api: add namespace as part of endpoint external identifiers #10038
Conversation
* Fixes #9331 Signed-off-by: Deepesh Pathak <deepshpathak@gmail.com>
aanm
added
the
dont-merge/wait-until-release
|
Release note label not set, please set the appropriate release note. |
aanm
removed
the
dont-merge/wait-until-release
aanm
added
pending-review
release-note/misc
|
test-me-please |
1 similar comment
|
test-me-please |
| @@ -215,6 +215,7 @@ func (e *Endpoint) GetModelRLocked() *models.Endpoint { | |||
| DockerEndpointID: e.dockerEndpointID, | |||
| DockerNetworkID: e.dockerNetworkID, | |||
| PodName: e.getK8sNamespaceAndPodName(), | |||
There was a problem hiding this comment.
The PodName already contains the namespace (getK8sNamespaceAndPodName() returns the format namespace/podname). I don't quite understand the reason to add the namespace as a separate field.
There was a problem hiding this comment.
We have been unnecessarily parsing the namespace from this field in places that use the podname. That's why the reason of adding a dedicated field. This field can be misleading as it specifies that is a pod name which it isn't, it's a namespace + pod name. Maybe this PR should also populate this field with the pod name only.
There was a problem hiding this comment.
Note that the PodName field is currently parsed by Hubble, thus
removing the namespace from PodName would be a breaking API change (and therefore breaking Hubble), see:
https://github.com/cilium/hubble/blob/5d60255e1190b135959464bfac3954eaec215a51/pkg/parser/endpoint/endpoint.go#L36
It is probably something we can mitigate in Hubble (by checking for the availability of the Namespace field, and falling back to the old behavior if missing), but there might be other consumers that assume PodName contains the namespace.
There was a problem hiding this comment.
To clarify, I'm fine with changing the contents of PodName to only contain the pod name. We will just have to do the corresponding PR in Hubble ASAP.
However as the PR is right now, I don't understand what problem it actually solves. Consumers that want the pod name still have to parse the namespace away, and I'm not aware of any consumers that are only interested in the namespace.
In any case, thanks for the PR @fristonio :)
There was a problem hiding this comment.
As an alternative proposal, we could deprecate the above pod-name as is (i.e. it will stick to the current ns/pod format and mention in its description that it is deprecated), and introduce k8s-pod-name and k8s-pod-namespace fields that only contain the pod name or namespace respectively.
There was a problem hiding this comment.
@gandro That makes sense because we have that concept already in our API
cilium/api/v1/models/endpoint_change_request.go
Lines 53 to 57 in 8a3ef84
Maybe we should call it k8s-namespace to be similar to this field ^^^^
There was a problem hiding this comment.
Yeah, this sounds good. I will update the PR with the required changes.
Signed-off-by: Deepesh Pathak <deepshpathak@gmail.com>
|
test-me-please |
2 similar comments
|
test-me-please |
|
test-me-please |
|
test-me-please |
This change is