zouy414
diff --git a/‎cluster/gce/addons/loadbalancing/cloud-provider-role.yaml‎
Lines changed: 7 additions & 0 deletions b/‎cluster/gce/addons/loadbalancing/cloud-provider-role.yaml‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎pkg/controller/service/controller.go‎
Lines changed: 1 addition & 0 deletions b/‎pkg/controller/service/controller.go‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎staging/src/k8s.io/legacy-cloud-providers/gce/BUILD‎
Lines changed: 2 additions & 0 deletions b/‎staging/src/k8s.io/legacy-cloud-providers/gce/BUILD‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎staging/src/k8s.io/legacy-cloud-providers/gce/gce_loadbalancer_internal.go‎
Lines changed: 24 additions & 1 deletion b/‎staging/src/k8s.io/legacy-cloud-providers/gce/gce_loadbalancer_internal.go‎
Lines changed: 24 additions & 1 deletion
@@ -33,6 +33,13 @@ rules:
   - create
   - patch
   - update
+- apiGroups:
+  - ""
+  resources:
+  - services/status
+  verbs:
+  - patch
+  - update
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 
@@ -804,6 +804,7 @@ func (s *Controller) addFinalizer(service *v1.Service) error {
 	updated.ObjectMeta.Finalizers = append(updated.ObjectMeta.Finalizers, servicehelper.LoadBalancerCleanupFinalizer)
 
 	klog.V(2).Infof("Adding finalizer to service %s/%s", updated.Namespace, updated.Name)
+	// TODO(87447) use PatchService from k8s.io/cloud-provider/service/helpers
 	_, err := patch(s.kubeClient.CoreV1(), service, updated)
 	return err
 }
 
@@ -50,11 +50,13 @@ go_library(
         "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
         "//staging/src/k8s.io/apimachinery/pkg/util/errors:go_default_library",
         "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/strategicpatch:go_default_library",
         "//staging/src/k8s.io/apimachinery/pkg/util/version:go_default_library",
         "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library",
         "//staging/src/k8s.io/apimachinery/pkg/watch:go_default_library",
         "//staging/src/k8s.io/client-go/informers:go_default_library",
         "//staging/src/k8s.io/client-go/kubernetes:go_default_library",
+        "//staging/src/k8s.io/client-go/kubernetes/fake:go_default_library",
         "//staging/src/k8s.io/client-go/kubernetes/scheme:go_default_library",
         "//staging/src/k8s.io/client-go/kubernetes/typed/core/v1:go_default_library",
         "//staging/src/k8s.io/client-go/pkg/version:go_default_library",
 
@@ -41,12 +41,30 @@ import (
 const (
 	// Used to list instances in all states(RUNNING and other) - https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/listInstances
 	allInstances = "ALL"
+	// ILBFinalizerV1 key is used to identify ILB services whose resources are managed by service controller.
+	ILBFinalizerV1 = "gke.networking.io/l4-ilb-v1"
+	// ILBFinalizerV2 is the finalizer used by newer controllers that implement Internal LoadBalancer services.
+	ILBFinalizerV2 = "gke.networking.io/l4-ilb-v2"
 )
 
 func (g *Cloud) ensureInternalLoadBalancer(clusterName, clusterID string, svc *v1.Service, existingFwdRule *compute.ForwardingRule, nodes []*v1.Node) (*v1.LoadBalancerStatus, error) {
-	if g.AlphaFeatureGate.Enabled(AlphaFeatureILBSubsets) {
+	if g.AlphaFeatureGate.Enabled(AlphaFeatureILBSubsets) && existingFwdRule == nil {
+		// When ILBSubsets is enabled, new ILB services will not be processed here.
+		// Services that have existing GCE resources created by this controller will continue to update.
+		g.eventRecorder.Eventf(svc, v1.EventTypeNormal, "SkippingEnsureInternalLoadBalancer",
+			"Skipped ensureInternalLoadBalancer since %s feature is enabled.", AlphaFeatureILBSubsets)
+		return nil, cloudprovider.ImplementedElsewhere
+	}
+	if hasFinalizer(svc, ILBFinalizerV2) {
+		// Another controller is handling the resources for this service.
+		g.eventRecorder.Eventf(svc, v1.EventTypeNormal, "SkippingEnsureInternalLoadBalancer",
+			"Skipped ensureInternalLoadBalancer as service contains '%s' finalizer.", ILBFinalizerV2)
 		return nil, cloudprovider.ImplementedElsewhere
 	}
+	if err := addFinalizer(svc, g.client.CoreV1(), ILBFinalizerV1); err != nil {
+		klog.Errorf("Failed to attach finalizer '%s' on service %s/%s - %v", ILBFinalizerV1, svc.Namespace, svc.Name, err)
+		return nil, err
+	}
 
 	nm := types.NamespacedName{Name: svc.Name, Namespace: svc.Namespace}
 	ports, _, protocol := getPortsAndProtocol(svc.Spec.Ports)
@@ -298,6 +316,11 @@ func (g *Cloud) ensureInternalLoadBalancerDeleted(clusterName, clusterID string,
 		return err
 	}
 
+	if err := removeFinalizer(svc, g.client.CoreV1(), ILBFinalizerV1); err != nil {
+		klog.Errorf("Failed to remove finalizer '%s' on service %s/%s - %v", ILBFinalizerV1, svc.Namespace, svc.Name, err)
+		return err
+	}
+
 	return nil
 }
Original file line number	Diff line number	Diff line change
`@@ -804,6 +804,7 @@ func (s Controller) addFinalizer(service v1.Service) error {`
`804`	`804`	`updated.ObjectMeta.Finalizers = append(updated.ObjectMeta.Finalizers, servicehelper.LoadBalancerCleanupFinalizer)`
`805`	`805`
`806`	`806`	`klog.V(2).Infof("Adding finalizer to service %s/%s", updated.Namespace, updated.Name)`
	`807`	`+ // TODO(87447) use PatchService from k8s.io/cloud-provider/service/helpers`
`807`	`808`	`_, err := patch(s.kubeClient.CoreV1(), service, updated)`
`808`	`809`	`return err`
`809`	`810`	`}`