From 9ad5cf7465c02ff5c004eb9243692c93e63209b4 Mon Sep 17 00:00:00 2001 From: Joel Speed Date: Tue, 24 Mar 2020 17:43:34 +0000 Subject: [PATCH] Restrict handler to namespace --- cmd/termination-handler/main.go | 3 ++- pkg/termination/handler.go | 10 ++++++---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/cmd/termination-handler/main.go b/cmd/termination-handler/main.go index a28551601a..c4a4a0500c 100644 --- a/cmd/termination-handler/main.go +++ b/cmd/termination-handler/main.go @@ -39,6 +39,7 @@ func main() { pollIntervalSeconds := flag.Int64("poll-interval-seconds", 5, "interval in seconds at which termination notice endpoint should be checked (Default: 5)") nodeName := flag.String("node-name", "", "name of the node that the termination handler is running on") + namespace := flag.String("namespace", "", "namespace that the machine for the node should live in. If unspecified, the look for machines across all namespaces.") flag.Set("logtostderr", "true") flag.Parse() @@ -58,7 +59,7 @@ func main() { pollInterval := time.Duration(*pollIntervalSeconds) * time.Second // Construct a termination handler - handler, err := termination.NewHandler(logger, cfg, pollInterval, *nodeName) + handler, err := termination.NewHandler(logger, cfg, pollInterval, *namespace, *nodeName) if err != nil { logger.Error(err, "Error constructing termination handler") return diff --git a/pkg/termination/handler.go b/pkg/termination/handler.go index c454cc9e23..375694b2ab 100644 --- a/pkg/termination/handler.go +++ b/pkg/termination/handler.go @@ -27,7 +27,7 @@ type Handler interface { } // NewHandler constructs a new Handler -func NewHandler(logger logr.Logger, cfg *rest.Config, pollInterval time.Duration, nodeName string) (Handler, error) { +func NewHandler(logger logr.Logger, cfg *rest.Config, pollInterval time.Duration, namespace, nodeName string) (Handler, error) { machinev1.AddToScheme(scheme.Scheme) c, err := client.New(cfg, client.Options{Scheme: scheme.Scheme}) if err != nil { @@ -40,13 +40,14 @@ func NewHandler(logger logr.Logger, cfg *rest.Config, pollInterval time.Duration panic(err) } - logger = logger.WithValues("node", nodeName) + logger = logger.WithValues("node", nodeName, "namespace", namespace) return &handler{ client: c, pollURL: pollURL, pollInterval: pollInterval, nodeName: nodeName, + namespace: namespace, log: logger, }, nil } @@ -58,6 +59,7 @@ type handler struct { pollURL *url.URL pollInterval time.Duration nodeName string + namespace string log logr.Logger } @@ -92,7 +94,7 @@ func (h *handler) run(ctx context.Context, wg *sync.WaitGroup) error { return fmt.Errorf("error fetching machine for node (%q): %v", h.nodeName, err) } - logger := h.log.WithValues("namespace", machine.Namespace, "machine", machine.Name) + logger := h.log.WithValues("machine", machine.Name) logger.V(1).Info("Monitoring node for machine") if err := wait.PollImmediateUntil(h.pollInterval, func() (bool, error) { @@ -128,7 +130,7 @@ func (h *handler) run(ctx context.Context, wg *sync.WaitGroup) error { // getMachineForNodeName finds the Machine associated with the Node name given func (h *handler) getMachineForNode(ctx context.Context) (*machinev1.Machine, error) { machineList := &machinev1.MachineList{} - err := h.client.List(ctx, machineList) + err := h.client.List(ctx, machineList, client.InNamespace(h.namespace)) if err != nil { return nil, fmt.Errorf("error listing machines: %v", err) }