Skip to content

Commit

Permalink
controlplane: Use leader election for control controllers
Browse files Browse the repository at this point in the history
This commit adds leader election for control controllers.

Signed-off-by: Or Ozeri <[email protected]>
  • Loading branch information
orozery committed Jun 19, 2024
1 parent 3443ecb commit 225ef66
Show file tree
Hide file tree
Showing 6 changed files with 62 additions and 11 deletions.
5 changes: 4 additions & 1 deletion cmd/cl-controlplane/app/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -165,7 +165,10 @@ func (o *Options) Run() error {
},
},
},
Scheme: scheme,
LeaderElection: true,
LeaderElectionNamespace: namespace,
LeaderElectionID: "cl-controlplane",
Scheme: scheme,
}

mgr, err := manager.New(config, managerOptions)
Expand Down
15 changes: 15 additions & 0 deletions config/operator/rbac/role.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,13 @@ kind: ClusterRole
metadata:
name: cl-operator-manager-role
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- create
- update
- apiGroups:
- ""
resources:
Expand Down Expand Up @@ -97,6 +104,14 @@ rules:
- get
- patch
- update
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- get
- update
- apiGroups:
- discovery.k8s.io
resources:
Expand Down
6 changes: 6 additions & 0 deletions pkg/bootstrap/platform/k8s.go
Original file line number Diff line number Diff line change
Expand Up @@ -198,9 +198,15 @@ kind: ClusterRole
metadata:
name: cl-controlplane
rules:
- apiGroups: [""]
resources: ["events"]
verbs: ["create", "update"]
- apiGroups: [""]
resources: ["services"]
verbs: ["get", "list", "watch", "create", "delete", "update"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "create", "update"]
- apiGroups: ["discovery.k8s.io"]
resources: ["endpointslices"]
verbs: ["get", "list", "watch", "create", "delete", "update"]
Expand Down
25 changes: 15 additions & 10 deletions pkg/controlplane/control/controllers.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,9 @@ import (
// CreateControllers creates the various k8s controllers used to update the control manager.
func CreateControllers(mgr *Manager, controllerManager ctrl.Manager) error {
err := controller.AddToManager(controllerManager, &controller.Spec{
Name: "control.peer",
Object: &v1alpha1.Peer{},
Name: "control.peer",
Object: &v1alpha1.Peer{},
NeedsLeaderElection: true,
AddHandler: func(ctx context.Context, object any) error {
mgr.AddPeer(object.(*v1alpha1.Peer))
return nil
Expand All @@ -44,8 +45,9 @@ func CreateControllers(mgr *Manager, controllerManager ctrl.Manager) error {
return err
}
err = controller.AddToManager(controllerManager, &controller.Spec{
Name: "control.service",
Object: &v1.Service{},
Name: "control.service",
Object: &v1.Service{},
NeedsLeaderElection: true,
AddHandler: func(ctx context.Context, object any) error {
return mgr.addService(ctx, object.(*v1.Service))
},
Expand All @@ -58,8 +60,9 @@ func CreateControllers(mgr *Manager, controllerManager ctrl.Manager) error {
}

err = controller.AddToManager(controllerManager, &controller.Spec{
Name: "control.export",
Object: &v1alpha1.Export{},
Name: "control.export",
Object: &v1alpha1.Export{},
NeedsLeaderElection: true,
AddHandler: func(ctx context.Context, object any) error {
return mgr.AddExport(ctx, object.(*v1alpha1.Export))
},
Expand All @@ -72,8 +75,9 @@ func CreateControllers(mgr *Manager, controllerManager ctrl.Manager) error {
}

err = controller.AddToManager(controllerManager, &controller.Spec{
Name: "control.import",
Object: &v1alpha1.Import{},
Name: "control.import",
Object: &v1alpha1.Import{},
NeedsLeaderElection: true,
AddHandler: func(ctx context.Context, object any) error {
return mgr.AddImport(ctx, object.(*v1alpha1.Import))
},
Expand All @@ -84,8 +88,9 @@ func CreateControllers(mgr *Manager, controllerManager ctrl.Manager) error {
}

return controller.AddToManager(controllerManager, &controller.Spec{
Name: "control.endpointslice",
Object: &discv1.EndpointSlice{},
Name: "control.endpointslice",
Object: &discv1.EndpointSlice{},
NeedsLeaderElection: true,
AddHandler: func(ctx context.Context, object any) error {
return mgr.addEndpointSlice(ctx, object.(*discv1.EndpointSlice))
},
Expand Down
16 changes: 16 additions & 0 deletions pkg/operator/controller/instance_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,9 @@ type InstanceReconciler struct {
// +kubebuilder:rbac:groups=clusterlink.net,resources=instances,verbs=list;get;watch;update;patch
// +kubebuilder:rbac:groups=clusterlink.net,resources=instances/status,verbs=get;update;patch
// +kubebuilder:rbac:groups=clusterlink.net,resources=instances/finalizers,verbs=update
// +kubebuilder:rbac:groups="",resources=events,verbs=create;update
// +kubebuilder:rbac:groups="",resources=services;serviceaccounts,verbs=list;get;watch;create;update;patch;delete
// +kubebuilder:rbac:groups="coordination.k8s.io",resources=leases,verbs=get;create;update
// +kubebuilder:rbac:groups="discovery.k8s.io",resources=endpointslices,verbs=list;get;watch;create;update;patch;delete
// +kubebuilder:rbac:groups="",resources=nodes,verbs=list;get;watch
// +kubebuilder:rbac:groups="",resources=pods,verbs=list;get;watch
Expand Down Expand Up @@ -421,13 +423,27 @@ func (r *InstanceReconciler) createAccessControl(ctx context.Context, name, name
Name: name + namespace,
},
Rules: []rbacv1.PolicyRule{
{
APIGroups: []string{""},
Resources: []string{"events"},
Verbs: []string{
"create", "update",
},
},
{
APIGroups: []string{""},
Resources: []string{"services"},
Verbs: []string{
"get", "list", "watch", "create", "delete", "update",
},
},
{
APIGroups: []string{"coordination.k8s.io"},
Resources: []string{"leases"},
Verbs: []string{
"get", "create", "update",
},
},
{
APIGroups: []string{"discovery.k8s.io"},
Resources: []string{"endpointslices"},
Expand Down
6 changes: 6 additions & 0 deletions pkg/util/controller/controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
"k8s.io/apimachinery/pkg/types"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/controller"
)

// Spec holds everything needed to create a controller.
Expand All @@ -30,6 +31,8 @@ type Spec struct {
Name string
// Object being watched.
Object client.Object
// NeedsLeaderElection determines if the controller needs leader election.
NeedsLeaderElection bool
// AddHandler handles object create/update.
AddHandler func(ctx context.Context, object any) error
// DeleteHandler handles object deletes.
Expand Down Expand Up @@ -75,5 +78,8 @@ func newReconciler(clnt client.Client, spec *Spec) *reconciler {
func AddToManager(manager ctrl.Manager, spec *Spec) error {
return ctrl.NewControllerManagedBy(manager).
For(spec.Object).
WithOptions(controller.Options{
NeedLeaderElection: &spec.NeedsLeaderElection,
}).
Complete(newReconciler(manager.GetClient(), spec))
}

0 comments on commit 225ef66

Please sign in to comment.