aws
diff --git a/‎controllers/crds/cninode_controller.go‎
Lines changed: 29 additions & 33 deletions b/‎controllers/crds/cninode_controller.go‎
Lines changed: 29 additions & 33 deletions
diff --git a/‎controllers/crds/cninode_controller_test.go‎
Lines changed: 83 additions & 6 deletions b/‎controllers/crds/cninode_controller_test.go‎
Lines changed: 83 additions & 6 deletions
diff --git a/‎main.go‎
Lines changed: 2 additions & 0 deletions b/‎main.go‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎pkg/aws/ec2/api/cleanup/eni_cleanup.go‎
Lines changed: 40 additions & 16 deletions b/‎pkg/aws/ec2/api/cleanup/eni_cleanup.go‎
Lines changed: 40 additions & 16 deletions
@@ -67,14 +67,15 @@ func prometheusRegister() {
 // CNINodeReconciler reconciles a CNINode object
 type CNINodeReconciler struct {
 	client.Client
-	scheme           *runtime.Scheme
-	context          context.Context
-	log              logr.Logger
-	eC2Wrapper       ec2API.EC2Wrapper
-	k8sAPI           k8s.K8sWrapper
-	clusterName      string
-	vpcId            string
-	finalizerManager k8s.FinalizerManager
+	scheme             *runtime.Scheme
+	context            context.Context
+	log                logr.Logger
+	eC2Wrapper         ec2API.EC2Wrapper
+	k8sAPI             k8s.K8sWrapper
+	clusterName        string
+	vpcId              string
+	finalizerManager   k8s.FinalizerManager
+	newResourceCleaner func(nodeID string, eC2Wrapper ec2API.EC2Wrapper, vpcID string) cleanup.ResourceCleaner
 }
 
 func NewCNINodeReconciler(
@@ -87,17 +88,19 @@ func NewCNINodeReconciler(
 	clusterName string,
 	vpcId string,
 	finalizerManager k8s.FinalizerManager,
+	newResourceCleaner func(nodeID string, eC2Wrapper ec2API.EC2Wrapper, vpcID string) cleanup.ResourceCleaner,
 ) *CNINodeReconciler {
 	return &CNINodeReconciler{
-		Client:           client,
-		scheme:           scheme,
-		context:          ctx,
-		log:              logger,
-		eC2Wrapper:       ec2Wrapper,
-		k8sAPI:           k8sWrapper,
-		clusterName:      clusterName,
-		vpcId:            vpcId,
-		finalizerManager: finalizerManager,
+		Client:             client,
+		scheme:             scheme,
+		context:            ctx,
+		log:                logger,
+		eC2Wrapper:         ec2Wrapper,
+		k8sAPI:             k8sWrapper,
+		clusterName:        clusterName,
+		vpcId:              vpcId,
+		finalizerManager:   finalizerManager,
+		newResourceCleaner: newResourceCleaner,
 	}
 }
 
@@ -128,13 +131,13 @@ func (r *CNINodeReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
 		shouldPatch := false
 		cniNodeCopy := cniNode.DeepCopy()
 		// Add cluster name tag if it does not exist
-		val, ok := cniNode.Spec.Tags[config.CNINodeClusterNameKey]
+		val, ok := cniNode.Spec.Tags[config.VPCCNIClusterNameKey]
 		if !ok || val != r.clusterName {
 			if len(cniNodeCopy.Spec.Tags) != 0 {
-				cniNodeCopy.Spec.Tags[config.CNINodeClusterNameKey] = r.clusterName
+				cniNodeCopy.Spec.Tags[config.VPCCNIClusterNameKey] = r.clusterName
 			} else {
 				cniNodeCopy.Spec.Tags = map[string]string{
-					config.CNINodeClusterNameKey: r.clusterName,
+					config.VPCCNIClusterNameKey: r.clusterName,
 				}
 			}
 			shouldPatch = true
@@ -174,19 +177,12 @@ func (r *CNINodeReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
 			// run cleanup for Linux nodes only
 			if val, ok := cniNode.ObjectMeta.Labels[config.NodeLabelOS]; ok && val == config.OSLinux {
 				r.log.Info("running the finalizer routine on cniNode", "cniNode", cniNode.Name)
-				cleaner := &cleanup.NodeTerminationCleaner{
-					NodeID: cniNode.Spec.Tags[config.NetworkInterfaceNodeIDKey],
-				}
-				cleaner.ENICleaner = &cleanup.ENICleaner{
-					EC2Wrapper: r.eC2Wrapper,
-					Manager:    cleaner,
-					VpcId:      r.vpcId,
-					Log:        ctrl.Log.WithName("eniCleaner").WithName("node"),
-				}
-
-				if err := cleaner.DeleteLeakedResources(); err != nil {
-					r.log.Error(err, "failed to cleanup resources during node termination")
-					ec2API.NodeTerminationENICleanupFailure.Inc()
+				// run cleanup when node id is present
+				if nodeID, ok := cniNode.Spec.Tags[config.NetworkInterfaceNodeIDKey]; ok && nodeID != "" {
+					if err := r.newResourceCleaner(nodeID, r.eC2Wrapper, r.vpcId).DeleteLeakedResources(); err != nil {
+						r.log.Error(err, "failed to cleanup resources during node termination")
+						ec2API.NodeTerminationENICleanupFailure.Inc()
+					}
 				}
 			}
 
 
@@ -5,8 +5,11 @@ import (
 	"testing"
 
 	"github.com/aws/amazon-vpc-resource-controller-k8s/apis/vpcresources/v1alpha1"
+	mock_api "github.com/aws/amazon-vpc-resource-controller-k8s/mocks/amazon-vcp-resource-controller-k8s/pkg/aws/ec2/api"
 	mock_cleanup "github.com/aws/amazon-vpc-resource-controller-k8s/mocks/amazon-vcp-resource-controller-k8s/pkg/aws/ec2/api/cleanup"
 	mock_k8s "github.com/aws/amazon-vpc-resource-controller-k8s/mocks/amazon-vcp-resource-controller-k8s/pkg/k8s"
+	ec2API "github.com/aws/amazon-vpc-resource-controller-k8s/pkg/aws/ec2/api"
+	"github.com/aws/amazon-vpc-resource-controller-k8s/pkg/aws/ec2/api/cleanup"
 	"github.com/aws/amazon-vpc-resource-controller-k8s/pkg/config"
 	"github.com/golang/mock/gomock"
 	"github.com/stretchr/testify/assert"
@@ -42,12 +45,12 @@ var (
 	}
 )
 
-func NewCNINodeMock(ctrl *gomock.Controller, mockObjects ...client.Object) CNINodeMock {
+func NewCNINodeMock(ctrl *gomock.Controller, mockObjects ...client.Object) *CNINodeMock {
 	scheme := runtime.NewScheme()
 	_ = corev1.AddToScheme(scheme)
 	_ = v1alpha1.AddToScheme(scheme)
 	client := fakeClient.NewClientBuilder().WithScheme(scheme).WithObjects(mockObjects...).Build()
-	return CNINodeMock{
+	return &CNINodeMock{
 		Reconciler: CNINodeReconciler{
 			Client:      client,
 			scheme:      scheme,
@@ -67,6 +70,8 @@ func TestCNINodeReconcile(t *testing.T) {
 		mockResourceCleaner  *mock_cleanup.MockResourceCleaner
 		mockK8sApi           *mock_k8s.MockK8sWrapper
 		mockFinalizerManager *mock_k8s.MockFinalizerManager
+		mockEC2API           *mock_api.MockEC2APIHelper
+		mockCNINode          *CNINodeMock
 	}
 	tests := []struct {
 		name    string
@@ -89,21 +94,94 @@ func TestCNINodeReconcile(t *testing.T) {
 				assert.NoError(t, err)
 				assert.Equal(t, res, reconcile.Result{})
 				assert.Equal(t, cniNode.Labels, map[string]string{config.NodeLabelOS: "linux"})
-				assert.Equal(t, cniNode.Spec.Tags, map[string]string{config.CNINodeClusterNameKey: mockClusterName})
+				assert.Equal(t, cniNode.Spec.Tags, map[string]string{config.VPCCNIClusterNameKey: mockClusterName})
+			},
+		},
+		{
+			name: "verify cleaner was not called if node id is not present given that node is being finalized",
+			args: args{
+				mockNode: nil,
+				mockCNINode: &v1alpha1.CNINode{
+					ObjectMeta: metav1.ObjectMeta{
+						Name: mockName,
+						Labels: map[string]string{
+							config.NodeLabelOS: config.OSLinux,
+						},
+						Finalizers:        []string{config.NodeTerminationFinalizer},
+						DeletionTimestamp: &metav1.Time{Time: metav1.Now().Time},
+					},
+				},
+			},
+			prepare: func(f *fields) {
+				f.mockCNINode.Reconciler.newResourceCleaner = func(nodeID string, eC2Wrapper ec2API.EC2Wrapper, vpcID string) cleanup.ResourceCleaner {
+					return f.mockResourceCleaner
+				}
+				f.mockResourceCleaner.EXPECT().DeleteLeakedResources().Times(0)
+
+				f.mockFinalizerManager.EXPECT().
+					RemoveFinalizers(gomock.Any(), gomock.Any(), config.NodeTerminationFinalizer).
+					Return(nil)
+			},
+			asserts: func(res reconcile.Result, err error, cniNode *v1alpha1.CNINode) {
+				assert.NoError(t, err)
+				assert.Equal(t, res, reconcile.Result{})
+			},
+		},
+		{
+			name: "verify cleaner was called if node id is not empty when node is being finalized",
+			args: args{
+				mockNode: nil,
+				mockCNINode: &v1alpha1.CNINode{
+					ObjectMeta: metav1.ObjectMeta{
+						Name: mockName,
+						Labels: map[string]string{
+							config.NodeLabelOS: config.OSLinux,
+						},
+						Finalizers:        []string{config.NodeTerminationFinalizer},
+						DeletionTimestamp: &metav1.Time{Time: metav1.Now().Time},
+					},
+					Spec: v1alpha1.CNINodeSpec{
+						Tags: map[string]string{
+							config.NetworkInterfaceNodeIDKey: "i-1234567890",
+						},
+					},
+				},
+			},
+			prepare: func(f *fields) {
+				f.mockCNINode.Reconciler.newResourceCleaner = func(nodeID string, eC2Wrapper ec2API.EC2Wrapper, vpcID string) cleanup.ResourceCleaner {
+					assert.Equal(t, "i-1234567890", nodeID)
+					return f.mockResourceCleaner
+				}
+				f.mockResourceCleaner.EXPECT().DeleteLeakedResources().Times(1).Return(nil)
+				f.mockFinalizerManager.EXPECT().
+					RemoveFinalizers(gomock.Any(), gomock.Any(), config.NodeTerminationFinalizer).
+					Return(nil)
+
+			},
+			asserts: func(res reconcile.Result, err error, cniNode *v1alpha1.CNINode) {
+				assert.NoError(t, err)
+				assert.Equal(t, res, reconcile.Result{})
 			},
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			ctrl := gomock.NewController(t)
 			defer ctrl.Finish()
-
-			mock := NewCNINodeMock(ctrl, tt.args.mockNode, tt.args.mockCNINode)
+			objs := []client.Object{tt.args.mockCNINode}
+			if tt.args.mockNode != nil {
+				objs = append(objs, tt.args.mockNode)
+			}
+			mock := NewCNINodeMock(ctrl, objs...)
 			f := fields{
 				mockResourceCleaner:  mock_cleanup.NewMockResourceCleaner(ctrl),
 				mockK8sApi:           mock_k8s.NewMockK8sWrapper(ctrl),
 				mockFinalizerManager: mock_k8s.NewMockFinalizerManager(ctrl),
+				mockEC2API:           mock_api.NewMockEC2APIHelper(ctrl),
+				mockCNINode:          mock,
 			}
+			mock.Reconciler.finalizerManager = f.mockFinalizerManager
+			mock.Reconciler.k8sAPI = f.mockK8sApi
 			if tt.prepare != nil {
 				tt.prepare(&f)
 			}
@@ -118,5 +196,4 @@ func TestCNINodeReconcile(t *testing.T) {
 			}
 		})
 	}
-
 }
@@ -29,6 +29,7 @@ import (
 	crdcontroller "github.com/aws/amazon-vpc-resource-controller-k8s/controllers/crds"
 	"github.com/aws/amazon-vpc-resource-controller-k8s/pkg/api"
 	ec2API "github.com/aws/amazon-vpc-resource-controller-k8s/pkg/aws/ec2/api"
+	"github.com/aws/amazon-vpc-resource-controller-k8s/pkg/aws/ec2/api/cleanup"
 	eniCleaner "github.com/aws/amazon-vpc-resource-controller-k8s/pkg/aws/ec2/api/cleanup"
 	"github.com/aws/amazon-vpc-resource-controller-k8s/pkg/condition"
 	"github.com/aws/amazon-vpc-resource-controller-k8s/pkg/config"
@@ -438,6 +439,7 @@ func main() {
 			clusterName,
 			vpcID,
 			finalizerManager,
+			cleanup.NewNodeResourceCleaner,
 		).SetupWithManager(mgr, maxNodeConcurrentReconciles)); err != nil {
 			setupLog.Error(err, "unable to create controller", "controller", "CNINode")
 			os.Exit(1)
 
@@ -23,7 +23,6 @@ import (
 	"github.com/aws/amazon-vpc-resource-controller-k8s/pkg/config"
 	rcHealthz "github.com/aws/amazon-vpc-resource-controller-k8s/pkg/healthz"
 	"github.com/aws/amazon-vpc-resource-controller-k8s/pkg/utils"
-	"github.com/samber/lo"
 
 	ec2Errors "github.com/aws/amazon-vpc-resource-controller-k8s/pkg/aws/errors"
 	"github.com/aws/aws-sdk-go-v2/aws"
@@ -38,6 +37,7 @@ import (
 // NetworkInterfaceManager interface allows to define the ENI filters and checks if ENI should be deleted for different callers like in the periodic cleanup routine or
 // during node termination
 type NetworkInterfaceManager interface {
+	// If there are multiple filters then we will OR them.
 	GetENITagFilters() []ec2types.Filter
 	ShouldDeleteENI(eniID *string) bool
 	UpdateAvailableENIsIfNeeded(eniMap *map[string]struct{})
@@ -126,18 +126,36 @@ func (e *ENICleaner) DeleteLeakedResources() error {
 	}...)
 
 	// only apply extra filters when the controller is enabled which provides cninode resources
+	var OrFilters []ec2types.Filter
+	var err error
+	var networkInterfaces []*ec2types.NetworkInterface
 	if !e.ControllerDisabled {
 		// get cleaner specific filters
-		filters = append(filters, e.Manager.GetENITagFilters()...)
-	}
-	describeNetworkInterfaceIp := &ec2.DescribeNetworkInterfacesInput{
-		Filters: filters,
-	}
+		OrFilters = e.Manager.GetENITagFilters()
+		for _, OrFilter := range OrFilters {
+			filterCopy := append([]ec2types.Filter{}, filters...)
+			filterCopy = append(filterCopy, OrFilter)
+
+			describeNetworkInterfaceIp := &ec2.DescribeNetworkInterfacesInput{
+				Filters: filterCopy,
+			}
 
-	networkInterfaces, err := e.EC2Wrapper.DescribeNetworkInterfacesPagesWithRetry(describeNetworkInterfaceIp)
-	if err != nil {
-		e.Log.Error(err, "failed to describe network interfaces, cleanup will be retried in next cycle")
-		return err
+			tempNetworkInterfaces, err := e.EC2Wrapper.DescribeNetworkInterfacesPagesWithRetry(describeNetworkInterfaceIp)
+			if err != nil {
+				e.Log.Error(err, "failed to describe network interfaces, cleanup will be retried in next cycle")
+				return err
+			}
+			networkInterfaces = append(networkInterfaces, tempNetworkInterfaces...)
+		}
+	} else {
+		describeNetworkInterfaceIp := &ec2.DescribeNetworkInterfacesInput{
+			Filters: filters,
+		}
+		networkInterfaces, err = e.EC2Wrapper.DescribeNetworkInterfacesPagesWithRetry(describeNetworkInterfaceIp)
+		if err != nil {
+			e.Log.Error(err, "failed to describe network interfaces, cleanup will be retried in next cycle")
+			return err
+		}
 	}
 
 	for _, nwInterface := range networkInterfaces {
@@ -169,9 +187,12 @@ func (e *ENICleaner) DeleteLeakedResources() error {
 				}
 				continue
 			}
-			e.Log.Info("deleted leaked ENI successfully",
-				"eniID", nwInterface.NetworkInterfaceId,
-				"instanceID", lo.TernaryF(nwInterface.Attachment == nil, func() *string { return lo.ToPtr("") }, func() *string { return nwInterface.Attachment.InstanceId }))
+			// It is possible for eni attachment to be nil, if it was never attached to instance
+			instanceID := ""
+			if nwInterface.Attachment != nil && nwInterface.Attachment.InstanceId != nil {
+				instanceID = aws.ToString(nwInterface.Attachment.InstanceId)
+			}
+			e.Log.Info("deleted leaked ENI successfully", "eni id", *nwInterface.NetworkInterfaceId, "instance id", instanceID)
 		} else {
 			// Seeing the ENI for the first time, add it to the new list of available network interfaces
 			availableENIs[*nwInterface.NetworkInterfaceId] = struct{}{}
@@ -184,11 +205,14 @@ func (e *ENICleaner) DeleteLeakedResources() error {
 }
 
 func (e *ClusterENICleaner) GetENITagFilters() []ec2types.Filter {
-	clusterNameTagKey := fmt.Sprintf(config.ClusterNameTagKeyFormat, e.ClusterName)
 	return []ec2types.Filter{
 		{
-			Name:   aws.String("tag:" + clusterNameTagKey),
-			Values: []string{config.ClusterNameTagValue},
+			Name:   aws.String("tag:" + config.VPCCNIClusterNameKey),
+			Values: []string{e.ClusterName},
+		},
+		{
+			Name:   aws.String("tag:" + fmt.Sprintf(config.VPCRCClusterNameTagKeyFormat, e.ClusterName)),
+			Values: []string{config.VPCRCClusterNameTagValue},
 		},
 	}
 }