cybozu-go · terassyi · Mar 4, 2025 · Mar 3, 2025 · Mar 4, 2025
diff --git a/docs/usage.md b/docs/usage.md
@@ -317,7 +317,7 @@ The default timeout seconds is 10800 (= 3 hours).
 Coil exposes two types of Prometheus metrics.
 
 1. Address pool metrics  
-   Metrics about address pools managed by Coil. For description, read [cmd-coil-controller.md](cmd-coil-controller.md#prometheus-metrics).
+   Metrics about address pools managed by Coil. For description, read [cmd-coil-ipam-controller.md](cmd-coil-ipam-controller.md#prometheus-metrics).
 2. Program metrics  
    Metrics about coil components internal. Memory usage, the number of requests to the API server, etc. They are exposed by controller-runtime.
 
@@ -343,9 +343,14 @@ scrape_configs:
         target_label: __address__
       - source_labels: [__address__, __meta_kubernetes_pod_label_app_kubernetes_io_component]
         action: replace
-        regex: ([^:]+)(?::\d+)?;coil-controller
+        regex: ([^:]+)(?::\d+)?;coil-ipam-controller
         replacement: ${1}:9386
         target_label: __address__
+      - source_labels: [__address__, __meta_kubernetes_pod_label_app_kubernetes_io_component]
+        action: replace
+        regex: ([^:]+)(?::\d+)?;coil-egress-controller
+        replacement: ${1}:9396
+        target_label: __address__
       - source_labels: [__address__, __meta_kubernetes_pod_label_app_kubernetes_io_component]
         action: replace
         regex: ([^:]+)(?::\d+)?;egress

diff --git a/v2/cmd/coil-ipam-controller/sub/root.go b/v2/cmd/coil-ipam-controller/sub/root.go
@@ -22,9 +22,9 @@ var config struct {
 }
 
 var rootCmd = &cobra.Command{
-	Use:     "coil-controller",
-	Short:   "controller for coil custom resources",
-	Long:    `coil-controller is a Kubernetes controller for coil custom resources.`,
+	Use:     "coil-ipam-controller",
+	Short:   "controller for coil ipam related custom resources",
+	Long:    `coil-ipam-controller is a Kubernetes controller for coil ipam related custom resources.`,
 	Version: v2.Version(),
 	RunE: func(cmd *cobra.Command, _ []string) error {
 		cmd.SilenceUsage = true

diff --git a/v2/controllers/clusterrolebinding_controller.go b/v2/controllers/clusterrolebinding_controller.go
@@ -20,7 +20,7 @@ import (
 // +kubebuilder:rbac:groups=rbac.authorization.k8s.io,resources=clusterrolebindings,verbs=get;list;watch;update;patch
 // +kubebuilder:rbac:groups=coil.cybozu.com,resources=egresses,verbs=get;list;watch
 
-// SetupCRBReconciler setups ClusterResourceBinding reconciler for coil-controller.
+// SetupCRBReconciler setups ClusterResourceBinding reconciler for coil-ipam-controller and coil-egress-controller.
 func SetupCRBReconciler(mgr manager.Manager) error {
 	r := &crbReconciler{
 		Client: mgr.GetClient(),

diff --git a/v2/controllers/egress_controller.go b/v2/controllers/egress_controller.go
@@ -35,7 +35,7 @@ type EgressReconciler struct {
 // +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch
 // +kubebuilder:rbac:groups=policy,resources=poddisruptionbudgets,verbs=get;list;watch;create;update;patch;delete
 
-// coil-controller needs to have access to Pods to grant egress service accounts the same privilege.
+// coil-egress-controller needs to have access to Pods to grant egress service accounts the same privilege.
 // +kubebuilder:rbac:groups="",resources=pods,verbs=get;list;watch
 
 // Reconcile implements Reconciler interface.

diff --git a/v2/dashboard/coil.json b/v2/dashboard/coil.json
@@ -143,7 +143,7 @@
       },
       "id": 20,
       "panels": [],
-      "title": "coil-controller Stats",
+      "title": "coil-ipam-controller Stats",
       "type": "row"
     },
     {
@@ -194,7 +194,7 @@
       "steppedLine": false,
       "targets": [
         {
-          "expr": "histogram_quantile(0.95, sum(rate(controller_runtime_reconcile_time_seconds_bucket{job=\"coil\", component=\"coil-controller\"}[5m])) by (le, controller))",
+          "expr": "histogram_quantile(0.95, sum(rate(controller_runtime_reconcile_time_seconds_bucket{job=\"coil\", component=\"coil-ipam-controller\"}[5m])) by (le, controller))",
           "interval": "",
           "legendFormat": "",
           "refId": "A"
@@ -501,8 +501,8 @@
           "scopedVars": {
             "component": {
               "selected": false,
-              "text": "coil-controller",
-              "value": "coil-controller"
+              "text": "coil-ipam-controller",
+              "value": "coil-ipam-controller"
             }
           },
           "seriesOverrides": [],
@@ -604,8 +604,8 @@
           "scopedVars": {
             "component": {
               "selected": false,
-              "text": "coil-controller",
-              "value": "coil-controller"
+              "text": "coil-ipam-controller",
+              "value": "coil-ipam-controller"
             }
           },
           "seriesOverrides": [],
@@ -706,8 +706,8 @@
           "scopedVars": {
             "component": {
               "selected": false,
-              "text": "coil-controller",
-              "value": "coil-controller"
+              "text": "coil-ipam-controller",
+              "value": "coil-ipam-controller"
             }
           },
           "seriesOverrides": [],
@@ -794,8 +794,8 @@
           },
           {
             "selected": false,
-            "text": "coil-controller",
-            "value": "coil-controller"
+            "text": "coil-ipam-controller",
+            "value": "coil-ipam-controller"
           },
           {
             "selected": false,
@@ -808,7 +808,7 @@
             "value": "egress"
           }
         ],
-        "query": "coil-controller,coild,egress",
+        "query": "coil-ipam-controller,coild,egress",
         "queryValue": "",
         "skipUrlSync": false,
         "type": "custom"

diff --git a/v2/e2e/README.md b/v2/e2e/README.md
@@ -7,7 +7,8 @@ end-to-end (e2e) tests for Coil.
 - [Strategy](#strategy)
 - [Analysis](#analysis)
   - [Manifests](#manifests)
-  - [`coil-controller`](#coil-controller)
+  - [`coil-ipam-controller`](#coil-ipam-controller)
+  - [`coil-egress-controller`](#coil-egress-controller)
   - [`coild`](#coild)
   - [`coil-router`](#coil-router)
   - [`coil-egress`](#coil-egress)
@@ -33,7 +34,7 @@ Therefore, it is enough to cover these functions in e2e tests.
 RBAC should carefully be examined.
 The other manifests are mostly tested together with other tests.
 
-### `coil-controller`
+### `coil-ipam-controller`
 
 What the `main` function implements are:
 
@@ -44,6 +45,16 @@ What the `main` function implements are:
 - Reconciler for BlockRequest
 - Garbage collector for orphaned AddressBlock
 
+### `coil-egress-controller`
+
+What the `main` function implements are:
+
+- Leader election
+- Admission webhook
+- Health probe server
+- Metrics server
+- Reconciler for Egress
+
 ### `coild`
 
 What the `main` function implements are:
@@ -71,15 +82,15 @@ What the `main` function implements are:
 
 Health probe servers can be tested by checking Pod readiness.
 
-Reconciler for BlockRequest in `coil-controller`, gRPC server in `coild`,
+Reconciler for BlockRequest in `coil-ipam-controller`, gRPC server in `coild`,
 and routing table setup in `coil-router` can be tested together by
 checking if Pods on different nodes can communicate each other.
 
 Admission webhook can be tested by trying to create an invalid
 AddressPool that cannot be checked by OpenAPI validations.
 A too narrow subnet is such an example.
 
-Garbage collector in `coil-controller` can be tested by creating
+Garbage collector in `coil-ipam-controller` can be tested by creating
 orphaned AddressBlock manually.
 
 Persisting IPAM status in `coild` can be tested by restarting `coild` Pods

diff --git a/v2/e2e/coil-controller_patch.yaml → v2/e2e/coil-ipam-controller_patch.yaml b/v2/e2e/coil-controller_patch.yaml → v2/e2e/coil-ipam-controller_patch.yaml
diff --git a/v2/e2e/coil_test.go b/v2/e2e/coil_test.go
@@ -68,7 +68,7 @@ func testIPAM() {
 	// This series of tests confirms the following things:
 	// - coil can call coild gRPC method appropriately
 	// - coild runs gRPC server
-	// - coil-controller can process BlockRequest
+	// - coil-ipam-controller can process BlockRequest
 	// - coil-router setups the kernel routing table
 	It("should allow pods on different nodes to communicate", func() {
 		By("creating the default pool")

diff --git a/v2/e2e/controller_test.go b/v2/e2e/controller_test.go
@@ -28,7 +28,7 @@ var _ = Describe("coil controllers", func() {
 })
 
 func testCoilIPAMController() {
-	It("should elect a leader instance of coil-controller", func() {
+	It("should elect a leader instance of coil-ipam-controller", func() {
 		kubectlSafe(nil, "-n", "kube-system", "get", "leases", "coil-ipam-leader")
 	})
 
@@ -70,7 +70,7 @@ func testCoilIPAMController() {
 
 func testCoilEgressController() {
 	Context("when the egress features are enabled", func() {
-		It("should elect a leader instance of coil-controller", func() {
+		It("should elect a leader instance of coil-egress-controller", func() {
 			kubectlSafe(nil, "-n", "kube-system", "get", "leases", "coil-egress-leader")
 		})
 

diff --git a/v2/e2e/kustomization.yaml b/v2/e2e/kustomization.yaml
@@ -3,7 +3,7 @@ resources:
 - ../config/pod/coil-router.yaml
 
 patchesStrategicMerge:
-- coil-controller_patch.yaml
+- coil-ipam-controller_patch.yaml
 
 configMapGenerator:
 - name: coil-config