Add cache to services reporting (#222)

Author: NetanelBollag

src/go.mod

@@ -34,6 +34,10 @@ const (
 	DNSClientIntentsUpdateIntervalDefault = 1 * time.Second
 	DNSClientIntentsUpdateEnabledKey      = "dns-client-intents-update-enabled"
 	DNSClientIntentsUpdateEnabledDefault  = true
+	ServiceCacheTTLDurationKey            = "service-cache-ttl-duration"
+	ServiceCacheTTLDurationDefault        = 1 * time.Minute
+	ServiceCacheSizeKey                   = "service-cache-size"
+	ServiceCacheSizeDefault               = 10000
 
 	EnableIstioCollectionKey           = "enable-istio-collection"
 	EnableIstioCollectionDefault       = false
@@ -71,5 +75,7 @@ func init() {
 	viper.SetDefault(IstioCooldownIntervalKey, IstioCooldownIntervalDefault)
 	viper.SetDefault(IstioRestrictCollectionToNamespace, "")
 	viper.SetDefault(EnableIstioCollectionKey, EnableIstioCollectionDefault)
+	viper.SetDefault(ServiceCacheTTLDurationKey, ServiceCacheTTLDurationDefault)
+	viper.SetDefault(ServiceCacheSizeKey, ServiceCacheSizeDefault)
 	excludedNamespaces = goset.FromSlice(viper.GetStringSlice(ExcludedNamespacesKey))
 }

src/mapper/pkg/config/config.go

@@ -1,36 +1,53 @@
 package resourcevisibility
 
 import (
+	"bytes"
 	"context"
+	"fmt"
+	"github.com/hashicorp/golang-lru/v2/expirable"
 	"github.com/otterize/intents-operator/src/shared/errors"
 	"github.com/otterize/intents-operator/src/shared/injectablerecorder"
 	"github.com/otterize/network-mapper/src/mapper/pkg/cloudclient"
+	"github.com/otterize/network-mapper/src/mapper/pkg/config"
 	"github.com/otterize/network-mapper/src/mapper/pkg/graph/model"
 	"github.com/samber/lo"
+	"github.com/sirupsen/logrus"
+	"github.com/spf13/viper"
+	"hash/crc32"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/client-go/tools/record"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller"
+	"slices"
 	"time"
 )
 
 type ServiceReconciler struct {
 	client.Client
 	injectablerecorder.InjectableRecorder
-	otterizeCloud cloudclient.CloudClient
-	kubeFinder    KubeFinder
+	otterizeCloud                    cloudclient.CloudClient
+	kubeFinder                       KubeFinder
+	namespaceToReportedServicesCache *expirable.LRU[string, []byte]
 }
 
 type KubeFinder interface {
 	ResolveOtterizeIdentityForService(ctx context.Context, service *corev1.Service, now time.Time) (model.OtterizeServiceIdentity, bool, error)
 }
 
+func OnEvict(key string, _ []byte) {
+	logrus.WithField("namespace", key).Debug("key evicted from cache, you may change configuration to increase cache size or TTL")
+}
+
 func NewServiceReconciler(client client.Client, otterizeCloudClient cloudclient.CloudClient, kubeFinder KubeFinder) *ServiceReconciler {
+	size := viper.GetInt(config.ServiceCacheSizeKey)
+	ttl := viper.GetDuration(config.ServiceCacheTTLDurationKey)
+	cache := expirable.NewLRU[string, []byte](size, OnEvict, ttl)
 	return &ServiceReconciler{
-		Client:        client,
-		otterizeCloud: otterizeCloudClient,
-		kubeFinder:    kubeFinder,
+		Client:                           client,
+		otterizeCloud:                    otterizeCloudClient,
+		kubeFinder:                       kubeFinder,
+		namespaceToReportedServicesCache: cache,
 	}
 }
 
@@ -63,14 +80,49 @@ func (r *ServiceReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
 		return ctrl.Result{}, errors.Wrap(err)
 	}
 
+	hashSum, err := r.getCachedValue(servicesToReport)
+	if err != nil {
+		return ctrl.Result{}, errors.Wrap(err)
+	}
+
+	val, found := r.namespaceToReportedServicesCache.Get(namespace)
+	if found && bytes.Equal(val, hashSum) {
+		logrus.WithField("namespace", namespace).Debug("Skipping reporting of services in namespace due to cache")
+		return ctrl.Result{}, nil
+	}
+
 	err = r.otterizeCloud.ReportK8sServices(ctx, namespace, servicesToReport)
 	if err != nil {
 		return ctrl.Result{}, errors.Wrap(err)
 	}
 
+	r.namespaceToReportedServicesCache.Add(namespace, hashSum)
+
 	return ctrl.Result{}, nil
 }
 
+func (r *ServiceReconciler) getCachedValue(servicesToReport []cloudclient.K8sServiceInput) ([]byte, error) {
+	values := lo.Map(servicesToReport, func(service cloudclient.K8sServiceInput, _ int) string {
+		return reportedServicesCacheValuePart(service)
+	})
+
+	slices.Sort(values)
+
+	hash := crc32.NewIEEE()
+	for _, value := range values {
+		_, err := hash.Write([]byte(value))
+		if err != nil {
+			return nil, errors.Wrap(err)
+		}
+	}
+	hashSum := hash.Sum(nil)
+	return hashSum, nil
+}
+
+func reportedServicesCacheValuePart(service cloudclient.K8sServiceInput) string {
+	return fmt.Sprintf("%s-%s-%s", service.ResourceName, service.OtterizeServer, service.Service.Spec.Type.Item)
+}
+
 func (r *ServiceReconciler) convertToCloudServices(ctx context.Context, services []corev1.Service) ([]cloudclient.K8sServiceInput, error) {
 	cloudServices := make([]cloudclient.K8sServiceInput, 0)
 	for _, service := range services {

src/mapper/pkg/resourcevisibility/svc_reconciler.go

@@ -117,6 +117,196 @@ func (s *ServiceVisibilityTestSuite) TestServiceUpload() {
 	res, err := s.reconciler.Reconcile(context.Background(), req)
 	s.Require().NoError(err)
 	s.Require().Equal(ctrl.Result{}, res)
+
+	s.k8sClient.EXPECT().List(gomock.Any(), gomock.Eq(&emptyList), gomock.Eq(client.InNamespace(testNamespace))).DoAndReturn(
+		func(ctx context.Context, list *corev1.ServiceList, opts ...client.ListOption) error {
+			list.Items = []corev1.Service{service}
+			return nil
+		})
+
+	s.kubeFinder.EXPECT().ResolveOtterizeIdentityForService(gomock.Any(), &service, gomock.Any()).Return(serviceIdentity, true, nil)
+
+	// Reconcile again should not upload cause re-upload due to caching
+	res, err = s.reconciler.Reconcile(context.Background(), req)
+	s.Require().NoError(err)
+	s.Require().Equal(ctrl.Result{}, res)
+}
+
+func (s *ServiceVisibilityTestSuite) TestServiceReUploadOnIdentityChange() {
+	deploymentName := "my-server"
+	service := corev1.Service{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "test-service",
+			Namespace: testNamespace,
+		},
+		Spec: corev1.ServiceSpec{
+			Type: corev1.ServiceTypeClusterIP,
+			Selector: map[string]string{
+				"app": deploymentName,
+			},
+			Ports: []corev1.ServicePort{
+				{
+					Port:       80,
+					Protocol:   corev1.ProtocolTCP,
+					TargetPort: intstr.FromInt32(8080),
+				},
+			},
+		},
+	}
+
+	emptyList := corev1.ServiceList{}
+	s.k8sClient.EXPECT().List(gomock.Any(), gomock.Eq(&emptyList), gomock.Eq(client.InNamespace(testNamespace))).DoAndReturn(
+		func(ctx context.Context, list *corev1.ServiceList, opts ...client.ListOption) error {
+			list.Items = []corev1.Service{service}
+			return nil
+		})
+
+	serviceIdentity := model.OtterizeServiceIdentity{
+		Name:              deploymentName,
+		Namespace:         testNamespace,
+		PodOwnerKind:      nil,
+		KubernetesService: lo.ToPtr(service.Name),
+	}
+	s.kubeFinder.EXPECT().ResolveOtterizeIdentityForService(gomock.Any(), &service, gomock.Any()).Return(serviceIdentity, true, nil)
+
+	serviceInput := cloudclient.K8sServiceInput{
+		OtterizeServer: deploymentName,
+		Namespace:      testNamespace,
+		ResourceName:   service.Name,
+		Service: cloudclient.K8sResourceServiceInput{
+			Spec: cloudclient.K8sResourceServiceSpecInput{
+				Type: nilable.From(cloudclient.K8sServiceTypeClusterIp),
+				Ports: []cloudclient.K8sServicePort{
+					{
+						Port:       80,
+						Protocol:   nilable.From(cloudclient.K8sPortProtocolTcp),
+						TargetPort: nilable.From(cloudclient.IntOrStringInput{IntVal: nilable.From(8080), IsInt: true}),
+					},
+				},
+				Selector: []cloudclient.SelectorKeyValueInput{{Key: nilable.From("app"), Value: nilable.From(deploymentName)}},
+			},
+		},
+	}
+	s.cloudClient.EXPECT().ReportK8sServices(gomock.Any(), testNamespace, gomock.Any()).DoAndReturn(
+		func(ctx context.Context, namespace string, services []cloudclient.K8sServiceInput) error {
+			s.Require().Len(services, 1)
+			s.Require().Equal(serviceInput, services[0])
+			return nil
+		})
+
+	req := ctrl.Request{
+		NamespacedName: client.ObjectKey{
+			Namespace: testNamespace,
+			Name:      "endpoint-for-service",
+		},
+	}
+
+	res, err := s.reconciler.Reconcile(context.Background(), req)
+	s.Require().NoError(err)
+	s.Require().Equal(ctrl.Result{}, res)
+
+	s.k8sClient.EXPECT().List(gomock.Any(), gomock.Eq(&emptyList), gomock.Eq(client.InNamespace(testNamespace))).DoAndReturn(
+		func(ctx context.Context, list *corev1.ServiceList, opts ...client.ListOption) error {
+			list.Items = []corev1.Service{service}
+			return nil
+		})
+
+	newIdentity := model.OtterizeServiceIdentity{
+		Name:              "another-server",
+		Namespace:         testNamespace,
+		PodOwnerKind:      nil,
+		KubernetesService: lo.ToPtr(service.Name),
+	}
+
+	s.kubeFinder.EXPECT().ResolveOtterizeIdentityForService(gomock.Any(), &service, gomock.Any()).Return(newIdentity, true, nil)
+
+	newServiceInput := cloudclient.K8sServiceInput{
+		OtterizeServer: "another-server",
+		Namespace:      testNamespace,
+		ResourceName:   service.Name,
+		Service: cloudclient.K8sResourceServiceInput{
+			Spec: cloudclient.K8sResourceServiceSpecInput{
+				Type: nilable.From(cloudclient.K8sServiceTypeClusterIp),
+				Ports: []cloudclient.K8sServicePort{
+					{
+						Port:       80,
+						Protocol:   nilable.From(cloudclient.K8sPortProtocolTcp),
+						TargetPort: nilable.From(cloudclient.IntOrStringInput{IntVal: nilable.From(8080), IsInt: true}),
+					},
+				},
+				Selector: []cloudclient.SelectorKeyValueInput{{Key: nilable.From("app"), Value: nilable.From(deploymentName)}},
+			},
+		},
+	}
+
+	s.cloudClient.EXPECT().ReportK8sServices(gomock.Any(), testNamespace, gomock.Any()).DoAndReturn(
+		func(ctx context.Context, namespace string, services []cloudclient.K8sServiceInput) error {
+			s.Require().Len(services, 1)
+			s.Require().Equal(newServiceInput, services[0])
+			return nil
+		})
+
+	res, err = s.reconciler.Reconcile(context.Background(), req)
+	s.Require().NoError(err)
+	s.Require().Equal(ctrl.Result{}, res)
+
+	nodePortService := corev1.Service{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "test-service",
+			Namespace: testNamespace,
+		},
+		Spec: corev1.ServiceSpec{
+			Type: corev1.ServiceTypeNodePort,
+			Selector: map[string]string{
+				"app": deploymentName,
+			},
+			Ports: []corev1.ServicePort{
+				{
+					Port:       80,
+					Protocol:   corev1.ProtocolTCP,
+					TargetPort: intstr.FromInt32(8080),
+				},
+			},
+		},
+	}
+	s.k8sClient.EXPECT().List(gomock.Any(), gomock.Eq(&emptyList), gomock.Eq(client.InNamespace(testNamespace))).DoAndReturn(
+		func(ctx context.Context, list *corev1.ServiceList, opts ...client.ListOption) error {
+			list.Items = []corev1.Service{nodePortService}
+			return nil
+		})
+
+	s.kubeFinder.EXPECT().ResolveOtterizeIdentityForService(gomock.Any(), &nodePortService, gomock.Any()).Return(newIdentity, true, nil)
+
+	nodePortServiceInput := cloudclient.K8sServiceInput{
+		OtterizeServer: "another-server",
+		Namespace:      testNamespace,
+		ResourceName:   service.Name,
+		Service: cloudclient.K8sResourceServiceInput{
+			Spec: cloudclient.K8sResourceServiceSpecInput{
+				Type: nilable.From(cloudclient.K8sServiceTypeNodePort),
+				Ports: []cloudclient.K8sServicePort{
+					{
+						Port:       80,
+						Protocol:   nilable.From(cloudclient.K8sPortProtocolTcp),
+						TargetPort: nilable.From(cloudclient.IntOrStringInput{IntVal: nilable.From(8080), IsInt: true}),
+					},
+				},
+				Selector: []cloudclient.SelectorKeyValueInput{{Key: nilable.From("app"), Value: nilable.From(deploymentName)}},
+			},
+		},
+	}
+
+	s.cloudClient.EXPECT().ReportK8sServices(gomock.Any(), testNamespace, gomock.Any()).DoAndReturn(
+		func(ctx context.Context, namespace string, services []cloudclient.K8sServiceInput) error {
+			s.Require().Len(services, 1)
+			s.Require().Equal(nodePortServiceInput, services[0])
+			return nil
+
+		})
+
+	res, err = s.reconciler.Reconcile(context.Background(), req)
+	s.Require().NoError(err)
+	s.Require().Equal(ctrl.Result{}, res)
 }
 
 func (s *ServiceVisibilityTestSuite) TestUploadEmptyNamespaces() {