Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modularize API server (api/v1/server) #24016

Merged
merged 3 commits into from Apr 19, 2023
Merged

Modularize API server (api/v1/server) #24016

merged 3 commits into from Apr 19, 2023

Conversation

joamaki
Copy link
Contributor

@joamaki joamaki commented Feb 24, 2023
edited

This PR modularizes the cilium-agent's REST API server served over UNIX socket (cilium.sock) to
allow API handlers to be implemented from any module.

See #23882 for further motivation and individual commit messages for details.
The adaption to cilium-agent is left as follow-up PR.

After this a handler for Cilium API can be implemented thus:

import (
  policyapi "github.com/cilium/cilium/api/v1/server/restapi/policy"
)

var exampleHandlersCell = cell.Module(
  "example-handlers",
  "Example API handlers",

  cell.Provide(exampleHandlers),
)

type handlersOut struct {
  cell.Out

  GetIPHandler policyapi.GetIPHandler
  GetPolicyHandler policyapi.GetPolicyHandler
  // ...
}

func exampleHandlers(s Some, d Dependencies) handlersOut {
  return handlersOut{
    GetIPHandler: &getIPHandler{s, d},
    GetPolicyHandler: &getPolicyHandler{s, d},
    // ...
  }
}

type getIPHandler struct { /* ... */ }

func (h *getIPHandler) Handle(params GETIPParams) middleware.Responder {
  // ...
}

@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Feb 24, 2023
bimmlerd
bimmlerd reviewed Feb 24, 2023
View reviewed changes
api/v1/server/server.go Outdated Show resolved Hide resolved
bimmlerd
bimmlerd reviewed Feb 27, 2023
View reviewed changes
Copy link
Member

@bimmlerd bimmlerd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work!
Not too sure where handlers should live, having them all under daemon seems like a collection of mostly unrelated things again, but putting them closer to the modules the interface with doesn't encourage the clean separation as much.
Given they might share some handler code I'm in favour of collecting the handlers in one place, but I don't know how difficult it'll be to untangle them.

api/v1/server/server.go Outdated Show resolved Hide resolved
api/v1/server.gotmpl Show resolved Hide resolved
daemon/cmd/api_handlers.go Outdated
type handlersOut struct {
cell.Out

DaemonGetCgroupDumpMetadataHandler daemon.GetCgroupDumpMetadataHandler `optional:"true"`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

side note, I think optional:"true" isn't described in the hive documentation, so had to read up on it in https://pkg.go.dev/go.uber.org/dig#hdr-Optional_Dependencies

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right yeah this needs to be documented. Though I did just shoot myself in the foot with it.. I had the endpoint handler depend on ratelimiter that I hadn't provided and it just ignored it rather than complained about it (e.g. the optionality was infectious).. so might be better that it stays undocumented for now :D

I've removed the optional from this for now.

daemon/cmd/api_handlers.go Outdated Show resolved Hide resolved
daemon/cmd/handlers/endpoints.go Outdated Show resolved Hide resolved
@joamaki joamaki added the release-note/misc This PR makes changes that have no direct user impact. label Feb 28, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Feb 28, 2023
@joamaki joamaki force-pushed the pr/joamaki/api-server-cell branch 3 times, most recently from 44baaa4 to d0ff2ac Compare March 1, 2023 16:27
@joamaki joamaki mentioned this pull request Mar 6, 2023
Closed
@joamaki joamaki force-pushed the pr/joamaki/api-server-cell branch 3 times, most recently from b2da204 to 8a5b57a Compare April 4, 2023 12:25
@joamaki joamaki force-pushed the pr/joamaki/api-server-cell branch from 8a5b57a to 887aa16 Compare April 5, 2023 06:51
@joamaki
Copy link
Contributor Author

joamaki commented Apr 5, 2023

/test

@joamaki
Copy link
Contributor Author

joamaki commented Apr 5, 2023

/test-runtime

@joamaki joamaki marked this pull request as ready for review April 5, 2023 12:42
@joamaki joamaki requested review from a team as code owners April 5, 2023 12:42
@joamaki joamaki requested a review from pippolo84 April 5, 2023 12:42
@joamaki
Copy link
Contributor Author

joamaki commented Apr 11, 2023
edited by maintainer-s-little-helper bot

/test

Job 'Cilium-PR-K8s-1.16-kernel-4.19' failed:

Click to show.

Test Name

K8sDatapathConfig Host firewall With native routing

Failure Output

FAIL: Error deleting resource /home/jenkins/workspace/Cilium-PR-K8s-1.16-kernel-4.19/src/github.com/cilium/cilium/test/k8s/manifests/host-policies.yaml: Cannot retrieve "cilium-g8ckm"'s policy revision: cannot get policy revision: ""

Jenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.16-kernel-4.19/867/

If it is a flake and a GitHub issue doesn't already exist to track it, comment /mlh new-flake Cilium-PR-K8s-1.16-kernel-4.19 so I can create one.

@joamaki joamaki removed the dont-merge/needs-rebase This PR needs to be rebased because it has merge conflicts. label Apr 11, 2023
joestringer
joestringer reviewed Apr 11, 2023
View reviewed changes
Copy link
Member

@joestringer joestringer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to break this down into smaller chunks? 3K LoC for a review is too big.

(First two commits LGTM, I stopped after that)

daemon/restapi/api_limits_test.go Outdated Show resolved Hide resolved
@joamaki
Copy link
Contributor Author

joamaki commented Apr 12, 2023
edited

Is it possible to break this down into smaller chunks? 3K LoC for a review is too big.

(First two commits LGTM, I stopped after that)

There isn't that many changes. Most of the lines are regenerated code or documentation.
EDIT: On the other hand, the changes to the handlers were somewhat complicated, so let's split this up.

@joamaki joamaki force-pushed the pr/joamaki/api-server-cell branch 2 times, most recently from 5835434 to 076aae0 Compare April 13, 2023 06:46
@joamaki
Copy link
Contributor Author

joamaki commented Apr 14, 2023

/test

joestringer
joestringer approved these changes Apr 18, 2023
View reviewed changes
Copy link
Member

@joestringer joestringer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks innocent enough 👍 Were you able to figure out the solution to the question Andrew asked about above? I don't see it in the current copy of the code.

@joamaki
Copy link
Contributor Author

joamaki commented Apr 18, 2023

Looks innocent enough +1 Were you able to figure out the solution to the question Andrew asked about above? I don't see it in the current copy of the code.

Oh no, I forgot to push! Could you please take another look?

joamaki
joamaki commented Apr 18, 2023
View reviewed changes
api/v1/server.gotmpl
@@ -646,22 +584,3 @@ func (s *Server) TLSListener() (net.Listener, error) {
return s.httpsServerL, nil
}

func handleInterrupt(once *sync.Once, s *Server) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've removed the signal handling as it's now done by hive in both the agent and the operator, and I checked that hubble-relay which uses the health server also does signal handling itself.

@joamaki
api/v1: Modularize API server
eecc826 
This implements server.Cell that takes in the API handlers individually rather
than relying on some central place to construct "CiliumAPIAPI".

Example use:

  import (
	"github.com/cilium/cilium/api/v1/server
	"github.com/cilium/cilium/api/v1/server/restapi/endpoint"
  )

  h := hive.New(
    endpointmanager.Cell,
    server.Cell,
    cell.Provide(newGetEndpointHandler),
  )

  func newGetEndpointHandler(em endpointmanager.EndpointManager) endpoint.EndpointGetEndpointHandler {
    // Implement EndpointGetEndpointHandler with the endpoint manager.
  }


Signed-off-by: Jussi Maki <jussi@isovalent.com>
@joamaki
daemon: Pass daemonParams to newDaemon
3f5f292 
Too many parameters in newDaemon, so just pass the daemonParams
as-is.

Signed-off-by: Jussi Maki <jussi@isovalent.com>
@joamaki
api/v1: Implement proper shutdown and cleanup cruft
edd7eaa 
Refactor the server Stop() to respect the hook timeout and
forcefully terminate active connections.

Remove unused code from the template.

Signed-off-by: Jussi Maki <jussi@isovalent.com>
bimmlerd
bimmlerd approved these changes Apr 18, 2023
View reviewed changes
Copy link
Member

@bimmlerd bimmlerd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm in this slimmed down form

api/v1/health/server/server.go Show resolved Hide resolved
@joamaki
Copy link
Contributor Author

joamaki commented Apr 19, 2023

/test

pippolo84
pippolo84 approved these changes Apr 19, 2023
View reviewed changes
Copy link
Member

@pippolo84 pippolo84 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! 🚀

@joamaki
Copy link
Contributor Author

joamaki commented Apr 19, 2023
edited

Few failing tests due to transient apt install failures and temp VM provisioning failure. All relevant tests pass, so marking ready to merge.

@joamaki joamaki added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Apr 19, 2023
@ldelossa ldelossa merged commit 5ca3696 into cilium:main Apr 19, 2023
54 of 57 checks passed
dylandreimerink
dylandreimerink approved these changes Apr 19, 2023
View reviewed changes
Copy link
Member

@dylandreimerink dylandreimerink left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice!

@joamaki joamaki mentioned this pull request May 22, 2023
Merged
@sayboras sayboras mentioned this pull request Jun 2, 2023
Merged
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joestringer joestringer joestringer approved these changes

@pippolo84 pippolo84 pippolo84 approved these changes

@dylandreimerink dylandreimerink dylandreimerink approved these changes

@bimmlerd bimmlerd bimmlerd approved these changes

@nebril nebril Awaiting requested review from nebril nebril was automatically assigned from cilium/sig-policy

@tommyp1ckles tommyp1ckles Awaiting requested review from tommyp1ckles tommyp1ckles was automatically assigned from cilium/metrics

@jrajahalme jrajahalme Awaiting requested review from jrajahalme jrajahalme was automatically assigned from cilium/ipcache

@nathanjsweet nathanjsweet Awaiting requested review from nathanjsweet nathanjsweet is a code owner automatically assigned from cilium/api

@asauber asauber Awaiting requested review from asauber

Assignees
No one assigned
Labels
ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
8 participants
@joamaki @joestringer @pippolo84 @dylandreimerink @asauber @bimmlerd @nathanjsweet @ldelossa