From 94dbee21247de9117d9c1b204a3e4bead57f7cf7 Mon Sep 17 00:00:00 2001
From: Bryan Boreham <bjboreham@gmail.com>
Date: Mon, 19 Nov 2018 14:54:20 +0000
Subject: [PATCH] Move "hideous hack" for Kubernetes service network from probe
 to app

This avoids side-effects from reporting Kubernetes from a
cluster-level probe, and removes a lie from the probe data.

Rather than do the work every time the probe sends a report, we do it
every time the app renders endpoints, which should be once per merged
report set.
---
 probe/kubernetes/reporter.go | 34 ----------------------------------
 render/theinternet.go        | 27 +++++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 34 deletions(-)

diff --git a/probe/kubernetes/reporter.go b/probe/kubernetes/reporter.go
index 1842a6a334..2be582e085 100644
--- a/probe/kubernetes/reporter.go
+++ b/probe/kubernetes/reporter.go
@@ -2,7 +2,6 @@ package kubernetes
 
 import (
 	"fmt"
-	"net"
 	"strings"
 
 	"k8s.io/apimachinery/pkg/labels"
@@ -12,7 +11,6 @@ import (
 	"github.com/weaveworks/scope/probe"
 	"github.com/weaveworks/scope/probe/controls"
 	"github.com/weaveworks/scope/probe/docker"
-	"github.com/weaveworks/scope/probe/host"
 	"github.com/weaveworks/scope/report"
 )
 
@@ -292,7 +290,6 @@ func (r *Reporter) Report() (report.Report, error) {
 	if err != nil {
 		return result, err
 	}
-	hostTopology := r.hostTopology(services)
 	daemonSetTopology, daemonSets, err := r.daemonSetTopology()
 	if err != nil {
 		return result, err
@@ -339,7 +336,6 @@ func (r *Reporter) Report() (report.Report, error) {
 	}
 	result.Pod = result.Pod.Merge(podTopology)
 	result.Service = result.Service.Merge(serviceTopology)
-	result.Host = result.Host.Merge(hostTopology)
 	result.DaemonSet = result.DaemonSet.Merge(daemonSetTopology)
 	result.StatefulSet = result.StatefulSet.Merge(statefulSetTopology)
 	result.CronJob = result.CronJob.Merge(cronJobTopology)
@@ -369,36 +365,6 @@ func (r *Reporter) serviceTopology() (report.Topology, []Service, error) {
 	return result, services, err
 }
 
-// FIXME: Hideous hack to remove persistent-connection edges to
-// virtual service IPs attributed to the internet. The global
-// service-cluster-ip-range is not exposed by the API server (see
-// https://github.com/kubernetes/kubernetes/issues/25533), so instead
-// we synthesise it by computing the smallest network that contains
-// all service IPs. That network may be smaller than the actual range
-// but that is ok, since in the end all we care about is that it
-// contains all the service IPs.
-//
-// The right way of fixing this is performing DNAT mapping on
-// persistent connections for which we don't have a robust solution
-// (see https://github.com/weaveworks/scope/issues/1491).
-func (r *Reporter) hostTopology(services []Service) report.Topology {
-	serviceIPs := make([]net.IP, 0, len(services))
-	for _, service := range services {
-		if ip := net.ParseIP(service.ClusterIP()).To4(); ip != nil {
-			serviceIPs = append(serviceIPs, ip)
-		}
-	}
-	serviceNetwork := report.ContainingIPv4Network(serviceIPs)
-	if serviceNetwork == nil {
-		return report.MakeTopology()
-	}
-	t := report.MakeTopology()
-	t.AddNode(
-		report.MakeNode(report.MakeHostNodeID(r.hostID)).
-			WithSets(report.MakeSets().AddString(host.LocalNetworks, serviceNetwork.String())))
-	return t
-}
-
 func (r *Reporter) deploymentTopology() (report.Topology, []Deployment, error) {
 	var (
 		result = report.MakeTopology().
diff --git a/render/theinternet.go b/render/theinternet.go
index 1c37b4466d..d0bc5e4f83 100644
--- a/render/theinternet.go
+++ b/render/theinternet.go
@@ -1,6 +1,7 @@
 package render
 
 import (
+	"net"
 	"regexp"
 	"strings"
 
@@ -82,5 +83,31 @@ func LocalNetworks(r report.Report) report.Networks {
 			}
 		}
 	}
+	if extra := kubeServiceNetwork(r.Service); extra != nil {
+		networks.Add(extra)
+	}
 	return networks
 }
+
+// FIXME: Hideous hack to remove persistent-connection edges to
+// virtual service IPs attributed to the internet. The global
+// service-cluster-ip-range is not exposed by the API server (see
+// https://github.com/kubernetes/kubernetes/issues/25533), so instead
+// we synthesise it by computing the smallest network that contains
+// all service IPs. That network may be smaller than the actual range
+// but that is ok, since in the end all we care about is that it
+// contains all the service IPs.
+//
+// The right way of fixing this is performing DNAT mapping on
+// persistent connections for which we don't have a robust solution
+// (see https://github.com/weaveworks/scope/issues/1491).
+func kubeServiceNetwork(services report.Topology) *net.IPNet {
+	serviceIPs := make([]net.IP, 0, len(services.Nodes))
+	for _, md := range services.Nodes {
+		serviceIP, _ := md.Latest.Lookup(report.KubernetesIP)
+		if ip := net.ParseIP(serviceIP).To4(); ip != nil {
+			serviceIPs = append(serviceIPs, ip)
+		}
+	}
+	return report.ContainingIPv4Network(serviceIPs)
+}