refactor: separate from ratelimit infrastructure logic for easy maint…

…enance. Signed-off-by: Qicz <qiczzhu@gmail.com>
envoyproxy · Feb 8, 2023 · cf9e77d · cf9e77d
1 parent 1b26380
commit cf9e77d
Show file tree

Hide file tree

Showing 11 changed files with 393 additions and 317 deletions.
diff --git a/internal/infrastructure/kubernetes/configmap.go b/internal/infrastructure/kubernetes/configmap.go
@@ -94,44 +94,6 @@ func expectedProxyConfigMapName(proxyName string) string {
 	return fmt.Sprintf("%s-%s", config.EnvoyPrefix, cMapName)
 }
 
-// expectedRateLimitConfigMap returns the expected ConfigMap based on the provided infra.
-func (i *Infra) expectedRateLimitConfigMap(infra *ir.RateLimitInfra) *corev1.ConfigMap {
-	labels := rateLimitLabels()
-	data := make(map[string]string)
-
-	for _, config := range infra.Configs {
-		data[config.Name] = config.Config
-	}
-
-	return &corev1.ConfigMap{
-		ObjectMeta: metav1.ObjectMeta{
-			Namespace: i.Namespace,
-			Name:      rateLimitInfraName,
-			Labels:    labels,
-		},
-		Data: data,
-	}
-}
-
-// createOrUpdateRateLimitConfigMap creates a ConfigMap in the Kube api server based on the provided
-// infra, if it doesn't exist and updates it if it does.
-func (i *Infra) createOrUpdateRateLimitConfigMap(ctx context.Context, infra *ir.RateLimitInfra) error {
-	cm := i.expectedRateLimitConfigMap(infra)
-	return i.createOrUpdateConfigMap(ctx, cm)
-}
-
-// deleteProxyConfigMap deletes the Envoy ConfigMap in the kube api server, if it exists.
-func (i *Infra) deleteRateLimitConfigMap(ctx context.Context, _ *ir.RateLimitInfra) error {
-	cm := &corev1.ConfigMap{
-		ObjectMeta: metav1.ObjectMeta{
-			Namespace: i.Namespace,
-			Name:      rateLimitInfraName,
-		},
-	}
-
-	return i.deleteConfigMap(ctx, cm)
-}
-
 func (i *Infra) createOrUpdateConfigMap(ctx context.Context, cm *corev1.ConfigMap) error {
 	current := &corev1.ConfigMap{}
 	key := types.NamespacedName{

diff --git a/internal/infrastructure/kubernetes/deployment.go b/internal/infrastructure/kubernetes/deployment.go
@@ -305,144 +305,6 @@ func (i *Infra) deleteProxyDeployment(ctx context.Context, infra *ir.Infra) erro
 	return i.deleteDeployment(ctx, deploy)
 }
 
-// expectedRateLimitDeployment returns the expected rate limit Deployment based on the provided infra.
-func (i *Infra) expectedRateLimitDeployment(infra *ir.RateLimitInfra) *appsv1.Deployment {
-	containers := expectedRateLimitContainers(infra)
-	labels := rateLimitLabels()
-	selector := getSelector(labels)
-
-	ret := &appsv1.Deployment{
-		TypeMeta: metav1.TypeMeta{
-			Kind:       "Deployment",
-			APIVersion: "apps/v1",
-		},
-		ObjectMeta: metav1.ObjectMeta{
-			Namespace: i.Namespace,
-			Name:      rateLimitInfraName,
-			Labels:    labels,
-		},
-		Spec: appsv1.DeploymentSpec{
-			Replicas: pointer.Int32(int32(1)),
-			Selector: selector,
-			Template: corev1.PodTemplateSpec{
-				ObjectMeta: metav1.ObjectMeta{
-					Labels: selector.MatchLabels,
-				},
-				Spec: corev1.PodSpec{
-					Containers:                    containers,
-					ServiceAccountName:            rateLimitInfraName,
-					AutomountServiceAccountToken:  pointer.Bool(false),
-					TerminationGracePeriodSeconds: pointer.Int64(int64(300)),
-					DNSPolicy:                     corev1.DNSClusterFirst,
-					RestartPolicy:                 corev1.RestartPolicyAlways,
-					SchedulerName:                 "default-scheduler",
-					Volumes: []corev1.Volume{
-						{
-							Name: rateLimitInfraName,
-							VolumeSource: corev1.VolumeSource{
-								ConfigMap: &corev1.ConfigMapVolumeSource{
-									LocalObjectReference: corev1.LocalObjectReference{
-										Name: rateLimitInfraName,
-									},
-									DefaultMode: pointer.Int32(int32(420)),
-									Optional:    pointer.Bool(false),
-								},
-							},
-						},
-					},
-				},
-			},
-		},
-	}
-
-	return ret
-}
-
-func expectedRateLimitContainers(infra *ir.RateLimitInfra) []corev1.Container {
-	ports := []corev1.ContainerPort{
-		{
-			Name:          "http",
-			ContainerPort: rateLimitInfraGRPCPort,
-			Protocol:      corev1.ProtocolTCP,
-		},
-	}
-
-	containers := []corev1.Container{
-		{
-			Name:            rateLimitInfraName,
-			Image:           rateLimitInfraImage,
-			ImagePullPolicy: corev1.PullIfNotPresent,
-			Command: []string{
-				"/bin/ratelimit",
-			},
-			Env: []corev1.EnvVar{
-				{
-					Name:  "REDIS_SOCKET_TYPE",
-					Value: "tcp",
-				},
-				{
-					Name:  "REDIS_URL",
-					Value: infra.Backend.Redis.URL,
-				},
-				{
-					Name:  "RUNTIME_ROOT",
-					Value: "/data",
-				},
-				{Name: "RUNTIME_SUBDIRECTORY",
-					Value: "ratelimit",
-				},
-				{
-					Name:  "RUNTIME_IGNOREDOTFILES",
-					Value: "true",
-				},
-				{
-					Name:  "RUNTIME_WATCH_ROOT",
-					Value: "false",
-				},
-				{
-					Name:  "LOG_LEVEL",
-					Value: "info",
-				},
-				{
-					Name:  "USE_STATSD",
-					Value: "false",
-				},
-			},
-			Ports: ports,
-			VolumeMounts: []corev1.VolumeMount{
-				{
-					Name:      rateLimitInfraName,
-					MountPath: "/data/ratelimit/config",
-					ReadOnly:  true,
-				},
-			},
-			TerminationMessagePolicy: corev1.TerminationMessageReadFile,
-			TerminationMessagePath:   "/dev/termination-log",
-		},
-	}
-
-	return containers
-}
-
-// createOrUpdateRateLimitDeployment creates a Deployment in the kube api server based on the provided
-// infra, if it doesn't exist and updates it if it does.
-func (i *Infra) createOrUpdateRateLimitDeployment(ctx context.Context, infra *ir.RateLimitInfra) error {
-	deploy := i.expectedRateLimitDeployment(infra)
-	return i.createOrUpdateDeployment(ctx, deploy)
-}
-
-// deleteRateLimitDeployment deletes the Envoy RateLimit Deployment in the kube api server, if it exists.
-func (i *Infra) deleteRateLimitDeployment(ctx context.Context, _ *ir.RateLimitInfra) error {
-	deploy := &appsv1.Deployment{
-		ObjectMeta: metav1.ObjectMeta{
-			Namespace: i.Namespace,
-			Name:      rateLimitInfraName,
-		},
-	}
-
-	return i.deleteDeployment(ctx, deploy)
-}
-
 func (i *Infra) createOrUpdateDeployment(ctx context.Context, deploy *appsv1.Deployment) error {
 	current := &appsv1.Deployment{}
 	key := types.NamespacedName{

diff --git a/internal/infrastructure/kubernetes/infra.go b/internal/infrastructure/kubernetes/infra.go
@@ -85,53 +85,3 @@ func (i *Infra) DeleteProxyInfra(ctx context.Context, infra *ir.Infra) error {
 
 	return nil
 }
-
-// CreateOrUpdateRateLimitInfra creates the managed kube rate limit infra, if it doesn't exist.
-func (i *Infra) CreateOrUpdateRateLimitInfra(ctx context.Context, infra *ir.RateLimitInfra) error {
-	if infra == nil {
-		return errors.New("ratelimit infra ir is nil")
-	}
-	if err := i.createOrUpdateRateLimitServiceAccount(ctx, infra); err != nil {
-		return err
-	}
-
-	if err := i.createOrUpdateRateLimitConfigMap(ctx, infra); err != nil {
-		return err
-	}
-
-	if err := i.createOrUpdateRateLimitDeployment(ctx, infra); err != nil {
-		return err
-	}
-
-	if err := i.createOrUpdateRateLimitService(ctx, infra); err != nil {
-		return err
-	}
-
-	return nil
-
-}
-
-// DeleteRateLimitInfra removes the managed kube infra, if it doesn't exist.
-func (i *Infra) DeleteRateLimitInfra(ctx context.Context, infra *ir.RateLimitInfra) error {
-	if infra == nil {
-		return errors.New("ratelimit infra ir is nil")
-	}
-
-	if err := i.deleteRateLimitService(ctx, infra); err != nil {
-		return err
-	}
-
-	if err := i.deleteRateLimitDeployment(ctx, infra); err != nil {
-		return err
-	}
-
-	if err := i.deleteRateLimitConfigMap(ctx, infra); err != nil {
-		return err
-	}
-
-	if err := i.deleteRateLimitServiceAccount(ctx, infra); err != nil {
-		return err
-	}
-
-	return nil
-}
diff --git a/internal/infrastructure/kubernetes/ratelimit_configmap.go b/internal/infrastructure/kubernetes/ratelimit_configmap.go
@@ -0,0 +1,52 @@
+// Copyright Envoy Gateway Authors
+// SPDX-License-Identifier: Apache-2.0
+// The full text of the Apache license is available in the LICENSE file at
+// the root of the repo.
+
+package kubernetes
+
+import (
+	"context"
+
+	"github.com/envoyproxy/gateway/internal/ir"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// expectedRateLimitConfigMap returns the expected ConfigMap based on the provided infra.
+func (i *Infra) expectedRateLimitConfigMap(infra *ir.RateLimitInfra) *corev1.ConfigMap {
+	labels := rateLimitLabels()
+	data := make(map[string]string)
+
+	for _, config := range infra.Configs {
+		data[config.Name] = config.Config
+	}
+
+	return &corev1.ConfigMap{
+		ObjectMeta: metav1.ObjectMeta{
+			Namespace: i.Namespace,
+			Name:      rateLimitInfraName,
+			Labels:    labels,
+		},
+		Data: data,
+	}
+}
+
+// createOrUpdateRateLimitConfigMap creates a ConfigMap in the Kube api server based on the provided
+// infra, if it doesn't exist and updates it if it does.
+func (i *Infra) createOrUpdateRateLimitConfigMap(ctx context.Context, infra *ir.RateLimitInfra) error {
+	cm := i.expectedRateLimitConfigMap(infra)
+	return i.createOrUpdateConfigMap(ctx, cm)
+}
+
+// deleteProxyConfigMap deletes the Envoy ConfigMap in the kube api server, if it exists.
+func (i *Infra) deleteRateLimitConfigMap(ctx context.Context, _ *ir.RateLimitInfra) error {
+	cm := &corev1.ConfigMap{
+		ObjectMeta: metav1.ObjectMeta{
+			Namespace: i.Namespace,
+			Name:      rateLimitInfraName,
+		},
+	}
+
+	return i.deleteConfigMap(ctx, cm)
+}