search

kubeslice / worker-operator

Kubeslice Worker Operator Opensource Repository: The KubeSlice Worker Operator is a Kubernetes operator that manages the lifecycle of KubeSlice worker clusters.
Apache License 2.0
58 stars 19 forks source link

Bug: Refactor NetworkPolicy reconciler #372

Open Rahul-D78 opened 2 months ago

Rahul-D78 commented 2 months ago

πŸ“œ Description

Currently, the NetworkPolicy reconciler is updating the NetworkPolicy resource in the application namespace even if there is no change. It also updates the slice.Status.NetworkPoliciesInstalled field to true during each reconciliation interval. And generating events and logs in the for loop.

πŸ‘Ÿ Reproduction steps

Create a slice resource and onboard few application namespaces. You can see logs like Installed netpol for namespace successfully and Updated network policy very frequently.

πŸ‘ Expected behavior

It should update the NetworkPolicy and Slice resource conditionally when update is required. And generate the logs and events after the create / update rather than generating inside a for loop.

πŸ‘Ž Actual Behavior

Currently the reconciler is performing the update calls to the k8s api server very frequently. Which might impact the performance if the number of resources grows.

🐚 Relevant log output

No response

Version

No response

πŸ–₯️ What operating system are you seeing the problem on?

No response

βœ… Proposed Solution

The below line can be simlified by checking if the NetworkPoliciesInstalled field is false then only set it to true.

Before:

slice.Status.NetworkPoliciesInstalled = true
return r.Status().Update(ctx, slice)

After:

if !slice.Status.NetworkPoliciesInstalled {
    slice.Status.NetworkPoliciesInstalled = true
    return r.Status().Update(ctx, slice)
}
return nil

Instead of generating log in a for we can generate it after the netpol resource got created for the first time, Currently It is generating logs and event for each iteration for both create and update.

for _, appNsObj := range appNsList.Items {
    err = r.installSliceNetworkPolicyInAppNs(ctx, slice, appNsObj.ObjectMeta.Name)
    if err != nil {
           ....
        }
    utils.RecordEvent(ctx, r.EventRecorder, slice, nil, ossEvents.EventNetPolAdded, "slice_reconciler")
    log.Info("Installed netpol for namespace successfully", "namespace", appNsObj.ObjectMeta.Name)
}

In the installSliceNetworkPolicyInAppNs method we are updating the resource in each reconciliation interval, Instead we can get the actual resource if it not found then we can create it else we can compare it with the constructed resource and update it if it not equal. This line log.Info("Updated network policy", "namespace", appNs) can be called when there is an update.

πŸ‘€ Have you spent some time to check if this issue has been raised before?

Code of Conduct

BhavyaBh289 commented 2 months ago

I am interested in solving this issue and as a beginner can you guide me to solve this bug.

narmidm commented 2 months ago

sure @BhavyaBh289. I have assigned this issue to you. Let us know @BhavyaBh289, if you need any help with this issue or you can connect directly with @Rahul-D78 for any discussion on slack channel.

BhavyaBh289 commented 2 months ago

How Do I start solving this bug and from Where can i get details for the Above And which will be good place to start this ?

narmidm commented 2 months ago

@BhavyaBh289 we can start discussion about the issue. If you are not in slack channel & ping @Rahul-D78 - https://kubernetes.slack.com/team/U023ELMEKM4 he will help you out.

Rahul-D78 commented 2 months ago

Hey @BhavyaBh289 first you need to deploy kubeslice on your local cluster. You can refer the official doc page for the installation https://kubeslice.io/documentation/open-source/1.3.0/category/prerequisites https://kubeslice.io/documentation/open-source/1.3.0/category/install-kubeslice/

Then you can create a slice and you have to made changes in the https://github.com/kubeslice/worker-operator/blob/master/controllers/slice/namespaces.go file.