Fix issues with NetworkInfo reconciler that not delete NSX VPC in time

This change is to fix an issue with the NetworkInfo deletion logic that NSX VPC is not removed if the CR's Namesapce still exists. The fix is to add a wather on Namespace deletion event and ensure the NSX VPC is deleted when the K8s Namespace is deleted.
vmware-tanzu · Dec 6, 2024 · 67536db · 67536db
1 parent 21d1300
commit 67536db
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 4 deletions.
diff --git a/pkg/controllers/networkinfo/networkinfo_controller.go b/pkg/controllers/networkinfo/networkinfo_controller.go
@@ -357,6 +357,10 @@ func (r *NetworkInfoReconciler) setupWithManager(mgr ctrl.Manager) error {
 				ipBlocksInfoService: r.IPBlocksInfoService,
 			},
 			builder.WithPredicates(VPCNetworkConfigurationPredicate)).
+		Watches(
+			&corev1.Namespace{},
+			&NamespaceHandler{},
+			builder.WithPredicates(NamespacePredicate)).
 		Complete(r)
 }
 
@@ -373,7 +377,7 @@ func (r *NetworkInfoReconciler) Start(mgr ctrl.Manager) error {
 	return nil
 }
 
-func (r *NetworkInfoReconciler) listNamespaceCRsNameIDSet(ctx context.Context) (sets.Set[string], sets.Set[string], error) {
+func (r *NetworkInfoReconciler) listNamespaceCRsNameIDSet(ctx context.Context, filterDeleted bool) (sets.Set[string], sets.Set[string], error) {
 	// read all Namespaces from K8s
 	namespaces := &corev1.NamespaceList{}
 	err := r.Client.List(ctx, namespaces)
@@ -383,6 +387,10 @@ func (r *NetworkInfoReconciler) listNamespaceCRsNameIDSet(ctx context.Context) (
 	nsSet := sets.Set[string]{}
 	idSet := sets.Set[string]{}
 	for _, ns := range namespaces.Items {
+		if filterDeleted && len(ns.Finalizers) == 0 {
+			log.Info("Ignore the Namespace which is already marked for delete", "Namespace", ns.Name)
+			continue
+		}
 		nsSet.Insert(ns.Name)
 		idSet.Insert(string(ns.UID))
 	}
@@ -408,7 +416,7 @@ func (r *NetworkInfoReconciler) CollectGarbage(ctx context.Context) {
 		return
 	}
 
-	_, idSet, err := r.listNamespaceCRsNameIDSet(ctx)
+	_, idSet, err := r.listNamespaceCRsNameIDSet(ctx, false)
 	if err != nil {
 		log.Error(err, "Failed to list Kubernetes Namespaces for VPC garbage collection")
 		return
@@ -453,7 +461,7 @@ func (r *NetworkInfoReconciler) fetchStaleVPCsByNamespace(ctx context.Context, n
 }
 
 func (r *NetworkInfoReconciler) deleteVPCsByName(ctx context.Context, ns string) error {
-	_, idSet, err := r.listNamespaceCRsNameIDSet(ctx)
+	_, idSet, err := r.listNamespaceCRsNameIDSet(ctx, true)
 	if err != nil {
 		log.Error(err, "Failed to list Kubernetes Namespaces")
 		return fmt.Errorf("failed to list Kubernetes Namespaces while deleting VPCs: %v", err)

diff --git a/pkg/controllers/networkinfo/vpcnetworkconfig_handler.go b/pkg/controllers/networkinfo/vpcnetworkconfig_handler.go
@@ -8,6 +8,7 @@ import (
 	"strings"
 	"time"
 
+	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/client-go/util/workqueue"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -167,3 +168,39 @@ func nsxProjectPathToId(path string) (string, string, error) {
 	}
 	return parts[2], parts[len(parts)-1], nil
 }
+
+type NamespaceHandler struct{}
+
+func (h *NamespaceHandler) Create(_ context.Context, _ event.CreateEvent, _ workqueue.TypedRateLimitingInterface[reconcile.Request]) {
+}
+func (h *NamespaceHandler) Delete(_ context.Context, e event.DeleteEvent, q workqueue.TypedRateLimitingInterface[reconcile.Request]) {
+	ns := e.Object.(*corev1.Namespace)
+	q.Add(
+		reconcile.Request{
+			NamespacedName: types.NamespacedName{
+				Name:      ns.Name,
+				Namespace: ns.Name,
+			},
+		})
+}
+
+func (h *NamespaceHandler) Update(ctx context.Context, e event.UpdateEvent, q workqueue.TypedRateLimitingInterface[reconcile.Request]) {
+}
+
+func (h *NamespaceHandler) Generic(_ context.Context, _ event.GenericEvent, _ workqueue.TypedRateLimitingInterface[reconcile.Request]) {
+}
+
+var NamespacePredicate = predicate.Funcs{
+	CreateFunc: func(e event.CreateEvent) bool {
+		return false
+	},
+	UpdateFunc: func(e event.UpdateEvent) bool {
+		return false
+	},
+	DeleteFunc: func(e event.DeleteEvent) bool {
+		return true
+	},
+	GenericFunc: func(genericEvent event.GenericEvent) bool {
+		return false
+	},
+}
diff --git a/pkg/nsx/services/vpc/vpc.go b/pkg/nsx/services/vpc/vpc.go
@@ -559,7 +559,7 @@ func (s *VPCService) resolveSharedVPCNamespace(ctx context.Context, ns string) (
 	}
 
 	annos := obj.Annotations
-	// If no annotaion on ns, then this is not a shared VPC ns
+	// If no annotation on ns, then this is not a shared VPC ns
 	if len(annos) == 0 {
 		return obj, nil, nil
 	}