Comments (6)
schrej
commented on May 27, 2024
1
I'm not sure if conditions (or other status) on IPAddress objects is a good idea. It spreads information around quite a bit.
I'd prefer to just add validation, and maybe a status field in case it does happen anyway.
from cluster-api-ipam-provider-in-cluster.
tylerschultz
commented on May 27, 2024
I agree with your position @schrej.
Side note:
At one point, we had imagined a world where it would be possible to make the pool range validation for in use IPs optional, allowing the pool to change range and making some IPs out of range. If the IPAddress were to indicate it's out of range, the capi provider could watch and then recreate the resource associated with the out of range IPAddress, converging to the new pool's ranges. Users familiar with BOSH might expect or like this kind of thing. This idea has received negative reactions from most in our world.
from cluster-api-ipam-provider-in-cluster.
schrej
commented on May 27, 2024
Is there any interest in this feature? Because if there isn't, then it might make sense to postpone it until someone requires this to be implemented.
If we want to allow downscaling pools, I feel like we need some way of freeing ranges in the pool. Either by just allowing to downscale and marking remaining Addresses as out-of-pool, or by adding a field to the spec that allows to block certain ranges that are currently part of the pool, and some status information on how many blocked addresses are still in use.
from cluster-api-ipam-provider-in-cluster.
tylerschultz
commented on May 27, 2024
@schrej I'm not sure I understand what you're suggesting gets postponed?
These are options that I see:
- prevent a pool update that would cause in use IPs from becoming out of range
- continue to allow users to update a pool causing in use IPs from becoming out of range. Add some way of communicating there is an issue with out of range IPs, either by pool status somehow, or as suggested earlier add a status to the IPAddress indicating it's out of range of it's pool.
- do nothing ? feels like we're leaving users in a lurch.
Are there other options? are you leaning towards any option?
from cluster-api-ipam-provider-in-cluster.
schrej
commented on May 27, 2024
Sorry, I was thinking about your side note too much I think. I mean that we should postpone a solution for downsizing pools with allocated IPs outside of the pool afterwards.
We should definitely add validation that prevents removing ranges from the pool that still contain addresses.
from cluster-api-ipam-provider-in-cluster.
tylerschultz
commented on May 27, 2024
Got it, we're on the same page now. Thanks.
We think #124 and #125 should cover the validations as discussed. Those PRs are based on #116, so we'll need to rebase those PRs if/when it's merged. Thanks for your patience and thanks for the feedback and reviews. Much appreciated.
from cluster-api-ipam-provider-in-cluster.
Related Issues (20)
- Pool usage metrics
- Prevent pool deletion if IPAddress exists for pool HOT 1
- IPAddressClaim controller should detect cluster paused consistently HOT 1
- clusterctl move fails because of delete webhook
- Claims with cluster label should not be reconciled when cluster cannot be retrieved
- Adopt the CNCF CLA bot, merge bot and Kubernetes PR commands/bots.
- Controller shouldn't allocate IP addresses that are "reserved" for the subnet HOT 4
- Gateway should be validated to be within inferred subnet when pool is IPv4 HOT 4
- The provider configuration to add to clusterctl.yaml is wrong HOT 1
- :bug: GlobalInClusterIPPool does not guarantee the unique IP across multiple k8s namespaces HOT 1
- Misconfigured webhooks with the new api version HOT 3
- Claims that are stuck waiting for an address when a pool has no free addresses should be re-reconciled when addresses become available HOT 3
- Handle reserved Ips withing an IP range HOT 8
- clusterctl move fails due to IPAddresses Exists HOT 4
- clusterctl init fails if wrong version of cert-manager is already installed HOT 2
- in a "clusterctl move" the IPAM resources are not migrated to the new cluster HOT 3
- unknown field "spec.excludedAddresses" HOT 6
- ipam provider does not support capi v1.6.0 HOT 2
- Any plan to cut a v0.1.0 release? HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cluster-api-ipam-provider-in-cluster.