Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow exposing gateway on nodeport service - status updates #1392

Merged
merged 4 commits into from
May 5, 2023
Merged

allow exposing gateway on nodeport service - status updates #1392

merged 4 commits into from
May 5, 2023

Conversation

chauhanshubham
Copy link
Member

@chauhanshubham chauhanshubham commented May 3, 2023
edited
Loading

What this PR does / why we need it:
This PR allows for users to expose Gateways on a service of type NodePort.
If the service of type NodePort, the exposed Gateway gets the addresses of the Nodes, in the Gateway status section.
In any case a Node is created/updated/deleted, the Gateway addresses status must be updated, hence the additional watch and cache logic.

Resolves #1378

@codecov
Copy link

codecov bot commented May 3, 2023
edited
Loading

Codecov Report

Merging #1392 (deca7dc) into main (642a4d4) will decrease coverage by 0.01%.
The diff coverage is 62.90%.

@@            Coverage Diff             @@
##             main    #1392      +/-   ##
==========================================
- Coverage   62.40%   62.39%   -0.01%     
==========================================
  Files          78       79       +1     
  Lines       10953    11033      +80     
==========================================
+ Hits         6835     6884      +49     
- Misses       3667     3696      +29     
- Partials      451      453       +2
Impacted Files Coverage Δ
internal/provider/kubernetes/predicates.go 57.69% <0.00%> (-3.05%) ⬇️
internal/status/gateway.go 87.75% <25.00%> (-5.73%) ⬇️
internal/provider/kubernetes/controller.go 49.07% <62.50%> (-0.54%) ⬇️
api/config/v1alpha1/validate.go 76.13% <100.00%> (+0.55%) ⬆️
internal/provider/kubernetes/store.go 100.00% <100.00%> (ø)

... and 4 files with indirect coverage changes

arkodg
arkodg reviewed May 3, 2023
View reviewed changes
internal/provider/utils/store.go Outdated
internalIP = addr.Address
}
}
if externalIP != "" {
Copy link
Contributor

@arkodg arkodg May 3, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe add a comment and rename nodeDetails.externalIP to something else, since we are assigning the NodeInternalIP to it

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yea, specifically - in my kind cluster there was no externalIP on the node obj, only internalIP. So I converted internal to external.

Copy link
Contributor

@arkodg arkodg May 3, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah so if we can convert that assumption - use internalIP when external is empty, which might be routable from client to the gateway into a comment, would be easy to understand why this logic was added
and should be field be called nodeIP or just address instead ?

@chauhanshubham
Copy link
Member Author

I'll add more tests if we're good with the general implementation of this.
I'm not sure whether we should be adding the node-port value to the gateway .status.addresses
I believe it makes sense for it to be a part of the status in case of nodeport service.

@chauhanshubham chauhanshubham marked this pull request as ready for review May 3, 2023 17:43
@chauhanshubham chauhanshubham requested a review from a team as a code owner May 3, 2023 17:44
arkodg
arkodg reviewed May 3, 2023
View reviewed changes
internal/status/gateway.go
@@ -50,6 +50,10 @@ func UpdateGatewayStatusProgrammedCondition(gw *gwapiv1b1.Gateway, svc *corev1.S
}
}

if svc.Spec.Type == corev1.ServiceTypeNodePort {
addresses = nodeAddresses
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we also append the NodePort to this address, and expose it in the status ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks like we cannot expose the port in a clean way, because there will be a unique node port per listener port

@chauhanshubham
var/file updates
d17fc43 
Signed-off-by: Shubham Chauhan <[email protected]>
arkodg
arkodg previously approved these changes May 4, 2023
View reviewed changes
Copy link
Contributor

@arkodg arkodg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM thanks

arkodg
arkodg reviewed May 4, 2023
View reviewed changes
charts/gateway-helm/templates/generated/rbac/roles.yaml Outdated
@@ -8,6 +8,7 @@ rules:
- apiGroups:
- ""
resources:
- nodes
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

geo-check is failing because this also need to be part of rbac.go

@chauhanshubham
store test rbac update
deca7dc 
Signed-off-by: Shubham Chauhan <[email protected]>
zirain
zirain reviewed May 5, 2023
View reviewed changes
api/config/v1alpha1/validate.go
@@ -74,7 +74,9 @@ func validateServiceType(spec *EnvoyProxySpec) []error {
var errs []error
if spec.Provider.Kubernetes != nil && spec.Provider.Kubernetes.EnvoyService != nil {
if serviceType := spec.Provider.Kubernetes.EnvoyService.Type; serviceType != nil {
if *serviceType != ServiceTypeLoadBalancer && *serviceType != ServiceTypeClusterIP {
if *serviceType != ServiceTypeLoadBalancer &&
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you simply this lines with a function in a followup

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sure

@zirain zirain merged commit f099e47 into envoyproxy:main May 5, 2023
@qicz qicz added this to the 0.5.0-rc1 milestone May 5, 2023
@qicz qicz added kind/enhancement New feature or request area/api API-related issues area/config Issues related to config management, e.g. Config Manager, Config Sources, etc. provider/kubernetes Issues related to the Kubernetes provider labels May 5, 2023
@chauhanshubham chauhanshubham mentioned this pull request May 5, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arkodg arkodg arkodg approved these changes

@zirain zirain zirain approved these changes

Assignees
No one assigned
Labels
area/api API-related issues area/config Issues related to config management, e.g. Config Manager, Config Sources, etc. kind/enhancement New feature or request provider/kubernetes Issues related to the Kubernetes provider
Projects
None yet
Milestone
0.5.0-rc1
Development

Successfully merging this pull request may close these issues.

Support NodePort Type Envoy Proxy service
4 participants
@chauhanshubham @zirain @arkodg @qicz