Refactor k8s identities GC into a cell.Module #22892
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pippolo84
added
area/operator
pippolo84
changed the title
github-actions
bot
added
the
kind/community-contribution
pippolo84
force-pushed
the
pr/pippolo84/k8s-identity-gc-module
branch
3 times, most recently
from
dea7575
to
8e99618
Compare
joamaki
requested changes
Jan 9, 2023
operator/cmd/k8s_identity_gc_test.go
Outdated
| } | ||
|
|
||
| // signal that endpoints are sync-ed, otherwise identities gc won't start | ||
| close(watchers.CiliumEndpointsSynced) |
There was a problem hiding this comment.
Should add Resource[*CiliumEndpoints] and get rid of this. The test also doesn't seem to check whether we correctly keep identities that have a CiliumEndpoint associated with them.
There was a problem hiding this comment.
We'll also need to have the CiliumEndpoints indexed by identity ID (e.g. with something like: https://github.com/joamaki/cilium/blob/pr/joamaki/operator-resource-trials/pkg/k8s/resource/index.go).
There was a problem hiding this comment.
Yep, I'll make this the priority for the next architecture-related PR.
pippolo84
force-pushed
the
pr/pippolo84/k8s-identity-gc-module
branch
from
8e99618
to
484ae47
Compare
|
I've merged the kvstore mode gc into the same cell and reworked the code. The changes regarding the unit test are not there yet. |
joamaki
reviewed
Jan 11, 2023
joamaki
reviewed
Jan 11, 2023
pippolo84
force-pushed
the
pr/pippolo84/k8s-identity-gc-module
branch
2 times, most recently
from
070876d
to
d44050e
Compare
joamaki
reviewed
Jan 12, 2023
joamaki
reviewed
Jan 12, 2023
joamaki
reviewed
Jan 12, 2023
pippolo84
force-pushed
the
pr/pippolo84/k8s-identity-gc-module
branch
from
d44050e
to
e890124
Compare
|
The unit test has been extended to check that identities used by an endpoint are not gc-ed. |
pippolo84
force-pushed
the
pr/pippolo84/k8s-identity-gc-module
branch
4 times, most recently
from
716d684
to
b5839ff
Compare
pippolo84
added
the
dont-merge/bad-bot
aanm
removed
the
ready-to-merge
|
Added this commit to prevent modification of identity objects returned (and owned) by the resource informer. |
pippolo84
force-pushed
the
pr/pippolo84/k8s-identity-gc-module
branch
from
4dfee60
to
c4fab44
Compare
Add Cilium Identities as a shared resource in the proper cell. This will enable the modularization of all subsystems that depend on CiliumIdentities events streaming. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
Add a new cell.Module to implement the CiliumIdentity GC. This improves the testability of the GC code through unit tests, without relying on more complicated (and slow) controlplane tests. Besides, the modularization of the GC cleans up the operator bootstrap code, since all the GC specific parts are now moved to their cell. The cell supports both GC modes: CRD allocated identities or kvstore allocated identities. The code is moved inside the `identity` package and has the following structure: operator/identity/ ├── cell.go ├── crd_gc.go ├── gc.go ├── heartbeat.go └── kvstore_gc.go where: - `cell.go` contains all the exported API for the new cell, alongside its dependencies and configuration. - `gc.go` contains the common part of both gc modes. - `crd_gc.go` and `heartbeat.go` contain the CRD allocation mode specific GC part. - `kvstore`contains the kvstore allocation mode specific GC part. The new cell relies on `resource.Resource[*v2.CiliumIdentity]` to listen for CiliumIdentity related events and react accordingly. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
The heartbeat store used to keep track of the last insert/update timestamps of each identities is an implementation detail related only to the inner workings of the identities GC. The commit changes all the related APIs to make them unexported. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
Unlike global configuration options, cell-specific configuration options (i.e. the ones defined through cell.Config(...)) will not be loaded from `agentOption` or `operatorOption`, but from the `*viper.Viper` object bound to the test hive. `modCellConfig` function exposes the operator hive viper struct to each controlplane test, so to allow changing those options as needed. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
Add a unit test for the CiliumIdentities GC operating in CRD allocation mode. The new unit test verifies that an Identity is correctly gc-ed when it has neither been updated in the last heartbeat cycle nor used by a CiliumEndpoint. Besides, the test adds a check for leaked goroutines using goleak. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
The global node watcher relies on an unexported rate limiting queue that starts a goroutine to listen for related events. Being unexported, there are no means to stop that goroutine when running unit tests like the identities gc one in operator/identity. To avoid leaking goroutines, an exported API is added so to stop the node queue before the test termination. This is a temporary solution before refactoring the watchers package to use the new "hive and cells" architecture. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
Controlplane test identities GC has been superseded by the identities GC unit test in operator/identity. The two test are functionally equivalent, so the controlplane one is removed. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
Do not start the heartbeat updater for CRD mode identities GC when the related interval is set to 0. The heartbeat updater single purpose is to mark all identities that have been just created, in order to avoid the GC to collect them immediately after creation. When the GC is disabled, there is no point in starting it. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
To avoid repeating log entries, inner logging of updates and deletions ops on identities is removed. Also, the log entry related to the collection of an identity is lowered to debug level to avoid flooding the log too much. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
In order to gracefully shutdown the identities GC, all critical errors are reported to the upper layer instead of relying on a call to Fatal(). Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
All the code in operator/identity is there only to implement the Cilium identities gc. Renaming it makes its purpose clearer and also avoids the name clashing with pkg/identity package. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
Since the GC does not export any API, it is possible not to return the internal object and just register its start and stop hooks to hive.Lifecycle directly. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
Even if (prometheus.Gauge).Set requires a float64 value, declaring the counters for successful and unsuccessful gc runs as such might feel confusing to the casual reader. The type is then changed to int and a type conversion to float64 is added at each Set call site. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
The identities returned by the underlying identity resource informer are owned by the informer itself, thus they should be deep copied before being modified. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
This commit regenerates the cmdref documentation files following the refactor of the identites gc into a cell. Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
pippolo84
force-pushed
the
pr/pippolo84/k8s-identity-gc-module
branch
from
c4fab44
to
45485f3
Compare
|
Rebased onto master to fix build-commits test failure and updated operator cmdref. |
tommyp1ckles
approved these changes
Jan 30, 2023
|
/test |
pippolo84
removed
the
dont-merge/bad-bot
maintainer-s-little-helper
bot
added
the
ready-to-merge
8 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Port the current implementation of the CiliumIdentity GC to a separate
cell.Module.This makes possible to improve the testing of the GC code through unit tests, without relying on more complicated (and slow) controlplane tests.
Besides, the modularization of the GC cleans up the operator bootstrap code, since all the GC specific parts are now moved to their cell.
The new cell contains the code for both GC modes: CRD allocated identities and kvstore allocated identities.
The GC is moved inside the
identitypackage and has the following structure:where:
cell.gocontains all the exported API for the new cell, alongside its dependencies and configuration.gc.gocontains the common part of both gc modes.crd_gc.goandheartbeat.gocontain the CRD allocation mode specific GC part.kvstorecontains the kvstore allocation mode specific GC part.The new cell relies on
resource.Resource[*v2.CiliumIdentity]to listen for CiliumIdentity related events and react accordingly.Note for the reviewers
This is probably better to review commit by commit. The most impactful one is 1a482f8d3a08147410e65d91adbc6e49515a49b4, but despite the number of files modified, it aims to add the minimum amount of changes needed to modularize the identities GC code in a separate cell.
Further cleanups are left in the subsequent commits.