Skip to content

Commit

Permalink
Remove router side ingress support
Browse files Browse the repository at this point in the history 
The router itself can't watch secrets, which means any changes to
ingress may take a long time to propogate. The ingress-to-route
controller replaces the need for the router to watch secrets or ingress.

During a 3.9 to 3.10 upgrade, the router will continue to show old
ingress until a rolling update happens, at which time it should begin
serving hosts and paths from the newer routes created by the controller.
  • Loading branch information
@smarterclayton
smarterclayton committed Feb 19, 2018
1 parent 031aa5d commit 547c6ca
Show file tree
Hide file tree
Showing 12 changed files with 24 additions and 1,428 deletions.
2 changes: 1 addition & 1 deletion pkg/cmd/infra/router/f5.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -236,7 +236,7 @@ func (o *F5RouterOptions) Run() error {

factory := o.RouterSelection.NewFactory(routeclient, projectclient.Project().Projects(), kc)
watchNodes := (len(o.InternalAddress) != 0 && len(o.VxlanGateway) != 0)
controller := factory.Create(plugin, watchNodes, o.EnableIngress)
controller := factory.Create(plugin, watchNodes)
controller.Run()

select {}
Expand Down
11 changes: 3 additions & 8 deletions pkg/cmd/infra/router/router.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,6 @@ type RouterSelection struct {

DisableNamespaceOwnershipCheck bool

EnableIngress bool

ListenAddr string
}

Expand All @@ -71,7 +69,8 @@ func (o *RouterSelection) Bind(flag *pflag.FlagSet) {
flag.StringSliceVar(&o.AllowedDomains, "allowed-domains", envVarAsStrings("ROUTER_ALLOWED_DOMAINS", "", ","), "List of comma separated domains to allow in routes. If specified, only the domains in this list will be allowed routes. Note that domains in the denied list take precedence over the ones in the allowed list")
flag.BoolVar(&o.AllowWildcardRoutes, "allow-wildcard-routes", isTrue(cmdutil.Env("ROUTER_ALLOW_WILDCARD_ROUTES", "")), "Allow wildcard host names for routes")
flag.BoolVar(&o.DisableNamespaceOwnershipCheck, "disable-namespace-ownership-check", isTrue(cmdutil.Env("ROUTER_DISABLE_NAMESPACE_OWNERSHIP_CHECK", "")), "Disables the namespace ownership checks for a route host with different paths or for overlapping host names in the case of wildcard routes. Please be aware that if namespace ownership checks are disabled, routes in a different namespace can use this mechanism to 'steal' sub-paths for existing domains. This is only safe if route creation privileges are restricted, or if all the users can be trusted.")
flag.BoolVar(&o.EnableIngress, "enable-ingress", isTrue(cmdutil.Env("ROUTER_ENABLE_INGRESS", "")), "Enable configuration via ingress resources")
flag.Bool("enable-ingress", false, "Enable configuration via ingress resources.")
flag.MarkDeprecated("enable-ingress", "Ingress resources are now synchronized to routes automatically.")
flag.StringVar(&o.ListenAddr, "listen-addr", cmdutil.Env("ROUTER_LISTEN_ADDR", ""), "The name of an interface to listen on to expose metrics and health checking. If not specified, will not listen. Overrides stats port.")
}

Expand All @@ -84,14 +83,10 @@ func (o *RouterSelection) RouteSelectionFunc() controller.RouteHostFunc {
if !o.OverrideHostname && len(route.Spec.Host) > 0 {
return route.Spec.Host
}
// GetNameForHost returns the ingress name for a generated route, and the route route
// name otherwise. When a route and ingress in the same namespace share a name, the
// route and the ingress' rules should receive the same generated host.
nameForHost := controller.GetNameForHost(route.Name)
s, err := variable.ExpandStrict(o.HostnameTemplate, func(key string) (string, bool) {
switch key {
case "name":
return nameForHost, true
return route.Name, true
case "namespace":
return route.Namespace, true
default:
Expand Down
2 changes: 1 addition & 1 deletion pkg/cmd/infra/router/template.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -430,7 +430,7 @@ func (o *TemplateRouterOptions) Run() error {
plugin := controller.NewHostAdmitter(uniqueHostPlugin, o.RouteAdmissionFunc(), o.AllowWildcardRoutes, o.RouterSelection.DisableNamespaceOwnershipCheck, controller.RejectionRecorder(statusPlugin))

factory := o.RouterSelection.NewFactory(routeclient, projectclient.Project().Projects(), kc)
controller := factory.Create(plugin, false, o.EnableIngress)
controller := factory.Create(plugin, false)
controller.Run()

proc.StartReaper()
Expand Down
62 changes: 3 additions & 59 deletions pkg/router/controller/factory/factory.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ import (
"k8s.io/apimachinery/pkg/watch"
kcache "k8s.io/client-go/tools/cache"
kapi "k8s.io/kubernetes/pkg/apis/core"
"k8s.io/kubernetes/pkg/apis/extensions"
kclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"

projectclient "github.com/openshift/origin/pkg/project/generated/internalclientset/typed/project/internalversion"
Expand Down Expand Up @@ -65,12 +64,10 @@ func NewDefaultRouterControllerFactory(rc routeclientset.Interface, pc projectcl

// Create begins listing and watching against the API server for the desired route and endpoint
// resources. It spawns child goroutines that cannot be terminated.
func (f *RouterControllerFactory) Create(plugin router.Plugin, watchNodes, enableIngress bool) *routercontroller.RouterController {
func (f *RouterControllerFactory) Create(plugin router.Plugin, watchNodes bool) *routercontroller.RouterController {
rc := &routercontroller.RouterController{
Plugin: plugin,
WatchNodes: watchNodes,
EnableIngress: enableIngress,
IngressTranslator: routercontroller.NewIngressTranslator(f.KClient.Core()),
Plugin: plugin,
WatchNodes: watchNodes,

NamespaceLabels: f.NamespaceLabels,
FilteredNamespaceNames: make(sets.String),
Expand Down Expand Up @@ -107,10 +104,6 @@ func (f *RouterControllerFactory) initInformers(rc *routercontroller.RouterContr
if rc.WatchNodes {
f.createNodesSharedInformer(rc)
}
if rc.EnableIngress {
f.createIngressesSharedInformer(rc)
f.createSecretsSharedInformer(rc)
}

// Start informers
for _, informer := range f.informers {
Expand All @@ -134,10 +127,6 @@ func (f *RouterControllerFactory) registerInformerEventHandlers(rc *routercontro
if rc.WatchNodes {
f.registerSharedInformerEventHandlers(&kapi.Node{}, rc.HandleNode)
}
if rc.EnableIngress {
f.registerSharedInformerEventHandlers(&extensions.Ingress{}, rc.HandleIngress)
f.registerSharedInformerEventHandlers(&kapi.Secret{}, rc.HandleSecret)
}
}

func (f *RouterControllerFactory) informerStoreList(obj runtime.Object) []interface{} {
Expand Down Expand Up @@ -191,16 +180,6 @@ func (f *RouterControllerFactory) processExistingItems(rc *routercontroller.Rout
rc.HandleNode(watch.Added, item.(*kapi.Node))
}
}

if rc.EnableIngress {
for _, item := range f.informerStoreList(&extensions.Ingress{}) {
rc.HandleIngress(watch.Added, item.(*extensions.Ingress))
}

for _, item := range f.informerStoreList(&kapi.Secret{}) {
rc.HandleSecret(watch.Added, item.(*kapi.Secret))
}
}
}

func (f *RouterControllerFactory) setSelectors(options *v1.ListOptions) {
Expand Down Expand Up @@ -249,25 +228,6 @@ func (f *RouterControllerFactory) createRoutesSharedInformer(rc *routercontrolle
f.informers[objType] = informer
}

func (f *RouterControllerFactory) createIngressesSharedInformer(rc *routercontroller.RouterController) {
// The same filtering is applied to ingress as is applied to routes
lw := &kcache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
f.setSelectors(&options)
return f.KClient.Extensions().Ingresses(f.Namespace).List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
f.setSelectors(&options)
return f.KClient.Extensions().Ingresses(f.Namespace).Watch(options)
},
}
ig := &extensions.Ingress{}
objType := reflect.TypeOf(ig)
indexers := kcache.Indexers{kcache.NamespaceIndex: kcache.MetaNamespaceIndexFunc}
informer := kcache.NewSharedIndexInformer(lw, ig, f.ResyncInterval, indexers)
f.informers[objType] = informer
}

func (f *RouterControllerFactory) createNodesSharedInformer(rc *routercontroller.RouterController) {
// Use stock node informer as we don't need namespace/labels/fields filtering on nodes
ifactory := informerfactory.NewSharedInformerFactory(f.KClient, f.ResyncInterval)
Expand All @@ -276,22 +236,6 @@ func (f *RouterControllerFactory) createNodesSharedInformer(rc *routercontroller
f.informers[objType] = informer
}

func (f *RouterControllerFactory) createSecretsSharedInformer(rc *routercontroller.RouterController) {
lw := &kcache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
return f.KClient.Core().Secrets(f.Namespace).List(options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
return f.KClient.Core().Secrets(f.Namespace).Watch(options)
},
}
sc := &kapi.Secret{}
objType := reflect.TypeOf(sc)
indexers := kcache.Indexers{kcache.NamespaceIndex: kcache.MetaNamespaceIndexFunc}
informer := kcache.NewSharedIndexInformer(lw, sc, f.ResyncInterval, indexers)
f.informers[objType] = informer
}

func (f *RouterControllerFactory) createNamespacesSharedInformer(rc *routercontroller.RouterController) {
lw := &kcache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
Expand Down
Loading

0 comments on commit 547c6ca

Please sign in to comment.