Updated intial POC version

octarinesec · May 29, 2023 · 7cc197c · 7cc197c
1 parent fc7ef60
commit 7cc197c
Show file tree

Hide file tree

Showing 6 changed files with 66 additions and 45 deletions.
diff --git a/api/v1/runtime_types.go b/api/v1/runtime_types.go
@@ -11,8 +11,7 @@ type CBContainersRuntimeResolverSpec struct {
 	DeploymentAnnotations map[string]string `json:"deploymentAnnotations,omitempty"`
 	// +kubebuilder:default:=<>
 	PodTemplateAnnotations map[string]string `json:"podTemplateAnnotations,omitempty"`
-	// +kubebuilder:default:=1
-	ReplicasCount *int32 `json:"replicasCount,omitempty"`
+	ReplicasCount          *int32            `json:"replicasCount,omitempty"`
 	// +kubebuilder:default:=<>
 	Env map[string]string `json:"env,omitempty"`
 	// +kubebuilder:default:={repository:"cbartifactory/runtime-kubernetes-resolver"}
@@ -29,6 +28,8 @@ type CBContainersRuntimeResolverSpec struct {
 	Affinity *coreV1.Affinity `json:"affinity,omitempty"`
 	// +kubebuilder:default:="info"
 	LogLevel string `json:"logLevel,omitempty"`
+	// +kubebuilder:default:=5
+	NodesToReplicasRatio *int32 `json:"nodesToReplicasRatio,omitempty"`
 }
 
 type CBContainersRuntimeSensorSpec struct {

diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go
diff --git a/cbcontainers/state/components/runtime_resolver_deployment.go b/cbcontainers/state/components/runtime_resolver_deployment.go
@@ -1,7 +1,11 @@
 package components
 
 import (
+	"context"
 	"fmt"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/rest"
+	"math"
 
 	cbContainersV1 "github.com/vmware/cbcontainers-operator/api/v1"
 	"github.com/vmware/cbcontainers-operator/cbcontainers/state/applyment"
@@ -75,8 +79,19 @@ func (obj *ResolverDeploymentK8sObject) MutateK8sObject(k8sObject client.Object,
 		deployment.Spec.Template.ObjectMeta.Annotations = make(map[string]string)
 	}
 
+	defaultReplicasCount := int32(1)
+	replicasCount := &defaultReplicasCount
+
+	if resolver.ReplicasCount != nil {
+		replicasCount = resolver.ReplicasCount
+	} else {
+		if dynamicReplicasCount, err := obj.getDynamicReplicasCount(resolver.NodesToReplicasRatio); err == nil {
+			replicasCount = dynamicReplicasCount
+		}
+	}
+
 	deployment.Namespace = agentSpec.Namespace
-	deployment.Spec.Replicas = resolver.ReplicasCount
+	deployment.Spec.Replicas = replicasCount
 	deployment.ObjectMeta.Labels = desiredLabels
 	deployment.Spec.Selector.MatchLabels = desiredLabels
 	deployment.Spec.Template.ObjectMeta.Labels = desiredLabels
@@ -217,3 +232,27 @@ func (obj *ResolverDeploymentK8sObject) mutateVolumesMounts(container *coreV1.Co
 
 	commonState.MutateVolumeMountToIncludeRootCAsVolumeMount(container)
 }
+
+func (obj *ResolverDeploymentK8sObject) getDynamicReplicasCount(nodesToReplicasRatio *int32) (*int32, error) {
+	// Get the in-cluster config
+	config, err := rest.InClusterConfig()
+	if err != nil {
+		return nil, fmt.Errorf("error getting in-cluster config: %v", err)
+	}
+
+	// Create a Kubernetes client
+	clientSet, err := kubernetes.NewForConfig(config)
+	if err != nil {
+		return nil, fmt.Errorf("error creating Kubernetes client: %v", err)
+	}
+
+	// Get the list of nodes in the cluster
+	nodes, err := clientSet.CoreV1().Nodes().List(context.Background(), metav1.ListOptions{})
+	if err != nil {
+		return nil, fmt.Errorf("error getting list of nodes: %v", err)
+	}
+
+	nodesCount := int32(math.Ceil(float64(len(nodes.Items)) / float64(*nodesToReplicasRatio)))
+
+	return &nodesCount, nil
+}
diff --git a/config/crd/bases/operator.containers.carbonblack.io_cbcontainersagents.yaml b/config/crd/bases/operator.containers.carbonblack.io_cbcontainersagents.yaml
@@ -1,9 +1,10 @@
+
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.9.0
+    controller-gen.kubebuilder.io/version: v0.4.1
   creationTimestamp: null
   name: cbcontainersagents.operator.containers.carbonblack.io
 spec:
@@ -5653,6 +5654,10 @@ spec:
                               type: string
                             default: {}
                             type: object
+                          nodesToReplicasRatio:
+                            default: 5
+                            format: int32
+                            type: integer
                           podTemplateAnnotations:
                             additionalProperties:
                               type: string
@@ -5707,7 +5712,6 @@ spec:
                                 type: integer
                             type: object
                           replicasCount:
-                            default: 1
                             format: int32
                             type: integer
                           resources:
@@ -6018,3 +6022,9 @@ spec:
     storage: true
     subresources:
       status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []
diff --git a/config/crd_v1beta1/bases/operator.containers.carbonblack.io_cbcontainersagents.yaml b/config/crd_v1beta1/bases/operator.containers.carbonblack.io_cbcontainersagents.yaml
@@ -5287,6 +5287,9 @@ spec:
                           additionalProperties:
                             type: string
                           type: object
+                        nodesToReplicasRatio:
+                          format: int32
+                          type: integer
                         podTemplateAnnotations:
                           additionalProperties:
                             type: string

diff --git a/controllers/runtime_components_defaults.go b/controllers/runtime_components_defaults.go
@@ -1,39 +1,9 @@
 package controllers
 
 import (
-	"context"
-	"fmt"
 	cbcontainersv1 "github.com/vmware/cbcontainers-operator/api/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/client-go/kubernetes"
-	"k8s.io/client-go/rest"
-	"math"
 )
 
-func getScaledReplicasCount() (*int32, error) {
-	// Get the in-cluster config
-	config, err := rest.InClusterConfig()
-	if err != nil {
-		return nil, fmt.Errorf("error getting in-cluster config: %v", err)
-	}
-
-	// Create a Kubernetes client
-	clientset, err := kubernetes.NewForConfig(config)
-	if err != nil {
-		return nil, fmt.Errorf("error creating Kubernetes client: %v", err)
-	}
-
-	// Get the list of nodes in the cluster
-	nodes, err := clientset.CoreV1().Nodes().List(context.Background(), metav1.ListOptions{})
-	if err != nil {
-		return nil, fmt.Errorf("error getting list of nodes: %v", err)
-	}
-
-	nodesCount := int32(math.Ceil(float64(len(nodes.Items)) / 3))
-
-	return &nodesCount, nil
-}
-
 func (r *CBContainersAgentController) setRuntimeProtectionComponentsDefaults(runtime *cbcontainersv1.CBContainersRuntimeProtectionSpec) error {
 	if runtime.Enabled == nil {
 		runtime.Enabled = &trueRef
@@ -75,18 +45,11 @@ func (r *CBContainersAgentController) setRuntimeResolverDefaults(runtimeResolver
 		runtimeResolver.Env = make(map[string]string)
 	}
 
-	defaultReplicaCount := int32(1)
-	replicasCount := &defaultReplicaCount
-
-	nodesCount, err := getScaledReplicasCount()
-	if err != nil {
-		r.Log.Error(err, "failed to determine nodes count: %v, using replicas count defaults")
-	} else {
-		replicasCount = nodesCount
+	if runtimeResolver.NodesToReplicasRatio == nil {
+		defaultNodesToReplicasRatio := int32(5)
+		runtimeResolver.NodesToReplicasRatio = &defaultNodesToReplicasRatio
 	}
 
-	runtimeResolver.ReplicasCount = replicasCount
-
 	setDefaultPrometheus(&runtimeResolver.Prometheus)
 
 	setDefaultImage(&runtimeResolver.Image, "cbartifactory/runtime-kubernetes-resolver")