github.com/cilium/cilium@v1.16.2/operator/pkg/ciliumendpointslice/cell.go (about) 1 // SPDX-License-Identifier: Apache-2.0 2 // Copyright Authors of Cilium 3 4 package ciliumendpointslice 5 6 import ( 7 "fmt" 8 9 "github.com/cilium/hive/cell" 10 "github.com/spf13/pflag" 11 12 "github.com/cilium/cilium/pkg/metrics" 13 ) 14 15 const ( 16 // CESMaxCEPsInCES is the maximum number of cilium endpoints allowed in single 17 // a CiliumEndpointSlice resource. 18 CESMaxCEPsInCES = "ces-max-ciliumendpoints-per-ces" 19 20 // CESSlicingMode instructs how CEPs are grouped in a CES. 21 CESSlicingMode = "ces-slice-mode" 22 23 // CESWriteQPSLimit is the rate limit per second for the CES work queue to 24 // process CES events that result in CES write (Create, Update, Delete) 25 // requests to the kube-apiserver. 26 CESWriteQPSLimit = "ces-write-qps-limit" 27 28 // CESWriteQPSBurst is the burst rate per second used with CESWriteQPSLimit 29 // for the CES work queue to process CES events that result in CES write 30 // (Create, Update, Delete) requests to the kube-apiserver. 31 CESWriteQPSBurst = "ces-write-qps-burst" 32 33 // CESEnableDynamicRateLimit is used to ignore static QPS Limit and Burst 34 // and use dynamic limit, burst and nodes instead. 35 CESEnableDynamicRateLimit = "ces-enable-dynamic-rate-limit" 36 37 // CESDynamicRateLimitNodes is used to specify the list of nodes used for the 38 // dynamic rate limit steps. 39 CESDynamicRateLimitNodes = "ces-dynamic-rate-limit-nodes" 40 41 // CESDynamicRateLimitQPSLimit is used to specify the list of qps limits for the 42 // dynamic rate limit steps. 43 CESDynamicRateLimitQPSLimit = "ces-dynamic-rate-limit-qps-limit" 44 45 // CESDynamicRateLimitQPSBurst is used to specify the list of qps bursts for the 46 // dynamic rate limit steps. 47 CESDynamicRateLimitQPSBurst = "ces-dynamic-rate-limit-qps-burst" 48 49 // CESRateLimits can be used to configure a custom, stepped dynamic rate limit based on cluster size. 50 CESRateLimits = "ces-rate-limits" 51 ) 52 53 // Cell is a cell that implements a Cilium Endpoint Slice Controller. 54 // The controller subscribes to cilium endpoint and cilium endpoint slices 55 // events and reconciles the state of the cilium endpoint slices in the cluster. 56 var Cell = cell.Module( 57 "k8s-ces-controller", 58 "Cilium Endpoint Slice Controller", 59 cell.Config(defaultConfig), 60 cell.Invoke(registerController), 61 metrics.Metric(NewMetrics), 62 ) 63 64 type Config struct { 65 CESMaxCEPsInCES int `mapstructure:"ces-max-ciliumendpoints-per-ces"` 66 CESSlicingMode string `mapstructure:"ces-slice-mode"` 67 CESWriteQPSLimit float64 `mapstructure:"ces-write-qps-limit"` 68 CESWriteQPSBurst int `mapstructure:"ces-write-qps-burst"` 69 CESEnableDynamicRateLimit bool `mapstructure:"ces-enable-dynamic-rate-limit"` 70 CESDynamicRateLimitNodes []string `mapstructure:"ces-dynamic-rate-limit-nodes"` 71 CESDynamicRateLimitQPSLimit []string `mapstructure:"ces-dynamic-rate-limit-qps-limit"` 72 CESDynamicRateLimitQPSBurst []string `mapstructure:"ces-dynamic-rate-limit-qps-burst"` 73 CESDynamicRateLimitConfig string `mapstructure:"ces-rate-limits"` 74 } 75 76 var defaultConfig = Config{ 77 CESMaxCEPsInCES: 100, 78 CESSlicingMode: "cesSliceModeIdentity", 79 CESDynamicRateLimitConfig: "[{\"nodes\":0,\"limit\":10,\"burst\":20}]", 80 } 81 82 func (def Config) Flags(flags *pflag.FlagSet) { 83 depUseDLR := fmt.Sprintf("dynamic rate limiting is now configured by default. Please use --%s to supply a custom config", CESRateLimits) 84 flags.Int(CESMaxCEPsInCES, def.CESMaxCEPsInCES, "Maximum number of CiliumEndpoints allowed in a CES") 85 flags.String(CESSlicingMode, def.CESSlicingMode, "Slicing mode defines how CiliumEndpoints are grouped into CES: either batched by their Identity (\"cesSliceModeIdentity\") or batched on a \"First Come, First Served\" basis (\"cesSliceModeFCFS\")") 86 flags.Float64(CESWriteQPSLimit, def.CESWriteQPSLimit, "CES work queue rate limit. Ignored when "+CESEnableDynamicRateLimit+" is set") 87 flags.MarkDeprecated(CESWriteQPSLimit, depUseDLR) 88 flags.Int(CESWriteQPSBurst, def.CESWriteQPSBurst, "CES work queue burst rate. Ignored when "+CESEnableDynamicRateLimit+" is set") 89 flags.MarkDeprecated(CESWriteQPSBurst, depUseDLR) 90 91 flags.Bool(CESEnableDynamicRateLimit, def.CESEnableDynamicRateLimit, "Flag to enable dynamic rate limit specified in separate fields instead of the static one") 92 flags.MarkDeprecated(CESEnableDynamicRateLimit, depUseDLR) 93 flags.StringSlice(CESDynamicRateLimitNodes, def.CESDynamicRateLimitNodes, "List of nodes used for the dynamic rate limit steps") 94 flags.MarkDeprecated(CESDynamicRateLimitNodes, depUseDLR) 95 flags.StringSlice(CESDynamicRateLimitQPSLimit, def.CESDynamicRateLimitQPSLimit, "List of qps limits used for the dynamic rate limit steps") 96 flags.MarkDeprecated(CESDynamicRateLimitQPSLimit, depUseDLR) 97 flags.StringSlice(CESDynamicRateLimitQPSBurst, def.CESDynamicRateLimitQPSBurst, "List of qps burst used for the dynamic rate limit steps") 98 flags.MarkDeprecated(CESDynamicRateLimitQPSBurst, depUseDLR) 99 100 flags.String(CESRateLimits, def.CESDynamicRateLimitConfig, "Configure rate limits for the CES controller. Accepts a list of rate limit configurations, must be a JSON formatted string.") 101 } 102 103 // SharedConfig contains the configuration that is shared between 104 // this module and others. 105 // It is a temporary solution meant to avoid polluting this module with a direct 106 // dependency on global operator and daemon configurations. 107 type SharedConfig struct { 108 // EnableCiliumEndpointSlice enables the cilium endpoint slicing feature and the CES Controller. 109 EnableCiliumEndpointSlice bool 110 }