Create one DNS nameserver per workspace

kcp-dev · Nov 7, 2022 · 0137e5c · 0137e5c
1 parent 9a28d65
commit 0137e5c
Show file tree

Hide file tree

Showing 23 changed files with 742 additions and 469 deletions.
diff --git a/cmd/syncer/cmd/syncer.go b/cmd/syncer/cmd/syncer.go
@@ -114,7 +114,7 @@ func Run(ctx context.Context, options *synceroptions.Options) error {
 			SyncTargetWorkspace: logicalcluster.New(options.FromClusterName),
 			SyncTargetName:      options.SyncTargetName,
 			SyncTargetUID:       options.SyncTargetUID,
-			DNSServer:           options.DNSServer,
+			DNSImage:            options.DNSImage,
 		},
 		numThreads,
 		options.APIImportPollInterval,

diff --git a/cmd/syncer/options/options.go b/cmd/syncer/options/options.go
@@ -43,7 +43,7 @@ type Options struct {
 	SyncTargetUID       string
 	Logs                *logs.Options
 	SyncedResourceTypes []string
-	DNSServer           string
+	DNSImage            string
 
 	APIImportPollInterval time.Duration
 }
@@ -78,7 +78,7 @@ func (options *Options) AddFlags(fs *pflag.FlagSet) {
 	fs.Var(kcpfeatures.NewFlagValue(), "feature-gates", ""+
 		"A set of key=value pairs that describe feature gates for alpha/experimental features. "+
 		"Options are:\n"+strings.Join(kcpfeatures.KnownFeatures(), "\n")) // hide kube-only gates
-	fs.StringVar(&options.DNSServer, "dns", options.DNSServer, "kcp DNS server name.")
+	fs.StringVar(&options.DNSImage, "dns-image", options.DNSImage, "kcp DNS server image.")
 
 	options.Logs.AddFlags(fs)
 }

diff --git a/hack/logcheck.out b/hack/logcheck.out
@@ -33,8 +33,8 @@
 /pkg/admission/webhook/generic_webhook.go:142:5: function "Errorf" should not be used, convert to contextual logging
 /pkg/admission/webhook/generic_webhook.go:172:4: function "Errorf" should not be used, convert to contextual logging
 /pkg/authorization/delegated/authorizer.go:45:3: function "Errorf" should not be used, convert to contextual logging
-/pkg/cliplugins/workload/plugin/sync.go:595:4: function "Infof" should not be used, convert to contextual logging
-/pkg/cliplugins/workload/plugin/sync.go:595:4: function "V" should not be used, convert to contextual logging
+/pkg/cliplugins/workload/plugin/sync.go:592:4: function "Infof" should not be used, convert to contextual logging
+/pkg/cliplugins/workload/plugin/sync.go:592:4: function "V" should not be used, convert to contextual logging
 /pkg/dns/plugin/nsmap/namespace.go:68:2: function "Info" should not be used, convert to contextual logging
 /pkg/dns/plugin/nsmap/namespace.go:68:2: function "V" should not be used, convert to contextual logging
 /pkg/embeddedetcd/server.go:44:2: function "Info" should not be used, convert to contextual logging
@@ -93,18 +93,19 @@
 /pkg/reconciler/workload/synctargetexports/synctargetexports_controller.go:331:2: function "V" should not be used, convert to contextual logging
 /pkg/reconciler/workload/synctargetexports/synctargetexports_controller.go:333:3: function "Errorf" should not be used, convert to contextual logging
 /pkg/reconciler/workload/synctargetexports/synctargetexports_reconcile.go:58:5: function "Warningf" should not be used, convert to contextual logging
-/pkg/server/controllers.go:1085:4: function "Errorf" should not be used, convert to contextual logging
+/pkg/server/controllers.go:1053:4: function "Errorf" should not be used, convert to contextual logging
 /pkg/server/home_workspaces.go:352:5: Additional arguments to WithValues should always be Key Value pairs. Please check if there is any key or value missing.
 /pkg/server/home_workspaces.go:638:6: Additional arguments to WithValues should always be Key Value pairs. Please check if there is any key or value missing.
 /pkg/server/options/controllers.go:54:3: function "Fatal" should not be used, convert to contextual logging
-/pkg/syncer/namespace/namespace_downstream_process.go:44:11: Key positional arguments are expected to be inlined constant strings. Please replace DownstreamNamespace provided with string value.
-/pkg/syncer/namespace/namespace_downstream_process.go:75:11: Key positional arguments are expected to be inlined constant strings. Please replace &{logging NamespaceKey} provided with string value.
-/pkg/syncer/namespace/namespace_downstream_process.go:75:11: Key positional arguments are expected to be inlined constant strings. Please replace &{logging WorkspaceKey} provided with string value.
+/pkg/syncer/namespace/namespace_downstream_process.go:210:1: A function should accept either a context or a logger, but not both. Having both makes calling the function harder because it must be defined whether the context must contain the logger and callers have to follow that.
+/pkg/syncer/namespace/namespace_downstream_process.go:45:11: Key positional arguments are expected to be inlined constant strings. Please replace DownstreamNamespace provided with string value.
+/pkg/syncer/namespace/namespace_downstream_process.go:90:11: Key positional arguments are expected to be inlined constant strings. Please replace &{logging NamespaceKey} provided with string value.
+/pkg/syncer/namespace/namespace_downstream_process.go:90:11: Key positional arguments are expected to be inlined constant strings. Please replace &{logging WorkspaceKey} provided with string value.
 /pkg/syncer/namespace/namespace_upstream_process.go:41:11: Key positional arguments are expected to be inlined constant strings. Please replace &{logging NameKey} provided with string value.
 /pkg/syncer/namespace/namespace_upstream_process.go:41:11: Key positional arguments are expected to be inlined constant strings. Please replace &{logging WorkspaceKey} provided with string value.
 /pkg/syncer/namespace/namespace_upstream_process.go:79:11: Key positional arguments are expected to be inlined constant strings. Please replace DownstreamNamespace provided with string value.
-/pkg/syncer/spec/spec_controller.go:145:16: Key positional arguments are expected to be inlined constant strings. Please replace DownstreamName provided with string value.
-/pkg/syncer/spec/spec_controller.go:145:16: Key positional arguments are expected to be inlined constant strings. Please replace DownstreamNamespace provided with string value.
+/pkg/syncer/spec/spec_controller.go:146:16: Key positional arguments are expected to be inlined constant strings. Please replace DownstreamName provided with string value.
+/pkg/syncer/spec/spec_controller.go:146:16: Key positional arguments are expected to be inlined constant strings. Please replace DownstreamNamespace provided with string value.
 /pkg/syncer/spec/spec_process.go:117:11: Key positional arguments are expected to be inlined constant strings. Please replace &{logging NameKey} provided with string value.
 /pkg/syncer/spec/spec_process.go:117:11: Key positional arguments are expected to be inlined constant strings. Please replace &{logging NamespaceKey} provided with string value.
 /pkg/syncer/spec/spec_process.go:117:11: Key positional arguments are expected to be inlined constant strings. Please replace &{logging WorkspaceKey} provided with string value.
@@ -116,9 +117,9 @@
 /pkg/syncer/status/status_process.go:137:11: Key positional arguments are expected to be inlined constant strings. Please replace &{logging WorkspaceKey} provided with string value.
 /pkg/syncer/status/status_process.go:67:11: Key positional arguments are expected to be inlined constant strings. Please replace DownstreamName provided with string value.
 /pkg/syncer/status/status_process.go:67:11: Key positional arguments are expected to be inlined constant strings. Please replace DownstreamNamespace provided with string value.
-/pkg/syncer/syncer.go:168:11: Key positional arguments are expected to be inlined constant strings. Please replace SyncTargetKey provided with string value.
-/pkg/syncer/syncer.go:80:11: Key positional arguments are expected to be inlined constant strings. Please replace SyncTargetName provided with string value.
-/pkg/syncer/syncer.go:80:11: Key positional arguments are expected to be inlined constant strings. Please replace SyncTargetWorkspace provided with string value.
+/pkg/syncer/syncer.go:185:11: Key positional arguments are expected to be inlined constant strings. Please replace SyncTargetKey provided with string value.
+/pkg/syncer/syncer.go:81:11: Key positional arguments are expected to be inlined constant strings. Please replace SyncTargetName provided with string value.
+/pkg/syncer/syncer.go:81:11: Key positional arguments are expected to be inlined constant strings. Please replace SyncTargetWorkspace provided with string value.
 /pkg/tunneler/dialer.go:148:8: function "Infof" should not be used, convert to contextual logging
 /pkg/tunneler/dialer.go:148:8: function "V" should not be used, convert to contextual logging
 /pkg/tunneler/listener.go:157:3: function "Infof" should not be used, convert to contextual logging

diff --git a/pkg/cliplugins/workload/plugin/sync.go b/pkg/cliplugins/workload/plugin/sync.go
@@ -687,21 +687,17 @@ type templateArgs struct {
 	// ServiceAccount is the name of the service account to create in the syncer
 	// namespace on the pcluster.
 	ServiceAccount string
-	// DNSServiceAccount is the name of the DNS service account to create in the syncer
-	// namespace on the pcluster.
-	DNSServiceAccount string
 	// ClusterRole is the name of the cluster role to create for the syncer on the
 	// pcluster.
 	ClusterRole string
-	// ClusterRoleBinding is the name of the DNS cluster role binding to create for the
-	// syncer on the pcluster.
-	DNSClusterRole string
 	// ClusterRoleBinding is the name of the cluster role binding to create for the
 	// syncer on the pcluster.
 	ClusterRoleBinding string
-	// ClusterRoleBinding is the name of the DNS cluster role binding to create for the
+	// DnsRole is the name of the DNS role to create for the syncer on the pcluster.
+	DNSRole string
+	// DNSRoleBinding is the name of the DNS role binding to create for the
 	// syncer on the pcluster.
-	DNSClusterRoleBinding string
+	DNSRoleBinding string
 	// GroupMappings is the mapping of api group to resources that will be used to
 	// define the cluster role rules for the syncer in the pcluster. The syncer will be
 	// granted full permissions for the resources it will synchronize.
@@ -718,8 +714,6 @@ type templateArgs struct {
 	// DeploymentApp is the label value that the syncer's deployment will select its
 	// pods with.
 	DeploymentApp string
-	// DNSAppName is the name of the deployment that will run the kcp dns resolver
-	DNSAppName string
 }
 
 // renderSyncerResources renders the resources required to deploy a syncer to a pcluster.
@@ -731,19 +725,17 @@ func renderSyncerResources(input templateInput, syncerID string, resourceForPerm
 	dnsSyncerID := strings.Replace(syncerID, "syncer", "dns", 1)
 
 	tmplArgs := templateArgs{
-		templateInput:         input,
-		ServiceAccount:        syncerID,
-		DNSServiceAccount:     dnsSyncerID,
-		ClusterRole:           syncerID,
-		DNSClusterRole:        dnsSyncerID,
-		ClusterRoleBinding:    syncerID,
-		DNSClusterRoleBinding: dnsSyncerID,
-		GroupMappings:         getGroupMappings(resourceForPermission),
-		Secret:                syncerID,
-		SecretConfigKey:       SyncerSecretConfigKey,
-		Deployment:            syncerID,
-		DeploymentApp:         syncerID,
-		DNSAppName:            dnsSyncerID,
+		templateInput:      input,
+		ServiceAccount:     syncerID,
+		ClusterRole:        syncerID,
+		ClusterRoleBinding: syncerID,
+		DNSRole:            dnsSyncerID,
+		DNSRoleBinding:     dnsSyncerID,
+		GroupMappings:      getGroupMappings(resourceForPermission),
+		Secret:             syncerID,
+		SecretConfigKey:    SyncerSecretConfigKey,
+		Deployment:         syncerID,
+		DeploymentApp:      syncerID,
 	}
 
 	syncerTemplate, err := embeddedResources.ReadFile("syncer.yaml")