|
| 1 | +package aga |
| 2 | + |
| 3 | +import ( |
| 4 | + "context" |
| 5 | + "fmt" |
| 6 | + awssdk "github.com/aws/aws-sdk-go-v2/aws" |
| 7 | + "sync" |
| 8 | + "time" |
| 9 | + |
| 10 | + elbv2sdk "github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2" |
| 11 | + "github.com/hashicorp/golang-lru" |
| 12 | + "sigs.k8s.io/aws-load-balancer-controller/pkg/aws/services" |
| 13 | +) |
| 14 | + |
| 15 | +const ( |
| 16 | + // AWS Global Accelerator has a quota of 420 endpoints per AWS account (can be increased) |
| 17 | + // Using 420 provides headroom while efficiently caching DNS-to-ARN resolutions |
| 18 | + LRU_CACHE_SIZE = 420 |
| 19 | +) |
| 20 | + |
| 21 | +// DNSToLoadBalancerResolver resolves load balancer DNS names to ARNs |
| 22 | +type DNSToLoadBalancerResolver struct { |
| 23 | + elbv2Client services.ELBV2 |
| 24 | + cache *lru.Cache |
| 25 | + cacheMutex sync.RWMutex |
| 26 | + ttl time.Duration |
| 27 | +} |
| 28 | + |
| 29 | +type cacheEntry struct { |
| 30 | + arn string |
| 31 | + expireAt time.Time |
| 32 | +} |
| 33 | + |
| 34 | +// NewDNSToLoadBalancerResolver creates a new DNSToLoadBalancerResolver |
| 35 | +func NewDNSToLoadBalancerResolver(elbv2Client services.ELBV2) (*DNSToLoadBalancerResolver, error) { |
| 36 | + cache, err := lru.New(LRU_CACHE_SIZE) |
| 37 | + if err != nil { |
| 38 | + return nil, err |
| 39 | + } |
| 40 | + |
| 41 | + return &DNSToLoadBalancerResolver{ |
| 42 | + elbv2Client: elbv2Client, |
| 43 | + cache: cache, |
| 44 | + ttl: 5 * time.Minute, // Default TTL of 5 minutes |
| 45 | + }, nil |
| 46 | +} |
| 47 | + |
| 48 | +// ResolveDNSToLoadBalancerARN resolves a load balancer DNS name to an ARN |
| 49 | +func (r *DNSToLoadBalancerResolver) ResolveDNSToLoadBalancerARN(ctx context.Context, dnsName string) (string, error) { |
| 50 | + if dnsName == "" { |
| 51 | + return "", fmt.Errorf("empty DNS name") |
| 52 | + } |
| 53 | + |
| 54 | + // Check cache first |
| 55 | + r.cacheMutex.RLock() |
| 56 | + if value, found := r.cache.Get(dnsName); found { |
| 57 | + entry := value.(cacheEntry) |
| 58 | + // Check if the cache entry is still valid |
| 59 | + if time.Now().Before(entry.expireAt) { |
| 60 | + r.cacheMutex.RUnlock() |
| 61 | + return entry.arn, nil |
| 62 | + } |
| 63 | + // Entry has expired, remove from cache |
| 64 | + r.cache.Remove(dnsName) |
| 65 | + } |
| 66 | + r.cacheMutex.RUnlock() |
| 67 | + |
| 68 | + req := &elbv2sdk.DescribeLoadBalancersInput{} |
| 69 | + lbs, err := r.elbv2Client.DescribeLoadBalancersAsList(ctx, req) |
| 70 | + if err != nil { |
| 71 | + return "", fmt.Errorf("failed to describe load balancers: %w", err) |
| 72 | + } |
| 73 | + if len(lbs) == 0 { |
| 74 | + return "", fmt.Errorf("no load balancers found") |
| 75 | + } |
| 76 | + arn := "" |
| 77 | + for _, lb := range lbs { |
| 78 | + if awssdk.ToString(lb.DNSName) == dnsName { |
| 79 | + arn = awssdk.ToString(lb.LoadBalancerArn) |
| 80 | + break |
| 81 | + } |
| 82 | + } |
| 83 | + if arn == "" { |
| 84 | + return "", fmt.Errorf("no load balancer found for dns %s", dnsName) |
| 85 | + } |
| 86 | + |
| 87 | + // Cache the result |
| 88 | + r.cacheMutex.Lock() |
| 89 | + r.cache.Add(dnsName, cacheEntry{ |
| 90 | + arn: arn, |
| 91 | + expireAt: time.Now().Add(r.ttl), |
| 92 | + }) |
| 93 | + r.cacheMutex.Unlock() |
| 94 | + |
| 95 | + return arn, nil |
| 96 | +} |
| 97 | + |
| 98 | +// Ensure DNSToLoadBalancerResolver implements DNSLoadBalancerResolverInterface |
| 99 | +var _ DNSLoadBalancerResolverInterface = (*DNSToLoadBalancerResolver)(nil) |
0 commit comments