Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: reuse KongPlugin resources across ingress resources #121

Merged
merged 1 commit into from
Sep 11, 2018
Merged

feat: reuse KongPlugin resources across ingress resources #121

merged 1 commit into from
Sep 11, 2018

Conversation

hbagdi
Copy link
Member

@hbagdi hbagdi commented Sep 10, 2018

Problem:
KongPlugin custom resource defines a Plugin in Kong.
Currently, a KongPlugin resource exists for every Plugin entity in Kong.
The sync process ensures that KongPlugin and the corresponding Plugin
entitiy in Kong are in sync and diff them as they share the same ID
(UID/UUID). This is not a scalable or maintainable configuration. If
there are a large (100s) number of ingress rules or services, there will
be similar number of KongPlugin objects for each plugin that is enabled
on those routes/services.
See #6
See #83

Solution:
Decouple k8s KongPlugin and Plugin entities in Kong, there-by removing
the unnecessary duplication.
This solution implies that there is not a KongPlugin resource in k8s for every
Plugin entity in Kong. This is fine as long as there can exists only a
single plugin of any type (type is key-auth, rate-limiting etc), which
is the case in Kong.
The diff and sync logic has been updated to compare
the correct plugin entity in Kong.
This makes a KongPlugin resource much more usable. If one wants to
change a configuration of plugin across multiple ingress, changing a
single KongPlugin resource will change it in all the ingress rules (or
routes/services in Kong's terminology).

@codecov-io
Copy link

codecov-io commented Sep 10, 2018
edited
Loading

Codecov Report

Merging #121 into master will increase coverage by 0.2%.
The diff coverage is 0%.

Impacted file tree graph

@@            Coverage Diff            @@
##           master     #121     +/-   ##
=========================================
+ Coverage   31.39%   31.59%   +0.2%     
=========================================
  Files          33       33             
  Lines        2956     2937     -19     
=========================================
  Hits          928      928             
+ Misses       1915     1896     -19     
  Partials      113      113
Impacted Files Coverage Δ
internal/ingress/controller/kong.go 1.16% <0%> (+0.03%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5f77752...8490c94. Read the comment docs.

@hbagdi
feat: reuse KongPlugin resources across ingress resources
8490c94 
Problem:
KongPlugin custom resource defines a Plugin in Kong.
Currently, a KongPlugin resource exists for every Plugin entity in Kong.
The sync process ensures that KongPlugin and the corresponding Plugin
entitiy in Kong are in sync and diff them as they share the same ID
(UID/UUID). This is not a scalable or maintainable configuration. If
there are a large (100s) number of ingress rules or services, there will
be similar number of KongPlugin objects for each plugin that is enabled
on those routes/services.
See #6
See #83

Solution:
Decouple k8s KongPlugin and Plugin entities in Kong, there-by removing
the unnecessary duplication.
This solution implies that there is not a KongPlugin resource in k8s for every
Plugin entity in Kong. This is fine as long as there can exists only a
single plugin of any type (type is key-auth, rate-limiting etc), which
is the case in Kong.
The diff and sync logic has been updated to compare
the correct plugin entity in Kong.
This makes a KongPlugin resource much more usable. If one wants to
change a configuration of plugin across multiple ingress, changing a
single KongPlugin resource will change it in all the ingress rules (or
routes/services in Kong's terminology).
hbagdi
hbagdi commented Sep 11, 2018
View reviewed changes
internal/ingress/controller/kong.go
p := kongadminv1.Plugin{
Name: pluginInKong.Name,
Config: kongadminv1.Configuration(pluginInk8s.Config),
Enabled: pluginInk8s.Disabled,
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need to check if this should be !.

fffonion
fffonion reviewed Sep 11, 2018
View reviewed changes
internal/ingress/controller/kong.go
} else {
// Plugins present in Kong and k8s need should have same configuration
if !pluginDeepEqual(pluginInk8s.Config, &pluginInKong) ||
(!pluginInk8s.Disabled != pluginInKong.Enabled) ||
Copy link
Contributor

@fffonion fffonion Sep 11, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should this be disabled == enabled that indicates they are not same? oh i missed the ! at front, does it make sense to just be pluginInk8s.Disabled == pluginInKong.Enabled?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This Enabled and Disabled is pretty confusing and extremely easy to trip over.
I plan to refactor it at some point but for now, I'll make this change.

@fffonion
Copy link
Contributor

Should we abstract the logic of comparing plugins in routes and services into a seperate function? Seems like most of the code are same.

@hbagdi hbagdi merged commit 2550758 into master Sep 11, 2018
@hbagdi hbagdi deleted the feat/reuse-kong-plugin-cr branch September 11, 2018 20:30
This was referenced Sep 11, 2018
Closed
Closed
@zhigang zhigang mentioned this pull request Sep 19, 2018
Closed
hbagdi added a commit that referenced this pull request Oct 23, 2018
@hbagdi
feat: reuse KongPlugin resources across ingress resources
c207eb4 
Problem:
KongPlugin custom resource defines a Plugin in Kong.
Currently, a KongPlugin resource exists for every Plugin entity in Kong.
The sync process ensures that KongPlugin and the corresponding Plugin
entitiy in Kong are in sync and diff them as they share the same ID
(UID/UUID). This is not a scalable or maintainable configuration. If
there are a large (100s) number of ingress rules or services, there will
be similar number of KongPlugin objects for each plugin that is enabled
on those routes/services.
See #6
See #83

Solution:
Decouple k8s KongPlugin and Plugin entities in Kong, there-by removing
the unnecessary duplication.
This solution implies that there is not a KongPlugin resource in k8s for every
Plugin entity in Kong. This is fine as long as there can exists only a
single plugin of any type (type is key-auth, rate-limiting etc), which
is the case in Kong.
The diff and sync logic has been updated to compare
the correct plugin entity in Kong.
This makes a KongPlugin resource much more usable. If one wants to
change a configuration of plugin across multiple ingress, changing a
single KongPlugin resource will change it in all the ingress rules (or
routes/services in Kong's terminology).

From #121
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fffonion fffonion fffonion approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@hbagdi @codecov-io @fffonion