-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use static assignment with IPAddressPool #31
base: main
Are you sure you want to change the base?
Conversation
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: yprokule The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/lgtm |
@@ -13,5 +13,5 @@ spec: | |||
{{ .spec.addresses | toYaml | indent 2}} | |||
{{ end }} | |||
#- 3.3.3.0/24 | |||
autoAssign: true | |||
autoAssign: false |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this really what we want?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the justification is that if IPAddressPool contains multiple IP addresses then static assignments will ensure that CNF-A always has IP address X.X.X.X(unless IPAddressPool is solely dedicated to the CNF-A)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if that's a requirement, the right way to address it is to use the service / namespace selectors in the ip address pools (assuming each CNF will have its own namespace, but that can be done per service too).
This guarantees each cnf will have the ip the admin means to assign to them, otherwise they can steal the ip from any pool.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good points @fedepaol. And while without service/namespace selectors IP address from any IPAddressPool could be selected, imho autoAssign
set to false is a good safety net from assigning not expected IP addresses.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes but here we are advocating for static IPs requested by the CNF always, which feels like the exception to me, not the norm. And bear in mind, if you have a pool of ips with autoAssign = false and no selector, any CNF can get any IP they want from that pool, which is not really a safety net.
If you ask me, the proper way to have a good ux and ensure the right tenant gets the right ip(s), this is with selectors.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@fedepaol , I added serviceAllocation stanza to the CR, wdyt?
16eedb9
to
812c0ad
Compare
New changes are detected. LGTM label has been removed. |
{{ if .spec.serviceAllocation.namespaces }} | ||
serviceAllocation: | ||
namespaces: | ||
{{ .spec.serviceAllocation.namespaces | toYaml | indent 4}} | ||
{{ end }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lack could U please check if the syntax is correct here, thanks!
Leave IP address assignment to the operators