Support BYOIP #4450
Support BYOIP #4450
Conversation
[feat aga] Add AGA accelerator deployer
k8s-ci-robot
added
the
cncf-cla: yes
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: wweiwei-li The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
approved
k8s-ci-robot
added
the
needs-rebase
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
| desiredIPs: []string{"169.254.8.16"}, | ||
| actualIPSets: makeIPSets([]string{"169.254.9.13", "99.82.158.217"}), | ||
| expectedResult: false, | ||
| description: "Different BYOIP, count matches but IP doesn't", |
There was a problem hiding this comment.
NIT: Update the description or test case. Count does not match here.
There was a problem hiding this comment.
Yes, Let me add one more ip to desiredIPs
| } | ||
|
|
||
| // isSDKAcceleratorRequiresReplacement checks whether a sdk Accelerator requires replacement to fulfill an Accelerator resource. | ||
| func isSDKAcceleratorRequiresReplacement(sdkAccelerator AcceleratorWithTags, resAccelerator *agamodel.Accelerator) bool { |
There was a problem hiding this comment.
Can you add unit tests for isSDKAcceleratorRequiresReplacement so that we can cover different test cases ?
Also can we comment the behavior here on when we consider the replacement or add a task for us to document for it for later?
| func isSDKAcceleratorRequiresReplacement(sdkAccelerator AcceleratorWithTags, resAccelerator *agamodel.Accelerator) bool { | ||
| // The accelerator will only need replacement in BYOIP scenarios. I will implement this later as a separate PR | ||
| // TODO : BYOIP feature | ||
| if len(resAccelerator.Spec.IpAddresses) == 0 { |
There was a problem hiding this comment.
What happens if we had applied BYOIP initially and now we removed it? Do we need a replacement here since we are going from BYOIP to non-BYOIP?
There was a problem hiding this comment.
For BYOIP to non-BYOIP transitions, updating is not supported. BYOIP to non-BYOIP will always need replacement. However, if we made it return true, then every non-BYOIP to non-BYOIP transition would cause replacement unless we have a mechanism like below to check if current IPs include BYOIP (we discussed this internally we try not adding this).
if len(resAccelerator.Spec.IpAddresses) == 0 && hasBYOIP(sdkAccelerator) {
return true
}
so I was thinking for this case we need to document that users need to remove the accelerator first and recreate a new one. This is my intent. Let me try it out to check if it is easy and put together internal documentation for the behavior for discussion. Also I wonder how likely they want to from For BYOIP to non-BYOIP transitions
|
|
||
| // HasSharedIPv4CIDR checks if current and desired IPs share any IPv4 CIDR block. | ||
| func HasSharedIPv4CIDR(currentIPSets []agatypes.IpSet, desiredIPs []string) bool { | ||
| if len(desiredIPs) == 0 { |
There was a problem hiding this comment.
This is not possible since we have already compared length of desiredIPs aka resAccelerator.Spec.IpAddresses to zero and return false before we call this function right?
There was a problem hiding this comment.
Yes, since we have checked it at isSDKAcceleratorRequiresReplacement level. We don't need it
| description string | ||
| }{ | ||
| { | ||
| name: "No desired IPs - has shared CIDR", |
There was a problem hiding this comment.
This test case wont be required if we remove zero len check for desired IPs.
There was a problem hiding this comment.
Yes, removing it
| // createInput.IpAddresses = resAccelerator.Spec.IpAddresses | ||
| //} | ||
| // BYOIP feature: Set IP addresses if provided | ||
| if len(resAccelerator.Spec.IpAddresses) > 0 { |
There was a problem hiding this comment.
do we need to do nil check for resAccelerator.Spec and resAccelerator.Spec.IpAddresses
There was a problem hiding this comment.
We don't need to do nil check for resAccelerator.Spec and resAccelerator.Spec.IpAddresses. For resAccelerator.Spec, it is a struct. so It can't be nil. No nil check needed. For resAccelerator.Spec.IpAddresses, it is a slice, the len(nil) will return 0 in go.
| currentIPv4s := extractIPv4Addresses(sdkAccelerator.Accelerator.IpSets) | ||
| desiredBYOIPs := resAccelerator.Spec.IpAddresses | ||
| if len(desiredBYOIPs) == 1 { | ||
| s.logger.Info("Accelerator requires replacement: BYOIP CIDR change", |
There was a problem hiding this comment.
do we want to keep it as v(1) logging
There was a problem hiding this comment.
I am thinking we should keep it as it is since accelerator replacement is a significant operation that we want it to be accessible by default. Let me know what do you think
| func isSDKAcceleratorRequiresReplacement(sdkAccelerator AcceleratorWithTags, resAccelerator *agamodel.Accelerator) bool { | ||
| // The accelerator will only need replacement in BYOIP scenarios. I will implement this later as a separate PR | ||
| // TODO : BYOIP feature | ||
| if len(resAccelerator.Spec.IpAddresses) == 0 { |
4 participants
Description
Support BYOIP (Bring Your Own IP) for Global Accelerator
This change enables users to specify custom IP addresses from their own IP address ranges when creating Global Accelerators, instead of relying solely on AWS-provided IP addresses.
Key changes:
Checklist
README.md, or thedocsdirectory)BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯