Skip to content

Commit 9ba9103

Browse files
qiczqicz
authored
refactor: set defaults in Deployment, else k8s sets them for you, creating infinite reconciliation loop (envoyproxy#1594)
* fix: envoy proxy resource apply bug. Signed-off-by: qicz <[email protected]> * update pointer. Signed-off-by: qicz <[email protected]> * add comment Signed-off-by: qicz <[email protected]> * update cm cmp logic. Signed-off-by: qicz <[email protected]> * fix lint Signed-off-by: qicz <[email protected]> * add probe field default value. Signed-off-by: qicz <[email protected]> * fix uts Signed-off-by: qicz <[email protected]> * align probe Signed-off-by: qicz <[email protected]> * optimize deploy compare logic Signed-off-by: qicz <[email protected]> * add compare deploy uts Signed-off-by: qicz <[email protected]> * rm cm binarydata cmp Signed-off-by: qicz <[email protected]> * rm deploy cmp logic Signed-off-by: qicz <[email protected]> * fix ut Signed-off-by: qicz <[email protected]> * fix lint Signed-off-by: qicz <[email protected]> --------- Signed-off-by: qicz <[email protected]> Signed-off-by: qi <[email protected]>
1 parent b37e2e9 commit 9ba9103

25 files changed

+132
-11
lines changed

internal/infrastructure/kubernetes/proxy/resource.go

Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -163,10 +163,15 @@ func expectedProxyContainers(infra *ir.ProxyInfra, deploymentConfig *egcfgv1a1.K
163163
ReadinessProbe: &corev1.Probe{
164164
ProbeHandler: corev1.ProbeHandler{
165165
HTTPGet: &corev1.HTTPGetAction{
166-
Path: bootstrap.EnvoyReadinessPath,
167-
Port: intstr.IntOrString{Type: intstr.Int, IntVal: bootstrap.EnvoyReadinessPort},
166+
Path: bootstrap.EnvoyReadinessPath,
167+
Port: intstr.IntOrString{Type: intstr.Int, IntVal: bootstrap.EnvoyReadinessPort},
168+
Scheme: corev1.URISchemeHTTP,
168169
},
169170
},
171+
TimeoutSeconds: 1,
172+
PeriodSeconds: 10,
173+
SuccessThreshold: 1,
174+
FailureThreshold: 3,
170175
},
171176
},
172177
}
@@ -222,7 +227,8 @@ func expectedDeploymentVolumes(name string, deploymentSpec *egcfgv1a1.Kubernetes
222227
Name: "certs",
223228
VolumeSource: corev1.VolumeSource{
224229
Secret: &corev1.SecretVolumeSource{
225-
SecretName: "envoy",
230+
SecretName: "envoy",
231+
DefaultMode: pointer.Int32(420),
226232
},
227233
},
228234
},
@@ -243,7 +249,7 @@ func expectedDeploymentVolumes(name string, deploymentSpec *egcfgv1a1.Kubernetes
243249
Path: SdsCertFilename,
244250
},
245251
},
246-
DefaultMode: pointer.Int32(int32(420)),
252+
DefaultMode: pointer.Int32(420),
247253
Optional: pointer.Bool(false),
248254
},
249255
},

internal/infrastructure/kubernetes/proxy/resource_provider.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -224,6 +224,8 @@ func (r *ResourceRender) Deployment() (*appsv1.Deployment, error) {
224224
Volumes: expectedDeploymentVolumes(r.infra.Name, deploymentConfig),
225225
},
226226
},
227+
RevisionHistoryLimit: pointer.Int32(10),
228+
ProgressDeadlineSeconds: pointer.Int32(600),
227229
},
228230
}
229231

internal/infrastructure/kubernetes/proxy/resource_provider_test.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -208,7 +208,8 @@ func TestDeployment(t *testing.T) {
208208
Name: "certs",
209209
VolumeSource: corev1.VolumeSource{
210210
Secret: &corev1.SecretVolumeSource{
211-
SecretName: "custom-envoy-cert",
211+
SecretName: "custom-envoy-cert",
212+
DefaultMode: pointer.Int32(420),
212213
},
213214
},
214215
},

internal/infrastructure/kubernetes/proxy/testdata/deployments/bootstrap.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,11 @@ spec:
6767
httpGet:
6868
path: /ready
6969
port: 19001
70+
scheme: HTTP
71+
timeoutSeconds: 1
72+
periodSeconds: 10
73+
successThreshold: 1
74+
failureThreshold: 3
7075
terminationMessagePath: /dev/termination-log
7176
terminationMessagePolicy: File
7277
volumeMounts:
@@ -84,6 +89,7 @@ spec:
8489
- name: certs
8590
secret:
8691
secretName: envoy
92+
defaultMode: 420
8793
- configMap:
8894
defaultMode: 420
8995
items:
@@ -94,3 +100,5 @@ spec:
94100
name: envoy-default-64656661
95101
optional: false
96102
name: sds
103+
revisionHistoryLimit: 10
104+
progressDeadlineSeconds: 600

internal/infrastructure/kubernetes/proxy/testdata/deployments/component-level.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,11 @@ spec:
6868
httpGet:
6969
path: /ready
7070
port: 19001
71+
scheme: HTTP
72+
timeoutSeconds: 1
73+
periodSeconds: 10
74+
successThreshold: 1
75+
failureThreshold: 3
7176
terminationMessagePath: /dev/termination-log
7277
terminationMessagePolicy: File
7378
volumeMounts:
@@ -85,6 +90,7 @@ spec:
8590
- name: certs
8691
secret:
8792
secretName: envoy
93+
defaultMode: 420
8894
- configMap:
8995
defaultMode: 420
9096
items:
@@ -95,3 +101,5 @@ spec:
95101
name: envoy-default-64656661
96102
optional: false
97103
name: sds
104+
revisionHistoryLimit: 10
105+
progressDeadlineSeconds: 600

internal/infrastructure/kubernetes/proxy/testdata/deployments/custom.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -171,6 +171,11 @@ spec:
171171
httpGet:
172172
path: /ready
173173
port: 19001
174+
scheme: HTTP
175+
timeoutSeconds: 1
176+
periodSeconds: 10
177+
successThreshold: 1
178+
failureThreshold: 3
174179
terminationMessagePath: /dev/termination-log
175180
terminationMessagePolicy: File
176181
securityContext:
@@ -192,6 +197,7 @@ spec:
192197
- name: certs
193198
secret:
194199
secretName: envoy
200+
defaultMode: 420
195201
- configMap:
196202
defaultMode: 420
197203
items:
@@ -202,3 +208,5 @@ spec:
202208
name: envoy-default-64656661
203209
optional: false
204210
name: sds
211+
revisionHistoryLimit: 10
212+
progressDeadlineSeconds: 600

internal/infrastructure/kubernetes/proxy/testdata/deployments/default-env.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -169,6 +169,11 @@ spec:
169169
httpGet:
170170
path: /ready
171171
port: 19001
172+
scheme: HTTP
173+
timeoutSeconds: 1
174+
periodSeconds: 10
175+
successThreshold: 1
176+
failureThreshold: 3
172177
terminationMessagePath: /dev/termination-log
173178
terminationMessagePolicy: File
174179
securityContext:
@@ -190,6 +195,7 @@ spec:
190195
- name: certs
191196
secret:
192197
secretName: envoy
198+
defaultMode: 420
193199
- configMap:
194200
defaultMode: 420
195201
items:
@@ -200,3 +206,5 @@ spec:
200206
name: envoy-default-64656661
201207
optional: false
202208
name: sds
209+
revisionHistoryLimit: 10
210+
progressDeadlineSeconds: 600

internal/infrastructure/kubernetes/proxy/testdata/deployments/default.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -164,6 +164,11 @@ spec:
164164
httpGet:
165165
path: /ready
166166
port: 19001
167+
scheme: HTTP
168+
timeoutSeconds: 1
169+
periodSeconds: 10
170+
successThreshold: 1
171+
failureThreshold: 3
167172
terminationMessagePath: /dev/termination-log
168173
terminationMessagePolicy: File
169174
volumeMounts:
@@ -181,6 +186,7 @@ spec:
181186
- name: certs
182187
secret:
183188
secretName: envoy
189+
defaultMode: 420
184190
- configMap:
185191
defaultMode: 420
186192
items:
@@ -191,3 +197,5 @@ spec:
191197
name: envoy-default-64656661
192198
optional: false
193199
name: sds
200+
revisionHistoryLimit: 10
201+
progressDeadlineSeconds: 600

internal/infrastructure/kubernetes/proxy/testdata/deployments/enable-prometheus.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -190,6 +190,11 @@ spec:
190190
httpGet:
191191
path: /ready
192192
port: 19001
193+
scheme: HTTP
194+
timeoutSeconds: 1
195+
periodSeconds: 10
196+
successThreshold: 1
197+
failureThreshold: 3
193198
terminationMessagePath: /dev/termination-log
194199
terminationMessagePolicy: File
195200
volumeMounts:
@@ -207,6 +212,7 @@ spec:
207212
- name: certs
208213
secret:
209214
secretName: envoy
215+
defaultMode: 420
210216
- configMap:
211217
defaultMode: 420
212218
items:
@@ -217,3 +223,5 @@ spec:
217223
name: envoy-default-64656661
218224
optional: false
219225
name: sds
226+
revisionHistoryLimit: 10
227+
progressDeadlineSeconds: 600

internal/infrastructure/kubernetes/proxy/testdata/deployments/extension-env.yaml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -173,6 +173,11 @@ spec:
173173
httpGet:
174174
path: /ready
175175
port: 19001
176+
scheme: HTTP
177+
timeoutSeconds: 1
178+
periodSeconds: 10
179+
successThreshold: 1
180+
failureThreshold: 3
176181
terminationMessagePath: /dev/termination-log
177182
terminationMessagePolicy: File
178183
securityContext:
@@ -194,6 +199,7 @@ spec:
194199
- name: certs
195200
secret:
196201
secretName: envoy
202+
defaultMode: 420
197203
- configMap:
198204
defaultMode: 420
199205
items:
@@ -204,3 +210,5 @@ spec:
204210
name: envoy-default-64656661
205211
optional: false
206212
name: sds
213+
revisionHistoryLimit: 10
214+
progressDeadlineSeconds: 600

0 commit comments

Comments
 (0)