Skip to content

feat: add controller namespace field to infrastructure render #5937

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
May 9, 2025
Merged

feat: add controller namespace field to infrastructure render #5937

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
5560eec
Add controller namespace to infra
cnvergence Apr 30, 2025
d8649fc
make gen
cnvergence May 6, 2025
ef9403f
rebase code and add controller namespace helper
cnvergence May 8, 2025
9555e0f
rename to envoy namespace
cnvergence May 8, 2025
dfc11ce
rename to ControllerNamespace
cnvergence May 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 7 additions & 7 deletions internal/infrastructure/kubernetes/infra.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,8 @@ type ResourceRender interface {
// Infra manages the creation and deletion of Kubernetes infrastructure
// based on Infra IR resources.
type Infra struct {
// Namespace is the Namespace used for managed infra.
Namespace string
// ControllerNamespace is the namespace where Envoy Gateway is deployed.
ControllerNamespace string

// DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local".
DNSDomain string
Expand All @@ -65,11 +65,11 @@ func NewInfra(cli client.Client, cfg *config.Server) *Infra {
return &Infra{
// Always set infra namespace to cfg.ControllerNamespace,
// Otherwise RateLimit resource provider will failed to create/delete.
Namespace: cfg.ControllerNamespace,
DNSDomain: cfg.DNSDomain,
EnvoyGateway: cfg.EnvoyGateway,
Client: New(cli),
logger: cfg.Logger.WithName(string(egv1a1.LogComponentInfrastructureRunner)),
ControllerNamespace: cfg.ControllerNamespace,
DNSDomain: cfg.DNSDomain,
EnvoyGateway: cfg.EnvoyGateway,
Client: New(cli),
logger: cfg.Logger.WithName(string(egv1a1.LogComponentInfrastructureRunner)),
}
}

Expand Down
40 changes: 7 additions & 33 deletions internal/infrastructure/kubernetes/proxy/resource.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ func enablePrometheus(infra *ir.ProxyInfra) bool {
func expectedProxyContainers(infra *ir.ProxyInfra,
containerSpec *egv1a1.KubernetesContainerSpec,
shutdownConfig *egv1a1.ShutdownConfig, shutdownManager *egv1a1.ShutdownManager,
egNamespace, dnsDomain string, gatewayNamespaceMode bool,
controllerNamespace, dnsDomain string, gatewayNamespaceMode bool,
) ([]corev1.Container, error) {
ports := make([]corev1.ContainerPort, 0, 2)
if enablePrometheus(infra) {
Expand All @@ -108,10 +108,6 @@ func expectedProxyContainers(infra *ir.ProxyInfra,
}

maxHeapSizeBytes := calculateMaxHeapSizeBytes(containerSpec.Resources)

if gatewayNamespaceMode {
egNamespace = config.DefaultNamespace
}
// Get the default Bootstrap
bootstrapConfigOptions := &bootstrap.RenderBootstrapConfigOptions{
ProxyMetrics: proxyMetrics,
Expand All @@ -120,7 +116,7 @@ func expectedProxyContainers(infra *ir.ProxyInfra,
TrustedCA: filepath.Join("/sds", common.SdsCAFilename),
},
MaxHeapSizeBytes: maxHeapSizeBytes,
XdsServerHost: ptr.To(fmt.Sprintf("%s.%s.svc.%s", config.EnvoyGatewayServiceName, egNamespace, dnsDomain)),
XdsServerHost: ptr.To(fmt.Sprintf("%s.%s.svc.%s", config.EnvoyGatewayServiceName, controllerNamespace, dnsDomain)),
}

args, err := common.BuildProxyArgs(infra, shutdownConfig, bootstrapConfigOptions, fmt.Sprintf("$(%s)", envoyPodEnvVar), gatewayNamespaceMode)
Expand All @@ -135,7 +131,7 @@ func expectedProxyContainers(infra *ir.ProxyInfra,
ImagePullPolicy: corev1.PullIfNotPresent,
Command: []string{"envoy"},
Args: args,
Env: expectedContainerEnv(containerSpec, gatewayNamespaceMode),
Env: expectedContainerEnv(containerSpec, controllerNamespace),
Resources: *containerSpec.Resources,
SecurityContext: expectedEnvoySecurityContext(containerSpec),
Ports: ports,
Expand Down Expand Up @@ -197,7 +193,7 @@ func expectedProxyContainers(infra *ir.ProxyInfra,
ImagePullPolicy: corev1.PullIfNotPresent,
Command: []string{"envoy-gateway"},
Args: expectedShutdownManagerArgs(shutdownConfig),
Env: expectedContainerEnv(nil, gatewayNamespaceMode),
Env: expectedContainerEnv(nil, controllerNamespace),
Resources: *egv1a1.DefaultShutdownManagerContainerResourceRequirements(),
TerminationMessagePolicy: corev1.TerminationMessageReadFile,
TerminationMessagePath: "/dev/termination-log",
Expand Down Expand Up @@ -413,16 +409,11 @@ func expectedVolumes(name string, gatewayNamespacedMode bool, pod *egv1a1.Kubern
}

// expectedContainerEnv returns expected proxy container envs.
func expectedContainerEnv(containerSpec *egv1a1.KubernetesContainerSpec, gatewayNamespaceMode bool) []corev1.EnvVar {
func expectedContainerEnv(containerSpec *egv1a1.KubernetesContainerSpec, controllerNamespace string) []corev1.EnvVar {
env := []corev1.EnvVar{
{
Name: envoyNsEnvVar,
ValueFrom: &corev1.EnvVarSource{
FieldRef: &corev1.ObjectFieldSelector{
APIVersion: "v1",
FieldPath: "metadata.namespace",
},
},
Name: envoyNsEnvVar,
Value: controllerNamespace,
},
{
Name: envoyZoneEnvVar,
Expand All @@ -434,23 +425,6 @@ func expectedContainerEnv(containerSpec *egv1a1.KubernetesContainerSpec, gateway
},
},
}
if gatewayNamespaceMode {
env = []corev1.EnvVar{
{
Name: envoyNsEnvVar,
Value: config.DefaultNamespace,
},
{
Name: envoyZoneEnvVar,
ValueFrom: &corev1.EnvVarSource{
FieldRef: &corev1.ObjectFieldSelector{
APIVersion: "v1",
FieldPath: fmt.Sprintf("metadata.labels['%s']", corev1.LabelTopologyZone),
},
},
},
}
}

env = append(env, corev1.EnvVar{
Name: envoyPodEnvVar,
Expand Down
22 changes: 15 additions & 7 deletions internal/infrastructure/kubernetes/proxy/resource_provider.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,11 @@ const (
type ResourceRender struct {
infra *ir.ProxyInfra

// namespace is the Namespace used for managed infra.
namespace string
// envoyNamespace is the namespace used for managed infra.
envoyNamespace string

// controllerNamespace is the namespace used for Envoy Gateway controller.
controllerNamespace string

// DNSDomain is the dns domain used by k8s services. Defaults to "cluster.local".
DNSDomain string
Expand All @@ -57,9 +60,10 @@ type ResourceRender struct {
GatewayNamespaceMode bool
}

func NewResourceRender(ns, dnsDomain string, infra *ir.ProxyInfra, gateway *egv1a1.EnvoyGateway) *ResourceRender {
func NewResourceRender(envoyNamespace, controllerNamespace, dnsDomain string, infra *ir.ProxyInfra, gateway *egv1a1.EnvoyGateway) *ResourceRender {
return &ResourceRender{
namespace: ns,
envoyNamespace: envoyNamespace,
controllerNamespace: controllerNamespace,
DNSDomain: dnsDomain,
infra: infra,
ShutdownManager: gateway.GetEnvoyGatewayProvider().GetEnvoyGatewayKubeProvider().ShutdownManager,
Expand All @@ -72,7 +76,11 @@ func (r *ResourceRender) Name() string {
}

func (r *ResourceRender) Namespace() string {
return r.namespace
return r.envoyNamespace
}

func (r *ResourceRender) ControllerNamespace() string {
return r.controllerNamespace
}

func (r *ResourceRender) LabelSelector() labels.Selector {
Expand Down Expand Up @@ -284,7 +292,7 @@ func (r *ResourceRender) Deployment() (*appsv1.Deployment, error) {
}

// Get expected bootstrap configurations rendered ProxyContainers
containers, err := expectedProxyContainers(r.infra, deploymentConfig.Container, proxyConfig.Spec.Shutdown, r.ShutdownManager, r.Namespace(), r.DNSDomain, r.GatewayNamespaceMode)
containers, err := expectedProxyContainers(r.infra, deploymentConfig.Container, proxyConfig.Spec.Shutdown, r.ShutdownManager, r.ControllerNamespace(), r.DNSDomain, r.GatewayNamespaceMode)
if err != nil {
return nil, err
}
Expand Down Expand Up @@ -372,7 +380,7 @@ func (r *ResourceRender) DaemonSet() (*appsv1.DaemonSet, error) {
}

// Get expected bootstrap configurations rendered ProxyContainers
containers, err := expectedProxyContainers(r.infra, daemonSetConfig.Container, proxyConfig.Spec.Shutdown, r.ShutdownManager, r.Namespace(), r.DNSDomain, r.GatewayNamespaceMode)
containers, err := expectedProxyContainers(r.infra, daemonSetConfig.Container, proxyConfig.Spec.Shutdown, r.ShutdownManager, r.ControllerNamespace(), r.DNSDomain, r.GatewayNamespaceMode)
if err != nil {
return nil, err
}
Expand Down
23 changes: 13 additions & 10 deletions internal/infrastructure/kubernetes/proxy/resource_provider_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,11 @@ func newTestInfra() *ir.Infra {
}

func newTestInfraWithNamespace(namespace string) *ir.Infra {
i := newTestInfra()
i := ir.NewInfra()
i.Proxy.Namespace = namespace
i.Proxy.GetProxyMetadata().Labels[gatewayapi.OwningGatewayNamespaceLabel] = namespace
i.Proxy.GetProxyMetadata().Labels[gatewayapi.OwningGatewayNameLabel] = i.Proxy.Name

return i
}

Expand Down Expand Up @@ -614,7 +617,7 @@ func TestDeployment(t *testing.T) {
if len(tc.extraArgs) > 0 {
tc.infra.Proxy.Config.Spec.ExtraArgs = tc.extraArgs
}
namespace := cfg.ControllerNamespace
infraNamespace := cfg.ControllerNamespace
if tc.gatewayNamespaceMode {
deployType := egv1a1.KubernetesDeployModeType(egv1a1.KubernetesDeployModeTypeGatewayNamespace)
cfg.EnvoyGateway.Provider = &egv1a1.EnvoyGatewayProvider{
Expand All @@ -625,10 +628,10 @@ func TestDeployment(t *testing.T) {
},
},
}
namespace = tc.infra.GetProxyInfra().Namespace
infraNamespace = tc.infra.GetProxyInfra().Namespace
}

r := NewResourceRender(namespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
r := NewResourceRender(infraNamespace, cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
dp, err := r.Deployment()
require.NoError(t, err)

Expand Down Expand Up @@ -1057,7 +1060,7 @@ func TestDaemonSet(t *testing.T) {
tc.infra.Proxy.Config.Spec.ExtraArgs = tc.extraArgs
}

r := NewResourceRender(cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
r := NewResourceRender(cfg.ControllerNamespace, cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
ds, err := r.DaemonSet()
require.NoError(t, err)

Expand Down Expand Up @@ -1222,7 +1225,7 @@ func TestService(t *testing.T) {
provider.EnvoyService = tc.service
}

r := NewResourceRender(cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
r := NewResourceRender(cfg.ControllerNamespace, cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
svc, err := r.Service()
require.NoError(t, err)

Expand Down Expand Up @@ -1265,7 +1268,7 @@ func TestConfigMap(t *testing.T) {

for _, tc := range cases {
t.Run(tc.name, func(t *testing.T) {
r := NewResourceRender(cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
r := NewResourceRender(cfg.ControllerNamespace, cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
cm, err := r.ConfigMap("")
require.NoError(t, err)

Expand Down Expand Up @@ -1328,7 +1331,7 @@ func TestServiceAccount(t *testing.T) {
}
ns = tc.infra.GetProxyInfra().Namespace
}
r := NewResourceRender(ns, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
r := NewResourceRender(ns, cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
sa, err := r.ServiceAccount()
require.NoError(t, err)

Expand Down Expand Up @@ -1452,7 +1455,7 @@ func TestPDB(t *testing.T) {

provider.GetEnvoyProxyKubeProvider()

r := NewResourceRender(cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
r := NewResourceRender(cfg.ControllerNamespace, cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)

pdb, err := r.PodDisruptionBudget()
require.NoError(t, err)
Expand Down Expand Up @@ -1564,7 +1567,7 @@ func TestHorizontalPodAutoscaler(t *testing.T) {
}
provider.GetEnvoyProxyKubeProvider()

r := NewResourceRender(cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
r := NewResourceRender(cfg.ControllerNamespace, cfg.ControllerNamespace, cfg.DNSDomain, tc.infra.GetProxyInfra(), cfg.EnvoyGateway)
hpa, err := r.HorizontalPodAutoscaler()
require.NoError(t, err)

Expand Down
10 changes: 2 additions & 8 deletions internal/infrastructure/kubernetes/proxy/testdata/daemonsets/component-level.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,10 +46,7 @@ spec:
- envoy
env:
- name: ENVOY_GATEWAY_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
value: envoy-gateway-system
- name: ENVOY_SERVICE_ZONE
valueFrom:
fieldRef:
Expand Down Expand Up @@ -133,10 +130,7 @@ spec:
- envoy-gateway
env:
- name: ENVOY_GATEWAY_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
value: envoy-gateway-system
- name: ENVOY_SERVICE_ZONE
valueFrom:
fieldRef:
Expand Down
10 changes: 2 additions & 8 deletions internal/infrastructure/kubernetes/proxy/testdata/daemonsets/custom.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -249,10 +249,7 @@ spec:
- envoy
env:
- name: ENVOY_GATEWAY_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
value: envoy-gateway-system
- name: ENVOY_SERVICE_ZONE
valueFrom:
fieldRef:
Expand Down Expand Up @@ -330,10 +327,7 @@ spec:
- envoy-gateway
env:
- name: ENVOY_GATEWAY_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
value: envoy-gateway-system
- name: ENVOY_SERVICE_ZONE
valueFrom:
fieldRef:
Expand Down
10 changes: 2 additions & 8 deletions internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default-env.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -248,10 +248,7 @@ spec:
- envoy
env:
- name: ENVOY_GATEWAY_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
value: envoy-gateway-system
- name: ENVOY_SERVICE_ZONE
valueFrom:
fieldRef:
Expand Down Expand Up @@ -329,10 +326,7 @@ spec:
- envoy-gateway
env:
- name: ENVOY_GATEWAY_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
value: envoy-gateway-system
- name: ENVOY_SERVICE_ZONE
valueFrom:
fieldRef:
Expand Down
10 changes: 2 additions & 8 deletions internal/infrastructure/kubernetes/proxy/testdata/daemonsets/default.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -233,10 +233,7 @@ spec:
- envoy
env:
- name: ENVOY_GATEWAY_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
value: envoy-gateway-system
- name: ENVOY_SERVICE_ZONE
valueFrom:
fieldRef:
Expand Down Expand Up @@ -320,10 +317,7 @@ spec:
- envoy-gateway
env:
- name: ENVOY_GATEWAY_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
value: envoy-gateway-system
- name: ENVOY_SERVICE_ZONE
valueFrom:
fieldRef:
Expand Down
10 changes: 2 additions & 8 deletions internal/infrastructure/kubernetes/proxy/testdata/daemonsets/disable-prometheus.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -182,10 +182,7 @@ spec:
- envoy
env:
- name: ENVOY_GATEWAY_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
value: envoy-gateway-system
- name: ENVOY_SERVICE_ZONE
valueFrom:
fieldRef:
Expand Down Expand Up @@ -266,10 +263,7 @@ spec:
- envoy-gateway
env:
- name: ENVOY_GATEWAY_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
value: envoy-gateway-system
- name: ENVOY_SERVICE_ZONE
valueFrom:
fieldRef:
Expand Down
Loading