Remove Istio dependency from Eventing (Part - 1)#1044
Conversation
knative-prow-robot
added
the
size/XXL
|
/assign @evankanderson |
|
/assign |
|
/assign @bbrowning |
|
I don't think this fixes #294, I want this PR to reference it rather than closing it. |
|
The following is the coverage report on pkg/.
|
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: akashrv, Harwayne The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
knative-prow-robot
added
the
approved
evankanderson
left a comment
evankanderson
left a comment
There was a problem hiding this comment.
Some comments now, since you asked for them anyway. :-D
| "sigs.k8s.io/controller-runtime/pkg/manager" | ||
| crlog "sigs.k8s.io/controller-runtime/pkg/runtime/log" | ||
| // Uncomment the following line to load the gcp plugin (only required to authenticate against GKE clusters). | ||
| // _ "k8s.io/client-go/plugin/pkg/client/auth/gcp" |
There was a problem hiding this comment.
This doesn't seem right -- why not just remove it?
There was a problem hiding this comment.
I kept it around as it helps with debugging. When I started working on controllers or anything that connects to GKE from my local machine I would get some config related error. After searching online I found threads that it is because of missing package. So I added it here and then commented it out as a nicety that could help others working on the code base.
| "sigs.k8s.io/controller-runtime/pkg/manager" | ||
| logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" | ||
| // Uncomment the following line to load the gcp plugin (only required to authenticate against GKE clusters). | ||
| // _ "k8s.io/client-go/plugin/pkg/client/auth/gcp" |
There was a problem hiding this comment.
Again, why not remove this here? It's clearly not needed, and seems like it would be simpler to just remove it.
There was a problem hiding this comment.
I kept it around as it helps with debugging. When I started working on controllers or anything that connects to GKE from my local machine I would get some config related error. After searching online I found threads that it is because of missing package. So I added it here and then commented it out as a nicety that could help others working on the code base.
| } | ||
| if err != nil { | ||
| if err = v1alpha1.AddToScheme(mgr.GetScheme()); err != nil { | ||
| logger.Error("Error while adding eventing scheme to manager.", zap.Error(err)) |
There was a problem hiding this comment.
Should this include the scheme?
There was a problem hiding this comment.
Is the question whether scheme is needed or should it be in this function?
-
Adding this scheme is necessary or else the watch through manager won't work
-
I considered whether I should add it here or in the channelwatcher.New function. Looking at rest of the code where controllers are created, I found that schemes are added in cmd/main rather than inside the controller. So I kept it this way to be consistent with rest of the code.
| return err | ||
| func listAllChannels(ctx context.Context, c client.Client) ([]v1alpha1.Channel, error) { | ||
| channels := make([]v1alpha1.Channel, 0) | ||
| for { |
There was a problem hiding this comment.
It might be worth a comment here indicating that this is a do... while loop on opts.Raw.Continue.
There was a problem hiding this comment.
In particular, I'm surprised that the client.Client interface doesn't perform the full listing.
A reading of the ListOptions struct suggests that pagination may only be provided if limit is set (and I suspect that many clients would have failures if this wasn't the case). Do you have evidence that the more complicated code with continue tokens is needed?
There was a problem hiding this comment.
This is probably copied from other code that added pagination support defensively (@Harwayne may be able to provide context). Based on my reading of the original design for apiserver pagination, it appears @evankanderson is correct: pagination is opt-in by specifying the limit parameter.
There was a problem hiding this comment.
I am paranoid. I don't think it gets used today. I believe @akashrv looked into the Controller Runtime code in particular and confirmed that it isn't used. But the fact that it is in the interface makes me wary of leaving it out. I agree that ListOptions.Limit clearly talks about Continue with regards to having a limit set, but ListOptions.Continue doesn't specify that is the only time Continue will be used.
I agree with your reading of the origin design that this is purely an opt-in feature and that not providing a limit means get everything (even if that is 500 MB). Having been shown this, I am OK removing it.
There was a problem hiding this comment.
Sounds good. I'll simplify it and revert it to how it was in first iteration.
| return err | ||
| func shouldWatch(ch *v1alpha1.Channel) bool { | ||
| if ch.Spec.Provisioner != nil && ch.Spec.Provisioner.Namespace == "" { | ||
| for _, v := range channelProvisioners { |
There was a problem hiding this comment.
Would it make more sense to make channelProvisioners a map at init time, so you can use a map membership check?
There was a problem hiding this comment.
We don't expect to have too many provisioners. Most cases this should be just one check without a for loop.
Moreover when we rename fanoutsidecar to be in-memory provisioner and deprecate the old in-memory-channel. This code will change to a single value check.
Hence left it this way.
| if err != nil { | ||
| return err | ||
| func shouldWatch(ch *v1alpha1.Channel) bool { | ||
| if ch.Spec.Provisioner != nil && ch.Spec.Provisioner.Namespace == "" { |
There was a problem hiding this comment.
Maybe make namespace non-empty an early exit with a comment that we only support cluster-scoped provisioners (so it's easier to extend to namespace-scoped provisioners later)?
There was a problem hiding this comment.
Didn't understand the comment. This function is used to filter out channels in the handler inside the watch. It is not used in the request path.
There was a problem hiding this comment.
I was suggesting writing this as:
if ch.Spec.Provisioner == nil || ch.Spec.Provisioner.Namespace != "" {
// Only support cluster-level provisioners right now.
return false
}
...
evankanderson
left a comment
evankanderson
left a comment
There was a problem hiding this comment.
Last cleanup comments; the rest of the logic seems fine, though it might be better to split cleanups (like gofmt) from meaningful changes, and possibly even to break up the PR into smaller chunks based on API boundaries.
| Ports: []corev1.ServicePort{ | ||
| { | ||
| Name: "http", | ||
| Protocol: corev1.ProtocolTCP, |
There was a problem hiding this comment.
Why remove the name?
If Istio is running sidecar injection, wouldn't you want to mark it for Istio?
There was a problem hiding this comment.
Check this one: istio/istio#13193.
Istio has a bug where if I name it then it wont work since it is an ExternalName service. So the change is to make it work in case pod that calls the channel has istio sidecar in it. Without istio sidecar it works irrespective of whether the port is named or not
| } | ||
|
|
||
| func (r *reconciler) Reconcile(req reconcile.Request) (reconcile.Result, error) { | ||
| ctx := logging.WithLogger(context.TODO(), r.logger.With(zap.Any("request", req))) |
There was a problem hiding this comment.
I think this is reasonably context.Background(). (This makes it easier to find actual TODO contexts where the context should be flowed through later.)
There was a problem hiding this comment.
Will change it in the one of the follow-up PRs
| return err | ||
| func listAllChannels(ctx context.Context, c client.Client) ([]v1alpha1.Channel, error) { | ||
| channels := make([]v1alpha1.Channel, 0) | ||
| for { |
There was a problem hiding this comment.
In particular, I'm surprised that the client.Client interface doesn't perform the full listing.
A reading of the ListOptions struct suggests that pagination may only be provided if limit is set (and I suspect that many clients would have failures if this wasn't the case). Do you have evidence that the more complicated code with continue tokens is needed?
| Name: "http", | ||
| // There is a bug in Istio where named port doesn't work when connecting using an ExternalName service | ||
| // Refer to https://github.com/istio/istio/issues/13193 for more details. | ||
| // TODO: Uncomment Name:"http" when ISTIO fixes the issue |
There was a problem hiding this comment.
Does this need to be copied to the comment I made above?
There was a problem hiding this comment.
Yes this is the reason I removed it. Didn't put the comment in UT, because when we revert this UTs will anyways fail and we will have to update UTs.
Co-authored-by: serverless-qe <serverless-support@redhat.com>
8 participants
Part of series of PRs for #294
Proposed Changes
This is part of a series of PRs that I will send to keep PR size small.
Overall change:
What is included in this PR:
There is an issue I identified when working with istio and externalname k8s service. I am following up with them separately, and there is a workaround in the code for it.
Release Note