Skip to content

Commit

Permalink
Remove kube_dynamic from Sotw snap and mover envoy kyverno policy und…
Browse files Browse the repository at this point in the history 
…er deploy
  • Loading branch information
@ffilippopoulos
ffilippopoulos committed Jan 20, 2025
1 parent 3a88bfe commit 94429d0
Show file tree
Hide file tree
Showing 19 changed files with 27 additions and 418 deletions.
26 changes: 13 additions & 13 deletions controller/controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func TestReconcileServices_LabelledService(t *testing.T) {
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
// Verify the default round robin policy is set on the clusters
for _, cl := range snap.GetResources(resource.ClusterType) {
cluster, err := xds.UnmarshalResourceToCluster(cl)
Expand Down Expand Up @@ -103,7 +103,7 @@ func TestReconcileServices_LabelledServiceLbPolicy(t *testing.T) {
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
// Verify the correct lb policy (ring hash) is set on the clusters
for _, cl := range snap.GetResources(resource.ClusterType) {
cluster, err := xds.UnmarshalResourceToCluster(cl)
Expand Down Expand Up @@ -140,7 +140,7 @@ func TestReconcileServices_LabelledServiceInvalidLbPolicy(t *testing.T) {
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
// Verify the default round robin policy is set on the clusters
for _, cl := range snap.GetResources(resource.ClusterType) {
cluster, err := xds.UnmarshalResourceToCluster(cl)
Expand Down Expand Up @@ -177,7 +177,7 @@ func TestReconcileServices_XdsService(t *testing.T) {
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
// Verify the default round robin policy is set on the clusters
for _, cl := range snap.GetResources(resource.ClusterType) {
cluster, err := xds.UnmarshalResourceToCluster(cl)
Expand Down Expand Up @@ -220,7 +220,7 @@ func TestReconcileServices_XdsServiceNotExistent(t *testing.T) {
}
assert.Equal(t, 0, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 0, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType))) // kube_dynamic
assert.Equal(t, 0, len(snap.GetResources(resource.RouteType)))
snap, err = snapshotter.EndpointsSnapshot(testNodeID)
if err != nil {
t.Fatal(err)
Expand Down Expand Up @@ -254,7 +254,7 @@ func TestReconcileServices_XdsServiceDelete(t *testing.T) {
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
// Verify we will have one Endpoint resource in the snapshot
snap, err = snapshotter.EndpointsSnapshot(testNodeID)
if err != nil {
Expand All @@ -271,7 +271,7 @@ func TestReconcileServices_XdsServiceDelete(t *testing.T) {
}
assert.Equal(t, 0, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 0, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType))) // kube_dynamic
assert.Equal(t, 0, len(snap.GetResources(resource.RouteType)))
snap, err = snapshotter.EndpointsSnapshot(testNodeID)
if err != nil {
t.Fatal(err)
Expand Down Expand Up @@ -304,7 +304,7 @@ func TestReconcileLocalEndpointSlice_SnapOnUpdate(t *testing.T) {
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
snap, err = snapshotter.EndpointsSnapshot(testNodeID)
if err != nil {
t.Fatal(err)
Expand Down Expand Up @@ -394,7 +394,7 @@ func TestReconcileServices_XdsServiceWithRemoteEndpoints(t *testing.T) {
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
// Verify we will have 1 Endpoint resource in the snapshot containing
// addresses from both local(2) and remote(2). 4 lbEndpoint addresses in
// total. Also verify that all priorities are set to 0.
Expand Down Expand Up @@ -457,7 +457,7 @@ func TestReconcileServices_XdsServiceWithRemoteEndpoints_NoRemoteEndpoints(t *te
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
// Verify we will have 1 Endpoint resource in the snapshot containing
// only local client addresses.
snap, err = snapshotter.EndpointsSnapshot(testNodeID)
Expand Down Expand Up @@ -508,7 +508,7 @@ func TestReconcileServices_XdsServiceWithOnlyRemoteEndpoints(t *testing.T) {
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
// Verify we will have 1 Endpoint resource in the snapshot containing
// only remote addresses (2).
snap, err = snapshotter.EndpointsSnapshot(testNodeID)
Expand Down Expand Up @@ -560,7 +560,7 @@ func TestReconcileServices_XdsServiceWithRemoteEndpointsAndLocalPriority(t *test
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
// Verify we will have 1 Endpoint resource in the snapshot containing
// addresses for local endpoints with priority 0 and for remote ones
// with priority 1.
Expand Down Expand Up @@ -622,7 +622,7 @@ func TestReconcileServices_XdsServiceWithOnlyRemoteEndpointsAndLocalPriority(t *
}
assert.Equal(t, 1, len(snap.GetResources(resource.ListenerType)))
assert.Equal(t, 1, len(snap.GetResources(resource.ClusterType)))
assert.Equal(t, 2, len(snap.GetResources(resource.RouteType))) // Includes kube_dynamic
assert.Equal(t, 1, len(snap.GetResources(resource.RouteType)))
// Verify we will have 1 Endpoint resource in the snapshot containing
// addresses for remote endpoints with priority 0, regardless of
// PriorityStrategy set to local-first.
Expand Down
1 change: 1 addition & 0 deletions deploy/kustomize/kyverno/mutate/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,4 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- mutate-semaphore-xds-clients-env.yaml
- mutate-semaphore-xds-envoy-sidecar.yaml
10 changes: 6 additions & 4 deletions ...e/mutate-semaphore-xds-envoy-sidecar.yaml → ...e/mutate-semaphore-xds-envoy-sidecar.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,12 @@ kind: ClusterPolicy
metadata:
annotations:
policies.kyverno.io/category: xDS
policies.kyverno.io/description: 'This policy ensures that pods labelled with
xds.semaphore.uw.systems/envoy-sidecar: "true" are injected with the init container
and the sidecar needed to use envoy to proxy grpc connections to targets specified
by xds.semaphore.uw.systems/envoy-sidecar-targets annotation.'
policies.kyverno.io/description: 'This policy ensures that pods labelled
with xds.semaphore.uw.systems/envoy-sidecar: "true" are injected with
an envoy sidecar to proxy grpc connections. It also points the rest of the
containers to semaphore-xds-localhost sys-semaphore service to get mock
xDS config that will point to a local port for envoy sidecar via gRPC
bootstrap conifg.'
policies.kyverno.io/subject: Pod
policies.kyverno.io/title: Mutate Sempaphore-xDS Envoy Sidecar
name: mutate-semaphore-xds-envoy-sidecar
Expand Down
7 changes: 0 additions & 7 deletions envoy-sidecar/README.md
View file

This file was deleted.

1 change: 0 additions & 1 deletion envoy-sidecar/configurer/.gitignore
View file

This file was deleted.

13 changes: 0 additions & 13 deletions envoy-sidecar/configurer/Dockerfile
View file

This file was deleted.

12 changes: 0 additions & 12 deletions envoy-sidecar/configurer/README.md
View file

This file was deleted.

190 changes: 0 additions & 190 deletions envoy-sidecar/configurer/configure.go
View file

This file was deleted.

3 changes: 0 additions & 3 deletions envoy-sidecar/configurer/go.mod
View file

This file was deleted.

Loading

0 comments on commit 94429d0

Please sign in to comment.