that have public access and just use two Node IPs as the Egress IPs here.

[tnqn]

@jianjuns If there are more comments about the fields' comment, we could update with a following up PR or when we officially support multiple IPs. I will merge it first to proceed.

[jianjuns]

Should we say IPs must be in ExternalIPPools? And move "Entries with the same index in EgressIPs and ExternalIPPools are correlated." here?

[tnqn]

/skip-all