-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[VPC] Support NSXLB for VPC #618
base: main
Are you sure you want to change the base?
Conversation
@@ -139,7 +139,7 @@ func (r *NetworkInfoReconciler) Reconcile(ctx context.Context, req ctrl.Request) | |||
LoadBalancerIPAddresses: cidr, | |||
PrivateIPv4CIDRs: nc.PrivateIPv4CIDRs, | |||
} | |||
updateSuccess(r, &ctx, obj, r.Client, state, nc.Name, path) | |||
updateSuccess(r, &ctx, obj, r.Client, state, nc.Name, path, r.Service.GetNSXLBSPath(nc.Org, nc.NsxtProject, *createdVpc.Id, obj.Namespace)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it possible GetNSXLBSPath() return error, or notFound?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's possible but I think no need to do this, since LBS and VPC is created in a batch request.
GetNSXLBSPath returns empty string means no LBS created for this VPC.
return &infraObj, nil | ||
} | ||
|
||
func (service *Service) WrapVPC(vpc *model.Vpc) ([]*data.StructValue, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not put WrapVPC and WrapLBS in pkg/nsx/services/vpc/wrap.go?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Although these 2 functions are used by VPC only, they can be used by other packages in future.
In future, I think we might refactor these functions to one function which can wrap multiple types to Children resource.
5040cc2
to
4c564f5
Compare
660f1a2
to
9d8f41b
Compare
@@ -602,6 +640,7 @@ func (s *VPCService) CreateOrUpdateVPC(obj *v1alpha1.NetworkInfo) (*model.Vpc, * | |||
if realizestate.IsRealizeStateError(err) { | |||
log.Error(err, "the created VPC is in error realization state, cleaning the resource", "VPC", *createdVpc.Id) | |||
// delete the nsx vpc object and re-created in next loop | |||
// TODO(gran) DeleteVPC will check VpcStore but new Vpc is not in store at this moment. Is it correct? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@dantingl @lxiaopei @seanpang-vmware Could you check if we have bug here?
Verified with latest NSXT. However, the realization time is too long to
|
4712571
to
59bcda2
Compare
@@ -561,6 +561,8 @@ func CasttoPointer(obj interface{}) interface{} { | |||
return &v | |||
case model.Vpc: | |||
return &v | |||
case model.LBService: | |||
return &v |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If type is missing, operator will crash when populate non-empty cache.
1f37f48
to
4a1d178
Compare
b878b9d
to
104a4e8
Compare
pkg/nsx/services/vpc/builder.go
Outdated
// LBS id should equal VPC id | ||
lbs.Id = common.String(string(nsObj.GetUID())) | ||
lbs.DisplayName = &lbsName | ||
// TODO(gran) do we need "created_for" and "lb_t1_link_ip" tag? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@dantingl Here is the missing tags. I think lb_t1_link_ip
is not available for this case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lb_t1_link_ip
is not needed. created_for
should be added.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need to expose lb_t1_link_ip for now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed this part.
/e2e |
// if lb vpc enabled, read avi subnet path and cidr | ||
// nsx bug, if set LoadBalancerVpcEndpoint.Enabled to false, when read this vpc back, | ||
// LoadBalancerVpcEndpoint.Enabled will become a nil pointer. | ||
if createdVpc.LoadBalancerVpcEndpoint.Enabled != nil && *createdVpc.LoadBalancerVpcEndpoint.Enabled { | ||
if r.Service.NSXConfig.NsxConfig.UseAVILB && createdVpc.LoadBalancerVpcEndpoint.Enabled != nil && *createdVpc.LoadBalancerVpcEndpoint.Enabled { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why not keep consistent with https://github.com/vmware-tanzu/nsx-operator/blob/main/pkg/nsx/services/vpc/vpc.go#L587-L587
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is only for AviLB, and L587 is for NSXLB. Although we support only 2 LB types currently, this is different.
However, createdVpc.LoadBalancerVpcEndpoint.Enabled
is only for AviLB, thus we do not need to check UseAVILB
in this line. Is it correct?
if realizestate.IsRealizeStateError(err) { | ||
log.Error(err, "the created LBS is in error realization state, cleaning the resource", "LBS", *createdLBS.Id) | ||
// delete the nsx vpc object and re-created in next loop | ||
if err := s.DeleteVPC(*newVpc.Path); err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So if only lb not realized, must delete the whole vpc, it a must? Can we optimize it by not deleting it, rather only try lbs realization again?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lbs realization timeout is longer than vpc, thus it is enough.
lbs is always created with vpc, thus we should use deleteVPC to remove them.
go VPCService.InitializeResourceStore(&wg, fatalErrors, common.ResourceTypeVpc, nil, VPCService.VpcStore) | ||
wg.Add(1) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
could you update line 158 and 161, not here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No. We might need to add a switch here, thus I use a separate wg.Add(1)
BTW, could you check why e2e test not pass? |
Pls also attach what tests you have done in comment. Refer #626 |
Result:
|
Signed-off-by: gran <gran@vmware.com>
Signed-off-by: gran <gran@vmware.com>
/e2e |
When NSXLB is enabled, create NSX LBS with VPC and skip AviLB code, and store NSX LBS path to VPCNetworkConfuguration status.