cilium / cilium / 11661
39%

DEFAULT BRANCH: master
Ran
Jobs 1
Files 455
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 45.19% (-0.2%) from 45.366%
11661

push

travis-ci-com

ianvernon 
operator: send CNPNodeStatus updates to k8s

In large scale environments, the current model of having each node in the
cluster try to update the NodeStatus for a CNP means that the amount of requests
sent to update the status via the API server is the following product:

```
\# of CNPs * # of nodes in the cluster
```

This does not scale for large numbers of policies / large numbers of nodes in
the cluster, as this results in a large amount of load on kube-apiserver.

To reduce the amount of interaction directly with the kube-apiserver, have each
ode update the key-value store used by Cilium with its status for the CNP and
have `cilium-operator` be the sole interactor with kube-apiserver for updating
the status. `cilium-operator` will watch for events from the key-value store for
CNP statuses, and will then update the kube-apiserver with the updates.

The information is stored in the key-value store in the following format:

```
cilium/state/cnpstatuses/v2/<UUID of CNP structure>/<namespace>/<name>/<node name> --> <marshaled CNPNodeStatus + namespace, name, UID, node name>
```

The operator has a kvstore watcher which spawns at bootstrap. Upon creation or
modification of a key in the the `cilium/state/cnpstatuses/v2/` prefix, it will
send the update to a goroutine which is responsible for updating the K8s
apiserver with the status of a specific CNP.

The per-CNP updating management is performed by a goroutine which is launched
when the operator receives a creation event for the CNP from its Kubernetes
watcher, and stopped when the watcher receives a deletion event. On deletion,
the prefix of
`cilium/state/cnpstatuses/v2/<UUID of CNP structure>/<namespace>/<name>` is
deleted from the key-value store. If a node is deleted, there is separate logic
already present in `cilium-operator` which will GC old nodes from CNPNodeStatus.

Upon spawning of this goroutine, a shared-store which is launched at operator
bootstrap is used to ensure that we do not miss an... (continued)

26156 of 57880 relevant lines covered (45.19%)

1542.72 hits per line

Jobs
ID Job ID Ran Files Coverage
1 11661.1 0
45.19
 Travis Job 11661.1
Source Files on build 11661
Detailed source file information is not available for this build.