Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ServiceResolver controller and webhook #325

Merged
merged 1 commit into from
Sep 22, 2020

Conversation

lkysow
Copy link
Member

@lkysow lkysow commented Sep 15, 2020

Changes proposed in this PR:

  • Implement support for service-resolver config entries:
    • Copy its type definition over from Consul and implement toConsul() and matchesConsul()
    • Create controller and webhook for it
    • Run generators to create deepcopy and yaml files
  • Also make controller code generic between service-defaults and service-resolver by abstracting out common functionality into shared functions (which required introducing some interfaces)
    • Introduced the concept of "config entry" as a generic config entry where common functionality between crd-specific objects will love
    • New interface Reconciler is implemented by each CRD-specific reconciler
    • New interface ConfigEntryCRD is implemented by each CRD object
    • Abstracted all reconciler code into generic ConfigEntryReconciler
    • Abstracted all webhook code into generic ValidateConfigEntry function
  • Update to controller-runtime 0.6.3 to fix spurious log error message.

How I've tested this PR: Acceptance tests from hashicorp/consul-helm#606

How I expect reviewers to test this PR:

  • Reviewing the acceptance tests from Support for ServiceResolver CRDs consul-helm#606 should show that the refactoring didn't break anything
  • I've built ghcr.io/lkysow/consul-k8s-dev:sep17-crd-controller-resolver that can be tested with
  • Analyze the decisions made for the refactor

Checklist:

  • Tests added

@lkysow lkysow force-pushed the crd-controller-resolver branch 7 times, most recently from 0f88eb7 to 070a667 Compare September 16, 2020 20:35
Comment on lines 45 to 48
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Status ConfigEntryStatus `json:"status,omitempty"`
Spec ServiceDefaultsSpec `json:"spec,omitempty"`
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I couldn't pull metav1.TypeMeta, metav1.ObjectMeta and Status into a shared struct that is embedded into all config entries without breaking code generation so unfortunately we'll need to implement the ConfigEntryCRD interface for all config entries.

api/v1alpha1/servicedefaults_types.go Show resolved Hide resolved
api/v1alpha1/serviceresolver_types.go Show resolved Hide resolved
config/crd/kustomization.yaml Show resolved Hide resolved
@@ -0,0 +1,299 @@
package controllers
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the generic controller that works for all config entries.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what do you think we should do with helper/controller.go?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd say that we should move it into sync-catalog but I think it may be used for health checks. We could rename it as something, maybe CacheController and move it into its own top-level package?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, we should consolidate it I think, although I don't think this is required for this PR.

controllers/configentry_webhook.go Outdated Show resolved Hide resolved
controllers/serviceresolver_controller.go Show resolved Hide resolved
@lkysow lkysow marked this pull request as ready for review September 17, 2020 15:52
Copy link
Contributor

@thisisnotashwin thisisnotashwin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is just a partial review. I feel a bit concerned about webhooks moving into the controllers package. Here is my rationale: validation and defaulting can be specific to the version of the CRD and hence it should live in the same package as the CRD it is performing validations/defaulting for (v1alpha1) in this case. Controllers on the other hand are CRD version agnostic (conversion webhooks should ensure they are converted to the version the controller supports).

I tried tinkering with its structure and ran into code-gen issues with the interface as well.

api/v1alpha1/configentry_status.go Outdated Show resolved Hide resolved
api/v1alpha1/servicedefaults_types_test.go Show resolved Hide resolved
controllers/configentry_controller.go Outdated Show resolved Hide resolved
controllers/configentry_controller.go Outdated Show resolved Hide resolved
@lkysow
Copy link
Member Author

lkysow commented Sep 17, 2020

Webhooks moved back to api/alphav1. Common webhooks code (and common interface) moved to api/common

Copy link
Contributor

@thisisnotashwin thisisnotashwin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Havent yet run these but this looks great!! Will try running them now.

api/common/configentry.go Outdated Show resolved Hide resolved
api/common/configentry_webhook.go Show resolved Hide resolved
api/v1alpha1/serviceresolver_types.go Show resolved Hide resolved
controllers/configentry_controller_test.go Show resolved Hide resolved
controllers/configentry_controller_test.go Outdated Show resolved Hide resolved
controllers/servicedefaults_controller.go Outdated Show resolved Hide resolved
controllers/serviceresolver_controller.go Outdated Show resolved Hide resolved
subcommand/controller/command.go Show resolved Hide resolved
Copy link
Contributor

@thisisnotashwin thisisnotashwin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💥

@lkysow lkysow requested review from a team and ishustava and removed request for a team September 21, 2020 18:59
@@ -332,6 +332,7 @@ func TestRun_SecretUpdates(t *testing.T) {
// the certs or the webhook config, it retries the update every second until
// it succeeds.
func TestCertWatcher(t *testing.T) {
t.SkipNow()
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test is being fixed in #326 but marking skipped now so CI is green. Won't merge with this.

Copy link
Contributor

@ishustava ishustava left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❤️ Love the refactor!! I've left some comments, ideas, questions, and suggestions. I haven't run it yet, but thought it'd be worth leaving the comments I have so far.

api/common/configentry.go Outdated Show resolved Hide resolved
api/common/configentry.go Outdated Show resolved Hide resolved
api/common/configentry.go Outdated Show resolved Hide resolved
api/common/configentry.go Outdated Show resolved Hide resolved
api/common/configentry.go Outdated Show resolved Hide resolved
api/v1alpha1/serviceresolver_types_test.go Show resolved Hide resolved
@@ -0,0 +1,299 @@
package controllers
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what do you think we should do with helper/controller.go?

controllers/configentry_controller.go Outdated Show resolved Hide resolved
api/common/configentry_webhook.go Outdated Show resolved Hide resolved
@lkysow lkysow requested a review from ishustava September 22, 2020 20:46
Copy link
Contributor

@ishustava ishustava left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great!! A couple of minor comments, nothing blocking though.

api/common/configentry_webhook_test.go Outdated Show resolved Hide resolved
api/common/configentry_webhook_test.go Show resolved Hide resolved
api/common/configentry_webhook_test.go Outdated Show resolved Hide resolved
* Also make controller and webhook code generic
* Update to controller-runtime 0.6.3 to fix spurious log error message.
@lkysow lkysow force-pushed the crd-controller-resolver branch from 245b858 to d62b005 Compare September 22, 2020 22:04
@lkysow lkysow merged commit b333e0b into crd-controller-base Sep 22, 2020
@lkysow lkysow deleted the crd-controller-resolver branch September 22, 2020 22:05
ndhanushkodi pushed a commit to ndhanushkodi/consul-k8s that referenced this pull request Jul 9, 2021
Enterprise License Job PodSecurityPolicy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants