Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prepend Envoy resources with CEC namespace and name #21500

Merged
merged 3 commits into from
Oct 17, 2022
Merged

Prepend Envoy resources with CEC namespace and name #21500

merged 3 commits into from
Oct 17, 2022

Conversation

pippolo84
Copy link
Member

@pippolo84 pippolo84 commented Sep 29, 2022
edited
Loading

This PR changes the naming of Envoy Listeners and Routes resources.
To avoid possible name clashing between resources in different namespaces, each Envoy Listener and Route name is prepended with its CEC namespace and name.
This is done while translating the CEC specifications to generate the Envoy config, and not during CEC creation. Thanks to this, a user generated CEC does not need to use the format to be similar to an operator-generated CEC.

Relates #19698 #20655

@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Sep 29, 2022
@pippolo84 pippolo84 changed the title Prepend Envoy resources with CEC namespace and name [WIP] Prepend Envoy resources with CEC namespace and name Sep 29, 2022
@maintainer-s-little-helper
Copy link

Commit be4fb78fa82352bc3697521887df29ff45e2af43 does not contain "Signed-off-by".

Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin

@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-sign-off The author needs to add signoff to their commits before merge. label Sep 29, 2022
@pippolo84 pippolo84 force-pushed the pr/pippolo84/envoy-resources-prefix branch from f458fdc to eb2b98d Compare September 29, 2022 15:38
@maintainer-s-little-helper
Copy link

Commit 826d2f53ebdffe009d2ea8e8ccd167ca9cd94fe2 does not contain "Signed-off-by".

Please follow instructions provided in https://docs.cilium.io/en/stable/contributing/development/contributing_guide/#developer-s-certificate-of-origin

@pippolo84 pippolo84 force-pushed the pr/pippolo84/envoy-resources-prefix branch from eb2b98d to 6c475f1 Compare October 3, 2022 14:03
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-sign-off The author needs to add signoff to their commits before merge. label Oct 3, 2022
@pippolo84 pippolo84 force-pushed the pr/pippolo84/envoy-resources-prefix branch 3 times, most recently from ad74ecb to b24235b Compare October 4, 2022 15:35
@pippolo84 pippolo84 added area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. release-note/minor This PR changes functionality that users may find relevant to operating Cilium. area/servicemesh GH issues or PRs regarding servicemesh labels Oct 4, 2022
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Oct 4, 2022
@pippolo84 pippolo84 marked this pull request as ready for review October 4, 2022 21:11
@pippolo84 pippolo84 requested review from a team as code owners October 4, 2022 21:11
@pippolo84 pippolo84 changed the title [WIP] Prepend Envoy resources with CEC namespace and name Prepend Envoy resources with CEC namespace and name Oct 4, 2022
sayboras
sayboras reviewed Oct 5, 2022
View reviewed changes
Copy link
Member

@sayboras sayboras left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

one minor comment/suggestion on calling GetName() and GetNamespace() directly, the rest looks good to me.

Also, I just want to highlight one thing. While the diff in this PR looks simple, there are a lot of efforts from Fabio on this work 🥇

pkg/k8s/watchers/cilium_envoy_config.go Outdated Show resolved Hide resolved
pkg/k8s/watchers/cilium_envoy_config.go Outdated Show resolved Hide resolved
pkg/k8s/watchers/cilium_envoy_config.go Outdated Show resolved Hide resolved
This was referenced Oct 5, 2022
Closed
Closed
@sayboras
Copy link
Member

sayboras commented Oct 5, 2022
edited
Loading

One more comment I have is to just take a quick on existing docs, and make any update to shorten the names if there is any place we create CiliumEnvoyConfig manually. This could be done in subsequent PR.

@pippolo84
Copy link
Member Author

one minor comment/suggestion on calling GetName() and GetNamespace() directly, the rest looks good to me.

Also, I just want to highlight one thing. While the diff in this PR looks simple, there are a lot of efforts from Fabio on this work 1st_place_medal

I'm gonna fix the nits. Thank you for the kind words and all the support!

@pippolo84 pippolo84 force-pushed the pr/pippolo84/envoy-resources-prefix branch from b24235b to a98bdd5 Compare October 5, 2022 12:32
@sayboras
Copy link
Member

sayboras commented Oct 8, 2022

/test

@sayboras sayboras added this to the v1.13.0-rc2 milestone Oct 9, 2022
@sayboras
Copy link
Member

/test-1.25-net-next

@aanm aanm self-requested a review October 10, 2022 13:26
@julianwiedmann
Copy link
Member

FYI, resolving the failures in 1.25-net-next requires a rebase. There are some new/updated tests that depend on recent cilium changes (ie. another case of #15474).

@pippolo84
Copy link
Member Author

FYI, resolving the failures in 1.25-net-next requires a rebase. There are some new/updated tests that depend on recent cilium changes (ie. another case of #15474).

Oh, nice, thank you.

@pippolo84
ingress/translation: Do not specify listener name
7ec8d0a 
Avoid specifying the listener name in the ServiceListener. Leaving it
empty, Envoy will automatically pick the first one available.

Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
@pippolo84
ingress/translation: Remove "namespace-name" from listeners
ba10419 
Simplify the naming of listeners in CEC, removing both CEC namespace and
name.
This is done to avoid differences between CECs generated by the operator
and handcrafted CECs.

Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
@pippolo84 pippolo84 force-pushed the pr/pippolo84/envoy-resources-prefix branch from a98bdd5 to d9abdf3 Compare October 11, 2022 08:31
@pippolo84
Copy link
Member Author

/test

@pippolo84
Copy link
Member Author

/test-1.16-4.9

@pippolo84
Copy link
Member Author

/test-1.23-5.4

aanm
aanm requested changes Oct 11, 2022
View reviewed changes
Copy link
Member

@aanm aanm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sayboras will this change the CECs names? If yes do we need to worry about upgrades?

pkg/envoy/ciliumenvoyconfig.go Outdated
Comment on lines 772 to 792
// resourceQualifiedName returns the qualified name of an Envoy resource,
// prepending CEC namespace and CEC name to the resource name and using
// "-" as a separator.
// In case of an empty CEC namespace or an empty CEC name, leading separators
// are stripped away.
func resourceQualifiedName(namespace, name, resource string) string {
var sb strings.Builder

if namespace != "" {
sb.WriteString(namespace)
sb.WriteRune('-')
}
if name != "" {
sb.WriteString(name)
sb.WriteRune('-')
}
sb.WriteString(resource)

return sb.String()
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The resourceQualifiedName will not work in the case that one resource has the same namespace name as the other resource:
resource-1 namespace: foo
resource-1 name: bar
resource-1 resource: hello

resource-2 namespace:
resource-2 name: foo-bar
resource-2 resource: hello

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ouch. What about using two different separators, like namespace/name-resource? That should do the trick.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the above example is kind of escaped bug we have before (e.g. in 1.12), I noticed about it a little bit later 1.12 release.

Due to the below comment, changing listener name will cause some packet drop, so we can either:

  • keep the same name as 1.12 so that upgrade will work, or
  • change separator convention to fix the potential name overlapping bug

@pippolo84 pippolo84 force-pushed the pr/pippolo84/envoy-resources-prefix branch from d9abdf3 to 59988a7 Compare October 11, 2022 14:38
@pippolo84 pippolo84 requested a review from aanm October 11, 2022 16:30
@pippolo84
envoy: Prepend CEC namespace and name to resources
eaea7f4 
Prepend CEC namespace and name to Envoy Listeners and Routes resources.
This will avoid name clashing between resources that belong to different
namespaces.

Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
@pippolo84 pippolo84 force-pushed the pr/pippolo84/envoy-resources-prefix branch from 59988a7 to eaea7f4 Compare October 17, 2022 08:31
@pippolo84
Copy link
Member Author

/test

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Oct 17, 2022
@qmonnet qmonnet merged commit ae16e2b into cilium:master Oct 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sayboras sayboras sayboras approved these changes

@nebril nebril nebril approved these changes

@aanm aanm aanm approved these changes

Assignees
No one assigned
Labels
area/proxy Impacts proxy components, including DNS, Kafka, Envoy and/or XDS servers. area/servicemesh GH issues or PRs regarding servicemesh ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/minor This PR changes functionality that users may find relevant to operating Cilium.
Projects
None yet
Milestone
v1.13.0-rc2
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@pippolo84 @sayboras @julianwiedmann @nebril @aanm @qmonnet