Updating Topology Aware Hints KEP with GA Graduation Criteria

[robscott]

• Updates Topology Aware Hints KEP with GA Graduation Criteria

• Issue link: Topology Aware Routing #2433

This is also closely related to #3293.

/sig network
/cc @andrewsykim @bowei @dcbw @danwinship
/assign @thockin @wojtek-t

[wojtek-t]

@robscott - two comments, other than that it LGTM

[wojtek-t]

Commenting here, since can't comment on unchanged line:

L563: Two things that are missing to me in tests are:

(a) the strategy-level test (like this: https://github.com/kubernetes/kubernetes/pull/97058/files#diff-7826f7adbc1996a05ab52e3f5f02429e94b68ce6bce0dc534d1be636154fded3R246-R282 ) that is ensuring that dropping fields is working as expected

(b) Disablement test in endpoint-slice controller, sth like:

• EPS with hints exist, EPS-controller is started with FG disabled, ensure that all EPS are rewritten without hints now

L581: Please update (I hope that some manual upgrade test were run, so please briefly describe it in the text - what setup and what you did)

[robscott]

Thanks @wojtek-t! Addressed both of these with latest push (and added to graduation criteria).

[danwinship]

Why not a ServiceStatus field? (The samples below really sound like a Condition.)

[thockin]

Today the endpoint-slice controller doesn't have RBAC access to Service, and ServiceStatus doesn't have a Conditions field. I am not against either, per se, but it's worth considering. It DOES feel like a condition.

[robscott]

Agree this feels like a condition. I wanted to add that, but I also didn't want this to be dependent on a change to Service API.

[danwinship]

The EndpointSlice controller sees events even for EndpointSlices that it doesn't manage. It could check for this situation.

[robscott]

You're right that we could, but I'm worried about loosening our filtering here: https://github.com/kubernetes/kubernetes/blob/master/pkg/controller/endpointslice/endpointslice_controller.go#L357-L361. It seems like a place that we could easily break things if we were not careful. I'm not sure that this particular edge case justifies that risk.

[danwinship]

Normally beta implies "feature gate on by default"... did we just declare beta in 1.23 but leave it disabled? Was that an accident or by design? Might be worth explaining just for clarity...

[robscott]

Definitely an accident, and realized a few days too late :(. Will add a note.

[danwinship]

Given that you're claiming we're going to make GA in 1.26, that would imply that these plans already exist, in which case can you link to them?

[robscott]

I'm not sure how this process works. I'd thought that graduation criteria had to be met prior to making the change in upstream k8s OSS, not before the KEP updates including the graduation criteria merged. I will say that it will be quite a stretch to get this to GA in 1.26, I just want to make sure we're making real progress towards these goals in the 1.26 release.

[danwinship]

OK, true, the criteria don't have to be met yet, but it seems a little sketchy to claim we're planning to make GA for 1.26 when that depends on other teams doing work which isn't started yet...

[robscott]

@danwinship I'm not tied to this getting to GA in 1.26, that does seem fairly unlikely at our current pace. Would you feel better if we set the GA target date as 1.27 in this PR?

[thockin]

I don't know if that needs to block this - Dan, you want to make the call?

[danwinship]

I guess if we don't claim 1.26 now then we're blocked from doing it later? So if there's any chance it might happen then I guess we want to say that...

[thockin]

For GA, what is the behavior when the service.kubernetes.io/topology-aware-routing annotation is not specified - will we assume "Default" or do users still need to opt-in on every Service?

[robscott]

For GA, what is the behavior when the service.kubernetes.io/topology-aware-routing annotation is not specified - will we assume "Default" or do users still need to opt-in on every Service?

I'm not confident enough in this feature to default it to on quite yet. I think I'd rather hide that behind a separate feature gate and see it go through a separate graduation process.

[danwinship]

/lgtm

[thockin]

The SIG says:

/approve

[danwinship]

/lgtm

[wojtek-t]

Too late now, but we should have done that before Beta (which enabled that by default).
Anyway - let's that that testing before graduating to GA and update the KEP with the results.

[robscott]

Makes sense, will do. I'm pretty sure I did this kind of manual testing, but it was more than a year ago and I clearly failed to record any results in the GEP.

[wojtek-t]

/lgtm
/approve PRR

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: robscott, thockin, wojtek-t

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• keps/prod-readiness/OWNERS [wojtek-t]
• keps/sig-network/OWNERS [thockin]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment