Skip to content

Add CEP and CES resources #29244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Nov 22, 2023
Merged

Add CEP and CES resources #29244

merged 4 commits into from
Nov 22, 2023

Conversation

pippolo84
Copy link
Member

This is a required step to migrate the k8s CEP watchers to Resource[T].

First, the PR adds a separate constructor for the CiliumSlimEndpoint resource in the clustermesh-apiserver. The apiserver is currently using the same constructor used by the agent and this limits the ability to add indexers that depend on agent-specific part.
Then, the PR adds the CES resource constructor and the same indexers already used by the informers in the CEP and CES k8s watchers.

Refer to this comment and to the individual commit messages for more information.

Related: #28159

@pippolo84 pippolo84 added area/k8s Impacts the kubernetes API, or kubernetes -> cilium internals translation layers. area/clustermesh Relates to multi-cluster routing functionality in Cilium. release-note/misc This PR makes changes that have no direct user impact. area/agent Cilium agent related. area/modularization Relates to code modularization and maintenance. labels Nov 17, 2023
@pippolo84
Copy link
Member Author

/test

This was referenced Nov 17, 2023
Merged
Merged
@pippolo84 pippolo84 marked this pull request as ready for review November 17, 2023 20:48
@pippolo84 pippolo84 requested review from a team as code owners November 17, 2023 20:48
This was referenced Nov 18, 2023
Closed
Closed
tommyp1ckles
tommyp1ckles approved these changes Nov 20, 2023
View reviewed changes
@pippolo84
clustermesh-apiserver: Add CiliumSlimEndpoint resource constructor
406a4da 
CiliumSlimEndpoint resource is built using the constructor in pkg/k8s,
the same one used by the agent.  This limits the flexibility of the
constructor, since it is not possible to modify it for the agent or the
clustermesh-apiserver specific needs.  As an example, the agent starts a
CEP informer with an indexer that reads the local node IP, but since the
clustermesh-apiserver does not have any cell providing LocalNodeStore,
we cannot use that indexer there (clustermesh-apiserver will panic as
soon as Resource[CiliumSlimEndpoint] receives an update).  To avoid
this, the clustermesh-apiserver is modified to use its own
CiliumSlimEndpoint constructor, just like we did in the operator for all
the k8s resources.

Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
@pippolo84
k8s: Add local node indexer to CiliumSlimEndpoint resource
337f33a 
In order to migrate the current agent CEP watcher to Resource[T], the
commit adds the same indexer used in the watcher to the
CiliumSlimEndpoint resource.

The indexer accesses the local node to get its IP. Differently from the
previous indexer implementation, it is mandatory to do that when the
indexer function is actually called, otherwise we might panic trying to
read an uninitialized local node store reference.

Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
@pippolo84
k8s: Add CiliumEndpointsSlice resource
f592f5f 
Add a new constructor for the CiliumEndpointSlice resource. This will be
used to migrate the current implementation of the k8s CES watcher to
Resource[T].

The resource indexer accesses the local node to get its IP.  Differently
from the previous indexer implementation in the watcher, it is mandatory
to do that when the indexer function is actually called, otherwise we
might panic trying to read an uninitialized local node store reference.

Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
@pippolo84
k8s: Add metric to CiliumSlimEndpoint resource
1d38cd2 
Enable Resource[T] metrics for CiliumSlimEndpoint resource.

Signed-off-by: Fabio Falzoi <fabio.falzoi@isovalent.com>
@pippolo84 pippolo84 force-pushed the pr/pippolo84/agent-cep-and-ces-resources branch from 9f6891d to 1d38cd2 Compare November 22, 2023 10:46
@pippolo84
Copy link
Member Author

@tommyp1ckles @YutaroHayakawa I've made a small change to the CiliumSlimEndpointResource and CiliumEndpointSliceResource constructors. Since both uses an IndexFunc that relies on the local node reference to be initialized, I've added *LocalNodeStore in their function signature. This is needed to make the dependency from the resources to the local node store explicit to the "hive and cells" framework.
Without that, it would have been possible to build a Hive with one or both the above resources provided and end up panicking while accessing the uninitialized local node.

@pippolo84
Copy link
Member Author

/test

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Nov 22, 2023
@aanm aanm added this pull request to the merge queue Nov 22, 2023
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Nov 22, 2023
@aanm aanm added this pull request to the merge queue Nov 22, 2023
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Nov 22, 2023
@aanm aanm added this pull request to the merge queue Nov 22, 2023
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to Branch Protection failures Nov 22, 2023
You're not authorized to push to this branch. Visit "About protected branches" for more information.
@aanm aanm added this pull request to the merge queue Nov 22, 2023
Merged via the queue into cilium:main with commit 389e76b Nov 22, 2023
This was referenced Nov 24, 2023
Closed
Closed
@pchaigno pchaigno added the feature/ces Impacts the Cilium Endpoint Slice logic. label Aug 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tommyp1ckles tommyp1ckles tommyp1ckles approved these changes

@YutaroHayakawa YutaroHayakawa YutaroHayakawa approved these changes

Assignees
No one assigned
Labels
area/agent Cilium agent related. area/clustermesh Relates to multi-cluster routing functionality in Cilium. area/k8s Impacts the kubernetes API, or kubernetes -> cilium internals translation layers. area/modularization Relates to code modularization and maintenance. feature/ces Impacts the Cilium Endpoint Slice logic. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/misc This PR makes changes that have no direct user impact.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@pippolo84 @tommyp1ckles @YutaroHayakawa @pchaigno @aanm