NK9: Removed storage logic due to the policies cache. Updated types due to the policy-example.yaml

2024-12-14 11:57:48 +00:00 · 2019-02-13 20:44:43 +02:00 · 2019-02-13 20:44:43 +02:00 · 65f766d905
commit 65f766d905
parent ddf3e4c278
6 changed files with 143 additions and 118 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,12 +1,3 @@
-# Binaries for programs and plugins
-*.exe
-*.exe~
-*.dll
-*.so
-*.dylib
-
-# Test binary, build with `go test -c`
-*.test
-
-# Output of the go coverage tool, specifically when used with LiteIDE
-*.out
+vendor
+pkg/client
+pkg/apis/policy/v1alpha1/zz_generated.deepcopy.go
--- a/controller/controller.go
+++ b/controller/controller.go
@ -1,102 +1,110 @@
 package controller

 import (
-	"time"
-	"fmt"
+    "time"
+    "fmt"

-	"k8s.io/sample-controller/pkg/signals"
-	"k8s.io/apimachinery/pkg/util/wait"
-	"k8s.io/client-go/tools/clientcmd"
-	"k8s.io/client-go/util/workqueue"
-	"k8s.io/client-go/tools/cache"
+    "k8s.io/sample-controller/pkg/signals"
+    "k8s.io/client-go/tools/clientcmd"
+    "k8s.io/apimachinery/pkg/labels"
+    "k8s.io/client-go/tools/cache"

-	clientset "nirmata/kube-policy/pkg/client/clientset/versioned"
-	informers "nirmata/kube-policy/pkg/client/informers/externalversions"
-	lister "nirmata/kube-policy/pkg/client/listers/policy/v1alpha1"
+    clientset "nirmata/kube-policy/pkg/client/clientset/versioned"
+    informers "nirmata/kube-policy/pkg/client/informers/externalversions"
+    lister "nirmata/kube-policy/pkg/client/listers/policy/v1alpha1"
+    types "nirmata/kube-policy/pkg/apis/policy/v1alpha1"
 )

 // Controller for CRD
 type Controller struct {
-	policyClientset clientset.Interface
-	policyInformerFactory informers.SharedInformerFactory
-	policyLister lister.PolicyLister
-	policiesSynced cache.InformerSynced
-	workqueue workqueue.RateLimitingInterface
+    policyInformerFactory informers.SharedInformerFactory
+    policyLister lister.PolicyLister
 }

 // NewController from cmd args
 func NewController(masterURL, kubeconfigPath string) (*Controller, error) {
-	cfg, err := clientcmd.BuildConfigFromFlags(masterURL, kubeconfigPath)
-	if err != nil {
-		fmt.Printf("Error building kubeconfig: %v\n", err)
-		return nil, err
-	}
+    cfg, err := clientcmd.BuildConfigFromFlags(masterURL, kubeconfigPath)
+    if err != nil {
+        fmt.Printf("Error building kubeconfig: %v\n", err)
+        return nil, err
+    }

-	policyClientset, err := clientset.NewForConfig(cfg)
-	if err != nil {
-		fmt.Printf("Error building policy clientset: %v\n", err)
-		return nil, err
-	}
+    policyClientset, err := clientset.NewForConfig(cfg)
+    if err != nil {
+        fmt.Printf("Error building policy clientset: %v\n", err)
+        return nil, err
+    }

-	policyInformerFactory := informers.NewSharedInformerFactory(policyClientset, time.Second*30)
-	policyInformer := policyInformerFactory.Nirmata().V1alpha1().Policies()
-	
-	controller := &Controller {
-		policyClientset: policyClientset,
-		policyInformerFactory: policyInformerFactory,
-		policyLister: policyInformer.Lister(),
-		policiesSynced: policyInformer.Informer().HasSynced,
-		workqueue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "Policies"),
-	}
+    policyInformerFactory := informers.NewSharedInformerFactory(policyClientset, time.Second*30)
+    policyInformer := policyInformerFactory.Nirmata().V1alpha1().Policies()
+    
+    controller := &Controller {
+        policyInformerFactory: policyInformerFactory,
+        policyLister: policyInformer.Lister(),
+    }

-	policyInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
-		AddFunc: controller.enqueue,
-		UpdateFunc: func(old, new interface{}) {
-			controller.enqueue(new)
-		},
-		DeleteFunc: controller.enqueue,
-	})
+    policyInformer.Informer().AddEventHandler(cache.ResourceEventHandlerFuncs{
+        AddFunc: controller.createPolicyHandler,
+        UpdateFunc: controller.updatePolicyHandler,
+        DeleteFunc: controller.deletePolicyHandler,
+    })

-	return controller, nil
+    return controller, nil
 }

 // Run is main controller thread
-func (c *Controller) Run(threadiness int) error {
-	stopCh := signals.SetupSignalHandler()
-	c.policyInformerFactory.Start(stopCh)
+func (c *Controller) Run() error {
+    stopCh := signals.SetupSignalHandler()
+    c.policyInformerFactory.Start(stopCh)

-	defer c.workqueue.ShutDown()
+    fmt.Println("Running controller...")
+    <-stopCh
+    fmt.Println("\nShutting down controller...")

-	// Start the informer factories to begin populating the informer caches
-	fmt.Println("Starting controller")
-
-	if ok := cache.WaitForCacheSync(stopCh, c.policiesSynced); !ok {
-		return fmt.Errorf("failed to wait for caches to sync")
-	}
-
-	for i := 0; i < threadiness; i++ {
-		go wait.Until(c.runWorker, time.Second, stopCh)
-	}
-
-	fmt.Println("Started workers")
-	<-stopCh
-	fmt.Println("Shutting down workers")
-
-	return nil
+    return nil
 }

-func (c *Controller) runWorker() {
-	for {
-		time.Sleep(25 * time.Second)
-		fmt.Println("I will wait here for 25 secs...")
-	}
+// GetPolicies retrieves all policy resources
+// from cache. Cache is refreshed by informer
+func (c *Controller) GetPolicies() ([]*types.Policy, error) {
+    // Create nil Selector to grab all the policies
+    cachedPolicies, err := c.policyLister.List(labels.NewSelector())
+
+    var policies []*types.Policy
+
+    if err != nil {
+        return nil, err
+    }
+
+    for _, elem := range cachedPolicies {
+        policies = append(policies, elem.DeepCopy())
+    }
+
+    return policies, nil
 }

-func (*Controller) enqueue(interface{}) {
-    fmt.Println("I have found changes on Policy Resource")
+func (c *Controller) createPolicyHandler(resource interface{}) {
+    key := c.getResourceKey(resource)
+    fmt.Printf("Created policy: %s\n", key)
 }

-// Idle : do nothing
-func (*Controller)Idle() {
-    fmt.Println("I'm controller, I do nothing")
+func (c *Controller) updatePolicyHandler(oldResource, newResource interface{}) {
+    oldKey := c.getResourceKey(oldResource)
+    newKey := c.getResourceKey(newResource)
+
+    fmt.Printf("Updated policy from %s to %s\n", oldKey, newKey)
+}
+
+func (c *Controller) deletePolicyHandler(resource interface{}) {
+    key := c.getResourceKey(resource)
+    fmt.Printf("Deleted policy: %s\n", key)
+}
+
+func (c *Controller) getResourceKey(resource interface{}) string {    
+    if key, err := cache.MetaNamespaceKeyFunc(resource); err != nil {
+        fmt.Printf("Error retrieving policy key: %v\n", err)
+        return ""
+    } else {
+        return key
+    }
 }
--- a/main.go
+++ b/main.go
@ -1,7 +1,6 @@
 package main

 import (
-    "runtime"
    "flag"
    "fmt"

@ -22,7 +21,7 @@ func main() {
        return
    }

-    err = controller.Run(runtime.NumCPU())
+    err = controller.Run()
    if err != nil {
        fmt.Printf("Error running Controller! Error: %s\n", err)
    }
--- a/pkg/apis/policy/register.go
+++ b/pkg/apis/policy/register.go
@ -1,5 +1,5 @@
 package policy

 const (
-	GroupName = "nirmata.io"
+    GroupName = "nirmata.io"
 )
--- a/pkg/apis/policy/v1alpha1/register.go
+++ b/pkg/apis/policy/v1alpha1/register.go
@ -1,9 +1,9 @@
 package v1alpha1

 import (
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/schema"
+    metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+    "k8s.io/apimachinery/pkg/runtime"
+    "k8s.io/apimachinery/pkg/runtime/schema"
         
        "nirmata/kube-policy/pkg/apis/policy"
 )
@ -13,25 +13,25 @@ var SchemeGroupVersion = schema.GroupVersion{Group: policy.GroupName, Version: "

 // Kind takes an unqualified kind and returns back a Group qualified GroupKind
 func Kind(kind string) schema.GroupKind {
-	return SchemeGroupVersion.WithKind(kind).GroupKind()
+    return SchemeGroupVersion.WithKind(kind).GroupKind()
 }

 // Resource takes an unqualified resource and returns a Group qualified GroupResource
 func Resource(resource string) schema.GroupResource {
-	return SchemeGroupVersion.WithResource(resource).GroupResource()
+    return SchemeGroupVersion.WithResource(resource).GroupResource()
 }

 var (
-	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
-	AddToScheme   = SchemeBuilder.AddToScheme
+    SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+    AddToScheme   = SchemeBuilder.AddToScheme
 )

 // Adds the list of known types to Scheme.
 func addKnownTypes(scheme *runtime.Scheme) error {
-	scheme.AddKnownTypes(SchemeGroupVersion,
-		&Policy{},
-		&PolicyList{},
-	)
-	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
-	return nil
+    scheme.AddKnownTypes(SchemeGroupVersion,
+        &Policy{},
+        &PolicyList{},
+    )
+    metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
+    return nil
 }
--- a/pkg/apis/policy/v1alpha1/types.go
+++ b/pkg/apis/policy/v1alpha1/types.go
@ -2,7 +2,7 @@
 package v1alpha1

 import (
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+    metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )

 // +genclient
@ -10,35 +10,62 @@ import (

 // Policy is a specification for a Policy resource
 type Policy struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   PolicySpec   `json:"spec"`
-	Status PolicyStatus `json:"status"`
+    metav1.TypeMeta                     `json:",inline"`
+    metav1.ObjectMeta                   `json:"metadata,omitempty"`
+    Spec   PolicySpec                   `json:"spec"`
+    Status PolicyStatus                 `json:"status"`
 }

 // PolicySpec is the spec for a Policy resource
 type PolicySpec struct {
-	Rules []Rule `json:"rules"`
+    FailurePolicy   *string             `json:"failurePolicy"`
+    Rules           []PolicyRule        `json:"rules"`
 }

-type Rule struct {
-	Kind     string                     `json:"kind"`
-	Name     *string                    `json:"name"`
-	Selector *metav1.LabelSelector      `json:"selector"`
+// PolicyRule is policy rule that will be applied to resource
+type PolicyRule struct {
+    Resource    PolicyResource          `json:"resource"`          
+    Patches     []PolicyPatch           `json:"patches"`
+    Generator   *PolicyConfigGenerator  `json:"generator"`
+}
+
+// PolicyResource describes the resource rule applied to
+type PolicyResource struct {
+    Kind        string                  `json:"kind"`
+    Name        *string                 `json:"name"`
+    Selector    *metav1.LabelSelector   `json:"selector"`
+}
+
+// PolicyPatch is TODO
+type PolicyPatch struct {
+    Path        string                  `json:"path"`
+    Operation   string                  `json:"operation"`
+    Value       int                     `json:"value"`
+}
+
+// PolicyConfigGenerator is TODO
+type PolicyConfigGenerator struct {
+    Name        string                  `json:"name"`
+    CopyFrom    *PolicyCopyFrom         `json:"copyFrom"`
+    Data        *map[string]string      `json:"data"`
+}
+
+// PolicyCopyFrom is TODO
+type PolicyCopyFrom struct {
+    Namespace   string                  `json:"namespace"`
+    Name        string                  `json:"name"`
 }

 // PolicyStatus is the status for a Policy resource
 type PolicyStatus struct {
-	Logs []string `json:"log"`
+    Logs        []string                `json:"log"`
 }

 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

-// StaticEgressIPList is a list of StaticEgressIP resources
+// PolicyList is a list of Policy resources
 type PolicyList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata"`
-
-	Items []Policy `json:"items"`
+    metav1.TypeMeta                     `json:",inline"`
+    metav1.ListMeta                     `json:"metadata"`
+    Items []Policy                      `json:"items"`
 }