kubeovn
diff --git a/‎go.mod‎
Lines changed: 1 addition & 1 deletion b/‎go.mod‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/controller/controller.go‎
Lines changed: 11 additions & 5 deletions b/‎pkg/controller/controller.go‎
Lines changed: 11 additions & 5 deletions
diff --git a/‎pkg/controller/controller_test.go‎
Lines changed: 52 additions & 43 deletions b/‎pkg/controller/controller_test.go‎
Lines changed: 52 additions & 43 deletions
diff --git a/‎pkg/controller/endpoint_slice.go‎
Lines changed: 1 addition & 1 deletion b/‎pkg/controller/endpoint_slice.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/controller/endpoint_slice_test.go‎
Lines changed: 4 additions & 4 deletions b/‎pkg/controller/endpoint_slice_test.go‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎pkg/controller/init.go‎
Lines changed: 1 addition & 1 deletion b/‎pkg/controller/init.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/controller/ip.go‎
Lines changed: 1 addition & 1 deletion b/‎pkg/controller/ip.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/controller/pod.go‎
Lines changed: 2 additions & 2 deletions b/‎pkg/controller/pod.go‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎pkg/controller/provider_network.go‎
Lines changed: 1 addition & 1 deletion b/‎pkg/controller/provider_network.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/controller/service_lb.go‎
Lines changed: 1 addition & 1 deletion b/‎pkg/controller/service_lb.go‎
Lines changed: 1 addition & 1 deletion
@@ -62,7 +62,6 @@ require (
 	k8s.io/client-go v0.34.3
 	k8s.io/component-base v0.34.3
 	k8s.io/klog/v2 v2.130.1
-	k8s.io/kube-aggregator v0.34.3
 	k8s.io/kubectl v0.34.3
 	k8s.io/kubernetes v1.34.3
 	k8s.io/pod-security-admission v0.34.3
@@ -268,6 +267,7 @@ require (
 	k8s.io/dynamic-resource-allocation v0.34.3 // indirect
 	k8s.io/gengo/v2 v2.0.0-20250820003526-c297c0c1eb9d // indirect
 	k8s.io/kms v0.34.3 // indirect
+	k8s.io/kube-aggregator v0.34.3 // indirect
 	k8s.io/kube-openapi v0.34.3 // indirect
 	k8s.io/kube-scheduler v0.34.3 // indirect
 	k8s.io/kubelet v0.34.3 // indirect
 
@@ -328,7 +328,7 @@ func Run(ctx context.Context, config *Configuration) {
 	klog.V(4).Info("Creating event broadcaster")
 	eventBroadcaster := record.NewBroadcasterWithCorrelatorOptions(record.CorrelatorOptions{BurstSize: 100})
 	eventBroadcaster.StartLogging(klog.Infof)
-	eventBroadcaster.StartRecordingToSink(&typedcorev1.EventSinkImpl{Interface: config.KubeFactoryClient.CoreV1().Events("")})
+	eventBroadcaster.StartRecordingToSink(&typedcorev1.EventSinkImpl{Interface: config.KubeFactoryClient.CoreV1().Events(metav1.NamespaceAll)})
 	recorder := eventBroadcaster.NewRecorder(scheme.Scheme, corev1.EventSource{Component: controllerAgentName})
 	custCrdRateLimiter := workqueue.NewTypedMaxOfRateLimiter(
 		workqueue.NewTypedItemExponentialFailureRateLimiter[string](time.Duration(config.CustCrdRetryMinDelay)*time.Second, time.Duration(config.CustCrdRetryMaxDelay)*time.Second),
@@ -341,35 +341,41 @@ func Run(ctx context.Context, config *Configuration) {
 	}
 
 	informerFactory := kubeinformers.NewSharedInformerFactoryWithOptions(config.KubeFactoryClient, 0,
+		kubeinformers.WithTransform(util.TrimManagedFields),
 		kubeinformers.WithTweakListOptions(func(listOption *metav1.ListOptions) {
 			listOption.AllowWatchBookmarks = true
 		}))
 	cmInformerFactory := kubeinformers.NewSharedInformerFactoryWithOptions(config.KubeFactoryClient, 0,
+		kubeinformers.WithNamespace(config.PodNamespace),
+		kubeinformers.WithTransform(util.TrimManagedFields),
 		kubeinformers.WithTweakListOptions(func(listOption *metav1.ListOptions) {
 			listOption.AllowWatchBookmarks = true
-		}), kubeinformers.WithNamespace(config.PodNamespace))
+		}))
 	// deployment informer used to list/watch vpc egress gateway workloads
 	deployInformerFactory := kubeinformers.NewSharedInformerFactoryWithOptions(config.KubeFactoryClient, 0,
+		kubeinformers.WithTransform(util.TrimManagedFields),
 		kubeinformers.WithTweakListOptions(func(listOption *metav1.ListOptions) {
 			listOption.AllowWatchBookmarks = true
 			listOption.LabelSelector = selector.String()
 		}))
 	kubeovnInformerFactory := kubeovninformer.NewSharedInformerFactoryWithOptions(config.KubeOvnFactoryClient, 0,
+		kubeovninformer.WithTransform(util.TrimManagedFields),
 		kubeovninformer.WithTweakListOptions(func(listOption *metav1.ListOptions) {
 			listOption.AllowWatchBookmarks = true
 		}))
 	anpInformerFactory := anpinformer.NewSharedInformerFactoryWithOptions(config.AnpClient, 0,
+		anpinformer.WithTransform(util.TrimManagedFields),
 		anpinformer.WithTweakListOptions(func(listOption *metav1.ListOptions) {
 			listOption.AllowWatchBookmarks = true
 		}))
-
 	attachNetInformerFactory := netAttach.NewSharedInformerFactoryWithOptions(config.AttachNetClient, 0,
 		netAttach.WithTweakListOptions(func(listOption *metav1.ListOptions) {
 			listOption.AllowWatchBookmarks = true
 		}),
 	)
-
-	kubevirtInformerFactory := informer.NewKubeVirtInformerFactory(config.KubevirtClient.RestClient(), config.KubevirtClient, nil, util.KubevirtNamespace)
+	kubevirtInformerFactory := informer.NewKubeVirtInformerFactoryWithOptions(config.KubevirtClient.RestClient(), config.KubevirtClient,
+		informer.WithTransform(util.TrimManagedFields),
+	)
 
 	vpcInformer := kubeovnInformerFactory.Kubeovn().V1().Vpcs()
 	vpcNatGatewayInformer := kubeovnInformerFactory.Kubeovn().V1().VpcNatGateways()
 
@@ -68,19 +68,17 @@ func newFakeControllerWithOptions(t *testing.T, opts *FakeControllerOptions) (*f
 		opts = &FakeControllerOptions{}
 	}
 
-	// Create default namespace if none provided
-	defaultNamespace := &corev1.Namespace{
-		ObjectMeta: metav1.ObjectMeta{
-			Name: "default",
-			Annotations: map[string]string{
-				util.LogicalSwitchAnnotation: util.DefaultSubnet,
-			},
-		},
-	}
-
 	namespaces := opts.Namespaces
 	if len(namespaces) == 0 {
-		namespaces = []*corev1.Namespace{defaultNamespace}
+		// Create default namespace if none provided
+		namespaces = []*corev1.Namespace{{
+			ObjectMeta: metav1.ObjectMeta{
+				Name: metav1.NamespaceDefault,
+				Annotations: map[string]string{
+					util.LogicalSwitchAnnotation: util.DefaultSubnet,
+				},
+			},
+		}}
 	}
 
 	// Create fake Kubernetes client with namespaces and pods
@@ -114,15 +112,32 @@ func newFakeControllerWithOptions(t *testing.T, opts *FakeControllerOptions) (*f
 	}
 
 	// Create informer factories
-	kubeInformerFactory := informers.NewSharedInformerFactory(kubeClient, 0)
+	kubeInformerFactory := informers.NewSharedInformerFactoryWithOptions(kubeClient, 0,
+		informers.WithTransform(util.TrimManagedFields),
+		informers.WithTweakListOptions(func(options *metav1.ListOptions) {
+			options.Watch = true
+			options.AllowWatchBookmarks = true
+		}),
+	)
 	serviceInformer := kubeInformerFactory.Core().V1().Services()
 	namespaceInformer := kubeInformerFactory.Core().V1().Namespaces()
 	podInformer := kubeInformerFactory.Core().V1().Pods()
 
-	nadInformerFactory := nadinformers.NewSharedInformerFactory(nadClient, 0)
+	nadInformerFactory := nadinformers.NewSharedInformerFactoryWithOptions(nadClient, 0,
+		nadinformers.WithTweakListOptions(func(options *metav1.ListOptions) {
+			options.Watch = true
+			options.AllowWatchBookmarks = true
+		}),
+	)
 	nadInformer := nadInformerFactory.K8sCniCncfIo().V1().NetworkAttachmentDefinitions()
 
-	kubeovnInformerFactory := kubeovninformerfactory.NewSharedInformerFactory(kubeovnClient, 0)
+	kubeovnInformerFactory := kubeovninformerfactory.NewSharedInformerFactoryWithOptions(kubeovnClient, 0,
+		kubeovninformerfactory.WithTransform(util.TrimManagedFields),
+		kubeovninformerfactory.WithTweakListOptions(func(options *metav1.ListOptions) {
+			options.Watch = true
+			options.AllowWatchBookmarks = true
+		}),
+	)
 	vpcInformer := kubeovnInformerFactory.Kubeovn().V1().Vpcs()
 	subnetInformer := kubeovnInformerFactory.Kubeovn().V1().Subnets()
 	vpcNatGwInformer := kubeovnInformerFactory.Kubeovn().V1().VpcNatGateways()
@@ -155,12 +170,12 @@ func newFakeControllerWithOptions(t *testing.T, opts *FakeControllerOptions) (*f
 	}
 
 	ctrl.config = &Configuration{
-		ClusterRouter:        "ovn-cluster",
-		DefaultLogicalSwitch: "ovn-default",
+		ClusterRouter:        util.DefaultVpc,
+		DefaultLogicalSwitch: util.DefaultSubnet,
 		NodeSwitch:           "join",
 		KubeOvnClient:        kubeovnClient,
 		KubeClient:           kubeClient,
-		PodNamespace:         "kube-system",
+		PodNamespace:         metav1.NamespaceSystem,
 		AttachNetClient:      nadClient,
 	}
 
@@ -191,12 +206,18 @@ func newFakeController(t *testing.T) *fakeController {
 }
 
 func Test_allSubnetReady(t *testing.T) {
-	fakeController, err := newFakeControllerWithOptions(t, nil)
+	fakeController, err := newFakeControllerWithOptions(t, &FakeControllerOptions{
+		Subnets: []*kubeovnv1.Subnet{{
+			ObjectMeta: metav1.ObjectMeta{Name: util.DefaultSubnet},
+		}, {
+			ObjectMeta: metav1.ObjectMeta{Name: "join"},
+		}},
+	})
 	require.NoError(t, err)
 	ctrl := fakeController.fakeController
 	mockOvnClient := fakeController.mockOvnClient
 
-	subnets := []string{"ovn-default", "join"}
+	subnets := []string{util.DefaultSubnet, "join"}
 
 	t.Run("all subnet ready", func(t *testing.T) {
 		mockOvnClient.EXPECT().LogicalSwitchExists(gomock.Any()).Return(true, nil).Times(2)
@@ -219,41 +240,29 @@ func Test_allSubnetReady(t *testing.T) {
 // TestFakeControllerWithOptions demonstrates usage of the unified fake controller
 func TestFakeControllerWithOptions(t *testing.T) {
 	// Example: creating a fake controller with NADs, subnets, and pods
-	nads := []*nadv1.NetworkAttachmentDefinition{
-		{
+	opts := &FakeControllerOptions{
+		Subnets: []*kubeovnv1.Subnet{{
+			ObjectMeta: metav1.ObjectMeta{Name: "net1-subnet"},
+			Spec:       kubeovnv1.SubnetSpec{CIDRBlock: "192.168.1.0/24"},
+		}},
+		NetworkAttachments: []*nadv1.NetworkAttachmentDefinition{{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      "net1",
-				Namespace: "default",
+				Namespace: metav1.NamespaceDefault,
 			},
 			Spec: nadv1.NetworkAttachmentDefinitionSpec{
 				Config: `{"cniVersion": "0.3.1", "name": "net1", "type": "kube-ovn"}`,
 			},
-		},
-	}
-
-	subnets := []*kubeovnv1.Subnet{
-		{
-			ObjectMeta: metav1.ObjectMeta{Name: "net1-subnet"},
-			Spec:       kubeovnv1.SubnetSpec{CIDRBlock: "192.168.1.0/24"},
-		},
-	}
-
-	pods := []*corev1.Pod{
-		{
+		}},
+		Pods: []*corev1.Pod{{
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      "test-pod",
-				Namespace: "default",
+				Namespace: metav1.NamespaceDefault,
 				Annotations: map[string]string{
 					nadv1.NetworkAttachmentAnnot: `[{"name": "net1"}]`,
 				},
 			},
-		},
-	}
-
-	opts := &FakeControllerOptions{
-		Subnets:            subnets,
-		NetworkAttachments: nads,
-		Pods:               pods,
+		}},
 	}
 
 	fakeCtrl, err := newFakeControllerWithOptions(t, opts)
@@ -267,7 +276,7 @@ func TestFakeControllerWithOptions(t *testing.T) {
 	require.NotNil(t, ctrl.config.KubeOvnClient)
 
 	// Verify that NADs can be retrieved
-	nadClient := ctrl.config.AttachNetClient.K8sCniCncfIoV1().NetworkAttachmentDefinitions("default")
+	nadClient := ctrl.config.AttachNetClient.K8sCniCncfIoV1().NetworkAttachmentDefinitions(metav1.NamespaceDefault)
 	retrievedNAD, err := nadClient.Get(context.Background(), "net1", metav1.GetOptions{})
 	require.NoError(t, err)
 	require.Equal(t, "net1", retrievedNAD.Name)
 
@@ -304,7 +304,7 @@ func (c *Controller) replaceEndpointAddressesWithSecondaryIPs(endpointSlices []*
 		needsUpdate := false
 		// Check if any endpoints need updating first
 		for j, ep := range endpoint.Endpoints {
-			if ep.TargetRef != nil && ep.TargetRef.Kind == "Pod" {
+			if ep.TargetRef != nil && ep.TargetRef.Kind == util.KindPod {
 				podName := ep.TargetRef.Name
 				// Skip if already processed this pod
 				// Include slice index to handle pod in multiple slices
 
@@ -475,7 +475,7 @@ func TestReplaceEndpointAddressesWithSecondaryIPs(t *testing.T) {
 						{
 							Addresses: []string{"10.244.0.5"}, // Primary IP
 							TargetRef: &corev1.ObjectReference{
-								Kind: "Pod",
+								Kind: util.KindPod,
 								Name: "test-pod-1",
 							},
 						},
@@ -556,7 +556,7 @@ func TestReplaceEndpointAddressesWithSecondaryIPs(t *testing.T) {
 						{
 							Addresses: []string{"10.244.0.5"}, // Primary IP
 							TargetRef: &corev1.ObjectReference{
-								Kind: "Pod",
+								Kind: util.KindPod,
 								Name: "test-pod-1",
 							},
 						},
@@ -637,7 +637,7 @@ func TestReplaceEndpointAddressesWithSecondaryIPs(t *testing.T) {
 						{
 							Addresses: []string{"10.244.0.5"},
 							TargetRef: &corev1.ObjectReference{
-								Kind: "Pod",
+								Kind: util.KindPod,
 								Name: "test-pod-1",
 							},
 						},
@@ -690,7 +690,7 @@ func TestReplaceEndpointAddressesWithSecondaryIPs(t *testing.T) {
 						{
 							Addresses: []string{"10.244.0.5"},
 							TargetRef: &corev1.ObjectReference{
-								Kind: "Pod",
+								Kind: util.KindPod,
 								Name: "test-pod-1",
 							},
 						},
 
@@ -446,7 +446,7 @@ func (c *Controller) InitIPAM() error {
 
 		podType := getPodType(pod)
 		podName := c.getNameByPod(pod)
-		key := fmt.Sprintf("%s/%s", pod.Namespace, podName)
+		key := cache.NewObjectName(pod.Namespace, podName).String()
 		for _, podNet := range podNets {
 			if pod.Annotations[fmt.Sprintf(util.AllocatedAnnotationTemplate, podNet.ProviderName)] == "true" {
 				portName := ovs.PodNameToPortName(podName, pod.Namespace, podNet.ProviderName)
 
@@ -483,7 +483,7 @@ func (c *Controller) createOrUpdateIPCR(ipCRName, podName, ip, mac, subnetName,
 }
 
 func (c *Controller) ipAcquireAddress(ip *kubeovnv1.IP, subnet *kubeovnv1.Subnet) (string, string, string, error) {
-	key := fmt.Sprintf("%s/%s", ip.Spec.Namespace, ip.Spec.PodName)
+	key := cache.NewObjectName(ip.Spec.Namespace, ip.Spec.PodName).String()
 	portName := ovs.PodNameToPortName(ip.Spec.PodName, ip.Spec.Namespace, subnet.Spec.Provider)
 	ipStr := util.GetStringIP(ip.Spec.V4IPAddress, ip.Spec.V6IPAddress)
 
 
@@ -1307,7 +1307,7 @@ func (c *Controller) handleUpdatePodSecurity(key string) error {
 
 func (c *Controller) syncKubeOvnNet(pod *v1.Pod, podNets []*kubeovnNet) (*v1.Pod, error) {
 	podName := c.getNameByPod(pod)
-	key := fmt.Sprintf("%s/%s", pod.Namespace, podName)
+	key := cache.NewObjectName(pod.Namespace, podName).String()
 	targetPortNameList := strset.NewWithSize(len(podNets))
 	portsNeedToDel := []string{}
 	annotationsNeedToDel := []string{}
@@ -1957,7 +1957,7 @@ func (c *Controller) validatePodIP(podName, subnetName, ipv4, ipv6 string) (bool
 
 func (c *Controller) acquireAddress(pod *v1.Pod, podNet *kubeovnNet) (string, string, string, *kubeovnv1.Subnet, error) {
 	podName := c.getNameByPod(pod)
-	key := fmt.Sprintf("%s/%s", pod.Namespace, podName)
+	key := cache.NewObjectName(pod.Namespace, podName).String()
 	portName := ovs.PodNameToPortName(podName, pod.Namespace, podNet.ProviderName)
 
 	var checkVMPod bool
 
@@ -27,7 +27,7 @@ func (c *Controller) resyncProviderNetworkStatus() {
 		return
 	}
 
-	pods, err := c.podsLister.Pods("").List(labels.Set{"app": "kube-ovn-cni"}.AsSelector())
+	pods, err := c.podsLister.Pods(c.config.PodNamespace).List(labels.Set{"app": "kube-ovn-cni"}.AsSelector())
 	if err != nil {
 		klog.Errorf("failed to list kube-ovn-cni pods: %v", err)
 		return
 
@@ -28,7 +28,7 @@ const (
 	podDNATAdd     = "dnat-add"
 	podDNATDel     = "dnat-del"
 	attachmentName = "lb-svc-attachment"
-	attachmentNs   = "kube-system"
+	attachmentNs   = metav1.NamespaceSystem
 )
 
 func genLbSvcDpName(name string) string {
Original file line number	Diff line number	Diff line change
`@@ -483,7 +483,7 @@ func (c *Controller) createOrUpdateIPCR(ipCRName, podName, ip, mac, subnetName,`
`483`	`483`	`}`
`484`	`484`
`485`	`485`	`func (c Controller) ipAcquireAddress(ip kubeovnv1.IP, subnet *kubeovnv1.Subnet) (string, string, string, error) {`
`486`		`- key := fmt.Sprintf("%s/%s", ip.Spec.Namespace, ip.Spec.PodName)`
	`486`	`+ key := cache.NewObjectName(ip.Spec.Namespace, ip.Spec.PodName).String()`
`487`	`487`	`portName := ovs.PodNameToPortName(ip.Spec.PodName, ip.Spec.Namespace, subnet.Spec.Provider)`
`488`	`488`	`ipStr := util.GetStringIP(ip.Spec.V4IPAddress, ip.Spec.V6IPAddress)`
`489`	`489`
Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ func (c *Controller) resyncProviderNetworkStatus() {`
`27`	`27`	`return`
`28`	`28`	`}`
`29`	`29`
`30`		`- pods, err := c.podsLister.Pods("").List(labels.Set{"app": "kube-ovn-cni"}.AsSelector())`
	`30`	`+ pods, err := c.podsLister.Pods(c.config.PodNamespace).List(labels.Set{"app": "kube-ovn-cni"}.AsSelector())`
`31`	`31`	`if err != nil {`
`32`	`32`	`klog.Errorf("failed to list kube-ovn-cni pods: %v", err)`
`33`	`33`	`return`
Original file line number	Diff line number	Diff line change
`@@ -28,7 +28,7 @@ const (`
`28`	`28`	`podDNATAdd = "dnat-add"`
`29`	`29`	`podDNATDel = "dnat-del"`
`30`	`30`	`attachmentName = "lb-svc-attachment"`
`31`		`- attachmentNs = "kube-system"`
	`31`	`+ attachmentNs = metav1.NamespaceSystem`
`32`	`32`	`)`
`33`	`33`
`34`	`34`	`func genLbSvcDpName(name string) string {`