github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/monitor/internal/pod/watcher.go

github.com/aporeto-inc/trireme-lib@v10.358.0+incompatible/monitor/internal/pod/watcher.go (about)

     1  // +build !windows
     2  
     3  package podmonitor
     4  
     5  import (
     6  	corev1 "k8s.io/api/core/v1"
     7  	"k8s.io/apimachinery/pkg/types"
     8  	"sigs.k8s.io/controller-runtime/pkg/client"
     9  	"sigs.k8s.io/controller-runtime/pkg/handler"
    10  	"sigs.k8s.io/controller-runtime/pkg/reconcile"
    11  )
    12  
    13  // WatchPodMapper determines if we want to reconcile on a pod event. There are two limitiations:
    14  // - the pod must be schedule on a matching nodeName
    15  // - if the pod requests host networking, only reconcile if we want to enable host pods
    16  type WatchPodMapper struct {
    17  	client         client.Client
    18  	nodeName       string
    19  	enableHostPods bool
    20  }
    21  
    22  // Map implements the handler.Mapper interface to emit reconciles for corev1.Pods. It effectively
    23  // filters the pods by looking for a matching nodeName and filters them out if host networking is requested,
    24  // but we don't want to enable those.
    25  func (w *WatchPodMapper) Map(obj handler.MapObject) []reconcile.Request {
    26  	pod, ok := obj.Object.(*corev1.Pod)
    27  	if !ok {
    28  		return nil
    29  	}
    30  
    31  	if pod.Spec.NodeName != w.nodeName {
    32  		return nil
    33  	}
    34  
    35  	if pod.Spec.HostNetwork && !w.enableHostPods {
    36  		return nil
    37  	}
    38  
    39  	return []reconcile.Request{
    40  		{
    41  			NamespacedName: types.NamespacedName{
    42  				Name:      pod.Name,
    43  				Namespace: pod.Namespace,
    44  			},
    45  		},
    46  	}
    47  }