Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Windows secondary IP mode configurable options for managing IP address allocation #443

Merged
merged 2 commits into from
Sep 4, 2024

Conversation

tzifudzi
Copy link
Contributor

@tzifudzi tzifudzi commented Jul 17, 2024

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Issue

Resolves #428

Description of changes

This change introduces changes to provide configurable options for managing IP address allocation on Windows nodes when using secondary IP mode. The VPC Resource Controller will now allow configuring of the windows-minimum-ip-target and windows-warm-ip-target parameters in the amazon-vpc-cni ConfigMap. These parameters will control the minimum number of IP addresses to be allocated on each Windows node, and the number of 'warm' IP addresses to be pre-allocated respectively. The VPC RC will always ensure that based on the configurations, there will always be enough warm IPs to satisfy the configurations.

Previously, the VPC Resource Controller utilized a fixed and hardcoded number of 3 warm secondary IP addresses on each Windows node. This approach, while beneficial for enabling faster pod startup times, wasn't ideal for the following example scenarios.

  1. When there is a need to configure fewer warm IPs to improve IP address utilization in the subnet. The fixed warm IP target could lead to inefficient IP address utilization, particularly in subnets with limited IPv4 address space.
  2. When there is a need to configure a higher target for warm IPs to ensure faster pod startup times. The fixed warm IP target may not provide enough pre-allocated IP addresses to meet the requirements for faster pod launches in a case where a warmpool target greater than 3 is desired.
  3. When there is a need to configure a minimum IP target after the node is set up. The lack of a configurable minimum IP target could result in insufficient IP addresses being allocated to the node, potentially impacting pod startup times in cases where high availability is desired.

Scope

  • This change only affects Windows nodes when enable-windows-ipam is set to true
  • This change only affects Windows modes when running in the Secondary IP mode, in contrast to running in prefix delegation mode

Notes for reviewers

  • A warmpool target of 1 is enforced even if a zero value is set because the current code design workflow relies on the warmpool always being populated with at least 1 warm IP. In future, a follow up change can be applied to make it both minimum IP and warm IP targets configurable to zero such that zero IPs are kept warm for use cases where no warm IPs are desired.

Todo

  • Integration tests will be added later to further validate the proposed changes. To start with unit tests have been added and manual e2e tests have been performed. After reaching consensus on the core design and implementation of the initial changes, I can follow up with integration tests either in this PR or a different one.
  • Documentation will be updated to reflect the new configuration options and their intended usage once the core design and default behavior have been finalized and agreed upon. This will ensure that the documentation accurately represents the final implementation.

Integration Test Output

Output as of Tue Jul 23 11:52AM PDT

[tzifudzi:~/GolandProjects/amazon-vpc-resource-controller-k8s/test/integration/windows] feature/secondary-ip-configs(+11/-15,1)+* 3h0m40s 130 ± ginkgo --skip=Stress -v --timeout 180m -- --cluster-kubeconfig='/Users/tzifudzi/.kube/config' --cluster-name=$CLUSTER_NAME --aws-region=$AWS_REGION --aws-vpc-id=$VPC_ID --ginkgo.skip="stress"
Running Suite: Windows Integration Test Suite - /Users/tzifudzi/GolandProjects/amazon-vpc-resource-controller-k8s/test/integration/windows
...
Ran 34 of 40 Specs in 6833.774 seconds
SUCCESS! -- 34 Passed | 0 Failed | 0 Pending | 6 Skipped
PASS
...

Integration test runs

tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Jul 17, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from 2286c6f to ba0f44a Compare July 17, 2024 15:43
tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Jul 17, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from ba0f44a to 3598972 Compare July 17, 2024 15:54
@tzifudzi tzifudzi marked this pull request as ready for review July 17, 2024 15:58
@tzifudzi tzifudzi requested a review from a team as a code owner July 17, 2024 15:58
@tzifudzi
Copy link
Contributor Author

cc @jiechen0826 Please join the review

pkg/config/loader.go Outdated Show resolved Hide resolved
@tzifudzi
Copy link
Contributor Author

@haouc @jiechen0826 I considered creating a validating webhook as part of this change to validate the configuration values and prevent invalid values from being set. I chose to leave it out to keep the change minimal and do a follow up change separately. Any thoughts on this?

Copy link
Contributor

@jiechen0826 jiechen0826 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm halfway through the changes, but just posting these comments first

controllers/core/configmap_controller.go Outdated Show resolved Hide resolved
pkg/config/loader.go Outdated Show resolved Hide resolved
pkg/pool/pool.go Outdated Show resolved Hide resolved
Copy link
Contributor

@jiechen0826 jiechen0826 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed all files. Ready to approve once the above comments are addressed.

tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Jul 19, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from 3598972 to aedc76d Compare July 19, 2024 06:34
tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Jul 19, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from aedc76d to 04d8b58 Compare July 19, 2024 06:37
tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Jul 19, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from 04d8b58 to 677d4f5 Compare July 19, 2024 06:56
Copy link
Contributor

@jiechen0826 jiechen0826 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one more comment. Btw, there seems to be a unit test failure.

pkg/config/loader.go Outdated Show resolved Hide resolved
tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Jul 19, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from 677d4f5 to 8d8540c Compare July 19, 2024 16:53
Copy link
Contributor

@jiechen0826 jiechen0826 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks for implementing the feature and addressing my comments!

tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Jul 19, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from 8d8540c to 9c7bc6e Compare July 19, 2024 22:48
tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Jul 22, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from 9c7bc6e to 1e9cb9b Compare July 22, 2024 18:21
@tzifudzi
Copy link
Contributor Author

@jiechen0826 I have added documentation and integration tests. Please take another look? The logic you reviewed has not changed.

Note: New integration tests for secondary IP mode are all passing, currently investigating a few failures in PD tests. Once all integration tests are passing I will drop a note on the test output. In the meantime please proceed to review.

Copy link
Contributor

@jiechen0826 jiechen0826 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for adding the integration tests and doc update!

docs/windows/secondary_ip_mode_config_options.md Outdated Show resolved Hide resolved
tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Jul 23, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from 1e9cb9b to a05c40a Compare July 23, 2024 19:00
pkg/config/loader.go Outdated Show resolved Hide resolved
pkg/config/loader.go Outdated Show resolved Hide resolved
pkg/config/loader.go Outdated Show resolved Hide resolved
pkg/config/loader.go Outdated Show resolved Hide resolved
pkg/pool/pool.go Outdated Show resolved Hide resolved
pkg/pool/pool.go Outdated Show resolved Hide resolved
pkg/provider/provider.go Outdated Show resolved Hide resolved
tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Sep 4, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from f2a537f to 6bb794f Compare September 4, 2024 19:17
pkg/pool/pool.go Show resolved Hide resolved
tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Sep 4, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from 6bb794f to ae525f5 Compare September 4, 2024 20:05
tzifudzi added a commit to tzifudzi/amazon-vpc-resource-controller-k8s that referenced this pull request Sep 4, 2024
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from ae525f5 to e466622 Compare September 4, 2024 20:29
@tzifudzi tzifudzi requested a review from haouc September 4, 2024 21:56
@tzifudzi
Copy link
Contributor Author

tzifudzi commented Sep 4, 2024

@haouc I have responded to your latest feedback and pushed new code changes in commit e466622. On merge I will squash changes into one commit. Please re-review.

pkg/config/loader.go Outdated Show resolved Hide resolved
pkg/config/loader.go Outdated Show resolved Hide resolved
pkg/config/loader.go Outdated Show resolved Hide resolved
pkg/config/loader.go Outdated Show resolved Hide resolved
@tzifudzi tzifudzi force-pushed the feature/secondary-ip-configs branch from e466622 to 4bd2bce Compare September 4, 2024 22:36
@haouc
Copy link
Contributor

haouc commented Sep 4, 2024

lgtm, thanks.

@haouc haouc merged commit 9947178 into aws:master Sep 4, 2024
4 checks passed
yash97 pushed a commit to yash97/amazon-vpc-resource-controller-k8s that referenced this pull request Oct 9, 2024
…dress allocation (aws#443)

* Add Windows secondary IP mode configurable options (aws#443)

aws#443

* Various code fixes for PR feedback

aws#443
@yash97 yash97 mentioned this pull request Oct 10, 2024
yash97 pushed a commit to yash97/amazon-vpc-resource-controller-k8s that referenced this pull request Oct 12, 2024
…dress allocation (aws#443)

* Add Windows secondary IP mode configurable options (aws#443)

aws#443

* Various code fixes for PR feedback

aws#443
yash97 added a commit that referenced this pull request Oct 22, 2024
* add finalizer handler in v1.4

* fix an err variable

* adding logs for mismatched CNINode

* add metrics for mismatches

* update EC2 instance types

* Update aws-sdk-go and change way to get regional sts endpoint (#466)

* Missing dependency update

* Remove hard failure for not getting global STS endpoint (#467)

* updating k8s manifest

* chaning go to major.minor format (#477)

* updating go version and controller-gen version (#464)

* Add new target for building docker images with no tests (#415)

* updating rbac

* Add Windows secondary IP mode configurable options for managing IP address allocation (#443)

* Add Windows secondary IP mode configurable options (#443)

#443

* Various code fixes for PR feedback

#443

* adding ctx in test

* updating ec2 supported instance types (#475)

---------

Co-authored-by: Hao Zhou <zhuhz@amazon.com>
Co-authored-by: Jay Deokar <23660509+jaydeokar@users.noreply.github.com>
Co-authored-by: Jay Deokar <jsdeokar@amazon.com>
Co-authored-by: Tatenda Zifudzi <tzifudzi@yahoo.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add Windows configuration options to control IP address allocation in Secondary IP Mode
4 participants