Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for CrossSubnet in Calico configuration #46

Open
4 of 11 tasks
zanetworker opened this issue Aug 14, 2020 · 3 comments
Open
4 of 11 tasks

Support for CrossSubnet in Calico configuration #46

zanetworker opened this issue Aug 14, 2020 · 3 comments
Assignees
@DockToFuture
Labels
area/networking Networking related kind/enhancement Enhancement, improvement, extension lifecycle/rotten Nobody worked on this for 12 months (final aging stage) priority/3 Priority (lower number equals higher priority)

Comments

@zanetworker
Copy link
Contributor

zanetworker commented Aug 14, 2020
edited
Loading

How to categorize this issue?

/kind enhancement
/priority normal
/area networking

What would you like to be added:
Currently, we are using IPIP all the time for GCP and AWS providers. Maybe we should consider using IPIP only for cross subnet network traffic.

Test Cases (Validate that this possible in the first place) enabling / disabling cross subnet:

  • Old shoot -> new shoot with Cross Subnet (are the old route there? are se able to reach all new nodes and new pods from old nodes)
  • Completely new shoots.
  • When switching from CS to normal will calico add the routes back and will everything work as expected or do we need to do something (e.g., roll the nodes)?
  • Check whether the IPPool IPIP configuration is automatically updated or do we have to manually pach it (if so we might aim for a short-term solution with init-containers and raise in issue on calico/node).

Expose the src/destination check configuration:

  • Expose it in the MCM (raise a PR or create an issue).
  • Set it when cross-subnet is enabled in the provider-aws extension (probably in the worker configuration, we need to access the settings from the cluster resource).
  • When it is disabled...are the checks now working.

Some concerns:

  • What happens when CS is disabled?
  • Routes will only exist on new nodes probably.
  • How do we enforce node rolling? this usually happens during the maintenance time-window.
  • Maybe we don't need to roll the nodes, but adding a Daemonset that would delete the old routes would be enough.

Why is this needed:
Improve network performance.
@zanetworker zanetworker added the kind/enhancement Enhancement, improvement, extension label Aug 14, 2020
@gardener-robot
Copy link

@zanetworker Label area/todo does not exist.

@zanetworker zanetworker changed the title Support for CorssSubnet in Calico configuration Support for CrossSubnet in Calico configuration Aug 14, 2020
@gardener-robot
Copy link

@zanetworker Label area/todo does not exist.

1 similar comment
@gardener-robot
Copy link

@zanetworker Label area/todo does not exist.

@gardener-robot gardener-robot added the lifecycle/stale Nobody worked on this for 6 months (will further age) label Oct 14, 2020
@gardener-robot gardener-robot added lifecycle/rotten Nobody worked on this for 12 months (final aging stage) and removed lifecycle/stale Nobody worked on this for 6 months (will further age) labels Dec 13, 2020
@gardener-robot gardener-robot added priority/3 Priority (lower number equals higher priority) and removed priority/normal labels Mar 8, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DockToFuture DockToFuture

Labels
area/networking Networking related kind/enhancement Enhancement, improvement, extension lifecycle/rotten Nobody worked on this for 12 months (final aging stage) priority/3 Priority (lower number equals higher priority)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zanetworker @DockToFuture @gardener-robot