kubernetes-retired / cluster-api-provider-nested

Cluster API Provider for Nested Clusters
Apache License 2.0
301 stars 67 forks source link

🐛 Pod Mutator has order requirements #318

Closed wondywang closed 2 years ago

wondywang commented 2 years ago

What steps did you take and what happened: Because the PodServiceLinkMutatorPlugin PodMutator is executed later than PodMutateDefault, the enableServiceLinks switch does not take effect, and the Services in the namespace where the pPod is located is injected into the Pod as an environment variable.

func (c *controller) reconcilePodCreate(clusterName, targetNamespace, requestUID string, vPod *corev1.Pod) error {
    // ...

    var ms = append([]conversion.PodMutator{
        conversion.PodMutateDefault(vPod, pSecretMap, services, nameServer, c.Config.DNSOptions),
    }, c.podMutators...)

    err = conversion.VC(c.MultiClusterController, clusterName).Pod(pPod, vPod).Mutate(ms...)
    // ...
}

func PodMutateDefault(vPod *v1.Pod, saSecretMap map[string]string, services []*v1.Service, nameServer string, dnsOption []v1.PodDNSConfigOption) PodMutator {
    return func(p *PodMutateCtx) error {

        // here, pPod.Spec.EnableServiceLinks determines whether Services need to be injected as environment variables.
        apiServerClusterIP, serviceEnv := getServiceEnvVarMap(p.PPod.Namespace, p.ClusterName, p.PPod.Spec.EnableServiceLinks, services)

        // ...

        return nil
    }
}

Pod Mutator has order requirements. Pod.Spec.EnableServiceLinks needs to be set before PodMutateDefault.

What did you expect to happen: PodServiceLinkMutatorPlugin PodMutator run before PodMutateDefault, or PodMutator executes in order.

/kind bug

wondywang commented 2 years ago

/assign @m-messiah would you be able to take a look? thanks