Improved listener/rule reconciliation but still need to address the usage of the default rule's target group for the listeners default action. it should be using the default backend service

Author: bigkraig

pkg/alb/lb/loadbalancer.go

@@ -176,15 +176,6 @@ type NewCurrentLoadBalancerOptions struct {
 
 // NewCurrentLoadBalancer returns a new loadbalancer.LoadBalancer based on an elbv2.LoadBalancer.
 func NewCurrentLoadBalancer(o *NewCurrentLoadBalancerOptions) (newLoadBalancer *LoadBalancer, err error) {
-	lbTags := o.ResourceTags.LoadBalancers[*o.LoadBalancer.LoadBalancerArn]
-
-	namespace, ingressName, err := tagsFromLB(lbTags)
-	if err != nil {
-		return nil, fmt.Errorf("The LoadBalancer %s does not have the proper tags, can't import: %s", *o.LoadBalancer.LoadBalancerName, err.Error())
-	}
-
-	name := createLBName(namespace, ingressName, o.ALBNamePrefix)
-
 	attrs, err := albelbv2.ELBV2svc.DescribeLoadBalancerAttributesFiltered(o.LoadBalancer.LoadBalancerArn)
 	if err != nil {
 		return newLoadBalancer, fmt.Errorf("Failed to retrieve attributes from ELBV2 in AWS. Error: %s", err.Error())
@@ -239,8 +230,8 @@ func NewCurrentLoadBalancer(o *NewCurrentLoadBalancerOptions) (newLoadBalancer *
 	}
 
 	newLoadBalancer = &LoadBalancer{
-		id:         name,
-		tags:       tags{current: lbTags},
+		id:         *o.LoadBalancer.LoadBalancerName,
+		tags:       tags{current: o.ResourceTags.LoadBalancers[*o.LoadBalancer.LoadBalancerArn]},
 		lb:         lb{current: o.LoadBalancer},
 		logger:     o.Logger,
 		attributes: attributes{current: attrs},
@@ -355,6 +346,7 @@ func (l *LoadBalancer) Reconcile(rOpts *ReconcileOptions) []error {
 
 	// Decide: Is this still needed?
 	for _, listener := range l.listeners {
+		// Does not consider TG used for listener default action
 		unusedTGs := listener.GetRules().FindUnusedTGs(l.targetgroups)
 		unusedTGs.StripDesiredState()
 	}

pkg/alb/ls/listener.go

@@ -110,6 +110,20 @@ func NewCurrentListener(o *NewCurrentListenerOptions) (*Listener, error) {
 // results in no action, the creation, the deletion, or the modification of an AWS listener to
 // satisfy the ingress's current state.
 func (l *Listener) Reconcile(rOpts *ReconcileOptions) error {
+	// If there is a desired listener, set some of the ARNs which are not available when we assemble the desired state
+	if l.ls.desired != nil {
+		l.ls.desired.LoadBalancerArn = rOpts.LoadBalancerArn
+
+		// Set the listener default action to the targetgroup from the default rule.
+		// Not good
+		if rOpts != nil {
+			defaultRule := l.rules.DefaultRule()
+			if defaultRule != nil {
+				l.ls.desired.DefaultActions[0].TargetGroupArn = defaultRule.TargetGroupArn(rOpts.TargetGroups)
+			}
+		}
+	}
+
 	switch {
 	case l.ls.desired == nil: // listener should be deleted
 		if l.ls.current == nil {
@@ -156,14 +170,6 @@ func (l *Listener) Reconcile(rOpts *ReconcileOptions) error {
 
 // Adds a Listener to an existing ALB in AWS. This Listener maps the ALB to an existing TargetGroup.
 func (l *Listener) create(rOpts *ReconcileOptions) error {
-	l.ls.desired.LoadBalancerArn = rOpts.LoadBalancerArn
-
-	// Set the listener default action to the targetgroup from the default rule.
-	defaultRule := l.rules.DefaultRule()
-	if defaultRule != nil {
-		l.ls.desired.DefaultActions[0].TargetGroupArn = defaultRule.TargetGroupArn(rOpts.TargetGroups)
-	}
-
 	// Attempt listener creation.
 	desired := l.ls.desired
 	in := &elbv2.CreateListenerInput{
@@ -172,12 +178,7 @@ func (l *Listener) create(rOpts *ReconcileOptions) error {
 		Protocol:        desired.Protocol,
 		Port:            desired.Port,
 		SslPolicy:       desired.SslPolicy,
-		DefaultActions: []*elbv2.Action{
-			{
-				Type:           desired.DefaultActions[0].Type,
-				TargetGroupArn: desired.DefaultActions[0].TargetGroupArn,
-			},
-		},
+		DefaultActions:  desired.DefaultActions,
 	}
 	o, err := albelbv2.ELBV2svc.CreateListener(in)
 	if err != nil {
@@ -191,11 +192,6 @@ func (l *Listener) create(rOpts *ReconcileOptions) error {
 
 // Modifies a listener
 func (l *Listener) modify(rOpts *ReconcileOptions) error {
-	if l.ls.current == nil {
-		// not a modify, a create
-		return l.create(rOpts)
-	}
-
 	desired := l.ls.desired
 	in := &elbv2.ModifyListenerInput{
 		ListenerArn:    l.ls.current.ListenerArn,
@@ -233,14 +229,6 @@ func (l *Listener) needsModification(rOpts *ReconcileOptions) bool {
 	lsc := l.ls.current
 	lsd := l.ls.desired
 
-	// Set the listener default action to the targetgroup from the default rule.
-	if rOpts != nil {
-		defaultRule := l.rules.DefaultRule()
-		if defaultRule != nil {
-			lsd.DefaultActions[0].TargetGroupArn = defaultRule.TargetGroupArn(rOpts.TargetGroups)
-		}
-	}
-
 	switch {
 	case lsc == nil && lsd == nil:
 		return false
@@ -281,3 +269,7 @@ func (l *Listener) stripCurrentState() {
 func (l *Listener) GetRules() rs.Rules {
 	return l.rules
 }
+
+func (l *Listener) DefaultActionArn() *string {
+	return l.ls.current.DefaultActions[0].TargetGroupArn
+}

pkg/alb/rs/rule.go

@@ -85,6 +85,13 @@ func NewCurrentRule(o *NewCurrentRuleOptions) *Rule {
 // results in no action, the creation, the deletion, or the modification of an AWS Rule to
 // satisfy the ingress's current state.
 func (r *Rule) Reconcile(rOpts *ReconcileOptions) error {
+	// If there is a desired rule, set some of the ARNs which are not available when we assemble the desired state
+	if r.rs.desired != nil {
+		for i := range r.rs.desired.Actions {
+			r.rs.desired.Actions[i].TargetGroupArn = r.TargetGroupArn(rOpts.TargetGroups)
+		}
+	}
+
 	switch {
 	case r.rs.desired == nil: // rule should be deleted
 		if r.rs.current == nil {
@@ -102,9 +109,9 @@ func (r *Rule) Reconcile(rOpts *ReconcileOptions) error {
 			log.Prettify(r.rs.current.Priority),
 			log.Prettify(r.rs.current.Conditions))
 
-	case *r.rs.desired.IsDefault: // rule is default (attached to listener), do nothing
-		// r.logger.Debugf("Found desired rule that is a default and is already created with its respective listener. Rule: %s", log.Prettify(r.rs.desired))
-		r.rs.current = r.rs.desired
+	// case *r.rs.desired.IsDefault: // rule is default (attached to listener), do nothing
+	// 	r.logger.Debugf("Found desired rule that is a default and is already created with its respective listener. Rule: %s", log.Prettify(r.rs.desired))
+	// 	r.rs.current = r.rs.desired
 
 	case r.rs.current == nil: // rule doesn't exist and should be created
 		r.logger.Infof("Start Rule creation.")
@@ -121,9 +128,6 @@ func (r *Rule) Reconcile(rOpts *ReconcileOptions) error {
 			return err
 		}
 		rOpts.Eventf(api.EventTypeNormal, "MODIFY", "%s rule modified", *r.rs.current.Priority)
-
-	default:
-		// r.logger.Debugf("No rule modification required.")
 	}
 
 	return nil
@@ -150,8 +154,6 @@ func (r *Rule) create(rOpts *ReconcileOptions) error {
 		Priority:    priority(r.rs.desired.Priority),
 	}
 
-	in.Actions[0].TargetGroupArn = r.TargetGroupArn(rOpts.TargetGroups)
-
 	o, err := albelbv2.ELBV2svc.CreateRule(in)
 	if err != nil {
 		rOpts.Eventf(api.EventTypeWarning, "ERROR", "Error creating %v rule: %s", *in.Priority, err.Error())
@@ -169,7 +171,6 @@ func (r *Rule) modify(rOpts *ReconcileOptions) error {
 		Conditions: r.rs.desired.Conditions,
 		RuleArn:    r.rs.current.RuleArn,
 	}
-	in.Actions[0].TargetGroupArn = r.TargetGroupArn(rOpts.TargetGroups)
 
 	o, err := albelbv2.ELBV2svc.ModifyRule(in)
 	if err != nil {
@@ -217,7 +218,6 @@ func (r *Rule) needsModification() bool {
 	case crs == nil:
 		r.logger.Debugf("Current is nil")
 		return true
-	// TODO: We need to sort these because they're causing false positives
 	case !conditionsEqual(crs.Conditions, drs.Conditions):
 		r.logger.Debugf("Conditions needs to be changed (%v != %v)", log.Prettify(crs.Conditions), log.Prettify(drs.Conditions))
 		return true

pkg/alb/rs/rules.go

@@ -44,6 +44,7 @@ func NewCurrentRules(o *NewCurrentRulesOptions) (Rules, error) {
 
 		rs = append(rs, newRule)
 	}
+
 	return rs, nil
 }
 
@@ -130,23 +131,30 @@ func (r Rules) FindByPriority(priority *string) (int, *Rule) {
 // FindUnusedTGs returns a list of TargetGroups that are no longer referncd by any of
 // the rules passed into this method.
 func (r Rules) FindUnusedTGs(tgs tg.TargetGroups) tg.TargetGroups {
-	unused := tg.TargetGroups{}
+	var unused tg.TargetGroups
 
+TG:
 	for _, t := range tgs {
 		used := false
+
+		arn := t.CurrentARN()
+		if arn == nil {
+			continue
+		}
+
 		for _, rule := range r {
-			if rule.rs.current != nil && rule.rs.current.Actions[0] != nil && rule.rs.current.Actions[0].TargetGroupArn == nil {
-				continue
-			}
-			arn := t.CurrentARN()
-			if arn == nil {
-				continue
+			if rule.rs.current == nil {
+				continue TG
 			}
-			if rule.rs.current != nil && rule.rs.current.Actions[0] != nil && *rule.rs.current.Actions[0].TargetGroupArn == *arn {
-				used = true
-				break
+
+			for _, action := range rule.rs.current.Actions {
+				if *action.TargetGroupArn == *arn {
+					used = true
+					continue TG
+				}
 			}
 		}
+
 		if !used {
 			unused = append(unused, t)
 		}

pkg/alb/tg/targetgroup.go

@@ -36,9 +36,14 @@ type NewDesiredTargetGroupOptions struct {
 func NewDesiredTargetGroup(o *NewDesiredTargetGroupOptions) *TargetGroup {
 	hasher := md5.New()
 	hasher.Write([]byte(o.LoadBalancerID))
-	output := hex.EncodeToString(hasher.Sum(nil))
 
-	id := fmt.Sprintf("%.12s-%.5d-%.5s-%.7s", o.ALBNamePrefix, o.Port, *o.Annotations.BackendProtocol, output)
+	targetType := aws.String("instance")
+	if *o.Annotations.RoutingTarget == "pod" {
+		targetType = aws.String("ip")
+		hasher.Write([]byte(*targetType))
+	}
+
+	id := fmt.Sprintf("%.12s-%.5d-%.5s-%.7s", o.ALBNamePrefix, o.Port, *o.Annotations.BackendProtocol, hex.EncodeToString(hasher.Sum(nil)))
 
 	// TODO: Quick fix as we can't have the loadbalancer and target groups share pointers to the same
 	// tags. Each modify tags individually and can cause bad side-effects.
@@ -73,6 +78,7 @@ func NewDesiredTargetGroup(o *NewDesiredTargetGroupOptions) *TargetGroup {
 				Port:                    aws.Int64(o.Port),
 				Protocol:                o.Annotations.BackendProtocol,
 				TargetGroupName:         aws.String(id),
+				TargetType:              targetType,
 				UnhealthyThresholdCount: o.Annotations.UnhealthyThresholdCount,
 				// VpcId:
 			},
@@ -109,12 +115,6 @@ type NewCurrentTargetGroupOptions struct {
 
 // NewCurrentTargetGroup returns a new targetgroup.TargetGroup from an elbv2.TargetGroup.
 func NewCurrentTargetGroup(o *NewCurrentTargetGroupOptions) (*TargetGroup, error) {
-	hasher := md5.New()
-	hasher.Write([]byte(o.LoadBalancerID))
-	output := hex.EncodeToString(hasher.Sum(nil))
-
-	id := fmt.Sprintf("%.12s-%.5d-%.5s-%.7s", o.ALBNamePrefix, *o.TargetGroup.Port, *o.TargetGroup.Protocol, output)
-
 	tgTags := o.ResourceTags.TargetGroups[*o.TargetGroup.TargetGroupArn]
 
 	svcName, err := tagsFromTG(tgTags)
@@ -128,7 +128,7 @@ func NewCurrentTargetGroup(o *NewCurrentTargetGroupOptions) (*TargetGroup, error
 	}
 
 	return &TargetGroup{
-		ID:         id,
+		ID:         *o.TargetGroup.TargetGroupName,
 		SvcName:    svcName,
 		logger:     o.Logger,
 		attributes: attributes{current: attrs},
@@ -146,12 +146,16 @@ func (t *TargetGroup) Reconcile(rOpts *ReconcileOptions) error {
 	// However, target groups aren't deleted until after rules are created
 	// Ensuring we know what target groups are truly no longer in use.
 	case t.tg.desired == nil && !rOpts.IgnoreDeletes:
-		t.logger.Infof("Start TargetGroup deletion.")
+		t.logger.Infof("Start TargetGroup deletion. ARN: %s | Name: %s.",
+			*t.tg.current.TargetGroupArn,
+			*t.tg.current.TargetGroupName)
 		if err := t.delete(rOpts); err != nil {
 			return err
 		}
 		rOpts.Eventf(api.EventTypeNormal, "DELETE", "%v target group deleted", t.ID)
-		t.logger.Infof("Completed TargetGroup deletion.")
+		t.logger.Infof("Completed TargetGroup deletion. ARN: %s | Name: %s.",
+			*t.tg.current.TargetGroupArn,
+			*t.tg.current.TargetGroupName)
 
 		// No CurrentState means target group doesn't exist in AWS and should be created.
 	case t.tg.current == nil:
@@ -169,7 +173,7 @@ func (t *TargetGroup) Reconcile(rOpts *ReconcileOptions) error {
 			if err := t.modify(mods, rOpts); err != nil {
 				return err
 			}
-			rOpts.Eventf(api.EventTypeNormal, "CREATE", "%s target group modified", t.ID)
+			rOpts.Eventf(api.EventTypeNormal, "MODIFY", "%s target group modified", t.ID)
 		}
 	}
 
@@ -191,7 +195,8 @@ func (t *TargetGroup) create(rOpts *ReconcileOptions) error {
 		Port:                       desired.Port,
 		Protocol:                   desired.Protocol,
 		Name:                       desired.TargetGroupName,
-		UnhealthyThresholdCount: desired.UnhealthyThresholdCount,
+		TargetType:                 desired.TargetType,
+		UnhealthyThresholdCount:    desired.UnhealthyThresholdCount,
 		VpcId: rOpts.VpcID,
 	}
 
@@ -329,6 +334,11 @@ func (t *TargetGroup) needsModification() tgChange {
 		return changes
 	}
 
+	if dtg == nil {
+		// t.logger.Debugf("Desired Target Group is undefined")
+		return changes
+	}
+
 	if !util.DeepEqual(ctg.HealthCheckIntervalSeconds, dtg.HealthCheckIntervalSeconds) {
 		t.logger.Debugf("HealthCheckIntervalSeconds needs to be changed (%v != %v)", log.Prettify(ctg.HealthCheckIntervalSeconds), log.Prettify(dtg.HealthCheckIntervalSeconds))
 		changes |= paramsModified
@@ -446,3 +456,17 @@ func (t *TargetGroup) CurrentARN() *string {
 func (t *TargetGroup) CurrentTargets() albelbv2.TargetDescriptions {
 	return t.targets.current
 }
+
+func (t *TargetGroup) StripDesiredState() {
+	t.tags.desired = nil
+	t.tg.desired = nil
+	t.targets.desired = nil
+	t.attributes.desired = nil
+}
+
+func (t *TargetGroup) copyDesiredState(s *TargetGroup) {
+	t.tags.desired = s.tags.desired
+	t.attributes.desired = s.attributes.desired
+	t.targets.desired = s.targets.desired
+	t.tg.desired = s.tg.desired
+}