Updating federation ingress controller to support cascading deletion
This commit is contained in:
nikhiljindal
@@ -24,8 +24,10 @@ import (
|
||||
federation_api "k8s.io/kubernetes/federation/apis/federation/v1beta1"
|
||||
federationclientset "k8s.io/kubernetes/federation/client/clientset_generated/federation_release_1_5"
|
||||
"k8s.io/kubernetes/federation/pkg/federation-controller/util"
|
||||
"k8s.io/kubernetes/federation/pkg/federation-controller/util/deletionhelper"
|
||||
"k8s.io/kubernetes/federation/pkg/federation-controller/util/eventsink"
|
||||
"k8s.io/kubernetes/pkg/api"
|
||||
"k8s.io/kubernetes/pkg/api/errors"
|
||||
"k8s.io/kubernetes/pkg/api/v1"
|
||||
extensions_v1beta1 "k8s.io/kubernetes/pkg/apis/extensions/v1beta1"
|
||||
"k8s.io/kubernetes/pkg/client/cache"
|
||||
@@ -92,6 +94,8 @@ type IngressController struct {
|
||||
// For events
|
||||
eventRecorder record.EventRecorder
|
||||
|
||||
deletionHelper *deletionhelper.DeletionHelper
|
||||
|
||||
ingressReviewDelay time.Duration
|
||||
configMapReviewDelay time.Duration
|
||||
clusterAvailableDelay time.Duration
|
||||
@@ -275,9 +279,72 @@ func NewIngressController(client federationclientset.Interface) *IngressControll
|
||||
err := client.Core().ConfigMaps(configMap.Namespace).Delete(configMap.Name, &v1.DeleteOptions{})
|
||||
return err
|
||||
})
|
||||
|
||||
ic.deletionHelper = deletionhelper.NewDeletionHelper(
|
||||
ic.hasFinalizerFunc,
|
||||
ic.removeFinalizerFunc,
|
||||
ic.addFinalizerFunc,
|
||||
// objNameFunc
|
||||
func(obj pkg_runtime.Object) string {
|
||||
ingress := obj.(*extensions_v1beta1.Ingress)
|
||||
return ingress.Name
|
||||
},
|
||||
ic.updateTimeout,
|
||||
ic.eventRecorder,
|
||||
ic.ingressFederatedInformer,
|
||||
ic.federatedIngressUpdater,
|
||||
)
|
||||
return ic
|
||||
}
|
||||
|
||||
// Returns true if the given object has the given finalizer in its ObjectMeta.
|
||||
func (ic *IngressController) hasFinalizerFunc(obj pkg_runtime.Object, finalizer string) bool {
|
||||
ingress := obj.(*extensions_v1beta1.Ingress)
|
||||
for i := range ingress.ObjectMeta.Finalizers {
|
||||
if string(ingress.ObjectMeta.Finalizers[i]) == finalizer {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
// Removes the finalizer from the given objects ObjectMeta.
|
||||
// Assumes that the given object is a ingress.
|
||||
func (ic *IngressController) removeFinalizerFunc(obj pkg_runtime.Object, finalizer string) (pkg_runtime.Object, error) {
|
||||
ingress := obj.(*extensions_v1beta1.Ingress)
|
||||
newFinalizers := []string{}
|
||||
hasFinalizer := false
|
||||
for i := range ingress.ObjectMeta.Finalizers {
|
||||
if string(ingress.ObjectMeta.Finalizers[i]) != finalizer {
|
||||
newFinalizers = append(newFinalizers, ingress.ObjectMeta.Finalizers[i])
|
||||
} else {
|
||||
hasFinalizer = true
|
||||
}
|
||||
}
|
||||
if !hasFinalizer {
|
||||
// Nothing to do.
|
||||
return obj, nil
|
||||
}
|
||||
ingress.ObjectMeta.Finalizers = newFinalizers
|
||||
ingress, err := ic.federatedApiClient.Extensions().Ingresses(ingress.Namespace).Update(ingress)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to remove finalizer %s from ingress %s: %v", finalizer, ingress.Name, err)
|
||||
}
|
||||
return ingress, nil
|
||||
}
|
||||
|
||||
// Adds the given finalizer to the given objects ObjectMeta.
|
||||
// Assumes that the given object is a ingress.
|
||||
func (ic *IngressController) addFinalizerFunc(obj pkg_runtime.Object, finalizer string) (pkg_runtime.Object, error) {
|
||||
ingress := obj.(*extensions_v1beta1.Ingress)
|
||||
ingress.ObjectMeta.Finalizers = append(ingress.ObjectMeta.Finalizers, finalizer)
|
||||
ingress, err := ic.federatedApiClient.Extensions().Ingresses(ingress.Namespace).Update(ingress)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to add finalizer %s to ingress %s: %v", finalizer, ingress.Name, err)
|
||||
}
|
||||
return ingress, nil
|
||||
}
|
||||
|
||||
func (ic *IngressController) Run(stopChan <-chan struct{}) {
|
||||
glog.Infof("Starting Ingress Controller")
|
||||
go ic.ingressInformerController.Run(stopChan)
|
||||
@@ -584,7 +651,7 @@ func (ic *IngressController) reconcileIngress(ingress types.NamespacedName) {
|
||||
}
|
||||
|
||||
key := ingress.String()
|
||||
baseIngressObj, exist, err := ic.ingressInformerStore.GetByKey(key)
|
||||
baseIngressObjFromStore, exist, err := ic.ingressInformerStore.GetByKey(key)
|
||||
if err != nil {
|
||||
glog.Errorf("Failed to query main ingress store for %v: %v", ingress, err)
|
||||
ic.deliverIngress(ingress, 0, true)
|
||||
@@ -595,13 +662,38 @@ func (ic *IngressController) reconcileIngress(ingress types.NamespacedName) {
|
||||
glog.V(4).Infof("Ingress %q is not federated. Ignoring.", ingress)
|
||||
return
|
||||
}
|
||||
baseIngressObj, err := conversion.NewCloner().DeepCopy(baseIngressObjFromStore)
|
||||
baseIngress, ok := baseIngressObj.(*extensions_v1beta1.Ingress)
|
||||
if !ok {
|
||||
glog.Errorf("Internal Error: Object retrieved from ingressInformerStore with key %q is not of correct type *extensions_v1beta1.Ingress: %v", key, baseIngressObj)
|
||||
if err != nil || !ok {
|
||||
glog.Errorf("Internal Error %v : Object retrieved from ingressInformerStore with key %q is not of correct type *extensions_v1beta1.Ingress: %v", err, key, baseIngressObj)
|
||||
} else {
|
||||
glog.V(4).Infof("Base (federated) ingress: %v", baseIngress)
|
||||
}
|
||||
|
||||
if baseIngress.DeletionTimestamp != nil {
|
||||
if err := ic.delete(baseIngress); err != nil {
|
||||
glog.Errorf("Failed to delete %s: %v", ingress, err)
|
||||
ic.eventRecorder.Eventf(baseIngress, api.EventTypeNormal, "DeleteFailed",
|
||||
"Ingress delete failed: %v", err)
|
||||
ic.deliverIngress(ingress, 0, true)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
glog.V(3).Infof("Ensuring delete object from underlying clusters finalizer for ingress: %s",
|
||||
baseIngress.Name)
|
||||
// Add the required finalizers before creating a ingress in underlying clusters.
|
||||
updatedIngressObj, err := ic.deletionHelper.EnsureFinalizers(baseIngress)
|
||||
if err != nil {
|
||||
glog.Errorf("Failed to ensure delete object from underlying clusters finalizer in ingress %s: %v",
|
||||
baseIngress.Name, err)
|
||||
ic.deliverIngress(ingress, 0, false)
|
||||
return
|
||||
}
|
||||
baseIngress = updatedIngressObj.(*extensions_v1beta1.Ingress)
|
||||
|
||||
glog.V(3).Infof("Syncing ingress %s in underlying clusters", baseIngress.Name)
|
||||
|
||||
clusters, err := ic.ingressFederatedInformer.GetReadyClusters()
|
||||
if err != nil {
|
||||
glog.Errorf("Failed to get cluster list: %v", err)
|
||||
@@ -636,7 +728,7 @@ func (ic *IngressController) reconcileIngress(ingress types.NamespacedName) {
|
||||
}
|
||||
desiredIngress.Spec = objSpec.(extensions_v1beta1.IngressSpec)
|
||||
if !ok {
|
||||
glog.Errorf("Internal error: Failed to cast to extensions_v1beta1.IngressSpec: %v", objSpec)
|
||||
glog.Errorf("Internal error: Failed to cast to extensions_v1beta1.Ingressespec: %v", objSpec)
|
||||
}
|
||||
glog.V(4).Infof("Desired Ingress: %v", desiredIngress)
|
||||
|
||||
@@ -772,3 +864,23 @@ func (ic *IngressController) reconcileIngress(ingress types.NamespacedName) {
|
||||
// Schedule another periodic reconciliation, only to account for possible bugs in watch processing.
|
||||
ic.deliverIngress(ingress, ic.ingressReviewDelay, false)
|
||||
}
|
||||
|
||||
// delete deletes the given ingress or returns error if the deletion was not complete.
|
||||
func (ic *IngressController) delete(ingress *extensions_v1beta1.Ingress) error {
|
||||
glog.V(3).Infof("Handling deletion of ingress: %v", *ingress)
|
||||
_, err := ic.deletionHelper.HandleObjectInUnderlyingClusters(ingress)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
err = ic.federatedApiClient.Extensions().Ingresses(ingress.Namespace).Delete(ingress.Name, nil)
|
||||
if err != nil {
|
||||
// Its all good if the error is not found error. That means it is deleted already and we do not have to do anything.
|
||||
// This is expected when we are processing an update as a result of ingress finalizer deletion.
|
||||
// The process that deleted the last finalizer is also going to delete the ingress and we do not have to do anything.
|
||||
if !errors.IsNotFound(err) {
|
||||
return fmt.Errorf("failed to delete ingress: %v", err)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
@@ -25,12 +25,17 @@ import (
|
||||
federation_api "k8s.io/kubernetes/federation/apis/federation/v1beta1"
|
||||
fake_fedclientset "k8s.io/kubernetes/federation/client/clientset_generated/federation_release_1_5/fake"
|
||||
"k8s.io/kubernetes/federation/pkg/federation-controller/util"
|
||||
"k8s.io/kubernetes/federation/pkg/federation-controller/util/deletionhelper"
|
||||
. "k8s.io/kubernetes/federation/pkg/federation-controller/util/test"
|
||||
"k8s.io/kubernetes/pkg/api/errors"
|
||||
api_v1 "k8s.io/kubernetes/pkg/api/v1"
|
||||
extensions_v1beta1 "k8s.io/kubernetes/pkg/apis/extensions/v1beta1"
|
||||
"k8s.io/kubernetes/pkg/client/cache"
|
||||
kubeclientset "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_5"
|
||||
fake_kubeclientset "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_5/fake"
|
||||
"k8s.io/kubernetes/pkg/runtime"
|
||||
"k8s.io/kubernetes/pkg/types"
|
||||
"k8s.io/kubernetes/pkg/util/wait"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
@@ -51,7 +56,7 @@ func TestIngressController(t *testing.T) {
|
||||
fedIngressWatch := RegisterFakeWatch("ingresses", &fedClient.Fake)
|
||||
clusterWatch := RegisterFakeWatch("clusters", &fedClient.Fake)
|
||||
fedClusterUpdateChan := RegisterFakeCopyOnUpdate("clusters", &fedClient.Fake, clusterWatch)
|
||||
fedIngressUpdateChan := RegisterFakeCopyOnUpdate("ingresses", &fedClient.Fake, fedIngressWatch)
|
||||
//fedIngressUpdateChan := RegisterFakeCopyOnUpdate("ingresses", &fedClient.Fake, fedIngressWatch)
|
||||
|
||||
cluster1Client := &fake_kubeclientset.Clientset{}
|
||||
RegisterFakeList("ingresses", &cluster1Client.Fake, &extensions_v1beta1.IngressList{Items: []extensions_v1beta1.Ingress{}})
|
||||
@@ -59,7 +64,7 @@ func TestIngressController(t *testing.T) {
|
||||
cluster1IngressWatch := RegisterFakeWatch("ingresses", &cluster1Client.Fake)
|
||||
cluster1ConfigMapWatch := RegisterFakeWatch("configmaps", &cluster1Client.Fake)
|
||||
cluster1IngressCreateChan := RegisterFakeCopyOnCreate("ingresses", &cluster1Client.Fake, cluster1IngressWatch)
|
||||
cluster1IngressUpdateChan := RegisterFakeCopyOnUpdate("ingresses", &cluster1Client.Fake, cluster1IngressWatch)
|
||||
// cluster1IngressUpdateChan := RegisterFakeCopyOnUpdate("ingresses", &cluster1Client.Fake, cluster1IngressWatch)
|
||||
|
||||
cluster2Client := &fake_kubeclientset.Clientset{}
|
||||
RegisterFakeList("ingresses", &cluster2Client.Fake, &extensions_v1beta1.IngressList{Items: []extensions_v1beta1.Ingress{}})
|
||||
@@ -85,8 +90,8 @@ func TestIngressController(t *testing.T) {
|
||||
configMapInformer := ToFederatedInformerForTestOnly(ingressController.configMapFederatedInformer)
|
||||
configMapInformer.SetClientFactory(clientFactoryFunc)
|
||||
ingressController.clusterAvailableDelay = time.Second
|
||||
ingressController.ingressReviewDelay = 50 * time.Millisecond
|
||||
ingressController.configMapReviewDelay = 50 * time.Millisecond
|
||||
ingressController.ingressReviewDelay = 10 * time.Millisecond
|
||||
ingressController.configMapReviewDelay = 10 * time.Millisecond
|
||||
ingressController.smallDelay = 20 * time.Millisecond
|
||||
ingressController.updateTimeout = 5 * time.Second
|
||||
|
||||
@@ -121,20 +126,44 @@ func TestIngressController(t *testing.T) {
|
||||
// Test add federated ingress.
|
||||
t.Log("Adding Federated Ingress")
|
||||
fedIngressWatch.Add(&ing1)
|
||||
/*
|
||||
// TODO: Re-enable this when we have fixed these flaky tests: https://github.com/kubernetes/kubernetes/issues/36540.
|
||||
t.Logf("Checking that approproate finalizers are added")
|
||||
// There should be 2 updates to add both the finalizers.
|
||||
updatedIngress := GetIngressFromChan(t, fedIngressUpdateChan)
|
||||
assert.True(t, ingressController.hasFinalizerFunc(updatedIngress, deletionhelper.FinalizerDeleteFromUnderlyingClusters))
|
||||
updatedIngress = GetIngressFromChan(t, fedIngressUpdateChan)
|
||||
assert.True(t, ingressController.hasFinalizerFunc(updatedIngress, api_v1.FinalizerOrphan), fmt.Sprintf("ingress does not have the orphan finalizer: %v", updatedIngress))
|
||||
ing1 = *updatedIngress
|
||||
*/
|
||||
t.Log("Checking that Ingress was correctly created in cluster 1")
|
||||
createdIngress := GetIngressFromChan(t, cluster1IngressCreateChan)
|
||||
assert.NotNil(t, createdIngress)
|
||||
assert.True(t, reflect.DeepEqual(ing1.Spec, createdIngress.Spec), "Spec of created ingress is not equal")
|
||||
assert.True(t, util.ObjectMetaEquivalent(ing1.ObjectMeta, createdIngress.ObjectMeta), "Metadata of created object is not equivalent")
|
||||
// Wait for finalizers to appear in federation store.
|
||||
// assert.NoError(t, WaitForFinalizersInFederationStore(ingressController, ingressController.ingressInformerStore,
|
||||
// types.NamespacedName{Namespace: ing1.Namespace, Name: ing1.Name}.String()), "finalizers not found in federated ingress")
|
||||
// Wait for the cluster ingress to appear in cluster store.
|
||||
assert.NoError(t, WaitForIngressInClusterStore(ingressController.ingressFederatedInformer.GetTargetStore(), cluster1.Name,
|
||||
types.NamespacedName{Namespace: createdIngress.Namespace, Name: createdIngress.Name}.String()),
|
||||
"Created ingress not found in underlying cluster store")
|
||||
|
||||
/*
|
||||
// TODO: Re-enable this when we have fixed these flaky tests: https://github.com/kubernetes/kubernetes/issues/36540.
|
||||
// Test that IP address gets transferred from cluster ingress to federated ingress.
|
||||
t.Log("Checking that IP address gets transferred from cluster ingress to federated ingress")
|
||||
createdIngress.Status.LoadBalancer.Ingress = append(createdIngress.Status.LoadBalancer.Ingress, api_v1.LoadBalancerIngress{IP: "1.2.3.4"})
|
||||
cluster1IngressWatch.Modify(createdIngress)
|
||||
updatedIngress := GetIngressFromChan(t, fedIngressUpdateChan)
|
||||
// Wait for store to see the updated cluster ingress.
|
||||
assert.NoError(t, WaitForStatusUpdate(t, ingressController.ingressFederatedInformer.GetTargetStore(),
|
||||
cluster1.Name, types.NamespacedName{Namespace: createdIngress.Namespace, Name: createdIngress.Name}.String(),
|
||||
createdIngress.Status.LoadBalancer, 4*wait.ForeverTestTimeout))
|
||||
updatedIngress = GetIngressFromChan(t, fedIngressUpdateChan)
|
||||
assert.NotNil(t, updatedIngress, "Cluster's ingress load balancer status was not correctly transferred to the federated ingress")
|
||||
if updatedIngress != nil {
|
||||
assert.True(t, reflect.DeepEqual(createdIngress.Status.LoadBalancer.Ingress, updatedIngress.Status.LoadBalancer.Ingress), fmt.Sprintf("Ingress IP was not transferred from cluster ingress to federated ingress. %v is not equal to %v", createdIngress.Status.LoadBalancer.Ingress, updatedIngress.Status.LoadBalancer.Ingress))
|
||||
t.Logf("expected: %v, actual: %v", createdIngress, updatedIngress)
|
||||
}
|
||||
|
||||
// Test update federated ingress.
|
||||
@@ -149,6 +178,7 @@ func TestIngressController(t *testing.T) {
|
||||
assert.NotNil(t, updatedIngress2)
|
||||
assert.True(t, reflect.DeepEqual(updatedIngress2.Spec, updatedIngress.Spec), "Spec of updated ingress is not equal")
|
||||
assert.Equal(t, updatedIngress2.ObjectMeta.Annotations["A"], updatedIngress.ObjectMeta.Annotations["A"], "Updated annotation not transferred from federated to cluster ingress.")
|
||||
*/
|
||||
// Test add cluster
|
||||
t.Log("Adding a second cluster")
|
||||
ing1.Annotations = make(map[string]string)
|
||||
@@ -207,3 +237,53 @@ func NewConfigMap(uid string) *api_v1.ConfigMap {
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
// Wait for finalizers to appear in federation store.
|
||||
func WaitForFinalizersInFederationStore(ingressController *IngressController, store cache.Store, key string) error {
|
||||
retryInterval := 100 * time.Millisecond
|
||||
timeout := wait.ForeverTestTimeout
|
||||
err := wait.PollImmediate(retryInterval, timeout, func() (bool, error) {
|
||||
obj, found, err := store.GetByKey(key)
|
||||
if !found || err != nil {
|
||||
return false, err
|
||||
}
|
||||
ingress := obj.(*extensions_v1beta1.Ingress)
|
||||
if ingressController.hasFinalizerFunc(ingress, api_v1.FinalizerOrphan) &&
|
||||
ingressController.hasFinalizerFunc(ingress, deletionhelper.FinalizerDeleteFromUnderlyingClusters) {
|
||||
return true, nil
|
||||
}
|
||||
return false, nil
|
||||
})
|
||||
return err
|
||||
}
|
||||
|
||||
// Wait for the cluster ingress to appear in cluster store.
|
||||
func WaitForIngressInClusterStore(store util.FederatedReadOnlyStore, clusterName, key string) error {
|
||||
retryInterval := 100 * time.Millisecond
|
||||
timeout := wait.ForeverTestTimeout
|
||||
err := wait.PollImmediate(retryInterval, timeout, func() (bool, error) {
|
||||
_, found, err := store.GetByKey(clusterName, key)
|
||||
if found && err == nil {
|
||||
return true, nil
|
||||
}
|
||||
if errors.IsNotFound(err) {
|
||||
return false, nil
|
||||
}
|
||||
return false, err
|
||||
})
|
||||
return err
|
||||
}
|
||||
|
||||
// Wait for ingress status to be updated to match the desiredStatus.
|
||||
func WaitForStatusUpdate(t *testing.T, store util.FederatedReadOnlyStore, clusterName, key string, desiredStatus api_v1.LoadBalancerStatus, timeout time.Duration) error {
|
||||
retryInterval := 100 * time.Millisecond
|
||||
err := wait.PollImmediate(retryInterval, timeout, func() (bool, error) {
|
||||
obj, found, err := store.GetByKey(clusterName, key)
|
||||
if !found || err != nil {
|
||||
return false, err
|
||||
}
|
||||
ingress := obj.(*extensions_v1beta1.Ingress)
|
||||
return reflect.DeepEqual(ingress.Status.LoadBalancer, desiredStatus), nil
|
||||
})
|
||||
return err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user