Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

auth: auth map cache #25634

Merged
merged 2 commits into from May 26, 2023
Merged

auth: auth map cache #25634

merged 2 commits into from May 26, 2023

Conversation

mhofstetter
Copy link
Member

In preparation for the auth map garbage collection (#25213), this PR adds a caching layer for the auth map.

auth: rename authenticator to internal authmap abstraction

With the replacement of the contrack map with the auth map, the authenticator interface is no longer necessary.

Therefore, this commit reuses and refactores the interface for an internal abstraction of the auth map itself - which will be reused in the cache implementation.

The new interface and its types are moved from the manager to its own file authmap.go.

auth: auth map cache implementation

This commit introduces a caching layer for the auth map.

The intention of the cache is to be used as replacement for the auth writer itself and acts as an write/read-through cache.

At startup, the cache gets restored with entries from the BPF map.

@mhofstetter mhofstetter added release-note/misc This PR makes changes that have no direct user impact. area/servicemesh GH issues or PRs regarding servicemesh labels May 24, 2023
@mhofstetter mhofstetter requested a review from a team as a code owner May 24, 2023 06:41
@mhofstetter mhofstetter requested a review from meyskens May 24, 2023 06:41
@mhofstetter
auth: rename authenticator to internal authmap abstraction
7e64865 
With the replacement of the contrack map with the auth map, the
authenticator interface is no longer necessary.

Therefore, this commit reuses the interface for an internal abstraction
of the auth map itself - which will be reused in the cache
implementation.

The new interface and its types are moved from the manager to its own
file `authmap.go`.

Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
@mhofstetter mhofstetter force-pushed the pr/mhofstetter/authmap-cache branch from 2ace740 to 107166d Compare May 25, 2023 11:12
@mhofstetter
auth: auth map cache implementation
6de0440 
This commit introduces a caching layer for the auth map.

The intention of the cache is to be used as replacement for the auth
writer itself and acts as an write/read-through cache.

At startup, the cache gets restored with entries from the BPF map.

Signed-off-by: Marco Hofstetter <marco.hofstetter@isovalent.com>
@mhofstetter mhofstetter force-pushed the pr/mhofstetter/authmap-cache branch from 107166d to 6de0440 Compare May 25, 2023 15:30
@mhofstetter
Copy link
Member Author

changed the order of lifecycle hook registration - so the cache gets restored before starting the manager

meyskens
meyskens approved these changes May 26, 2023
View reviewed changes
Copy link
Member

@meyskens meyskens left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for adressing the export comment :)

LGTM for me

@mhofstetter
Copy link
Member Author

/test

@mhofstetter mhofstetter added the kind/feature This introduces new functionality. label May 26, 2023
@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label May 26, 2023
@squeed squeed merged commit 11ceff1 into cilium:main May 26, 2023
58 checks passed
@mhofstetter mhofstetter deleted the pr/mhofstetter/authmap-cache branch August 29, 2023 07:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@meyskens meyskens meyskens approved these changes

Assignees
No one assigned
Labels
area/servicemesh GH issues or PRs regarding servicemesh kind/feature This introduces new functionality. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@mhofstetter @meyskens @squeed