-
Notifications
You must be signed in to change notification settings - Fork 181
/
daemonset.go
180 lines (154 loc) · 6.28 KB
/
daemonset.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
package canary
import (
"context"
"fmt"
"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
"github.com/openshift/cluster-ingress-operator/pkg/manifests"
"github.com/openshift/cluster-ingress-operator/pkg/operator/controller"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/errors"
)
// ensureCanaryDaemonSet ensures the canary daemonset exists
func (r *reconciler) ensureCanaryDaemonSet() (bool, *appsv1.DaemonSet, error) {
desired := desiredCanaryDaemonSet(r.config.CanaryImage)
haveDs, current, err := r.currentCanaryDaemonSet()
if err != nil {
return false, nil, err
}
switch {
case !haveDs:
if err := r.createCanaryDaemonSet(desired); err != nil {
return false, nil, err
}
return r.currentCanaryDaemonSet()
case haveDs:
if updated, err := r.updateCanaryDaemonSet(current, desired); err != nil {
return true, current, err
} else if updated {
return r.currentCanaryDaemonSet()
}
}
return true, current, nil
}
// currentCanaryDaemonSet returns the current canary daemonset
func (r *reconciler) currentCanaryDaemonSet() (bool, *appsv1.DaemonSet, error) {
daemonset := &appsv1.DaemonSet{}
if err := r.client.Get(context.TODO(), controller.CanaryDaemonSetName(), daemonset); err != nil {
if errors.IsNotFound(err) {
return false, nil, nil
}
return false, nil, err
}
return true, daemonset, nil
}
// createCanaryDaemonSet creates the given daemonset resource
func (r *reconciler) createCanaryDaemonSet(daemonset *appsv1.DaemonSet) error {
if err := r.client.Create(context.TODO(), daemonset); err != nil {
return fmt.Errorf("failed to create canary daemonset %s/%s: %v", daemonset.Namespace, daemonset.Name, err)
}
log.Info("created canary daemonset", "namespace", daemonset.Namespace, "name", daemonset.Name)
return nil
}
// updateCanaryDaemonSet updates the canary daemonset if an appropriate change
// has been detected
func (r *reconciler) updateCanaryDaemonSet(current, desired *appsv1.DaemonSet) (bool, error) {
changed, updated := canaryDaemonSetChanged(current, desired)
if !changed {
return false, nil
}
if err := r.client.Update(context.TODO(), updated); err != nil {
return false, fmt.Errorf("failed to update canary daemonset %s/%s: %v", updated.Namespace, updated.Name, err)
}
log.Info("updated canary daemonset", "namespace", updated.Namespace, "name", updated.Name)
return true, nil
}
// desiredCanaryDaemonSet returns the desired canary daemonset read in
// from manifests
func desiredCanaryDaemonSet(canaryImage string) *appsv1.DaemonSet {
daemonset := manifests.CanaryDaemonSet()
name := controller.CanaryDaemonSetName()
daemonset.Name = name.Name
daemonset.Namespace = name.Namespace
daemonset.Labels = map[string]string{
// associate the daemonset with the ingress canary controller
manifests.OwningIngressCanaryCheckLabel: canaryControllerName,
}
daemonset.Spec.Selector = controller.CanaryDaemonSetPodSelector(canaryControllerName)
daemonset.Spec.Template.Labels = controller.CanaryDaemonSetPodSelector(canaryControllerName).MatchLabels
daemonset.Spec.Template.Spec.Containers[0].Image = canaryImage
daemonset.Spec.Template.Spec.Containers[0].Command = []string{"ingress-operator", CanaryHealthcheckCommand}
return daemonset
}
// canaryDaemonSetChanged returns true if current and expected differ by the pod template's
// node selector, tolerations, or container image reference.
func canaryDaemonSetChanged(current, expected *appsv1.DaemonSet) (bool, *appsv1.DaemonSet) {
changed := false
updated := current.DeepCopy()
// Update the canary daemonset when the canary server image, command, or container name changes
if len(current.Spec.Template.Spec.Containers) > 0 && len(expected.Spec.Template.Spec.Containers) > 0 {
if current.Spec.Template.Spec.Containers[0].Image != expected.Spec.Template.Spec.Containers[0].Image {
updated.Spec.Template.Spec.Containers[0].Image = expected.Spec.Template.Spec.Containers[0].Image
changed = true
}
if !cmp.Equal(current.Spec.Template.Spec.Containers[0].Command, expected.Spec.Template.Spec.Containers[0].Command) {
updated.Spec.Template.Spec.Containers[0].Command = expected.Spec.Template.Spec.Containers[0].Command
changed = true
}
if current.Spec.Template.Spec.Containers[0].Name != expected.Spec.Template.Spec.Containers[0].Name {
updated.Spec.Template.Spec.Containers[0].Name = expected.Spec.Template.Spec.Containers[0].Name
changed = true
}
if !cmp.Equal(current.Spec.Template.Spec.Containers[0].SecurityContext, expected.Spec.Template.Spec.Containers[0].SecurityContext) {
updated.Spec.Template.Spec.Containers[0].SecurityContext = expected.Spec.Template.Spec.Containers[0].SecurityContext
changed = true
}
}
if !cmp.Equal(current.Spec.Template.Spec.NodeSelector, expected.Spec.Template.Spec.NodeSelector, cmpopts.EquateEmpty()) {
updated.Spec.Template.Spec.NodeSelector = expected.Spec.Template.Spec.NodeSelector
changed = true
}
if !cmp.Equal(current.Spec.Template.Spec.SecurityContext, expected.Spec.Template.Spec.SecurityContext, cmpopts.EquateEmpty()) {
updated.Spec.Template.Spec.SecurityContext = expected.Spec.Template.Spec.SecurityContext
changed = true
}
if !cmp.Equal(current.Spec.Template.Spec.Tolerations, expected.Spec.Template.Spec.Tolerations, cmpopts.EquateEmpty(), cmpopts.SortSlices(cmpTolerations)) {
updated.Spec.Template.Spec.Tolerations = expected.Spec.Template.Spec.Tolerations
changed = true
}
if current.Spec.Template.Spec.PriorityClassName != expected.Spec.Template.Spec.PriorityClassName {
updated.Spec.Template.Spec.PriorityClassName = expected.Spec.Template.Spec.PriorityClassName
changed = true
}
if !changed {
return false, nil
}
return true, updated
}
// cmpTolerations compares two Tolerations values and returns a Boolean
// indicating whether they are equal.
func cmpTolerations(a, b corev1.Toleration) bool {
if a.Key != b.Key {
return false
}
if a.Value != b.Value {
return false
}
if a.Operator != b.Operator {
return false
}
if a.Effect != b.Effect {
return false
}
if a.Effect == corev1.TaintEffectNoExecute {
if (a.TolerationSeconds == nil) != (b.TolerationSeconds == nil) {
return false
}
// Field is ignored unless effect is NoExecute.
if a.TolerationSeconds != nil && *a.TolerationSeconds != *b.TolerationSeconds {
return false
}
}
return true
}