Fix Service object remove from resource map from route controller

[chauhanshubham]

This commit fetches the services that were referenced by the route which has now been deleted, and removes those objects from the resource map. In order to facilitate this, the commit introduces a provider cache for kubernetes that stores mappings between kubernetes objects - for now it stores the map between [tls/http]route -> backend service references.
So that once the [tls/http]route is deleted we have the services that it referenced.
Fixes: #536

Signed-off-by: Shubham Chauhan shubham@tetrate.io

[codecov-commenter]

Codecov Report

Merging #549 (fb48c25) into main (2fb3ca8) will decrease coverage by 0.36%.
The diff coverage is 74.68%.

@@            Coverage Diff             @@
##             main     #549      +/-   ##
==========================================
- Coverage   60.98%   60.61%   -0.37%     
==========================================
  Files          45       47       +2     
  Lines        5564     5721     +157     
==========================================
+ Hits         3393     3468      +75     
- Misses       1968     2034      +66     
- Partials      203      219      +16     

Impacted Files	Coverage Δ
internal/provider/kubernetes/kubernetes.go	50.94% <50.00%> (+2.94%)	⬆️
internal/provider/kubernetes/tlsroute.go	51.98% <54.54%> (-14.69%)	⬇️
internal/provider/kubernetes/httproute.go	57.61% <55.55%> (-8.48%)	⬇️
internal/provider/kubernetes/store.go	100.00% <100.00%> (ø)
internal/infrastructure/kubernetes/configmap.go	75.86% <0.00%> (-6.60%)	⬇️
...ternal/infrastructure/kubernetes/serviceaccount.go	77.96% <0.00%> (-4.80%)	⬇️
internal/xds/translator/listener.go	81.42% <0.00%> (-4.40%)	⬇️
internal/gatewayapi/contexts.go	76.02% <0.00%> (-4.12%)	⬇️
... and 11 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[arkodg]

thanks for working on this !
this functionality will most likely not be needed once #413 is in since it will always build out SoTW from scratch, using the controller runtime cache, but it might make sense to introduce this PR if we want to support RefereneGrant in 0.2.0 since #539 (a much more severe consequence of not removing the resource) will leverage the same library introduced in this PR

[chauhanshubham]

Will there not be a need to store Service objects any more in the resource map post 413?
Could we try fetching the Services from the controller cache right now itself? doesn't seem to depend on 413. Maybe I'm missing something.
We'll have to pass on the client to the gatewayapi/translator for fetching these objects.

I'm looking at

gateway/internal/gatewayapi/translator.go

Line 66 in 0be1aef

func (r *Resources) GetService(namespace, name string) *v1.Service {

The GetNamespace, GetService, and GetSecret functions here, that try fetching it from the Resources struct, instead we could read it from the controller cache perhaps? We can add a similar GetReferenceGrant too.

[arkodg]

Will there not be a need to store Service objects any more in the resource map post 413? Could we try fetching the Services from the controller cache right now itself? doesn't seem to depend on 413. Maybe I'm missing something. We'll have to pass on the client to the gatewayapi/translator for fetching these objects.

I'm looking at

gateway/internal/gatewayapi/translator.go

Line 66 in 0be1aef

func (r *Resources) GetService(namespace, name string) *v1.Service {

The GetNamespace, GetService, and GetSecret functions here, that try fetching it from the Resources struct, instead we could read it from the controller cache perhaps? We can add a similar GetReferenceGrant too.

I was referring to the fact that we won't need to handle delete logic anymore with #413 .

• Any changes to gatewayclasses, gateways, httproutes, services .... will trigger a reconcile
• the function would build all the resource state from scratch starting from the accepted GatewayClass

type resource struct {
GatewayClass string
Gateways []*v1b1.Gateway
HTTPRoutes []*v1b1.HTTPRoute
....

and update the watchable map with the same key, so we dont need to deal with deletes in the provider anymore

• if we want to add watches for specific services, namespaces etc. we might need to handle delete logic there

[arkodg]

🚀

[LukeShu]

There are some things I think should be changed, but if we want to get this in to 0.2.0, I'm OK merging as-is and cleaning it up later.

[LukeShu]

Can we use typed structs, instead of having to wrangle strings?

type routeIdentifier struct {
    Kind      string
    Namespace string
    Name      string
}

routeToServicesMappings map[routeIdentifier]Set[types.NamespacedName]

(it's easy enough to write a type-parametarized Set[T] (example) but if we don't want to do that, map[types.NamespacedName]struct{} would do in a pinch)

[LukeShu]

Calling this a "cache" is misleading. It isn't really a cache, it's a reference-counting machine.

[LukeShu]

This is O(n), and that makes me uneasy. Would it make sense to have the primary key be the service, rather than the route?

[chauhanshubham]

It will probably get uglier if we use the reverse mapping with the service as P.K.
As we need to query this primarily - Find all services for a Route r1 which was deleted, while reconciling the deleted Route r1. With service as the P.K. we'll have to traverse all the Services (and find a route match) which will be more than the number of TLS/HTTP Routes. (Note that with route as the P.K we are filtering based on kind too)

I started off by adding multiple mappings like route-to-services and service-to-routes, but seemed like we're optimizing at the cost of double the memory, so stuck with the route-to-services mapping only.

[arkodg]

hey @chauhanshubham can you rm the docs/user/tls-passthrough.md changes from this PR :)

[LukeShu]

Thanks!