refactor

tigera · Nov 9, 2023 · b6b32bc · b6b32bc
1 parent 964719d
commit b6b32bc
Show file tree

Hide file tree

Showing 11 changed files with 175 additions and 95 deletions.
diff --git a/api/v1/installation_types.go b/api/v1/installation_types.go
@@ -403,8 +403,11 @@ const (
 	WindowsDataplaneHNS      WindowsDataplaneOption = "HNS"
 )
 
-// +kubebuilder:validation:Enum=net.ipv4.tcp_keepalive_intvl;net.ipv4.tcp_keepalive_probes;net.ipv4.tcp_keepalive_time
-type SysctlTuningKey string
+type Sysctl struct {
+	// +kubebuilder:validation:Enum=net.ipv4.tcp_keepalive_intvl;net.ipv4.tcp_keepalive_probes;net.ipv4.tcp_keepalive_time
+	Key   string `json:"key"`
+	Value string `json:"value"`
+}
 
 // CalicoNetworkSpec specifies configuration options for Calico provided pod networking.
 type CalicoNetworkSpec struct {
@@ -467,9 +470,9 @@ type CalicoNetworkSpec struct {
 	// +kubebuilder:validation:Enum=Enabled;Disabled
 	ContainerIPForwarding *ContainerIPForwardingType `json:"containerIPForwarding,omitempty"`
 
-	// SysctlTuning configures sysctl parameters for tuning plugin
+	// Sysctl configures sysctl parameters for tuning plugin
 	// +optional
-	SysctlTuning *map[SysctlTuningKey]string `json:"sysctlTuning,omitempty"`
+	Sysctl []Sysctl `json:"sysctl,omitempty"`
 }
 
 // NodeAddressAutodetection provides configuration options for auto-detecting node addresses. At most one option

diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go
diff --git a/pkg/controller/installation/validation.go b/pkg/controller/installation/validation.go
@@ -337,25 +337,20 @@ func validateCustomResource(instance *operatorv1.Installation) error {
 			}
 		}
 
-		type TuningSpec struct {
-			Sysctl *map[operatorv1.SysctlTuningKey]string `json:"sysctl,omitempty"`
-			Type   string                                 `json:"type"`
-		}
-
-		if instance.Spec.CalicoNetwork.SysctlTuning != nil {
+		if instance.Spec.CalicoNetwork.Sysctl != nil {
 			// CNI tuning plugin
-			pluginData := instance.Spec.CalicoNetwork.SysctlTuning
+			pluginData := instance.Spec.CalicoNetwork.Sysctl
 
 			// sysctl settings
-			allowedKeys := map[operatorv1.SysctlTuningKey]struct{}{
-				"net.ipv4.tcp_keepalive_intvl":  {},
-				"net.ipv4.tcp_keepalive_probes": {},
-				"net.ipv4.tcp_keepalive_time":   {},
+			allowedKeys := map[string]bool{
+				"net.ipv4.tcp_keepalive_intvl":  true,
+				"net.ipv4.tcp_keepalive_probes": true,
+				"net.ipv4.tcp_keepalive_time":   true,
 			}
 
-			for key, value := range *pluginData {
-				if _, allowed := allowedKeys[key]; !allowed {
-					return fmt.Errorf("value %s not allowed in spec.calicoNetwork.sysctlTuning", value)
+			for _, setting := range pluginData {
+				if allowedKeys[setting.Key] {
+					return fmt.Errorf("key %s is not allowed in spec.calicoNetwork.sysctl", setting.Key)
 				}
 			}
 

diff --git a/pkg/controller/installation/validation_test.go b/pkg/controller/installation/validation_test.go
@@ -412,10 +412,18 @@ var _ = Describe("Installation validation tests", func() {
 	})
 
 	It("should error on not-allowed CNI sysctl tuning plugin config", func() {
-		instance.Spec.CalicoNetwork.SysctlTuning = &map[operator.SysctlTuningKey]string{
-			"net.ipv4.not_allowed_setting":  "15",
-			"net.ipv4.tcp_keepalive_probes": "6",
-			"net.ipv4.tcp_keepalive_time":   "40",
+		instance.Spec.CalicoNetwork.Sysctl = []operator.Sysctl{
+			{
+				Key:   "net.ipv4.tcp_keepalive_intvl",
+				Value: "15",
+			}, {
+				Key:   "net.ipv4.tcp_keepalive_probes",
+				Value: "6",
+			},
+			{
+				Key:   "net.ipv4.tcp_keepalive_time",
+				Value: "40",
+			},
 		}
 		err := validateCustomResource(instance)
 		Expect(err).To(HaveOccurred())

diff --git a/pkg/controller/migration/convert/network.go b/pkg/controller/migration/convert/network.go
@@ -200,8 +200,8 @@ func handleCalicoCNI(c *components, install *operatorv1.Installation) error {
 	}
 
 	type TuningSpec struct {
-		Sysctl *map[operatorv1.SysctlTuningKey]string `json:"sysctl,omitempty"`
-		Type   string                                 `json:"type"`
+		Sysctl []operatorv1.Sysctl `json:"sysctl,omitempty"`
+		Type   string              `json:"type"`
 	}
 
 	// CNI tuning plugin
@@ -218,20 +218,20 @@ func handleCalicoCNI(c *components, install *operatorv1.Installation) error {
 		}
 
 		// sysctl settings
-		allowedKeys := map[operatorv1.SysctlTuningKey]struct{}{
-			"net.ipv4.tcp_keepalive_intvl":  {},
-			"net.ipv4.tcp_keepalive_probes": {},
-			"net.ipv4.tcp_keepalive_time":   {},
+		allowedKeys := map[string]bool{
+			"net.ipv4.tcp_keepalive_intvl":  true,
+			"net.ipv4.tcp_keepalive_probes": true,
+			"net.ipv4.tcp_keepalive_time":   true,
 		}
-		sysctlTuning := make(map[operatorv1.SysctlTuningKey]string)
-		for key, value := range *tuningSpecData.Sysctl {
-			if _, allowed := allowedKeys[key]; allowed {
-				sysctlTuning[key] = value
+		sysctlTuning := []operatorv1.Sysctl{}
+		for _, setting := range tuningSpecData.Sysctl {
+			if allowedKeys[setting.Key] {
+				return fmt.Errorf("key %s is not allowed in spec.calicoNetwork.sysctl", setting.Key)
 			}
 		}
 
 		if len(sysctlTuning) > 0 {
-			install.Spec.CalicoNetwork.SysctlTuning = &sysctlTuning
+			install.Spec.CalicoNetwork.Sysctl = sysctlTuning
 		}
 	}
 

diff --git a/pkg/controller/migration/convert/network_test.go b/pkg/controller/migration/convert/network_test.go
@@ -1,4 +1,4 @@
-// Copyright (c) 2022 Tigera, Inc. All rights reserved.
+// Copyright (c) 2023 Tigera, Inc. All rights reserved.
 
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -782,11 +782,20 @@ var _ = Describe("Convert network tests", func() {
   },
   {
 	"type": "tuning",
-	"sysctl": {
-		"net.ipv4.tcp_keepalive_intvl": "15",
-		"net.ipv4.tcp_keepalive_probes": "6",
-		"net.ipv4.tcp_keepalive_time": "40"
-	}
+	"sysctl": [
+		  {
+			"key": "net.ipv4.tcp_keepalive_intvl",
+			"value": "15"
+		  },
+		  {
+			"key": "net.ipv4.tcp_keepalive_probes",
+			"value": "6"
+		  },
+		  {
+			"key": "net.ipv4.tcp_keepalive_time",
+			"value": "40"
+		  }
+		]
   }
   ]
 }`,
@@ -795,11 +804,19 @@ var _ = Describe("Convert network tests", func() {
 					cfg, err := Convert(ctx, c)
 					Expect(err).ToNot(HaveOccurred())
 					Expect(cfg).ToNot(BeNil())
-					Expect(cfg.Spec.CalicoNetwork.SysctlTuning).ToNot(BeNil())
-					Expect(*cfg.Spec.CalicoNetwork.SysctlTuning).To(Equal(map[string]string{
-						"net.ipv4.tcp_keepalive_time":   "40",
-						"net.ipv4.tcp_keepalive_intvl":  "15",
-						"net.ipv4.tcp_keepalive_probes": "6",
+					Expect(cfg.Spec.CalicoNetwork.Sysctl).ToNot(BeNil())
+					Expect(cfg.Spec.CalicoNetwork.Sysctl).To(Equal([]operatorv1.Sysctl{
+						{
+							Key:   "net.ipv4.tcp_keepalive_intvl",
+							Value: "15",
+						}, {
+							Key:   "net.ipv4.tcp_keepalive_probes",
+							Value: "6",
+						},
+						{
+							Key:   "net.ipv4.tcp_keepalive_time",
+							Value: "40",
+						},
 					}))
 				})
 
@@ -829,9 +846,12 @@ var _ = Describe("Convert network tests", func() {
 },
 {
 	"type": "tuning",
-	"sysctl": {
-		"net.ipv4.not_allowed": "40"
-	}
+	"sysctl": [
+		{
+		  "key": "net.ipv4.not_allowed",
+		  "value": "40"
+		}
+	]
   }
 ]
 }`,
@@ -840,7 +860,7 @@ var _ = Describe("Convert network tests", func() {
 					cfg, err := Convert(ctx, c)
 					Expect(err).ToNot(HaveOccurred())
 					Expect(cfg).ToNot(BeNil())
-					Expect(cfg.Spec.CalicoNetwork.SysctlTuning).To(BeNil())
+					Expect(cfg.Spec.CalicoNetwork.Sysctl).To(BeNil())
 				})
 
 				It("not allowed sysctl tuning in config", func() {
@@ -874,7 +894,7 @@ var _ = Describe("Convert network tests", func() {
 					cfg, err := Convert(ctx, c)
 					Expect(err).ToNot(HaveOccurred())
 					Expect(cfg).ToNot(BeNil())
-					Expect(cfg.Spec.CalicoNetwork.SysctlTuning).To(BeNil())
+					Expect(cfg.Spec.CalicoNetwork.Sysctl).To(BeNil())
 				})
 			})
 

diff --git a/pkg/controller/utils/merge.go b/pkg/controller/utils/merge.go
@@ -303,9 +303,9 @@ func mergeCalicoNetwork(cfg, override *operatorv1.CalicoNetworkSpec) *operatorv1
 		out.ContainerIPForwarding = override.ContainerIPForwarding
 	}
 
-	switch compareFields(out.SysctlTuning, override.SysctlTuning) {
+	switch compareFields(out.Sysctl, override.Sysctl) {
 	case BOnlySet, Different:
-		out.SysctlTuning = override.SysctlTuning
+		out.Sysctl = override.Sysctl
 	}
 	return out
 }

diff --git a/pkg/controller/utils/merge_test.go b/pkg/controller/utils/merge_test.go
@@ -479,26 +479,34 @@ var _ = Describe("Installation merge tests", func() {
 				}),
 		)
 
-		_sysctlTuningA := map[opv1.SysctlTuningKey]string{
-			"net.ipv4.tcp_keepalive_time":   "40",
-			"net.ipv4.tcp_keepalive_intvl":  "15",
-			"net.ipv4.tcp_keepalive_probes": "6",
+		_sysctlTuningA := []opv1.Sysctl{
+			{
+				Key:   "net.ipv4.tcp_keepalive_intvl",
+				Value: "15",
+			}, {
+				Key:   "net.ipv4.tcp_keepalive_probes",
+				Value: "6",
+			},
+			{
+				Key:   "net.ipv4.tcp_keepalive_time",
+				Value: "40",
+			},
 		}
-		_sysctlTuningB := map[opv1.SysctlTuningKey]string{}
-		DescribeTable("merge CNI Tuning", func(main, second, expect *map[opv1.SysctlTuningKey]string) {
+		_sysctlTuningB := []opv1.Sysctl{}
+		DescribeTable("merge CNI Tuning", func(main, second, expect []opv1.Sysctl) {
 			m := opv1.InstallationSpec{}
 			s := opv1.InstallationSpec{}
 			if main != nil {
-				m.CalicoNetwork = &opv1.CalicoNetworkSpec{SysctlTuning: main}
+				m.CalicoNetwork = &opv1.CalicoNetworkSpec{Sysctl: main}
 			}
 			if second != nil {
-				s.CalicoNetwork = &opv1.CalicoNetworkSpec{SysctlTuning: second}
+				s.CalicoNetwork = &opv1.CalicoNetworkSpec{Sysctl: second}
 			}
 			inst := OverrideInstallationSpec(m, s)
 			if expect == nil {
 				Expect(inst.CalicoNetwork).To(BeNil())
 			} else {
-				Expect(*inst.CalicoNetwork.SysctlTuning).To(Equal(*expect))
+				Expect(inst.CalicoNetwork.Sysctl).To(Equal(expect))
 			}
 		},
 			Entry("Both unset", nil, nil, nil),

diff --git a/pkg/crds/operator/operator.tigera.io_installations.yaml b/pkg/crds/operator/operator.tigera.io_installations.yaml
@@ -1483,12 +1483,23 @@ spec:
                           on interfaces that do not match the given regex.
                         type: string
                     type: object
-                  sysctlTuning:
-                    additionalProperties:
-                      type: string
-                    description: SysctlTuning configures sysctl parameters for tuning
-                      plugin
-                    type: object
+                  sysctl:
+                    description: Sysctl configures sysctl parameters for tuning plugin
+                    items:
+                      properties:
+                        key:
+                          enum:
+                          - net.ipv4.tcp_keepalive_intvl
+                          - net.ipv4.tcp_keepalive_probes
+                          - net.ipv4.tcp_keepalive_time
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - key
+                      - value
+                      type: object
+                    type: array
                   windowsDataplane:
                     description: 'WindowsDataplane is used to select the dataplane
                       used for Windows nodes. In particular, it causes the operator
@@ -10591,12 +10602,24 @@ spec:
                               on interfaces that do not match the given regex.
                             type: string
                         type: object
-                      sysctlTuning:
-                        additionalProperties:
-                          type: string
-                        description: SysctlTuning configures sysctl parameters for
-                          tuning plugin
-                        type: object
+                      sysctl:
+                        description: Sysctl configures sysctl parameters for tuning
+                          plugin
+                        items:
+                          properties:
+                            key:
+                              enum:
+                              - net.ipv4.tcp_keepalive_intvl
+                              - net.ipv4.tcp_keepalive_probes
+                              - net.ipv4.tcp_keepalive_time
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - key
+                          - value
+                          type: object
+                        type: array
                       windowsDataplane:
                         description: 'WindowsDataplane is used to select the dataplane
                           used for Windows nodes. In particular, it causes the operator

diff --git a/pkg/render/node.go b/pkg/render/node.go
@@ -716,9 +716,9 @@ func (c *nodeComponent) createTuningPlugin() map[string]interface{} {
 	// tuning plugin (sysctl)
 	tuningPlugin := map[string]interface{}{
 		"type":   "tuning",
-		"sysctl": map[string]string{},
+		"sysctl": []operatorv1.Sysctl{},
 	}
-	tuningPlugin["sysctl"] = *c.cfg.Installation.CalicoNetwork.SysctlTuning
+	tuningPlugin["sysctl"] = c.cfg.Installation.CalicoNetwork.Sysctl
 
 	return tuningPlugin
 }
@@ -742,7 +742,7 @@ func (c *nodeComponent) nodeCNIConfigMap() *corev1.ConfigMap {
 	}
 
 	// optional tuning plugin
-	if c.cfg.Installation.CalicoNetwork.SysctlTuning != nil {
+	if c.cfg.Installation.CalicoNetwork.Sysctl != nil {
 		plugins = append(plugins, c.createTuningPlugin())
 	}