Implement endpointslices predicates

This commit adds predicates to the endpointslices controller
to state if an object should reconciled or not.

Signed-off-by: Elis Lulja <[email protected]>

Author: asimpleidea

controllers/base.go

@@ -20,11 +20,13 @@ import (
 	"context"
 	"fmt"
 	"strings"
+	"time"
 
 	"github.com/CloudNativeSDWAN/cnwan-operator/internal/types"
 	sr "github.com/CloudNativeSDWAN/cnwan-operator/pkg/servregistry"
 	"github.com/go-logr/logr"
 	corev1 "k8s.io/api/core/v1"
+	"k8s.io/api/discovery/v1beta1"
 	"k8s.io/apimachinery/pkg/runtime"
 	ktypes "k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -128,6 +130,36 @@ func (b *BaseReconciler) filterAnnotations(annotations map[string]string) map[st
 	return filtered
 }
 
+func (b *BaseReconciler) shouldWatchEpSlice(epslice *v1beta1.EndpointSlice) bool {
+	srvName, exists := epslice.Labels[v1beta1.LabelServiceName]
+	if !exists {
+		return false
+	}
+
+	ctx, canc := context.WithTimeout(context.Background(), 30*time.Second)
+	defer canc()
+
+	var srv corev1.Service
+	if err := b.Get(ctx, ktypes.NamespacedName{Name: srvName, Namespace: epslice.Namespace}, &srv); err != nil {
+		b.Log.Error(err, "error while getting service from endpointslice", "endpointslice", epslice.Name)
+		return false
+	}
+	if !b.shouldWatchSrv(&srv) {
+		return false
+	}
+
+	enabled := srv.Labels[countPodsLabelKey]
+	if strings.ToLower(enabled) != enableVal {
+		return false
+	}
+
+	if epslice.AddressType != v1beta1.AddressTypeIPv4 {
+		return false
+	}
+
+	return true
+}
+
 // NamespaceReconciler returns a namespace reconciler starting from this
 // base reconciler.
 func (b *BaseReconciler) NamespaceReconciler() *NamespaceReconciler {

controllers/base_test.go

@@ -23,6 +23,7 @@ import (
 	"github.com/CloudNativeSDWAN/cnwan-operator/internal/types"
 	"github.com/stretchr/testify/assert"
 	corev1 "k8s.io/api/core/v1"
+	"k8s.io/api/discovery/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	ctrl "sigs.k8s.io/controller-runtime"
@@ -284,3 +285,191 @@ func TestShouldWatchSrv(t *testing.T) {
 		}
 	}
 }
+
+func TestShouldWatchEpSlice(t *testing.T) {
+	a := assert.New(t)
+	cases := []struct {
+		eps    *v1beta1.EndpointSlice
+		cli    client.Client
+		expRes bool
+	}{
+		{
+			eps: &v1beta1.EndpointSlice{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: "ns-name",
+					Labels:    map[string]string{},
+				},
+			},
+		},
+		{
+			eps: &v1beta1.EndpointSlice{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: "ns-name",
+					Labels: map[string]string{
+						v1beta1.LabelServiceName: "srv-name",
+					},
+				},
+			},
+			cli: func() client.Client {
+				scheme := runtime.NewScheme()
+				corev1.AddToScheme(scheme)
+				return fakecli.NewFakeClientWithScheme(scheme)
+			}(),
+		},
+		{
+			eps: &v1beta1.EndpointSlice{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: "ns-name",
+					Labels: map[string]string{
+						v1beta1.LabelServiceName: "srv-name",
+					},
+				},
+			},
+			cli: func() client.Client {
+				scheme := runtime.NewScheme()
+				corev1.AddToScheme(scheme)
+				return fakecli.NewFakeClientWithScheme(scheme, &corev1.Namespace{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:   "ns-name",
+						Labels: map[string]string{},
+					},
+				}, &corev1.Service{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      "srv-name",
+						Namespace: "ns-name",
+						Labels:    map[string]string{},
+					},
+				})
+			}(),
+		},
+		{
+			eps: &v1beta1.EndpointSlice{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: "ns-name",
+					Labels: map[string]string{
+						v1beta1.LabelServiceName: "srv-name",
+					},
+				},
+			},
+			cli: func() client.Client {
+				scheme := runtime.NewScheme()
+				corev1.AddToScheme(scheme)
+				return fakecli.NewFakeClientWithScheme(scheme, &corev1.Namespace{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:   "ns-name",
+						Labels: map[string]string{string(types.AllowedKey): "whatever"},
+					},
+				}, &corev1.Service{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:        "srv-name",
+						Namespace:   "ns-name",
+						Annotations: map[string]string{"yes": "no"},
+						Labels:      map[string]string{countPodsLabelKey: disableVal},
+					},
+					Spec: corev1.ServiceSpec{
+						Type: corev1.ServiceTypeLoadBalancer,
+					},
+					Status: corev1.ServiceStatus{
+						LoadBalancer: corev1.LoadBalancerStatus{
+							Ingress: []corev1.LoadBalancerIngress{
+								{IP: "10.10.10.10"},
+							},
+						},
+					},
+				})
+			}(),
+		},
+		{
+			eps: &v1beta1.EndpointSlice{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: "ns-name",
+					Labels: map[string]string{
+						v1beta1.LabelServiceName: "srv-name",
+					},
+				},
+			},
+			cli: func() client.Client {
+				scheme := runtime.NewScheme()
+				corev1.AddToScheme(scheme)
+				return fakecli.NewFakeClientWithScheme(scheme, &corev1.Namespace{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:   "ns-name",
+						Labels: map[string]string{string(types.AllowedKey): "whatever"},
+					},
+				}, &corev1.Service{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:        "srv-name",
+						Namespace:   "ns-name",
+						Annotations: map[string]string{"yes": "no"},
+						Labels:      map[string]string{countPodsLabelKey: enableVal},
+					},
+					Spec: corev1.ServiceSpec{
+						Type: corev1.ServiceTypeLoadBalancer,
+					},
+					Status: corev1.ServiceStatus{
+						LoadBalancer: corev1.LoadBalancerStatus{
+							Ingress: []corev1.LoadBalancerIngress{
+								{IP: "10.10.10.10"},
+							},
+						},
+					},
+				})
+			}(),
+		},
+		{
+			eps: &v1beta1.EndpointSlice{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: "ns-name",
+					Labels: map[string]string{
+						v1beta1.LabelServiceName: "srv-name",
+					},
+				},
+				AddressType: v1beta1.AddressTypeIPv4,
+			},
+			cli: func() client.Client {
+				scheme := runtime.NewScheme()
+				corev1.AddToScheme(scheme)
+				return fakecli.NewFakeClientWithScheme(scheme, &corev1.Namespace{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:   "ns-name",
+						Labels: map[string]string{string(types.AllowedKey): "whatever"},
+					},
+				}, &corev1.Service{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:        "srv-name",
+						Namespace:   "ns-name",
+						Annotations: map[string]string{"yes": "no"},
+						Labels:      map[string]string{countPodsLabelKey: enableVal},
+					},
+					Spec: corev1.ServiceSpec{
+						Type: corev1.ServiceTypeLoadBalancer,
+					},
+					Status: corev1.ServiceStatus{
+						LoadBalancer: corev1.LoadBalancerStatus{
+							Ingress: []corev1.LoadBalancerIngress{
+								{IP: "10.10.10.10"},
+							},
+						},
+					},
+				})
+			}(),
+			expRes: true,
+		},
+	}
+	failed := func(i int) {
+		a.FailNow(fmt.Sprintf("case %d failed", i))
+	}
+	for i, currCase := range cases {
+		b := &BaseReconciler{
+			Client:             currCase.cli,
+			Log:                ctrl.Log.WithName("test"),
+			AllowedAnnotations: map[string]bool{"yes": true},
+			CurrentNsPolicy:    types.AllowList,
+		}
+
+		res := b.shouldWatchEpSlice(currCase.eps)
+		if !a.Equal(currCase.expRes, res) {
+			failed(i)
+		}
+	}
+}

controllers/endpointslice_controller.go

@@ -18,18 +18,37 @@ package controllers
 
 import (
 	"context"
+	"sync"
 
+	"k8s.io/api/discovery/v1beta1"
 	discoveryv1beta1 "k8s.io/api/discovery/v1beta1"
+	ktypes "k8s.io/apimachinery/pkg/types"
 	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/event"
+	"sigs.k8s.io/controller-runtime/pkg/predicate"
 )
 
+const (
+	countPodsLabelKey string = "operator.cnwan.io/pods-count"
+	enableVal         string = "enabled"
+	disableVal        string = "disabled"
+)
+
+type epsData struct {
+	count int
+	srv   string
+}
+
 // EndpointSliceReconciler reconciles a EndpointSlice object
 type EndpointSliceReconciler struct {
 	*BaseReconciler
+
+	lock           sync.Mutex
+	epsDataActions map[string]*epsData
+	srvCounts      map[string]map[string]int
 }
 
 // +kubebuilder:rbac:groups=discovery.k8s.io,resources=endpointslice,verbs=get;list;watch;create;update;patch;delete
-// +kubebuilder:rbac:groups=discovery.k8s.io,resources=endpointslice/status,verbs=get;update;patch
 
 // Reconcile keeps track counts in the endpointslice length
 func (r *EndpointSliceReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) {
@@ -43,7 +62,77 @@ func (r *EndpointSliceReconciler) Reconcile(req ctrl.Request) (ctrl.Result, erro
 
 // SetupWithManager sets this reconciler with the manager.
 func (r *EndpointSliceReconciler) SetupWithManager(mgr ctrl.Manager) error {
+	r.epsDataActions = map[string]*epsData{}
+	r.srvCounts = map[string]map[string]int{}
+	predicates := predicate.Funcs{
+		CreateFunc: r.createPredicate,
+		UpdateFunc: r.updatePredicate,
+		DeleteFunc: r.deletePredicate,
+	}
+
 	return ctrl.NewControllerManagedBy(mgr).
 		For(&discoveryv1beta1.EndpointSlice{}).
+		WithEventFilter(predicates).
 		Complete(r)
 }
+
+func (r *EndpointSliceReconciler) createPredicate(ev event.CreateEvent) bool {
+	epslice, ok := ev.Object.(*v1beta1.EndpointSlice)
+	if !ok {
+		return false
+	}
+
+	if !r.shouldWatchEpSlice(epslice) {
+		return false
+	}
+
+	namespacedName := ktypes.NamespacedName{Namespace: epslice.Namespace, Name: epslice.Name}.String()
+	epCount := 0
+	for _, ep := range epslice.Endpoints {
+		if ep.Conditions.Ready != nil && !*ep.Conditions.Ready {
+			r.Log.WithValues("name", namespacedName).Info("found some in not ready", "len", len(ep.Addresses))
+			continue
+		}
+		epCount += len(ep.Addresses)
+	}
+
+	r.Log.WithValues("name", namespacedName).Info("calculated len for this epslice", "len", epCount)
+
+	r.lock.Lock()
+	defer r.lock.Unlock()
+	r.epsDataActions[namespacedName] = &epsData{
+		srv:   epslice.Labels[v1beta1.LabelServiceName],
+		count: epCount,
+	}
+
+	return true
+}
+
+func (r *EndpointSliceReconciler) updatePredicate(ev event.UpdateEvent) bool {
+	evNew := event.CreateEvent{
+		Meta:   ev.MetaNew,
+		Object: ev.ObjectNew,
+	}
+	return r.createPredicate(evNew)
+}
+
+func (r *EndpointSliceReconciler) deletePredicate(ev event.DeleteEvent) bool {
+	epslice, ok := ev.Object.(*v1beta1.EndpointSlice)
+	if !ok {
+		return false
+	}
+
+	if !r.shouldWatchEpSlice(epslice) {
+		return false
+	}
+
+	namespacedName := ktypes.NamespacedName{Namespace: epslice.Namespace, Name: epslice.Name}.String()
+	r.lock.Lock()
+	defer r.lock.Unlock()
+	r.epsDataActions[namespacedName] = &epsData{
+		srv:   epslice.Labels[v1beta1.LabelServiceName],
+		count: 0,
+	}
+
+	return true
+}