eve icon indicating copy to clipboard operation
eve copied to clipboard
verified publisher icon lf-edge

Support for ZKS service and ingress networking

Open naiming-zededa opened this issue 6 months ago • 3 comments

  • Allow zedkube to periodically checking on cluster service, ingress
  • exclude certain namespaces, and services, allow dynamically learning on cluster services ports, and ingress
  • publish to the KubeUserServices for kubernetes services
  • nim subscribe to the KubeUserServices from zedkube and triggers update if the items changes
  • handle the service ports, and ingress ports with NodePort or Loadbalancer types
  • allow cni0/cluster-prefix outbound traffic to be marked properly
  • handle Authorized Cluster Endpoint for local kubectl access
  • documented the zks networking in zedkube.md

Description

Allow for ZKS networking to enable kubernetes services, ingress and load-balancer operations

PR dependencies

How to test and validate this PR

With this PR patch, compile EVE with HV type 'kubevirt', one can deploy services, ingress resources and allow the users to access the pod through the NodePort or LoadBalancer types.

Testing Done.

Have tested on single node k3s and multiple node cluster setup, with combined cluster-prefix interface and separate cluster-prefix interfaces. and configured with different service types, ingress types, and load-balancers.

Changelog notes

Support the EVE device allowing kubernetes services, ingresses

PR Backports

Checklist

  • [ x ] I've provided a proper description
  • [ x ] I've added the proper documentation (when applicable)
  • [ x ] I've tested my PR on amd64 device(s)
  • [ ] I've tested my PR on arm64 device(s)
  • [ ] I've written the test verification instructions
  • [ ] I've set the proper labels to this PR

naiming-zededa avatar Jun 10 '25 01:06 naiming-zededa

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 24.97%. Comparing base (492ba34) to head (21dde1f). Report is 48 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #4948      +/-   ##
==========================================
+ Coverage   21.07%   24.97%   +3.89%     
==========================================
  Files           8        8              
  Lines        1167     1185      +18     
==========================================
+ Hits          246      296      +50     
+ Misses        861      820      -41     
- Partials       60       69       +9

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

:rocket: New features to boost your workflow:
  • :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

codecov[bot] avatar Jun 10 '25 01:06 codecov[bot]

It would be nice to add some unit test to check the generated Kubernetes iptables rules: https://github.com/lf-edge/eve/blob/master/pkg/pillar/dpcreconciler/linux_test.go

milan-zededa avatar Jun 11 '25 08:06 milan-zededa

It would be nice to add some unit test to check the generated Kubernetes iptables rules: https://github.com/lf-edge/eve/blob/master/pkg/pillar/dpcreconciler/linux_test.go

Ok, i'll add some into that file.

naiming-zededa avatar Jun 14 '25 04:06 naiming-zededa

I still see commits like "Handle review comments" as a total disrespect to the process we are trying to establish.

OhmSpectator avatar Jun 30 '25 14:06 OhmSpectator

@naiming-zededa , thanks for addressing all the comments. Although is fine to create a commit to organize your changes after reviews, we always expect the PR to be consolidated into relevant commits, that break logically the changes and are ready for merge. We do have few exceptions merged to our code, but definitely we want to avoid commits like "Handle review comments" or even mentions to PRs, etc, because PRs are solely at GitHub and it won't be available on any forks. Also, they must contain relevant information, that describes the changes, as you did in the commit https://github.com/lf-edge/eve/pull/4948/commits/13dfc4711c0f6b3c579ce3eca1c35a008f3a9351.

In order to get this PR ready for merge, please, just squash the commits into the first one, that already contains the relevant description for the changes being made and we are good to go.

rene avatar Jul 03 '25 11:07 rene

@rene @OhmSpectator , squashed the commits, and rebased. please take a look.

naiming-zededa avatar Jul 03 '25 16:07 naiming-zededa

@naiming-zededa , thanks for addressing all the comments

@rene not all comments are addressed, e.g. https://github.com/lf-edge/eve/pull/4948/files#r2150438155

christoph-zededa avatar Jul 04 '25 11:07 christoph-zededa

@naiming-zededa need to resolve conflicts with master.

eriknordmark avatar Jul 04 '25 15:07 eriknordmark

@eriknordmark the PR is rebased.

naiming-zededa avatar Jul 04 '25 19:07 naiming-zededa

@naiming-zededa the eden tests have passed and I was about to merge this, but @rene pointed out that at least one comment has not been addressed even though you suggested how to address it. And you need to resolve a conflict with master.

eriknordmark avatar Jul 07 '25 18:07 eriknordmark

@eriknordmark rebased now, and comments should be addressed, basically above adding comments on the input meaning of the maps

naiming-zededa avatar Jul 07 '25 19:07 naiming-zededa