-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reconcile resources #240
Reconcile resources #240
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
package controllers | ||
|
||
import ( | ||
"github.com/go-logr/logr" | ||
"github.com/kuadrant/kuadrant-operator/pkg/common" | ||
"sigs.k8s.io/controller-runtime/pkg/client" | ||
"sigs.k8s.io/controller-runtime/pkg/reconcile" | ||
) | ||
|
||
// AuthConfigEventMapper is an EventHandler that maps AuthConfig objects events to Policy events. | ||
type AuthConfigEventMapper struct { | ||
Logger logr.Logger | ||
} | ||
|
||
func (m *AuthConfigEventMapper) MapToAuthPolicy(obj client.Object) []reconcile.Request { | ||
return m.mapToPolicyRequest(obj, "authpolicy", common.AuthPoliciesBackRefAnnotation) | ||
} | ||
|
||
func (m *AuthConfigEventMapper) mapToPolicyRequest(obj client.Object, policyKind string, policyBackRefAnnotationName string) []reconcile.Request { | ||
policyRef, found := common.ReadAnnotationsFromObject(obj)[policyBackRefAnnotationName] | ||
if !found { | ||
return []reconcile.Request{} | ||
} | ||
|
||
policyKey := common.NamespacedNameToObjectKey(policyRef, obj.GetNamespace()) | ||
|
||
m.Logger.V(1).Info("Processing object", "object", client.ObjectKeyFromObject(obj), policyKind, policyKey) | ||
return []reconcile.Request{{NamespacedName: policyKey}} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
package controllers | ||
|
||
import ( | ||
"encoding/json" | ||
|
||
"github.com/go-logr/logr" | ||
"github.com/kuadrant/kuadrant-operator/pkg/common" | ||
limitadorv1alpha1 "github.com/kuadrant/limitador-operator/api/v1alpha1" | ||
"sigs.k8s.io/controller-runtime/pkg/client" | ||
"sigs.k8s.io/controller-runtime/pkg/reconcile" | ||
) | ||
|
||
type LimitadorEventMapper struct { | ||
Logger logr.Logger | ||
} | ||
|
||
func (m LimitadorEventMapper) MapToRateLimitPolicy(obj client.Object) []reconcile.Request { | ||
limitador, ok := obj.(*limitadorv1alpha1.Limitador) | ||
if !ok { | ||
return []reconcile.Request{} | ||
} | ||
|
||
objAnnotations := limitador.GetAnnotations() | ||
val, ok := objAnnotations[common.RateLimitPoliciesBackRefAnnotation] | ||
if !ok { | ||
return []reconcile.Request{} | ||
} | ||
|
||
var refs []client.ObjectKey | ||
err := json.Unmarshal([]byte(val), &refs) | ||
if err != nil { | ||
return []reconcile.Request{} | ||
} | ||
|
||
requests := make([]reconcile.Request, 0) | ||
for _, ref := range refs { | ||
m.Logger.V(1).Info("MapRateLimitPolicy", "ratelimitpolicy", ref) | ||
requests = append(requests, reconcile.Request{ | ||
NamespacedName: ref, | ||
}) | ||
break | ||
} | ||
return requests | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,6 +21,7 @@ import ( | |
"encoding/json" | ||
|
||
"github.com/go-logr/logr" | ||
limitadorv1alpha1 "github.com/kuadrant/limitador-operator/api/v1alpha1" | ||
apierrors "k8s.io/apimachinery/pkg/api/errors" | ||
ctrl "sigs.k8s.io/controller-runtime" | ||
"sigs.k8s.io/controller-runtime/pkg/client" | ||
|
@@ -186,7 +187,7 @@ func (r *RateLimitPolicyReconciler) reconcileResources(ctx context.Context, rlp | |
return err | ||
} | ||
|
||
// set annotation of policies afftecting the gateway - should be the last step, only when all the reconciliation steps succeed | ||
// set annotation of policies affecting the gateway - should be the last step, only when all the reconciliation steps succeed | ||
return r.ReconcileGatewayPolicyReferences(ctx, rlp, gatewayDiffObj) | ||
} | ||
|
||
|
@@ -216,7 +217,13 @@ func (r *RateLimitPolicyReconciler) deleteResources(ctx context.Context, rlp *ku | |
} | ||
} | ||
|
||
// update annotation of policies afftecting the gateway | ||
// remove direct back ref from limitador CR | ||
err = r.deleteLimitadorBackReference(ctx, rlp) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Hmm. So There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Yes, that is correct and I should explain my reasoning. The Do you want me to move the label deletion logic to the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
I would wait. As I said in my other comment, if we're going to watch and reconcile changes on all derived resources – the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. From the community call my understanding is we wont be using the https://github.com/Kuadrant/gateway-api-machinery till after MVP. So I thinking I address the other issue raised now and create an issue to follow up with a refactor of the labelling once we can use the gateway-api-machinery. Would you be happy with this approach? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This won't be complete anyway until we cover for all kinds of resources that, once modified directly, can break with the source of truth. I understand that whereas one is a refactoring, while the other prevents what could be perceived as a bug, I still think those two things are intimately related and better if tackled together. I'm also afraid of the explosion of annotations while others seem to be addressing the issue differently. IOW, let's not amend it quickly due to release pressure and do this the right way. The fix can be part of a post-release patch if we want. |
||
if err != nil { | ||
return err | ||
} | ||
|
||
// update annotation of policies affecting the gateway | ||
return r.ReconcileGatewayPolicyReferences(ctx, rlp, gatewayDiffObj) | ||
} | ||
|
||
|
@@ -241,6 +248,11 @@ func (r *RateLimitPolicyReconciler) SetupWithManager(mgr ctrl.Manager) error { | |
Logger: r.Logger().WithName("gatewayRateLimitPolicyEventMapper"), | ||
Client: r.Client(), | ||
} | ||
|
||
limitadorEventMapper := &LimitadorEventMapper{ | ||
Logger: r.Logger().WithName("limitadorEventMapper"), | ||
} | ||
|
||
return ctrl.NewControllerManagedBy(mgr). | ||
For(&kuadrantv1beta2.RateLimitPolicy{}). | ||
Watches( | ||
|
@@ -258,5 +270,8 @@ func (r *RateLimitPolicyReconciler) SetupWithManager(mgr ctrl.Manager) error { | |
&source.Kind{Type: &kuadrantv1beta2.RateLimitPolicy{}}, | ||
handler.EnqueueRequestsFromMapFunc(gatewayRateLimtPolicyEventMapper.MapRouteRateLimitPolicy), | ||
). | ||
Watches(&source.Kind{Type: &limitadorv1alpha1.Limitador{}}, | ||
handler.EnqueueRequestsFromMapFunc(limitadorEventMapper.MapToRateLimitPolicy), | ||
). | ||
Complete(r) | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
package common | ||
|
||
func AddAnnotation(annotation string, value string, annotations map[string]string) map[string]string { | ||
_, ok := annotations[annotation] | ||
if !ok && len(value) == 0 { | ||
return annotations | ||
} | ||
|
||
if len(value) == 0 { | ||
delete(annotations, annotation) | ||
return annotations | ||
} | ||
|
||
if annotations == nil { | ||
annotations = map[string]string{} | ||
} | ||
annotations[annotation] = value | ||
return annotations | ||
} | ||
|
||
func AnnotationEqual(annotation string, value string, annotations map[string]string) bool { | ||
val, ok := annotations[annotation] | ||
if !ok && len(annotation) == 0 { | ||
return true | ||
} | ||
|
||
if val == value { | ||
return true | ||
} | ||
|
||
return false | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
package common | ||
|
||
import ( | ||
"encoding/json" | ||
"sigs.k8s.io/controller-runtime/pkg/client" | ||
) | ||
|
||
func BuildBackRefs(refs []client.ObjectKey) (string, error) { | ||
if len(refs) == 0 { | ||
return "", nil | ||
} | ||
|
||
var uniqueKeys []client.ObjectKey | ||
|
||
for _, v := range refs { | ||
if !Contains(uniqueKeys, v) { | ||
uniqueKeys = append(uniqueKeys, v) | ||
} | ||
} | ||
|
||
serialized, err := json.Marshal(uniqueKeys) | ||
if err != nil { | ||
return "", err | ||
} | ||
return string(serialized), nil | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
With the current implementation, you do not need to trigger one event per RLP, only one of them is enough to reconcile the entire Limitador CR. Each rate limit policy event is reading all gateways from the cluster and iterating over all the RLP references in the annotations of the gateways.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I many explore this. What your saying is making sense but my mind is not allowing me to accept it as true. 😃 I will add any changes as needed.