From 494e21565627352fe5a2adb84eea02ef135cc8d9 Mon Sep 17 00:00:00 2001 From: Andre Baptista Aguas Date: Sun, 11 Aug 2024 15:48:02 +0200 Subject: [PATCH] Create referenced ingress if GSLB is configured with Ingress annotations Signed-off-by: Andre Baptista Aguas --- chart/k8gb/templates/deployment.yaml | 4 +- chart/k8gb/values.schema.json | 3 ++ chart/k8gb/values.yaml | 2 + controllers/depresolver/depresolver.go | 2 + controllers/depresolver/depresolver_config.go | 27 ++++++------- controllers/depresolver/depresolver_test.go | 3 +- controllers/gslb_controller_setup.go | 39 +++++++++++++++---- .../examples/broken-ingress-annotation.yaml | 2 + .../ingress-annotation-failover-simple.yaml | 2 + .../examples/ingress-annotation-failover.yaml | 2 + terratest/examples/ingress-annotation-rr.yaml | 2 + terratest/examples/ingress-annotation.yaml | 2 + 12 files changed, 67 insertions(+), 23 deletions(-) diff --git a/chart/k8gb/templates/deployment.yaml b/chart/k8gb/templates/deployment.yaml index 39fed02ee4..c7a11fe4f5 100644 --- a/chart/k8gb/templates/deployment.yaml +++ b/chart/k8gb/templates/deployment.yaml @@ -60,7 +60,9 @@ spec: - name: DNS_ZONE value: {{ .Values.k8gb.dnsZone }} - name: RECONCILE_REQUEUE_SECONDS - value: {{ quote .Values.k8gb.reconcileRequeueSeconds}} + value: {{ quote .Values.k8gb.reconcileRequeueSeconds }} + - name: ANNOTATION_CREATES_GSLB_WITH_EMBEDDED_INGRESS + value: {{ quote .Values.k8gb.annotationCreatesGSLBWithEmbeddedIngress }} {{- if .Values.infoblox.enabled }} - name: INFOBLOX_GRID_HOST valueFrom: diff --git a/chart/k8gb/values.schema.json b/chart/k8gb/values.schema.json index 17c82f8d95..1ba278f34f 100644 --- a/chart/k8gb/values.schema.json +++ b/chart/k8gb/values.schema.json @@ -316,6 +316,9 @@ }, "serviceMonitor": { "$ref": "#/definitions/k8gbServiceMonitor" + }, + "annotationCreatesGSLBWithEmbeddedIngress": { + "type": "boolean" } }, "required": [ diff --git a/chart/k8gb/values.yaml b/chart/k8gb/values.yaml index 25da0e501e..81a5d25740 100644 --- a/chart/k8gb/values.yaml +++ b/chart/k8gb/values.yaml @@ -52,6 +52,8 @@ k8gb: # -- enable ServiceMonitor serviceMonitor: enabled: false + # -- whether annotations on ingress create a GSLB with an embedded or a referenced ingress + annotationCreatesGSLBWithEmbeddedIngress: false externaldns: # -- `.spec.template.spec.dnsPolicy` for ExternalDNS deployment diff --git a/controllers/depresolver/depresolver.go b/controllers/depresolver/depresolver.go index 600cc5cd13..32d980f347 100644 --- a/controllers/depresolver/depresolver.go +++ b/controllers/depresolver/depresolver.go @@ -157,6 +157,8 @@ type Config struct { // OtelExporterOtlpEndpoint where the traces should be sent to (in case of otel collector deployed on the same pod as sidecar -> localhost:4318) // otel collector itself can be configured via a configmap to send it somewhere else OtelExporterOtlpEndpoint string `env:"OTEL_EXPORTER_OTLP_ENDPOINT, default=localhost:4318"` + // AnnotationCreatesGSLBWithEmbeddedIngress flag (will be deprecated in v1.1) + AnnotationCreatesGSLBWithEmbeddedIngress bool `env:"ANNOTATION_CREATES_GSLB_WITH_EMBEDDED_INGRESS, default=false"` } // DependencyResolver resolves configuration for GSLB diff --git a/controllers/depresolver/depresolver_config.go b/controllers/depresolver/depresolver_config.go index db15da2f1a..d374df65a5 100644 --- a/controllers/depresolver/depresolver_config.go +++ b/controllers/depresolver/depresolver_config.go @@ -45,19 +45,20 @@ const ( InfobloxPortKey = "INFOBLOX_WAPI_PORT" InfobloxUsernameKey = "INFOBLOX_WAPI_USERNAME" // #nosec G101; ignore false positive gosec; see: https://securego.io/docs/rules/g101.html - InfobloxPasswordKey = "INFOBLOX_WAPI_PASSWORD" - InfobloxHTTPRequestTimeoutKey = "INFOBLOX_HTTP_REQUEST_TIMEOUT" - InfobloxHTTPPoolConnectionsKey = "INFOBLOX_HTTP_POOL_CONNECTIONS" - K8gbNamespaceKey = "POD_NAMESPACE" - CoreDNSExposedKey = "COREDNS_EXPOSED" - LogLevelKey = "LOG_LEVEL" - LogFormatKey = "LOG_FORMAT" - LogNoColorKey = "NO_COLOR" - SplitBrainCheckKey = "SPLIT_BRAIN_CHECK" - TracingEnabled = "TRACING_ENABLED" - OtelExporterOtlpEndpoint = "OTEL_EXPORTER_OTLP_ENDPOINT" - TracingSamplingRatio = "TRACING_SAMPLING_RATIO" - MetricsAddressKey = "METRICS_ADDRESS" + InfobloxPasswordKey = "INFOBLOX_WAPI_PASSWORD" + InfobloxHTTPRequestTimeoutKey = "INFOBLOX_HTTP_REQUEST_TIMEOUT" + InfobloxHTTPPoolConnectionsKey = "INFOBLOX_HTTP_POOL_CONNECTIONS" + K8gbNamespaceKey = "POD_NAMESPACE" + CoreDNSExposedKey = "COREDNS_EXPOSED" + LogLevelKey = "LOG_LEVEL" + LogFormatKey = "LOG_FORMAT" + LogNoColorKey = "NO_COLOR" + SplitBrainCheckKey = "SPLIT_BRAIN_CHECK" + TracingEnabled = "TRACING_ENABLED" + OtelExporterOtlpEndpoint = "OTEL_EXPORTER_OTLP_ENDPOINT" + TracingSamplingRatio = "TRACING_SAMPLING_RATIO" + MetricsAddressKey = "METRICS_ADDRESS" + AnnotationCreatesGSLBWithEmbeddedIngress = "ANNOTATION_CREATES_GSLB_WITH_EMBEDDED_INGRESS" ) // Deprecated environment variables keys diff --git a/controllers/depresolver/depresolver_test.go b/controllers/depresolver/depresolver_test.go index 67f15b8b01..a7bc823e8e 100644 --- a/controllers/depresolver/depresolver_test.go +++ b/controllers/depresolver/depresolver_test.go @@ -1508,7 +1508,7 @@ func cleanup() { ExtDNSEnabledKey, InfobloxGridHostKey, InfobloxVersionKey, InfobloxPortKey, InfobloxUsernameKey, InfobloxPasswordKey, K8gbNamespaceKey, CoreDNSExposedKey, InfobloxHTTPRequestTimeoutKey, InfobloxHTTPPoolConnectionsKey, LogLevelKey, LogFormatKey, LogNoColorKey, MetricsAddressKey, SplitBrainCheckKey, TracingEnabled, - TracingSamplingRatio, OtelExporterOtlpEndpoint} { + TracingSamplingRatio, OtelExporterOtlpEndpoint, AnnotationCreatesGSLBWithEmbeddedIngress} { if os.Unsetenv(s) != nil { panic(fmt.Errorf("cleanup %s", s)) } @@ -1542,6 +1542,7 @@ func configureEnvVar(config Config) { _ = os.Setenv(TracingEnabled, strconv.FormatBool(config.TracingEnabled)) _ = os.Setenv(TracingSamplingRatio, strconv.FormatFloat(config.TracingSamplingRatio, 'f', 2, 64)) _ = os.Setenv(OtelExporterOtlpEndpoint, config.OtelExporterOtlpEndpoint) + _ = os.Setenv(AnnotationCreatesGSLBWithEmbeddedIngress, strconv.FormatBool(config.AnnotationCreatesGSLBWithEmbeddedIngress)) } func getTestContext(testData string) (client.Client, *k8gbv1beta1.Gslb) { diff --git a/controllers/gslb_controller_setup.go b/controllers/gslb_controller_setup.go index 3c1d7e60ca..8830e50010 100644 --- a/controllers/gslb_controller_setup.go +++ b/controllers/gslb_controller_setup.go @@ -148,14 +148,37 @@ func (r *GslbReconciler) createGSLBFromIngress(c client.Client, a client.Object, Msg("Gslb already exists. Skipping Gslb creation...") return } - gslb := &k8gbv1beta1.Gslb{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: a.GetNamespace(), - Name: a.GetName(), - }, - Spec: k8gbv1beta1.GslbSpec{ - Ingress: k8gbv1beta1.FromV1IngressSpec(ingressToReuse.Spec), - }, + + if len(ingressToReuse.Labels) == 0 { + log.Warn(). + Str("ingress", a.GetName()). + Msg("Deprecated: Ingress does not have labels. From v1.1 every Ingress must have unique labels") + } + var gslb *k8gbv1beta1.Gslb + if r.Config.AnnotationCreatesGSLBWithEmbeddedIngress { + gslb = &k8gbv1beta1.Gslb{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: a.GetNamespace(), + Name: a.GetName(), + }, + Spec: k8gbv1beta1.GslbSpec{ + Ingress: k8gbv1beta1.FromV1IngressSpec(ingressToReuse.Spec), + }, + } + } else { + gslb = &k8gbv1beta1.Gslb{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: a.GetNamespace(), + Name: a.GetName(), + }, + Spec: k8gbv1beta1.GslbSpec{ + ResourceRef: k8gbv1beta1.ResourceRef{ + Ingress: metav1.LabelSelector{ + MatchLabels: ingressToReuse.Labels, + }, + }, + }, + } } gslb.Spec.Strategy, err = r.parseStrategy(a.GetAnnotations(), strategy) diff --git a/terratest/examples/broken-ingress-annotation.yaml b/terratest/examples/broken-ingress-annotation.yaml index 90c5712ee7..9593f849ae 100644 --- a/terratest/examples/broken-ingress-annotation.yaml +++ b/terratest/examples/broken-ingress-annotation.yaml @@ -4,6 +4,8 @@ metadata: annotations: k8gb.io/strategy: failover k8gb.io/primary-geotag: eu + labels: + app: notfound-broken name: broken-test-gslb-annotation-failover spec: ingressClassName: nginx diff --git a/terratest/examples/ingress-annotation-failover-simple.yaml b/terratest/examples/ingress-annotation-failover-simple.yaml index 4d22969ff9..e19e6c58af 100644 --- a/terratest/examples/ingress-annotation-failover-simple.yaml +++ b/terratest/examples/ingress-annotation-failover-simple.yaml @@ -6,6 +6,8 @@ metadata: k8gb.io/strategy: failover k8gb.io/primary-geotag: "eu" k8gb.io/dns-ttl-seconds: "5" + labels: + app: ingress-failover-simple spec: ingressClassName: nginx rules: diff --git a/terratest/examples/ingress-annotation-failover.yaml b/terratest/examples/ingress-annotation-failover.yaml index 5d1634b12f..f8adcea094 100644 --- a/terratest/examples/ingress-annotation-failover.yaml +++ b/terratest/examples/ingress-annotation-failover.yaml @@ -6,6 +6,8 @@ metadata: k8gb.io/primary-geotag: "eu" k8gb.io/dns-ttl-seconds: "5" k8gb.io/splitbrain-threshold-seconds: "600" + labels: + app: ingress-failover name: test-gslb-annotation-failover spec: ingressClassName: nginx diff --git a/terratest/examples/ingress-annotation-rr.yaml b/terratest/examples/ingress-annotation-rr.yaml index 9fe46b6d94..3b894a83b5 100644 --- a/terratest/examples/ingress-annotation-rr.yaml +++ b/terratest/examples/ingress-annotation-rr.yaml @@ -4,6 +4,8 @@ metadata: annotations: k8gb.io/strategy: roundRobin k8gb.io/dns-ttl-seconds: "5" + labels: + app: ingress-rr name: test-gslb-annotation spec: ingressClassName: nginx diff --git a/terratest/examples/ingress-annotation.yaml b/terratest/examples/ingress-annotation.yaml index 5ba742e3c1..b3b0aeac84 100644 --- a/terratest/examples/ingress-annotation.yaml +++ b/terratest/examples/ingress-annotation.yaml @@ -4,6 +4,8 @@ metadata: annotations: k8gb.io/strategy: failover k8gb.io/primary-geotag: "eu" + labels: + app: test-ingress-annotation-failover name: test-gslb spec: ingressClassName: nginx