Use custom container for OCCM when using OVN LB. (!407) · Merge requests · Sovereign Cloud Stack / k8s-cluster-api-provider

Kurt Garloff requested to merge feat/use-patched-occm-tcp-hm-ovn into main Apr 11, 2023

Created by: garloff

We currently need a patched OCCM that falls back to TCP HealthMon when HTTP is not supported (OVN LB). Detect this and create own version of k8s occm manifest for this.

With this, when calling create_cluster.sh --allow-preview-features with setting USE_OVN_LB_PROVIDER: true or auto, we will have a very nicely working LB in front of a service, fully supporting externalTrafficPolicy: local by handling both the failover as well as the client IP visibility -- without resorting to proxy-protocol trickery. This requires SCS R4 (OSISM v5.0.0 or better v5.1.0) IaaS (OpenStack zed with current OvS/OVN).

This is what we have been working on for a while, see issues/#298, and #325 (closed).

Of course this can only be an intermediary state. A patch needs to go upstream into OCCM ... before this can be considered without --allow-preview-features. But do the integration now, so the usefulness can be demonstrated and the feature be tested without manual lumbing.

Use custom container for OCCM when using OVN LB.

Merge request reports