Shardcontroller enhancements

admiral/cmd/admiral/cmd/root.go

@@ -191,12 +191,12 @@ func GetRootCmd(args []string) *cobra.Command {
 		"The value of envoy filter is to add additional config to the filter config section")
 	rootCmd.PersistentFlags().BoolVar(&params.EnableRoutingPolicy, "enable_routing_policy", false,
 		"If Routing Policy feature needs to be enabled")
-	rootCmd.PersistentFlags().StringArrayVar(&params.ExcludedIdentityList, "excluded_identity_list", []string{},
+	rootCmd.PersistentFlags().StringSliceVar(&params.ExcludedIdentityList, "excluded_identity_list", []string{},
 		"List of identities which should be excluded from getting processed")
 	rootCmd.PersistentFlags().BoolVar(&params.EnableDiffCheck, "enable_diff_check", true, "Enable diff check")
-	rootCmd.PersistentFlags().StringArrayVar(&params.AdditionalEndpointSuffixes, "additional_endpoint_suffixes", []string{},
+	rootCmd.PersistentFlags().StringSliceVar(&params.AdditionalEndpointSuffixes, "additional_endpoint_suffixes", []string{},
 		"Suffixes that Admiral should use to generate additional endpoints through VirtualServices")
-	rootCmd.PersistentFlags().StringArrayVar(&params.AdditionalEndpointLabelFilters, "additional_endpoint_label_filters", []string{},
+	rootCmd.PersistentFlags().StringSliceVar(&params.AdditionalEndpointLabelFilters, "additional_endpoint_label_filters", []string{},
 		"Labels that admiral will check on deployment/rollout before creating additional endpoints. '*' would indicate generating additional endpoints for all deployment/rollouts")
 	rootCmd.PersistentFlags().BoolVar(&params.EnableWorkloadDataStorage, "enable_workload_data_storage", false,
 		"When true, workload data will be stored in a persistent storage")
@@ -205,7 +205,7 @@ func GetRootCmd(args []string) *cobra.Command {
 	rootCmd.PersistentFlags().BoolVar(&params.DisableIPGeneration, "disable_ip_generation", false, "When set to true, ips will not be generated and written to service entries")
 	rootCmd.PersistentFlags().StringVar(&params.LabelSet.IdentityPartitionKey, "identity_partition_key", "admiral.io/identityPartition",
 		"The annotation on a deployment/rollout spec, which will be used to divide an asset based on user-specified partition. Defaults to `admiral.io/identityPartition`.")
-	rootCmd.PersistentFlags().StringArrayVar(&params.ExportToIdentityList, "exportto_identity_list", []string{"*"}, "List of identities to write ExportTo field for")
+	rootCmd.PersistentFlags().StringSliceVar(&params.ExportToIdentityList, "exportto_identity_list", []string{"*"}, "List of identities to write ExportTo field for")
 	rootCmd.PersistentFlags().IntVar(&params.ExportToMaxNamespaces, "exportto_max_namespaces", 35, "Max number of namespaces to write in ExportTo field before just replacing with *")
 
 	// Admiral HA flags
@@ -230,11 +230,11 @@ func GetRootCmd(args []string) *cobra.Command {
 	rootCmd.PersistentFlags().BoolVar(&params.EnableServiceEntryCache, "enable_serviceentry_cache", false, "Enable/Disable Caching serviceentries")
 	rootCmd.PersistentFlags().BoolVar(&params.EnableDestinationRuleCache, "enable_destinationrule_cache", false, "Enable/Disable Caching destinationrules")
 	rootCmd.PersistentFlags().BoolVar(&params.EnableAbsoluteFQDN, "enable_absolute_fqdn", true, "Enable/Disable Absolute FQDN")
-	rootCmd.PersistentFlags().StringArrayVar(&params.AlphaIdentityList, "alpha_identity_list", []string{},
+	rootCmd.PersistentFlags().StringSliceVar(&params.AlphaIdentityList, "alpha_identity_list", []string{},
 		"Identities which can be used for testing of alpha features")
 	rootCmd.PersistentFlags().BoolVar(&params.EnableAbsoluteFQDNForLocalEndpoints, "enable_absolute_fqdn_for_local_endpoints", false, "Enable/Disable Absolute FQDN for local endpoints")
 	rootCmd.PersistentFlags().BoolVar(&params.EnableClientConnectionConfigProcessing, "enable_client_connection_config_processing", false, "Enable/Disable ClientConnectionConfig Processing")
-	rootCmd.PersistentFlags().StringArrayVar(&params.GatewayAssetAliases, "gateway_asset_aliases", []string{"Intuit.platform.servicesgateway.servicesgateway"}, "The asset aliases used for API Gateway")
+	rootCmd.PersistentFlags().StringSliceVar(&params.GatewayAssetAliases, "gateway_asset_aliases", []string{"Intuit.platform.servicesgateway.servicesgateway"}, "The asset aliases used for API Gateway")
 	rootCmd.PersistentFlags().BoolVar(&params.EnableActivePassive, "enable_active_passive", false, "Enable/Disable Active-Passive behavior")
 	rootCmd.PersistentFlags().BoolVar(&params.EnableSWAwareNSCaches, "enable_sw_aware_ns_caches", false, "Enable/Disable SW Aware NS Caches")
 	rootCmd.PersistentFlags().BoolVar(&params.AdmiralStateSyncerMode, "admiral_state_syncer_mode", false, "Enable/Disable admiral to run as state syncer only")
@@ -246,6 +246,9 @@ func GetRootCmd(args []string) *cobra.Command {
 	rootCmd.PersistentFlags().BoolVar(&params.AdmiralOperatorMode, "admiral_operator_mode", false, "Enable/Disable admiral operator functionality")
 	rootCmd.PersistentFlags().StringVar(&params.OperatorSyncNamespace, "operator_sync_namespace", "admiral-operator-sync",
 		"Namespace in which Admiral Operator will put its generated configurations")
+	rootCmd.PersistentFlags().StringVar(&params.LabelSet.ShardIdentityLabelKey, "shard_identity_label_key", "admiral.io/shardIdentity", "used to filter which shard Admiral Operator will watch")
+	rootCmd.PersistentFlags().StringVar(&params.OperatorIdentityValue, "operator_identity_value", "", "Admiral operator should watch shards where operatorIdentityLabelKey == operatorIdentityValue")
+	rootCmd.PersistentFlags().StringVar(&params.ShardIdentityValue, "shard_identity_value", "", "Admiral operator should watch shards where shardIdentityLabelKey == shardIdentityValue")
 	rootCmd.PersistentFlags().StringVar(&params.OperatorSecretFilterTags, "operator_secret_filter_tags", "admiral/syncoperator",
 		"Filter tags for the specific admiral operator namespace secret to watch")
 	return rootCmd

admiral/pkg/clusters/shard_handler.go

@@ -35,11 +35,8 @@ func (sh *ShardHandler) Added(ctx context.Context, obj *admiralapiv1.Shard) erro
 }
 
 func (sh *ShardHandler) Deleted(ctx context.Context, obj *admiralapiv1.Shard) error {
-	// TODO: Not yet implemented
-	//err := HandleEventForShard(ctx, admiral.Delete, obj, sh.RemoteRegistry)
-	//if err != nil {
-	//	return fmt.Errorf(LogErrFormat, common.Delete, common.ShardResourceType, obj.Name, "", err)
-	//}
+	ctxLogger := common.GetCtxLogger(ctx, obj.Name, "")
+	ctxLogger.Warnf(common.CtxLogFormat, "ShardHandlerDeleted", obj.Name, obj.Namespace, "", "", "Shard object was deleted")
 	return nil
 }
 

admiral/pkg/clusters/shard_handler_test.go

@@ -305,7 +305,8 @@ func TestShardHandler_Deleted(t *testing.T) {
 	shardHandler := &ShardHandler{
 		RemoteRegistry: rr,
 	}
-	err := shardHandler.Deleted(context.Background(), nil)
+	shard := createMockShard("testShard", "testCluster", "testIdentity", "testEnv")
+	err := shardHandler.Deleted(context.Background(), shard)
 	if err != nil {
 		t.Errorf("expected nil err for delete, for %v", err)
 	}

admiral/pkg/controller/admiral/shard.go

@@ -18,6 +18,8 @@ import (
 	"time"
 )
 
+const OperatorIdentityLabelKey = "admiral.io/operatorIdentity"
+
 type ShardHandler interface {
 	Added(ctx context.Context, obj *admiralapiv1.Shard) error
 	Deleted(ctx context.Context, obj *admiralapiv1.Shard) error
@@ -149,12 +151,12 @@ func NewShardController(stopCh <-chan struct{}, handler ShardHandler, configPath
 	if err != nil {
 		return nil, fmt.Errorf("failed to create shard controller crd client: %v", err)
 	}
-	//TODO: should not be hardcoded, fetch actual expected operator and shard identities from env variables
-	//labelOptions := informers.WithTweakListOptions(func(opts *metav1.ListOptions) {
-	//	opts.LabelSelector = "admiral.io/operatorIdentity=operatorIdentity, admiral.io/shardIdentity=dev"
-	//})
-	//informerFactory := informers.NewSharedInformerFactoryWithOptions(shardController.K8sClient, resyncPeriod, labelOptions)
-	informerFactory := informers.NewSharedInformerFactoryWithOptions(shardController.K8sClient, resyncPeriod)
+	labelOptions := informers.WithTweakListOptions(func(opts *metav1.ListOptions) {
+		opIdValue := common.GetOperatorIdentityLabelValue()
+		shardIdLabel, shardIdValue := common.GetShardIdentityLabelKeyValueSet()
+		opts.LabelSelector = fmt.Sprintf("%s=%s, %s=%s", OperatorIdentityLabelKey, opIdValue, shardIdLabel, shardIdValue)
+	})
+	informerFactory := informers.NewSharedInformerFactoryWithOptions(shardController.K8sClient, resyncPeriod, labelOptions)
 	informerFactory.Start(stopCh)
 	shardController.informer = v1.NewShardInformer(shardController.CrdClient,
 		namespace,
@@ -212,7 +214,7 @@ func (d *ShardController) Deleted(ctx context.Context, obj interface{}) error {
 	if err == nil && len(key) > 0 {
 		d.Cache.DeleteFromShardClusterCache(key, shard)
 	}
-	return err
+	return d.ShardHandler.Deleted(ctx, shard)
 }
 
 func (d *ShardController) LogValueOfAdmiralIoIgnore(obj interface{}) {

admiral/pkg/controller/admiral/shard_test.go

@@ -42,6 +42,9 @@ func GetMockShard() *admiralapiv1.Shard {
 			LastUpdatedTime:   v1.Time{},
 		},
 	}
+	opIdValue := common.GetOperatorIdentityLabelValue()
+	shardIdLabel, shardIdValue := common.GetShardIdentityLabelKeyValueSet()
+	shard.Labels = map[string]string{OperatorIdentityLabelKey: opIdValue, shardIdLabel: shardIdValue}
 	return &shard
 }
 

admiral/pkg/controller/common/config.go

@@ -471,6 +471,18 @@ func GetOperatorSyncNamespace() string {
 	return wrapper.params.OperatorSyncNamespace
 }
 
+func GetOperatorIdentityLabelValue() string {
+	wrapper.RLock()
+	defer wrapper.RUnlock()
+	return wrapper.params.OperatorIdentityValue
+}
+
+func GetShardIdentityLabelKeyValueSet() (string, string) {
+	wrapper.RLock()
+	defer wrapper.RUnlock()
+	return wrapper.params.LabelSet.ShardIdentityLabelKey, wrapper.params.ShardIdentityValue
+}
+
 func GetOperatorSecretFilterTags() string {
 	wrapper.RLock()
 	defer wrapper.RUnlock()

admiral/pkg/controller/common/types.go

@@ -39,66 +39,66 @@ type SidecarEgressMap struct {
 }
 
 type AdmiralParams struct {
-	ArgoRolloutsEnabled                    bool
-	KubeconfigPath                         string
-	SecretFilterTags                       string
-	CacheReconcileDuration                 time.Duration
-	SeAndDrCacheReconcileDuration          time.Duration
-	ClusterRegistriesNamespace             string
-	DependenciesNamespace                  string
-	DnsConfigFile                          string
-	DNSTimeoutMs                           int
-	DNSRetries                             int
-	TrafficConfigNamespace                 string
-	SyncNamespace                          string
-	EnableSAN                              bool
-	SANPrefix                              string
-	AdmiralConfig                          string
-	Profile                                string
-	LabelSet                               *LabelSet
-	LogLevel                               int
-	HostnameSuffix                         string
-	PreviewHostnamePrefix                  string
-	MetricsEnabled                         bool
-	ChannelCapacity                        int
-	WorkloadSidecarUpdate                  string
-	WorkloadSidecarName                    string
-	AdmiralStateCheckerName                string
-	DRStateStoreConfigPath                 string
-	ServiceEntryIPPrefix                   string
-	EnvoyFilterVersion                     string
-	DeprecatedEnvoyFilterVersion           string
-	EnvoyFilterAdditionalConfig            string
-	EnableRoutingPolicy                    bool
-	ExcludedIdentityList                   []string
-	AdditionalEndpointSuffixes             []string
-	AdditionalEndpointLabelFilters         []string
-	HAMode                                 string
-	EnableWorkloadDataStorage              bool
-	EnableDiffCheck                        bool
-	EnableProxyEnvoyFilter                 bool
-	EnableDependencyProcessing             bool
-	DeploymentOrRolloutWorkerConcurrency   int
-	DependentClusterWorkerConcurrency      int
-	SeAddressConfigmap                     string
-	DependencyWarmupMultiplier             int
-	EnableOutlierDetection                 bool
-	EnableClientConnectionConfigProcessing bool
-	MaxRequestsPerConnection               int32
-	EnableAbsoluteFQDN                     bool
-	EnableAbsoluteFQDNForLocalEndpoints    bool
-	DisableDefaultAutomaticFailover        bool
-	EnableServiceEntryCache                bool
-	AlphaIdentityList                      []string
-	EnableDestinationRuleCache             bool
-	DisableIPGeneration                    bool
-	EnableActivePassive                    bool
-	EnableSWAwareNSCaches                  bool
-	ExportToIdentityList                   []string
-	ExportToMaxNamespaces                  int
-	AdmiralStateSyncerMode                 bool
-	DefaultWarmupDurationSecs              int64
-	EnableGenerationCheck                  bool
+	ArgoRolloutsEnabled                      bool
+	KubeconfigPath                           string
+	SecretFilterTags                         string
+	CacheReconcileDuration                   time.Duration
+	SeAndDrCacheReconcileDuration            time.Duration
+	ClusterRegistriesNamespace               string
+	DependenciesNamespace                    string
+	DnsConfigFile                            string
+	DNSTimeoutMs                             int
+	DNSRetries                               int
+	TrafficConfigNamespace                   string
+	SyncNamespace                            string
+	EnableSAN                                bool
+	SANPrefix                                string
+	AdmiralConfig                            string
+	Profile                                  string
+	LabelSet                                 *LabelSet
+	LogLevel                                 int
+	HostnameSuffix                           string
+	PreviewHostnamePrefix                    string
+	MetricsEnabled                           bool
+	ChannelCapacity                          int
+	WorkloadSidecarUpdate                    string
+	WorkloadSidecarName                      string
+	AdmiralStateCheckerName                  string
+	DRStateStoreConfigPath                   string
+	ServiceEntryIPPrefix                     string
+	EnvoyFilterVersion                       string
+	DeprecatedEnvoyFilterVersion             string
+	EnvoyFilterAdditionalConfig              string
+	EnableRoutingPolicy                      bool
+	ExcludedIdentityList                     []string
+	AdditionalEndpointSuffixes               []string
+	AdditionalEndpointLabelFilters           []string
+	HAMode                                   string
+	EnableWorkloadDataStorage                bool
+	EnableDiffCheck                          bool
+	EnableProxyEnvoyFilter                   bool
+	EnableDependencyProcessing               bool
+	DeploymentOrRolloutWorkerConcurrency     int
+	DependentClusterWorkerConcurrency        int
+	SeAddressConfigmap                       string
+	DependencyWarmupMultiplier               int
+	EnableOutlierDetection                   bool
+	EnableClientConnectionConfigProcessing   bool
+	MaxRequestsPerConnection                 int32
+	EnableAbsoluteFQDN                       bool
+	EnableAbsoluteFQDNForLocalEndpoints      bool
+	DisableDefaultAutomaticFailover          bool
+	EnableServiceEntryCache                  bool
+	AlphaIdentityList                        []string
+	EnableDestinationRuleCache               bool
+	DisableIPGeneration                      bool
+	EnableActivePassive                      bool
+	EnableSWAwareNSCaches                    bool
+	ExportToIdentityList                     []string
+	ExportToMaxNamespaces                    int
+	EnableSyncIstioResourcesToSourceClusters bool
+	DefaultWarmupDurationSecs                int64
+	EnableGenerationCheck                    bool
 
 	// Cartographer specific params
 	TrafficConfigPersona      bool
@@ -115,6 +115,9 @@ type AdmiralParams struct {
 	//Admiral 2.0 params
 	AdmiralOperatorMode      bool
 	OperatorSyncNamespace    string
+	AdmiralStateSyncerMode   bool
+	OperatorIdentityValue    string
+	ShardIdentityValue       string
 	OperatorSecretFilterTags string
 }
 
@@ -154,6 +157,7 @@ type LabelSet struct {
 	GatewayApp                          string //the value for `app` key that will be used to fetch the loadblancer for cross cluster calls, also referred to as east west gateway
 	AdmiralCRDIdentityLabel             string //Label Used to identify identity label for crd
 	IdentityPartitionKey                string //Label used for partitioning assets with same identity into groups
+	ShardIdentityLabelKey               string
 }
 
 type TrafficObject struct {