Hypershift live migration #3478
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
qinqon
force-pushed
the
hypershift-live-migration
branch
2 times, most recently
from
f380c09
to
aee8984
Compare
qinqon
force-pushed
the
hypershift-live-migration
branch
19 times, most recently
from
188e45b
to
948521c
Compare
qinqon
force-pushed
the
hypershift-live-migration
branch
8 times, most recently
from
95908a0
to
af18346
Compare
qinqon
force-pushed
the
hypershift-live-migration
branch
5 times, most recently
from
a847ac8
to
ced79da
Compare
qinqon
added a commit
to qinqon/machine-config-operator
that referenced
this pull request
Jul 18, 2023
The live migration feature implemented at [1] creates a stable default gw for IPv4 and IPv6, for IPv4 it's delivered using DHCPv4 but for IPv6 there is not support for routes at DHCPv6. This change harcoded the IPv6 stable default gw using ignition. [1] ovn-org/ovn-kubernetes#3478 Signed-off-by: Enrique Llorente <[email protected]>
jcaamano
reviewed
Jul 18, 2023
|
|
||
| // There is a VM still running we should not deallocate the IP | ||
| // check to make sure no other pods are using this IP before we try to release it if this is a completed pod. | ||
| if !isMigratedSourcePodStale && util.PodCompleted(pod) { |
There was a problem hiding this comment.
I don't understand this. Shouldn't we be doing
if isMigratedSourcePodStale {
return false, nil
}
There was a problem hiding this comment.
also
if !util.PodCompleted(pod) {
return true, nil
}
| // controller's zone. | ||
| func (bnc *BaseNetworkController) ensurePodAnnotation(pod *kapi.Pod, nadName string) (*util.PodAnnotation, bool, error) { | ||
| zoneContainsPodSubnet := true | ||
| if !kubevirt.IsPodLiveMigratable(pod) { |
There was a problem hiding this comment.
Can we do this the other way around?
if kubevirt.IsPodLiveMigratable(pod) {
....
}
For clarity, I would prefer the special case (live migratable pods) to be handled in the if block, not the other way around
| @@ -339,6 +340,24 @@ func (allocator *allocator) ForSubnet(name string) NamedAllocator { | |||
| } | |||
| } | |||
|
|
|||
| // FindSwitchBySubnets will find the switch that contains one of the subnets | |||
| // from "subnets" if not it will return "", false | |||
| func (allocator *allocator) FindSwitchBySubnets(subnets []*net.IPNet) (string, bool) { | |||
There was a problem hiding this comment.
This allocator does not have the notion of a Switch. We need a different name. Maybe GetSubnetName or FindSubnetName or FindNameBySubnets , in order of my preference
There was a problem hiding this comment.
Going for GetSubnetName
| } | ||
|
|
||
| return oc.removeRemoteZonePod(pod) | ||
| return kubevirt.CleanUpLiveMigratablePod(oc.nbClient, oc.watchFactory, pod) |
There was a problem hiding this comment.
I know. My comment was alluding to clarity, not to a functional issue. It's a nit, up to you.
qinqon
force-pushed
the
hypershift-live-migration
branch
2 times, most recently
from
2a2e5fc
to
5ad69dd
Compare
jcaamano
reviewed
Jul 18, 2023
qinqon
force-pushed
the
hypershift-live-migration
branch
3 times, most recently
from
cfa6aab
to
28b0f5c
Compare
At live migration the IP has to follow the VM and at kubevirt it means that the new virt-launcher pod has to re-use the address from the old virt-launcher. This change annotate the new virt-launcher pods with the ip configuration of the old one so ipam can take over. Signed-off-by: Enrique Llorente <[email protected]>
The hypershift workers use DHCP for IP configuration, this change configure the ipv4/ipv6 DHCP options from the VM's LSP with the cidr from switch subnet, harcode arp proxy IP as default gw and the dns server from kubernetes or openshift service, it also configure the "arp_proxy" option at the LSP. Signed-off-by: Enrique Llorente <[email protected]>
Live migrated pods will keep their IP and it will be from a subnet different from the node switch, to continue routing to the proper node a point to point route need to be added to ovn_cluster_router that will change at live migration. This change add that route and implement the live migration switch. Signed-off-by: Enrique Llorente <[email protected]>
This change document the KubeVirt live migration explaining how to use it and illustrating it with an example. Signed-off-by: Enrique Llorente <[email protected]>
This change add e2e tests to check pre and post copy live migration, for that the "kind.sh" script has learn to install kubevirt. Github actions also include jobs to exercise it, the post-copy test has being disabled for them since it's not working at that env. To test that tcp connection survives live migration http connection reuse is check. Signed-off-by: Enrique Llorente <[email protected]>
If a new node is added we have the ip pool has to allocate the vm ips if node is taking over the vm subnet. Signed-off-by: Enrique Llorente <[email protected]>
This change group together the ip pool re-fill logic at "syncPods" and "addUpdateLocalNodeEvent" for live migratable pods. Signed-off-by: Enrique Llorente <[email protected]>
qinqon
force-pushed
the
hypershift-live-migration
branch
from
28b0f5c
to
ee312fe
Compare
qinqon
added a commit
to qinqon/cluster-network-operator
that referenced
this pull request
Jul 19, 2023
For the live-migration ovn-kuberntes features [1] CNO need to pass the namespace and name of the dns resolver service. [1] ovn-org/ovn-kubernetes#3478 Signed-off-by: Enrique Llorente <[email protected]>
qinqon
added a commit
to qinqon/cluster-network-operator
that referenced
this pull request
Jul 19, 2023
For the live-migration ovn-kuberntes features [1] CNO need to pass the namespace and name of the dns resolver service. [1] ovn-org/ovn-kubernetes#3478 Signed-off-by: Enrique Llorente <[email protected]>
qinqon
added a commit
to qinqon/cluster-network-operator
that referenced
this pull request
Jul 19, 2023
For the live-migration ovn-kuberntes features [1] CNO need to pass the namespace and name of the dns resolver service. [1] ovn-org/ovn-kubernetes#3478 Signed-off-by: Enrique Llorente <[email protected]>
jcaamano
approved these changes
Jul 19, 2023
jcaamano
dismissed
trozet’s stale review
It looks like @qinqon resolved the requested changes
|
Checked downstream CI here |
|
🎆 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
- What this PR does and why is it needed
Add support to hypershift kubevirt provider live migration by doing the following at hypershift workers virt-launcher pods:
- Special notes for reviewers
Changes for IC not included at the enhancement:
Depends on:
- Follow ups
event for worker1: {virt-handler ovn-worker2} Migrated: VirtualMachineInstance migration uid 75effe84-8f58-4890-b8ac-6995d74bd4ae failed. reason:Live migration failed error encountered during MigrateToURI3 libvirt api call: virError(Code=1, Domain=10, Message='internal error: unable to execute QEMU command 'migrate-set-capabilities': Postcopy is not supported')- How to verify it
Run KubeVirt e2e tests or follow example at the doc on the PR
- Description for the changelog
Add live migration support for KubeVirt VMs using default network