37 Star 407 Fork 75

GVPrancher/rancher

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
克隆/下载
clusterHandler.go 4.09 KB
一键复制 编辑 原始数据 按行查看 历史
package networkpolicy
import (
"fmt"
"github.com/rancher/norman/types/convert"
"github.com/rancher/rancher/pkg/controllers/user/nodesyncer"
"github.com/rancher/types/apis/core/v1"
"github.com/rancher/types/apis/management.cattle.io/v3"
"github.com/rancher/types/config"
"github.com/sirupsen/logrus"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/labels"
)
type clusterHandler struct {
cluster *config.UserContext
pnpLister v3.ProjectNetworkPolicyLister
podLister v1.PodLister
serviceLister v1.ServiceLister
pLister v3.ProjectLister
clusters v3.ClusterInterface
pnps v3.ProjectNetworkPolicyInterface
npmgr *netpolMgr
clusterNamespace string
}
/*
clusterHandler enqueues resources for creating/deleting network policies
based on cluster.Annotations[netPolAnnotation] and sets status if successful
*/
func (ch *clusterHandler) Sync(key string, cluster *v3.Cluster) error {
if cluster == nil || cluster.DeletionTimestamp != nil ||
cluster.Name != ch.clusterNamespace ||
!v3.ClusterConditionReady.IsTrue(cluster) {
return nil
}
if cluster.Spec.EnableNetworkPolicy == nil {
return nil
}
toEnable := convert.ToBool(cluster.Annotations[netPolAnnotation])
if cluster.Status.AppliedEnableNetworkPolicy == toEnable {
return nil
}
if toEnable != *cluster.Spec.EnableNetworkPolicy {
// allow clusterNetAnnHandler to update first
return nil
}
var err error
if toEnable {
logrus.Infof("clusterHandler: calling sync to create network policies for cluster %v", cluster.Name)
err = ch.createNetworkPolicies(cluster)
} else {
logrus.Infof("clusterHandler: deleting network policies for cluster %s", cluster.Name)
err = ch.deleteNetworkPolicies(cluster)
}
if err != nil {
return err
}
cluster.Status.AppliedEnableNetworkPolicy = toEnable
_, err = ch.clusters.Update(cluster)
if err != nil {
return err
}
return nil
}
func (ch *clusterHandler) createNetworkPolicies(cluster *v3.Cluster) error {
projects, err := ch.pLister.List(cluster.Name, labels.NewSelector())
if err != nil {
return fmt.Errorf("projectLister: %v", err)
}
for _, project := range projects {
ch.npmgr.projects.Controller().Enqueue(project.Namespace, project.Name)
}
systemNamespaces, _, err := ch.npmgr.getSystemNSInfo(cluster.Name)
if err != nil {
return fmt.Errorf("systemNS: %v", err)
}
//hostPort
pods, err := ch.podLister.List("", labels.NewSelector())
if err != nil {
return fmt.Errorf("podLister: %v", err)
}
for _, pod := range pods {
if systemNamespaces[pod.Namespace] {
continue
}
if hostPortPod(pod) {
ch.cluster.Core.Pods("").Controller().Enqueue(pod.Namespace, pod.Name)
}
}
// nodePort
svcs, err := ch.serviceLister.List("", labels.NewSelector())
if err != nil {
return err
}
for _, svc := range svcs {
if systemNamespaces[svc.Namespace] {
continue
}
if nodePortService(svc) {
ch.cluster.Core.Services("").Controller().Enqueue(svc.Namespace, svc.Name)
}
}
ch.cluster.Management.Management.Nodes(ch.cluster.ClusterName).Controller().Enqueue(
cluster.ClusterName, fmt.Sprintf("%s/%s", ch.cluster.ClusterName, nodesyncer.AllNodeKey))
return nil
//skipping nssyncer, projectSyncer + nodehandler would result into handling nssyncer as well
}
func (ch *clusterHandler) deleteNetworkPolicies(cluster *v3.Cluster) error {
nps, err := ch.npmgr.npLister.List("", labels.NewSelector())
if err != nil {
return fmt.Errorf("npLister: %v", err)
}
for _, np := range nps {
if err := ch.npmgr.delete(np.Namespace, np.Name); err != nil {
return fmt.Errorf("npDelete: %v", err)
}
}
projects, err := ch.pLister.List(cluster.Name, labels.NewSelector())
if err != nil {
return fmt.Errorf("projectLister: %v", err)
}
for _, project := range projects {
pnps, err := ch.pnpLister.List(project.Name, labels.NewSelector())
if err != nil {
return fmt.Errorf("pnpLister: %v", err)
}
for _, pnp := range pnps {
err := ch.pnps.DeleteNamespaced(pnp.Namespace, pnp.Name, &metav1.DeleteOptions{})
if err != nil {
return fmt.Errorf("pnpDelete: %v", err)
}
}
}
return nil
}
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
Go
1
https://gitee.com/rancher/rancher.git
git@gitee.com:rancher/rancher.git
rancher
rancher
rancher
v2.0.14-rc2

搜索帮助