Skip to content

Add ability to configure NAT type and parameters from K8s #1197

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
qmonnet merged 2 commits into from
Jan 15, 2026
Merged

Add ability to configure NAT type and parameters from K8s #1197

qmonnet merged 2 commits into from
Jan 15, 2026
+70 −8

Conversation

@mvachhar
Copy link
Contributor

@mvachhar mvachhar commented Jan 14, 2026

In the move from gRPC to K8s direct configuration, the NAT configuration was not properly converted (see #1194). This fixes that problem and adds unit tests for that configuration case.

Fixes #1194

@mvachhar mvachhar added this to the GW R2 milestone Jan 14, 2026
@mvachhar mvachhar self-assigned this Jan 14, 2026
@mvachhar mvachhar requested a review from a team as a code owner January 14, 2026 19:12
@mvachhar mvachhar added the bug Something isn't working label Jan 14, 2026
@mvachhar mvachhar requested review from Fredi-raspall and Copilot and removed request for a team January 14, 2026 19:12
@mvachhar mvachhar force-pushed the pr/mvachhar/k8s-nat-config branch from d27619f to 3e1da5c Compare January 14, 2026 19:13
Copilot AI reviewed Jan 14, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds support for configuring NAT type and parameters directly from Kubernetes manifests, addressing a gap that existed after the migration from gRPC to K8s-based configuration.

Changes:

  • Adds K8s NAT configuration parsing with validation for stateful/stateless modes
  • Updates stateful NAT idle timeout default from Duration::default() to 2 minutes
  • Adds comprehensive unit tests for NAT configuration validation

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
config/src/external/overlay/vpcpeering.rs Updates idle timeout default value and simplifies NAT configuration assignment
config/src/converters/k8s/config/expose.rs Adds K8s NAT configuration parsing logic and comprehensive test coverage

@mvachhar mvachhar force-pushed the pr/mvachhar/k8s-nat-config branch from 3e1da5c to 127334f Compare January 14, 2026 19:27
@mvachhar mvachhar requested a review from qmonnet January 14, 2026 19:30
Fredi-raspall
Fredi-raspall requested changes Jan 15, 2026
View reviewed changes
Copy link
Contributor

@Fredi-raspall Fredi-raspall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for addressing this. The changes look good to me, except for the couple of things mentioned.

qmonnet
qmonnet requested changes Jan 15, 2026
View reviewed changes
@mvachhar
fix(config): Properly set default idle timeout for stateful NAT
b576b77 
Previously idle_timeout would be set to 0 if not explicitly set when
calling VpcExpose::make_stateful_nat.

This commit restructures the make_stateful_nat code to use the default
implementation of the stateful NAT options which has the correct
default duration.

Signed-off-by: Manish Vachharajani <[email protected]>
@mvachhar mvachhar force-pushed the pr/mvachhar/k8s-nat-config branch from 127334f to f78522d Compare January 15, 2026 13:31
@mvachhar
fix(config): Convert NAT configuration from K8s
6e58612 
The k8s conversion code was not properly setting the NAT config
even when configured in k8s making it impossible to set stateful
NAT.  This adds the conversion and some unit tests.

Signed-off-by: Manish Vachharajani <[email protected]>
@mvachhar mvachhar force-pushed the pr/mvachhar/k8s-nat-config branch from f78522d to 6e58612 Compare January 15, 2026 14:04
qmonnet
qmonnet approved these changes Jan 15, 2026
View reviewed changes
Copy link
Member

@qmonnet qmonnet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me now, thank you!

@qmonnet qmonnet enabled auto-merge January 15, 2026 14:31
Fredi-raspall
Fredi-raspall approved these changes Jan 15, 2026
View reviewed changes
Copy link
Contributor

@Fredi-raspall Fredi-raspall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@mvachhar mvachhar added the ci:-upgrade Disable VLAB upgrade tests label Jan 15, 2026
@qmonnet qmonnet added this pull request to the merge queue Jan 15, 2026
@qmonnet qmonnet mentioned this pull request Jan 15, 2026
Merged
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Jan 15, 2026
@qmonnet
Copy link
Member

qmonnet commented Jan 15, 2026

Merge queue: failure in pre-populating the hhfab-cache

image

Let's give it another try

@qmonnet qmonnet added this pull request to the merge queue Jan 15, 2026
Merged via the queue into main with commit b829fb5 Jan 15, 2026
33 of 35 checks passed
@qmonnet qmonnet deleted the pr/mvachhar/k8s-nat-config branch January 15, 2026 16:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Fredi-raspall Fredi-raspall Fredi-raspall approved these changes

Copilot code review Copilot Copilot left review comments

@qmonnet qmonnet qmonnet approved these changes

Assignees

@mvachhar mvachhar

Labels

bug Something isn't working ci:-upgrade Disable VLAB upgrade tests

Projects

None yet

Milestone

GW R2

Development

Successfully merging this pull request may close these issues.

Handle NAT config from K8s configuration

4 participants

@mvachhar @qmonnet @Fredi-raspall