Skip to content

Commit

Permalink
Append the config annotations to the pod's meta before creating the p…
Browse files Browse the repository at this point in the history
…atch

This ensures that any configs provided via the CLI options are persisted
as annotations before the configs override.

Signed-off-by: Ivan Sim <[email protected]>
  • Loading branch information
Ivan Sim committed Mar 26, 2019
1 parent f36fc16 commit ed35d24
Show file tree
Hide file tree
Showing 5 changed files with 50 additions and 19 deletions.
20 changes: 14 additions & 6 deletions cli/cmd/inject.go
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,14 @@ func (rt resourceTransformerInject) transform(bytes []byte) ([]byte, []inject.Re
r := inject.Report{UnsupportedResource: true}
return bytes, []inject.Report{r}, nil
}

conf.AppendPodAnnotations(map[string]string{
k8s.CreatedByAnnotation: k8s.CreatedByAnnotationValue(),
})
if len(rt.overrideAnnotations) > 0 {
conf.AppendPodAnnotations(rt.overrideAnnotations)
}

p, reports, err := conf.GetPatch(bytes, inject.ShouldInjectCLI)
if err != nil {
return nil, nil, err
Expand All @@ -139,11 +147,6 @@ func (rt resourceTransformerInject) transform(bytes []byte) ([]byte, []inject.Re
return bytes, reports, nil
}

for annotation, value := range rt.overrideAnnotations {
p.AddPodAnnotation(annotation, value)
}
p.AddPodAnnotation(k8s.CreatedByAnnotation, k8s.CreatedByAnnotationValue())

patchJSON, err := p.Marshal()
if err != nil {
return nil, nil, err
Expand Down Expand Up @@ -286,7 +289,9 @@ func (options *injectOptions) fetchConfigsOrDefault() (*config.All, error) {
return api.Config(context.Background(), &public.Empty{})
}

// overrideConfigs uses command-line overrides to update the provided configs
// overrideConfigs uses command-line overrides to update the provided configs.
// the overrideAnnotations map keeps track of which configs are overridden, by
// storing the corresponding annotations and values.
func (options *injectOptions) overrideConfigs(configs *config.All, overrideAnnotations map[string]string) {
if len(options.ignoreInboundPorts) > 0 {
configs.Proxy.IgnoreInboundPorts = toPorts(options.ignoreInboundPorts)
Expand Down Expand Up @@ -346,6 +351,9 @@ func (options *injectOptions) overrideConfigs(configs *config.All, overrideAnnot
overrideAnnotations[k8s.ProxyLogLevelAnnotation] = options.proxyLogLevel
}

// keep track of this option because its true/false value results in different
// values being assigned to the LINKERD2_PROXY_DESTINATION_PROFILE_SUFFIXES
// env var. Its annotation is added only if its value is true.
configs.Proxy.DisableExternalProfiles = options.disableExternalProfiles
if options.disableExternalProfiles {
overrideAnnotations[k8s.ProxyDisableExternalProfilesAnnotation] = "true"
Expand Down
5 changes: 3 additions & 2 deletions controller/proxy-injector/webhook.go
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,9 @@ func (w *Webhook) inject(request *admissionv1beta1.AdmissionRequest) (*admission
return admissionResponse, nil
}

conf.AppendPodAnnotations(map[string]string{
k8s.CreatedByAnnotation: fmt.Sprintf("linkerd/proxy-injector %s", version.Version),
})
p, _, err := conf.GetPatch(request.Object.Raw, inject.ShouldInjectWebhook)
if err != nil {
return nil, err
Expand All @@ -129,8 +132,6 @@ func (w *Webhook) inject(request *admissionv1beta1.AdmissionRequest) (*admission
return admissionResponse, nil
}

p.AddPodAnnotation(k8s.CreatedByAnnotation, fmt.Sprintf("linkerd/proxy-injector %s", version.Version))

// When adding workloads through `kubectl apply` the spec template labels are
// automatically copied to the workload's main metadata section.
// This doesn't happen when adding labels through the webhook. So we manually
Expand Down
38 changes: 31 additions & 7 deletions pkg/inject/inject.go
Original file line number Diff line number Diff line change
Expand Up @@ -90,9 +90,10 @@ type ResourceConfig struct {
pod struct {
// Meta is the pod's metadata. It's exported so that the YAML marshaling
// will work in the ParseMeta() function.
Meta *metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
labels map[string]string
spec *v1.PodSpec
Meta *metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
labels map[string]string
annotations map[string]string
spec *v1.PodSpec
}
}

Expand All @@ -105,6 +106,7 @@ func NewResourceConfig(configs *config.All) *ResourceConfig {

config.pod.Meta = &metav1.ObjectMeta{}
config.pod.labels = map[string]string{k8s.ControllerNSLabel: configs.GetGlobal().GetLinkerdNamespace()}
config.pod.annotations = map[string]string{}
return config
}

Expand Down Expand Up @@ -143,6 +145,13 @@ func (conf *ResourceConfig) WithProxyOutboundCapacity(m map[string]uint) *Resour
return conf
}

// AppendPodAnnotations appends the given annotations to the pod spec in conf
func (conf *ResourceConfig) AppendPodAnnotations(annotations map[string]string) {
for annotation, value := range annotations {
conf.pod.annotations[annotation] = value
}
}

// YamlMarshalObj returns the yaml for the workload in conf
func (conf *ResourceConfig) YamlMarshalObj() ([]byte, error) {
return yaml.Marshal(conf.workload.obj)
Expand Down Expand Up @@ -194,8 +203,8 @@ func (conf *ResourceConfig) GetPatch(
if conf.pod.spec != nil {
report.update(conf)
if shouldInject(conf, report) {
conf.injectPodSpec(patch)
conf.injectObjectMeta(patch)
conf.injectPodSpec(patch)
}
} else {
report.UnsupportedResource = true
Expand Down Expand Up @@ -354,6 +363,10 @@ func (conf *ResourceConfig) parse(bytes []byte) error {
conf.pod.Meta = &v.ObjectMeta
}

if conf.pod.Meta.Annotations == nil {
conf.pod.Meta.Annotations = map[string]string{}
}

return nil
}

Expand Down Expand Up @@ -557,17 +570,28 @@ func (conf *ResourceConfig) injectObjectMeta(patch *Patch) {
if len(conf.pod.Meta.Annotations) == 0 {
patch.addPodAnnotationsRoot()
}
patch.AddPodAnnotation(k8s.ProxyVersionAnnotation, conf.configs.GetGlobal().GetVersion())
patch.addPodAnnotation(k8s.ProxyVersionAnnotation, conf.configs.GetGlobal().GetVersion())

if conf.configs.GetGlobal().GetIdentityContext() != nil {
patch.AddPodAnnotation(k8s.IdentityModeAnnotation, k8s.IdentityModeDefault)
patch.addPodAnnotation(k8s.IdentityModeAnnotation, k8s.IdentityModeDefault)
} else {
patch.AddPodAnnotation(k8s.IdentityModeAnnotation, k8s.IdentityModeDisabled)
patch.addPodAnnotation(k8s.IdentityModeAnnotation, k8s.IdentityModeDisabled)
}

for k, v := range conf.pod.labels {
patch.addPodLabel(k, v)
}

for k, v := range conf.pod.annotations {
patch.addPodAnnotation(k, v)
}

// append any additional pod annotations to the pod's meta.
// for e.g., annotations that were converted from CLI inject options.
for annotation, value := range conf.pod.annotations {
conf.pod.Meta.Annotations[annotation] = value
}

}

// AddRootLabels adds all the pod labels into the root workload (e.g. Deployment)
Expand Down
4 changes: 1 addition & 3 deletions pkg/inject/patch.go
Original file line number Diff line number Diff line change
Expand Up @@ -120,9 +120,7 @@ func (p *Patch) addPodAnnotationsRoot() {
})
}

// AddPodAnnotation creates an 'add' JSON patch operation structure to append
// the given annotation and value.
func (p *Patch) AddPodAnnotation(key, value string) {
func (p *Patch) addPodAnnotation(key, value string) {
p.patchOps = append(p.patchOps, &patchOp{
Op: "add",
Path: p.patchPathPodAnnotations + "/" + escapeKey(key),
Expand Down
2 changes: 1 addition & 1 deletion pkg/inject/patch_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ func TestPatch(t *testing.T) {
//actual.addVolumeRoot()
//actual.addVolume(secrets)
actual.addPodLabel(k8sPkg.ControllerNSLabel, controllerNamespace)
actual.AddPodAnnotation(k8sPkg.CreatedByAnnotation, createdBy)
actual.addPodAnnotation(k8sPkg.CreatedByAnnotation, createdBy)

expected := NewPatchDeployment()
expected.patchOps = []*patchOp{
Expand Down

0 comments on commit ed35d24

Please sign in to comment.