github.com/fafucoder/cilium@v1.6.11/operator/identity_gc.go (about) 1 // Copyright 2018-2019 Authors of Cilium 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package main 16 17 import ( 18 "time" 19 20 "github.com/cilium/cilium/pkg/allocator" 21 "github.com/cilium/cilium/pkg/identity/cache" 22 "github.com/cilium/cilium/pkg/kvstore" 23 kvstoreallocator "github.com/cilium/cilium/pkg/kvstore/allocator" 24 ) 25 26 var ( 27 // identityGCInterval is the interval in which allocator identities are 28 // attempted to be expired from the kvstore 29 identityGCInterval time.Duration 30 31 // identityAllocationMode specifies what mode to use for identity 32 // allocation 33 identityAllocationMode string 34 ) 35 36 func startIdentityGC() { 37 log.Infof("Starting security identity garbage collector with %s interval...", identityGCInterval) 38 backend, err := kvstoreallocator.NewKVStoreBackend(cache.IdentitiesPath, "", nil, kvstore.Client()) 39 if err != nil { 40 log.WithError(err).Fatal("Unable to initialize kvstore backend for identity allocation") 41 } 42 a := allocator.NewAllocatorForGC(backend) 43 44 keysToDelete := map[string]uint64{} 45 go func() { 46 for { 47 keysToDelete2, err := a.RunGC(keysToDelete) 48 if err != nil { 49 log.WithError(err).Warning("Unable to run security identity garbage collector") 50 } else { 51 keysToDelete = keysToDelete2 52 } 53 54 <-time.After(identityGCInterval) 55 } 56 }() 57 }