diff --git a/pkg/network/proxy/hybridproxier.go b/pkg/network/proxy/hybridproxier.go index a02cd64b4..0d45416bb 100644 --- a/pkg/network/proxy/hybridproxier.go +++ b/pkg/network/proxy/hybridproxier.go @@ -311,6 +311,16 @@ func (p *HybridProxier) OnEndpointsSynced() { klog.V(6).Infof("endpoints synced") } +func endpointSliceServiceName(slice *discoveryv1beta1.EndpointSlice) string { + serviceName := slice.Labels[discoveryv1beta1.LabelServiceName] + if serviceName == "" { + klog.Warningf("EndpointSlice %s/%s has no %q label", + slice.Namespace, slice.Name, discoveryv1beta1.LabelServiceName) + return slice.Name + } + return serviceName +} + func sliceToEndpoints(slice *discoveryv1beta1.EndpointSlice) *corev1.Endpoints { if slice == nil { return nil @@ -329,6 +339,7 @@ func sliceToEndpoints(slice *discoveryv1beta1.EndpointSlice) *corev1.Endpoints { }, }, } + endpoints.Name = endpointSliceServiceName(slice) for _, ep := range slice.Endpoints { addr := corev1.EndpointAddress{ NodeName: ep.NodeName, @@ -369,7 +380,7 @@ func endpointsIfEmptySlice(slice *discoveryv1beta1.EndpointSlice) *corev1.Endpoi } func (p *HybridProxier) OnEndpointSliceAdd(slice *discoveryv1beta1.EndpointSlice) { - svcName := types.NamespacedName{Namespace: slice.Namespace, Name: slice.Name} + svcName := types.NamespacedName{Namespace: slice.Namespace, Name: endpointSliceServiceName(slice)} hsvc := p.getService(svcName) defer p.releaseService(svcName) @@ -384,7 +395,7 @@ func (p *HybridProxier) OnEndpointSliceAdd(slice *discoveryv1beta1.EndpointSlice } func (p *HybridProxier) OnEndpointSliceUpdate(oldSlice, slice *discoveryv1beta1.EndpointSlice) { - svcName := types.NamespacedName{Namespace: slice.Namespace, Name: slice.Name} + svcName := types.NamespacedName{Namespace: slice.Namespace, Name: endpointSliceServiceName(slice)} hsvc := p.getService(svcName) defer p.releaseService(svcName) @@ -401,7 +412,7 @@ func (p *HybridProxier) OnEndpointSliceUpdate(oldSlice, slice *discoveryv1beta1. } func (p *HybridProxier) OnEndpointSliceDelete(slice *discoveryv1beta1.EndpointSlice) { - svcName := types.NamespacedName{Namespace: slice.Namespace, Name: slice.Name} + svcName := types.NamespacedName{Namespace: slice.Namespace, Name: endpointSliceServiceName(slice)} hsvc := p.getService(svcName) defer p.releaseService(svcName) @@ -418,7 +429,7 @@ func (p *HybridProxier) OnEndpointSliceDelete(slice *discoveryv1beta1.EndpointSl func (p *HybridProxier) OnEndpointSlicesSynced() { klog.V(6).Infof("hybrid proxy: endpointslices synced") - p.unidlingProxy.OnEndpointSlicesSynced() + p.unidlingProxy.OnEndpointsSynced() p.mainProxy.OnEndpointSlicesSynced() } diff --git a/pkg/network/proxy/hybridproxier_test.go b/pkg/network/proxy/hybridproxier_test.go index 75eac72f8..81002e00d 100644 --- a/pkg/network/proxy/hybridproxier_test.go +++ b/pkg/network/proxy/hybridproxier_test.go @@ -91,7 +91,7 @@ func TestHybridProxy(t *testing.T) { proxy.OnEndpointSliceAdd(slice1) err = mainProxy.assertEvents("after creating first endpoints", - "add endpointslice testns/one 1.2.3.4", + "add endpointslice testns/one-slice1 1.2.3.4", ) if err != nil { t.Fatalf("%v", err) @@ -127,7 +127,7 @@ func TestHybridProxy(t *testing.T) { err = mainProxy.assertEvents("after idling first service", "delete service testns/one", - "update endpointslice testns/one -", + "update endpointslice testns/one-slice1 -", ) if err != nil { t.Fatalf("%v", err) @@ -148,7 +148,7 @@ func TestHybridProxy(t *testing.T) { err = mainProxy.assertEvents("after unidling first service", "add service testns/one", - "update endpointslice testns/one 1.2.3.4", + "update endpointslice testns/one-slice1 1.2.3.4", ) if err != nil { t.Fatalf("%v", err) @@ -167,7 +167,7 @@ func TestHybridProxy(t *testing.T) { proxy.OnEndpointSliceUpdate(slice1, slice1modified) err = mainProxy.assertEvents("after modifying first service", - "update endpointslice testns/one 5.6.7.8", + "update endpointslice testns/one-slice1 5.6.7.8", ) if err != nil { t.Fatalf("%v", err) @@ -191,7 +191,7 @@ func TestHybridProxy(t *testing.T) { proxy.OnEndpointSliceUpdate(slice1modified, slice1modified2) mainProxy.assertEvents("after re-modifying first service", - "update endpointslice testns/one 9.10.11.12", + "update endpointslice testns/one-slice1 9.10.11.12", ) unidlingProxy.assertEvents("after re-modifying first service", "delete endpoints testns/one 5.6.7.8", @@ -201,7 +201,7 @@ func TestHybridProxy(t *testing.T) { proxy.OnEndpointSliceUpdate(slice1, slice1modified) mainProxy.assertEvents("after re-re-modifying first service", - "update endpointslice testns/one 5.6.7.8", + "update endpointslice testns/one-slice1 5.6.7.8", ) unidlingProxy.assertNoEvents("after re-re-modifying first service") @@ -212,7 +212,7 @@ func TestHybridProxy(t *testing.T) { proxy.OnEndpointSliceAdd(slice2) err = mainProxy.assertEvents("after creating second endpoints", - "add endpointslice testns/two 9.10.11.12", + "add endpointslice testns/two-slice1 9.10.11.12", ) if err != nil { t.Fatalf("%v", err) @@ -251,7 +251,7 @@ func TestHybridProxy(t *testing.T) { err = mainProxy.assertEvents("after idling second service", "delete service testns/two", - "update endpointslice testns/two -", + "update endpointslice testns/two-slice1 -", ) if err != nil { t.Fatalf("%v", err) @@ -272,7 +272,7 @@ func TestHybridProxy(t *testing.T) { err = mainProxy.assertEvents("after unidling second service", "add service testns/two", "update service testns/two", - "update endpointslice testns/two 9.10.11.12", + "update endpointslice testns/two-slice1 9.10.11.12", ) if err != nil { t.Fatalf("%v", err) @@ -312,7 +312,7 @@ func TestHybridProxy(t *testing.T) { proxy.OnEndpointSliceAdd(slice3) err = mainProxy.assertEvents("after creating third endpoints", - "add endpointslice testns/three 1.2.3.4", + "add endpointslice testns/three-slice1 1.2.3.4", ) if err != nil { t.Fatalf("%v", err) @@ -332,7 +332,7 @@ func TestHybridProxy(t *testing.T) { err = mainProxy.assertEvents("after idling third service", "update service testns/three", "delete service testns/three", - "update endpointslice testns/three -", + "update endpointslice testns/three-slice1 -", ) if err != nil { t.Fatalf("%v", err) @@ -367,7 +367,7 @@ func TestHybridProxy(t *testing.T) { proxy.OnEndpointSliceDelete(slice3idled) err = mainProxy.assertEvents("after deleting third endpoints", - "delete endpointslice testns/three -", + "delete endpointslice testns/three-slice1 -", ) if err != nil { t.Fatalf("%v", err) @@ -400,9 +400,9 @@ func TestHybridProxy(t *testing.T) { err = mainProxy.assertEvents("after cleanup", "delete service testns/one", - "delete endpointslice testns/one 5.6.7.8", + "delete endpointslice testns/one-slice1 5.6.7.8", "delete service testns/two", - "delete endpointslice testns/two 9.10.11.12", + "delete endpointslice testns/two-slice1 9.10.11.12", ) if err != nil { t.Fatalf("%v", err) @@ -435,7 +435,7 @@ func TestHybridProxyPreIdled(t *testing.T) { proxy.OnServiceAdd(svcpi) err = mainProxy.assertEvents("after creating pre-idled service", - "add endpointslice testns/pre-idled -", + "add endpointslice testns/pre-idled-slice1 -", "add service testns/pre-idled", "delete service testns/pre-idled", ) @@ -458,7 +458,7 @@ func TestHybridProxyPreIdled(t *testing.T) { err = mainProxy.assertEvents("after unidling pre-idled service", "add service testns/pre-idled", - "update endpointslice testns/pre-idled 1.2.3.4", + "update endpointslice testns/pre-idled-slice1 1.2.3.4", ) if err != nil { t.Fatalf("%v", err) @@ -481,7 +481,7 @@ func TestHybridProxyPreIdled(t *testing.T) { err = mainProxy.assertEvents("after deleting pre-idled service", "delete service testns/pre-idled", - "delete endpointslice testns/pre-idled 1.2.3.4", + "delete endpointslice testns/pre-idled-slice1 1.2.3.4", ) if err != nil { t.Fatalf("%v", err) @@ -518,7 +518,7 @@ func TestHybridProxyReIdling(t *testing.T) { err = mainProxy.assertEvents("after creating re-idling service", "add service testns/re-idle", - "add endpointslice testns/re-idle 1.2.3.4", + "add endpointslice testns/re-idle-slice1 1.2.3.4", ) if err != nil { t.Fatalf("%v", err) @@ -537,7 +537,7 @@ func TestHybridProxyReIdling(t *testing.T) { err = mainProxy.assertEvents("after idling re-idle service", "delete service testns/re-idle", - "update endpointslice testns/re-idle -", + "update endpointslice testns/re-idle-slice1 -", ) if err != nil { t.Fatalf("%v", err) @@ -555,7 +555,7 @@ func TestHybridProxyReIdling(t *testing.T) { err = mainProxy.assertEvents("after unidling re-idle service", "add service testns/re-idle", - "update endpointslice testns/re-idle 1.2.3.4", + "update endpointslice testns/re-idle-slice1 1.2.3.4", ) if err != nil { t.Fatalf("%v", err) @@ -575,7 +575,7 @@ func TestHybridProxyReIdling(t *testing.T) { err = mainProxy.assertEvents("after re-idling re-idle service", "delete service testns/re-idle", - "update endpointslice testns/re-idle -", + "update endpointslice testns/re-idle-slice1 -", ) if err != nil { t.Fatalf("%v", err) @@ -594,7 +594,7 @@ func TestHybridProxyReIdling(t *testing.T) { err = mainProxy.assertEvents("after unidling re-idle service", "add service testns/re-idle", - "update endpointslice testns/re-idle 1.2.3.4", + "update endpointslice testns/re-idle-slice1 1.2.3.4", ) if err != nil { t.Fatalf("%v", err) @@ -622,7 +622,7 @@ func TestHybridProxyReIdling(t *testing.T) { err = mainProxy.assertEvents("after re-idling re-idle service after time passed", "delete service testns/re-idle", - "update endpointslice testns/re-idle -", + "update endpointslice testns/re-idle-slice1 -", ) if err != nil { t.Fatalf("%v", err) @@ -652,7 +652,7 @@ func TestHybridProxyReIdling(t *testing.T) { proxy.OnEndpointSliceDelete(sliceriIdled) err = mainProxy.assertEvents("after deleting re-idle service", - "delete endpointslice testns/re-idle -", + "delete endpointslice testns/re-idle-slice1 -", ) if err != nil { t.Fatalf("%v", err) diff --git a/pkg/network/proxy/proxy_test.go b/pkg/network/proxy/proxy_test.go index 5372c3975..52088c7fc 100644 --- a/pkg/network/proxy/proxy_test.go +++ b/pkg/network/proxy/proxy_test.go @@ -283,8 +283,11 @@ func makeEndpoints(namespace, name string, ips ...string) (*corev1.Endpoints, *d slice := &discoveryv1beta1.EndpointSlice{ ObjectMeta: metav1.ObjectMeta{ Namespace: namespace, - Name: name, + Name: name + "-slice1", UID: ktypes.UID(namespace + "/" + name), + Labels: map[string]string{ + discoveryv1beta1.LabelServiceName: name, + }, }, Endpoints: []discoveryv1beta1.Endpoint{ { @@ -377,7 +380,7 @@ func TestOsdnProxy(t *testing.T) { _, ep := makeEndpoints("default", "kubernetes", "10.0.0.1", "10.0.0.2", "10.0.0.3") proxy.OnEndpointSliceAdd(ep) - initialEvents.Insert("add endpointslice default/kubernetes 10.0.0.1 10.0.0.2 10.0.0.3") + initialEvents.Insert("add endpointslice default/kubernetes-slice1 10.0.0.1 10.0.0.2 10.0.0.3") eps := make(map[string]map[string]*discoveryv1beta1.EndpointSlice) for _, ns := range namespaces { @@ -389,37 +392,37 @@ func TestOsdnProxy(t *testing.T) { _, ep := makeEndpoints(ns.Name, "local", "10.130.0.5", "10.131.2.5") proxy.OnEndpointSliceAdd(ep) eps[ns.Name]["local"] = ep - initialEvents.Insert("add endpointslice " + ns.Name + "/local 10.130.0.5 10.131.2.5") + initialEvents.Insert("add endpointslice " + ns.Name + "/local-slice1 10.130.0.5 10.131.2.5") _, ep = makeEndpoints(ns.Name, "extfar", "1.2.3.4") proxy.OnEndpointSliceAdd(ep) eps[ns.Name]["extfar"] = ep - initialEvents.Insert("add endpointslice " + ns.Name + "/extfar 1.2.3.4") + initialEvents.Insert("add endpointslice " + ns.Name + "/extfar-slice1 1.2.3.4") _, ep = makeEndpoints(ns.Name, "extnear", "192.168.2.5") proxy.OnEndpointSliceAdd(ep) eps[ns.Name]["extnear"] = ep - initialEvents.Insert("add endpointslice " + ns.Name + "/extnear 192.168.2.5") + initialEvents.Insert("add endpointslice " + ns.Name + "/extnear-slice1 192.168.2.5") _, ep = makeEndpoints(ns.Name, "extbad", "192.168.1.5") proxy.OnEndpointSliceAdd(ep) eps[ns.Name]["extbad"] = ep - initialEvents.Insert("add endpointslice " + ns.Name + "/extbad 192.168.1.5") + initialEvents.Insert("add endpointslice " + ns.Name + "/extbad-slice1 192.168.1.5") _, ep = makeEndpoints(ns.Name, "extexcept", "192.168.1.1") proxy.OnEndpointSliceAdd(ep) eps[ns.Name]["extexcept"] = ep - initialEvents.Insert("add endpointslice " + ns.Name + "/extexcept 192.168.1.1") + initialEvents.Insert("add endpointslice " + ns.Name + "/extexcept-slice1 192.168.1.1") _, ep = makeEndpoints(ns.Name, "extmixed", "10.130.0.5", "192.168.1.5") proxy.OnEndpointSliceAdd(ep) eps[ns.Name]["extmixed"] = ep - initialEvents.Insert("add endpointslice " + ns.Name + "/extmixed 10.130.0.5 192.168.1.5") + initialEvents.Insert("add endpointslice " + ns.Name + "/extmixed-slice1 10.130.0.5 192.168.1.5") } // fixup: we added a few endpoints that we don't actually expect initialEvents.Delete( - "add endpointslice one/extbad 192.168.1.5", - "add endpointslice one/extmixed 10.130.0.5 192.168.1.5", + "add endpointslice one/extbad-slice1 192.168.1.5", + "add endpointslice one/extmixed-slice1 10.130.0.5 192.168.1.5", ) // ***** @@ -460,10 +463,10 @@ func TestOsdnProxy(t *testing.T) { // That should result in everything external except "extexcept" being blocked err = tp.assertEvents("after adding EgressNetworkPolicy to namespace three", - "delete endpointslice three/extfar 1.2.3.4", - "delete endpointslice three/extnear 192.168.2.5", - "delete endpointslice three/extbad 192.168.1.5", - "delete endpointslice three/extmixed 10.130.0.5 192.168.1.5", + "delete endpointslice three/extfar-slice1 1.2.3.4", + "delete endpointslice three/extnear-slice1 192.168.2.5", + "delete endpointslice three/extbad-slice1 192.168.1.5", + "delete endpointslice three/extmixed-slice1 10.130.0.5 192.168.1.5", ) if err != nil { t.Fatalf("%v", err) @@ -479,8 +482,8 @@ func TestOsdnProxy(t *testing.T) { proxy.handleAddOrUpdateEgressNetworkPolicy(enp2a, nil, watch.Added) err = tp.assertEvents("after copying first EgressNetworkPolicy to namespace two", - "delete endpointslice two/extbad 192.168.1.5", - "delete endpointslice two/extmixed 10.130.0.5 192.168.1.5", + "delete endpointslice two/extbad-slice1 192.168.1.5", + "delete endpointslice two/extmixed-slice1 10.130.0.5 192.168.1.5", ) if err != nil { t.Fatalf("%v", err) @@ -494,9 +497,9 @@ func TestOsdnProxy(t *testing.T) { proxy.handleAddOrUpdateEgressNetworkPolicy(enp2b, nil, watch.Added) err = tp.assertEvents("after copying second EgressNetworkPolicy to namespace two", - "delete endpointslice two/extfar 1.2.3.4", - "delete endpointslice two/extnear 192.168.2.5", - "delete endpointslice two/extexcept 192.168.1.1", + "delete endpointslice two/extfar-slice1 1.2.3.4", + "delete endpointslice two/extnear-slice1 192.168.2.5", + "delete endpointslice two/extexcept-slice1 192.168.1.1", ) if err != nil { t.Fatalf("%v", err) @@ -506,7 +509,7 @@ func TestOsdnProxy(t *testing.T) { // (meaning "two" will allow the same things as "three") proxy.handleDeleteEgressNetworkPolicy(enp2a) err = tp.assertEvents("after deleting first EgressNetworkPolicy from namespace two", - "add endpointslice two/extexcept 192.168.1.1", + "add endpointslice two/extexcept-slice1 192.168.1.1", ) if err != nil { t.Fatalf("%v", err) @@ -515,10 +518,10 @@ func TestOsdnProxy(t *testing.T) { // Now delete the second ENP, which should unblock everything proxy.handleDeleteEgressNetworkPolicy(enp2b) err = tp.assertEvents("after deleting second EgressNetworkPolicy from namespace two", - "add endpointslice two/extfar 1.2.3.4", - "add endpointslice two/extnear 192.168.2.5", - "add endpointslice two/extbad 192.168.1.5", - "add endpointslice two/extmixed 10.130.0.5 192.168.1.5", + "add endpointslice two/extfar-slice1 1.2.3.4", + "add endpointslice two/extnear-slice1 192.168.2.5", + "add endpointslice two/extbad-slice1 192.168.1.5", + "add endpointslice two/extmixed-slice1 10.130.0.5 192.168.1.5", ) if err != nil { t.Fatalf("%v", err) @@ -566,12 +569,12 @@ func TestOsdnProxy(t *testing.T) { namespaces = namespaces[:4] err = tp.assertEvents("after deleting namespace four", - "delete endpointslice four/local 10.130.0.5 10.131.2.5", - "delete endpointslice four/extfar 1.2.3.4", - "delete endpointslice four/extnear 192.168.2.5", - "delete endpointslice four/extbad 192.168.1.5", - "delete endpointslice four/extexcept 192.168.1.1", - "delete endpointslice four/extmixed 10.130.0.5 192.168.1.5", + "delete endpointslice four/local-slice1 10.130.0.5 10.131.2.5", + "delete endpointslice four/extfar-slice1 1.2.3.4", + "delete endpointslice four/extnear-slice1 192.168.2.5", + "delete endpointslice four/extbad-slice1 192.168.1.5", + "delete endpointslice four/extexcept-slice1 192.168.1.1", + "delete endpointslice four/extmixed-slice1 10.130.0.5 192.168.1.5", ) if err != nil { t.Fatalf("%v", err) @@ -599,19 +602,19 @@ func TestOsdnProxy(t *testing.T) { err = tp.assertEvents("after modifying endpoints", // In namespace one, this blocks extnear and unblocks extbad - "update endpointslice one/local 10.130.0.5 10.131.1.5", - "delete endpointslice one/extnear 192.168.2.5", - "add endpointslice one/extbad 192.168.3.5", + "update endpointslice one/local-slice1 10.130.0.5 10.131.1.5", + "delete endpointslice one/extnear-slice1 192.168.2.5", + "add endpointslice one/extbad-slice1 192.168.3.5", // In namespace two, there is no effect on blocking; we just observe the // updated endpoints - "update endpointslice two/local 10.130.0.5 10.131.1.5", - "update endpointslice two/extnear 192.168.2.5 192.168.1.4", - "update endpointslice two/extbad 192.168.3.5", + "update endpointslice two/local-slice1 10.130.0.5 10.131.1.5", + "update endpointslice two/extnear-slice1 192.168.2.5 192.168.1.4", + "update endpointslice two/extbad-slice1 192.168.3.5", // In namespace three, extnear and extbad were blocked before and are // still blocked, so we don't see any updates to them. - "update endpointslice three/local 10.130.0.5 10.131.1.5", + "update endpointslice three/local-slice1 10.130.0.5 10.131.1.5", ) if err != nil { t.Fatalf("%v", err) @@ -626,8 +629,8 @@ func TestOsdnProxy(t *testing.T) { // Now namespace three will see the extbad, with the updated IP from above err = tp.assertEvents("after modifying EgressNetworkPolicy", - "add endpointslice three/extfar 1.2.3.4", - "add endpointslice three/extbad 192.168.3.5", + "add endpointslice three/extfar-slice1 1.2.3.4", + "add endpointslice three/extbad-slice1 192.168.3.5", ) if err != nil { t.Fatalf("%v", err)