Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gce: Set node IP Alias range to match NodeCIDRMaskSize #16272

Merged
merged 1 commit into from
Mar 14, 2024
Merged

gce: Set node IP Alias range to match NodeCIDRMaskSize #16272

merged 1 commit into from
Mar 14, 2024

Conversation

sl1pm4t
Copy link
Contributor

@sl1pm4t sl1pm4t commented Jan 23, 2024

Prior to this change, GCE Node IP Alias CIDR range was hardcoded to be a /24 which can be a limiting factor for scaling out a cluster when using smaller instance types, and could cause IP pool exhaustion despite many unallocated IPs.

This also means it's possible to bring up a cluster where the actual node CIDR size disagrees with what is configured in cluster.spec.kubeControllerManager.NodeCIDRMaskSize - although I do not know how detrimental that would be.

This change updates the IP Alias range to match the value configured in cluster.spec.kubeControllerManager.NodeCIDRMaskSize.

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jan 23, 2024
@k8s-ci-robot
Copy link
Contributor

Hi @sl1pm4t. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jan 23, 2024
@k8s-ci-robot k8s-ci-robot requested a review from hakman January 23, 2024 01:31
@k8s-ci-robot k8s-ci-robot added the area/provider/gcp Issues or PRs related to gcp provider label Jan 23, 2024
@s3than
Copy link
Contributor

s3than commented Jan 23, 2024

Thanks for this @sl1pm4t

@hakman hakman removed the request for review from johngmyers January 23, 2024 04:36
@hakman
Copy link
Member

hakman commented Jan 23, 2024

/cc @upodroid @justinsb

@hakman
Copy link
Member

hakman commented Jan 23, 2024

/ok-to-test

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Jan 23, 2024
@hakman
Copy link
Member

hakman commented Feb 9, 2024

/assign @justinsb

@hakman
Copy link
Member

hakman commented Feb 15, 2024

/kind office-hours

@justinsb
Copy link
Member

This also means it's possible to bring up a cluster where the actual node CIDR size disagrees with what is configured in cluster.spec.kubeControllerManager.NodeCIDRMaskSize - although I do not know how detrimental that would be.

It shouldn't matter, I think, because when we're using GCE networking (aka IP Alias), we bring up instances and GCE allocates the CIDR which becomes the node's pod cidr.

I think cluster.spec.kubeControllerManager.NodeCIDRMaskSize field is unused in GCE networking mode. We also normally suggest that the fields under kubeControllerManager are more for power-users than for things that we expect users to set directly, the reason being that these fields map to flags, and kubernetes doesn't have the same compatibility guarantees around flags - flags are often deprecated.

What we would normally suggest is creating a top level field. In this case it would be something like "NodeCIDRMaskSize" under GCPNetworkingSpec. Would that make more sense here? (Or any other field name that makes sense to you!)

If not, I'm aware this PR has been sitting for a long time (sorry!), so I think we could just merge as-is and then have spec.gce.nodeCIDRMaskSize take precedence if set when/if we add that field.

@sl1pm4t
Copy link
Contributor Author

sl1pm4t commented Feb 25, 2024

What we would normally suggest is creating a top level field. In this case it would be something like "NodeCIDRMaskSize" under GCPNetworkingSpec. Would that make more sense here? (Or any other field name that makes sense to you!)

That makes sense to me. I wasn't sure which was less intrusive, using an existing field or introducing a new one. I'm happy to add the new one.

If not, I'm aware this PR has been sitting for a long time (sorry!), so I think we could just merge as-is and then have spec.gce.nodeCIDRMaskSize take precedence if set when/if we add that field.

No problem. No rush, so long as this could at least make it into a 1.29 GA release. I'll submit the suggested change ASAP.

@justinsb
Copy link
Member

We're coming up to the cutoff point for 1.29. I think we could merge this as-is, though if you're able to add another field that would probably be better in the long term. But the reason I think we could merge this as-is because the current field (in this PR) is currently unused anyway, so I think we could just slot in the new field with higher priority if/when we add it

@justinsb
Copy link
Member

We discussed a bit in office hours, and just merging this as-is is probably the best approach; it doesn't block adding the "more correct" field and the current version should be harmless.

@upodroid
Copy link
Member

+1

@hakman
Copy link
Member

hakman commented Mar 14, 2024

/test all

@justinsb
Copy link
Member

/approve
/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Mar 14, 2024
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: justinsb

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 14, 2024
@k8s-ci-robot k8s-ci-robot merged commit abe05fa into kubernetes:master Mar 14, 2024
21 checks passed
@k8s-ci-robot k8s-ci-robot added this to the v1.29 milestone Mar 14, 2024
@sl1pm4t sl1pm4t deleted the gcp/alias-ip-range-size branch March 15, 2024 00:45
@BrewTestBot BrewTestBot mentioned this pull request May 16, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hakman hakman Awaiting requested review from hakman

@justinsb justinsb Awaiting requested review from justinsb

@upodroid upodroid Awaiting requested review from upodroid

Assignees

@justinsb justinsb

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/provider/gcp Issues or PRs related to gcp provider cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/office-hours lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
v1.29
Development

Successfully merging this pull request may close these issues.
6 participants
@sl1pm4t @k8s-ci-robot @s3than @hakman @justinsb @upodroid