From bd369e211422ca9152c3cd5dc23247c354a653d8 Mon Sep 17 00:00:00 2001 From: "kevin.qiao" Date: Thu, 19 Oct 2023 12:01:40 +0800 Subject: [PATCH] watch desired namespaces (#355) * watch desired namespaces * remove unused image --- .../templates/controller-manager-deployment.yaml | 6 ++++++ charts/nebula-operator/values.yaml | 7 ++++--- cmd/autoscaler/app/autoscaler.go | 12 +++++++++--- cmd/autoscaler/app/options/options.go | 5 +++++ cmd/controller-manager/app/controller-manager.go | 10 ++++++++-- cmd/controller-manager/app/options/options.go | 5 +++-- 6 files changed, 35 insertions(+), 10 deletions(-) diff --git a/charts/nebula-operator/templates/controller-manager-deployment.yaml b/charts/nebula-operator/templates/controller-manager-deployment.yaml index 4b484b38..295f2177 100644 --- a/charts/nebula-operator/templates/controller-manager-deployment.yaml +++ b/charts/nebula-operator/templates/controller-manager-deployment.yaml @@ -26,6 +26,9 @@ spec: command: - /usr/local/bin/controller-manager args: + {{- if .Values.watchNamespaces }} + - --watch-namespaces={{ .Values.watchNamespaces }} + {{- end }} - --sync-period={{ .Values.syncPeriod }} - --concurrent-nebulacluster-syncs={{ .Values.concurrentNebulaClusterSyncs }} - --concurrent-nebularestore-syncs={{ .Values.concurrentNebulaRestoreSyncs }} @@ -76,6 +79,9 @@ spec: command: - /usr/local/bin/autoscaler args: + {{- if .Values.watchNamespaces }} + - --watch-namespaces={{ .Values.watchNamespaces }} + {{- end }} - --concurrent-autoscaler-syncs={{ .Values.concurrentAutoscalerSyncs }} - --health-probe-bind-address=:8091 - --metrics-bind-address=:8090 diff --git a/charts/nebula-operator/values.yaml b/charts/nebula-operator/values.yaml index f2cda3c5..e23d535c 100644 --- a/charts/nebula-operator/values.yaml +++ b/charts/nebula-operator/values.yaml @@ -2,9 +2,6 @@ image: nebulaOperator: image: vesoft/nebula-operator:latest imagePullPolicy: Always - kubeRBACProxy: - image: bitnami/kube-rbac-proxy:0.14.2 - imagePullPolicy: Always imagePullSecrets: [ ] kubernetesClusterDomain: "" @@ -49,6 +46,10 @@ enableKruiseScheme: false # Period at which the controller forces the repopulation of its local object stores. (default 0h30m0s) syncPeriod: 0h30m0s +# Namespaces restricts the controller watches for updates to Kubernetes objects. If empty, all namespaces are watched. +# e.g. ns1,ns2,ns3 +watchNamespaces: "" + # The number of NebulaCluster objects that are allowed to sync concurrently. (default 5) concurrentNebulaClusterSyncs: 5 diff --git a/cmd/autoscaler/app/autoscaler.go b/cmd/autoscaler/app/autoscaler.go index a94f0792..4f53aa93 100644 --- a/cmd/autoscaler/app/autoscaler.go +++ b/cmd/autoscaler/app/autoscaler.go @@ -85,6 +85,12 @@ func Run(ctx context.Context, opts *options.Options) error { profileflag.ListenAndServe(opts.ProfileOpts) + if len(opts.Namespaces) == 0 { + klog.Info("nebula-autoscaler watches all namespaces") + } else { + klog.Infof("nebula-autoscaler watches namespaces %v", opts.Namespaces) + } + cfg, err := ctrlruntime.GetConfig() if err != nil { panic(err) @@ -105,7 +111,7 @@ func Run(ctx context.Context, opts *options.Options) error { Cache: cache.Options{ SyncPeriod: &opts.HPAOpts.HorizontalPodAutoscalerSyncPeriod.Duration, - //Namespaces: opts.Namespaces, + Namespaces: opts.Namespaces, }, Controller: config.Controller{ GroupKindConcurrency: map[string]int{ @@ -117,7 +123,7 @@ func Run(ctx context.Context, opts *options.Options) error { mgr, err := ctrlruntime.NewManager(cfg, ctrlOptions) if err != nil { - klog.Errorf("Failed to build controller manager: %v", err) + klog.Errorf("Failed to build nebula-autoscaler: %v", err) return err } @@ -146,7 +152,7 @@ func Run(ctx context.Context, opts *options.Options) error { } if err := mgr.Start(ctx); err != nil { - klog.Errorf("controller manager exits unexpectedly: %v", err) + klog.Errorf("nebula-autoscaler exits unexpectedly: %v", err) return err } diff --git a/cmd/autoscaler/app/options/options.go b/cmd/autoscaler/app/options/options.go index a7ba12cf..f56c81c1 100644 --- a/cmd/autoscaler/app/options/options.go +++ b/cmd/autoscaler/app/options/options.go @@ -47,6 +47,10 @@ var ( ) type Options struct { + // Namespaces restricts the cache's ListWatch to the desired namespaces + // Default watches all namespaces + Namespaces []string + // LeaderElection defines the configuration of leader election client. LeaderElection cbc.LeaderElectionConfiguration @@ -108,4 +112,5 @@ func (o *Options) AddFlags(flags *pflag.FlagSet) { flags.StringVar(&o.MetricsBindAddress, "metrics-bind-address", ":8080", "The TCP address that the controller should bind to for serving prometheus metrics(e.g. 127.0.0.1:8080, :8080). It can be set to \"0\" to disable the metrics serving.") flags.StringVar(&o.HealthProbeBindAddress, "health-probe-bind-address", ":8081", "The TCP address that the controller should bind to for serving health probes.(e.g. 127.0.0.1:8081, :8081). It can be set to \"0\" to disable the health probe serving.") + flags.StringSliceVar(&o.Namespaces, "watch-namespaces", nil, "Namespaces restricts the controller watches for updates to Kubernetes objects. If empty, all namespaces are watched. Multiple namespaces seperated by comma.(e.g. ns1,ns2,ns3).") } diff --git a/cmd/controller-manager/app/controller-manager.go b/cmd/controller-manager/app/controller-manager.go index b2943775..d4230d3f 100644 --- a/cmd/controller-manager/app/controller-manager.go +++ b/cmd/controller-manager/app/controller-manager.go @@ -96,6 +96,12 @@ func Run(ctx context.Context, opts *options.Options) error { klog.Info("register openkruise scheme") } + if len(opts.Namespaces) == 0 { + klog.Info("nebula-controller-manager watches all namespaces") + } else { + klog.Infof("nebula-controller-manager watches namespaces %v", opts.Namespaces) + } + cfg, err := ctrlruntime.GetConfig() if err != nil { panic(err) @@ -115,7 +121,7 @@ func Run(ctx context.Context, opts *options.Options) error { MetricsBindAddress: opts.MetricsBindAddress, Cache: cache.Options{ SyncPeriod: &opts.SyncPeriod.Duration, - //Namespaces: opts.Namespaces, + Namespaces: opts.Namespaces, }, Controller: config.Controller{ GroupKindConcurrency: map[string]int{ @@ -181,7 +187,7 @@ func Run(ctx context.Context, opts *options.Options) error { } if err := mgr.Start(ctx); err != nil { - klog.Errorf("controller manager exits unexpectedly: %v", err) + klog.Errorf("nebula-controller-manager exits unexpectedly: %v", err) return err } diff --git a/cmd/controller-manager/app/options/options.go b/cmd/controller-manager/app/options/options.go index b3630257..5fe6acfa 100644 --- a/cmd/controller-manager/app/options/options.go +++ b/cmd/controller-manager/app/options/options.go @@ -49,7 +49,7 @@ type Options struct { // Namespaces restricts the cache's ListWatch to the desired namespaces // Default watches all namespaces - Namespaces string + Namespaces []string // MetricsBindAddress is the TCP address that the controller should bind to // for serving prometheus metrics. @@ -109,7 +109,8 @@ func (o *Options) AddFlags(flags *pflag.FlagSet) { "The duration the clients should wait between attempting acquisition and renewal "+ "of a leadership. This is only applicable if leader election is enabled.") - flags.DurationVar(&o.SyncPeriod.Duration, "sync-period", 0, " Period at which the controller forces the repopulation of its local object stores.") + flags.DurationVar(&o.SyncPeriod.Duration, "sync-period", 0, "Period at which the controller forces the repopulation of its local object stores.") + flags.StringSliceVar(&o.Namespaces, "watch-namespaces", nil, "Namespaces restricts the controller watches for updates to Kubernetes objects. If empty, all namespaces are watched. Multiple namespaces seperated by comma.(e.g. ns1,ns2,ns3).") flags.StringVar(&o.MetricsBindAddress, "metrics-bind-address", ":8080", "The TCP address that the controller should bind to for serving prometheus metrics(e.g. 127.0.0.1:8080, :8080). It can be set to \"0\" to disable the metrics serving.") flags.StringVar(&o.HealthProbeBindAddress, "health-probe-bind-address", ":8081", "The TCP address that the controller should bind to for serving health probes.(e.g. 127.0.0.1:8081, :8081). It can be set to \"0\" to disable the health probe serving.") flags.IntVar(&o.ConcurrentNebulaClusterSyncs, "concurrent-nebulacluster-syncs", 5, "The number of NebulaCluster objects that are allowed to sync concurrently.")