Skip to content

Commit

Permalink
sync machine labels
Browse files Browse the repository at this point in the history
  • Loading branch information
ykakarap committed Jan 7, 2025
1 parent 2c7219e commit 5ff55f6
Show file tree
Hide file tree
Showing 6 changed files with 87 additions and 16 deletions.
3 changes: 3 additions & 0 deletions controllers/alias.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,8 @@ type MachineReconciler struct {
WatchFilterValue string

RemoteConditionsGracePeriod time.Duration

SyncMachineLabels []string
}

func (r *MachineReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager, options controller.Options) error {
Expand All @@ -81,6 +83,7 @@ func (r *MachineReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manag
ClusterCache: r.ClusterCache,
WatchFilterValue: r.WatchFilterValue,
RemoteConditionsGracePeriod: r.RemoteConditionsGracePeriod,
SyncMachineLabels: r.SyncMachineLabels,
}).SetupWithManager(ctx, mgr, options)
}

Expand Down
2 changes: 2 additions & 0 deletions internal/controllers/machine/machine_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,8 @@ type Reconciler struct {

RemoteConditionsGracePeriod time.Duration

SyncMachineLabels []string

controller controller.Controller
recorder record.EventRecorder
externalTracker external.ObjectTracker
Expand Down
24 changes: 14 additions & 10 deletions internal/controllers/machine/machine_controller_noderef.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ package machine
import (
"context"
"fmt"
"path/filepath"
"strings"

"github.com/pkg/errors"
Expand Down Expand Up @@ -127,7 +128,7 @@ func (r *Reconciler) reconcileNode(ctx context.Context, s *scope) (ctrl.Result,
// Compute labels to be propagated from Machines to nodes.
// NOTE: CAPI should manage only a subset of node labels, everything else should be preserved.
// NOTE: Once we reconcile node labels for the first time, the NodeUninitializedTaint is removed from the node.
nodeLabels := getManagedLabels(machine.Labels)
nodeLabels := r.getManagedLabels(machine.Labels)

// Get interruptible instance status from the infrastructure provider and set the interruptible label on the node.
interruptible := false
Expand Down Expand Up @@ -178,24 +179,27 @@ func (r *Reconciler) reconcileNode(ctx context.Context, s *scope) (ctrl.Result,

// getManagedLabels gets a map[string]string and returns another map[string]string
// filtering out labels not managed by CAPI.
func getManagedLabels(labels map[string]string) map[string]string {
func (r *Reconciler) getManagedLabels(labels map[string]string) map[string]string {
managedLabels := make(map[string]string)
for key, value := range labels {
dnsSubdomainOrName := strings.Split(key, "/")[0]
if dnsSubdomainOrName == clusterv1.NodeRoleLabelPrefix {
managedLabels[key] = value
}
if dnsSubdomainOrName == clusterv1.NodeRestrictionLabelDomain || strings.HasSuffix(dnsSubdomainOrName, "."+clusterv1.NodeRestrictionLabelDomain) {
managedLabels[key] = value
}
if dnsSubdomainOrName == clusterv1.ManagedNodeLabelDomain || strings.HasSuffix(dnsSubdomainOrName, "."+clusterv1.ManagedNodeLabelDomain) {
if r.allowedDomainSync(dnsSubdomainOrName) {
managedLabels[key] = value
}
}

return managedLabels
}

func (r *Reconciler) allowedDomainSync(domain string) bool {
for _, v := range r.SyncMachineLabels {
matched, _ := filepath.Match(v, domain)
if matched {
return true
}
}
return false
}

// summarizeNodeConditions summarizes a Node's conditions and returns the summary of condition statuses and concatenate failed condition messages:
// if there is at least 1 semantically-negative condition, summarized status = False;
// if there is at least 1 semantically-positive condition when there is 0 semantically negative condition, summarized status = True;
Expand Down
57 changes: 51 additions & 6 deletions internal/controllers/machine/machine_controller_noderef_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -700,7 +700,6 @@ func TestSummarizeNodeConditions(t *testing.T) {
}

func TestGetManagedLabels(t *testing.T) {
// Create managedLabels map from known managed prefixes.
managedLabels := map[string]string{
clusterv1.NodeRoleLabelPrefix + "/anyRole": "",

Expand All @@ -713,24 +712,70 @@ func TestGetManagedLabels(t *testing.T) {
"custom-prefix." + clusterv1.NodeRestrictionLabelDomain: "",
clusterv1.NodeRestrictionLabelDomain + "/anything": "",
"custom-prefix." + clusterv1.NodeRestrictionLabelDomain + "/anything": "",
"test.foo.com": "",
}

// Append arbitrary labels.
allLabels := map[string]string{
additionalLabels := map[string]string{
"foo": "",
"bar": "",
"company.xyz/node.cluster.x-k8s.io": "not-managed",
"gpu-node.cluster.x-k8s.io": "not-managed",
"company.xyz/node-restriction.kubernetes.io": "not-managed",
"gpu-node-restriction.kubernetes.io": "not-managed",
"wrong.test.foo.com": "",
}

allLabels := map[string]string{}
for k, v := range managedLabels {
allLabels[k] = v
}
for k, v := range additionalLabels {
allLabels[k] = v
}

g := NewWithT(t)
got := getManagedLabels(allLabels)
g.Expect(got).To(BeEquivalentTo(managedLabels))
tests := []struct {
name string
syncMachineLabels []string
allLabels map[string]string
managedLabels map[string]string
}{
{
name: "sync no labels",
syncMachineLabels: nil,
allLabels: allLabels,
managedLabels: map[string]string{},
},
{
name: "sync defined labels",
syncMachineLabels: []string{
"node-role.kubernetes.io",
"node-restriction.kubernetes.io",
"*.node-restriction.kubernetes.io",
"node.cluster.x-k8s.io",
"*.node.cluster.x-k8s.io",
"test.foo.com",
},
allLabels: allLabels,
managedLabels: managedLabels,
},
{
name: "sync all labels",
syncMachineLabels: []string{"*"},
allLabels: allLabels,
managedLabels: allLabels,
},
}

for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
g := NewWithT(t)
r := &Reconciler{
SyncMachineLabels: tt.syncMachineLabels,
}
got := r.getManagedLabels(tt.allLabels)
g.Expect(got).To(BeEquivalentTo(tt.managedLabels))
})
}
}

func TestPatchNode(t *testing.T) {
Expand Down
7 changes: 7 additions & 0 deletions internal/controllers/machine/suite_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,13 @@ func TestMain(m *testing.M) {
APIReader: mgr.GetAPIReader(),
ClusterCache: clusterCache,
RemoteConditionsGracePeriod: 5 * time.Minute,
SyncMachineLabels: []string{
"node-role.kubernetes.io",
"node-restriction.kubernetes.io",
"*.node-restriction.kubernetes.io",
"node.cluster.x-k8s.io",
"*.node.cluster.x-k8s.io",
},
}).SetupWithManager(ctx, mgr, controller.Options{MaxConcurrentReconciles: 1}); err != nil {
panic(fmt.Sprintf("Failed to start MachineReconciler: %v", err))
}
Expand Down
10 changes: 10 additions & 0 deletions main.go
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,7 @@ var (
clusterResourceSetConcurrency int
machineHealthCheckConcurrency int
useDeprecatedInfraMachineNaming bool
syncMachineLabels []string
)

func init() {
Expand Down Expand Up @@ -254,6 +255,14 @@ func InitFlags(fs *pflag.FlagSet) {
"Use deprecated infrastructure machine naming")
_ = fs.MarkDeprecated("use-deprecated-infra-machine-naming", "This flag will be removed in v1.9.")

fs.StringArrayVar(&syncMachineLabels, "sync-machine-labels", []string{
"node-role.kubernetes.io",
"node-restriction.kubernetes.io",
"*.node-restriction.kubernetes.io",
"node.cluster.x-k8s.io",
"*.node.cluster.x-k8s.io",
}, "The list of domains used to sync labels from machines to nodes.")

flags.AddManagerOptions(fs, &managerOptions)

feature.MutableGates.AddFlag(fs)
Expand Down Expand Up @@ -565,6 +574,7 @@ func setupReconcilers(ctx context.Context, mgr ctrl.Manager, watchNamespaces map
ClusterCache: clusterCache,
WatchFilterValue: watchFilterValue,
RemoteConditionsGracePeriod: remoteConditionsGracePeriod,
SyncMachineLabels: syncMachineLabels,
}).SetupWithManager(ctx, mgr, concurrency(machineConcurrency)); err != nil {
setupLog.Error(err, "Unable to create controller", "controller", "Machine")
os.Exit(1)
Expand Down

0 comments on commit 5ff55f6

Please sign in to comment.