resource-model

command module
v0.59.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 19, 2024 License: Apache-2.0 Imports: 6 Imported by: 0

README

The EPIC operator manages Envoy pods based on our custom resources. The data model and operator code are scaffolded by https://operatorframework.io/.

Useful Commands

To generate a new custom resource definition:

$ operator-sdk create api --group epic --version v1 --kind EPIC

To generate a webhook:

$ operator-sdk create webhook --group epic --version v1 --kind EPIC --defaulting --programmatic-validation

ID Allocation

Numeric ID's (like Tunnel ID) are allocated from fields in their parent CR Status. Tunnel IDs are unique across the whole system so they're allocated from the epic singleton object. You can examine the current value by dumping the contents of the object:

$ kubectl get -n epic epics.epic.acnodal.io epic -o yaml
apiVersion: epic.acnodal.io/v1
kind: EPIC
metadata:
  ... snip ...
  name: epic
  namespace: epic
  resourceVersion: "22829"
  uid: e6a50ecf-1829-4e47-8537-abfd9b6a9146
spec: {}
status:
  current-tunnel-id: 4

The current-tunnel-id field is the most recent value that we assigned to a tunnel ID (within a Service object).

$ kubectl get -n epic-root loadbalancers.epic.acnodal.io sample-acnodal -o yaml
apiVersion: epic.acnodal.io/v1
kind: LoadBalancer
metadata:
  ... snip ...
  name: sample-acnodal
  namespace: epic-root
  resourceVersion: "2584"
  uid: 1a8522b9-70a4-4a9c-bdd7-ba912a61170a
spec:
  service-id: 1
  public-address: 192.168.77.2
  public-ports:
  - nodePort: 30390
    port: 8888
    protocol: TCP
    targetPort: 8080
  service-group: sample
status:
  gue-tunnel-endpoints:
    192.168.1.16:
      epic-address: 192.168.1.40
      epic-port:
        appProtocol: gue
        port: 6080
        protocol: UDP
      tunnel-id: 2
    192.168.1.25:
      epic-address: 192.168.1.40
      epic-port:
        appProtocol: gue
        port: 6080
        protocol: UDP
      tunnel-id: 1
  proxy-ifindex: 16
  proxy-ifname: veth67060f1f

Each tunnel in the status has a tunnel ID that was allocated from the EPIC configuration singleton.

Allocation Algorithm

We use Kubernetes' opportunistic locking to allocate group/service IDs. When an ID is needed, we increment the current ID value in the parent's status and then Update() the parent. Using Update() (and not Patch()) is important because Update() will fail if another request got there first. In that case we read the object again and retry the Update().

Namespaces

The core namespace is "epic" - our processes run there, and system-scoped objects like the EPIC config singleton and LBServiceGroup CRs also live there. Users can create their own "user namespaces" using epicctl. Each user namespace is entirely independent of the others. User namespaces are prefixed with epicv1.ProductName + "-". See epicv1.ProductName, epicv1.AccountNamespace().

Naming

Because our data model is implemented using k8s custom resources, our objects' names have to live with the k8s rules for naming objects (whatever those are).

Objects

Account

Each user namespace has one Account CR to store configuration that is relevant to that user namespace. The "acme-widgets" account's namespace, for example, would be "epic-acme-widgets".

LBServiceGroup

Service Groups are stored in their owning accounts' namespaces.

GWProxy

Proxies are stored in their owning accounts' namespaces.

LoadBalancer

Load Balancers are stored in their owning accounts' namespaces.

Documentation

The Go Gopher

There is no documentation for this package.

Directories

Path Synopsis
api
v1
Package v1 contains API Schema definitions for the epic v1 API group +kubebuilder:object:generate=true +groupName=epic.acnodal.io
Package v1 contains API Schema definitions for the epic v1 API group +kubebuilder:object:generate=true +groupName=epic.acnodal.io
internal
network
Package network contains code to manipulate Linux network configuration.
Package network contains code to manipulate Linux network configuration.
pfc

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL