Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create warning Events when k8s objects translation fails #3097

Closed
31 of 32 tasks
czeslavo opened this issue Oct 25, 2022 · 0 comments
Closed
31 of 32 tasks

Create warning Events when k8s objects translation fails #3097

czeslavo opened this issue Oct 25, 2022 · 0 comments
Assignees
@czeslavo
Labels
area/docs area/feature New feature or request
Milestone
KIC v2.8.0

Comments

@czeslavo
Copy link
Contributor

czeslavo commented Oct 25, 2022
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Problem Statement

The parser is designed so that if it detects an issue with translating a Kubernetes object (a validation error is detected), it can skip a given object in a resulting KongState. Currently, it does so for a couple of objects, examples of such validation errors are:

In order to make the errors' details visible to the users in a more structured format than just error logs, we would like to introduce warning KongConfigurationTranslationFailed Events.

Proposed Solution

Create a corev1.Event with a type Warning and a reason KongConfigurationTranslationFailed when a validation error occurs. Every event should have an involved object reference, a reason (meant to be a computer-friendly slug), and a message (meant to be a human-friendly description of the reason). By specifying an involved object, we make the event visible to a user kubectl describe-ing the affected resource or kubectl get-ting all the events (potentially filtering them by the reason we introduce).

Suggested split of code changes

  1. Introduce TranslationFailure and TranslationFailuresCollector types (feat(#3097): add TranslationFailure and TranslationFailuresCollector with unit tests #3110)
  2. Use TranslationFailuresCollector in the Parser (feat(#3097): use TranslationFailureCollector in Parser #3111)
  3. Adapt existing translation errors in the Parser routines to start reporting TranslationFailures (preferably one PR per kind).
  4. Use []TranslationFailure to produce corev1.Events (feat(#3097): create warning translation failure events for CA secrets #3125)
  5. Update https://docs.konghq.com/kubernetes-ingress-controller/latest/troubleshooting/ docs. (#4779)

Additional information

PoC: #3088

Acceptance Criteria

  • When any validation error1 is detected in the parser, a warning corev1.Event is created with the KongConfigurationTranslationFailed reason and a detailed human-readable message describing the reason.
  • Every KongConfigurationTranslationFailed is associated with all objects that may be affected by the translation error (e.g. faulty CA certificate affecting a KongPlugin)
  • Documentation is updated so that users understand they can query Events in order to mitigate problems with their configuration (a new section under https://docs.konghq.com/kubernetes-ingress-controller/latest/troubleshooting/ could be added?)

[1] a validation error is considered to be any code branch in the parsing routines under internal/dataplane/parser that ends up with a continue statement and an error log.
@czeslavo czeslavo added area/feature New feature or request area/docs labels Oct 25, 2022
@czeslavo czeslavo self-assigned this Oct 25, 2022
@mflendrich mflendrich added this to the KIC v2.8.0 milestone Oct 25, 2022
This was referenced Oct 26, 2022
Closed
Merged
czeslavo added a commit that referenced this issue Oct 27, 2022
@czeslavo
feat(#3097): add TranslationFailure and TranslationFailuresCollector …
318e60f 
…with unit tests (#3110)

Introduces utility types that are going to be used for collecting failures that happen during the translation process.
czeslavo added a commit that referenced this issue Oct 27, 2022
@czeslavo
feat(#3097): add TranslationFailure and TranslationFailuresCollector …
1e92d40 
…with unit tests (#3110)

Introduces utility types that are going to be used for collecting failures that happen during the translation process.
This was referenced Oct 27, 2022
Merged
Closed
czeslavo added a commit that referenced this issue Oct 28, 2022
@czeslavo
feat(#3097): use TranslationFailureCollector in Parser (#3111)
7220e7b 
It adds TranslationFailureCollector to the Parser. Build method is modified so that translation failures are returned from it. KongClient inspects the failures and in case any occurred, reports TranslationCount metric with SuccessKey=SuccessFalse.
This was referenced Oct 28, 2022
Merged
Merged
czeslavo added a commit that referenced this issue Nov 3, 2022
@czeslavo
feat(#3097): create warning translation failure events for CA secrets (
bf5fb88 
…#3125)

It starts creating Kubernetes Events for all TranslationFailures detected during the translation phase. It will create one event per causing object. An integration test suite is also added in order to track all translation failure cases - which should make eventual future refactors safer (e.g. moving validation rules from the parser to the controllers).
This was referenced Nov 4, 2022
Merged
Merged
czeslavo added a commit that referenced this issue Nov 7, 2022
@czeslavo
feat(#3097): propagate translation failures for annotations not match…
d26e653 
…ing in grouped services (#3130)

Adds propagation of translation failure: annotations not matching in services backing a single route.
@czeslavo czeslavo mentioned this issue Nov 7, 2022
Merged
1 task
czeslavo added a commit that referenced this issue Nov 7, 2022
@czeslavo
feat(#3097): use CRD validations for TCP/UDPIngress (#3136)
a3c40fc 
Modifies CRDs' annotations so they correctly validate their fields. An integration test suite is added to ensure that validations are in place indeed and prevent objects from creation. Parser's validations are removed.
czeslavo added a commit that referenced this issue Nov 7, 2022
@czeslavo
feat(#3097): propagate translation failures for missing service's ref…
c9b3bb4 
…erred client-cert (#3137)

Propagates translation failures for services for which the referred client-cert cannot be fetched.
This was referenced Nov 8, 2022
Merged
Merged
Merged
czeslavo added a commit that referenced this issue Nov 9, 2022
@czeslavo
feat(#3097): propagate translation failures for netv1.Ingress (#3138)
ca86910 
Introduces propagating of translation failures related to Ingress resources:
- missing service,
- missing service port.
@czeslavo czeslavo mentioned this issue Nov 9, 2022
Merged
1 task
czeslavo added a commit that referenced this issue Nov 9, 2022
@czeslavo
feat(#3097): propagate translation failures for gateway listeners ref…
64bc2f0 
…erred secrets (#3147)

Adds propagation of translation failures for Gateway.Listeners that:
- specify more than one certReference,
- refer to a secret that has no valid TLS key-pair embedded.
This was referenced Nov 14, 2022
Merged
Closed
Merged
czeslavo added a commit that referenced this issue Nov 15, 2022
@czeslavo
feat(#3097): propagate translation failures for ingress referred secr…
158c3a6 
…ets (#3150)
@czeslavo czeslavo mentioned this issue Nov 15, 2022
Closed
4 tasks
czeslavo added a commit that referenced this issue Nov 16, 2022
@czeslavo
feat(#3097): propagate translation failures for http routes not havin…
df1f9d9 
…g backend refs (#3167)

Adds propagation of translation failures for HTTPRoute not having any backendRef specified.
@mflendrich mflendrich mentioned this issue Dec 1, 2022
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@czeslavo czeslavo

Labels
area/docs area/feature New feature or request
Projects
None yet
Milestone
KIC v2.8.0
Development

No branches or pull requests
2 participants
@mflendrich @czeslavo