Kubeslice Worker Operator Opensource Repository: The KubeSlice Worker Operator is a Kubernetes operator that manages the lifecycle of KubeSlice worker clusters.
Apache License 2.0
58
stars
19
forks
source link
feat(): Add slice gw edge feature to use a LB for inter-cluster traffic (test automation is WIP) #316
Introducing a slice gateway edge service of type LoadBalancer to receive all inter-cluster traffic from remote clusters of a slice. The backend for this service would be a passthrough proxy that uses NAT rules to forward the traffic to the right slice gateway vpn server pod. It will only be created on those clusters that are assigned to host one or more vpn servers.
The doc for this feature contains more details: https://docs.google.com/document/d/1nLHZpeeKd_LvK7fiXK0OExUB_8TS_HzS5eVYzrYGOy8/edit?usp=sharing
Fixes #
This is not a bug fix. This is a new feature.
How Has This Been Tested?
Tested this feature on cloud clusters where a service of type LoadBalancer could be created. On a two cluster setup, a slice with the slice gateway service type set to LB for the first cluster was created.
Verified that the slice gw edge service is created.
Verified that the service contains the correct ports list corresponding to the NodePort numbers of all the slice gw vpn servers.
Verified that the Slice Gw Edge (SGE) deployment is created automatically.
Verified that the operator sends the correct portmap to the SGE.
Verified that the SGE creates DNAT and MASQUERADE rules to forward the incoming traffic to the right vpn server pod.
Checklist:
[x] The title of the PR states what changed and the related issues number (used for the release note).
[x] Does this PR requires documentation updates?
[ ] I've updated documentation as required by this PR.
[x] I have ran go fmt
[x] I have updated the helm chart as required by this PR.
[x] I have performed a self-review of my own code.
[x] I have commented my code, particularly in hard-to-understand areas.
[x] I have tested it for all user roles.
[ ] I have added all the required unit test cases.
[ ] I have verified the E2E test cases with new code changes.
Description
Introducing a slice gateway edge service of type LoadBalancer to receive all inter-cluster traffic from remote clusters of a slice. The backend for this service would be a passthrough proxy that uses NAT rules to forward the traffic to the right slice gateway vpn server pod. It will only be created on those clusters that are assigned to host one or more vpn servers. The doc for this feature contains more details: https://docs.google.com/document/d/1nLHZpeeKd_LvK7fiXK0OExUB_8TS_HzS5eVYzrYGOy8/edit?usp=sharing
Fixes #
This is not a bug fix. This is a new feature.
How Has This Been Tested?
Tested this feature on cloud clusters where a service of type LoadBalancer could be created. On a two cluster setup, a slice with the slice gateway service type set to LB for the first cluster was created. Verified that the slice gw edge service is created. Verified that the service contains the correct ports list corresponding to the NodePort numbers of all the slice gw vpn servers. Verified that the Slice Gw Edge (SGE) deployment is created automatically. Verified that the operator sends the correct portmap to the SGE. Verified that the SGE creates DNAT and MASQUERADE rules to forward the incoming traffic to the right vpn server pod.
Checklist:
go fmtDoes this PR introduce a breaking change?
NO