refactor: improve performance and functionality #1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Designed and implemented an in-memory cache to determine namespace exclusion status. This optimization replaces the previous, less efficient method of performing list operations on ciliumNetworkPolicy and networkPolicy, as well as get operations on event namespace in each reconcile loop. - Added functionality to check the MetalLB annotation `metallb.universe.tf/address-pool: vpn-access` in Service objects. This determines if a service should be exposed, and if so, adds the necessary rule to its associated CNP object. This change enhances service-level operation handling. - Updated the cilium Go package to integrate with the latest changes, ensuring compatibility and improved performance.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This pull request introduces crucial refactoring in our system, aiming to enhance performance and efficiency. It encompasses the implementation of an in-memory cache for namespace exclusion status, improvements in service exposure handling through MetalLB annotation checks, and updates to the latest
ciliumGo package.Key Changes
In-Memory Cache for Namespace Exclusion:
Implemented an in-memory cache to more efficiently determine the exclusion status of namespaces.
This optimization supersedes the less efficient method that involved list operations on ciliumNetworkPolicy and networkPolicy, as well as get operation on event namespace in each reconcile loop.
Service Exposure Handling via MetalLB Annotation:
Integrated functionality to assess the
metallb.universe.tf/address-pool: vpn-accessannotation in Service objects.This assessment dictates whether a service should be exposed, subsequently appending the required rule to its associated CiliumNetworkPolicy object, thus enhancing our service-level operation handling.
Cilium Go Package Update:
The
ciliumGo package has been updated to align with the latest changes. This update is crucial for maintaining compatibility and enhancing overall performance.Impact
These improvements are directed at refining the process for namespace status checks and service exposure decisions. By implementing these changes, we anticipate a boost in operation efficiency and a reduction in resource usage.