openkruise / controllermesh Goto Github PK

View Code? Open in Web Editor NEW

62.0 9.0 9.0 10.13 MB

ControllerMesh is a solution that helps developers manage their controllers/operators better with enhanced isolation.

License: Apache License 2.0

Dockerfile 1.24% Makefile 2.80% Go 92.80% Shell 3.16%

controllermesh's Introduction

ControllerMesh

ControllerMesh is a solution that helps developers manage their controllers/operators better.

Key Features

Canary update: the controllers can be updated in canary progress instead of one time replace.
Fault injection: it helps developers to verify their reconcile logic in some fault scenarios.
Flexible isolation: limits resources of which namespaces can be queried by a controller.
Client-side rate-limit and blown.

Implementation Constraints

Generally, a ctrlmesh-proxy container will be injected into each operator Pod that has configured in ControllerMesh. This proxy container will intercept and handle the connection by between API Server and controllers/webhooks in the Pod.

The ctrlmesh-manager dispatches rules to the proxies, so that they can route requests according to the rules.

A core CRD in ControllerMesh is VirtualApp. It contains all rules for user's controller and webhook:

apiVersion: ctrlmesh.kruise.io/v1alpha1
kind: VirtualApp
metadata:
  name: test-operator
  # ...
spec:
  selector:
    matchLabels:
      component: test-operator
  configuration:
    controller:
      leaderElectionName: test-operator
    webhook:
      certDir: /tmp/webhook-certs
      port: 9443
  route:
    globalLimits:
    - namespaceSelector:
        matchExpressions:
        - key: ns-type
          operator: NotIn
          values:
          - system
    subRules:
    - name: canary-rule
      match:
      - namespaceSelector:
          matchLabels:
            ns-type: canary-1
      - namespaceRegex: "^canary.*"
  subsets:
  - name: v2
    labels:
      version: v2
    routeRules:
    - canary-rule

selector: for all pods of the test-operator
configuration:
- controller: configuration for controller, including leader election name
- webhook: configuration for webhook, including certDir and port of this webhook
route:
- globalLimits: limit rules that enable to all pods of test-operator
- subRules: multiple rules that can define to be used in subsets
subsets: multiple groups of the pods, each subset has specific labels and its route rules

Flow control

ControllerMesh will firstly support Hard Limit type of flow control, which means the ctrlmesh-proxy will filter unmatched requests/responses between API Server and local controller/webhook.

Controller:

Webhook:

Risks and Mitigations

The controller/webhook can not get any requests if ctrlmesh-proxy container crashes.
Developers can not change the flow rules of their operators if kruise-manager is not working.
The performance of controller/webhook will be a little worse.
Pod of the operator requires a few more resources because of a ctrlmesh-proxy container injected into it.

License

ControllerMesh is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.

controllermesh's People

Contributors

Stargazers

Watchers

Forkers

veophi fillzpp hantmac eikykun shijieqin leoliuyan doytsujin diannaowa qiuming520

controllermesh's Issues

[BUG] Should we restart all pods to resync cache after vapp was updated ?

What happened:
If vapp specHash changed, the proxy container will block leader election to restart main container.
But only leader pod restarted, other proxy container always wait for main container to restart.

Why it happened:
In controller-runtime LeaderElector, it has 2 loops to run the leader election:

acquire() lock
renew() lock

Only 2 will panic after catch an error.
Leader pod in loop 2, but other pods in loop 1.

What you expected to happen:
My expectation is to restart all pods after vapp specHash changed...

Add LabelSelector in MatchLimitSelector, and inject ListOptions before the proxy forward httpReq

What would you like to be added:

Inject ListOptions before forwarding httpReq. Select rule will be defined in crd.
Modify CRD. Add LabelSelector in MatchLimitSelector, it defined injection rules.

More details to be discussed. cc @FillZpp

Why is this needed:

In proxy router, the source httpReq was forwarded directly to apiserver. Then the apiserver still needs to process(List/Watch) all the resources with no limits, e.g. list all pods. For clusters with huge resources, apiserver will be under tremendous pressure when processing multiple shards, and operator also warm up with long time.

BUG REPORT: leader-election hander bug

BUG REPORT

On controller-mesh/proxy/leaderelection/election_handler.go L150 and L168,

	r.URL.Path = strings.Replace(r.URL.Path, h.lockName, name, -1)
        ...
	r.URL.Path = strings.Replace(r.URL.Path, h.lockName, setSubsetIntoName(h.lockName, h.routeSnapshot.Route.Subset), -1)

If a leader-election name appears more than once in URL.Path, It'll be replaced entirely.
Especially one leader-election resource name is same with namespace.

e.g.
For: /api/v1/namespaces/cafeextcontroller/configmaps/cafeextcontroller
expect : /api/v1/namespaces/cafeextcontroller/configmaps/cafeextcontroller---ctrlmeshtest
but real : /api/v1/namespaces/cafeextcontroller---ctrlmeshtest/configmaps/cafeextcontroller---ctrlmeshtest

further development

Why hasn't there been any development on a project that seems to have great potential for almost 2 years?