You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: keps/sig-network/1860-kube-proxy-IP-node-binding/README.md
+54-11Lines changed: 54 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,17 +16,20 @@
16
16
-[Risks and Mitigations](#risks-and-mitigations)
17
17
-[Drawbacks](#drawbacks)
18
18
-[Alternatives](#alternatives)
19
+
-[Design Details](#design-details)
20
+
-[Test Plan](#test-plan)
21
+
-[Graduation Criteria](#graduation-criteria)
19
22
<!-- /toc -->
20
23
21
24
## Release Signoff Checklist
22
25
23
26
Items marked with (R) are required *prior to targeting to a milestone / release*.
24
27
25
-
-[] (R) Enhancement issue in release milestone, which links to KEP dir in [kubernetes/enhancements] (not the initial KEP PR)
26
-
-[] (R) KEP approvers have approved the KEP status as `implementable`
27
-
-[] (R) Design details are appropriately documented
28
-
-[] (R) Test plan is in place, giving consideration to SIG Architecture and SIG Testing input
29
-
-[] (R) Graduation criteria is in place
28
+
-[x] (R) Enhancement issue in release milestone, which links to KEP dir in [kubernetes/enhancements] (not the initial KEP PR)
29
+
-[x] (R) KEP approvers have approved the KEP status as `implementable`
30
+
-[x] (R) Design details are appropriately documented
31
+
-[x] (R) Test plan is in place, giving consideration to SIG Architecture and SIG Testing input
32
+
-[x] (R) Graduation criteria is in place
30
33
-[ ] (R) Production readiness review completed
31
34
-[ ] Production readiness review approved
32
35
-[ ] "Implementation History" section is up-to-date for milestone
@@ -66,31 +69,31 @@ Currently there is some hacky workaround that set the `Hostname` on the `Service
66
69
67
70
## Proposal
68
71
69
-
The solution would be to add a new field in the `loadBalancer` field of a `Service`'s `status`, like `ingressMode`. This new field will be used by kube-proxy in order to not bind the Load Balancer's External IP to the node (in both IPVS and iptables mode). The value `VIP` would be the default one (if not set for instance), keeping the current behaviour. The value `Proxy` would be used in order to disable the the shortcut.
72
+
The solution would be to add a new field in the `loadBalancer` field of a `Service`'s `status`, like `ipMode`. This new field will be used by kube-proxy in order to not bind the Load Balancer's External IP to the node (in both IPVS and iptables mode). The value `VIP` would be the default one (if not set for instance), keeping the current behaviour. The value `Proxy` would be used in order to disable the the shortcut.
70
73
71
-
Since the `EnsureLoadBalancer` returns a `LoadBalancerStatus`, the Cloud Controller Manager can optionally set the `ingressMode` field before returning the status.
74
+
Since the `EnsureLoadBalancer` returns a `LoadBalancerStatus`, the Cloud Controller Manager can optionally set the `ipMode` field before returning the status.
72
75
73
76
### User Stories
74
77
75
78
#### Story 1
76
79
77
-
User 1 is a Managed Kubernetes user. There cluster is running on a cloud provider where the LB's behaviour matches the `VIP``ingressMode`.
80
+
User 1 is a Managed Kubernetes user. There cluster is running on a cloud provider where the LB's behaviour matches the `VIP``ipMode`.
78
81
Nothing changes for them since the cloud provider manages the Cloud Controller Manager.
79
82
80
83
#### Story 2
81
84
82
-
User 2 is a Managed Kubernetes user. There cluster is running on a cloud provider where the LB's behaviour matches the `Proxy``ingressMode`.
85
+
User 2 is a Managed Kubernetes user. There cluster is running on a cloud provider where the LB's behaviour matches the `Proxy``ipMode`.
83
86
Almost nothing changes for them since the cloud provider manages the Cloud Controller Manager.
84
87
The only difference is that pods using the load balancer IP may observe a higher response time since the datapath will go through the load balancer.
85
88
86
89
#### Story 3
87
90
88
91
User 3 is a developer working on a cloud provider Kubernetes offering.
89
-
On the next version of `k8s.io/cloud-provider`, the cloud provider can optionally set the `ingressMode` field as part of `LoadBalancerStatus`, and reflect the cloud provider load balancer behaviour.
92
+
On the next version of `k8s.io/cloud-provider`, the cloud provider can optionally set the `ipMode` field as part of `LoadBalancerStatus`, and reflect the cloud provider load balancer behaviour.
90
93
91
94
### Risks and Mitigations
92
95
93
-
1. The first risk is when using the `Proxy``ingressMode` for pod using the load balancer IP. In this case the packets will not bypass the load balancer anymore.
96
+
1. The first risk is when using the `Proxy``ipMode` for pod using the load balancer IP. In this case the packets will not bypass the load balancer anymore.
94
97
However if a user wants to to keep using the in cluster datapath, he can still use the ClusterIP of the service.
95
98
96
99
## Drawbacks
@@ -102,3 +105,43 @@ However if a user wants to to keep using the in cluster datapath, he can still u
102
105
A viable alternative may be to use a flag directly on `kube-proxy`.
103
106
When running on a cloud provider managed Kubernetes this solution is viable since the cloud provider will be able to set the right value on `kube-proxy`.
104
107
When running a self hosted cluster, the user needs to be aware of how the cloud's load balancers works and need to set the flag on `kube-proxy` accordingly.
108
+
109
+
## Design Details
110
+
111
+
API changes to Service:
112
+
- Add a new field `status.loadBalancer.ingress[].ipMode: VIP | Proxy`.
113
+
-`ipMode` defaults to VIP if the feature gate is enabled, `nil` otherwise, preserving existing behaviour for Service Type=LoadBalancer.
114
+
- On create and update, it fails if `ipMode` is set without the `ip` field.
115
+
116
+
## Test Plan
117
+
118
+
Unit tests:
119
+
- unit tests for the ipvs and iptables rules
120
+
- unit tests for the validation
121
+
- unit tests for a new util in pkg/proxy
122
+
123
+
E2E tests:
124
+
- The default behavior for `ipMode` does not break any existing e2e tests
125
+
- The default `VIP` value is already tested
126
+
127
+
## Graduation Criteria
128
+
129
+
### Alpha
130
+
131
+
Adds new field `ipMode` to Service, which is used when `LoadBalancerIPMode` feature gate is enabled, allowing for rollback.
132
+
133
+
### Beta/GA
134
+
135
+
`LoadBalancerIPMode` is enabled by default.
136
+
137
+
### Upgrade / Downgrade Strategy
138
+
139
+
On upgrade, while the feature gate is disabled, nothing will change. Once the feature gate is enabled, all the previous LoadBalancer service will get an `ipMode` of `VIP`.
140
+
If `kube-proxy` was not yet upgraded: the field will simply be ignored.
141
+
If `kube-proxy` was upgraded, and the feature gate enabled, it will stil behave as before if the `ipMode` is `VIP`, and will behave accordingly if the `ipMode` is `Proxy`.
142
+
143
+
On downgrade, the feature gate will simply be disabled, and as long as `kube-proxy` was downgraded before, nothing should be impacted.
144
+
145
+
### Version Skew Strategy
146
+
147
+
Version skew from the control plane to `kube-proxy` should be trivial since `kube-proxy` will simply ignore the `ipMode` field.
0 commit comments