internal/dag: Only process Gateways that match configuration

cmd/contour/serve.go

@@ -353,8 +353,12 @@ func doServe(log logrus.FieldLogger, ctx *serveContext) error {
 		Observer:        dag.ComposeObservers(append(xdscache.ObserversOf(resources), snapshotHandler)...),
 		Builder: dag.Builder{
 			Source: dag.KubernetesCache{
-				RootNamespaces:       ctx.proxyRootNamespaces(),
-				IngressClass:         ctx.ingressClass,
+				RootNamespaces: ctx.proxyRootNamespaces(),
+				IngressClass:   ctx.ingressClass,
+				Gateway: types.NamespacedName{
+					Name:      ctx.Config.GatewayConfig.Name,
+					Namespace: ctx.Config.GatewayConfig.Namespace,
+				},
 				ConfiguredSecretRefs: configuredSecretRefs,
 				FieldLogger:          log.WithField("context", "KubernetesCache"),
 			},

internal/dag/builder_test.go

@@ -394,6 +394,10 @@ func TestDAGInsertGatewayAPI(t *testing.T) {
 
 			builder := Builder{
 				Source: KubernetesCache{
+					Gateway: types.NamespacedName{
+						Name:      "contour",
+						Namespace: "projectcontour",
+					},
 					FieldLogger: fixture.NewTestLogger(t),
 				},
 				Processors: []Processor{

internal/dag/cache.go

@@ -45,6 +45,9 @@ type KubernetesCache struct {
 	// If not set, defaults to DEFAULT_INGRESS_CLASS.
 	IngressClass string
 
+	// Gateway defines the current Gateway which Contour is configured to watch.
+	Gateway types.NamespacedName
+
 	// Secrets that are referred from the configuration file.
 	ConfiguredSecretRefs []*types.NamespacedName
 
@@ -54,7 +57,7 @@ type KubernetesCache struct {
 	secrets              map[types.NamespacedName]*v1.Secret
 	httpproxydelegations map[types.NamespacedName]*contour_api_v1.TLSCertificateDelegation
 	services             map[types.NamespacedName]*v1.Service
-	gateways             map[types.NamespacedName]*gatewayapi_v1alpha1.Gateway
+	gateway              *gatewayapi_v1alpha1.Gateway
 	httproutes           map[types.NamespacedName]*gatewayapi_v1alpha1.HTTPRoute
 	tlsroutes            map[types.NamespacedName]*gatewayapi_v1alpha1.TLSRoute
 	backendpolicies      map[types.NamespacedName]*gatewayapi_v1alpha1.BackendPolicy
@@ -73,7 +76,6 @@ func (kc *KubernetesCache) init() {
 	kc.secrets = make(map[types.NamespacedName]*v1.Secret)
 	kc.httpproxydelegations = make(map[types.NamespacedName]*contour_api_v1.TLSCertificateDelegation)
 	kc.services = make(map[types.NamespacedName]*v1.Service)
-	kc.gateways = make(map[types.NamespacedName]*gatewayapi_v1alpha1.Gateway)
 	kc.httproutes = make(map[types.NamespacedName]*gatewayapi_v1alpha1.HTTPRoute)
 	kc.tlsroutes = make(map[types.NamespacedName]*gatewayapi_v1alpha1.TLSRoute)
 	kc.backendpolicies = make(map[types.NamespacedName]*gatewayapi_v1alpha1.BackendPolicy)
@@ -100,6 +102,27 @@ func (kc *KubernetesCache) matchesIngressClass(obj metav1.Object) bool {
 
 }
 
+// matchesGateway returns true if the given Kubernetes object
+// belongs to the Gateway that this cache is using.
+func (kc *KubernetesCache) matchesGateway(obj metav1.Object) bool {
+
+	fmt.Println("--- obj: ", k8s.NamespacedNameOf(obj))
+	fmt.Println("--- gateway: ", kc.Gateway)
+
+	if k8s.NamespacedNameOf(obj) != kc.Gateway {
+		kind := k8s.KindOf(obj)
+
+		kc.WithField("name", obj.GetName()).
+			WithField("namespace", obj.GetNamespace()).
+			WithField("kind", kind).
+			WithField("configured gateway name", kc.Gateway.Name).
+			WithField("configured gateway namespace", kc.Gateway.Namespace).
+			Debug("ignoring object with unmatched gateway")
+		return false
+	}
+	return true
+}
+
 // Insert inserts obj into the KubernetesCache.
 // Insert returns true if the cache accepted the object, or false if the value
 // is not interesting to the cache. If an object with a matching type, name,
@@ -171,16 +194,13 @@ func (kc *KubernetesCache) Insert(obj interface{}) bool {
 		kc.httpproxydelegations[k8s.NamespacedNameOf(obj)] = obj
 		return true
 	case *gatewayapi_v1alpha1.Gateway:
-		m := k8s.NamespacedNameOf(obj)
-		// TODO(youngnick): Remove this once gateway-api actually have behavior
-		// other than being added to the cache.
-		kc.WithField("experimental", "gateway-api").WithField("name", m.Name).WithField("namespace", m.Namespace).Debug("Adding Gateway")
-		kc.gateways[k8s.NamespacedNameOf(obj)] = obj
-		return true
+		if kc.matchesGateway(obj) {
+			kc.WithField("experimental", "gateway-api").WithField("name", obj.Name).WithField("namespace", obj.Namespace).Debug("Adding Gateway")
+			kc.gateway = obj
+			return true
+		}
 	case *gatewayapi_v1alpha1.HTTPRoute:
 		m := k8s.NamespacedNameOf(obj)
-		// TODO(youngnick): Remove this once gateway-api actually have behavior
-		// other than being added to the cache.
 		kc.WithField("experimental", "gateway-api").WithField("name", m.Name).WithField("namespace", m.Namespace).Debug("Adding HTTPRoute")
 		kc.httproutes[k8s.NamespacedNameOf(obj)] = obj
 		return true
@@ -354,18 +374,15 @@ func (kc *KubernetesCache) remove(obj interface{}) bool {
 		delete(kc.httpproxydelegations, m)
 		return ok
 	case *gatewayapi_v1alpha1.Gateway:
-		m := k8s.NamespacedNameOf(obj)
-		_, ok := kc.gateways[m]
-		// TODO(youngnick): Remove this once gateway-api actually have behavior
-		// other than being removed from the cache.
-		kc.WithField("experimental", "gateway-api").WithField("name", m.Name).WithField("namespace", m.Namespace).Debug("Removing Gateway")
-		delete(kc.gateways, m)
-		return ok
+		if obj.Name == kc.gateway.Name && obj.Namespace == kc.gateway.Namespace {
+			kc.WithField("experimental", "gateway-api").WithField("name", obj.Name).WithField("namespace", obj.Namespace).Debug("Removing Gateway")
+			kc.gateway = nil
+			return true
+		}
+		return false
 	case *gatewayapi_v1alpha1.HTTPRoute:
 		m := k8s.NamespacedNameOf(obj)
 		_, ok := kc.httproutes[m]
-		// TODO(youngnick): Remove this once gateway-api actually have behavior
-		// other than being removed from the cache.
 		kc.WithField("experimental", "gateway-api").WithField("name", m.Name).WithField("namespace", m.Namespace).Debug("Removing HTTPRoute")
 		delete(kc.httproutes, m)
 		return ok

internal/dag/cache_test.go

@@ -650,12 +650,21 @@ func TestKubernetesCacheInsert(t *testing.T) {
 		"insert gateway-api Gateway": {
 			obj: &gatewayapi_v1alpha1.Gateway{
 				ObjectMeta: metav1.ObjectMeta{
-					Name:      "gateway",
-					Namespace: "default",
+					Name:      "contour",
+					Namespace: "projectcontour",
 				},
 			},
 			want: true,
 		},
+		"insert invalid gateway-api Gateway": {
+			obj: &gatewayapi_v1alpha1.Gateway{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "another",
+					Namespace: "controller",
+				},
+			},
+			want: false,
+		},
 		"insert gateway-api HTTPRoute": {
 			obj: &gatewayapi_v1alpha1.HTTPRoute{
 				ObjectMeta: metav1.ObjectMeta{
@@ -708,6 +717,10 @@ func TestKubernetesCacheInsert(t *testing.T) {
 				ConfiguredSecretRefs: []*types.NamespacedName{
 					{Name: "secretReferredByConfigFile", Namespace: "default"}},
 				FieldLogger: fixture.NewTestLogger(t),
+				Gateway: types.NamespacedName{
+					Name:      "contour",
+					Namespace: "projectcontour",
+				},
 			}
 			for _, p := range tc.pre {
 				cache.Insert(p)
@@ -722,6 +735,10 @@ func TestKubernetesCacheRemove(t *testing.T) {
 	cache := func(objs ...interface{}) *KubernetesCache {
 		cache := KubernetesCache{
 			FieldLogger: fixture.NewTestLogger(t),
+			Gateway: types.NamespacedName{
+				Name:      "contour",
+				Namespace: "projectcontour",
+			},
 		}
 		for _, o := range objs {
 			cache.Insert(o)
@@ -860,14 +877,14 @@ func TestKubernetesCacheRemove(t *testing.T) {
 		"remove gateway-api Gateway": {
 			cache: cache(&gatewayapi_v1alpha1.Gateway{
 				ObjectMeta: metav1.ObjectMeta{
-					Name:      "gateway",
-					Namespace: "default",
+					Name:      "contour",
+					Namespace: "projectcontour",
 				},
 			}),
 			obj: &gatewayapi_v1alpha1.Gateway{
 				ObjectMeta: metav1.ObjectMeta{
-					Name:      "gateway",
-					Namespace: "default",
+					Name:      "contour",
+					Namespace: "projectcontour",
 				},
 			},
 			want: true,