New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
clustermesh-apiserver: rework identities, endpoints and nodes synchronization to improve performance #25049
clustermesh-apiserver: rework identities, endpoints and nodes synchronization to improve performance #25049
Conversation
7c3108f
to
82347ca
Compare
82347ca
to
91e3a44
Compare
91e3a44
to
f8fef13
Compare
/ci-multicluster |
b2edfa2
to
a0428a0
Compare
Force pushed to rebase onto main and resolve conflicts. |
e121ac1
to
7dd2cd5
Compare
7611b3c
to
466af29
Compare
Rebased onto main to fix conflicts. I've also added one additional commit to drop the temporary backend global variable introduced in #25554, since no longer necessary. |
/test |
466af29
to
8bf6550
Compare
/test |
8bf6550
to
e323efc
Compare
Rebased onto main to fix conflicts. |
/test Job 'Cilium-PR-K8s-1.26-kernel-net-next' failed: Click to show.Test Name
Failure Output
Jenkins URL: https://jenkins.cilium.io/job/Cilium-PR-K8s-1.26-kernel-net-next/384/ If it is a flake and a GitHub issue doesn't already exist to track it, comment Then please upload the Jenkins artifacts to that issue. |
e323efc
to
d3c19cb
Compare
Rebased onto main to fix conflicts. |
/test |
Let's change the NewWorkqueueSyncStore function to always take the clusterName as parameter, rather than relying on an option. This prevents inadvertently forgetting to set it. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
This commit extends the IPIdentityPair struct implementing the store.Key interface, to allow reading/writing it through the store abstractions. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
Add the CiliumSlimEndpointResource constructor, to be leveraged by the clustermesh-apiserver to improve the synchronization logic. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
This preparatory commit introduces the `synchronize` helper function to the clustermesh-apiserver, which will be subsequently used to uniform the synchronization process of the different resources from kubernetes to the kvstore. Essentially, the goal is to replace the vanilla informers with the "Resource[T]" abstraction, which better fits in the hive/cell paradigm and reduces the amount of boilerplate code. Each received event is then fed into the specific `synchronizer` implementation (to be introduced in the subsequent commits). It will take care of converting the object into the appropriate kvstore representation, and synchronizing it as required. Note: the synchronizer interface is not generic, since that approach turned out to cause issues with the `unused` linter, which failed to recognize the different type-specific implementations as actually used. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
This commit modifies the clustermesh-apiserver to read CiliumNodes through the Resource[T] abstraction rather than a vanilla informer, and synchronize them through the WorkqueueSyncStore. This ensures consistent behavior across all resource types (i.e., the retry logic is implemented by the SyncStore, rather than through the Resource[T] underlying workqueue). This approach has several advantages compared to the previous implementation, including: * Enables retrying kvstore operations in case of temporary failures; * Performs coalescencing in case of multiple updates for the same key; * Simplifies the overall logic, since conversions and sanity checks are already performed by the Resource[T] abstraction. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
This commit modifies the clustermesh-apiserver to read CiliumIdentities through the Resource[T] abstraction rather than a vanilla informer, and synchronize them through the WorkqueueSyncStore. This ensures consistent behavior across all resource types (i.e., the retry logic is implemented by the SyncStore, rather than through the Resource[T] underlying workqueue). This approach has several advantages compared to the previous implementation, including: * Enables retrying kvstore operations in case of temporary failures; * Performs coalescencing in case of multiple updates for the same key; * Simplifies the overall logic, since conversions and sanity checks are already performed by the Resource[T] abstraction. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
This commit modifies the clustermesh-apiserver to read CiliumEndpoints through the Resource[T] abstraction rather than a vanilla informer, and synchronize them through the WorkqueueSyncStore. This ensures consistent behavior across all resource types (i.e., the retry logic is implemented by the SyncStore, rather than through the Resource[T] underlying workqueue). This approach has several advantages compared to the previous implementation, including: * Enables retrying kvstore operations in case of temporary failures; * Performs coalescencing in case of multiple updates for the same key; * Simplifies the overall logic, since conversions and sanity checks are already performed by the Resource[T] abstraction. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
d3c19cb
to
b188c84
Compare
/test |
The temporary global backend variable is now only used in a very limited number of places. Let's propagate that parameter and drop the global variable. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
b188c84
to
a4f3f26
Compare
/test |
All reviews from codeowners are in, and all tests are green. Marking as ready to merge |
This PR modifies the clustermesh-apiserver implementation to use the Resource[T] abstraction to retrieve CiliumIdentities, CiliumNodes and CiliumEndpoints from Kubernetes, rather than a vanilla informer, and synchronize them through the WorkqueueSyncStore. This ensures consistent behavior across all resource types (i.e., the retry logic is implemented by the SyncStore, rather than through the Resource[T] underlying workqueue).
This approach has several advantages, including:
Please, refer to the commit descriptions for more details about the individual changes.
Related: #25562