MAISTRA-2197: Push first update when cache is warm #291
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
brian-avery
approved these changes
Mar 11, 2021
dgn
requested changes
Mar 12, 2021
There was a problem hiding this comment.
This is kind of doing the wrong thing now. There are two cases we have to cover:
- handler register before the cache is warm. In this case, send nothing because we don't have real data. As soon as data comes in, we'll send it anyway (because handler will be registered by that time)
- handler register after cache has warmed up. Send current list of namespaces
What this implementation does is in case 1. it will send updates twice - once in the goroutine that waits for the cache, and once in the actual event coming in (as part of cache sync). In case 2 it will not send anything at all but leak a goroutine that waits on an already-closed channel.
I think it would be simpler to do the following:
at handler registration, check whether cache is warm (can be boolean protected by mutex). if cache is warm, send list of namespaces. if not, do nothing and just return. as soon as the cache has warmed up, the events will come in anyway and we'll send an update automatically.
|
|
||
| go func() { | ||
| smmrLog.Debugf("Listener for %s created", name) | ||
| <-smmrc.cacheWarmed |
There was a problem hiding this comment.
isn't this reading from a channel that might be long closed?
There was a problem hiding this comment.
yes, that's the idea (reading from a closed channel is a nop). The channel remains open until the cache is warmed, hence it blocks. Once channel is closed, it doesn't block anymore and the behavior is the same we have currently.
There was a problem hiding this comment.
oh yeah, you're right. so we're not leaking a goroutine, that's good. but aren't we still sending the same event twice?
As explained above, the goroutine does not block.
"as soon as the cache has warmed up, the events will come in anyway" => Not quite true. This is exactly the problem we have right now. Events only come when something happen, that's why Rob added that initial push with the control plane. I've tested this approach and it worked fine. A basic workflow is:
|
that doesn't match my observations. when watching a resource, you'll get "add" events as part of the first sync for all resources that existed before starting to watch. the reason this was added was for another use case, which is registering a handler after the cache has warmed up, because then, as you said, you only get notified when things change - so the handler is never called if the SMMR is not updated |
dgn
reviewed
Mar 12, 2021
|
In my tests it did not send events twice. I'll test again. |
Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging.
|
I was not getting updates twice because we only send an update if the members are different. Since the initial update and the normal I've changed the logic accordingly. Thanks for catching this! |
dgn
approved these changes
Mar 12, 2021
|
/retest |
|
In response to a cherrypick label: #291 failed to apply on top of branch "maistra-2.1": |
jwendell
added a commit
to jwendell/istio-maistra
that referenced
this pull request
Mar 15, 2021
Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291
maistra-bot
pushed a commit
that referenced
this pull request
Mar 16, 2021
Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of #291
|
I think this is breaking things in 2.1 -- What if the SMMR doesn't exist? All controllers registered before the cache is synced will never get an update until one is created. That's a problem though, because they may need to know about the system namespace regardless. Concrete example: we use the member-roll controller in the namespace controller. One thing the namespace controller is responsible for is creating the ConfigMap in each namespace that contains the Istio CA cert. The gateways need this to start. So, if I deploy a fresh istiod, and I haven't created an SMMR, the namespace controller is never informed of the system namespace and doesn't create the ConfigMap. Now my gateway pods won't start. This also means the operator won't consider the installation finished and start reconciling SMMR updates. I'm not sure I understand the original problem. Why do we care if we get an update with the system namespace before the others? |
|
@bison pasted from the jira issue: "In my scenario, the SMMR is already "ready" with some configuredMembers already in it. I'm not touching it in any way. I'm just registering for updates and getting two pushes as a result." Having two push updates when we only need one was the original issue. This is not optimal, for example, for IOR when there are lots of namespaces (200+). IOR relies on SMMR controller to update its internal state. IOR does an initial synchronization of Gateways and Routes on initialization. The problem was:
We discussed this in a call and the consensus was that the fix would be to only send the first update when cache is synced. The scenario you described above was not take into consideration. We need to address it in a follow up then. |
|
Ah, okay. That makes sense. I guess it does kind of break the API to potentially only send the system namespace when the contract with listeners is I think as a quick fix we can just trigger an update for all listeners once caches are synced. Ultimately, it may be better to allow listeners to register add and remove handlers -- basically what the xns-informers NamespaceSet does. |
luksa
pushed a commit
to luksa/istio-maistra
that referenced
this pull request
Jun 2, 2021
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12
luksa
pushed a commit
that referenced
this pull request
Jun 3, 2021
MAISTRA-2051: Add xns-informer for Kubernetes types (#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (#221) MAISTRA-2051: Add MemberRollController (#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of #291 MAISTRA-2233: Start xns-informers with empty namespace set (#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12
luksa
pushed a commit
to luksa/istio-maistra
that referenced
this pull request
Jun 11, 2021
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12
luksa
pushed a commit
to luksa/istio-maistra
that referenced
this pull request
Jun 14, 2021
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12
luksa
pushed a commit
to luksa/istio-maistra
that referenced
this pull request
Jun 14, 2021
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12
luksa
pushed a commit
to luksa/istio-maistra
that referenced
this pull request
Jun 14, 2021
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12
luksa
pushed a commit
to luksa/istio-maistra
that referenced
this pull request
Jun 15, 2021
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12
bartoszmajsak
pushed a commit
to bartoszmajsak/istio
that referenced
this pull request
Nov 1, 2022
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com>
bartoszmajsak
pushed a commit
to bartoszmajsak/istio
that referenced
this pull request
Nov 4, 2022
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com>
bartoszmajsak
pushed a commit
to bartoszmajsak/istio
that referenced
this pull request
Nov 9, 2022
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com>
bartoszmajsak
pushed a commit
to bartoszmajsak/istio
that referenced
this pull request
Nov 9, 2022
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com>
bartoszmajsak
pushed a commit
to bartoszmajsak/istio
that referenced
this pull request
Nov 9, 2022
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com>
bartoszmajsak
pushed a commit
to bartoszmajsak/istio
that referenced
this pull request
Nov 9, 2022
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com>
maistra-bot
pushed a commit
that referenced
this pull request
Nov 9, 2022
MAISTRA-2051: Add xns-informer for Kubernetes types (#223) * vendor: Add github.com/maistra/xns-informer * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (#221) MAISTRA-2051: Add MemberRollController (#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder * 06ea2db - MAISTRA-1666: Add `go mod vendor` as part of `make gen` This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of #291 MAISTRA-2233: Start xns-informers with empty namespace set (#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Jun 28, 2023
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Jul 11, 2023
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Jul 17, 2023
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 8, 2023
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 9, 2023
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 9, 2023
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 9, 2023
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 10, 2023
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
jewertow
pushed a commit
to jewertow/istio
that referenced
this pull request
Aug 10, 2023
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
openshift-merge-robot
pushed a commit
that referenced
this pull request
Aug 10, 2023
MAISTRA-2051: Add xns-informer for Kubernetes types (#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (#221) MAISTRA-2051: Add MemberRollController (#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of #291 MAISTRA-2233: Start xns-informers with empty namespace set (#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
yannuil
pushed a commit
to yannuil/maistra-istio
that referenced
this pull request
Jan 19, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
yannuil
added a commit
to yannuil/maistra-istio
that referenced
this pull request
Jan 21, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
yannuil
added a commit
to yannuil/maistra-istio
that referenced
this pull request
Mar 21, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Daniel Grimm <dgrimm@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
yannuil
added a commit
to yannuil/maistra-istio
that referenced
this pull request
Mar 25, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Daniel Grimm <dgrimm@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
yannuil
added a commit
to yannuil/maistra-istio
that referenced
this pull request
Mar 25, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Daniel Grimm <dgrimm@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
yannuil
added a commit
to yannuil/maistra-istio
that referenced
this pull request
Mar 25, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Daniel Grimm <dgrimm@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
yannuil
added a commit
to yannuil/maistra-istio
that referenced
this pull request
Mar 25, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Daniel Grimm <dgrimm@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
yannuil
added a commit
to yannuil/maistra-istio
that referenced
this pull request
Mar 25, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Daniel Grimm <dgrimm@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
yannuil
added a commit
to yannuil/maistra-istio
that referenced
this pull request
Mar 25, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Daniel Grimm <dgrimm@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
yannuil
added a commit
to yannuil/maistra-istio
that referenced
this pull request
Mar 26, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Daniel Grimm <dgrimm@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
yannuil
added a commit
to yannuil/maistra-istio
that referenced
this pull request
Mar 26, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (maistra#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (maistra#221) MAISTRA-2051: Add MemberRollController (maistra#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (maistra#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (maistra#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (maistra#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (maistra#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (maistra#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (maistra#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (maistra#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (maistra#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of maistra#291 MAISTRA-2233: Start xns-informers with empty namespace set (maistra#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (maistra#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (maistra#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (maistra#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (maistra#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (maistra#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Daniel Grimm <dgrimm@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
openshift-merge-bot bot
pushed a commit
that referenced
this pull request
Mar 26, 2024
MAISTRA-2051: Add xns-informer for Kubernetes types (#223) * Update mirrored licenses to fix gen-check * MAISTRA-2051: Add xns-informer for Kubernetes types This integrates the xns-informer library for multi-namespace support, but only for core Kubernetes types. The informers are hard-coded to watch all namespaces here. The integration with MemberRoll will come in a follow-up. MAISTRA-2051 Add xns-informer for Istio types (#221) MAISTRA-2051: Add MemberRollController (#227) * MAISTRA-2051: Add MemberRollController Includes the following: * 75742b0 - Add Makefile for Maistra client generation This adds a Makefile with tasks for generating the Maistra specific clients. It is adapted from the one in the Istio client-go repository. * 5f8562c - Add MemberRollController Squashed commit, consisting of: * MAISTRA-417: Add MemberRollController * MAISTRA-450: Switch across to ConfiguredMembers and check existing config for changes * MAISTRA-1005 Do not expect namespaces to have a stable ordering The clients have also been regenerated. * 1b7a89d - Add missing licenses * fe2f8cd - Fix Copyright holder This is to make sure all PR's will have an updated vendor directory. The `gencheck` prow job will ensure that. * MAISTRA-2051: Update MemberRollController for xns-informers * MAISTRA-2051: Add AddMemberRoll to kube client * MAISTRA-2051: Configure MemberRoll controller in istiod MAISTRA-2051: Add xns-informer for Service APIs (#229) * MAISTRA-2051: Update xns-informers * MAISTRA-2051: Add xns-informer for Service APIs MAISTRA-2051: Use shared Kubernetes client in galley (#241) This moves galley to the shared Kubernetes client, which will let it use xns-informers for multi-namespace support like everything else. MAISTRA-2051: Update xns-informers to latest (#252) * MAISTRA-2051: Reset Kubernetes client to release-1.8 state * MAISTRA-2051: Use xns-informers in Kubernetes client * MAISTRA-2051: Un-skip tests with xns-informers issues These tests were skipped because of issues with xns-informers, which have now been solved. They should no longer be skipped. * MAISTRA-2051: Update xns-informers to latest * MAISTRA-2051: Skip problematic integration test: TestDashboard MAISTRA-2051: Use MultiNamespaceInformer in galley (#254) * Revert "MAISTRA-2051: Use shared Kubernetes client in galley (#241)" This reverts commit 0b1567a. * MAISTRA-2051: Use MultiNamespaceInformer in galley This is a rework of the previous change that used the central Kubernetes client in Galley. The watchers in Galley manage stopping and starting individual informers, which doesn't work well with the factory returning cached informers. This creates multi-namespace informers individually instead of using the central factory. It's also a much smaller change overall and doesn't affect the tests. * MAISTRA-2051: Add GetMemberRoll method to Kubernetes client * MAISTRA-2051: Integrate MemberRoll with Galley This configures the mulit-namespace aware infomers in Galley to respond to changes in the set of namespaces via the MemberRoll. This includes parts of the following: - 4b70b8d MAISTRA-1895 Add option to enable/disable CRD scan - 6e8019e MAISTRA-1968 allow analyzer to work with multi list watcher MAISTRA-1724: Don't watch namespaces if MemberRoll is used (#257) Rewrite of the following for Maistra 2.1 / Istio 1.8 rebase: a161a53 - MAISTRA-1724 Don't watch namespaces if MRC is used (#161) MAISTRA-1755: invoke UpdateNamespaces() as part of MemberRollController.Register() Cherry-pick of f0eed15 for Maistra 2.1 / Istio 1.8 rebase. MAISTRA-1724: Better hanlde deletion in NamespaceController MAISTRA-2153: Disable namespace informer if MemberRoll is used (#283) This causes istiod to skip creating the namespace informer in the Kubernetes service registry controller if a MemberRoll is specified, because Maistra cannot read namespace objects. This will affect the behavior of multi-network deployments that do not use mesh networks for configuration, i.e. a namespace cannot be labeled with a default network now. MAISTRA-2197: Push first update when cache is warm (#294) Change SMMR Controller behavior to only send the first update to listeners when it has a list of members ready. In other words, when cache is synced. Before this, the first update was sent with only one hardcoded member: The control plane namespace. Now it is sent with the full list of SMMR members. While on that, switch to our own log scope, to facilitate debugging. Manual cherry pick of #291 MAISTRA-2233: Start xns-informers with empty namespace set (#303) The multi-namespace informers created by xns-informers default to watching all namespaces to match upstream behaviour. This causes permissions issues in Maistra because they will do this until the first update from the MemberRoll controller sets the correct set of namespaces on each informer. We should instead explicitly configure them with an empty set of namespaces at startup. MAISTRA-2234: Seed MemberRoll listeners with system namespace (#302) The MemberRoll controller was changed in MAISTRA-2197 to not send the initial update with just the system namespace to all listeners. This can be a problem when the user hasn't created an SMMR resource yet, because any listeners registered before the caches sync may never get an update informing them to watch the system namespace. This attempts to work around the issue by having all listeners individually wait on the caches to sync, then seed just the system namespace if no SMMR resource is found. MAISTRA-2271: Update xns-informers to fix delete events issue (#315) This updates xns-informers to include a fix for sending delete events for all objects when a namespace is no longer watched. See: maistra/xns-informer#12 Co-authored-by: Brad Ison <brad.ison@redhat.com> OSSM-2006 Fix multiNamespaceInformer.HasSynced() fix(xns-informer): only sync nsInformer when not nil (#684) Fix shutting down namespace controller Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> OSSM-2233: uses maistra.io/api instead of copying Before we were generating and copying Maistra API types, now we use it as a dependency. Additionally following changes are introduced: - vendoring has been removed, as we now use embedded manifests from maistra/api in tests - cleans up Makefiles - removes unnecessary files (generated API) OSSM-2375 Log the list of member namespaces on every change (#716) Co-authored-by: Marko Lukša <marko.luksa@gmail.com> OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode (#778) * OSSM-3703: Fix AUTO_RELOAD_PLUGIN_CERTS in multi-tenant mode Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> * Revert unnecessary variable declaration Signed-off-by: Jacek Ewertowski <jewertow@redhat.com> --------- Co-authored-by: Marko Lukša <marko.luksa@gmail.com> Co-authored-by: Jacek Ewertowski <jewertow@redhat.com> Co-authored-by: Daniel Grimm <dgrimm@redhat.com> Co-authored-by: Brad Ison <brad.ison@redhat.com> Signed-off-by: Yann Liu <yannliu@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Change SMMR Controller behavior to only send the first update to
listeners when it has a list of members ready. In other words, when
cache is synced.
Before this, the first update was sent with only one hardcoded member:
The control plane namespace. Now it is sent with the full list of SMMR
members.
While on that, switch to our own log scope, to facilitate debugging.