github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fed: Create generic synchronizer from refactored secret controller

pull/6/head
Maru Newby 2017-03-22 11:52:50 -07:00
parent 82e73efe83
commit d08e9d96ef
2 changed files with 163 additions and 158 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

315
federation/pkg/federation-controller/secret/secret_controller.go
View File

@ -55,34 +55,37 @@ var (
RequiredResources = []schema.GroupVersionResource{apiv1.SchemeGroupVersion.WithResource("secrets")} RequiredResources = []schema.GroupVersionResource{apiv1.SchemeGroupVersion.WithResource("secrets")}
) )
type SecretController struct { // FederationSyncController synchronizes the state of a federated type
// For triggering single secret reconciliation. This is used when there is an // to clusters that are members of the federation.
// add/update/delete operation on a secret in either federated API server or type FederationSyncController struct {
// in some member of the federation. // For triggering reconciliation of a single resource. This is
secretDeliverer *util.DelayingDeliverer // used when there is an add/update/delete operation on a resource
// in either federated API server or in some member of the
// federation.
deliverer *util.DelayingDeliverer
// For triggering all secrets reconciliation. This is used when // For triggering reconciliation of all target resources. This is
// a new cluster becomes available. // used when a new cluster becomes available.
clusterDeliverer *util.DelayingDeliverer clusterDeliverer *util.DelayingDeliverer
// Contains secrets present in members of federation. // Contains resources present in members of federation.
secretFederatedInformer util.FederatedInformer informer util.FederatedInformer
// For updating members of federation. // For updating members of federation.
federatedUpdater util.FederatedUpdater updater util.FederatedUpdater
// Definitions of secrets that should be federated. // Definitions of resources that should be federated.
secretInformerStore cache.Store store cache.Store
// Informer controller for secrets that should be federated. // Informer controller for resources that should be federated.
secretInformerController cache.Controller controller cache.Controller
// Backoff manager for secrets // Backoff manager
secretBackoff *flowcontrol.Backoff backoff *flowcontrol.Backoff
// For events // For events
eventRecorder record.EventRecorder eventRecorder record.EventRecorder
deletionHelper *deletionhelper.DeletionHelper deletionHelper *deletionhelper.DeletionHelper
secretReviewDelay time.Duration reviewDelay time.Duration
clusterAvailableDelay time.Duration clusterAvailableDelay time.Duration
smallDelay time.Duration smallDelay time.Duration
updateTimeout time.Duration updateTimeout time.Duration
@ -92,40 +95,49 @@ type SecretController struct {
// StartSecretController starts a new secret controller // StartSecretController starts a new secret controller
func StartSecretController(config *restclient.Config, stopChan <-chan struct{}, minimizeLatency bool) { func StartSecretController(config *restclient.Config, stopChan <-chan struct{}, minimizeLatency bool) {
restclient.AddUserAgent(config, "secret-controller") startFederationSyncController(&typeadapters.SecretAdapter{}, config, stopChan, minimizeLatency)
client := federationclientset.NewForConfigOrDie(config)
controller := newSecretController(client)
if minimizeLatency {
controller.minimizeLatency()
}
glog.Infof("Starting Secret controller")
controller.Run(stopChan)
} }
// newSecretController returns a new secret controller // newSecretController returns a new secret controller
func newSecretController(client federationclientset.Interface) *SecretController { func newSecretController(client federationclientset.Interface) *FederationSyncController {
adapter := typeadapters.NewSecretAdapter(client) return newFederationSyncController(client, typeadapters.NewSecretAdapter(client))
}
// startFederationSyncController starts a new sync controller for the given type adapter
func startFederationSyncController(adapter typeadapters.FederatedTypeAdapter, config *restclient.Config, stopChan <-chan struct{}, minimizeLatency bool) {
restclient.AddUserAgent(config, fmt.Sprintf("%s-controller", adapter.Kind()))
client := federationclientset.NewForConfigOrDie(config)
adapter.SetClient(client)
controller := newFederationSyncController(client, adapter)
if minimizeLatency {
controller.minimizeLatency()
}
glog.Infof(fmt.Sprintf("Starting federated sync controller for %s resources", adapter.Kind()))
controller.Run(stopChan)
}
// newFederationSyncController returns a new sync controller for the given client and type adapter
func newFederationSyncController(client federationclientset.Interface, adapter typeadapters.FederatedTypeAdapter) *FederationSyncController {
broadcaster := record.NewBroadcaster() broadcaster := record.NewBroadcaster()
broadcaster.StartRecordingToSink(eventsink.NewFederatedEventSink(client)) broadcaster.StartRecordingToSink(eventsink.NewFederatedEventSink(client))
recorder := broadcaster.NewRecorder(api.Scheme, clientv1.EventSource{Component: fmt.Sprintf("federated-%v-controller", adapter.Kind())}) recorder := broadcaster.NewRecorder(api.Scheme, clientv1.EventSource{Component: fmt.Sprintf("federated-%v-controller", adapter.Kind())})
secretcontroller := &SecretController{ s := &FederationSyncController{
secretReviewDelay: time.Second * 10, reviewDelay: time.Second * 10,
clusterAvailableDelay: time.Second * 20, clusterAvailableDelay: time.Second * 20,
smallDelay: time.Second * 3, smallDelay: time.Second * 3,
updateTimeout: time.Second * 30, updateTimeout: time.Second * 30,
secretBackoff: flowcontrol.NewBackOff(5*time.Second, time.Minute), backoff: flowcontrol.NewBackOff(5*time.Second, time.Minute),
eventRecorder: recorder, eventRecorder: recorder,
adapter: adapter, adapter: adapter,
} }
// Build delivereres for triggering reconciliations. // Build delivereres for triggering reconciliations.
secretcontroller.secretDeliverer = util.NewDelayingDeliverer() s.deliverer = util.NewDelayingDeliverer()
secretcontroller.clusterDeliverer = util.NewDelayingDeliverer() s.clusterDeliverer = util.NewDelayingDeliverer()
// Start informer in federated API servers on secrets that should be federated. // Start informer in federated API servers on the resource type that should be federated.
secretcontroller.secretInformerStore, secretcontroller.secretInformerController = cache.NewInformer( s.store, s.controller = cache.NewInformer(
&cache.ListWatch{ &cache.ListWatch{
ListFunc: func(options metav1.ListOptions) (pkgruntime.Object, error) { ListFunc: func(options metav1.ListOptions) (pkgruntime.Object, error) {
return adapter.FedList(metav1.NamespaceAll, options) return adapter.FedList(metav1.NamespaceAll, options)
@ -136,10 +148,10 @@ func newSecretController(client federationclientset.Interface) *SecretController
}, },
adapter.ObjectType(), adapter.ObjectType(),
controller.NoResyncPeriodFunc(), controller.NoResyncPeriodFunc(),
util.NewTriggerOnAllChanges(func(obj pkgruntime.Object) { secretcontroller.deliverSecretObj(obj, 0, false) })) util.NewTriggerOnAllChanges(func(obj pkgruntime.Object) { s.deliverObj(obj, 0, false) }))
// Federated informer on secrets in members of federation. // Federated informer on the resource type in members of federation.
secretcontroller.secretFederatedInformer = util.NewFederatedInformer( s.informer = util.NewFederatedInformer(
client, client,
func(cluster *federationapi.Cluster, targetClient kubeclientset.Interface) (cache.Store, cache.Controller) { func(cluster *federationapi.Cluster, targetClient kubeclientset.Interface) (cache.Store, cache.Controller) {
return cache.NewInformer( return cache.NewInformer(
@ -154,24 +166,24 @@ func newSecretController(client federationclientset.Interface) *SecretController
adapter.ObjectType(), adapter.ObjectType(),
controller.NoResyncPeriodFunc(), controller.NoResyncPeriodFunc(),
// Trigger reconciliation whenever something in federated cluster is changed. In most cases it // Trigger reconciliation whenever something in federated cluster is changed. In most cases it
// would be just confirmation that some secret operation succeeded. // would be just confirmation that some operation on the target resource type had succeeded.
util.NewTriggerOnAllChanges( util.NewTriggerOnAllChanges(
func(obj pkgruntime.Object) { func(obj pkgruntime.Object) {
secretcontroller.deliverSecretObj(obj, secretcontroller.secretReviewDelay, false) s.deliverObj(obj, s.reviewDelay, false)
}, },
)) ))
}, },
&util.ClusterLifecycleHandlerFuncs{ &util.ClusterLifecycleHandlerFuncs{
ClusterAvailable: func(cluster *federationapi.Cluster) { ClusterAvailable: func(cluster *federationapi.Cluster) {
// When new cluster becomes available process all the secrets again. // When new cluster becomes available process all the target resources again.
secretcontroller.clusterDeliverer.DeliverAt(allClustersKey, nil, time.Now().Add(secretcontroller.clusterAvailableDelay)) s.clusterDeliverer.DeliverAt(allClustersKey, nil, time.Now().Add(s.clusterAvailableDelay))
}, },
}, },
) )
// Federated updeater along with Create/Update/Delete operations. // Federated updeater along with Create/Update/Delete operations.
secretcontroller.federatedUpdater = util.NewFederatedUpdater(secretcontroller.secretFederatedInformer, s.updater = util.NewFederatedUpdater(s.informer,
func(client kubeclientset.Interface, obj pkgruntime.Object) error { func(client kubeclientset.Interface, obj pkgruntime.Object) error {
_, err := adapter.ClusterCreate(client, obj) _, err := adapter.ClusterCreate(client, obj)
return err return err
@ -187,34 +199,34 @@ func newSecretController(client federationclientset.Interface) *SecretController
return err return err
}) })
secretcontroller.deletionHelper = deletionhelper.NewDeletionHelper( s.deletionHelper = deletionhelper.NewDeletionHelper(
secretcontroller.hasFinalizerFunc, s.hasFinalizerFunc,
secretcontroller.removeFinalizerFunc, s.removeFinalizerFunc,
secretcontroller.addFinalizerFunc, s.addFinalizerFunc,
// objNameFunc // objNameFunc
func(obj pkgruntime.Object) string { func(obj pkgruntime.Object) string {
return adapter.ObjectMeta(obj).Name return adapter.ObjectMeta(obj).Name
}, },
secretcontroller.updateTimeout, s.updateTimeout,
secretcontroller.eventRecorder, s.eventRecorder,
secretcontroller.secretFederatedInformer, s.informer,
secretcontroller.federatedUpdater, s.updater,
) )
return secretcontroller return s
} }
// minimizeLatency reduces delays and timeouts to make the controller more responsive (useful for testing). // minimizeLatency reduces delays and timeouts to make the controller more responsive (useful for testing).
func (secretcontroller *SecretController) minimizeLatency() { func (s *FederationSyncController) minimizeLatency() {
secretcontroller.clusterAvailableDelay = time.Second s.clusterAvailableDelay = time.Second
secretcontroller.secretReviewDelay = 50 * time.Millisecond s.reviewDelay = 50 * time.Millisecond
secretcontroller.smallDelay = 20 * time.Millisecond s.smallDelay = 20 * time.Millisecond
secretcontroller.updateTimeout = 5 * time.Second s.updateTimeout = 5 * time.Second
} }
// Returns true if the given object has the given finalizer in its ObjectMeta. // Returns true if the given object has the given finalizer in its ObjectMeta.
func (secretcontroller *SecretController) hasFinalizerFunc(obj pkgruntime.Object, finalizer string) bool { func (s *FederationSyncController) hasFinalizerFunc(obj pkgruntime.Object, finalizer string) bool {
meta := secretcontroller.adapter.ObjectMeta(obj) meta := s.adapter.ObjectMeta(obj)
for i := range meta.Finalizers { for i := range meta.Finalizers {
if string(meta.Finalizers[i]) == finalizer { if string(meta.Finalizers[i]) == finalizer {
return true return true
@ -223,11 +235,9 @@ func (secretcontroller *SecretController) hasFinalizerFunc(obj pkgruntime.Object
return false return false
} }
// Removes the finalizers from the given objects ObjectMeta. // Removes the finalizer from the given objects ObjectMeta.
// Assumes that the given object is a secret. func (s *FederationSyncController) removeFinalizerFunc(obj pkgruntime.Object, finalizers []string) (pkgruntime.Object, error) {
func (secretcontroller *SecretController) removeFinalizerFunc(obj pkgruntime.Object, finalizers []string) (pkgruntime.Object, error) { meta := s.adapter.ObjectMeta(obj)
adapter := secretcontroller.adapter
meta := adapter.ObjectMeta(obj)
newFinalizers := []string{} newFinalizers := []string{}
hasFinalizer := false hasFinalizer := false
for i := range meta.Finalizers { for i := range meta.Finalizers {
@ -242,189 +252,184 @@ func (secretcontroller *SecretController) removeFinalizerFunc(obj pkgruntime.Obj
return obj, nil return obj, nil
} }
meta.Finalizers = newFinalizers meta.Finalizers = newFinalizers
secret, err := secretcontroller.adapter.FedUpdate(obj) secret, err := s.adapter.FedUpdate(obj)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to remove finalizers %v from %s %s: %v", finalizers, adapter.Kind(), meta.Name, err) return nil, fmt.Errorf("failed to remove finalizers %v from %s %s: %v", finalizers, s.adapter.Kind(), meta.Name, err)
} }
return secret, nil return secret, nil
} }
// Adds the given finalizers to the given objects ObjectMeta. // Adds the given finalizers to the given objects ObjectMeta.
// Assumes that the given object is a secret. func (s *FederationSyncController) addFinalizerFunc(obj pkgruntime.Object, finalizers []string) (pkgruntime.Object, error) {
func (secretcontroller *SecretController) addFinalizerFunc(obj pkgruntime.Object, finalizers []string) (pkgruntime.Object, error) { meta := s.adapter.ObjectMeta(obj)
adapter := secretcontroller.adapter
meta := adapter.ObjectMeta(obj)
meta.Finalizers = append(meta.Finalizers, finalizers...) meta.Finalizers = append(meta.Finalizers, finalizers...)
secret, err := secretcontroller.adapter.FedUpdate(obj) secret, err := s.adapter.FedUpdate(obj)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to add finalizers %v to %s %s: %v", finalizers, adapter.Kind(), meta.Name, err) return nil, fmt.Errorf("failed to add finalizers %v to %s %s: %v", finalizers, s.adapter.Kind(), meta.Name, err)
} }
return secret, nil return secret, nil
} }
func (secretcontroller *SecretController) Run(stopChan <-chan struct{}) { func (s *FederationSyncController) Run(stopChan <-chan struct{}) {
go secretcontroller.secretInformerController.Run(stopChan) go s.controller.Run(stopChan)
secretcontroller.secretFederatedInformer.Start() s.informer.Start()
go func() { go func() {
<-stopChan <-stopChan
secretcontroller.secretFederatedInformer.Stop() s.informer.Stop()
}() }()
secretcontroller.secretDeliverer.StartWithHandler(func(item *util.DelayingDelivererItem) { s.deliverer.StartWithHandler(func(item *util.DelayingDelivererItem) {
secret := item.Value.(*types.NamespacedName) namespacedName := item.Value.(*types.NamespacedName)
secretcontroller.reconcileSecret(*secret) s.reconcile(*namespacedName)
}) })
secretcontroller.clusterDeliverer.StartWithHandler(func(_ *util.DelayingDelivererItem) { s.clusterDeliverer.StartWithHandler(func(_ *util.DelayingDelivererItem) {
secretcontroller.reconcileSecretsOnClusterChange() s.reconcileOnClusterChange()
}) })
util.StartBackoffGC(secretcontroller.secretBackoff, stopChan) util.StartBackoffGC(s.backoff, stopChan)
} }
func (secretcontroller *SecretController) deliverSecretObj(obj pkgruntime.Object, delay time.Duration, failed bool) { func (s *FederationSyncController) deliverObj(obj pkgruntime.Object, delay time.Duration, failed bool) {
namespacedName := secretcontroller.adapter.NamespacedName(obj) namespacedName := s.adapter.NamespacedName(obj)
secretcontroller.deliverSecret(namespacedName, delay, failed) s.deliver(namespacedName, delay, failed)
} }
// Adds backoff to delay if this delivery is related to some failure. Resets backoff if there was no failure. // Adds backoff to delay if this delivery is related to some failure. Resets backoff if there was no failure.
func (secretcontroller *SecretController) deliverSecret(secret types.NamespacedName, delay time.Duration, failed bool) { func (s *FederationSyncController) deliver(namespacedName types.NamespacedName, delay time.Duration, failed bool) {
key := secret.String() key := namespacedName.String()
if failed { if failed {
secretcontroller.secretBackoff.Next(key, time.Now()) s.backoff.Next(key, time.Now())
delay = delay + secretcontroller.secretBackoff.Get(key) delay = delay + s.backoff.Get(key)
} else { } else {
secretcontroller.secretBackoff.Reset(key) s.backoff.Reset(key)
} }
secretcontroller.secretDeliverer.DeliverAfter(key, &secret, delay) s.deliverer.DeliverAfter(key, &namespacedName, delay)
} }
// Check whether all data stores are in sync. False is returned if any of the informer/stores is not yet // Check whether all data stores are in sync. False is returned if any of the informer/stores is not yet
// synced with the corresponding api server. // synced with the corresponding api server.
func (secretcontroller *SecretController) isSynced() bool { func (s *FederationSyncController) isSynced() bool {
if !secretcontroller.secretFederatedInformer.ClustersSynced() { if !s.informer.ClustersSynced() {
glog.V(2).Infof("Cluster list not synced") glog.V(2).Infof("Cluster list not synced")
return false return false
} }
clusters, err := secretcontroller.secretFederatedInformer.GetReadyClusters() clusters, err := s.informer.GetReadyClusters()
if err != nil { if err != nil {
glog.Errorf("Failed to get ready clusters: %v", err) glog.Errorf("Failed to get ready clusters: %v", err)
return false return false
} }
if !secretcontroller.secretFederatedInformer.GetTargetStore().ClustersSynced(clusters) { if !s.informer.GetTargetStore().ClustersSynced(clusters) {
return false return false
} }
return true return true
} }
// The function triggers reconciliation of all federated secrets. // The function triggers reconciliation of all target federated resources.
func (secretcontroller *SecretController) reconcileSecretsOnClusterChange() { func (s *FederationSyncController) reconcileOnClusterChange() {
if !secretcontroller.isSynced() { if !s.isSynced() {
secretcontroller.clusterDeliverer.DeliverAt(allClustersKey, nil, time.Now().Add(secretcontroller.clusterAvailableDelay)) s.clusterDeliverer.DeliverAt(allClustersKey, nil, time.Now().Add(s.clusterAvailableDelay))
} }
for _, obj := range secretcontroller.secretInformerStore.List() { for _, obj := range s.store.List() {
namespacedName := secretcontroller.adapter.NamespacedName(obj.(pkgruntime.Object)) namespacedName := s.adapter.NamespacedName(obj.(pkgruntime.Object))
secretcontroller.deliverSecret(namespacedName, secretcontroller.smallDelay, false) s.deliver(namespacedName, s.smallDelay, false)
} }
} }
func (secretcontroller *SecretController) reconcileSecret(secret types.NamespacedName) { func (s *FederationSyncController) reconcile(namespacedName types.NamespacedName) {
adapter := secretcontroller.adapter if !s.isSynced() {
kind := adapter.Kind() s.deliver(namespacedName, s.clusterAvailableDelay, false)
if !secretcontroller.isSynced() {
secretcontroller.deliverSecret(secret, secretcontroller.clusterAvailableDelay, false)
return return
} }
key := secret.String() key := namespacedName.String()
baseSecretObjFromStore, exist, err := secretcontroller.secretInformerStore.GetByKey(key) kind := s.adapter.Kind()
cachedObj, exist, err := s.store.GetByKey(key)
if err != nil { if err != nil {
glog.Errorf("Failed to query main %s store for %v: %v", kind, key, err) glog.Errorf("Failed to query main %s store for %v: %v", kind, key, err)
secretcontroller.deliverSecret(secret, 0, true) s.deliver(namespacedName, 0, true)
return return
} }
if !exist { if !exist {
// Not federated secret, ignoring. // Not federated, ignoring.
return return
} }
// Create a copy before modifying the obj to prevent race condition with // Create a copy before modifying the resource to prevent racing
// other readers of obj from store. // with other readers.
baseSecretObj, err := api.Scheme.DeepCopy(baseSecretObjFromStore) copiedObj, err := api.Scheme.DeepCopy(cachedObj)
if err != nil { if err != nil {
glog.Errorf("Error in retrieving obj from store: %v", err) glog.Errorf("Error in retrieving %s from store: %v", kind, err)
secretcontroller.deliverSecret(secret, 0, true) s.deliver(namespacedName, 0, true)
return return
} }
if !adapter.IsExpectedType(baseSecretObj) { if !s.adapter.IsExpectedType(copiedObj) {
glog.Errorf("Object is not the expected type: %v", baseSecretObj) glog.Errorf("Object is not the expected type: %v", copiedObj)
secretcontroller.deliverSecret(secret, 0, true) s.deliver(namespacedName, 0, true)
return return
} }
obj := copiedObj.(pkgruntime.Object)
baseSecret := baseSecretObj.(pkgruntime.Object) meta := s.adapter.ObjectMeta(obj)
meta := adapter.ObjectMeta(baseSecret)
if meta.DeletionTimestamp != nil { if meta.DeletionTimestamp != nil {
if err := secretcontroller.delete(baseSecret, secret); err != nil { if err := s.delete(obj, namespacedName); err != nil {
glog.Errorf("Failed to delete %s %s: %v", kind, secret, err) glog.Errorf("Failed to delete %s %s: %v", kind, namespacedName, err)
secretcontroller.eventRecorder.Eventf(baseSecret, api.EventTypeNormal, "DeleteFailed", s.eventRecorder.Eventf(obj, api.EventTypeNormal, "DeleteFailed",
"%s delete failed: %v", strings.ToTitle(kind), err) "%s delete failed: %v", strings.ToTitle(kind), err)
secretcontroller.deliverSecret(secret, 0, true) s.deliver(namespacedName, 0, true)
} }
return return
} }
glog.V(3).Infof("Ensuring delete object from underlying clusters finalizer for %s: %s", glog.V(3).Infof("Ensuring delete object from underlying clusters finalizer for %s: %s",
kind, secret) kind, namespacedName)
// Add the required finalizers before creating a secret in underlying clusters. // Add the required finalizers before creating the resource in underlying clusters.
baseSecret, err = secretcontroller.deletionHelper.EnsureFinalizers(baseSecret) obj, err = s.deletionHelper.EnsureFinalizers(obj)
if err != nil { if err != nil {
glog.Errorf("Failed to ensure delete object from underlying clusters finalizer in %s %s: %v", glog.Errorf("Failed to ensure delete object from underlying clusters finalizer in %s %s: %v",
kind, secret, err) kind, namespacedName, err)
secretcontroller.deliverSecret(secret, 0, false) s.deliver(namespacedName, 0, false)
return return
} }
glog.V(3).Infof("Syncing %s %s in underlying clusters", kind, secret) glog.V(3).Infof("Syncing %s %s in underlying clusters", kind, namespacedName)
clusters, err := secretcontroller.secretFederatedInformer.GetReadyClusters() clusters, err := s.informer.GetReadyClusters()
if err != nil { if err != nil {
glog.Errorf("Failed to get cluster list: %v", err) glog.Errorf("Failed to get cluster list: %v", err)
secretcontroller.deliverSecret(secret, secretcontroller.clusterAvailableDelay, false) s.deliver(namespacedName, s.clusterAvailableDelay, false)
return return
} }
operations := make([]util.FederatedOperation, 0) operations := make([]util.FederatedOperation, 0)
for _, cluster := range clusters { for _, cluster := range clusters {
clusterSecretObj, found, err := secretcontroller.secretFederatedInformer.GetTargetStore().GetByKey(cluster.Name, key) clusterObj, found, err := s.informer.GetTargetStore().GetByKey(cluster.Name, key)
if err != nil { if err != nil {
glog.Errorf("Failed to get %s from %s: %v", key, cluster.Name, err) glog.Errorf("Failed to get %s from %s: %v", key, cluster.Name, err)
secretcontroller.deliverSecret(secret, 0, true) s.deliver(namespacedName, 0, true)
return return
} }
// The data should not be modified. // The data should not be modified.
desiredSecret := adapter.Copy(baseSecret) desiredObj := s.adapter.Copy(obj)
if !found { if !found {
secretcontroller.eventRecorder.Eventf(baseSecret, api.EventTypeNormal, "CreateInCluster", s.eventRecorder.Eventf(obj, api.EventTypeNormal, "CreateInCluster",
"Creating %s in cluster %s", kind, cluster.Name) "Creating %s in cluster %s", kind, cluster.Name)
operations = append(operations, util.FederatedOperation{ operations = append(operations, util.FederatedOperation{
Type: util.OperationTypeAdd, Type: util.OperationTypeAdd,
Obj: desiredSecret, Obj: desiredObj,
ClusterName: cluster.Name, ClusterName: cluster.Name,
}) })
} else { } else {
clusterSecret := clusterSecretObj.(pkgruntime.Object) clusterObj := clusterObj.(pkgruntime.Object)
// Update existing secret, if needed. // Update existing resource, if needed.
if !adapter.Equivalent(desiredSecret, clusterSecret) { if !s.adapter.Equivalent(desiredObj, clusterObj) {
secretcontroller.eventRecorder.Eventf(baseSecret, api.EventTypeNormal, "UpdateInCluster", s.eventRecorder.Eventf(obj, api.EventTypeNormal, "UpdateInCluster",
"Updating %s in cluster %s", kind, cluster.Name) "Updating %s in cluster %s", kind, cluster.Name)
operations = append(operations, util.FederatedOperation{ operations = append(operations, util.FederatedOperation{
Type: util.OperationTypeUpdate, Type: util.OperationTypeUpdate,
Obj: desiredSecret, Obj: desiredObj,
ClusterName: cluster.Name, ClusterName: cluster.Name,
}) })
} }
@ -435,36 +440,36 @@ func (secretcontroller *SecretController) reconcileSecret(secret types.Namespace
// Everything is in order // Everything is in order
return return
} }
err = secretcontroller.federatedUpdater.UpdateWithOnError(operations, secretcontroller.updateTimeout, err = s.updater.UpdateWithOnError(operations, s.updateTimeout,
func(op util.FederatedOperation, operror error) { func(op util.FederatedOperation, operror error) {
secretcontroller.eventRecorder.Eventf(baseSecret, api.EventTypeNormal, "UpdateInClusterFailed", s.eventRecorder.Eventf(obj, api.EventTypeNormal, "UpdateInClusterFailed",
"%s update in cluster %s failed: %v", strings.ToTitle(kind), op.ClusterName, operror) "%s update in cluster %s failed: %v", strings.ToTitle(kind), op.ClusterName, operror)
}) })
if err != nil { if err != nil {
glog.Errorf("Failed to execute updates for %s: %v", key, err) glog.Errorf("Failed to execute updates for %s: %v", key, err)
secretcontroller.deliverSecret(secret, 0, true) s.deliver(namespacedName, 0, true)
return return
} }
// Evertyhing is in order but lets be double sure // Evertyhing is in order but lets be double sure
secretcontroller.deliverSecret(secret, secretcontroller.secretReviewDelay, false) s.deliver(namespacedName, s.reviewDelay, false)
} }
// delete deletes the given secret or returns error if the deletion was not complete. // delete deletes the given resource or returns error if the deletion was not complete.
func (secretcontroller *SecretController) delete(obj pkgruntime.Object, namespacedName types.NamespacedName) error { func (s *FederationSyncController) delete(obj pkgruntime.Object, namespacedName types.NamespacedName) error {
kind := secretcontroller.adapter.Kind() kind := s.adapter.Kind()
glog.V(3).Infof("Handling deletion of %s: %v", kind, namespacedName) glog.V(3).Infof("Handling deletion of %s: %v", kind, namespacedName)
_, err := secretcontroller.deletionHelper.HandleObjectInUnderlyingClusters(obj) _, err := s.deletionHelper.HandleObjectInUnderlyingClusters(obj)
if err != nil { if err != nil {
return err return err
} }
err = secretcontroller.adapter.FedDelete(namespacedName, nil) err = s.adapter.FedDelete(namespacedName, nil)
if err != nil { if err != nil {
// Its all good if the error is not found error. That means it is deleted already and we do not have to do anything. // Its all good if the error is not found error. That means it is deleted already and we do not have to do anything.
// This is expected when we are processing an update as a result of secret finalizer deletion. // This is expected when we are processing an update as a result of finalizer deletion.
// The process that deleted the last finalizer is also going to delete the secret and we do not have to do anything. // The process that deleted the last finalizer is also going to delete the resource and we do not have to do anything.
if !errors.IsNotFound(err) { if !errors.IsNotFound(err) {
return fmt.Errorf("failed to delete %s: %v", kind, err) return fmt.Errorf("failed to delete %s: %v", kind, err)
} }

6
federation/pkg/federation-controller/secret/secret_controller_test.go
View File

@ -77,7 +77,7 @@ func TestSecretController(t *testing.T) {
return nil, fmt.Errorf("Unknown cluster") return nil, fmt.Errorf("Unknown cluster")
} }
} }
setClientFactory(secretController.secretFederatedInformer, informerClientFactory) setClientFactory(secretController.informer, informerClientFactory)
secretController.minimizeLatency() secretController.minimizeLatency()
@ -115,7 +115,7 @@ func TestSecretController(t *testing.T) {
// Wait for the secret to appear in the informer store // Wait for the secret to appear in the informer store
err := WaitForStoreUpdate( err := WaitForStoreUpdate(
secretController.secretFederatedInformer.GetTargetStore(), secretController.informer.GetTargetStore(),
cluster1.Name, types.NamespacedName{Namespace: secret1.Namespace, Name: secret1.Name}.String(), wait.ForeverTestTimeout) cluster1.Name, types.NamespacedName{Namespace: secret1.Namespace, Name: secret1.Name}.String(), wait.ForeverTestTimeout)
assert.Nil(t, err, "secret should have appeared in the informer store") assert.Nil(t, err, "secret should have appeared in the informer store")
@ -146,7 +146,7 @@ func TestSecretController(t *testing.T) {
// Wait for the secret to be updated in the informer store. // Wait for the secret to be updated in the informer store.
err = WaitForSecretStoreUpdate( err = WaitForSecretStoreUpdate(
secretController.secretFederatedInformer.GetTargetStore(), secretController.informer.GetTargetStore(),
cluster1.Name, types.NamespacedName{Namespace: secret1.Namespace, Name: secret1.Name}.String(), cluster1.Name, types.NamespacedName{Namespace: secret1.Namespace, Name: secret1.Name}.String(),
&secret1, wait.ForeverTestTimeout) &secret1, wait.ForeverTestTimeout)
assert.NoError(t, err, "secret should have been updated in the informer store") assert.NoError(t, err, "secret should have been updated in the informer store")