improve port pool allocator

Signed-off-by: roc <[email protected]>

Author: imroc

cmd/app/setup_manager.go

@@ -10,6 +10,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
+	"k8s.io/client-go/tools/record"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/healthz"
@@ -24,7 +25,7 @@ func init() {
 }
 
 func SetupManager(mgr ctrl.Manager) {
-	if err := mgr.Add(&initCache{mgr.GetClient()}); err != nil {
+	if err := mgr.Add(&initCache{mgr.GetClient(), mgr.GetEventRecorderFor("clbportpool-controller")}); err != nil {
 		setupLog.Error(err, "problem add init cache")
 		os.Exit(1)
 	}
@@ -44,6 +45,7 @@ func SetupManager(mgr ctrl.Manager) {
 
 type initCache struct {
 	client.Client
+	record.EventRecorder
 }
 
 func (i *initCache) NeedLeaderElection() bool {
@@ -60,7 +62,7 @@ func (i *initCache) Start(ctx context.Context) error {
 	}
 	for index := range ppl.Items {
 		pp := &ppl.Items[index]
-		if err := portpool.Allocator.AddPool(portpoolutil.NewPortPool(pp, i.Client)); err != nil {
+		if err := portpool.Allocator.AddPool(portpoolutil.NewPortPool(pp, i.Client, i.EventRecorder)); err != nil {
 			return err
 		}
 		lbIds := []string{}

internal/controller/clbbinding.go

@@ -59,18 +59,18 @@ func (r *CLBBindingReconciler[T]) sync(ctx context.Context, bd T) (result ctrl.R
 	}
 	// 确保所有端口都已分配且绑定 obj
 	if newResult, err := r.ensureCLBBinding(ctx, bd); err != nil {
-		//  如果是等待端口池扩容 CLB，确保状态为 WaitForLB，并重新入队，以便在 CLB 扩容完成后能自动分配端口并绑定 obj
-		if errors.Is(err, portpool.ErrWaitLBScale) {
-			result.RequeueAfter = 3 * time.Second
+		errCause := errors.Cause(err)
+		switch errCause {
+		case portpool.ErrNewLBCreated, portpool.ErrNewLBCreating: // 扩容了 lb，或者正在扩容，忽略，因为会自动触发对账
 			return result, nil
 		}
 		// 如果是被云 API 限流（默认每秒 20 qps 限制），1s 后重新入队
-		if clb.IsRequestLimitExceededError(errors.Cause(err)) {
+		if clb.IsRequestLimitExceededError(errCause) {
 			result.RequeueAfter = time.Second
 			return result, nil
 		}
 		// 其它非资源冲突的错误，将错误记录到状态中方便排障
-		if !apierrors.IsConflict(err) {
+		if !apierrors.IsConflict(errCause) {
 			if status.State != networkingv1alpha1.CLBBindingStateFailed {
 				status.State = networkingv1alpha1.CLBBindingStateFailed
 				status.Message = err.Error()
@@ -79,7 +79,7 @@ func (r *CLBBindingReconciler[T]) sync(ctx context.Context, bd T) (result ctrl.R
 				}
 			}
 			// lb 已不存在，没必要重新入队对账，保持 Failed 状态即可。
-			if clb.IsLbIdNotFoundError(errors.Cause(err)) {
+			if clb.IsLbIdNotFoundError(errCause) {
 				return result, nil
 			}
 			return result, errors.WithStack(err)
@@ -487,8 +487,6 @@ LOOP_PORT:
 				if err := r.Status().Update(ctx, bd.GetObject()); err != nil {
 					return result, errors.WithStack(err)
 				}
-				result = &ctrl.Result{}
-				result.RequeueAfter = 2 * time.Second
 				return result, nil
 			}
 			return result, errors.WithStack(err)

internal/controller/clbportpool_controller.go

@@ -266,50 +266,9 @@ func (r *CLBPortPoolReconciler) ensureLb(ctx context.Context, pool *networkingv1
 	return nil
 }
 
-// 扩容 CLB
-func (r *CLBPortPoolReconciler) createLB(ctx context.Context, pool *networkingv1alpha1.CLBPortPool) error {
-	if !portpoolutil.CanCreateLB(ctx, pool) { // 触发自动创建 CLB，但当前却无法扩容，一般不可能发生，除非代码 BUG
-		r.Recorder.Event(pool, corev1.EventTypeWarning, "CreateLoadBalancer", "not able to scale clb while scale is been tiggered")
-		if err := r.ensureState(ctx, pool, networkingv1alpha1.CLBPortPoolStateActive); err != nil {
-			return errors.WithStack(err)
-		}
-		return nil
-	}
-	// 创建 CLB
-	r.Recorder.Event(pool, corev1.EventTypeNormal, "CreateLoadBalancer", "try to create clb")
-	lbId, err := clb.CreateCLB(ctx, pool.GetRegion(), clb.ConvertCreateLoadBalancerRequest(pool.Spec.AutoCreate.Parameters))
-	if err != nil {
-		r.Recorder.Eventf(pool, corev1.EventTypeWarning, "CreateLoadBalancer", "create clb failed: %s", err.Error())
-		return errors.WithStack(err)
-	}
-	r.Recorder.Eventf(pool, corev1.EventTypeNormal, "CreateLoadBalancer", "create clb success: %s", lbId)
-	if err := portpool.Allocator.AddLbId(pool.Name, lbId); err != nil {
-		return errors.WithStack(err)
-	}
-	addLbIdToStatus := func() error {
-		p := &networkingv1alpha1.CLBPortPool{}
-		if err := r.Get(ctx, client.ObjectKeyFromObject(pool), p); err != nil {
-			return errors.WithStack(err)
-		}
-		p.Status.State = networkingv1alpha1.CLBPortPoolStateActive // 创建成功，状态改为 Active，以便再次可分配端口
-		p.Status.LoadbalancerStatuses = append(p.Status.LoadbalancerStatuses, networkingv1alpha1.LoadBalancerStatus{
-			LoadbalancerID: lbId,
-			AutoCreated:    util.GetPtr(true),
-		})
-		if err := r.Status().Update(ctx, p); err != nil {
-			return errors.WithStack(err)
-		}
-		return nil
-	}
-	if err := util.RetryIfPossible(addLbIdToStatus); err != nil {
-		return errors.WithStack(err)
-	}
-	return nil
-}
-
 func (r *CLBPortPoolReconciler) ensureAllocatorCache(_ context.Context, pool *networkingv1alpha1.CLBPortPool) error {
 	if !portpool.Allocator.IsPoolExists(pool.Name) { // 分配器缓存中不存在，则添加
-		if err := portpool.Allocator.AddPool(portpoolutil.NewPortPool(pool, r.Client)); err != nil {
+		if err := portpool.Allocator.AddPool(portpoolutil.NewPortPool(pool, r.Client, r.Recorder)); err != nil {
 			return errors.WithStack(err)
 		}
 	}
@@ -326,16 +285,6 @@ func (r *CLBPortPoolReconciler) sync(ctx context.Context, pool *networkingv1alph
 		}
 	}
 
-	// 被通知扩容CLB时，执行扩容操作
-	if pool.Status.State == networkingv1alpha1.CLBPortPoolStateScaling {
-		if err := r.createLB(ctx, pool); err != nil { // 执行扩容
-			return result, errors.WithStack(err)
-		}
-		// 扩容成功，重新对账
-		result.Requeue = true
-		return result, nil
-	}
-
 	// 确保分配器缓存中存在该 port pool
 	if err := r.ensureAllocatorCache(ctx, pool); err != nil {
 		return result, errors.WithStack(err)

internal/portpool/allocator.go

@@ -6,7 +6,6 @@ import (
 	"sync"
 
 	"github.com/pkg/errors"
-	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
 // PortAllocator 管理多个端口池
@@ -137,16 +136,6 @@ func (pa *PortAllocator) Release(pool, lbId string, port ProtocolPort) {
 
 var Allocator = NewPortAllocator()
 
-var (
-	allocator    *PortAllocator
-	allocatorMux sync.Mutex
-	apiClient    client.Client
-)
-
-func Init(client client.Client) {
-	apiClient = client
-}
-
 func (pa *PortAllocator) MarkAllocated(poolName string, lbId string, port uint16, endPort *uint16, protocol string) {
 	pa.mu.Lock()
 	defer pa.mu.Unlock()

internal/portpool/error.go

@@ -6,7 +6,8 @@ var (
 	ErrPoolNotFound          = errors.New("port pool not found")
 	ErrNoPortAvailable       = errors.New("no available port in pool")
 	ErrSegmentLengthNotEqual = errors.New("segment length is not equal across all port pools")
-	ErrWaitLBScale           = errors.New("waiting for clb scale")
+	ErrNewLBCreated          = errors.New("new lb created")
+	ErrNewLBCreating         = errors.New("new lb is creating")
 	ErrUnknown               = errors.New("unknown error")
 	ErrNoFreeLb              = errors.New("no free lb available")
 )

internal/portpool/portpool.go

@@ -41,13 +41,22 @@ func (pas PortAllocations) Release() {
 	}
 }
 
+type CreateLbResult int
+
+const (
+	CreateLbResultError CreateLbResult = iota
+	CreateLbResultSuccess
+	CreateLbResultForbidden
+	CreateLbResultCreating
+)
+
 type CLBPortPool interface {
 	GetName() string
 	GetRegion() string
 	GetStartPort() uint16
 	GetEndPort() uint16
 	GetSegmentLength() uint16
-	TryNotifyCreateLB(ctx context.Context) (int, error)
+	TryCreateLB(ctx context.Context) (CreateLbResult, error)
 }
 
 // PortPool 管理单个端口池的状态

internal/portpool/portpools.go

@@ -78,17 +78,17 @@ LOOP_POOL:
 		// 该端口池所有端口都无法分配，或者监听器数量超配额，为保证事务性，释放已分配的端口，并尝试通知端口池扩容 CLB 来补充端口池
 		allocatedPorts.Release()
 		// 检查端口池是否可以创建 CLB
-		result, err := pool.TryNotifyCreateLB(ctx)
+		result, err := pool.TryCreateLB(ctx)
 		if err != nil {
 			return nil, errors.WithStack(err)
 		}
 		switch result {
-		case -1: // 不能自动创建，返回端口不足的错误
-			log.FromContext(ctx).V(10).Info("port is not enough", "pool", pool.GetName())
+		case CreateLbResultForbidden: // 不能自动创建，返回端口不足的错误
 			return nil, ErrNoPortAvailable
-		case 2, 1: // 已经通知过或通知成功，重新入队
-			log.FromContext(ctx).V(10).Info("wait lb to scale", "pool", pool.GetName())
-			return nil, ErrWaitLBScale
+		case CreateLbResultCreating: // 正在创建 CLB，创建完后会自动触发对账
+			return nil, ErrNewLBCreating
+		case CreateLbResultSuccess: // 已经通知过或通知成功，重新入队
+			return nil, ErrNewLBCreated
 		default: // 不可能的状态
 			return nil, ErrUnknown
 		}

internal/portpool/util/portpool.go

@@ -2,10 +2,15 @@ package util
 
 import (
 	"context"
+	"sync"
 
 	"github.com/pkg/errors"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/client-go/tools/record"
 
 	networkingv1alpha1 "github.com/imroc/tke-extend-network-controller/api/v1alpha1"
+	"github.com/imroc/tke-extend-network-controller/internal/portpool"
+	"github.com/imroc/tke-extend-network-controller/pkg/clb"
 	"github.com/imroc/tke-extend-network-controller/pkg/util"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/log"
@@ -14,24 +19,83 @@ import (
 type PortPool struct {
 	*networkingv1alpha1.CLBPortPool
 	client.Client
+	record.EventRecorder
+	mu       sync.Mutex
+	creating bool
 }
 
-func (p *PortPool) TryNotifyCreateLB(ctx context.Context) (int, error) {
+func (p *PortPool) TryCreateLB(ctx context.Context) (portpool.CreateLbResult, error) {
+	if p.creating {
+		return portpool.CreateLbResultCreating, nil
+	}
+	log.FromContext(ctx).V(10).Info("TryCreateLB")
 	pp := &networkingv1alpha1.CLBPortPool{}
 	if err := p.Get(ctx, client.ObjectKeyFromObject(p.CLBPortPool), pp); err != nil {
-		return 0, errors.WithStack(err)
+		return portpool.CreateLbResultError, errors.WithStack(err)
+	}
+	// 还未初始化的端口池，不能创建负载均衡器
+	if pp.Status.State == "" || pp.Status.State == networkingv1alpha1.CLBPortPoolStatePending {
+		return portpool.CreateLbResultForbidden, nil
+	}
+	// 没有显式启用自动创建的端口池，不能创建负载均衡器
+	if pp.Spec.AutoCreate == nil || !pp.Spec.AutoCreate.Enabled {
+		log.FromContext(ctx).V(10).Info("not able to create lb cuz auto create is not enabled")
+		return portpool.CreateLbResultForbidden, nil
 	}
-	if !CanCreateLB(ctx, pp) {
-		return -1, nil
+	p.mu.Lock()
+	defer p.mu.Unlock()
+	if len(pp.Status.LoadbalancerStatuses) > len(p.CLBPortPool.Status.LoadbalancerStatuses) {
+		p.CLBPortPool = pp
 	}
-	if pp.Status.State == networkingv1alpha1.CLBPortPoolStateScaling { // 已经在扩容了
-		return 2, nil
+	// 自动创建的 CLB 数量达到配置上限的端口池，不能创建负载均衡器
+	if !util.IsZero(pp.Spec.AutoCreate.MaxLoadBalancers) { // 要读结构体中的，cache 获取到不一定是实时最新的
+		// 检查是否已创建了足够的 CLB
+		num := uint16(0)
+		for _, lbStatus := range p.CLBPortPool.Status.LoadbalancerStatuses {
+			if lbStatus.AutoCreated != nil && *lbStatus.AutoCreated && lbStatus.State != networkingv1alpha1.LoadBalancerStateNotFound {
+				num++
+			}
+		}
+		// 如果已创建数量已满，则直接返回
+		if num >= *pp.Spec.AutoCreate.MaxLoadBalancers {
+			log.FromContext(ctx).V(10).Info("max auto-created loadbalancers is reached", "num", num, "max", *pp.Spec.AutoCreate.MaxLoadBalancers)
+			return portpool.CreateLbResultForbidden, nil
+		}
+	}
+	p.creating = true
+	defer func() {
+		p.creating = false
+	}()
+	p.EventRecorder.Event(pp, corev1.EventTypeNormal, "CreateLoadBalancer", "try to create clb")
+	lbId, err := clb.CreateCLB(ctx, pp.GetRegion(), clb.ConvertCreateLoadBalancerRequest(pp.Spec.AutoCreate.Parameters))
+	if err != nil {
+		p.EventRecorder.Eventf(pp, corev1.EventTypeWarning, "CreateLoadBalancer", "create clb failed: %s", err.Error())
+		return portpool.CreateLbResultError, errors.WithStack(err)
+	}
+	p.EventRecorder.Eventf(pp, corev1.EventTypeNormal, "CreateLoadBalancer", "create clb success: %s", lbId)
+	if err := portpool.Allocator.AddLbId(pp.Name, lbId); err != nil {
+		return portpool.CreateLbResultError, errors.WithStack(err)
+	}
+	addLbIdToStatus := func() error {
+		pp := &networkingv1alpha1.CLBPortPool{}
+		if err := p.Client.Get(ctx, client.ObjectKeyFromObject(p.CLBPortPool), pp); err != nil {
+			return errors.WithStack(err)
+		}
+		pp.Status.State = networkingv1alpha1.CLBPortPoolStateActive // 创建成功，状态改为 Active，以便再次可分配端口
+		pp.Status.LoadbalancerStatuses = append(pp.Status.LoadbalancerStatuses, networkingv1alpha1.LoadBalancerStatus{
+			LoadbalancerID: lbId,
+			AutoCreated:    util.GetPtr(true),
+		})
+		if err := p.Client.Status().Update(ctx, pp); err != nil {
+			return errors.WithStack(err)
+		}
+		p.CLBPortPool = pp
+		return nil
 	}
-	pp.Status.State = networkingv1alpha1.CLBPortPoolStateScaling
-	if err := p.Client.Status().Update(ctx, pp); err != nil {
-		return 0, errors.WithStack(err)
+	if err := util.RetryIfPossible(addLbIdToStatus); err != nil {
+		return portpool.CreateLbResultError, errors.WithStack(err)
 	}
-	return 1, nil // 成功通知扩容
+	return portpool.CreateLbResultSuccess, nil
 }
 
 func (p *PortPool) GetStartPort() uint16 {
@@ -52,10 +116,11 @@ func (p *PortPool) GetSegmentLength() uint16 {
 	return *p.Spec.SegmentLength
 }
 
-func NewPortPool(pp *networkingv1alpha1.CLBPortPool, c client.Client) *PortPool {
+func NewPortPool(pp *networkingv1alpha1.CLBPortPool, c client.Client, recorder record.EventRecorder) *PortPool {
 	return &PortPool{
-		CLBPortPool: pp,
-		Client:      c,
+		CLBPortPool:   pp,
+		Client:        c,
+		EventRecorder: recorder,
 	}
 }
 

internal/webhook/v1alpha1/webhook_suite_test.go

@@ -112,9 +112,6 @@ var _ = BeforeSuite(func() {
 	err = SetupCLBPortPoolWebhookWithManager(mgr)
 	Expect(err).NotTo(HaveOccurred())
 
-	err = SetupCLBPodBindingWebhookWithManager(mgr)
-	Expect(err).NotTo(HaveOccurred())
-
 	// +kubebuilder:scaffold:webhook
 
 	go func() {