From 52e81c3a23490c7c9dfc5a74011bbc0009358d70 Mon Sep 17 00:00:00 2001 From: Tariq Ibrahim Date: Thu, 1 Aug 2024 16:01:16 -0700 Subject: [PATCH] controller-runtime cache should only list-watch resources in the operator namespace Signed-off-by: Tariq Ibrahim add openshift namespace to the controller-runtime cache Signed-off-by: Tariq Ibrahim --- cmd/gpu-operator/main.go | 13 +++++++++++++ controllers/clusterinfo/clusterinfo.go | 2 +- controllers/object_controls.go | 3 ++- internal/consts/consts.go | 3 +++ 4 files changed, 19 insertions(+), 2 deletions(-) diff --git a/cmd/gpu-operator/main.go b/cmd/gpu-operator/main.go index bbbe14e6d..076362c12 100644 --- a/cmd/gpu-operator/main.go +++ b/cmd/gpu-operator/main.go @@ -27,6 +27,7 @@ import ( // to ensure that exec-entrypoint and run can make use of them. "go.uber.org/zap/zapcore" _ "k8s.io/client-go/plugin/pkg/client/auth" + "sigs.k8s.io/controller-runtime/pkg/cache" apiconfigv1 "github.com/openshift/api/config/v1" apiimagev1 "github.com/openshift/api/image/v1" @@ -49,6 +50,7 @@ import ( nvidiav1alpha1 "github.com/NVIDIA/gpu-operator/api/nvidia/v1alpha1" "github.com/NVIDIA/gpu-operator/controllers" "github.com/NVIDIA/gpu-operator/controllers/clusterinfo" + "github.com/NVIDIA/gpu-operator/internal/consts" "github.com/NVIDIA/gpu-operator/internal/info" // +kubebuilder:scaffold:imports ) @@ -104,6 +106,16 @@ func main() { Port: 9443, }) + operatorNamespace := os.Getenv("OPERATOR_NAMESPACE") + openshiftNamespace := consts.OpenshiftNamespace + cacheOptions := cache.Options{ + DefaultNamespaces: map[string]cache.Config{ + operatorNamespace: {}, + // Also cache resources in the openshift namespace to retrieve ImageStreams when on an openshift cluster + openshiftNamespace: {}, + }, + } + options := ctrl.Options{ Scheme: scheme, Metrics: metricsOptions, @@ -111,6 +123,7 @@ func main() { LeaderElection: enableLeaderElection, LeaderElectionID: "53822513.nvidia.com", WebhookServer: webhookServer, + Cache: cacheOptions, } if enableLeaderElection && int(renewDeadline) != 0 { diff --git a/controllers/clusterinfo/clusterinfo.go b/controllers/clusterinfo/clusterinfo.go index 8f0cec78c..b1de7fe43 100644 --- a/controllers/clusterinfo/clusterinfo.go +++ b/controllers/clusterinfo/clusterinfo.go @@ -341,7 +341,7 @@ func getOpenshiftDTKImages(ctx context.Context, c *rest.Config) map[string]strin logger := log.FromContext(ctx) name := "driver-toolkit" - namespace := "openshift" + namespace := consts.OpenshiftNamespace ocpImageClient, err := imagesv1.NewForConfig(c) if err != nil { diff --git a/controllers/object_controls.go b/controllers/object_controls.go index 376302fb7..7073b8378 100644 --- a/controllers/object_controls.go +++ b/controllers/object_controls.go @@ -52,6 +52,7 @@ import ( "sigs.k8s.io/yaml" gpuv1 "github.com/NVIDIA/gpu-operator/api/nvidia/v1" + "github.com/NVIDIA/gpu-operator/internal/consts" "github.com/NVIDIA/gpu-operator/internal/utils" ) @@ -3705,7 +3706,7 @@ func ocpHasDriverToolkitImageStream(n *ClusterPolicyController) (bool, error) { ctx := n.ctx found := &apiimagev1.ImageStream{} name := "driver-toolkit" - namespace := "openshift" + namespace := consts.OpenshiftNamespace err := n.client.Get(ctx, types.NamespacedName{Namespace: namespace, Name: name}, found) if err != nil { if apierrors.IsNotFound(err) { diff --git a/internal/consts/consts.go b/internal/consts/consts.go index a65c3027d..c2850f419 100644 --- a/internal/consts/consts.go +++ b/internal/consts/consts.go @@ -39,6 +39,9 @@ const ( // Containerd runtime Containerd = "containerd" + // OpenshiftNamespace indicates the main namespace of an Openshift cluster + OpenshiftNamespace = "openshift" + OcpDriverToolkitVersionLabel = "openshift.driver-toolkit.rhcos" OcpDriverToolkitIdentificationLabel = "openshift.driver-toolkit" NfdOSTreeVersionLabelKey = "feature.node.kubernetes.io/system-os_release.OSTREE_VERSION"