* Add ILBs, broadly following the AWS model. The following new
capabilities are added for clusters in GCP:
* Cluster's spec.api.loadBalancer can be set to 'type: internal' on
GCP.
* Therefore, GCP can now create:
* regional backend services
* regional (non-legacy) healthchecks
* firewall rules with "internal" load-balancing scheme
* firewall rules with dot-notation-specified IP addresses
* Cluster's spec.api.loadBalancer's 'subnets' field functions
as in the AWS model.
A few incidental changes are included, either because this change
touched the relevant code or because my use case happened to trigger the
issues that are fixed here.
* Cluster's spec.networkID field can be prefixed by project to use
GCP's common cross-project networking model.
* The presumption is that all specified subnets belong to this
network and therefore this project.
* Add missing operation wait on forwarding rule creation.
* Some Terraform output improvements:
* Permit no-ACL files in GCS buckets in Terraform output.
* Enable marginally better cross-resource reference in Terraform outputs
* Add project to network + subnetwork literals in Terraform output.
* Add terraform output to backend services and health checks.
Testing:
* Add mocks for backend services and health checks.
* Add minimal integration test - copied from gce_private and ilb added.
* Add update cluster goldens.
Co-authored-by: Travis Reid <travis_reid@apple.com>
Because the control-plane can recreate routes, there's a race between
deleting instances and deleting routes. Add a dependency so we don't
try to delete routes until after we've deleted all the instances.
GCE "classic" networking sets up routes to each instance. The route
name looks like `<cluster-name>-<uuid>`.
If the cluster name is long enough, it will be truncated. This was
confusing the route cleanup logic.
Subnets are created & owned for IPAlias mode. We weren't deleting
them because of a bug deleting when there is a hyphen in the name (and
by default they are named after the region, which has a hyphen).
Supporting IPv6 values where they can be set by the user, and ensuring
that IPv4 and IPv6 firewall rules are split because on GCP they cannot
be in the same rule.
This will automatically label PRs that touch these directories.
This makes it easier to query GitHub for PRs that affect certain areas of the code.
I mostly used existing labels but created some new ones as well.
We don't call klog.InitFlags yet, because that will cause a flag
redefinition error until we get everyone to stop using glog. That
will happen when we update to k8s 1.13.
The challenge here is that we normally only get the instance url. So we
have to do another call to GCE, but we also don't want to do one call
per instance.
Instead, we create a dump operation context object which we pass into the dump.
justinsb
Ciprian Hacman
Nat Henderson
Ole Markus With
Kubernetes Prow Robot
Jesse Haka
Peter Rifel
Kenji Kaneda
eric-hole
Christian van der Leeden
tanjunchen
mikesplain
chrislovecnm
Justin Santa Barbara