Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: ensure safe names for generated agent pods #19

Merged
merged 1 commit into from
Feb 6, 2024
Merged

fix: ensure safe names for generated agent pods #19

merged 1 commit into from
Feb 6, 2024

Conversation

starbops
Copy link
Member

@starbops starbops commented Feb 2, 2024
edited
Loading

IMPORTANT: Please do not create a Pull Request without creating an issue first.

Problem:

Solution:

Related Issue:

harvester/harvester#5072

Test plan:

  1. Create a very long name VM Network, eg.g fi6cx9ca1kt1faq80k3ro9cowyumyjb67qdmg8fb9ydmz27rbk5btlg2m5avv3n
  2. Create the corresponding IPPool object with the same long name
  3. The spawned agent Pod's name should be under 64 characters.

@starbops starbops marked this pull request as ready for review February 2, 2024 16:42
bk201
bk201 previously approved these changes Feb 2, 2024
View reviewed changes
@bk201 bk201 self-requested a review February 4, 2024 16:22
bk201
bk201 reviewed Feb 4, 2024
View reviewed changes
pkg/controller/ippool/common.go Outdated
@@ -25,7 +26,7 @@ func prepareAgentPod(
agentServiceAccountName string,
agentImage *config.Image,
) *corev1.Pod {
name := fmt.Sprintf("%s-%s-agent", ipPool.Namespace, ipPool.Name)
name := name.SafeConcatName(ipPool.Namespace, ipPool.Name)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have an IPPool in harvester-public/vlan1. For the initial design, the name is:

harvester-system    harvester-public-vlan1-agent

and the new implementation is

harvester-system    harvester-public-vlan1

Maybe we can still consider adding a prefix here to make the pod name make more sense (say it's a dhcp agent)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made a slight change to the SafeConcatName to incorporate the "-agent" suffix. PTAL, thanks!

@starbops starbops requested a review from Yu-Jack February 5, 2024 02:46
Yu-Jack
Yu-Jack reviewed Feb 5, 2024
View reviewed changes
pkg/controller/ippool/common.go Outdated Show resolved Hide resolved
pkg/util/common.go

func SafeAgentConcatName(name ...string) string {
fullPath := strings.Join(name, "-")
if len(fullPath) < 58 {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

curious about why 58, should we add a name for it?

Copy link
Member Author

@starbops starbops Feb 5, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The function was a modified version of https://github.com/rancher/wrangler/blob/004384a454ec6062420e10439bf9fa136fa38e4d/pkg/name/name.go#L56-L70 to incorporate the -agent suffix. The reason (the characters limit) behind that is something about DNS name resolution (Object Names and IDs | Kubernetes)

pkg/util/common.go
digest := sha256.Sum256([]byte(fullPath))
// since we cut the string in the middle, the last char may not be compatible with what is expected in k8s
// we are checking and if necessary removing the last char
c := fullPath[50]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also curious about why 50

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is because when we cut down the long token, we cannot be sure it won't accidentally collide with another name on the system. So, here, we preserve a little more space for incorporating a short and hashed string to make it unique.

pkg/util/common.go Outdated Show resolved Hide resolved
Yu-Jack
Yu-Jack approved these changes Feb 5, 2024
View reviewed changes
Copy link
Contributor

@Yu-Jack Yu-Jack left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@bk201 bk201 merged commit e902231 into harvester:main Feb 6, 2024
5 checks passed
@starbops starbops mentioned this pull request Feb 19, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bk201 bk201 bk201 approved these changes

@Yu-Jack Yu-Jack Yu-Jack approved these changes

@w13915984028 w13915984028 Awaiting requested review from w13915984028

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@starbops @bk201 @Yu-Jack