Merge pull request #453 from l1b0k/update_12

several bug fix and improvement

Author: BSWANG

cmd/terway-controlplane/terway-controlplane.go

@@ -21,10 +21,11 @@ import (
 	"math/rand"
 	"time"
 
-	"github.com/AliyunContainerService/terway/pkg/aliyun/client"
+	aliyun "github.com/AliyunContainerService/terway/pkg/aliyun/client"
 	"github.com/AliyunContainerService/terway/pkg/aliyun/credential"
 	"github.com/AliyunContainerService/terway/pkg/apis/crds"
 	networkv1beta1 "github.com/AliyunContainerService/terway/pkg/apis/network.alibabacloud.com/v1beta1"
+	"github.com/AliyunContainerService/terway/pkg/backoff"
 	"github.com/AliyunContainerService/terway/pkg/cert"
 	register "github.com/AliyunContainerService/terway/pkg/controller"
 	_ "github.com/AliyunContainerService/terway/pkg/controller/all"
@@ -35,7 +36,6 @@ import (
 	"github.com/AliyunContainerService/terway/pkg/utils"
 	"github.com/AliyunContainerService/terway/pkg/version"
 	"github.com/AliyunContainerService/terway/types/controlplane"
-
 	"k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
@@ -60,14 +60,25 @@ func init() {
 
 func main() {
 	rand.Seed(time.Now().UnixNano())
+	var (
+		configFilePath     string
+		credentialFilePath string
+	)
+	flag.StringVar(&configFilePath, "config", "/etc/config/ctrl-config.yaml", "config file for controlplane")
+	flag.StringVar(&credentialFilePath, "credential", "/etc/credential/ctrl-secret.yaml", "secret file for controlplane")
+
 	flag.Parse()
 
 	ctrl.SetLogger(klogr.New())
 	log.Info(version.Version)
 
-	cfg := controlplane.GetConfig()
-	log.Info("using config", "config", cfg)
+	ctx := ctrl.SetupSignalHandler()
 
+	cfg, err := controlplane.ParseAndValidate(configFilePath, credentialFilePath)
+	if err != nil {
+		panic(err)
+	}
+	backoff.OverrideBackoff(cfg.BackoffOverride)
 	utils.SetStsKinds(cfg.CustomStatefulWorkloadKinds)
 
 	restConfig := ctrl.GetConfigOrDie()
@@ -76,7 +87,9 @@ func main() {
 	restConfig.UserAgent = version.UA
 	utils.RegisterClients(restConfig)
 
-	err := crds.RegisterCRDs()
+	log.Info("using config", "config", cfg)
+
+	err = crds.RegisterCRDs()
 	if err != nil {
 		panic(err)
 	}
@@ -91,13 +104,11 @@ func main() {
 		panic(err)
 	}
 
-	aliyunClient, err := client.New(clientSet, flowcontrol.NewTokenBucketRateLimiter(cfg.ReadOnlyQPS, cfg.ReadOnlyBurst), flowcontrol.NewTokenBucketRateLimiter(cfg.MutatingQPS, cfg.MutatingBurst))
+	aliyunClient, err := aliyun.New(clientSet, flowcontrol.NewTokenBucketRateLimiter(cfg.ReadOnlyQPS, cfg.ReadOnlyBurst), flowcontrol.NewTokenBucketRateLimiter(cfg.MutatingQPS, cfg.MutatingBurst))
 	if err != nil {
 		panic(err)
 	}
 
-	ctx := ctrl.SetupSignalHandler()
-
 	mgr, err := ctrl.NewManager(restConfig, ctrl.Options{
 		Scheme:                     scheme,
 		HealthProbeBindAddress:     cfg.HealthzBindAddress,

daemon/daemon.go

@@ -19,7 +19,6 @@ import (
 	podENITypes "github.com/AliyunContainerService/terway/pkg/apis/network.alibabacloud.com/v1beta1"
 	"github.com/AliyunContainerService/terway/pkg/backoff"
 	terwayIP "github.com/AliyunContainerService/terway/pkg/ip"
-	"github.com/AliyunContainerService/terway/pkg/ipam"
 	"github.com/AliyunContainerService/terway/pkg/link"
 	"github.com/AliyunContainerService/terway/pkg/logger"
 	"github.com/AliyunContainerService/terway/pkg/metric"
@@ -29,6 +28,7 @@ import (
 	"github.com/AliyunContainerService/terway/pkg/utils"
 	"github.com/AliyunContainerService/terway/rpc"
 	"github.com/AliyunContainerService/terway/types"
+	"github.com/AliyunContainerService/terway/types/daemon"
 
 	"github.com/containernetworking/cni/libcni"
 	containertypes "github.com/containernetworking/cni/pkg/types"
@@ -265,6 +265,9 @@ func (n *networkService) AllocIP(ctx context.Context, r *rpc.AllocIPRequest) (*r
 				if netConfig.IfName != IfEth0 && netConfig.IfName != "" {
 					continue
 				}
+				if netConfig.BasicInfo == nil || netConfig.BasicInfo.PodIP == nil {
+					continue
+				}
 				var ips []string
 				if netConfig.BasicInfo.PodIP.IPv4 != "" {
 					ips = append(ips, netConfig.BasicInfo.PodIP.IPv4)
@@ -491,6 +494,14 @@ func (n *networkService) ReleaseIP(ctx context.Context, r *rpc.ReleaseIPRequest)
 		"containerID": r.K8SPodInfraContainerId,
 	}).Info("release ip req")
 
+	_, exist := n.pendingPods.LoadOrStore(podInfoKey(r.K8SPodNamespace, r.K8SPodName), struct{}{})
+	if exist {
+		return nil, fmt.Errorf("pod %s resource processing", podInfoKey(r.K8SPodNamespace, r.K8SPodName))
+	}
+	defer func() {
+		n.pendingPods.Delete(podInfoKey(r.K8SPodNamespace, r.K8SPodName))
+	}()
+
 	n.RLock()
 	defer n.RUnlock()
 	var (
@@ -1336,7 +1347,7 @@ func newNetworkService(configFilePath, kubeconfig, master, daemonMode string) (r
 
 	var err error
 
-	globalConfig, err := types.GetConfigFromFileWithMerge(configFilePath, nil)
+	globalConfig, err := daemon.GetConfigFromFileWithMerge(configFilePath, nil)
 	if err != nil {
 		return nil, err
 	}
@@ -1353,7 +1364,7 @@ func newNetworkService(configFilePath, kubeconfig, master, daemonMode string) (r
 		dynamicCfg = ""
 	}
 
-	config, err := types.GetConfigFromFileWithMerge(configFilePath, []byte(dynamicCfg))
+	config, err := daemon.GetConfigFromFileWithMerge(configFilePath, []byte(dynamicCfg))
 	if err != nil {
 		return nil, fmt.Errorf("failed parse config: %v", err)
 	}
@@ -1440,10 +1451,6 @@ func newNetworkService(configFilePath, kubeconfig, master, daemonMode string) (r
 	}
 	serviceLog.Infof("init pool config: %+v", poolConfig)
 
-	err = restoreLocalENIRes(ecs, netSrv.k8s, netSrv.resourceDB)
-	if err != nil {
-		return nil, errors.Wrapf(err, "error restore local eni resources")
-	}
 	localResource := make(map[string]map[string]resourceManagerInitItem)
 	resObjList, err := netSrv.resourceDB.List()
 	if err != nil {
@@ -1537,53 +1544,8 @@ func newNetworkService(configFilePath, kubeconfig, master, daemonMode string) (r
 	return netSrv, nil
 }
 
-// restore local eni resources for old terway migration
-func restoreLocalENIRes(ecs ipam.API, k8s Kubernetes, resourceDB storage.Storage) error {
-	resList, err := resourceDB.List()
-	if err != nil {
-		return errors.Wrapf(err, "error list resourceDB storage")
-	}
-	if len(resList) != 0 {
-		serviceLog.Debugf("skip restore for upgraded")
-		return nil
-	}
-
-	eniList, err := ecs.GetAttachedENIs(context.Background(), false)
-	if err != nil {
-		return errors.Wrapf(err, "error get attached eni for restore")
-	}
-	ipEniMap := map[string]*types.ENI{}
-	for _, eni := range eniList {
-		ipEniMap[eni.PrimaryIP.IPv4.String()] = eni
-	}
-
-	podList, err := k8s.GetLocalPods()
-	if err != nil {
-		return errors.Wrapf(err, "error get local pod for restore")
-	}
-	for _, pod := range podList {
-		if pod.PodNetworkType != podNetworkTypeVPCENI {
-			continue
-		}
-		serviceLog.Debugf("restore for local pod: %+v, enis: %+v", pod, ipEniMap)
-		eni, ok := ipEniMap[pod.PodIPs.IPv4.String()]
-		if ok {
-			err = resourceDB.Put(podInfoKey(pod.Namespace, pod.Name), types.PodResources{
-				PodInfo:   pod,
-				Resources: eni.ToResItems(),
-			})
-			if err != nil {
-				return errors.Wrapf(err, "error put resource into store")
-			}
-		} else {
-			serviceLog.Warnf("error found pod relate eni, pod: %+v", pod)
-		}
-	}
-	return nil
-}
-
 // setup default value
-func setDefault(cfg *types.Configure) error {
+func setDefault(cfg *daemon.Config) error {
 	if cfg.EniCapRatio == 0 {
 		cfg.EniCapRatio = 1
 	}
@@ -1600,7 +1562,7 @@ func setDefault(cfg *types.Configure) error {
 	return nil
 }
 
-func validateConfig(cfg *types.Configure) error {
+func validateConfig(cfg *daemon.Config) error {
 	switch cfg.IPStack {
 	case "", string(types.IPStackIPv4), string(types.IPStackDual):
 	default:
@@ -1610,7 +1572,7 @@ func validateConfig(cfg *types.Configure) error {
 	return nil
 }
 
-func getPoolConfig(cfg *types.Configure, ipamType types.IPAMType) (*types.PoolConfig, error) {
+func getPoolConfig(cfg *daemon.Config, ipamType types.IPAMType) (*types.PoolConfig, error) {
 	poolConfig := &types.PoolConfig{
 		MaxPoolSize:               cfg.MaxPoolSize,
 		MinPoolSize:               cfg.MinPoolSize,

daemon/eni-multi-ip.go

@@ -781,7 +781,7 @@ func (f *eniIPFactory) checkAccount(message chan<- string) {
 	// get ENIs via Aliyun API
 	message <- "fetching attached ENIs from aliyun\n"
 	ctx := context.Background()
-	enis, err := f.eniFactory.ecs.GetAttachedENIs(ctx, false)
+	enis, err := f.eniFactory.ecs.GetAttachedENIs(ctx, false, f.trunkOnEni)
 	if err != nil {
 		message <- fmt.Sprintf("error while fetching from remote: %s\n", err.Error())
 		return
@@ -943,7 +943,7 @@ func newENIIPResourceManager(poolConfig *types.PoolConfig, ecs ipam.API, k8s Kub
 		Initializer: func(holder pool.ResourceHolder) error {
 			ctx := context.Background()
 			// not use main ENI for ENI multiple ip allocate
-			enis, err := ecs.GetAttachedENIs(ctx, false)
+			enis, err := ecs.GetAttachedENIs(ctx, false, factory.trunkOnEni)
 			if err != nil {
 				return fmt.Errorf("error get attach ENI on pool init, %w", err)
 			}

daemon/eni.go

@@ -106,7 +106,7 @@ func newENIResourceManager(poolConfig *types.PoolConfig, ecs ipam.API, allocated
 		Factory:  factory,
 		Initializer: func(holder pool.ResourceHolder) error {
 			ctx := context.Background()
-			enis, err := ecs.GetAttachedENIs(ctx, false)
+			enis, err := ecs.GetAttachedENIs(ctx, false, factory.trunkOnEni)
 			if err != nil {
 				return fmt.Errorf("error get attach ENI on pool init, %w", err)
 			}
@@ -425,7 +425,7 @@ func (f *eniFactory) Check(res types.NetworkResource) error {
 }
 
 func (f *eniFactory) ListResource() (map[string]types.NetworkResource, error) {
-	enis, err := f.ecs.GetAttachedENIs(context.Background(), false)
+	enis, err := f.ecs.GetAttachedENIs(context.Background(), false, f.trunkOnEni)
 	if err != nil {
 		return nil, err
 	}

daemon/k8s.go

@@ -21,6 +21,7 @@ import (
 	"github.com/AliyunContainerService/terway/pkg/utils"
 	"github.com/AliyunContainerService/terway/pkg/version"
 	"github.com/AliyunContainerService/terway/types"
+	"github.com/AliyunContainerService/terway/types/daemon"
 
 	"github.com/pkg/errors"
 	log "github.com/sirupsen/logrus"
@@ -269,7 +270,7 @@ func (k *k8s) WaitTrunkReady() (string, error) {
 }
 
 // newK8S return Kubernetes service by pod spec and daemon mode
-func newK8S(master, kubeconfig string, daemonMode string, globalConfig *types.Configure) (Kubernetes, error) {
+func newK8S(master, kubeconfig string, daemonMode string, globalConfig *daemon.Config) (Kubernetes, error) {
 
 	k8sRestConfig, err := clientcmd.BuildConfigFromFlags(master, kubeconfig)
 	if err != nil {

pkg/aliyun/aliyun.go

@@ -177,7 +177,7 @@ func (e *Impl) destroyInterface(ctx context.Context, eniID, instanceID, trunkENI
 
 // GetAttachedENIs of instanceId
 // containsMainENI is contains the main interface(eth0) of instance
-func (e *Impl) GetAttachedENIs(ctx context.Context, containsMainENI bool) ([]*types.ENI, error) {
+func (e *Impl) GetAttachedENIs(ctx context.Context, containsMainENI bool, trunkENIID string) ([]*types.ENI, error) {
 	enis, err := e.metadata.GetENIs(containsMainENI)
 	if err != nil {
 		return nil, fmt.Errorf("error get eni config by mac, %w", err)
@@ -188,14 +188,20 @@ func (e *Impl) GetAttachedENIs(ctx context.Context, containsMainENI bool) ([]*ty
 	for _, eni := range enis {
 		eniIDs = append(eniIDs, eni.ID)
 		enisMap[eni.ID] = eni
+
+		if trunkENIID == eni.ID {
+			eni.Trunk = true
+		}
 	}
 	if e.eniTypeAttr && len(eniIDs) > 0 {
-		eniSet, err := e.DescribeNetworkInterface(ctx, "", eniIDs, "", "", "", nil)
-		if err != nil {
-			return nil, err
-		}
-		for _, eni := range eniSet {
-			enisMap[eni.NetworkInterfaceID].Trunk = eni.Type == client.ENITypeTrunk
+		if trunkENIID == "" {
+			eniSet, err := e.DescribeNetworkInterface(ctx, "", eniIDs, "", "", "", nil)
+			if err != nil {
+				return nil, err
+			}
+			for _, eni := range eniSet {
+				enisMap[eni.NetworkInterfaceID].Trunk = eni.Type == client.ENITypeTrunk
+			}
 		}
 	}
 	return enis, nil

pkg/aliyun/client/ecs.go

@@ -384,22 +384,40 @@ func (a *OpenAPI) UnAssignIpv6Addresses(ctx context.Context, eniID string, ips [
 }
 
 func (a *OpenAPI) DescribeInstanceTypes(ctx context.Context, types []string) ([]ecs.InstanceType, error) {
-	req := ecs.CreateDescribeInstanceTypesRequest()
-	if types != nil {
-		req.InstanceTypes = &types
-	}
-	start := time.Now()
-	resp, err := a.ClientSet.ECS().DescribeInstanceTypes(req)
-	metric.OpenAPILatency.WithLabelValues("DescribeInstanceTypes", fmt.Sprint(err != nil)).Observe(metric.MsSince(start))
+	var result []ecs.InstanceType
 
-	l := log.WithFields(map[string]interface{}{
-		LogFieldAPI: "DescribeInstanceTypes",
-	})
-	if err != nil {
-		l.WithField(LogFieldRequestID, apiErr.ErrRequestID(err)).Error(err)
-		return nil, err
+	nextToken := ""
+	for {
+		req := ecs.CreateDescribeInstanceTypesRequest()
+		req.NextToken = nextToken
+		// nb(l1b0k): see https://help.aliyun.com/practice_detail/461278.
+		req.MaxResults = requests.NewInteger(100)
+		if types != nil {
+			req.InstanceTypes = &types
+		}
+		start := time.Now()
+		resp, err := a.ClientSet.ECS().DescribeInstanceTypes(req)
+		metric.OpenAPILatency.WithLabelValues("DescribeInstanceTypes", fmt.Sprint(err != nil)).Observe(metric.MsSince(start))
+
+		l := log.WithFields(map[string]interface{}{
+			LogFieldAPI: "DescribeInstanceTypes",
+		})
+		if err != nil {
+			l.WithField(LogFieldRequestID, apiErr.ErrRequestID(err)).Error(err)
+			return nil, err
+		}
+
+		for _, r := range resp.InstanceTypes.InstanceType {
+			result = append(result, r)
+		}
+
+		if resp.NextToken == "" {
+			break
+		}
+		nextToken = resp.NextToken
 	}
-	return resp.InstanceTypes.InstanceType, nil
+
+	return result, nil
 }
 
 func (a *OpenAPI) ModifyNetworkInterfaceAttribute(ctx context.Context, eniID string, securityGroupIDs []string) error {