feat: add cache for resolution of target group ARN by name

Author: pascal-hofmann

pkg/ingress/model_build_actions.go

@@ -4,12 +4,9 @@ import (
 	"context"
 	"fmt"
 	awssdk "github.com/aws/aws-sdk-go-v2/aws"
-	elbv2sdk "github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2"
-	elbv2types "github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2/types"
 	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
-	"sigs.k8s.io/aws-load-balancer-controller/pkg/aws/services"
 	"sigs.k8s.io/aws-load-balancer-controller/pkg/model/core"
 	elbv2model "sigs.k8s.io/aws-load-balancer-controller/pkg/model/elbv2"
 	"strings"
@@ -109,11 +106,11 @@ func (t *defaultModelBuildTask) buildForwardAction(ctx context.Context, ing Clas
 		if tgt.TargetGroupARN != nil {
 			tgARN = core.LiteralStringToken(*tgt.TargetGroupARN)
 		} else if tgt.TargetGroupName != nil {
-			tgObj, err := getTargetGroupsByNameFromAWS(ctx, t.elbv2Client, tgt)
+			targetGroupARN, err := t.targetGroupNameToArnMapper.getArnByName(ctx, *tgt.TargetGroupName)
 			if err != nil {
 				return elbv2model.Action{}, fmt.Errorf("searching TargetGroup with name %s: %w", *tgt.TargetGroupName, err)
 			}
-			tgARN = core.LiteralStringToken(*tgObj.TargetGroupArn)
+			tgARN = core.LiteralStringToken(targetGroupARN)
 		} else {
 			svcKey := types.NamespacedName{
 				Namespace: ing.Ing.Namespace,
@@ -235,19 +232,3 @@ func (t *defaultModelBuildTask) buildSSLRedirectAction(_ context.Context, sslRed
 		},
 	}
 }
-
-// getTargetGroupsByNameFromAWS returns the AWS target group corresponding to the name
-func getTargetGroupsByNameFromAWS(ctx context.Context, elbv2Client services.ELBV2, tgt TargetGroupTuple) (*elbv2types.TargetGroup, error) {
-	req := &elbv2sdk.DescribeTargetGroupsInput{
-		Names: []string{*tgt.TargetGroupName},
-	}
-
-	tgList, err := elbv2Client.DescribeTargetGroupsAsList(ctx, req)
-	if err != nil {
-		return nil, err
-	}
-	if len(tgList) != 1 {
-		return nil, errors.Errorf("expecting a single targetGroup with query [%s] but got %v", *tgt.TargetGroupName, len(tgList))
-	}
-	return &tgList[0], nil
-}

pkg/ingress/model_build_actions_test.go

@@ -355,42 +355,72 @@ func Test_defaultModelBuildTask_buildForwardActionWithTargetGroupName(t *testing
 		ingress                         ClassifiedIngress
 		forwardActionConfig             ForwardActionConfig
 		describeTargetGroupsAsListCalls []describeTargetGroupsAsListCall
+		cache                           map[string]string
 	}
 	tests := []struct {
-		name    string
-		args    args
-		want    elbv2model.Action
-		wantErr error
+		name      string
+		args      args
+		want      elbv2model.Action
+		wantErr   error
+		wantCache map[string]string
 	}{
 		{
 			name: "Forward to target group identified by name",
 			args: args{
 				forwardActionConfig: ForwardActionConfig{
-					TargetGroups: []TargetGroupTuple{{TargetGroupName: awssdk.String("tg-name")}},
+					TargetGroups: []TargetGroupTuple{{TargetGroupName: awssdk.String("tg-name1")}},
 				},
 
 				describeTargetGroupsAsListCalls: []describeTargetGroupsAsListCall{
 					{
 						req: &elbv2sdk.DescribeTargetGroupsInput{
-							Names: []string{"tg-name"},
+							Names: []string{"tg-name1"},
 						},
 						resp: []elbv2types.TargetGroup{
 							{
-								TargetGroupArn: awssdk.String("tg-arn"),
+								TargetGroupArn: awssdk.String("tg-arn1"),
 								TargetType:     elbv2types.TargetTypeEnum("instance"),
 							},
 						},
 					},
 				},
+				cache: map[string]string{},
 			},
 			want: elbv2model.Action{
 				Type: elbv2model.ActionTypeForward,
 				ForwardConfig: &elbv2model.ForwardActionConfig{
 					TargetGroups: []elbv2model.TargetGroupTuple{{
-						TargetGroupARN: core.LiteralStringToken("tg-arn"),
+						TargetGroupARN: core.LiteralStringToken("tg-arn1"),
 					}},
 				},
 			},
+			wantCache: map[string]string{
+				"tg-name1": "tg-arn1",
+			},
+		},
+		{
+			name: "Forward to target group identified by name is cached",
+			args: args{
+				forwardActionConfig: ForwardActionConfig{
+					TargetGroups: []TargetGroupTuple{{TargetGroupName: awssdk.String("tg-name2")}},
+				},
+
+				describeTargetGroupsAsListCalls: []describeTargetGroupsAsListCall{},
+				cache: map[string]string{
+					"tg-name2": "tg-arn2",
+				},
+			},
+			want: elbv2model.Action{
+				Type: elbv2model.ActionTypeForward,
+				ForwardConfig: &elbv2model.ForwardActionConfig{
+					TargetGroups: []elbv2model.TargetGroupTuple{{
+						TargetGroupARN: core.LiteralStringToken("tg-arn2"),
+					}},
+				},
+			},
+			wantCache: map[string]string{
+				"tg-name2": "tg-arn2",
+			},
 		},
 	}
 
@@ -404,14 +434,27 @@ func Test_defaultModelBuildTask_buildForwardActionWithTargetGroupName(t *testing
 				elbv2Client.EXPECT().DescribeTargetGroupsAsList(gomock.Any(), call.req).Return(call.resp, call.err)
 			}
 			task := &defaultModelBuildTask{
-				elbv2Client: elbv2Client,
+				elbv2Client:                elbv2Client,
+				targetGroupNameToArnMapper: newTargetGroupNameToArnMapper(elbv2Client, defaultTargetGroupNameToARNCacheTTL),
+			}
+
+			for targetGroupName, cachedArn := range tt.args.cache {
+				task.targetGroupNameToArnMapper.cache.Set(targetGroupName, cachedArn, defaultTargetGroupNameToARNCacheTTL)
 			}
+
 			got, err := task.buildForwardAction(context.Background(), tt.args.ingress, Action{
 				Type:          ActionTypeForward,
 				ForwardConfig: &tt.args.forwardActionConfig,
 			})
 			assert.Equal(t, tt.want, got)
 			assert.Equal(t, tt.wantErr, err)
+			assert.Equal(t, len(tt.wantCache), task.targetGroupNameToArnMapper.cache.Len())
+			for targetGroupName, expectedArn := range tt.wantCache {
+				rawCacheItem, exists := task.targetGroupNameToArnMapper.cache.Get(targetGroupName)
+				assert.True(t, exists)
+				cachedArn := rawCacheItem.(string)
+				assert.Equal(t, expectedArn, cachedArn)
+			}
 		})
 	}
 }

pkg/ingress/model_builder.go

@@ -2,8 +2,12 @@ package ingress
 
 import (
 	"context"
+	elbv2sdk "github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2"
+	"k8s.io/apimachinery/pkg/util/cache"
 	"reflect"
 	"strconv"
+	"sync"
+	"time"
 
 	"sigs.k8s.io/aws-load-balancer-controller/pkg/shared_constants"
 
@@ -33,7 +37,8 @@ import (
 )
 
 const (
-	controllerName = "ingress"
+	controllerName                      = "ingress"
+	defaultTargetGroupNameToARNCacheTTL = 20 * time.Minute
 )
 
 // ModelBuilder is responsible for build mode stack for a IngressGroup.
@@ -80,6 +85,7 @@ func NewDefaultModelBuilder(k8sClient client.Client, eventRecorder record.EventR
 		enableManageBackendSGRules: defaultEnableManageBackendSGRules,
 		disableRestrictedSGRules:   disableRestrictedSGRules,
 		enableIPTargetType:         enableIPTargetType,
+		targetGroupNameToArnMapper: newTargetGroupNameToArnMapper(elbv2Client, defaultTargetGroupNameToARNCacheTTL),
 		logger:                     logger,
 		metricsCollector:           metricsCollector,
 	}
@@ -117,6 +123,7 @@ type defaultModelBuilder struct {
 	enableManageBackendSGRules bool
 	disableRestrictedSGRules   bool
 	enableIPTargetType         bool
+	targetGroupNameToArnMapper *targetGroupNameToArnMapper
 
 	logger           logr.Logger
 	metricsCollector lbcmetrics.MetricCollector
@@ -173,10 +180,11 @@ func (b *defaultModelBuilder) Build(ctx context.Context, ingGroup Group, metrics
 		defaultHealthCheckMatcherHTTPCode:         "200",
 		defaultHealthCheckMatcherGRPCCode:         "12",
 
-		loadBalancer:    nil,
-		frontendNlb:     nil,
-		tgByResID:       make(map[string]*elbv2model.TargetGroup),
-		backendServices: make(map[types.NamespacedName]*corev1.Service),
+		loadBalancer:               nil,
+		frontendNlb:                nil,
+		tgByResID:                  make(map[string]*elbv2model.TargetGroup),
+		backendServices:            make(map[types.NamespacedName]*corev1.Service),
+		targetGroupNameToArnMapper: b.targetGroupNameToArnMapper,
 	}
 	if err := task.run(ctx); err != nil {
 		return nil, nil, nil, false, nil, nil, err
@@ -238,6 +246,7 @@ type defaultModelBuildTask struct {
 	secretKeys                         []types.NamespacedName
 	frontendNlb                        *elbv2model.LoadBalancer
 	frontendNlbTargetGroupDesiredState *core.FrontendNlbTargetGroupDesiredState
+	targetGroupNameToArnMapper         *targetGroupNameToArnMapper
 
 	metricsCollector lbcmetrics.MetricCollector
 }
@@ -521,3 +530,42 @@ type listenPortConfigWithIngress struct {
 	ingKey           types.NamespacedName
 	listenPortConfig listenPortConfig
 }
+
+type targetGroupNameToArnMapper struct {
+	elbv2Client services.ELBV2
+	cache       *cache.Expiring
+	cacheTTL    time.Duration
+	cacheMutex  sync.RWMutex
+}
+
+func newTargetGroupNameToArnMapper(elbv2Client services.ELBV2, ttl time.Duration) *targetGroupNameToArnMapper {
+	return &targetGroupNameToArnMapper{
+		elbv2Client: elbv2Client,
+		cache:       cache.NewExpiring(),
+		cacheTTL:    ttl,
+	}
+}
+
+// getArnByName returns the ARN of an AWS target group identified by its name
+func (t *targetGroupNameToArnMapper) getArnByName(ctx context.Context, targetGroupName string) (string, error) {
+	t.cacheMutex.Lock()
+	defer t.cacheMutex.Unlock()
+
+	if rawCacheItem, exists := t.cache.Get(targetGroupName); exists {
+		return rawCacheItem.(string), nil
+	}
+	req := &elbv2sdk.DescribeTargetGroupsInput{
+		Names: []string{targetGroupName},
+	}
+
+	targetGroups, err := t.elbv2Client.DescribeTargetGroupsAsList(ctx, req)
+	if err != nil {
+		return "", err
+	}
+	if len(targetGroups) != 1 {
+		return "", errors.Errorf("expecting a single targetGroup with query [%s] but got %v", targetGroupName, len(targetGroups))
+	}
+	arn := *targetGroups[0].TargetGroupArn
+	t.cache.Set(targetGroupName, arn, t.cacheTTL)
+	return arn, nil
+}