[K8s] Reworking 8s networking, especially for local connectivity service case#603
Merged
MRiganSUSX merged 8 commits intodevelopfrom Oct 7, 2025
Merged
[K8s] Reworking 8s networking, especially for local connectivity service case#603MRiganSUSX merged 8 commits intodevelopfrom
MRiganSUSX merged 8 commits intodevelopfrom
Conversation
8 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
!!! Requires DUNE-DAQ/daqsystemtest#244 !!!
Fixes part of #583.
This PR refactors the Kubernetes networking model. The previous approach, which relied on a manually managed kubectl port-forward subprocess and a socat proxy sidecar, has been replaced with a NodePort service and hostAliases.
Key Changes:
Replaced port-forward with a NodePort Service.
Now: The connection server pod is exposed via a standard Kubernetes NodePort service. This is the idiomatic way to expose a service to external traffic and is managed entirely by the Kubernetes cluster.
Replaced Proxy Sidecar with hostAliases.
Now: The sidecar has been removed. Pods now use the spec.hostAliases field to resolve localhost directly to the ClusterIP of the connection server's service. This is a more lightweight and direct networking approach.
Dynamic Port Extraction:
The connection server port is no longer a fixed configuration value. It is now dynamically extracted from the gunicorn command arguments in the BootRequest.
Code Simplification:
Removed all code related to managing the port-forward subprocess, including starting the process, monitoring its output, and ensuring it's killed correctly.
Removed the logic for injecting the sidecar container into pod manifests.
Removed configuration options like sidecar_image and port_forward_timeout that are no longer needed.
Type of change
Key checklist
python -m pytest)pre-commit run --all-files)Further checks
(Indicate issue here: # (issue))