infra/node-external-ip-controller
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: infra:924c24b16bff1edde14fdad635a028cf5069118b
Branches Tags
infra:main
..
compare: infra:main
Branches Tags
infra:main

15 Commits
924c24b16b ... main

Author SHA1 Message Date
Malar Invention
5045de1a64 fix: bug 2025-01-12 20:08:37 +05:30
Malar Invention
a92fd0bff0 fix: traceback if unexpected error 2025-01-12 20:07:17 +05:30
Malar Invention
d636f4b59a fix: consider zlan ip when updating 2025-01-12 20:03:46 +05:30
Malar Invention
ebd9797d59 fix: logs 2025-01-12 19:49:19 +05:30
Malar Invention
bb50947391 fix: log only if updating 2025-01-12 19:41:05 +05:30
Malar Invention
799071601e fix: if no ip exists set empty set 2025-01-12 19:40:00 +05:30
Malar Invention
15ad2e5902 fix: compare only if ip set has changed 2025-01-12 19:34:16 +05:30
Malar Invention
971cbb667f fix: edge cases 2025-01-12 19:19:32 +05:30
Malar Invention
69a595e708 fix: put await bug 2025-01-12 18:58:39 +05:30
Malar Invention
5832314a19 fix: update service with the last updated external_ips 2025-01-12 18:57:22 +05:30
Malar Invention
2661c264c9 fix: keep ip and selector separate 2025-01-12 18:23:19 +05:30
Malar Invention
1c1a29b2ea fix: add more log 2025-01-12 18:13:59 +05:30
Malar Invention
59dd11f353 fix: add logs for service watcher 2025-01-12 18:12:14 +05:30
Malar Invention
a1cf0467da cleanup: remove legacy sync code 2025-01-12 18:07:56 +05:30
Malar Invention
7efde36ca3 fix: add ip address validation 2025-01-12 17:47:03 +05:30
2 changed files with 46 additions and 92 deletions
Expand all files Collapse all files

76
node_external_ip_controller.py
View File

@@ -1,76 +0,0 @@
from kubernetes import client, config, watch
import os
import time
# Load in-cluster config
config.load_incluster_config()
# Set up Kubernetes API client
v1 = client.CoreV1Api()
# Configuration
SERVICE_NAME = "traefik"
NAMESPACE = "kube-system"
ANNOTATION_KEY = "kube-vip.io/loadbalancerIPs"
NODE_LABEL = "svccontroller.k3s.cattle.io/enablelb=true"
def update_service_annotation(external_ip):
# Get the current service object
service = v1.read_namespaced_service(SERVICE_NAME, NAMESPACE)
# Check if the annotation needs to be updated
current_annotation = service.metadata.annotations.get(ANNOTATION_KEY)
ipam_address = service.spec.load_balancer_ip
if ipam_address:
print(
f"service {SERVICE_NAME} has existing ipam IP: {ipam_address}", flush=True
)
target_annotation = ",".join({external_ip, ipam_address})
else:
target_annotation = external_ip
if current_annotation != target_annotation:
# Update the annotation
body = {"metadata": {"annotations": {ANNOTATION_KEY: target_annotation}}}
v1.patch_namespaced_service(SERVICE_NAME, NAMESPACE, body)
print(
f"Updated service {SERVICE_NAME} with new external IPs: {target_annotation}",
flush=True,
)
def main():
w = watch.Watch()
while True:
try:
for event in w.stream(
v1.list_node, label_selector=NODE_LABEL, _request_timeout=300
):
node = event["object"]
node_name = node.metadata.name
# Extract the external IP if it exists
external_ip = None
for address in node.status.addresses:
if address.type == "ExternalIP":
external_ip = address.address
break
if external_ip:
print(
f"Detected external IP {external_ip} for node {node_name}",
flush=True,
)
update_service_annotation(external_ip)
except client.exceptions.ApiException as e:
print(f"API Exception: {e}", flush=True)
time.sleep(5) # Wait before retrying
except Exception as e:
print(f"Unexpected error: {e}", flush=True)
time.sleep(5)
if __name__ == "__main__":
main()

62
node_external_ip_controller_async.py
View File

@@ -2,13 +2,14 @@ import asyncio
from kubernetes_asyncio import client, config, watch from kubernetes_asyncio import client, config, watch
import os import os
import logging import logging
import ipaddress
# Configuration # Configuration
ANNOTATION_KEY = os.getenv("ANNOTATION_KEY", "kube-vip.io/loadbalancerIPs") ANNOTATION_KEY = os.getenv("ANNOTATION_KEY", "kube-vip.io/loadbalancerIPs")
ZERO_GATEWAY_IP = os.getenv("ZERO_GATEWAY_IP", "172.28.10.1") ZERO_GATEWAY_IP = os.getenv("ZERO_GATEWAY_IP", "172.28.10.1")
NODE_LABEL = os.getenv("NODE_LABEL", "svccontroller.k3s.cattle.io/enablelb=true") NODE_LABEL = os.getenv("NODE_LABEL", "svccontroller.k3s.cattle.io/enablelb=true")
SERVICE_LABEL_KEY = os.getenv("SERVICE_LABEL_KEY", "zlanservice") SERVICE_LABEL = os.getenv("SERVICE_LABEL", "enablezlan=true")
SERVICE_LABEL_VALUE = os.getenv("SERVICE_LABEL_VALUE", "true") ZLAN_GATEWAY_IP_KEY = os.getenv("ZLAN_GATEWAY_IP_KEY", "zlanip")
SERVICE_REQUEST_TIMEOUT = int(os.getenv("SERVICE_REQUEST_TIMEOUT", 300)) SERVICE_REQUEST_TIMEOUT = int(os.getenv("SERVICE_REQUEST_TIMEOUT", 300))
NODE_REQUEST_TIMEOUT = int(os.getenv("NODE_REQUEST_TIMEOUT", 30)) NODE_REQUEST_TIMEOUT = int(os.getenv("NODE_REQUEST_TIMEOUT", 30))
@@ -17,20 +18,38 @@ logging.basicConfig(level=logging.DEBUG)
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
async def update_service_annotation(v1, service, external_ips): def is_valid_ip(ip):
try:
ipaddress.ip_address(ip)
return True
except ValueError:
return False
async def update_service_annotation(v1, service, external_ipset):
try: try:
service_name = service.metadata.name service_name = service.metadata.name
namespace = service.metadata.namespace namespace = service.metadata.namespace
logger.debug(f"Fetching service {service_name} in namespace {namespace}") logger.debug(f"Fetching service {service_name} in namespace {namespace}")
service_obj = await v1.read_namespaced_service(service_name, namespace) service_obj = await v1.read_namespaced_service(service_name, namespace)
current_annotation = service_obj.metadata.annotations.get(ANNOTATION_KEY) current_annotation = service_obj.metadata.annotations.get(ANNOTATION_KEY, "")
zlan_gateway_ip = service_obj.metadata.labels.get(SERVICE_LABEL_KEY) annotated_ipset = set(current_annotation.split(","))
zlan_gateway_ip = service_obj.metadata.labels.get(ZLAN_GATEWAY_IP_KEY)
logger.debug(f"Zlan Gateway IP: {zlan_gateway_ip}") logger.debug(f"Zlan Gateway IP: {zlan_gateway_ip}")
target_annotation = ",".join(external_ips) + "," + zlan_gateway_ip
logger.debug(f"Current annotation: {current_annotation}") if is_valid_ip(zlan_gateway_ip):
logger.debug(f"Target annotation: {target_annotation}") external_ipset = set(external_ipset)
if current_annotation != target_annotation: external_ipset.add(zlan_gateway_ip)
else:
logger.debug(
f"Invalid Zlan Gateway IP: {zlan_gateway_ip}, excluding from target annotation"
)
external_ips = list(external_ipset)
target_annotation = ",".join(external_ips)
if annotated_ipset != external_ipset:
logger.debug(f"Current annotation: {current_annotation}: {annotated_ipset}")
logger.debug(f"Target annotation: {target_annotation}: {external_ipset}")
body = {"metadata": {"annotations": {ANNOTATION_KEY: target_annotation}}} body = {"metadata": {"annotations": {ANNOTATION_KEY: target_annotation}}}
logger.debug(f"Patching service {service_name} with body: {body}") logger.debug(f"Patching service {service_name} with body: {body}")
await v1.patch_namespaced_service(service_name, namespace, body) await v1.patch_namespaced_service(service_name, namespace, body)
@@ -78,7 +97,10 @@ async def watch_nodes(v1, external_ips_update_queue):
f"External IPs for node {node.metadata.name}: {external_ips}" f"External IPs for node {node.metadata.name}: {external_ips}"
) )
external_node_ips = list(external_node_ipset) external_node_ips = list(external_node_ipset)
await external_ips_update_queue.put(external_node_ips) # remove old ip lists before populating
while not external_ips_update_queue.empty():
_previous_external_ips = await external_ips_update_queue.get()
await external_ips_update_queue.put(set(external_node_ips))
logger.debug(f"Added external IPs to update queue: {external_node_ips}") logger.debug(f"Added external IPs to update queue: {external_node_ips}")
except client.exceptions.ApiException as e: except client.exceptions.ApiException as e:
@@ -88,25 +110,33 @@ async def watch_nodes(v1, external_ips_update_queue):
logger.info("Watch task was cancelled.") logger.info("Watch task was cancelled.")
break break
except Exception as e: except Exception as e:
logger.error(f"Unexpected error in watch_nodes: {e}") logger.error(f"Unexpected error in watch_nodes: {e}", exc_info=True)
await asyncio.sleep(5) await asyncio.sleep(5)
async def watch_services(v1, external_ips_update_queue): async def watch_services(v1, external_ips_update_queue):
w = watch.Watch() w = watch.Watch()
label_selector = f"{SERVICE_LABEL_KEY}={SERVICE_LABEL_VALUE}"
while True: while True:
try: try:
logger.debug("Starting to watch services")
async for event in w.stream( async for event in w.stream(
v1.list_service_for_all_namespaces, v1.list_service_for_all_namespaces,
label_selector=label_selector, label_selector=SERVICE_LABEL,
_request_timeout=SERVICE_REQUEST_TIMEOUT, _request_timeout=SERVICE_REQUEST_TIMEOUT,
): ):
service = event["object"] service = event["object"]
if event["type"] in {"ADDED", "MODIFIED"}: if event["type"] in {"ADDED", "MODIFIED"}:
external_ips = await external_ips_update_queue.get() logger.debug(
await update_service_annotation(v1, service, external_ips) f"Processing event type: {event['type']} for service: {service.metadata.name}"
)
external_ipset = await external_ips_update_queue.get()
# put back the last one if it turns empty
if external_ips_update_queue.empty():
await external_ips_update_queue.put(external_ipset)
logger.debug(f"Retrieved external IPs: {list(external_ipset)}")
await update_service_annotation(v1, service, external_ipset)
logger.debug(f"Service updated: {service.metadata.name}")
except client.exceptions.ApiException as e: except client.exceptions.ApiException as e:
logger.error(f"API Exception in watch_services: {e}") logger.error(f"API Exception in watch_services: {e}")
@@ -115,7 +145,7 @@ async def watch_services(v1, external_ips_update_queue):
logger.info("Watch task was cancelled.") logger.info("Watch task was cancelled.")
break break
except Exception as e: except Exception as e:
logger.error(f"Unexpected error in watch_services: {e}") logger.error(f"Unexpected error in watch_services: {e}", exc_info=True)
await asyncio.sleep(5) await asyncio.sleep(5)