Conversation
|
@flavio please review |
|
|
||
| cpuLimitMin, err := resource.ParseQuantity(limits.CpuLimitMin) | ||
| if err != nil { | ||
| logrus.Fatalf("error parsing CPU_LIMIT_MIN: ", err) |
There was a problem hiding this comment.
It should return the error, given this function returns a error type. The logrus.Fatalf would panic
| if err != nil { | ||
| return err | ||
| } | ||
| logrus.Warn("Created LimitRange for namespace: ", namespaceName) |
There was a problem hiding this comment.
This is a Info message IMHO
| if err != nil { | ||
| return err | ||
| } | ||
| logrus.Warn("Updated LimitRange for namespace: ", namespaceName) |
There was a problem hiding this comment.
Also this one should be an Info message
| func lookupEnvOrEmpty(key string) string { | ||
| value, _ := os.LookupEnv(key) | ||
|
|
||
| return value | ||
| } |
There was a problem hiding this comment.
This is not needed, just use os.Getenv which does exactly the same thing
There was a problem hiding this comment.
I'm not sure I understand.
There was a problem hiding this comment.
You can remove this function and just invoke os.Getenv instead of lookupEnvOrEmpty. The STD-lib function does exactly the very same thing as this code you wrote
| CpuLimitMax string | ||
| MemLimitMax string | ||
| EphemeralStorageLimitMax string | ||
| CpuLimitMin string | ||
| MemLimitMin string | ||
| EphemeralStorageLimitMin string |
There was a problem hiding this comment.
use resource.Quantity instead
| //Evaluate if environment variables are not set or set to "" | ||
| setLimits.CpuLimitMin = lookupEnvOrEmpty("CPU_LIMIT_MIN") | ||
| if setLimits.CpuLimitMin == "" || len(strings.TrimSpace(setLimits.CpuLimitMin)) == 0 { | ||
| logrus.Fatal("Environment variable CPU_LIMIT_MIN is not set or empty: ", setLimits.CpuLimitMin) |
There was a problem hiding this comment.
Some considerations about these conditional checks:
- Do not use
Fatal, it causes the program to exit immediately - Given you have a default in place, it's not even worth to mention that to the user. If you really want to, use the
TraceorDebuglevel - I don't think you have to do all this "massaging" of the user input
- There's a lot of repetition across these
ifstatements. Maybe you can create a function likeparseValueOrDefault(envKey string, defaultValue resource.Quantity) (resource.Quantity, error)
There was a problem hiding this comment.
I'm not putting a default in place.
I thought of Fatal because the watcher should fail/stop if the values can't be used?
There was a problem hiding this comment.
I see, I got confused. I though you had a default in place. It's up to you to decide what to do when one of these settings is missing.
Fine with me if you want to exit with an error, hence Fatal 😄
There was a problem hiding this comment.
On a second thought. It might be a good idea to fall back to a set of defaults for if the use set limits are empty or wrong set user input.
I will add this into a feature for a new PR
| if err != nil { | ||
| fmt.Println("Failed to get Kubernetes config:", err) | ||
| logrus.Fatal("Failed to get Kubernetes config: ", err) | ||
| os.Exit(1) |
There was a problem hiding this comment.
this line is not needed because Fatal causes the exit too
| if err != nil { | ||
| fmt.Println("Failed to create Kubernetes client:", err) | ||
| logrus.Fatal("Failed to create Kubernetes client: ", err) | ||
| os.Exit(1) |
| if err != nil { | ||
| fmt.Println("Failed to watch namespaces:", err) | ||
| logrus.Fatal("Failed to watch namespaces: ", err) | ||
| os.Exit(1) |
| err := createOrUpdateLimitRange(clientset, namespaceName, setLimits) | ||
| if err != nil { | ||
| fmt.Printf("Failed to create LimitRange for namespace %s: %v\n", namespaceName, err) | ||
| logrus.Warn("Failed to create LimitRange for namespace: ", namespaceName, " ", err) |
|
@flavio please review the latest PR changes. |
| q, err := resource.ParseQuantity(value) | ||
| if err != nil { | ||
| logrus.Error("Error parsing ", key, ": ", err) | ||
| return resource.Quantity{} |
There was a problem hiding this comment.
In this case I would definitely return with an error. The user has to be made aware of that, the program has to exit
| excludedNamespaces := map[string]struct{}{ | ||
| "default": {}, | ||
| "cattle": {}, | ||
| "kube-system": {}, | ||
| "kube-public": {}, | ||
| "istio-system": {}, | ||
| "kube-node-lease": {}, | ||
| "kube-local": {}, | ||
| } |
There was a problem hiding this comment.
Please, use a Set as a data structure: https://pkg.go.dev/github.com/deckarep/golang-set/v2#section-readme
| if strings.Contains(namespaceName, "cattle") { | ||
| return true | ||
| } |
There was a problem hiding this comment.
Instead of doing that, read the list of namespaces that the user provided and then add to the cattle and other names to it.
There was a problem hiding this comment.
Update: you can even drop that, you're already adding cattle and other namespaces to the excluded list
There was a problem hiding this comment.
I have addressed this, but for some reason I must explicitly check for cattle word in the namespace.
|
@flavio ready for new review |
| isExcluded := strings.Contains(namespaceName, "cattle") || excludedNamespaces.Contains(namespaceName) | ||
|
|
||
| if isExcluded { |
There was a problem hiding this comment.
The cattle namespace is already added to the list of excluded namespaces (see line 150).
This code can be simplified in this way:
| isExcluded := strings.Contains(namespaceName, "cattle") || excludedNamespaces.Contains(namespaceName) | |
| if isExcluded { | |
| if excludedNamespaces.Contains(namespaceName) { |
| isExcluded := strings.Contains(namespaceName, "cattle") || excludedNamespaces.Contains(namespaceName) | ||
|
|
||
| if isExcluded { | ||
| logrus.Info("Checking if namespace should be skipped: ", namespaceName, " - Excluded: ", isExcluded) |
There was a problem hiding this comment.
This log message should be placed outside of the if statement, right now this is shown only when the check has already been done. Moreover, this is more of a debug message, you should not pollute the production logs with this message.
| - apiGroups: [""] | ||
| resources: ["namespaces", "limitranges"] | ||
| verbs: ["get", "watch", "list", "create", "delete"] | ||
| verbs: ["get", "watch", "list", "create", "update", "delete"] |
There was a problem hiding this comment.
I think you should split that into 2 groups: one for namespace. Here you get only watch I think. The other one for limitranges, this one requires more permissions (I think get, list, create and delete)
…e double checking for cattle namespaces
2 participants
This PR addresses the issues: #1, #2, #3, #4, #5, #6, #7