[Feature] ArangoRoute RC

arangodb · Jul 29, 2024 · a590c1a · a590c1a
1 parent ae55994
commit a590c1a
Show file tree

Hide file tree

Showing 54 changed files with 2,686 additions and 276 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 ## [master](https://github.com/arangodb/kube-arangodb/tree/master) (N/A)
 - (Feature) ArangoRoute CRD
+- (Feature) ArangoRoute Operator
 
 ## [1.2.42](https://github.com/arangodb/kube-arangodb/tree/1.2.42) (2024-07-23)
 - (Maintenance) Go 1.22.4 & Kubernetes 1.29.6 libraries

diff --git a/Makefile b/Makefile
@@ -777,7 +777,7 @@ tools-min: update-vendor
 .PHONY: tools
 tools: tools-min
 	@echo ">> Fetching gci"
-	@GOBIN=$(GOPATH)/bin go install github.com/daixiang0/gci@v0.3.0
+	@GOBIN=$(GOPATH)/bin go install github.com/daixiang0/gci@v0.13.4
 	@echo ">> Fetching yamlfmt"
 	@GOBIN=$(GOPATH)/bin go install github.com/google/yamlfmt/cmd/[email protected]
 	@echo ">> Downloading protobuf compiler..."

diff --git a/README.md b/README.md
@@ -181,7 +181,7 @@ Flags:
       --kubernetes.max-batch-size int                          Size of batch during objects read (default 256)
       --kubernetes.qps float32                                 Number of queries per second for k8s API (default 15)
       --log.format string                                      Set log format. Allowed values: 'pretty', 'JSON'. If empty, default format is used (default "pretty")
-      --log.level stringArray                                  Set log levels in format <level> or <logger>=<level>. Possible loggers: action, agency, api-server, assertion, backup-operator, chaos-monkey, crd, deployment, deployment-ci, deployment-reconcile, deployment-replication, deployment-resilience, deployment-resources, deployment-storage, deployment-storage-pc, deployment-storage-service, http, inspector, integrations, k8s-client, monitor, operator, operator-arangojob-handler, operator-v2, operator-v2-event, operator-v2-worker, panics, pod_compare, root, root-event-recorder, server, server-authentication (default [info])
+      --log.level stringArray                                  Set log levels in format <level> or <logger>=<level>. Possible loggers: action, agency, api-server, assertion, backup-operator, chaos-monkey, crd, deployment, deployment-ci, deployment-reconcile, deployment-replication, deployment-resilience, deployment-resources, deployment-storage, deployment-storage-pc, deployment-storage-service, http, inspector, integrations, k8s-client, monitor, networking-route-operator, operator, operator-arangojob-handler, operator-v2, operator-v2-event, operator-v2-worker, panics, pod_compare, root, root-event-recorder, server, server-authentication (default [info])
       --log.sampling                                           If true, operator will try to minimize duplication of logging events (default true)
       --memory-limit uint                                      Define memory limit for hard shutdown and the dump of goroutines. Used for testing
       --metrics.excluded-prefixes stringArray                  List of the excluded metrics prefixes
@@ -192,6 +192,7 @@ Flags:
       --operator.deployment                                    Enable to run the ArangoDeployment operator
       --operator.deployment-replication                        Enable to run the ArangoDeploymentReplication operator
       --operator.ml                                            Enable to run the ArangoML operator
+      --operator.networking                                    Enable to run the Networking operator
       --operator.reconciliation.retry.count int                Count of retries during Object Update operations in the Reconciliation loop (default 25)
       --operator.reconciliation.retry.delay duration           Delay between Object Update operations in the Reconciliation loop (default 1s)
       --operator.storage                                       Enable to run the ArangoLocalStorage operator

diff --git a/chart/kube-arangodb/templates/deployment.yaml b/chart/kube-arangodb/templates/deployment.yaml
@@ -117,6 +117,9 @@ spec:
 {{ if .Values.operator.features.analytics }}
                     - --operator.analytics
 {{- end }}
+{{ if .Values.operator.features.networking }}
+                    - --operator.networking
+{{- end }}
 {{ if .Values.operator.features.k8sToK8sClusterSync }}
                     - --operator.k2k-cluster-sync
 {{- end }}

diff --git a/chart/kube-arangodb/templates/networking-operator/cluster-role-binding.yaml b/chart/kube-arangodb/templates/networking-operator/cluster-role-binding.yaml
@@ -0,0 +1,26 @@
+{{ if .Values.rbac.enabled -}}
+{{ if not (eq .Values.operator.scope "namespaced") -}}
+{{ if .Values.operator.features.networking -}}
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+    name: {{ template "kube-arangodb.rbac-cluster" . }}-networking
+    labels:
+        app.kubernetes.io/name: {{ template "kube-arangodb.name" . }}
+        helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        release: {{ .Release.Name }}
+roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: ClusterRole
+    name: {{ template "kube-arangodb.rbac-cluster" . }}-networking
+subjects:
+    - kind: ServiceAccount
+      name: {{ template "kube-arangodb.operatorName" . }}
+      namespace: {{ .Release.Namespace }}
+
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/chart/kube-arangodb/templates/networking-operator/cluster-role.yaml b/chart/kube-arangodb/templates/networking-operator/cluster-role.yaml
@@ -0,0 +1,22 @@
+{{ if .Values.rbac.enabled -}}
+{{ if not (eq .Values.operator.scope "namespaced") -}}
+{{ if .Values.operator.features.networking -}}
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+    name: {{ template "kube-arangodb.rbac-cluster" . }}-networking
+    labels:
+        app.kubernetes.io/name: {{ template "kube-arangodb.name" . }}
+        helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        release: {{ .Release.Name }}
+rules:
+    - apiGroups: ["apiextensions.k8s.io"]
+      resources: ["customresourcedefinitions"]
+      verbs: ["get", "list", "watch"]
+
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/chart/kube-arangodb/templates/networking-operator/role-binding.yaml b/chart/kube-arangodb/templates/networking-operator/role-binding.yaml
@@ -0,0 +1,25 @@
+{{ if .Values.rbac.enabled -}}
+{{ if .Values.operator.features.networking -}}
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+    name: {{ template "kube-arangodb.rbac" . }}-networking
+    namespace: {{ .Release.Namespace }}
+    labels:
+        app.kubernetes.io/name: {{ template "kube-arangodb.name" . }}
+        helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        release: {{ .Release.Name }}
+roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: Role
+    name: {{ template "kube-arangodb.rbac" . }}-networking
+subjects:
+    - kind: ServiceAccount
+      name: {{ template "kube-arangodb.operatorName" . }}
+      namespace: {{ .Release.Namespace }}
+
+{{- end }}
+{{- end }}
diff --git a/chart/kube-arangodb/templates/networking-operator/role.yaml b/chart/kube-arangodb/templates/networking-operator/role.yaml
@@ -0,0 +1,68 @@
+{{ if .Values.rbac.enabled -}}
+{{ if .Values.operator.features.networking -}}
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+    name: {{ template "kube-arangodb.rbac" . }}-networking
+    namespace: {{ .Release.Namespace }}
+    labels:
+        app.kubernetes.io/name: {{ template "kube-arangodb.name" . }}
+        helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version }}
+        app.kubernetes.io/managed-by: {{ .Release.Service }}
+        app.kubernetes.io/instance: {{ .Release.Name }}
+        release: {{ .Release.Name }}
+rules:
+    - apiGroups:
+        - "ml.arangodb.com"
+      resources:
+        - "arangomlextensions"
+        - "arangomlextensions/status"
+        - "arangomlbatchjobs"
+        - "arangomlbatchjobs/status"
+        - "arangomlcronjobs"
+        - "arangomlcronjobs/status"
+        - "arangomlstorages"
+        - "arangomlstorages/status"
+      verbs:
+        - "*"
+    - apiGroups:
+        - "scheduler.arangodb.com"
+      resources:
+        - "arangoprofiles"
+        - "arangoprofiles/status"
+      verbs:
+        - "*"
+    - apiGroups:
+        - "database.arangodb.com"
+      resources:
+        - "arangodeployments"
+      verbs:
+        - "get"
+        - "list"
+        - "watch"
+    - apiGroups:
+        - "rbac.authorization.k8s.io"
+      resources:
+        - "roles"
+        - "rolebindings"
+      verbs: ["*"]
+    - apiGroups:
+        - "batch"
+      resources:
+        - "cronjobs"
+        - "jobs"
+      verbs: ["*"]
+    - apiGroups: ["apps"]
+      resources:
+        - "statefulsets"
+      verbs: ["*"]
+    - apiGroups: [""]
+      resources:
+        - "pods"
+        - "secrets"
+        - "services"
+        - "serviceaccounts"
+      verbs: ["*"]
+{{- end }}
+{{- end }}
diff --git a/chart/kube-arangodb/values.yaml b/chart/kube-arangodb/values.yaml
@@ -34,6 +34,7 @@ operator:
     k8sToK8sClusterSync: false
     ml: false
     analytics: false
+    networking: true
   tolerations: []
 rbac:
   enabled: true

diff --git a/cmd/cmd.go b/cmd/cmd.go
@@ -119,6 +119,7 @@ var (
 		enableApps                  bool // Run apps operator
 		enableML                    bool // Run ml operator
 		enableAnalytics             bool // Run analytics operator
+		enableNetworking            bool // Run networking operator
 		versionOnly                 bool // Run only version endpoint, explicitly disabled with other
 		enableK2KClusterSync        bool // Run k2kClusterSync operator
 
@@ -184,6 +185,7 @@ var (
 	appsProbe                  probe.ReadyProbe
 	mlProbe                    probe.ReadyProbe
 	analyticsProbe             probe.ReadyProbe
+	networkingProbe            probe.ReadyProbe
 	k2KClusterSyncProbe        probe.ReadyProbe
 )
 
@@ -210,6 +212,7 @@ func init() {
 	f.BoolVar(&operatorOptions.enableApps, "operator.apps", false, "Enable to run the ArangoApps operator")
 	f.BoolVar(&operatorOptions.enableML, "operator.ml", false, "Enable to run the ArangoML operator")
 	f.BoolVar(&operatorOptions.enableAnalytics, "operator.analytics", false, "Enable to run the Analytics operator")
+	f.BoolVar(&operatorOptions.enableNetworking, "operator.networking", false, "Enable to run the Networking operator")
 	f.BoolVar(&operatorOptions.enableK2KClusterSync, "operator.k2k-cluster-sync", false, "Enable to run the ListSimple operator")
 	f.MarkDeprecated("operator.k2k-cluster-sync", "Enabled within deployment operator")
 	f.BoolVar(&operatorOptions.versionOnly, "operator.version", false, "Enable only version endpoint in Operator")
@@ -345,16 +348,17 @@ func executeMain(cmd *cobra.Command, args []string) {
 
 	// Check operating mode
 	if !operatorOptions.enableDeployment && !operatorOptions.enableDeploymentReplication && !operatorOptions.enableStorage &&
-		!operatorOptions.enableBackup && !operatorOptions.enableApps && !operatorOptions.enableK2KClusterSync && !operatorOptions.enableML && !operatorOptions.enableAnalytics {
+		!operatorOptions.enableBackup && !operatorOptions.enableApps && !operatorOptions.enableK2KClusterSync &&
+		!operatorOptions.enableML && !operatorOptions.enableAnalytics && !operatorOptions.enableNetworking {
 		if !operatorOptions.versionOnly {
 			if version.GetVersionV1().IsEnterprise() {
-				logger.Fatal("Turn on --operator.deployment, --operator.deployment-replication, --operator.storage, --operator.backup, --operator.apps, --operator.k2k-cluster-sync, --operator.ml, --operator.analytics or any combination of these")
+				logger.Fatal("Turn on --operator.deployment, --operator.deployment-replication, --operator.storage, --operator.backup, --operator.apps, --operator.k2k-cluster-sync, --operator.ml, --operator.analytics, --operator.networking or any combination of these")
 			} else {
-				logger.Fatal("Turn on --operator.deployment, --operator.deployment-replication, --operator.storage, --operator.backup, --operator.apps, --operator.k2k-cluster-sync or any combination of these")
+				logger.Fatal("Turn on --operator.deployment, --operator.deployment-replication, --operator.storage, --operator.backup, --operator.apps, --operator.k2k-cluster-sync, --operator.networking or any combination of these")
 			}
 		}
 	} else if operatorOptions.versionOnly {
-		logger.Fatal("Options --operator.deployment, --operator.deployment-replication, --operator.storage, --operator.backup, --operator.apps, --operator.k2k-cluster-sync, --operator.ml, --operator.analytics cannot be enabled together with --operator.version")
+		logger.Fatal("Options --operator.deployment, --operator.deployment-replication, --operator.storage, --operator.backup, --operator.apps, --operator.k2k-cluster-sync, --operator.ml, --operator.analytics, --operator.networking cannot be enabled together with --operator.version")
 	} else if !version.GetVersionV1().IsEnterprise() {
 		if operatorOptions.enableML || operatorOptions.enableAnalytics {
 			logger.Fatal("Options --operator.ml, --operator.analytics can be enabled only on the Enterprise Operator")
@@ -492,6 +496,10 @@ func executeMain(cmd *cobra.Command, args []string) {
 				Enabled: cfg.EnableAnalytics,
 				Probe:   &analyticsProbe,
 			},
+			Networking: server.OperatorDependency{
+				Enabled: cfg.EnableNetworking,
+				Probe:   &analyticsProbe,
+			},
 			ClusterSync: server.OperatorDependency{
 				Enabled: cfg.EnableK2KClusterSync,
 				Probe:   &k2KClusterSyncProbe,
@@ -576,6 +584,7 @@ func newOperatorConfigAndDeps(id, namespace, name string) (operator.Config, oper
 		EnableApps:                  operatorOptions.enableApps,
 		EnableML:                    operatorOptions.enableML,
 		EnableAnalytics:             operatorOptions.enableAnalytics,
+		EnableNetworking:            operatorOptions.enableNetworking,
 		EnableK2KClusterSync:        operatorOptions.enableK2KClusterSync,
 		AllowChaos:                  chaosOptions.allowed,
 		ScalingIntegrationEnabled:   operatorOptions.scalingIntegrationEnabled,
@@ -596,6 +605,7 @@ func newOperatorConfigAndDeps(id, namespace, name string) (operator.Config, oper
 		AppsProbe:                  &appsProbe,
 		MlProbe:                    &mlProbe,
 		AnalyticsProbe:             &analyticsProbe,
+		NetworkingProbe:            &networkingProbe,
 		K2KClusterSyncProbe:        &k2KClusterSyncProbe,
 	}
 

diff --git a/docs/api/ArangoRoute.V1Alpha1.md b/docs/api/ArangoRoute.V1Alpha1.md
@@ -12,7 +12,7 @@ title: ArangoRoute V1Alpha1
 
 Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/networking/v1alpha1/route_spec.go#L27)</sup>
 
-Deployment specifies the ArangoDeployment object name
+DeploymentName specifies the ArangoDeployment object name
 
 ***
 
@@ -85,7 +85,53 @@ Path specifies the Path route
 
 ### .status.conditions
 
-Type: `api.Conditions` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/networking/v1alpha1/route_status.go#L28)</sup>
+Type: `api.Conditions` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/networking/v1alpha1/route_status.go#L31)</sup>
 
 Conditions specific to the entire extension
 
+***
+
+### .status.deployment.checksum
+
+Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/shared/v1/object.go#L61)</sup>
+
+UID keeps the information about object Checksum
+
+***
+
+### .status.deployment.name
+
+Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/shared/v1/object.go#L52)</sup>
+
+Name of the object
+
+***
+
+### .status.deployment.namespace
+
+Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/shared/v1/object.go#L55)</sup>
+
+Namespace of the object. Should default to the namespace of the parent object
+
+***
+
+### .status.deployment.uid
+
+Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/shared/v1/object.go#L58)</sup>
+
+UID keeps the information about object UID
+
+***
+
+### .status.targets\[int\].tls.insecure
+
+Type: `boolean` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/networking/v1alpha1/route_status_target_tls.go#L27)</sup>
+
+Insecure allows Insecure traffic
+
+***
+
+### .status.targets\[int\].url
+
+Type: `string` <sup>[\[ref\]](https://github.com/arangodb/kube-arangodb/blob/1.2.42/pkg/apis/networking/v1alpha1/route_status_target.go#L34)</sup>
+
diff --git a/internal/generators/generator_pkg_operatorv2_handlers.go.tmpl b/internal/generators/generator_pkg_operatorv2_handlers.go.tmpl
@@ -0,0 +1,49 @@
+package operator
+
+import (
+	"context"
+	api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1"
+)
+
+type HandleP{{ .id }}Func{{ .templateVars }} func(ctx context.Context {{- if .inputVars }}, {{ .inputVars }}{{ end }}) (bool, error)
+
+type HandleP{{ .id }}ConditionFunc{{ .templateVars }} func(ctx context.Context {{- if .inputVars }}, {{ .inputVars }}{{ end }}) (*Condition, bool, error)
+
+type HandleP{{ .id }}ConditionExtract{{ .templateVars }} func(ctx context.Context {{- if .inputVars }}, {{ .inputVars }}{{ end }})  *api.ConditionList
+
+func HandleP{{ .id }}{{ .templateVars }}(ctx context.Context{{- if .inputVars }}, {{ .inputVars }}{{ end }}, handler ...HandleP{{ .id }}Func{{ .templateInputVars }}) (bool, error) {
+	isChanged := false
+	for _, h := range handler {
+		changed, err := h(ctx{{- if .cleanRefs }}, {{ .cleanRefs }}{{ end }})
+		if changed {
+			isChanged = true
+		}
+
+		if err != nil {
+			return isChanged, err
+		}
+	}
+
+	return isChanged, nil
+}
+
+func HandleP{{ .id }}WithStop{{ .templateVars }}(ctx context.Context{{- if .inputVars }}, {{ .inputVars }}{{ end }}, handler ...HandleP{{ .id }}Func{{ .templateInputVars }}) (bool, error) {
+	changed, err := HandleP{{ .id }}{{ .templateInputVars }}(ctx {{- if .cleanRefs }}, {{ .cleanRefs }}{{ end }}, handler...)
+	if IsStop(err) {
+		return changed, nil
+	}
+
+	return changed, err
+}
+
+func HandleP{{ .id }}WithCondition{{ .templateVars }}(ctx context.Context, conditions *api.ConditionList, condition api.ConditionType{{- if .inputVars }}, {{ .inputVars }}{{ end }}, handler ...HandleP{{ .id }}Func{{ .templateInputVars }}) (bool, error) {
+	changed, err := HandleP{{ .id }}{{ .templateInputVars }}(ctx{{- if .cleanRefs }}, {{ .cleanRefs }}{{ end }}, handler...)
+	return WithCondition(conditions, condition, changed, err)
+}
+
+func HandleP{{ .id }}Condition{{ .templateVars }}(extract HandleP{{ .id }}ConditionExtract{{ .templateInputVars }}, condition api.ConditionType, handler HandleP{{ .id }}ConditionFunc{{ .templateInputVars }}) HandleP{{ .id }}Func{{ .templateInputVars }} {
+	return func(ctx context.Context {{- if .inputVars }}, {{ .inputVars }}{{ end }}) (bool, error) {
+		c, changed, err := handler(ctx{{- if .cleanRefs }}, {{ .cleanRefs }}{{ end }})
+		return WithConditionChange(extract(ctx{{- if .cleanRefs }}, {{ .cleanRefs }}{{ end }}), condition, c, changed, err)
+	}
+}