k8s clients only need to access corev1; add pod selector (#2463)

aws · Jul 11, 2023 · 1d88b8f · 1d88b8f
1 parent 21ada86
commit 1d88b8f
Show file tree

Hide file tree

Showing 5 changed files with 20 additions and 12 deletions.
diff --git a/cmd/aws-k8s-agent/main.go b/cmd/aws-k8s-agent/main.go
@@ -52,7 +52,7 @@ func _main() int {
 		return 1
 	}
 
-	cacheK8SClient, err := k8sapi.CreateCachedKubeClient(rawK8SClient, mapper)
+	cacheK8SClient, err := k8sapi.CreateCachedKubeClient(rawK8SClient, mapper, true)
 	if err != nil {
 		log.Errorf("Failed to create cached kube client: %s", err)
 		return 1

diff --git a/cmd/cni-metrics-helper/main.go b/cmd/cni-metrics-helper/main.go
@@ -118,7 +118,7 @@ func main() {
 		log.Fatalf("Error creating Kubernetes Client: %s", err)
 		os.Exit(1)
 	}
-	k8sClient, err := k8sapi.CreateCachedKubeClient(rawK8SClient, mapper)
+	k8sClient, err := k8sapi.CreateCachedKubeClient(rawK8SClient, mapper, false)
 	if err != nil {
 		log.Fatalf("Error creating Cached Kubernetes Client: %s", err)
 		os.Exit(1)

diff --git a/pkg/ipamd/ipamd.go b/pkg/ipamd/ipamd.go
@@ -568,7 +568,7 @@ func (c *IPAMContext) nodeInit() error {
 
 	node, err := k8sapi.GetNode(ctx, c.cachedK8SClient)
 	if err != nil {
-		log.Errorf("Failed to host node", err)
+		log.Errorf("Failed to get node", err)
 		podENIErrInc("nodeInit")
 		return err
 	}

diff --git a/pkg/k8sapi/k8sutils.go b/pkg/k8sapi/k8sutils.go
@@ -8,8 +8,8 @@ import (
 
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/meta"
+	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/types"
-	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
 	"sigs.k8s.io/controller-runtime/pkg/client/apiutil"
 
 	eniconfigscheme "github.com/aws/amazon-vpc-cni-k8s/pkg/apis/crd/v1alpha1"
@@ -19,7 +19,7 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
 	ctrl "sigs.k8s.io/controller-runtime"
-	"sigs.k8s.io/controller-runtime/pkg/cache"
+	crcache "sigs.k8s.io/controller-runtime/pkg/cache"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -45,7 +45,7 @@ func CreateKubeClient(mapper meta.RESTMapper) (client.Client, error) {
 		return nil, err
 	}
 	vpcCniScheme := runtime.NewScheme()
-	clientgoscheme.AddToScheme(vpcCniScheme)
+	corev1.AddToScheme(vpcCniScheme)
 	eniconfigscheme.AddToScheme(vpcCniScheme)
 
 	rawK8SClient, err := client.New(restCfg, client.Options{Scheme: vpcCniScheme, Mapper: mapper})
@@ -58,19 +58,28 @@ func CreateKubeClient(mapper meta.RESTMapper) (client.Client, error) {
 }
 
 // CreateKubeClient creates a k8s client
-func CreateCachedKubeClient(rawK8SClient client.Client, mapper meta.RESTMapper) (client.Client, error) {
+func CreateCachedKubeClient(rawK8SClient client.Client, mapper meta.RESTMapper, limitPods bool) (client.Client, error) {
 	restCfg, err := getRestConfig()
 	if err != nil {
 		return nil, err
 	}
 	restCfg.Burst = 100
 
 	vpcCniScheme := runtime.NewScheme()
-	clientgoscheme.AddToScheme(vpcCniScheme)
+	// For the cached client, IPAMD only needs nodes and ENIConfigs to be cached. Nodes come from corev1.
+	corev1.AddToScheme(vpcCniScheme)
 	eniconfigscheme.AddToScheme(vpcCniScheme)
 
 	stopChan := ctrl.SetupSignalHandler()
-	cache, err := cache.New(restCfg, cache.Options{Scheme: vpcCniScheme, Mapper: mapper})
+	// IPAMD only needs to cache pods on this node, so the following selector is used to reduce memory consumption
+	cacheOptions := crcache.Options{Scheme: vpcCniScheme, Mapper: mapper}
+	if nodeName := os.Getenv("MY_NODE_NAME"); limitPods && nodeName != "" {
+		cacheOptions.SelectorsByObject = map[client.Object]crcache.ObjectSelector{&corev1.Pod{}: {
+			Field: fields.Set{"spec.nodeName": nodeName}.AsSelector(),
+		}}
+
+	}
+	cache, err := crcache.New(restCfg, cacheOptions)
 	if err != nil {
 		return nil, err
 	}

diff --git a/pkg/k8sapi/k8sutils_test.go b/pkg/k8sapi/k8sutils_test.go
@@ -10,22 +10,21 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
-	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 )
 
 func TestGetNode(t *testing.T) {
 	ctx := context.Background()
 	k8sSchema := runtime.NewScheme()
-	clientgoscheme.AddToScheme(k8sSchema)
+	corev1.AddToScheme(k8sSchema)
 	eniconfigscheme.AddToScheme(k8sSchema)
 
 	fakeNode := &corev1.Node{
 		ObjectMeta: v1.ObjectMeta{
 			Name: "testNode",
 		},
 	}
-	k8sClient := fake.NewFakeClientWithScheme(k8sSchema, fakeNode)
+	k8sClient := fake.NewClientBuilder().WithScheme(k8sSchema).WithObjects(fakeNode).Build()
 	os.Setenv("MY_NODE_NAME", "testNode")
 	node, err := GetNode(ctx, k8sClient)
 	assert.NoError(t, err)