Improve parsing time on big clusters #571
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2a24f12 to
0636f15
Compare
3 tasks
Improves the time of object parsing on big k8s clusters - about 1000+ ingress objects which references 1000+ services - using a updatable haproxy model and a object<->model tracking. The implementation follows this approach: * track changes on each relevant object type - currently ingress, service, endpoint, secret, configmap, and also pod if drain-support is used; * every object tracks a host and/or backend in the haproxy model; * if the object is removed or updated, only the tracked host and/or backend is rebuilt; * dynupdate doesn't compare old/cur state anymore, but instead dirty and new host/backend state. This update has the majority of the job: notification improvement, object<->model tracking and converter changes. Missing dirty/new state in the haproxy model, concurrency improvements, dynupdate refactor and some minor adjusts.
Refactor haproxy types, config, instance and dynupdate to use a single config object instead of the dual old/cur objects. Model updates are made via del/add/commit hosts, backends, tcpservices and userlists. Globals are still being fully parsed when configmap is changed, and cloned when the config is committed. Dynupdate now uses del/add lists to know what could be changed. Since there isn't update, but instead del/add, both lists are linked using the proxy name and every match act as an old/new state instead. Dynupdate has also evolved to apply all changes that could be dynamically applied, even if it's known a reload must be made. This minimizes outdated info in the case haproxy fails to reload.
b59c8fb to
54063c2
Compare
SyncConfig only need to synchronise changed hosts, so changing to iterate only over them.
A certificate store caches all parsed certificates references on ingress objects. Every time a secret is updated or removed, the crt store need to be synced again.
7facc08 to
ea8274a
Compare
# Conflicts: # pkg/controller/controller.go # pkg/controller/listers.go # pkg/converters/ingress/ingress.go # pkg/converters/ingress/ingress_test.go
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Improves the time of object parsing on big k8s clusters - about 1000+ ingress objects which references 1000+ services - using an updatable haproxy model and a object<->model tracking.
The implementation follows this approach:
Work in progress: