From 1155631d412b4f6105112f599f4e4dcc3fa383e9 Mon Sep 17 00:00:00 2001
From: Evan Baker <rbtr@users.noreply.github.com>
Date: Wed, 19 Jan 2022 01:13:15 +0000
Subject: [PATCH 1/2] server-side filtering for nnc objects

Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
---
 cns/service/main.go | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/cns/service/main.go b/cns/service/main.go
index e22f4d5bc5..932a560ad6 100644
--- a/cns/service/main.go
+++ b/cns/service/main.go
@@ -46,8 +46,11 @@ import (
 	"github.com/Azure/azure-container-networking/store"
 	"github.com/avast/retry-go/v3"
 	"github.com/pkg/errors"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/types"
 	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/cache"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -932,10 +935,28 @@ func InitializeCRDState(ctx context.Context, httpRestService cns.HTTPService, cn
 		return err
 	}
 
+	// the nodeScopedCache sets Selector options on the Manager cache which are used
+	// to perform *server-side* filtering of the cached objects. This is very important
+	// for high node/pod count clusters, as it keeps us from watching objects at the
+	// whole cluster scope when we are only interested in the Node's scope.
+	nodeScopedCache := cache.BuilderWithOptions(cache.Options{
+		SelectorsByObject: cache.SelectorsByObject{
+			&v1alpha.NodeNetworkConfig{}: {
+				Field: fields.SelectorFromSet(fields.Set{"metadata.name": nodeName}),
+			},
+			&corev1.Pod{}: {
+				Field: fields.SelectorFromSet(fields.Set{"spec.nodeName": nodeName}),
+			},
+			&corev1.Node{}: {
+				Field: fields.SelectorFromSet(fields.Set{"metadata.name": nodeName}),
+			},
+		},
+	})
 	manager, err := ctrl.NewManager(kubeConfig, ctrl.Options{
 		Scheme:             nodenetworkconfig.Scheme,
 		MetricsBindAddress: cnsconfig.MetricsBindAddress,
 		Namespace:          "kube-system", // TODO(rbtr): namespace should be in the cns config
+		NewCache:           nodeScopedCache,
 	})
 	if err != nil {
 		return errors.Wrap(err, "failed to create manager")

From 32bdad48dcefb4c7fdcb32268cb889e5fc563299 Mon Sep 17 00:00:00 2001
From: Evan Baker <rbtr@users.noreply.github.com>
Date: Wed, 19 Jan 2022 23:08:54 +0000
Subject: [PATCH 2/2] yagni node and pod fields in cache builder

Signed-off-by: Evan Baker <rbtr@users.noreply.github.com>
---
 cns/service/main.go | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/cns/service/main.go b/cns/service/main.go
index 932a560ad6..61e1490e51 100644
--- a/cns/service/main.go
+++ b/cns/service/main.go
@@ -46,7 +46,6 @@ import (
 	"github.com/Azure/azure-container-networking/store"
 	"github.com/avast/retry-go/v3"
 	"github.com/pkg/errors"
-	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/types"
 	ctrl "sigs.k8s.io/controller-runtime"
@@ -944,12 +943,6 @@ func InitializeCRDState(ctx context.Context, httpRestService cns.HTTPService, cn
 			&v1alpha.NodeNetworkConfig{}: {
 				Field: fields.SelectorFromSet(fields.Set{"metadata.name": nodeName}),
 			},
-			&corev1.Pod{}: {
-				Field: fields.SelectorFromSet(fields.Set{"spec.nodeName": nodeName}),
-			},
-			&corev1.Node{}: {
-				Field: fields.SelectorFromSet(fields.Set{"metadata.name": nodeName}),
-			},
 		},
 	})
 	manager, err := ctrl.NewManager(kubeConfig, ctrl.Options{