cmd: get ep with labels, pod / container name, ID #1139
Conversation
pkg/option/option.go
Outdated
| return mutable | ||
| } | ||
|
|
||
| func (bo *BoolOptions) GetImmutableModel() models.ConfigurationMap { |
There was a problem hiding this comment.
exported method BoolOptions.GetImmutableModel should have comment or be unexported
pkg/option/option.go
Outdated
| @@ -121,6 +121,25 @@ type BoolOptions struct { | |||
| Library *OptionLibrary `json:"-"` | |||
| } | |||
|
|
|||
| func (bo *BoolOptions) GetMutableModel() models.ConfigurationMap { | |||
There was a problem hiding this comment.
exported method BoolOptions.GetMutableModel should have comment or be unexported
pkg/endpointmanager/manager.go
Outdated
| @@ -180,6 +218,16 @@ func LookupLocked(id string) (*endpoint.Endpoint, error) { | |||
| case endpoint.DockerEndpointPrefix: | |||
| return lookupDockerEndpointLocked(eid), nil | |||
|
|
|||
| case endpoint.ContainerNamePrefix: | |||
| log.Warningf("looking up container name: %s", eid) | |||
| for k, _ := range endpointsAux { | |||
There was a problem hiding this comment.
should omit 2nd value from range; this loop is equivalent to for k := range ...
pkg/endpointmanager/manager.go
Outdated
| if ep, ok := endpointsAux[endpoint.NewID(endpoint.ContainerIdPrefix, id)]; ok { | ||
| return ep | ||
| } | ||
|
|
||
|
|
||
| for k, _ := range endpointsAux { |
There was a problem hiding this comment.
should omit 2nd value from range; this loop is equivalent to for k := range ...
daemon/endpoint.go
Outdated
| d *Daemon | ||
| } | ||
|
|
||
| func NewGetEndpointsHandler(d *Daemon) GetEndpointsHandler { |
There was a problem hiding this comment.
exported function NewGetEndpointsHandler should have comment or be unexported
daemon/endpoint.go
Outdated
| ) | ||
|
|
||
| //"github.com/cilium/cilium/pkg/nodeaddress" |
There was a problem hiding this comment.
comment on exported method Daemon.SetEndpointIdentity should be of the form "SetEndpointIdentity ..."
pkg/endpointmanager/manager.go
Outdated
| if ep, ok := endpointsAux[endpoint.NewID(endpoint.ContainerIdPrefix, id)]; ok { | ||
| return ep | ||
| } | ||
|
|
||
| for k, _ := range endpointsAux { |
There was a problem hiding this comment.
should omit 2nd value from range; this loop is equivalent to for k := range ...
daemon/endpoint.go
Outdated
| ) | ||
|
|
||
| //"github.com/cilium/cilium/pkg/nodeaddress" |
There was a problem hiding this comment.
comment on exported method Daemon.SetEndpointIdentity should be of the form "SetEndpointIdentity ..."
daemon/endpoint.go
Outdated
| ) | ||
|
|
||
| //"github.com/cilium/cilium/pkg/nodeaddress" |
There was a problem hiding this comment.
comment on exported method Daemon.SetEndpointIdentity should be of the form "SetEndpointIdentity ..."
daemon/endpoint.go
Outdated
| ) | ||
|
|
||
| //"github.com/cilium/cilium/pkg/nodeaddress" |
There was a problem hiding this comment.
comment on exported method Daemon.SetEndpointIdentity should be of the form "SetEndpointIdentity ..."
pkg/option/option.go
Outdated
| return mutable | ||
| } | ||
|
|
||
| // GetMutableModel returns immutable configuration options as a ConfigurationMap model. |
There was a problem hiding this comment.
comment on exported method BoolOptions.GetImmutableModel should be of the form "GetImmutableModel ..."
daemon/endpoint.go
Outdated
| d *Daemon | ||
| } | ||
|
|
||
| // NewGetEndpoints handler returns a new getEndpoints populated with provided Daemon. |
There was a problem hiding this comment.
comment on exported function NewGetEndpointsHandler should be of the form "NewGetEndpointsHandler ..."
pkg/option/option.go
Outdated
| return mutable | ||
| } | ||
|
|
||
| // GetMutableModel returns immutable configuration options as a ConfigurationMap model. |
There was a problem hiding this comment.
comment on exported method BoolOptions.GetImmutableModel should be of the form "GetImmutableModel ..."
daemon/endpoint.go
Outdated
| d *Daemon | ||
| } | ||
|
|
||
| // NewGetEndpoints handler returns a new getEndpoints populated with provided Daemon. |
There was a problem hiding this comment.
comment on exported function NewGetEndpointsHandler should be of the form "NewGetEndpointsHandler ..."
pkg/option/option.go
Outdated
| return mutable | ||
| } | ||
|
|
||
| // GetMutableModel returns immutable configuration options as a ConfigurationMap model. |
There was a problem hiding this comment.
comment on exported method BoolOptions.GetImmutableModel should be of the form "GetImmutableModel ..."
daemon/endpoint.go
Outdated
| d *Daemon | ||
| } | ||
|
|
||
| // NewGetEndpoints handler returns a new getEndpoints populated with provided Daemon. |
There was a problem hiding this comment.
comment on exported function NewGetEndpointsHandler should be of the form "NewGetEndpointsHandler ..."
pkg/option/option.go
Outdated
| return mutable | ||
| } | ||
|
|
||
| // GetMutableModel returns immutable configuration options as a ConfigurationMap model. |
There was a problem hiding this comment.
comment on exported method BoolOptions.GetImmutableModel should be of the form "GetImmutableModel ..."
daemon/endpoint.go
Outdated
| d *Daemon | ||
| } | ||
|
|
||
| // NewGetEndpoints handler returns a new getEndpoints populated with provided Daemon. |
There was a problem hiding this comment.
comment on exported function NewGetEndpointsHandler should be of the form "NewGetEndpointsHandler ..."
pkg/option/option.go
Outdated
| return mutable | ||
| } | ||
|
|
||
| // GetMutableModel returns immutable configuration options as a ConfigurationMap model. |
There was a problem hiding this comment.
comment on exported method BoolOptions.GetImmutableModel should be of the form "GetImmutableModel ..."
daemon/endpoint.go
Outdated
| d *Daemon | ||
| } | ||
|
|
||
| // NewGetEndpoints handler returns a new getEndpoints populated with provided Daemon. |
There was a problem hiding this comment.
comment on exported function NewGetEndpointsHandler should be of the form "NewGetEndpointsHandler ..."
ianvernon
force-pushed
the
675-endpoint-get-enhancements
branch
2 times, most recently
from
f8293f8
to
c54bfbf
Compare
ianvernon
changed the title
daemon/docker_watcher.go
Outdated
| @@ -249,6 +255,21 @@ func (d *Daemon) handleCreateContainer(id string, retry bool) { | |||
| } | |||
| } | |||
|
|
|||
| if ep != nil { | |||
There was a problem hiding this comment.
Just move this to below the ep ==nil condition so you don't have to check for ep != nil
daemon/docker_watcher.go
Outdated
| if d.conf.IsK8sEnabled() { | ||
| if dockerContainer.Config != nil { | ||
| podNamespace := k8sDockerLbls.GetPodNamespace(dockerContainer.Config.Labels) | ||
| podName := k8sDockerLbls.GetPodName(dockerContainer.Config.Labels) |
There was a problem hiding this comment.
Does this trigger another API call to the API server? If so, can we restructure the code to retrieve this when we already fetch them via getFilteredLabels()?
There was a problem hiding this comment.
These calls to GetPodNamespace and GetPodName are lookups into the map dockerContainer.Config.Labels for io.kubernetes.pod.name and io.kubernetes.pod.namespace - so they are not calls to the API server.
daemon/endpoint.go
Outdated
| args.Add("label", v) | ||
| } | ||
|
|
||
| containers, err := h.d.dockerClient.ContainerList(ctx.Background(), types.ContainerListOptions{ |
There was a problem hiding this comment.
This is not a good idea. This will potentially block this API call for a long time. We should fetch and store the docker labels with the endpoint when we receive the create event and then just look for local endpoints which match the labels.
pkg/endpoint/endpoint.go
Outdated
| State string | ||
| ID uint16 // Endpoint ID. | ||
| Mutex sync.RWMutex // Protects all variables from this structure below this line | ||
| DockerContainerName string // Docker container name. |
There was a problem hiding this comment.
Can we call this ContainerName? We will rename the DockerID to ContainerID as well later.
pkg/endpoint/id.go
Outdated
| @@ -47,6 +49,9 @@ func NewID(prefix PrefixType, id string) string { | |||
| func SplitID(id string) (PrefixType, string) { | |||
| if s := strings.Split(id, ":"); len(s) == 2 { | |||
| return PrefixType(s[0]), s[1] | |||
| } else if len(s) == 3 { | |||
| // PodNamePrefix case. | |||
There was a problem hiding this comment.
Can you add an example here on how the id looks like to make it clear?
api/v1/openapi.yaml
Outdated
| @@ -224,6 +224,27 @@ paths: | |||
| x-go-name: Failed | |||
| schema: | |||
| "$ref": "#/definitions/Error" | |||
| "/endpoints/": | |||
There was a problem hiding this comment.
Why not extending the /endpoint/ on line 170?
There was a problem hiding this comment.
/endpoint/ returns one endpoint, while /endpoints/ returns an array of endpoints. I'm open to moving this under /endpoint/, though and changing /endpoint/ to return a list of endpoints as well.
There was a problem hiding this comment.
"/endpoint":
get:
summary: Get list of all endpoints
description: |
Returns an array of all local endpoints.
There was a problem hiding this comment.
You're right :) I've made this change as part of my most recent commit.
cilium/cmd/endpoint_get.go
Outdated
| if len(lbls) > 0 { | ||
| params := endpointApi.NewGetEndpointsParams().WithLabels(lbls) | ||
| if e, err := client.Endpoint.GetEndpoints(params); err != nil { | ||
| Fatalf("Cannot get endpoint for given list of labels %s: %s\n", lbls, err) |
There was a problem hiding this comment.
"endpoint", as a single endpoint? We can have multiple endpoints using the same list of labels.
daemon/endpoint.go
Outdated
| "github.com/go-openapi/runtime/middleware" | ||
| ctx "golang.org/x/net/context" |
There was a problem hiding this comment.
can't you replace with ctx "context"?
daemon/endpoint.go
Outdated
| } | ||
|
|
||
| containers, err := h.d.dockerClient.ContainerList(ctx.Background(), types.ContainerListOptions{ | ||
| Size: true, |
There was a problem hiding this comment.
Do you need the Size of the containers?
There was a problem hiding this comment.
I have removed interacting with the Docker client in my most recent upload.
daemon/endpoint.go
Outdated
|
|
||
| containers, err := h.d.dockerClient.ContainerList(ctx.Background(), types.ContainerListOptions{ | ||
| Size: true, | ||
| All: true, |
There was a problem hiding this comment.
All includes dead containers, not sure if we need it as well.
There was a problem hiding this comment.
I have removed interacting with the Docker client in my most recent upload.
cilium/cmd/config.go
Outdated
| @@ -75,6 +75,8 @@ func configDaemon(cmd *cobra.Command, opts []string) { | |||
|
|
|||
There was a problem hiding this comment.
Why part of the cilium config command? I think it should make more sense as part of the cilium status on the K8s api server
There was a problem hiding this comment.
I had added this change initially as part of this commit, but ended up not needing it. Figured it might be useful if we added more visibility into what the configuration of Cilium is as part of the API, but I'm open to removing it as part of this patch. What do you think?
There was a problem hiding this comment.
Removed this in most recent upload.
pkg/endpoint/endpoint.go
Outdated
| if !found { | ||
| log.Warningf("HasLabels: label %v not found, returning false", v) | ||
| return false | ||
| } else { |
There was a problem hiding this comment.
if block ends with a return statement, so drop this else and outdent its block
| endpointmanager.Mutex.RUnlock() | ||
| wg.Wait() | ||
| return NewGetEndpointOK().WithPayload(eps) | ||
| } else { |
There was a problem hiding this comment.
if block ends with a return statement, so drop this else and outdent its block
ianvernon
force-pushed
the
675-endpoint-get-enhancements
branch
from
bd5370f
to
fc41fa4
Compare
* add new fields to Endpoint (pod-name, container-name) * GET /endpoint now takes an optional array of labels to return a list of endpoints whose labels match the provided array. Signed-off by: Ian Vernon <ian@covalent.io>
ianvernon
force-pushed
the
675-endpoint-get-enhancements
branch
3 times, most recently
from
6dcea37
to
8b59d43
Compare
* daemon: add handlers for new /endpoints API, update endpoint structures with container ID / pod name * pkg/endpoint: support new API models * pkg/endpointmanager: add pod name, container name entries as keys mapping to endpoints * pkg/labels: change Orchestration labels -> OrchestrationIdentity labels (labels used in computing a security identity) and OrchrestationInfo labels (labels not used in computing a security identity) `cilium endpoint get` now supports the following: * `cilium endpoint get -l <set of labels>` * `cilium endpoint get <eID, pod name, container name, etc.>` Signed-off by: Ian Vernon <ian@covalent.io>
ianvernon
force-pushed
the
675-endpoint-get-enhancements
branch
from
8b59d43
to
df64441
Compare
cmd: get ep with labels, pod / container name, ID
cilium endpoint getnow supports the following:cilium endpoint get -l <set of labels>cilium endpoint get <eID, pod name, container name, etc.>api: add pod / container name, labels for GET ep
Signed-off by: Ian Vernon ian@covalent.io