-
Notifications
You must be signed in to change notification settings - Fork 339
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hypershift live migration #3478
Conversation
f380c09
to
aee8984
Compare
188e45b
to
948521c
Compare
95908a0
to
af18346
Compare
a847ac8
to
ced79da
Compare
The live migration feature implemented at [1] creates a stable default gw for IPv4 and IPv6, for IPv4 it's delivered using DHCPv4 but for IPv6 there is not support for routes at DHCPv6. This change harcoded the IPv6 stable default gw using ignition. [1] ovn-org/ovn-kubernetes#3478 Signed-off-by: Enrique Llorente <ellorent@redhat.com>
|
||
// There is a VM still running we should not deallocate the IP | ||
// check to make sure no other pods are using this IP before we try to release it if this is a completed pod. | ||
if !isMigratedSourcePodStale && util.PodCompleted(pod) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't understand this. Shouldn't we be doing
if isMigratedSourcePodStale {
return false, nil
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also
if !util.PodCompleted(pod) {
return true, nil
}
// controller's zone. | ||
func (bnc *BaseNetworkController) ensurePodAnnotation(pod *kapi.Pod, nadName string) (*util.PodAnnotation, bool, error) { | ||
zoneContainsPodSubnet := true | ||
if !kubevirt.IsPodLiveMigratable(pod) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we do this the other way around?
if kubevirt.IsPodLiveMigratable(pod) {
....
}
For clarity, I would prefer the special case (live migratable pods) to be handled in the if block, not the other way around
@@ -339,6 +340,24 @@ func (allocator *allocator) ForSubnet(name string) NamedAllocator { | |||
} | |||
} | |||
|
|||
// FindSwitchBySubnets will find the switch that contains one of the subnets | |||
// from "subnets" if not it will return "", false | |||
func (allocator *allocator) FindSwitchBySubnets(subnets []*net.IPNet) (string, bool) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This allocator does not have the notion of a Switch. We need a different name. Maybe GetSubnetName
or FindSubnetName
or FindNameBySubnets
, in order of my preference
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Going for GetSubnetName
} | ||
|
||
return oc.removeRemoteZonePod(pod) | ||
return kubevirt.CleanUpLiveMigratablePod(oc.nbClient, oc.watchFactory, pod) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know. My comment was alluding to clarity, not to a functional issue. It's a nit, up to you.
2a2e5fc
to
5ad69dd
Compare
cfa6aab
to
28b0f5c
Compare
At live migration the IP has to follow the VM and at kubevirt it means that the new virt-launcher pod has to re-use the address from the old virt-launcher. This change annotate the new virt-launcher pods with the ip configuration of the old one so ipam can take over. Signed-off-by: Enrique Llorente <ellorent@redhat.com>
The hypershift workers use DHCP for IP configuration, this change configure the ipv4/ipv6 DHCP options from the VM's LSP with the cidr from switch subnet, harcode arp proxy IP as default gw and the dns server from kubernetes or openshift service, it also configure the "arp_proxy" option at the LSP. Signed-off-by: Enrique Llorente <ellorent@redhat.com>
Live migrated pods will keep their IP and it will be from a subnet different from the node switch, to continue routing to the proper node a point to point route need to be added to ovn_cluster_router that will change at live migration. This change add that route and implement the live migration switch. Signed-off-by: Enrique Llorente <ellorent@redhat.com>
This change document the KubeVirt live migration explaining how to use it and illustrating it with an example. Signed-off-by: Enrique Llorente <ellorent@redhat.com>
This change add e2e tests to check pre and post copy live migration, for that the "kind.sh" script has learn to install kubevirt. Github actions also include jobs to exercise it, the post-copy test has being disabled for them since it's not working at that env. To test that tcp connection survives live migration http connection reuse is check. Signed-off-by: Enrique Llorente <ellorent@redhat.com>
If a new node is added we have the ip pool has to allocate the vm ips if node is taking over the vm subnet. Signed-off-by: Enrique Llorente <ellorent@redhat.com>
This change group together the ip pool re-fill logic at "syncPods" and "addUpdateLocalNodeEvent" for live migratable pods. Signed-off-by: Enrique Llorente <ellorent@redhat.com>
28b0f5c
to
ee312fe
Compare
For the live-migration ovn-kuberntes features [1] CNO need to pass the namespace and name of the dns resolver service. [1] ovn-org/ovn-kubernetes#3478 Signed-off-by: Enrique Llorente <ellorent@redhat.com>
For the live-migration ovn-kuberntes features [1] CNO need to pass the namespace and name of the dns resolver service. [1] ovn-org/ovn-kubernetes#3478 Signed-off-by: Enrique Llorente <ellorent@redhat.com>
For the live-migration ovn-kuberntes features [1] CNO need to pass the namespace and name of the dns resolver service. [1] ovn-org/ovn-kubernetes#3478 Signed-off-by: Enrique Llorente <ellorent@redhat.com>
It looks like @qinqon resolved the requested changes
Checked downstream CI here |
🎆 |
- What this PR does and why is it needed
Add support to hypershift kubevirt provider live migration by doing the following at hypershift workers virt-launcher pods:
- Special notes for reviewers
Changes for IC not included at the enhancement:
Depends on:
- Follow ups
event for worker1: {virt-handler ovn-worker2} Migrated: VirtualMachineInstance migration uid 75effe84-8f58-4890-b8ac-6995d74bd4ae failed. reason:Live migration failed error encountered during MigrateToURI3 libvirt api call: virError(Code=1, Domain=10, Message='internal error: unable to execute QEMU command 'migrate-set-capabilities': Postcopy is not supported')
- How to verify it
Run KubeVirt e2e tests or follow example at the doc on the PR
- Description for the changelog
Add live migration support for KubeVirt VMs using default network