From dc3e05393b80b060bf117630c147322e4bba183e Mon Sep 17 00:00:00 2001 From: Alex Leong Date: Fri, 24 Jul 2020 11:37:37 -0700 Subject: [PATCH] Removed unused labels Signed-off-by: Alex Leong --- cli/cmd/multicluster.go | 5 --- .../destination/watcher/endpoints_watcher.go | 8 +---- .../cluster_watcher_test_util.go | 7 ++-- controller/cmd/service-mirror/main.go | 6 ++-- pkg/healthcheck/healthcheck_multicluster.go | 16 ++++----- pkg/k8s/labels.go | 35 ++----------------- pkg/servicemirror/util.go | 30 ++-------------- 7 files changed, 19 insertions(+), 88 deletions(-) diff --git a/cli/cmd/multicluster.go b/cli/cmd/multicluster.go index 1d776feae157a..4d2c4d694cd80 100644 --- a/cli/cmd/multicluster.go +++ b/cli/cmd/multicluster.go @@ -510,11 +510,6 @@ func newLinkCommand() *cobra.Command { ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("cluster-credentials-%s", opts.clusterName), Namespace: opts.namespace, - Annotations: map[string]string{ - k8s.RemoteClusterNameLabel: opts.clusterName, - k8s.RemoteClusterDomainAnnotation: configMap.Global.ClusterDomain, - k8s.RemoteClusterLinkerdNamespaceAnnotation: controlPlaneNamespace, - }, }, Data: map[string][]byte{ k8s.ConfigKeyName: kubeconfig, diff --git a/controller/api/destination/watcher/endpoints_watcher.go b/controller/api/destination/watcher/endpoints_watcher.go index 68df50243cd7c..225aff435986a 100644 --- a/controller/api/destination/watcher/endpoints_watcher.go +++ b/controller/api/destination/watcher/endpoints_watcher.go @@ -25,8 +25,6 @@ const ( // metrics labels service = "service" namespace = "namespace" - targetGatewayNamespace = "target_gateway_namespace" - targetGateway = "target_gateway" targetCluster = "target_cluster" targetService = "target_service" targetServiceNamespace = "target_service_namespace" @@ -669,16 +667,12 @@ func metricLabels(resource interface{}) map[string]string { labels := map[string]string{service: serviceName, namespace: ns} - gateway, hasRemoteGateway := resLabels[consts.RemoteGatewayNameLabel] - gatewayNs, hasRemoteGatwayNs := resLabels[consts.RemoteGatewayNsLabel] remoteClusterName, hasRemoteClusterName := resLabels[consts.RemoteClusterNameLabel] serviceFqn, hasServiceFqn := resAnnotations[consts.RemoteServiceFqName] - if hasRemoteGateway && hasRemoteGatwayNs && hasRemoteClusterName && hasServiceFqn { + if hasRemoteClusterName && hasServiceFqn { // this means we are looking at Endpoints created for the purpose of mirroring // an out of cluster service. - labels[targetGatewayNamespace] = gatewayNs - labels[targetGateway] = gateway labels[targetCluster] = remoteClusterName fqParts := strings.Split(serviceFqn, ".") diff --git a/controller/cmd/service-mirror/cluster_watcher_test_util.go b/controller/cmd/service-mirror/cluster_watcher_test_util.go index bf54027ccdfb7..dfa8f3c90cddf 100644 --- a/controller/cmd/service-mirror/cluster_watcher_test_util.go +++ b/controller/cmd/service-mirror/cluster_watcher_test_util.go @@ -511,10 +511,9 @@ func gateway(name, namespace, resourceVersion, ip, hostname, portName string, po Namespace: namespace, ResourceVersion: resourceVersion, Annotations: map[string]string{ - consts.GatewayIdentity: identity, - consts.GatewayProbePath: probePath, - consts.GatewayProbePeriod: fmt.Sprint(probePeriod), - consts.MulticlusterGatewayAnnotation: "true", + consts.GatewayIdentity: identity, + consts.GatewayProbePath: probePath, + consts.GatewayProbePeriod: fmt.Sprint(probePeriod), }, }, Spec: corev1.ServiceSpec{ diff --git a/controller/cmd/service-mirror/main.go b/controller/cmd/service-mirror/main.go index 378b5918cb3ae..4faf4c5771a09 100644 --- a/controller/cmd/service-mirror/main.go +++ b/controller/cmd/service-mirror/main.go @@ -114,7 +114,7 @@ func Main(args []string) { } } -func loadCredentials(link multicluster.Link, namespace string, k8sAPI *k8s.KubernetesAPI) (*servicemirror.WatchedClusterConfig, error) { +func loadCredentials(link multicluster.Link, namespace string, k8sAPI *k8s.KubernetesAPI) ([]byte, error) { // Load the credentials secret secret, err := k8sAPI.Interface.CoreV1().Secrets(namespace).Get(link.ClusterCredentialsSecret, metav1.GetOptions{}) if err != nil { @@ -126,7 +126,7 @@ func loadCredentials(link multicluster.Link, namespace string, k8sAPI *k8s.Kuber func restartClusterWatcher( link multicluster.Link, namespace string, - creds *servicemirror.WatchedClusterConfig, + creds []byte, controllerK8sAPI *controllerK8s.API, requeueLimit int, repairPeriod time.Duration, @@ -139,7 +139,7 @@ func restartClusterWatcher( probeWorker.Stop() } - cfg, err := clientcmd.RESTConfigFromKubeConfig(creds.APIConfig) + cfg, err := clientcmd.RESTConfigFromKubeConfig(creds) if err != nil { log.Errorf("Unable to parse kube config: %s", err) return diff --git a/pkg/healthcheck/healthcheck_multicluster.go b/pkg/healthcheck/healthcheck_multicluster.go index fc91757a5b5c1..670feeb4c71ac 100644 --- a/pkg/healthcheck/healthcheck_multicluster.go +++ b/pkg/healthcheck/healthcheck_multicluster.go @@ -302,15 +302,15 @@ func (hc *HealthChecker) checkRemoteClusterConnectivity() error { continue } - clientConfig, err := clientcmd.RESTConfigFromKubeConfig(config.APIConfig) + clientConfig, err := clientcmd.RESTConfigFromKubeConfig(config) if err != nil { - errors = append(errors, fmt.Errorf("* secret: [%s/%s] cluster: [%s]: unable to parse api config: %s", secret.Namespace, secret.Name, config.ClusterName, err)) + errors = append(errors, fmt.Errorf("* secret: [%s/%s] cluster: [%s]: unable to parse api config: %s", secret.Namespace, secret.Name, link.TargetClusterName, err)) continue } remoteAPI, err := k8s.NewAPIForConfig(clientConfig, "", []string{}, requestTimeout) if err != nil { - errors = append(errors, fmt.Errorf("* secret: [%s/%s] cluster: [%s]: could not instantiate api for target cluster: %s", secret.Namespace, secret.Name, config.ClusterName, err)) + errors = append(errors, fmt.Errorf("* secret: [%s/%s] cluster: [%s]: could not instantiate api for target cluster: %s", secret.Namespace, secret.Name, link.TargetClusterName, err)) continue } @@ -328,7 +328,7 @@ func (hc *HealthChecker) checkRemoteClusterConnectivity() error { } if err := comparePermissions(expectedServiceMirrorRemoteClusterPolicyVerbs, verbs); err != nil { - errors = append(errors, fmt.Errorf("* cluster: [%s]: Insufficient Service permissions: %s", config.ClusterName, err)) + errors = append(errors, fmt.Errorf("* cluster: [%s]: Insufficient Service permissions: %s", link.TargetClusterName, err)) } links = append(links, fmt.Sprintf("\t* %s", link.TargetClusterName)) @@ -366,15 +366,15 @@ func (hc *HealthChecker) checkRemoteClusterAnchors() error { continue } - clientConfig, err := clientcmd.RESTConfigFromKubeConfig(config.APIConfig) + clientConfig, err := clientcmd.RESTConfigFromKubeConfig(config) if err != nil { - errors = append(errors, fmt.Sprintf("* secret: [%s/%s] cluster: [%s]: unable to parse api config: %s", secret.Namespace, secret.Name, config.ClusterName, err)) + errors = append(errors, fmt.Sprintf("* secret: [%s/%s] cluster: [%s]: unable to parse api config: %s", secret.Namespace, secret.Name, link.TargetClusterName, err)) continue } remoteAPI, err := k8s.NewAPIForConfig(clientConfig, "", []string{}, requestTimeout) if err != nil { - errors = append(errors, fmt.Sprintf("* secret: [%s/%s] cluster: [%s]: could not instantiate api for target cluster: %s", secret.Namespace, secret.Name, config.ClusterName, err)) + errors = append(errors, fmt.Sprintf("* secret: [%s/%s] cluster: [%s]: could not instantiate api for target cluster: %s", secret.Namespace, secret.Name, link.TargetClusterName, err)) continue } @@ -506,7 +506,7 @@ func (hc *HealthChecker) checkIfMirrorServicesHaveEndpoints() error { // Check if there is a relevant end-point endpoint, err := hc.kubeAPI.CoreV1().Endpoints(svc.Namespace).Get(svc.Name, metav1.GetOptions{}) if err != nil || len(endpoint.Subsets) == 0 { - servicesWithNoEndpoints = append(servicesWithNoEndpoints, fmt.Sprintf("%s.%s mirrored from cluster [%s] (gateway: [%s/%s])", svc.Name, svc.Namespace, svc.Labels[k8s.RemoteClusterNameLabel], svc.Labels[k8s.RemoteGatewayNsLabel], svc.Labels[k8s.RemoteGatewayNameLabel])) + servicesWithNoEndpoints = append(servicesWithNoEndpoints, fmt.Sprintf("%s.%s mirrored from cluster [%s]", svc.Name, svc.Namespace, svc.Labels[k8s.RemoteClusterNameLabel])) } } diff --git a/pkg/k8s/labels.go b/pkg/k8s/labels.go index 1dc4d0a05ec9d..073c88cb3dd68 100644 --- a/pkg/k8s/labels.go +++ b/pkg/k8s/labels.go @@ -376,16 +376,10 @@ const ( // the access information for remote clusters. MirrorSecretType = SvcMirrorPrefix + "/remote-kubeconfig" + // DefaultExportedServiceSelector is the default label selector for exported + // services. DefaultExportedServiceSelector = SvcMirrorPrefix + "/exported" - // RemoteGatewayNameLabel is same as GatewayNameAnnotation but on the local, - // mirrored service. It's used for quick querying when we want to figure out - // the services that are being associated with a certain gateway - RemoteGatewayNameLabel = SvcMirrorPrefix + "/remote-gateway-name" - - // RemoteGatewayNsLabel follows the same kind of logic as RemoteGatewayNameLabel - RemoteGatewayNsLabel = SvcMirrorPrefix + "/remote-gateway-ns" - // MirroredResourceLabel indicates that this resource is the result // of a mirroring operation (can be a namespace or a service) MirroredResourceLabel = SvcMirrorPrefix + "/mirrored-service" @@ -393,35 +387,10 @@ const ( // MirroredGatewayLabel indicates that this is a mirrored gateway MirroredGatewayLabel = SvcMirrorPrefix + "/mirrored-gateway" - // MirroredGatewayProbePeriod specifies the probe period for the gateway mirror - MirroredGatewayProbePeriod = SvcMirrorPrefix + "/mirrored-gateway-probe-period" - - // MirroredGatewayProbePath specifies the probe path for the gateway mirror - MirroredGatewayProbePath = SvcMirrorPrefix + "/mirrored-gateway-probe-path" - - // MirroredGatewayRemoteName specifies the name of the remote gateway that has been mirrored - MirroredGatewayRemoteName = SvcMirrorPrefix + "/mirrored-gateway-remote-name" - - // MirroredGatewayRemoteNameSpace specifies the namespace of the remote gateway that has been mirrored - MirroredGatewayRemoteNameSpace = SvcMirrorPrefix + "/mirrored-gateway-remote-namespace" - - // MulticlusterGatewayAnnotation indicates that this service is a - // gateway - MulticlusterGatewayAnnotation = SvcMirrorPrefix + "/multicluster-gateway" - // RemoteClusterNameLabel put on a local mirrored service, it // allows us to associate a mirrored service with a remote cluster RemoteClusterNameLabel = SvcMirrorPrefix + "/cluster-name" - // RemoteClusterDomainAnnotation is present on the secret - // carrying the config of the remote cluster, to allow for - // using custom cluster domains - RemoteClusterDomainAnnotation = SvcMirrorPrefix + "/remote-cluster-domain" - - // RemoteClusterLinkerdNamespaceAnnotation is present on the secret - // carrying the config of the remote cluster - RemoteClusterLinkerdNamespaceAnnotation = SvcMirrorPrefix + "/remote-cluster-l5d-ns" - // RemoteResourceVersionAnnotation is the last observed remote resource // version of a mirrored resource. Useful when doing updates RemoteResourceVersionAnnotation = SvcMirrorPrefix + "/remote-resource-version" diff --git a/pkg/servicemirror/util.go b/pkg/servicemirror/util.go index caa7b8a35a92e..5172999e7e7be 100644 --- a/pkg/servicemirror/util.go +++ b/pkg/servicemirror/util.go @@ -7,39 +7,13 @@ import ( corev1 "k8s.io/api/core/v1" ) -// WatchedClusterConfig contains the needed data to identify a remote cluster -type WatchedClusterConfig struct { - APIConfig []byte - ClusterName string - ClusterDomain string - LinkerdNamespace string -} - // ParseRemoteClusterSecret extracts the credentials used to access the remote cluster -func ParseRemoteClusterSecret(secret *corev1.Secret) (*WatchedClusterConfig, error) { - clusterName, hasClusterName := secret.Annotations[consts.RemoteClusterNameLabel] +func ParseRemoteClusterSecret(secret *corev1.Secret) ([]byte, error) { config, hasConfig := secret.Data[consts.ConfigKeyName] - domain, hasDomain := secret.Annotations[consts.RemoteClusterDomainAnnotation] - l5dNamespace, hasL5dNamespace := secret.Annotations[consts.RemoteClusterLinkerdNamespaceAnnotation] - if !hasClusterName { - return nil, fmt.Errorf("secret of type %s should contain key %s", consts.MirrorSecretType, consts.ConfigKeyName) - } if !hasConfig { return nil, fmt.Errorf("secret should contain target cluster name as annotation %s", consts.RemoteClusterNameLabel) } - if !hasDomain { - return nil, fmt.Errorf("secret should contain target cluster domain as annotation %s", consts.RemoteClusterDomainAnnotation) - } - - if !hasL5dNamespace { - return nil, fmt.Errorf("secret should contain target cluster linkerd installation namespace as annotation %s", consts.RemoteClusterLinkerdNamespaceAnnotation) - } - return &WatchedClusterConfig{ - APIConfig: config, - ClusterName: clusterName, - ClusterDomain: domain, - LinkerdNamespace: l5dNamespace, - }, nil + return config, nil }