From acc1cfcfef66a5841f2d1ce6914be8fc2a18af73 Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Mon, 2 Nov 2020 09:35:16 +0100 Subject: [PATCH 1/5] feat(kuma-cp) new multicluster flow Signed-off-by: Jakub Dyszkiewicz --- api/mesh/v1alpha1/dataplane.pb.go | 127 +++++++++-------- api/mesh/v1alpha1/dataplane.pb.validate.go | 4 + api/mesh/v1alpha1/dataplane.proto | 8 +- api/mesh/v1alpha1/dataplane_helpers.go | 7 + api/system/v1alpha1/zone.pb.go | 67 +-------- api/system/v1alpha1/zone.pb.validate.go | 77 ---------- api/system/v1alpha1/zone.proto | 11 +- app/kumactl/cmd/get/get_zones.go | 3 +- app/kumactl/cmd/get/get_zones_test.go | 12 +- .../cmd/get/testdata/get-zones.golden.json | 12 +- .../cmd/get/testdata/get-zones.golden.txt | 6 +- .../cmd/get/testdata/get-zones.golden.yaml | 6 +- .../testdata/get-zones.pagination.golden.txt | 4 +- app/kumactl/cmd/inspect/inspect_zones.go | 4 +- app/kumactl/cmd/inspect/inspect_zones_test.go | 8 +- .../inspect/testdata/inspect-zone.golden.yaml | 10 +- .../testdata/inspect-zones.golden.json | 8 +- .../inspect/testdata/inspect-zones.golden.txt | 6 +- ...tall-control-plane.cni-enabled.golden.yaml | 1 + ...install-control-plane.defaults.golden.yaml | 1 + .../install-control-plane.global.golden.yaml | 1 + ...nstall-control-plane.overrides.golden.yaml | 1 + .../install-control-plane.remote.golden.yaml | 1 + ...all-control-plane.with-ingress.golden.yaml | 1 + .../control-plane/helmtemplates_vfsdata.go | 18 +-- .../charts/kuma/templates/cp-rbac.yaml | 1 + .../zone_overview_endpoints_test.go | 21 +-- pkg/api-server/zones_ws.go | 2 +- .../apis/mesh/dataplane_validator.go | 24 +++- .../apis/mesh/dataplane_validator_test.go | 46 +++++- .../resources/apis/system/zone_validator.go | 37 +---- .../apis/system/zone_validator_test.go | 93 ------------- pkg/kds/global/components.go | 65 +++------ pkg/kds/global/components_test.go | 6 +- .../k8s/controllers/ingress_converter.go | 131 ++++++++++++++++++ .../runtime/k8s/controllers/pod_converter.go | 19 +-- .../k8s/controllers/pod_converter_test.go | 108 ++++++++++++++- .../testdata/ingress/01.dataplane.yaml | 16 +++ .../controllers/testdata/ingress/01.pod.yaml | 13 ++ .../testdata/ingress/01.services-for-pod.yaml | 15 ++ .../testdata/ingress/02.dataplane.yaml | 16 +++ .../controllers/testdata/ingress/02.pod.yaml | 13 ++ .../testdata/ingress/02.services-for-pod.yaml | 15 ++ .../testdata/ingress/03.dataplane.yaml | 14 ++ .../controllers/testdata/ingress/03.pod.yaml | 13 ++ .../testdata/ingress/03.services-for-pod.yaml | 11 ++ .../testdata/ingress/04.dataplane.yaml | 16 +++ .../controllers/testdata/ingress/04.node.yaml | 10 ++ .../controllers/testdata/ingress/04.pod.yaml | 13 ++ .../testdata/ingress/04.services-for-pod.yaml | 12 ++ .../testdata/ingress/05.dataplane.yaml | 16 +++ .../controllers/testdata/ingress/05.node.yaml | 8 ++ .../controllers/testdata/ingress/05.pod.yaml | 13 ++ .../testdata/ingress/05.services-for-pod.yaml | 12 ++ .../testdata/ingress/06.dataplane.yaml | 16 +++ .../controllers/testdata/ingress/06.pod.yaml | 15 ++ .../testdata/ingress/06.services-for-pod.yaml | 15 ++ .../runtime/k8s/metadata/annotations.go | 8 ++ pkg/plugins/runtime/k8s/plugin.go | 1 + pkg/xds/topology/dataplanes.go | 25 +++- pkg/xds/topology/outbound.go | 8 +- pkg/xds/topology/outbound_test.go | 16 ++- test/e2e/kuma_deploy_global_remote_test.go | 16 +-- .../kuma_deploy_hybrid_kube_global_test.go | 9 -- test/e2e/kuma_deploy_hybrid_test.go | 29 ---- test/e2e/kuma_deploy_universal_test.go | 12 -- .../kuma_helm_deploy_global_remote_test.go | 16 +-- test/framework/constants.go | 18 --- test/framework/interface.go | 1 - test/framework/k8s_controlplane.go | 27 ---- test/framework/setup.go | 3 +- test/framework/universal_app.go | 6 +- test/framework/universal_controlplane.go | 5 - 73 files changed, 795 insertions(+), 634 deletions(-) delete mode 100644 pkg/core/resources/apis/system/zone_validator_test.go create mode 100644 pkg/plugins/runtime/k8s/controllers/ingress_converter.go create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.dataplane.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.services-for-pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.dataplane.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.services-for-pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.dataplane.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.services-for-pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.dataplane.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.node.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.services-for-pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.dataplane.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.node.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.services-for-pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.dataplane.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.pod.yaml create mode 100644 pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.services-for-pod.yaml diff --git a/api/mesh/v1alpha1/dataplane.pb.go b/api/mesh/v1alpha1/dataplane.pb.go index 7be6193150ec..23c460cc8977 100644 --- a/api/mesh/v1alpha1/dataplane.pb.go +++ b/api/mesh/v1alpha1/dataplane.pb.go @@ -90,7 +90,6 @@ type Dataplane_Networking struct { // Ingress if not nil, dataplane will be work in the Ingress mode Ingress *Dataplane_Networking_Ingress `protobuf:"bytes,6,opt,name=ingress,proto3" json:"ingress,omitempty"` // Public IP on which the dataplane is accessible in the network. - // Host names and DNS are not allowed. Address string `protobuf:"bytes,5,opt,name=address,proto3" json:"address,omitempty"` // Gateway describes configuration of gateway of the dataplane. Gateway *Dataplane_Networking_Gateway `protobuf:"bytes,3,opt,name=gateway,proto3" json:"gateway,omitempty"` @@ -177,10 +176,14 @@ func (m *Dataplane_Networking) GetTransparentProxying() *Dataplane_Networking_Tr // prohibited). Every inbound interface matches with services that reside in // that cluster. type Dataplane_Networking_Ingress struct { - AvailableServices []*Dataplane_Networking_Ingress_AvailableService `protobuf:"bytes,1,rep,name=availableServices,proto3" json:"availableServices,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + AvailableServices []*Dataplane_Networking_Ingress_AvailableService `protobuf:"bytes,1,rep,name=availableServices,proto3" json:"availableServices,omitempty"` + // PublicAddress defines IP or DNS name on which Ingress is accessible to other Kuma clusters. + PublicAddress string `protobuf:"bytes,2,opt,name=publicAddress,proto3" json:"publicAddress,omitempty"` + // PublicPort defines port on which Ingress is accessible to other Kuma clusters. + PublicPort uint32 `protobuf:"varint,3,opt,name=publicPort,proto3" json:"publicPort,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *Dataplane_Networking_Ingress) Reset() { *m = Dataplane_Networking_Ingress{} } @@ -215,6 +218,20 @@ func (m *Dataplane_Networking_Ingress) GetAvailableServices() []*Dataplane_Netwo return nil } +func (m *Dataplane_Networking_Ingress) GetPublicAddress() string { + if m != nil { + return m.PublicAddress + } + return "" +} + +func (m *Dataplane_Networking_Ingress) GetPublicPort() uint32 { + if m != nil { + return m.PublicPort + } + return 0 +} + // AvailableService contains tags that represent unique subset of // endpoints type Dataplane_Networking_Ingress_AvailableService struct { @@ -658,53 +675,55 @@ func init() { func init() { proto.RegisterFile("mesh/v1alpha1/dataplane.proto", fileDescriptor_7608682fd5ea84a4) } var fileDescriptor_7608682fd5ea84a4 = []byte{ - // 760 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x56, 0xdd, 0x6a, 0x13, 0x41, - 0x14, 0x66, 0x92, 0xcd, 0xcf, 0x9e, 0x1a, 0xa9, 0xd3, 0x58, 0xc3, 0xaa, 0x90, 0x16, 0x91, 0x20, - 0xb8, 0xb5, 0x2a, 0x28, 0xb5, 0x22, 0x59, 0x2c, 0xfe, 0x94, 0xda, 0x30, 0xf6, 0x42, 0xbc, 0x09, - 0x93, 0xec, 0x90, 0x2c, 0x49, 0x77, 0x97, 0xdd, 0x49, 0x6a, 0xde, 0xa3, 0x57, 0xe2, 0x93, 0xf8, - 0x0a, 0x5e, 0xf8, 0x00, 0x82, 0x77, 0xbe, 0x44, 0x6f, 0x2a, 0x3b, 0x3f, 0x9b, 0x6d, 0x5a, 0x4a, - 0x52, 0xf1, 0x6e, 0xf6, 0xcc, 0xf9, 0xbe, 0xf3, 0xf7, 0xcd, 0x49, 0xe0, 0xee, 0x21, 0x8b, 0xfb, - 0x1b, 0xe3, 0x4d, 0x3a, 0x0c, 0xfb, 0x74, 0x73, 0xc3, 0xa5, 0x9c, 0x86, 0x43, 0xea, 0x33, 0x3b, - 0x8c, 0x02, 0x1e, 0x60, 0x3c, 0x18, 0x1d, 0x52, 0x3b, 0xf1, 0xb1, 0xb5, 0x8f, 0x75, 0xfb, 0x2c, - 0xe4, 0x90, 0xf1, 0xc8, 0xeb, 0xc6, 0x12, 0x60, 0xdd, 0x1a, 0xd3, 0xa1, 0xe7, 0x52, 0xce, 0x36, - 0xf4, 0x41, 0x5e, 0xac, 0x7f, 0x5f, 0x06, 0xf3, 0xb5, 0x66, 0xc7, 0x6f, 0x01, 0x7c, 0xc6, 0x8f, - 0x82, 0x68, 0xe0, 0xf9, 0xbd, 0x1a, 0xaa, 0xa3, 0xc6, 0xd2, 0xe3, 0x86, 0x7d, 0x3e, 0x98, 0x9d, - 0x42, 0xec, 0x0f, 0xa9, 0x3f, 0xc9, 0x60, 0xf1, 0x36, 0x94, 0x54, 0x06, 0xb5, 0x9c, 0xa0, 0x59, - 0xbf, 0x88, 0x66, 0x4f, 0xba, 0x38, 0xb4, 0x3b, 0x60, 0xbe, 0x4b, 0x34, 0x04, 0x6f, 0x43, 0x31, - 0x8c, 0x82, 0x0e, 0x8b, 0x6b, 0x79, 0x01, 0xbe, 0x77, 0x79, 0x0e, 0x2d, 0xe1, 0x4b, 0x14, 0xc6, - 0x3a, 0xae, 0x00, 0x4c, 0xd3, 0xc2, 0xef, 0xa1, 0xe4, 0xf9, 0xbd, 0x88, 0xc5, 0x71, 0xad, 0x28, - 0xd8, 0x1e, 0xcd, 0x5b, 0x91, 0xfd, 0x4e, 0xe2, 0x88, 0x26, 0xc0, 0x35, 0x28, 0x51, 0xd7, 0x15, - 0x5c, 0x85, 0x3a, 0x6a, 0x98, 0x44, 0x7f, 0x26, 0x51, 0x7a, 0x94, 0xb3, 0x23, 0x3a, 0x51, 0x39, - 0xcf, 0x1f, 0xe5, 0x8d, 0xc4, 0x11, 0x4d, 0x20, 0x33, 0xee, 0x04, 0x23, 0xdf, 0xad, 0xa1, 0x7a, - 0x7e, 0xc1, 0x8c, 0x05, 0x8e, 0x68, 0x02, 0xbc, 0x07, 0xe5, 0x60, 0xc4, 0x25, 0x59, 0x4e, 0x90, - 0x6d, 0xce, 0x4d, 0xb6, 0xaf, 0x80, 0x24, 0xa5, 0xc0, 0x01, 0x54, 0x79, 0x44, 0xfd, 0x38, 0xa4, - 0x11, 0xf3, 0x79, 0x3b, 0x8c, 0x82, 0x2f, 0x93, 0x44, 0x2b, 0x86, 0xa8, 0x79, 0x7b, 0x6e, 0xea, - 0x83, 0x29, 0x49, 0x4b, 0x71, 0x90, 0x15, 0x7e, 0xde, 0x68, 0xfd, 0xca, 0x41, 0x49, 0x8d, 0x01, - 0x07, 0x70, 0x83, 0x8e, 0xa9, 0x37, 0xa4, 0x9d, 0x21, 0xfb, 0xc8, 0xa2, 0xb1, 0xd7, 0x65, 0xb1, - 0xea, 0x50, 0x73, 0xd1, 0x99, 0xda, 0xcd, 0x19, 0x26, 0x72, 0x9e, 0xdb, 0xfa, 0x8d, 0x60, 0x79, - 0xd6, 0x0f, 0xb7, 0xc1, 0xe0, 0xb4, 0xa7, 0x03, 0xef, 0xfe, 0x73, 0x60, 0xfb, 0x80, 0xf6, 0xe2, - 0x1d, 0x9f, 0x47, 0x13, 0x22, 0x88, 0xf1, 0x1d, 0x30, 0x3d, 0x3f, 0xe6, 0xd4, 0x4f, 0xca, 0x4b, - 0x5e, 0x4f, 0x85, 0x4c, 0x0d, 0x18, 0x83, 0x91, 0x04, 0x13, 0x2a, 0x33, 0x89, 0x38, 0x5b, 0xcf, - 0xc0, 0x4c, 0x49, 0xf0, 0x32, 0xe4, 0x07, 0x6c, 0x22, 0x5e, 0xaf, 0x49, 0x92, 0x23, 0xae, 0x42, - 0x61, 0x4c, 0x87, 0x23, 0x26, 0xc8, 0x4c, 0x22, 0x3f, 0xb6, 0x72, 0xcf, 0x91, 0x75, 0x2c, 0xba, - 0x2b, 0x47, 0x8b, 0xc1, 0x08, 0x83, 0x88, 0x0b, 0xe2, 0x0a, 0x11, 0x67, 0x5c, 0x87, 0xa5, 0x58, - 0x66, 0xd9, 0x4a, 0xae, 0x0c, 0x71, 0x95, 0x35, 0xe1, 0xfb, 0x70, 0x5d, 0x7d, 0x36, 0xd5, 0xc3, - 0x28, 0x8a, 0x20, 0x33, 0xd6, 0x4b, 0x5e, 0xce, 0x27, 0xd5, 0x4f, 0xa9, 0xce, 0xad, 0x45, 0xa5, - 0x3e, 0x6d, 0x9f, 0x53, 0x3e, 0x71, 0x0a, 0x5f, 0x51, 0xae, 0x8c, 0x64, 0x23, 0xaf, 0xde, 0x96, - 0x3f, 0x08, 0xca, 0x5a, 0xfc, 0xd9, 0xcc, 0xf3, 0x67, 0x33, 0xd7, 0x1d, 0x33, 0x32, 0x1d, 0x5b, - 0x83, 0x92, 0xaa, 0x5c, 0xd2, 0x3a, 0xa5, 0x13, 0xc7, 0x88, 0x72, 0x7d, 0x44, 0xb4, 0x1d, 0xef, - 0xab, 0x82, 0x0b, 0xa2, 0xe0, 0x17, 0x0b, 0x3f, 0xc7, 0x59, 0xc1, 0x5c, 0xbd, 0xce, 0x6f, 0x08, - 0x4a, 0x6a, 0xfb, 0xa4, 0x63, 0x40, 0x0b, 0x8e, 0x41, 0xe1, 0xff, 0xc7, 0x18, 0x7e, 0x20, 0x58, - 0xb9, 0x60, 0x51, 0xe0, 0x97, 0x70, 0x33, 0x62, 0xae, 0x17, 0xb1, 0x2e, 0x6f, 0x27, 0x4d, 0x6f, - 0x4f, 0xb7, 0x25, 0x6a, 0x54, 0x1c, 0xf3, 0xc4, 0x29, 0x3e, 0x30, 0x6a, 0xa7, 0xa7, 0x79, 0xb2, - 0xa2, 0xfd, 0x12, 0xad, 0x6a, 0xa1, 0xbf, 0x82, 0xd5, 0xb3, 0xf0, 0xcc, 0x82, 0x9c, 0xc1, 0x57, - 0xb3, 0xf8, 0x54, 0x11, 0x4f, 0x61, 0x55, 0xc1, 0x69, 0xb7, 0xcb, 0xe2, 0xb8, 0x1d, 0xeb, 0x65, - 0x94, 0xaf, 0xe7, 0x1b, 0x26, 0xa9, 0xca, 0xdb, 0xa6, 0xb8, 0x4c, 0x97, 0xc9, 0x4f, 0x04, 0x45, - 0xf9, 0x4b, 0x95, 0x0a, 0x07, 0x65, 0x84, 0xb3, 0x0b, 0x26, 0xf3, 0xdd, 0x30, 0xf0, 0x7c, 0xae, - 0xdf, 0xc2, 0xc3, 0x79, 0x7e, 0xf6, 0xec, 0x1d, 0x85, 0x22, 0x53, 0xbc, 0xe5, 0x42, 0x59, 0x9b, - 0xf1, 0x1a, 0x5c, 0x53, 0xfd, 0x69, 0x67, 0x82, 0x2e, 0x29, 0x5b, 0x4b, 0x8a, 0x76, 0xea, 0x42, - 0x79, 0x5f, 0x4d, 0x22, 0x75, 0xa1, 0xbc, 0x2f, 0x52, 0x4e, 0xae, 0xd4, 0xda, 0x49, 0xce, 0x0e, - 0x7c, 0x2e, 0xeb, 0xb4, 0x3a, 0x45, 0xf1, 0x7f, 0xe2, 0xc9, 0xdf, 0x00, 0x00, 0x00, 0xff, 0xff, - 0xc3, 0xf9, 0xa5, 0xbd, 0xba, 0x08, 0x00, 0x00, + // 789 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xb4, 0x56, 0x4b, 0x6b, 0xeb, 0x46, + 0x14, 0x66, 0x24, 0xf9, 0xa1, 0x93, 0xba, 0x24, 0x13, 0x37, 0x35, 0xea, 0x03, 0x27, 0x84, 0x62, + 0x0a, 0x55, 0x9a, 0xb6, 0xd0, 0x92, 0xa6, 0x14, 0x8b, 0x86, 0x3e, 0x42, 0x1a, 0x33, 0xcd, 0xa2, + 0x74, 0x63, 0xc6, 0xd6, 0x60, 0x0b, 0x3b, 0x92, 0x90, 0xc6, 0x4e, 0xbd, 0xeb, 0x8f, 0xe8, 0xaa, + 0x74, 0x73, 0x7f, 0xcf, 0x5d, 0xdc, 0xfd, 0x5d, 0xdc, 0xdd, 0xfd, 0x13, 0xd9, 0xe4, 0xa2, 0x79, + 0x48, 0xb2, 0x13, 0x82, 0x9d, 0xcb, 0xdd, 0x8d, 0xce, 0x9c, 0xef, 0x9b, 0x6f, 0xbe, 0x73, 0xe6, + 0xd8, 0xf0, 0xc9, 0x35, 0x4b, 0xc7, 0x47, 0xf3, 0x63, 0x3a, 0x8d, 0xc7, 0xf4, 0xf8, 0xc8, 0xa7, + 0x9c, 0xc6, 0x53, 0x1a, 0x32, 0x37, 0x4e, 0x22, 0x1e, 0x61, 0x3c, 0x99, 0x5d, 0x53, 0x37, 0xcb, + 0x71, 0x75, 0x8e, 0xf3, 0xd1, 0x32, 0xe4, 0x9a, 0xf1, 0x24, 0x18, 0xa6, 0x12, 0xe0, 0x7c, 0x38, + 0xa7, 0xd3, 0xc0, 0xa7, 0x9c, 0x1d, 0xe9, 0x85, 0xdc, 0x38, 0xf8, 0x67, 0x07, 0xec, 0x9f, 0x34, + 0x3b, 0xfe, 0x05, 0x20, 0x64, 0xfc, 0x26, 0x4a, 0x26, 0x41, 0x38, 0x6a, 0xa1, 0x36, 0xea, 0x6c, + 0x7d, 0xd5, 0x71, 0xef, 0x1f, 0xe6, 0xe6, 0x10, 0xf7, 0xf7, 0x3c, 0x9f, 0x94, 0xb0, 0xf8, 0x14, + 0x6a, 0x4a, 0x41, 0xcb, 0x10, 0x34, 0x07, 0x0f, 0xd1, 0x5c, 0xc8, 0x14, 0x8f, 0x0e, 0x27, 0x2c, + 0xf4, 0x89, 0x86, 0xe0, 0x53, 0xa8, 0xc6, 0x49, 0x34, 0x60, 0x69, 0xcb, 0x14, 0xe0, 0xc3, 0xc7, + 0x35, 0xf4, 0x44, 0x2e, 0x51, 0x18, 0xe7, 0x65, 0x03, 0xa0, 0x90, 0x85, 0x7f, 0x83, 0x5a, 0x10, + 0x8e, 0x12, 0x96, 0xa6, 0xad, 0xaa, 0x60, 0xfb, 0x72, 0xdd, 0x1b, 0xb9, 0xbf, 0x4a, 0x1c, 0xd1, + 0x04, 0xb8, 0x05, 0x35, 0xea, 0xfb, 0x82, 0xab, 0xd2, 0x46, 0x1d, 0x9b, 0xe8, 0xcf, 0xec, 0x94, + 0x11, 0xe5, 0xec, 0x86, 0x2e, 0x94, 0xe6, 0xf5, 0x4f, 0xf9, 0x59, 0xe2, 0x88, 0x26, 0x90, 0x8a, + 0x07, 0xd1, 0x2c, 0xf4, 0x5b, 0xa8, 0x6d, 0x6e, 0xa8, 0x58, 0xe0, 0x88, 0x26, 0xc0, 0x17, 0x50, + 0x8f, 0x66, 0x5c, 0x92, 0x19, 0x82, 0xec, 0x78, 0x6d, 0xb2, 0x4b, 0x05, 0x24, 0x39, 0x05, 0x8e, + 0xa0, 0xc9, 0x13, 0x1a, 0xa6, 0x31, 0x4d, 0x58, 0xc8, 0xfb, 0x71, 0x12, 0xfd, 0xbd, 0xc8, 0x7a, + 0xc5, 0x12, 0x77, 0x3e, 0x5d, 0x9b, 0xfa, 0xaa, 0x20, 0xe9, 0x29, 0x0e, 0xb2, 0xcb, 0xef, 0x07, + 0x9d, 0x67, 0x26, 0xd4, 0x54, 0x19, 0x70, 0x04, 0x3b, 0x74, 0x4e, 0x83, 0x29, 0x1d, 0x4c, 0xd9, + 0x1f, 0x2c, 0x99, 0x07, 0x43, 0x96, 0x2a, 0x87, 0xba, 0x9b, 0xd6, 0xd4, 0xed, 0xae, 0x30, 0x91, + 0xfb, 0xdc, 0xf8, 0x10, 0x1a, 0xf1, 0x6c, 0x30, 0x0d, 0x86, 0x5d, 0x55, 0x74, 0x43, 0x14, 0x7d, + 0x39, 0x88, 0x3f, 0x05, 0x90, 0x81, 0x5e, 0x94, 0x70, 0x51, 0xfd, 0x06, 0x29, 0x45, 0x9c, 0x57, + 0x08, 0xb6, 0x57, 0x4f, 0xc3, 0x7d, 0xb0, 0x38, 0x1d, 0x69, 0xf9, 0xe7, 0x6f, 0x2d, 0xdf, 0xbd, + 0xa2, 0xa3, 0xf4, 0x2c, 0xe4, 0xc9, 0x82, 0x08, 0x62, 0xfc, 0x31, 0xd8, 0x41, 0x98, 0x72, 0x1a, + 0x66, 0x26, 0x19, 0x42, 0x54, 0x11, 0xc0, 0x18, 0xac, 0xec, 0x30, 0xa1, 0xd6, 0x26, 0x62, 0xed, + 0x7c, 0x0b, 0x76, 0x4e, 0x82, 0xb7, 0xc1, 0x9c, 0xb0, 0x85, 0x98, 0x01, 0x36, 0xc9, 0x96, 0xb8, + 0x09, 0x95, 0x39, 0x9d, 0xce, 0x98, 0x32, 0x41, 0x7e, 0x9c, 0x18, 0xdf, 0x21, 0xe7, 0x5f, 0x23, + 0xab, 0x91, 0x6c, 0x10, 0x0c, 0x56, 0x5c, 0xd8, 0x20, 0xd6, 0xb8, 0x0d, 0x5b, 0xa9, 0x54, 0x29, + 0x1c, 0xb2, 0xc4, 0x56, 0x39, 0x84, 0x3f, 0x83, 0xf7, 0xd5, 0xa7, 0x76, 0xba, 0x2a, 0x0e, 0x59, + 0x89, 0x3e, 0xf2, 0xfe, 0xfe, 0x54, 0x7e, 0xca, 0x1e, 0x3f, 0xd9, 0xf4, 0xc1, 0x14, 0xf6, 0x79, + 0xf5, 0x5b, 0xaf, 0xf2, 0x1f, 0x32, 0xea, 0x48, 0x1a, 0xf9, 0x74, 0x5b, 0x5e, 0x23, 0xa8, 0xeb, + 0x27, 0x54, 0x56, 0x6e, 0x2e, 0x2b, 0xd7, 0x8e, 0x59, 0x25, 0xc7, 0xf6, 0xa1, 0xa6, 0x6e, 0x2e, + 0x69, 0xbd, 0xda, 0xad, 0x67, 0x25, 0xc6, 0x18, 0x11, 0x1d, 0xc7, 0x97, 0xea, 0xc2, 0x15, 0x71, + 0xe1, 0xef, 0x37, 0x7e, 0xd4, 0xab, 0x0d, 0xf3, 0xf4, 0x7b, 0xfe, 0x8f, 0xa0, 0xa6, 0x66, 0x58, + 0x5e, 0x06, 0xb4, 0x61, 0x19, 0x14, 0xfe, 0x5d, 0x94, 0xe1, 0x39, 0x82, 0xdd, 0x07, 0xc6, 0x0d, + 0xfe, 0x01, 0x3e, 0x48, 0x98, 0x1f, 0x24, 0x6c, 0xc8, 0xfb, 0x99, 0xe9, 0xfd, 0x62, 0xe6, 0xa2, + 0x4e, 0xc3, 0xb3, 0x6f, 0xbd, 0xea, 0xe7, 0x56, 0xeb, 0xee, 0xce, 0x24, 0xbb, 0x3a, 0x2f, 0xeb, + 0x55, 0xdd, 0xe8, 0x3f, 0xc2, 0xde, 0x32, 0xbc, 0x34, 0x66, 0x57, 0xf0, 0xcd, 0x32, 0x3e, 0xef, + 0x88, 0x6f, 0x60, 0x4f, 0xc1, 0xe9, 0x70, 0xc8, 0xd2, 0xb4, 0x9f, 0xea, 0x91, 0x66, 0xb6, 0xcd, + 0x8e, 0x4d, 0x9a, 0x72, 0xb7, 0x2b, 0x36, 0xf5, 0x48, 0x72, 0x5e, 0x20, 0xa8, 0xca, 0xdf, 0xbb, + 0xbc, 0x71, 0x50, 0xa9, 0x71, 0xce, 0xc1, 0x66, 0xa1, 0x1f, 0x47, 0x41, 0xc8, 0xf5, 0x5b, 0xf8, + 0x62, 0x9d, 0x1f, 0x4f, 0xf7, 0x4c, 0xa1, 0x48, 0x81, 0x77, 0x7c, 0xa8, 0xeb, 0x30, 0xde, 0x87, + 0xf7, 0x94, 0x3f, 0xfd, 0xd2, 0xa1, 0x5b, 0x2a, 0xd6, 0x93, 0x4d, 0x5b, 0xa4, 0x50, 0x3e, 0x56, + 0x95, 0xc8, 0x53, 0x28, 0x1f, 0x0b, 0xc9, 0xd9, 0x96, 0x1a, 0x3b, 0xd9, 0xda, 0x83, 0xbf, 0xea, + 0x5a, 0xd6, 0xa0, 0x2a, 0xfe, 0x95, 0x7c, 0xfd, 0x26, 0x00, 0x00, 0xff, 0xff, 0x35, 0x1f, 0x84, + 0x1b, 0x00, 0x09, 0x00, 0x00, } diff --git a/api/mesh/v1alpha1/dataplane.pb.validate.go b/api/mesh/v1alpha1/dataplane.pb.validate.go index 36804ecc8b72..df4ba55985e4 100644 --- a/api/mesh/v1alpha1/dataplane.pb.validate.go +++ b/api/mesh/v1alpha1/dataplane.pb.validate.go @@ -364,6 +364,10 @@ func (m *Dataplane_Networking_Ingress) Validate() error { } + // no validation rules for PublicAddress + + // no validation rules for PublicPort + return nil } diff --git a/api/mesh/v1alpha1/dataplane.proto b/api/mesh/v1alpha1/dataplane.proto index 96034ef2d0c9..0b49c1e512d6 100644 --- a/api/mesh/v1alpha1/dataplane.proto +++ b/api/mesh/v1alpha1/dataplane.proto @@ -30,13 +30,19 @@ message Dataplane { string mesh = 3; } repeated AvailableService availableServices = 1; + + // PublicAddress defines IP or DNS name on which Ingress is accessible to + // other Kuma clusters. + string publicAddress = 2; + // PublicPort defines port on which Ingress is accessible to other Kuma + // clusters. + uint32 publicPort = 3; } // Ingress if not nil, dataplane will be work in the Ingress mode Ingress ingress = 6; // Public IP on which the dataplane is accessible in the network. - // Host names and DNS are not allowed. string address = 5; // Inbound describes a service implemented by the dataplane. diff --git a/api/mesh/v1alpha1/dataplane_helpers.go b/api/mesh/v1alpha1/dataplane_helpers.go index 1f8eb152c9a5..7a4bed8e08f4 100644 --- a/api/mesh/v1alpha1/dataplane_helpers.go +++ b/api/mesh/v1alpha1/dataplane_helpers.go @@ -331,6 +331,13 @@ func (d *Dataplane) IsIngress() bool { return d.Networking.Ingress != nil } +func (d *Dataplane) HasPublicAddress() bool { + if d.Networking.Ingress == nil { + return false + } + return d.Networking.Ingress.PublicAddress != "" && d.Networking.Ingress.PublicPort != 0 +} + func (d *Dataplane) HasAvailableServices() bool { if !d.IsIngress() { return false diff --git a/api/system/v1alpha1/zone.pb.go b/api/system/v1alpha1/zone.pb.go index 5e6d54b883df..8cf14f42e3b0 100644 --- a/api/system/v1alpha1/zone.pb.go +++ b/api/system/v1alpha1/zone.pb.go @@ -23,10 +23,9 @@ const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package // Zone defines the Zone configuration used at the Global Control Plane // within a distributed deployment type Zone struct { - Ingress *Zone_Ingress `protobuf:"bytes,2,opt,name=ingress,proto3" json:"ingress,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` } func (m *Zone) Reset() { *m = Zone{} } @@ -54,70 +53,18 @@ func (m *Zone) XXX_DiscardUnknown() { var xxx_messageInfo_Zone proto.InternalMessageInfo -func (m *Zone) GetIngress() *Zone_Ingress { - if m != nil { - return m.Ingress - } - return nil -} - -// Configure the Zone's Ingress -type Zone_Ingress struct { - // The public load balancer address of the Zone Ingress - Address string `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Zone_Ingress) Reset() { *m = Zone_Ingress{} } -func (m *Zone_Ingress) String() string { return proto.CompactTextString(m) } -func (*Zone_Ingress) ProtoMessage() {} -func (*Zone_Ingress) Descriptor() ([]byte, []int) { - return fileDescriptor_0b77e158d4963c0f, []int{0, 0} -} - -func (m *Zone_Ingress) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Zone_Ingress.Unmarshal(m, b) -} -func (m *Zone_Ingress) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Zone_Ingress.Marshal(b, m, deterministic) -} -func (m *Zone_Ingress) XXX_Merge(src proto.Message) { - xxx_messageInfo_Zone_Ingress.Merge(m, src) -} -func (m *Zone_Ingress) XXX_Size() int { - return xxx_messageInfo_Zone_Ingress.Size(m) -} -func (m *Zone_Ingress) XXX_DiscardUnknown() { - xxx_messageInfo_Zone_Ingress.DiscardUnknown(m) -} - -var xxx_messageInfo_Zone_Ingress proto.InternalMessageInfo - -func (m *Zone_Ingress) GetAddress() string { - if m != nil { - return m.Address - } - return "" -} - func init() { proto.RegisterType((*Zone)(nil), "kuma.system.v1alpha1.Zone") - proto.RegisterType((*Zone_Ingress)(nil), "kuma.system.v1alpha1.Zone.Ingress") } func init() { proto.RegisterFile("system/v1alpha1/zone.proto", fileDescriptor_0b77e158d4963c0f) } var fileDescriptor_0b77e158d4963c0f = []byte{ - // 138 bytes of a gzipped FileDescriptorProto + // 83 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xe2, 0x92, 0x2a, 0xae, 0x2c, 0x2e, 0x49, 0xcd, 0xd5, 0x2f, 0x33, 0x4c, 0xcc, 0x29, 0xc8, 0x48, 0x34, 0xd4, 0xaf, 0xca, 0xcf, 0x4b, 0xd5, 0x2b, 0x28, 0xca, 0x2f, 0xc9, 0x17, 0x12, 0xc9, 0x2e, 0xcd, 0x4d, 0xd4, 0x83, 0x28, 0xd0, - 0x83, 0x29, 0x50, 0xca, 0xe4, 0x62, 0x89, 0xca, 0xcf, 0x4b, 0x15, 0xb2, 0xe1, 0x62, 0xcf, 0xcc, - 0x4b, 0x2f, 0x4a, 0x2d, 0x2e, 0x96, 0x60, 0x52, 0x60, 0xd4, 0xe0, 0x36, 0x52, 0xd2, 0xc3, 0xa6, - 0x5e, 0x0f, 0xa4, 0x58, 0xcf, 0x13, 0xa2, 0x32, 0x08, 0xa6, 0x45, 0x4a, 0x99, 0x8b, 0x1d, 0x2a, - 0x26, 0x24, 0xc1, 0xc5, 0x9e, 0x98, 0x92, 0x02, 0x36, 0x88, 0x51, 0x81, 0x51, 0x83, 0x33, 0x08, - 0xc6, 0x75, 0xe2, 0x8a, 0xe2, 0x80, 0x19, 0x93, 0xc4, 0x06, 0x76, 0x93, 0x31, 0x20, 0x00, 0x00, - 0xff, 0xff, 0x46, 0x49, 0xd4, 0x98, 0xb1, 0x00, 0x00, 0x00, + 0x83, 0x29, 0x50, 0x62, 0xe3, 0x62, 0x89, 0xca, 0xcf, 0x4b, 0x75, 0xe2, 0x8a, 0xe2, 0x80, 0x89, + 0x25, 0xb1, 0x81, 0x35, 0x18, 0x03, 0x02, 0x00, 0x00, 0xff, 0xff, 0xa4, 0xd6, 0x08, 0x45, 0x4e, + 0x00, 0x00, 0x00, } diff --git a/api/system/v1alpha1/zone.pb.validate.go b/api/system/v1alpha1/zone.pb.validate.go index 38448f3d9607..9917a365c5da 100644 --- a/api/system/v1alpha1/zone.pb.validate.go +++ b/api/system/v1alpha1/zone.pb.validate.go @@ -43,16 +43,6 @@ func (m *Zone) Validate() error { return nil } - if v, ok := interface{}(m.GetIngress()).(interface{ Validate() error }); ok { - if err := v.Validate(); err != nil { - return ZoneValidationError{ - field: "Ingress", - reason: "embedded message failed validation", - cause: err, - } - } - } - return nil } @@ -109,70 +99,3 @@ var _ interface { Cause() error ErrorName() string } = ZoneValidationError{} - -// Validate checks the field values on Zone_Ingress with the rules defined in -// the proto definition for this message. If any rules are violated, an error -// is returned. -func (m *Zone_Ingress) Validate() error { - if m == nil { - return nil - } - - // no validation rules for Address - - return nil -} - -// Zone_IngressValidationError is the validation error returned by -// Zone_Ingress.Validate if the designated constraints aren't met. -type Zone_IngressValidationError struct { - field string - reason string - cause error - key bool -} - -// Field function returns field value. -func (e Zone_IngressValidationError) Field() string { return e.field } - -// Reason function returns reason value. -func (e Zone_IngressValidationError) Reason() string { return e.reason } - -// Cause function returns cause value. -func (e Zone_IngressValidationError) Cause() error { return e.cause } - -// Key function returns key value. -func (e Zone_IngressValidationError) Key() bool { return e.key } - -// ErrorName returns error name. -func (e Zone_IngressValidationError) ErrorName() string { return "Zone_IngressValidationError" } - -// Error satisfies the builtin error interface -func (e Zone_IngressValidationError) Error() string { - cause := "" - if e.cause != nil { - cause = fmt.Sprintf(" | caused by: %v", e.cause) - } - - key := "" - if e.key { - key = "key for " - } - - return fmt.Sprintf( - "invalid %sZone_Ingress.%s: %s%s", - key, - e.field, - e.reason, - cause) -} - -var _ error = Zone_IngressValidationError{} - -var _ interface { - Field() string - Reason() string - Key() bool - Cause() error - ErrorName() string -} = Zone_IngressValidationError{} diff --git a/api/system/v1alpha1/zone.proto b/api/system/v1alpha1/zone.proto index 3737756f0380..22c35eeb473e 100644 --- a/api/system/v1alpha1/zone.proto +++ b/api/system/v1alpha1/zone.proto @@ -6,13 +6,4 @@ option go_package = "v1alpha1"; // Zone defines the Zone configuration used at the Global Control Plane // within a distributed deployment -message Zone { - - // Configure the Zone's Ingress - message Ingress { - // The public load balancer address of the Zone Ingress - string address = 1; - } - - Ingress ingress = 2; -} +message Zone {} diff --git a/app/kumactl/cmd/get/get_zones.go b/app/kumactl/cmd/get/get_zones.go index 59227dffb042..f6a0f6ff3c41 100644 --- a/app/kumactl/cmd/get/get_zones.go +++ b/app/kumactl/cmd/get/get_zones.go @@ -51,7 +51,7 @@ func newGetZonesCmd(pctx *listContext) *cobra.Command { func printZones(rootTime time.Time, zones *system.ZoneResourceList, out io.Writer) error { data := printers.Table{ - Headers: []string{"NAME", "INGRESS", "AGE"}, + Headers: []string{"NAME", "AGE"}, NextRow: func() func() []string { i := 0 return func() []string { @@ -63,7 +63,6 @@ func printZones(rootTime time.Time, zones *system.ZoneResourceList, out io.Write return []string{ zone.GetMeta().GetName(), // NAME - zone.Spec.GetIngress().GetAddress(), table.TimeSince(zone.GetMeta().GetModificationTime(), rootTime), // AGE } } diff --git a/app/kumactl/cmd/get/get_zones_test.go b/app/kumactl/cmd/get/get_zones_test.go index dc1a15fa999c..f6945ee0e14e 100644 --- a/app/kumactl/cmd/get/get_zones_test.go +++ b/app/kumactl/cmd/get/get_zones_test.go @@ -30,21 +30,13 @@ var _ = Describe("kumactl get zones", func() { zoneResources := []*system.ZoneResource{ { - Spec: v1alpha1.Zone{ - Ingress: &v1alpha1.Zone_Ingress{ - Address: "192.168.0.2:10000", - }, - }, + Spec: v1alpha1.Zone{}, Meta: &test_model.ResourceMeta{ Name: "zone-1", }, }, { - Spec: v1alpha1.Zone{ - Ingress: &v1alpha1.Zone_Ingress{ - Address: "192.168.1.2:10000", - }, - }, + Spec: v1alpha1.Zone{}, Meta: &test_model.ResourceMeta{ Name: "zone-2", }, diff --git a/app/kumactl/cmd/get/testdata/get-zones.golden.json b/app/kumactl/cmd/get/testdata/get-zones.golden.json index f1a5c62f5039..4826975d8eb5 100644 --- a/app/kumactl/cmd/get/testdata/get-zones.golden.json +++ b/app/kumactl/cmd/get/testdata/get-zones.golden.json @@ -5,20 +5,14 @@ "type": "Zone", "name": "zone-1", "creationTime": "0001-01-01T00:00:00Z", - "modificationTime": "0001-01-01T00:00:00Z", - "ingress": { - "address": "192.168.0.2:10000" - } + "modificationTime": "0001-01-01T00:00:00Z" }, { "type": "Zone", "name": "zone-2", "creationTime": "0001-01-01T00:00:00Z", - "modificationTime": "0001-01-01T00:00:00Z", - "ingress": { - "address": "192.168.1.2:10000" - } + "modificationTime": "0001-01-01T00:00:00Z" } ], "next": null -} \ No newline at end of file +} diff --git a/app/kumactl/cmd/get/testdata/get-zones.golden.txt b/app/kumactl/cmd/get/testdata/get-zones.golden.txt index e6c9da156cfe..5e5e1e037a06 100644 --- a/app/kumactl/cmd/get/testdata/get-zones.golden.txt +++ b/app/kumactl/cmd/get/testdata/get-zones.golden.txt @@ -1,3 +1,3 @@ -NAME INGRESS AGE -zone-1 192.168.0.2:10000 292y -zone-2 192.168.1.2:10000 292y \ No newline at end of file +NAME AGE +zone-1 292y +zone-2 292y diff --git a/app/kumactl/cmd/get/testdata/get-zones.golden.yaml b/app/kumactl/cmd/get/testdata/get-zones.golden.yaml index 73ce711e4f09..c4c1b7094b15 100644 --- a/app/kumactl/cmd/get/testdata/get-zones.golden.yaml +++ b/app/kumactl/cmd/get/testdata/get-zones.golden.yaml @@ -1,15 +1,11 @@ total: 2 items: - creationTime: "0001-01-01T00:00:00Z" - ingress: - address: 192.168.0.2:10000 modificationTime: "0001-01-01T00:00:00Z" name: zone-1 type: Zone - creationTime: "0001-01-01T00:00:00Z" - ingress: - address: 192.168.1.2:10000 modificationTime: "0001-01-01T00:00:00Z" name: zone-2 type: Zone -next: null \ No newline at end of file +next: null diff --git a/app/kumactl/cmd/get/testdata/get-zones.pagination.golden.txt b/app/kumactl/cmd/get/testdata/get-zones.pagination.golden.txt index 9ac0ad0aabe4..806a8f3b8bf5 100644 --- a/app/kumactl/cmd/get/testdata/get-zones.pagination.golden.txt +++ b/app/kumactl/cmd/get/testdata/get-zones.pagination.golden.txt @@ -1,4 +1,4 @@ -NAME INGRESS AGE -zone-1 192.168.0.2:10000 292y +NAME AGE +zone-1 292y Rerun command with --offset=1 argument to retrieve more resources diff --git a/app/kumactl/cmd/inspect/inspect_zones.go b/app/kumactl/cmd/inspect/inspect_zones.go index e8f831db3253..10175829b2a1 100644 --- a/app/kumactl/cmd/inspect/inspect_zones.go +++ b/app/kumactl/cmd/inspect/inspect_zones.go @@ -50,7 +50,7 @@ func newInspectZonesCmd(ctx *inspectContext) *cobra.Command { func printZoneOverviews(now time.Time, zoneOverviews *system.ZoneOverviewResourceList, out io.Writer) error { data := printers.Table{ - Headers: []string{"MESH", "NAME", "INGRESS", "STATUS", "LAST CONNECTED AGO", "LAST UPDATED AGO", "TOTAL UPDATES", "TOTAL ERRORS"}, + Headers: []string{"MESH", "NAME", "STATUS", "LAST CONNECTED AGO", "LAST UPDATED AGO", "TOTAL UPDATES", "TOTAL ERRORS"}, NextRow: func() func() []string { i := 0 return func() []string { @@ -59,7 +59,6 @@ func printZoneOverviews(now time.Time, zoneOverviews *system.ZoneOverviewResourc return nil } meta := zoneOverviews.Items[i].Meta - zone := zoneOverviews.Items[i].Spec.Zone zoneInsight := zoneOverviews.Items[i].Spec.ZoneInsight lastSubscription, lastConnected := zoneInsight.GetLatestSubscription() @@ -78,7 +77,6 @@ func printZoneOverviews(now time.Time, zoneOverviews *system.ZoneOverviewResourc return []string{ meta.GetMesh(), // MESH meta.GetName(), // NAME, - zone.Ingress.Address, // INGRESS onlineStatus, // STATUS table.Ago(lastConnected, now), // LAST CONNECTED AGO table.Ago(lastUpdated, now), // LAST UPDATED AGO diff --git a/app/kumactl/cmd/inspect/inspect_zones_test.go b/app/kumactl/cmd/inspect/inspect_zones_test.go index 5275df4815c8..860cdff1fdb5 100644 --- a/app/kumactl/cmd/inspect/inspect_zones_test.go +++ b/app/kumactl/cmd/inspect/inspect_zones_test.go @@ -65,9 +65,7 @@ var _ = Describe("kumactl inspect zones", func() { ModificationTime: now, }, Spec: system_proto.ZoneOverview{ - Zone: &system_proto.Zone{ - Ingress: &system_proto.Zone_Ingress{Address: "192.168.1.1:1000"}, - }, + Zone: &system_proto.Zone{}, ZoneInsight: &system_proto.ZoneInsight{ Subscriptions: []*system_proto.KDSSubscription{ { @@ -150,9 +148,7 @@ var _ = Describe("kumactl inspect zones", func() { ModificationTime: now, }, Spec: system_proto.ZoneOverview{ - Zone: &system_proto.Zone{ - Ingress: &system_proto.Zone_Ingress{Address: "192.168.1.2:1000"}, - }, + Zone: &system_proto.Zone{}, ZoneInsight: &system_proto.ZoneInsight{ Subscriptions: []*system_proto.KDSSubscription{ { diff --git a/app/kumactl/cmd/inspect/testdata/inspect-zone.golden.yaml b/app/kumactl/cmd/inspect/testdata/inspect-zone.golden.yaml index 24256c38759c..4a0a84ab6396 100644 --- a/app/kumactl/cmd/inspect/testdata/inspect-zone.golden.yaml +++ b/app/kumactl/cmd/inspect/testdata/inspect-zone.golden.yaml @@ -3,9 +3,7 @@ items: modificationTime: "2019-07-17T18:08:41Z" name: zone-1 type: ZoneOverview - zone: - ingress: - address: 192.168.1.1:1000 + zone: {} zoneInsight: subscriptions: - connectTime: "2018-07-17T16:05:36.995Z" @@ -60,9 +58,7 @@ items: modificationTime: "2019-07-17T18:08:41Z" name: zone-2 type: ZoneOverview - zone: - ingress: - address: 192.168.1.2:1000 + zone: {} zoneInsight: subscriptions: - globalInstanceId: node-001 @@ -72,4 +68,4 @@ items: - globalInstanceId: node-003 id: "3" next: null -total: 2 \ No newline at end of file +total: 2 diff --git a/app/kumactl/cmd/inspect/testdata/inspect-zones.golden.json b/app/kumactl/cmd/inspect/testdata/inspect-zones.golden.json index 19f723d0eacd..d2da3f966c94 100644 --- a/app/kumactl/cmd/inspect/testdata/inspect-zones.golden.json +++ b/app/kumactl/cmd/inspect/testdata/inspect-zones.golden.json @@ -7,9 +7,6 @@ "creationTime": "2018-07-17T16:05:36.995Z", "modificationTime": "2019-07-17T18:08:41Z", "zone": { - "ingress": { - "address": "192.168.1.1:1000" - } }, "zoneInsight": { "subscriptions": [ @@ -90,9 +87,6 @@ "creationTime": "2018-07-17T16:05:36.995Z", "modificationTime": "2019-07-17T18:08:41Z", "zone": { - "ingress": { - "address": "192.168.1.2:1000" - } }, "zoneInsight": { "subscriptions": [ @@ -113,4 +107,4 @@ } ], "next": null -} \ No newline at end of file +} diff --git a/app/kumactl/cmd/inspect/testdata/inspect-zones.golden.txt b/app/kumactl/cmd/inspect/testdata/inspect-zones.golden.txt index e250de97b1ad..1412ca6e92c0 100644 --- a/app/kumactl/cmd/inspect/testdata/inspect-zones.golden.txt +++ b/app/kumactl/cmd/inspect/testdata/inspect-zones.golden.txt @@ -1,3 +1,3 @@ -MESH NAME INGRESS STATUS LAST CONNECTED AGO LAST UPDATED AGO TOTAL UPDATES TOTAL ERRORS -default zone-1 192.168.1.1:1000 Online 2h never 42 13 -default zone-2 192.168.1.2:1000 Offline never never 0 0 \ No newline at end of file +MESH NAME STATUS LAST CONNECTED AGO LAST UPDATED AGO TOTAL UPDATES TOTAL ERRORS +default zone-1 Online 2h never 42 13 +default zone-2 Offline never never 0 0 diff --git a/app/kumactl/cmd/install/testdata/install-control-plane.cni-enabled.golden.yaml b/app/kumactl/cmd/install/testdata/install-control-plane.cni-enabled.golden.yaml index 9c61747f6906..bd654497be54 100644 --- a/app/kumactl/cmd/install/testdata/install-control-plane.cni-enabled.golden.yaml +++ b/app/kumactl/cmd/install/testdata/install-control-plane.cni-enabled.golden.yaml @@ -5610,6 +5610,7 @@ rules: - pods - services - configmaps + - nodes verbs: - get - list diff --git a/app/kumactl/cmd/install/testdata/install-control-plane.defaults.golden.yaml b/app/kumactl/cmd/install/testdata/install-control-plane.defaults.golden.yaml index e638ad025c4e..c79d79e3c6cd 100644 --- a/app/kumactl/cmd/install/testdata/install-control-plane.defaults.golden.yaml +++ b/app/kumactl/cmd/install/testdata/install-control-plane.defaults.golden.yaml @@ -5557,6 +5557,7 @@ rules: - pods - services - configmaps + - nodes verbs: - get - list diff --git a/app/kumactl/cmd/install/testdata/install-control-plane.global.golden.yaml b/app/kumactl/cmd/install/testdata/install-control-plane.global.golden.yaml index 5a4ca54fd7a1..6004f52114f4 100644 --- a/app/kumactl/cmd/install/testdata/install-control-plane.global.golden.yaml +++ b/app/kumactl/cmd/install/testdata/install-control-plane.global.golden.yaml @@ -5557,6 +5557,7 @@ rules: - pods - services - configmaps + - nodes verbs: - get - list diff --git a/app/kumactl/cmd/install/testdata/install-control-plane.overrides.golden.yaml b/app/kumactl/cmd/install/testdata/install-control-plane.overrides.golden.yaml index 7c417ec8e176..59f9d6486b46 100644 --- a/app/kumactl/cmd/install/testdata/install-control-plane.overrides.golden.yaml +++ b/app/kumactl/cmd/install/testdata/install-control-plane.overrides.golden.yaml @@ -5557,6 +5557,7 @@ rules: - pods - services - configmaps + - nodes verbs: - get - list diff --git a/app/kumactl/cmd/install/testdata/install-control-plane.remote.golden.yaml b/app/kumactl/cmd/install/testdata/install-control-plane.remote.golden.yaml index 229a3628fdd1..044b580f36b5 100644 --- a/app/kumactl/cmd/install/testdata/install-control-plane.remote.golden.yaml +++ b/app/kumactl/cmd/install/testdata/install-control-plane.remote.golden.yaml @@ -5557,6 +5557,7 @@ rules: - pods - services - configmaps + - nodes verbs: - get - list diff --git a/app/kumactl/cmd/install/testdata/install-control-plane.with-ingress.golden.yaml b/app/kumactl/cmd/install/testdata/install-control-plane.with-ingress.golden.yaml index 0494430875c5..8025d10cfd31 100644 --- a/app/kumactl/cmd/install/testdata/install-control-plane.with-ingress.golden.yaml +++ b/app/kumactl/cmd/install/testdata/install-control-plane.with-ingress.golden.yaml @@ -5566,6 +5566,7 @@ rules: - pods - services - configmaps + - nodes verbs: - get - list diff --git a/app/kumactl/pkg/install/k8s/control-plane/helmtemplates_vfsdata.go b/app/kumactl/pkg/install/k8s/control-plane/helmtemplates_vfsdata.go index 583a361a3680..37bb06ade3f8 100644 --- a/app/kumactl/pkg/install/k8s/control-plane/helmtemplates_vfsdata.go +++ b/app/kumactl/pkg/install/k8s/control-plane/helmtemplates_vfsdata.go @@ -21,7 +21,7 @@ var HelmTemplates = func() http.FileSystem { fs := vfsgen۰FS{ "/": &vfsgen۰DirInfo{ name: "/", - modTime: time.Date(2020, 11, 2, 8, 36, 26, 110673901, time.UTC), + modTime: time.Date(2020, 11, 2, 9, 41, 54, 746009812, time.UTC), }, "/.helmignore": &vfsgen۰CompressedFileInfo{ name: ".helmignore", @@ -39,7 +39,7 @@ var HelmTemplates = func() http.FileSystem { }, "/README.md": &vfsgen۰CompressedFileInfo{ name: "README.md", - modTime: time.Date(2020, 11, 2, 8, 36, 26, 110714732, time.UTC), + modTime: time.Date(2020, 11, 2, 9, 41, 54, 743570992, time.UTC), uncompressedSize: 13218, compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x02\xff\xcc\x5b\x5b\x73\xdb\xb6\x12\x7e\xe7\xaf\xd8\x13\x3f\x34\xe9\xb1\xa8\xf4\x3a\x9d\xbc\xb9\xf6\xf4\xd4\xd3\x1e\x8f\x27\x4e\xdb\x07\xc7\x13\x42\xc0\x8a\x42\x04\x02\x2c\x16\x94\xa3\x56\xfd\xef\x67\x16\x24\x25\xdb\xba\x58\x17\xaa\xa7\x7e\x09\x23\x02\xbb\xf8\xb0\x1f\x16\x8b\x5d\xf0\xf6\x5f\xb7\x77\xb7\xe3\xaa\x10\x3d\xe3\x72\x77\xd7\x3c\x57\xde\xdc\x25\xc9\x09\xf0\x7f\x92\xe4\xdd\x08\xe3\x13\xc8\x91\xf0\x01\xa8\x2a\x4b\xe7\x03\x81\x30\x06\xc2\x08\x61\x88\x22\x54\x1e\x09\x84\x55\xe0\xca\xa0\x9d\x25\x28\xbd\x9b\x68\x85\x0a\x06\x53\xc8\xb8\xb7\x0c\x06\xb4\xa5\xc0\xbd\xa4\xb3\xc1\x3b\xd3\x2b\x8d\xb0\x98\xa5\x51\xc3\x13\xe1\x3f\xa2\x29\x60\xf2\xd5\xbf\xd3\x24\x39\x39\x81\x5f\x85\xa9\x90\x92\x64\x06\xd7\xc2\x8b\x02\x03\x7a\xd8\xfa\x6f\x06\x17\x48\xd2\xeb\x38\x32\x38\xd6\x1f\x6b\x19\x8a\xca\x84\x3d\xba\x26\xb3\xde\x1e\x7f\x7b\x75\xfa\x3b\xb5\xcc\x92\x19\x64\xb9\x71\x03\x61\x52\x5d\x88\x1c\x53\x8f\xb9\xa6\xe0\xa7\xd9\x76\x33\xd9\x36\x87\xa1\xf3\x91\x6e\x3f\x31\x0d\xa3\x28\x3a\xdc\x5e\xd9\xd8\xd9\xbc\xa7\x9c\x1c\xa3\xef\x45\xde\xd7\xcf\xe9\x40\xdb\xe0\xc5\x34\xd5\x2e\x5b\x67\xaf\x27\xb8\x82\xc8\xb3\x1d\x18\x12\x44\x7e\x0c\x48\x8d\x16\xab\xcd\x29\xa8\x5a\x15\x41\x70\x70\xce\x4b\x2b\x3d\x2b\xcb\x5f\xd1\xd3\x86\x35\x10\x71\x95\x22\xc8\xd1\xcd\x94\x02\x16\x57\xa2\x40\x2a\x85\xc4\xec\x19\x8d\xd7\xdc\x27\xfa\x02\x8f\x06\x05\x21\xd8\xb6\x2b\xdc\xeb\x50\xbf\x8a\x40\x29\x0a\x06\x23\x06\x68\x76\xb6\x57\xf0\x15\x66\xb0\xd7\xfa\x82\xac\xf1\x39\xd7\xec\x72\x52\xe3\xf2\x9f\x71\x82\xe6\x19\x1e\xc6\x21\x9f\x5f\x83\x71\x39\x18\x6e\xff\x06\x9c\x45\x70\x43\x70\xc3\xe1\xfb\x99\xb6\x43\xf7\x7e\xa6\x70\x50\xe5\x07\xf1\x90\xe5\x74\x83\xab\x70\xea\xf9\x19\x5a\xe0\xe2\xe6\x34\xc7\x44\x41\x58\x25\x8c\xb3\xf8\x7e\xe6\xb1\x70\x01\xdf\xcf\x6a\x96\xef\x89\x6b\x21\x30\x3b\x10\xd7\x1f\xdb\xc8\x68\x70\x71\xdb\xc8\xbf\x63\xf9\x79\xab\xcd\x9e\x5d\x97\x70\x8d\x15\xfd\x27\xce\xf0\x99\x52\x1e\x89\xb2\xd5\x1a\x7f\x79\xfb\x33\x1b\xa8\x6e\x3a\xb7\x5e\xd7\xb8\xf6\xef\xba\x84\xcb\x3a\x85\x37\x68\x50\x06\xe7\xb3\xf5\x1a\xaf\x9c\x42\x68\xdb\x45\x8f\x38\x77\x14\xe7\xb5\x38\x88\xf2\xa0\x74\x8a\xf6\x5f\x5f\x7f\xc2\xb8\x1a\xa0\xb7\x18\x90\x52\xed\xfa\x8e\xde\x80\xd1\xb6\xfa\x74\xfa\xe4\x85\xf0\x72\xf4\x06\x44\xa1\xbe\xfd\x1a\xfe\xca\x56\xe0\xd2\xf6\x63\x1c\xeb\x0f\x42\x9b\xca\xe3\xb5\x33\x5a\x2e\x6d\x66\x33\x68\x5e\x43\x19\xdf\xb3\xe9\x18\x57\x51\x05\x11\xb4\xcd\xe1\x1e\x07\x23\xe7\xc6\xa0\x8b\xd2\x60\x81\x36\xd4\x61\xd2\x1c\xfb\x65\xa3\x05\xa4\x2b\x4a\x67\xd1\x86\xd5\xb8\x2e\x73\xeb\xfc\x1e\x1e\x71\x19\x17\xa1\x9f\x68\x89\x29\x2f\x9b\x0d\xf6\xba\xa9\x9b\xd5\xab\xab\x41\xb5\xc2\x5a\xff\x9c\xf5\xd5\xe2\x0a\xd3\x72\x1b\x5c\xdc\xec\x78\xb8\xce\x4d\x45\x01\xfd\xe5\x75\x77\xb8\x84\xb5\x8e\x49\xe5\xec\x0a\xd7\x31\x83\x33\xa5\x34\xbf\x14\x06\x1e\xb4\xe4\x90\xa0\xac\x02\x38\xbb\x0e\x68\x23\x7e\x4b\x5c\x7f\xfe\xd5\x99\xdf\xa8\xb7\x9b\xb7\x71\xf3\xb9\x99\x5a\x79\xb3\x8a\x97\xab\x79\x58\x3b\xc7\x5e\xdd\x17\xb8\xf3\x3f\x88\x87\xeb\x70\x3d\xe2\xe5\x6a\x1e\x76\x8f\xeb\x67\x27\xd4\xf7\xc2\x08\x2b\x77\x39\x45\xed\x84\x8b\xcf\x70\x0f\x70\x5d\x3b\x1f\xe9\x76\x3f\xd2\x72\xb4\x0a\x91\x26\xc0\x4f\xa5\x23\x54\x07\xe0\xfa\xe6\xdb\xef\xbe\x39\xb2\xbd\x1e\xad\xb7\x2d\xd7\xd7\x0a\xb8\xff\xb7\xf5\xd5\x9e\x0a\x52\x1a\xeb\xf2\xbf\x48\xa3\x73\x8f\x71\xd0\xd9\x23\x8d\xbf\x8d\x30\x8c\xd0\x83\xf3\x60\x5d\x60\x3c\xdc\x1e\x64\x6c\x6c\xf3\x08\xab\x11\x05\x2c\x65\xcf\x7d\xb9\xbb\x78\xde\x23\xb9\xca\x4b\xa4\x6c\xa3\xc6\x77\xec\xee\xbe\x23\x98\x37\x07\x2a\x51\xc6\xc0\xa3\xb3\xa0\xaa\x3d\x7f\xe9\xe1\x10\x3d\xc1\x40\x30\xa9\x9d\x8d\xb1\xf6\xce\xb8\x82\xa1\x34\x47\x8b\x5e\x98\x94\x50\x7a\x0c\x57\xcb\x3b\x34\xfb\x0d\x7e\x05\x61\x24\x42\xcc\xad\x08\xcd\x2c\x34\x94\x4a\x1f\x4e\x61\x8c\x53\x7e\x88\xe9\x19\x29\xe2\x23\x23\x2e\xbd\x0b\x28\xa3\x3d\xeb\x33\xa8\xed\xc9\x7a\x87\xe2\xb8\xa3\xa8\xac\x96\xe2\x41\xc6\xa4\xc1\x55\x8f\x86\x23\x16\x16\x47\x68\x86\x3d\xd2\xb9\xdd\xb8\x70\x37\xe3\x92\xe2\xfb\xca\x2a\xb3\xcc\x84\x19\x7c\x2f\x08\xbf\xfd\x1a\xd0\x4a\xa7\x50\xc1\xf9\x19\x48\xf4\x41\x0f\x79\x64\x08\x2f\x99\x86\xc4\x5b\x80\x20\xd0\x16\x9e\x99\xb9\x93\x1a\xfb\xab\xd5\xf6\xea\x0e\x97\x28\x35\xbb\x0b\xf4\xeb\x2c\xb6\xad\xbd\x56\x19\xe9\xec\xfa\x92\xc9\xf4\xe3\xbb\x77\xd7\x37\x5b\xf1\x50\x54\xc1\x49\x67\x87\x3a\xaf\x3c\x2a\x18\x7a\x57\xc0\xf2\xdc\xec\x86\x4b\x1a\x8d\x36\x9c\xa3\x0f\x74\xf3\x00\xe2\x1a\x5c\x46\x53\xe0\xcd\x2c\x2d\xb1\x78\x68\x3f\x6a\xda\x09\x0b\x42\x4a\x24\x02\xa1\x0a\x6d\x01\xad\x2a\x9d\xb6\x81\xb8\xd3\x32\xe8\x4e\xf7\x65\xc6\x35\x3f\x83\xad\xb3\xda\x9e\xf6\x92\xde\x11\xc1\xa6\x25\x75\x5c\x7b\x8d\x15\xd5\x7b\xce\x79\x34\xd7\xd6\xb8\x1a\x17\x51\xef\xd5\xf7\x82\xa0\x62\x0f\xc6\x7b\x80\xce\x2d\xfc\x74\x71\xd3\x9e\x43\xa9\x9e\x2f\xf8\x85\xdf\x33\xf8\xf3\x6b\x98\xa0\xaf\xcd\x3b\x47\xd9\xa9\xbd\xea\x6c\x5b\x59\x19\xb3\xfa\xe8\xf5\x24\xbf\x71\xc9\xcd\xaf\xe7\xad\x3b\x3e\x2f\x67\x97\xc3\x2b\x17\xae\x3d\x12\xda\x90\x75\x80\xeb\x99\xec\xe8\x02\x57\x6c\xbe\xc8\x8e\x76\x9f\xdf\x38\x65\xa3\x13\xec\x98\xfd\x59\x8f\xab\x74\xa4\x83\xf3\xcf\xd9\xab\xc5\xd5\x36\xef\xd8\x5e\x31\xc7\x2b\xcb\xac\x2b\x1e\x3e\x93\xf5\x7d\x8a\x2b\x88\xfc\x58\xf9\xa8\xae\xec\x85\x76\xf2\xab\xf0\xf4\x5c\xbe\xf7\x41\xdc\x8b\x76\xa2\xbd\xb3\x05\xda\x00\x13\xe1\xb5\x18\x98\xd6\xb3\xdf\x6b\x63\x60\x80\x50\x0a\x6a\x3c\x08\x6f\xd8\x8d\x3e\x28\x9f\x39\x52\x1f\x1c\xf7\x5a\x9d\xa2\xe5\xe1\xa8\x6c\xdb\x99\xbc\x6c\xea\x53\xd1\x6e\x31\x71\x7d\x7e\x75\x19\xab\x56\x28\x14\x6f\x47\xa5\x77\x9f\xa6\xa0\xad\x9e\xfb\xcb\x1d\x8f\x50\x91\x87\x43\x61\x68\x9f\xc0\x77\x8e\x4b\x8e\x58\xf3\xee\xb8\x6a\x34\xd0\x74\xdf\x26\x24\xfd\x7b\x71\x59\x0c\x17\xda\x67\x5b\x6b\xbc\x89\x9b\x17\xce\xad\xc4\x18\x95\xf6\x31\x79\x36\xed\x0e\x57\x1f\x83\xec\x4b\xab\xfb\x45\x65\x42\x45\x7d\x8b\x21\xdd\x66\xf2\xe7\xb8\x06\xda\xee\x8d\x6b\xa0\xad\xf0\xd3\xce\x61\x45\x5c\x13\xe1\xfb\x46\x0f\x22\xb6\x81\xb6\xd9\xce\x3c\x74\x76\x78\xb5\x29\x65\xb8\x01\x57\x1b\xe4\xd4\xa1\x42\x77\xf9\xfa\xb9\x9f\x6f\xc6\x97\xed\xc1\xc3\xad\xca\x43\x0f\x33\x7b\x57\x97\x47\xad\x11\x75\x52\x27\xe2\xf5\xb5\x4d\x5a\xfe\xd9\xfc\x3c\xa3\x3d\x20\x21\xdf\x75\x7e\xde\xea\x5d\x8a\xcb\x73\x7b\x1d\x33\x86\x6a\x70\x35\xe5\x64\xbd\xab\xd1\x96\x70\x6d\x0c\x9f\xd6\xe0\x3a\x46\x0c\xd5\xe0\x32\x6e\x30\x76\x13\x6d\xa6\xa2\xdf\x78\x5d\x5e\x6d\xd9\xae\xb8\xb6\x2a\x9a\xcf\xf3\x36\x0b\x6c\xc7\x8a\xa3\xb2\xd7\xe9\xeb\xf4\xcb\x7d\xf7\x2f\x25\x82\xd8\x21\x98\x5f\xe4\xa3\x38\xd6\xb8\x38\x5e\x4c\x7f\x68\x7c\xb8\x8c\xeb\x39\x36\xae\xc6\xd5\x35\x1f\x0f\x8d\xe7\x9f\xe2\x7a\x9e\x8d\xab\x70\x75\xcf\xc5\x0e\xed\x65\x75\xb8\xdc\x82\x8b\x4f\x70\x71\x70\x7b\x04\x32\x1e\x07\xd7\x26\x2e\x6e\xc0\xd5\x21\x19\x5b\x1e\xb2\xfc\xec\x30\x1e\xce\x71\x6d\xe6\xe2\x5a\x5c\x9d\x92\xf1\x50\x7b\x69\x9b\x7b\x24\xda\xe1\x0c\x36\x83\xcb\x21\x04\x5f\xe1\x29\xe8\x00\x0a\x4b\xe3\xa6\x04\x97\xb5\x9c\x18\x7d\xec\x98\x52\x5b\xa3\x25\x1e\x53\xf6\x3e\x57\xb6\xb8\x94\x17\xda\xbe\xd3\xc5\x36\xf7\x52\xb8\x59\x04\x50\x27\xd5\x9c\x51\x31\x2b\x8a\x7c\x7a\x8c\xa7\x64\x0a\xcd\x59\x59\xc8\xa0\x27\x31\xa1\x1d\xe5\x6b\x9b\x6f\x8f\xeb\xab\xd7\x74\xc0\x79\xb9\xc5\xb5\xd5\x55\x80\x0d\x75\xd8\xd6\x5e\x9d\xf2\xb0\x43\x5c\x1b\xaf\x02\x6c\xa8\xc3\x76\x8f\xeb\xb0\x3a\xec\x53\x5c\x8f\x4a\xae\x6b\x34\x3e\xae\xc3\xb6\x88\x3a\x28\xbe\x3e\xd2\xf2\xc5\xeb\xd7\xaf\xbf\xe8\xcc\x5e\x1b\xaf\x38\x2c\xe7\xa3\xd6\xd7\x61\x5b\xb8\xbb\x14\x5f\x3b\xcc\x47\xb5\xb8\x0a\xa4\xd1\xb6\xe7\xca\x58\x5b\x0d\xae\xb1\xd7\x85\x08\xa2\xce\x9a\xb5\x50\x06\x68\x9c\xcd\x23\xd0\x03\xec\xa5\xf6\xbf\xb7\x9c\x9c\x9c\xc0\x79\x45\xc1\x15\xf0\xb6\xa9\xa9\xc2\x05\x0e\x79\x4f\x62\x0b\x24\xc9\x59\x9b\x4d\x3b\x7f\x7b\x41\x20\x3c\x82\x71\x42\xa1\x82\x89\x16\xd1\x2a\xb7\x99\xf4\x8a\xb2\xbb\x97\xfc\xcf\xab\x45\x9a\x23\x85\x1f\x9c\x87\xc2\x79\x04\x85\x41\x68\x83\x0a\xf8\xfc\xeb\x8b\xda\xdd\x3b\xdb\x88\xb4\x2a\xde\x15\x3f\x4d\xca\xfa\xe6\xa9\xc7\x21\x7a\x9e\x91\x5b\x16\x1f\xaf\x91\x2b\x27\xab\x02\x6d\x4d\x8b\xbb\xdb\x11\x9a\xa2\x27\xbd\xba\xab\xef\x96\x5f\xa0\xc1\xa0\x6d\x9e\x24\x67\x04\xa5\xf0\xb1\x58\x75\xcb\x1d\x3f\x23\x30\xba\xd0\x0d\x9d\x16\x1d\x7b\x0f\x7f\x3d\xad\xc7\x11\xdd\xb8\x75\x81\x9d\xb8\x62\x89\xa8\xe0\x7e\x84\x35\xf5\x62\x84\x90\x35\x57\xdc\x35\xcd\x1b\xf0\xe0\x93\xa2\xa2\x47\xbd\x0a\x61\x2b\x61\xcc\x34\x85\xdf\xb8\x7f\x9c\xba\x87\x9d\x7e\x9a\x1f\x89\x9b\x9f\xea\x9b\xf8\x8b\x9a\x76\x74\x58\x22\xc0\x58\x5b\xc5\x3b\xc9\x3d\x1a\x73\x0a\xe4\x20\x8c\x34\x01\x8d\x5c\x65\x54\xc2\x0a\x9d\x45\x90\xc2\xe3\xb0\x62\x75\x49\xf2\xce\x81\x6a\x5a\xc5\xe4\x67\xc6\xa7\x6f\x19\x4c\xc6\xb3\xfd\xb9\xd5\x9f\xa0\x34\x22\xb0\x0d\xe8\x14\x7c\x65\xdf\x40\x92\x64\x59\x46\x23\x34\x26\x69\xda\x42\x8e\x01\xd8\x96\x30\x83\xdc\x63\x19\xbf\x1c\x48\xb5\x83\x19\x04\x0f\x3d\x82\x17\xf0\x02\x66\x20\xab\x00\x3d\x15\xff\xd3\x1b\x7e\x01\x33\xf8\x24\x7c\x4e\xd0\x0a\xa9\x81\xb1\x9c\x24\x39\x01\xde\x38\x79\x3c\x1f\x7f\x5f\xd6\xd2\x73\xf0\x91\x9c\x85\x19\x7c\xfc\x1d\x3e\x4b\x75\xc0\x82\x6e\xef\xd2\x02\x83\xe0\xc8\x2a\x6e\x63\x30\x03\x8a\x49\x8c\x97\xe9\x2c\x20\x85\x97\x2f\xd2\xcf\x79\x58\xef\xdf\xa7\xda\xbd\x78\xf5\xea\xb3\x4d\xfa\xb3\x2c\x8b\x34\xb9\x72\x01\xe7\x97\xa9\x41\xe1\x04\x8d\x2b\xd1\x53\xb2\xf8\x7a\xa1\x26\x78\x2c\x97\x69\x1b\xd0\x5b\x36\x23\x68\xbb\xf4\x01\x44\x76\xca\xb4\xf0\x38\x64\x7a\xc7\x4f\x28\x9c\x31\xee\x9e\x77\x7b\x5f\x19\x36\x68\x59\x9a\x69\xcd\x9f\x46\x13\xbf\xb3\x78\xcf\x8a\xc2\xfc\x8b\x8b\x37\x09\x7c\xce\xfa\x20\x2b\xc4\x18\xe7\x35\xec\x7e\xa3\xae\x3d\x9d\xf7\xc7\xdf\x51\xff\xf1\x37\x17\xb1\x9e\x37\xb5\x12\xe6\x8b\xa4\xc6\xc5\x8c\x5c\x1a\x2d\x04\x2c\xd8\xf2\x48\xac\x2f\x7e\xf6\xd1\xfe\x50\x33\x8d\x02\xf7\xad\x39\x53\x7a\xec\x65\xb5\x9c\xd2\x51\xe0\x67\x8f\xe0\x0a\x1d\xe6\x4b\xa2\xf4\x4e\x22\x11\x43\x5a\x35\x39\x00\x49\xb2\xf8\x0e\xe5\x0d\x8c\x42\x28\xe9\x4d\xbf\xdf\x30\xa9\x9f\x3c\xf8\x60\xe5\xf1\xdb\x5e\x59\x0d\x8c\x96\x3d\x41\x84\x81\x52\xfa\x2a\x15\x85\xf8\xc3\x59\x71\x4f\xa9\x74\x45\x7f\xde\xaf\x37\xf9\x32\x2d\x6d\x9e\x2c\x7c\xc1\x42\x10\xff\x94\xd2\xa8\xaf\x9c\xa4\x7e\xb4\xeb\x87\x01\x52\xf8\x50\x7a\x0e\xce\x24\x52\x5f\x46\x8f\xf7\xa1\x5d\x71\x1f\xd4\xc2\xe3\xf5\x93\xd5\x5e\x62\x8d\xf8\xe0\x4a\xdd\x6a\xa1\xfe\xc9\x83\x1e\x3d\x67\x59\x08\x25\xff\x0b\x00\x00\xff\xff\x6e\xe2\x64\x2e\xa2\x33\x00\x00"), @@ -148,7 +148,7 @@ var HelmTemplates = func() http.FileSystem { }, "/templates": &vfsgen۰DirInfo{ name: "templates", - modTime: time.Date(2020, 11, 2, 8, 36, 18, 432174935, time.UTC), + modTime: time.Date(2020, 11, 2, 9, 41, 54, 873542102, time.UTC), }, "/templates/NOTES.txt": &vfsgen۰CompressedFileInfo{ name: "NOTES.txt", @@ -194,7 +194,7 @@ var HelmTemplates = func() http.FileSystem { }, "/templates/cp-deployment.yaml": &vfsgen۰CompressedFileInfo{ name: "cp-deployment.yaml", - modTime: time.Date(2020, 11, 2, 8, 36, 18, 431495417, time.UTC), + modTime: time.Date(2020, 11, 2, 9, 41, 54, 744557158, time.UTC), uncompressedSize: 8690, compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x02\xff\xbc\x59\x4d\x6f\xdb\x3a\x16\xdd\xf7\x57\x10\x46\x17\xef\x01\x63\xb9\x69\x93\x4e\x21\xa0\x0b\xd5\x56\x53\x4d\x6c\xd9\x90\xe4\x00\x99\x8d\xc0\x48\x37\xb6\x60\x8a\x54\x49\xca\x6f\x3c\x69\xff\xfb\x80\x92\x9c\xd8\xb2\x3e\xed\xcc\xcb\x2a\xa1\xc8\x7b\xce\xb9\xbc\x3c\xfc\x08\x4e\xa2\x7b\xe0\x22\x62\x54\x47\x38\x49\xc4\x68\x7b\xf5\x6e\x13\xd1\x50\x47\x13\x48\x08\xdb\xc5\x40\xe5\xbb\x18\x24\x0e\xb1\xc4\xfa\x3b\x84\x28\x8e\x41\x47\xcf\xcf\x28\xa2\x01\x49\x43\x40\x83\x4d\x1a\x63\x4d\x35\x0f\x90\x86\x7e\xff\x1e\x06\x8c\x4a\xce\xc8\x30\x21\x98\x42\x31\x42\x24\x38\xc8\x87\x69\x0e\x10\xc0\x02\x34\x7b\xdf\x8c\x7e\xff\x7e\x87\x10\xc1\x8f\x40\x84\x42\x40\xe8\xf9\x79\x58\x0a\x9f\x7f\x55\x00\xbf\x10\x8d\x68\x08\x54\xa2\xeb\x7c\x20\x52\xbc\x75\xa4\xba\x95\xa0\x45\x02\x81\x0a\x28\x24\xc7\x12\x56\xbb\x3c\x38\x67\x84\x44\x74\xb5\x4c\x42\x2c\x21\x6f\x42\x28\xc6\xff\x71\x53\xbe\x02\x1d\x5d\xbd\xb6\x2c\x29\xde\xe2\x88\xe0\x47\x02\x3a\xfa\xa0\x02\x01\x81\x40\x32\x9e\x8f\x8a\xb1\x0c\xd6\xd3\x03\xda\x55\xc4\xf7\x43\xa6\x15\x02\x3e\xef\x05\xd4\x4b\x40\x48\x42\x9c\x90\x17\xa6\x87\x33\x91\x8d\xa3\x94\x49\x2c\x23\x46\x5f\x38\x20\x14\xac\x21\xd8\x88\x34\x1e\x05\x8c\x3e\x45\xab\xa3\xd9\xfa\x23\xe1\x11\x95\xe8\xbd\xe6\x15\x71\xb5\x6f\x58\xc0\x02\xcb\x35\x1a\x8c\x82\x64\x98\x0f\x89\x71\xa2\xed\x70\x4c\x06\x7f\x66\x84\xc5\x1a\x7f\xbc\xf9\x2c\xd2\xf8\x95\xf0\x01\x8a\x24\x62\x28\x20\xe0\x20\x45\x2f\xa8\xbf\xe0\x71\xcd\xd8\x46\x0c\x31\x0d\xf7\x01\x5a\x50\xc9\x51\xb6\xfb\xe6\xfb\xcb\x21\xfd\xfa\x8c\x23\xb4\x2f\x9c\xec\x77\xe0\xdb\x28\x00\x23\x08\x58\x4a\xa5\xdd\xbb\xfa\xf7\x34\xff\x8a\xe4\x1a\x69\xf7\x98\xa4\x20\xb4\xa2\xd3\x42\xf5\xd1\x28\x0b\xc1\x2d\x68\xbf\x32\x3c\x6c\x3d\x14\x8c\x24\x7b\xc0\x31\xa9\x13\xa6\xa0\x80\x86\xaf\x0d\x0a\x0a\x47\x14\xf8\x41\xda\x86\xc5\x2a\xae\xe2\xaa\x7e\xa2\x18\xaf\xaa\x64\x3e\x31\x1e\x63\x69\xa9\xaf\x03\xf4\x47\x18\x05\x12\x0d\xa2\xfc\xaf\x4a\x65\xd9\x37\x34\xe0\x8c\xc9\x01\x7a\xff\x27\xfa\x85\x7e\xa6\x4c\xc2\xe1\x34\x14\x60\x8b\x94\x90\x05\x23\x51\xb0\xcb\x4d\xa2\x36\x9a\x96\xbc\xf4\x3c\x0e\x03\x74\xab\x1f\xfc\xf9\x2a\xf2\x6e\x39\x33\x7c\xd3\xbe\xb7\x9c\xb9\x3d\x33\x6d\xef\xa8\x13\x42\x5b\x85\xa4\x2b\x81\x8f\xc0\x29\x48\x10\x83\xfa\x30\xae\x37\x77\x4c\xdf\x7b\x58\x98\x97\x47\xb9\x5b\x7e\x33\x1d\xdb\xf4\x4c\xd7\x77\x1f\x5c\xcf\x9c\xf9\xb6\x31\x33\xdd\x85\x31\xae\x09\x5e\x6d\x9e\x95\x39\x2d\x01\xde\x9a\xb6\xe9\x18\x53\xdf\x98\xdc\x9b\x8e\x67\xb9\xe6\xc4\xff\x31\x77\x3d\x85\x57\x0b\xd5\xad\xc0\xb5\x06\x47\x6f\x21\xe3\x4d\x5d\x7f\x6c\x3a\x9e\xff\xdd\x9a\xd6\xd0\x18\x6d\x31\x1f\xf1\x94\x8e\x0a\x77\x18\x65\x5c\x22\x96\x59\x4e\x00\x5c\xaa\x5f\xb4\x80\xcb\x6e\x68\x77\xe6\xc3\xc5\x60\x1b\xd8\x1d\x0d\xcf\x1c\xe8\x09\xc1\xcf\xea\x9a\x8d\x99\x4a\x21\x87\x98\x49\x18\x34\xa6\x65\xb6\x9c\x7a\xd6\x78\xba\x74\x3d\xd3\xf1\x1d\x73\x36\xf7\x4c\xff\x76\x3a\xff\x96\x4d\xdb\xc4\x31\x5d\xb7\xbe\x2a\xaa\x90\x37\xa1\xb8\x25\xec\x11\x13\x23\x0c\x39\x08\x51\x06\x3f\x31\x8a\x0a\x4e\xc6\xc2\xf2\x5d\xd3\xb9\xcf\x18\x19\x13\x7f\x6e\x4f\x1f\x6a\x0a\x5f\xf2\x14\x1a\x4a\xde\x59\xda\x9e\x35\x3b\x2a\x7a\x63\x32\xb3\x5c\xd7\x9a\xdb\x7b\x88\xc5\xdc\xa9\x5b\x9c\x37\xd7\xd7\x9f\x2e\x8c\x9e\x95\xda\xc4\x72\xce\x9c\xfc\x5e\xe0\x96\xfd\x2f\x73\xec\xcd\x1d\x7f\x6c\x5b\xbe\x69\x1b\xdf\xa6\xe6\xa4\x7d\xf6\x68\xa4\x01\x55\x87\x8d\xb0\xd3\xa2\x6e\xc2\x75\xad\x89\x39\x36\x1c\x7f\x3c\xb7\x3d\xc3\xb2\x4d\xc7\xb7\x66\xc6\x6d\xd7\xc5\xde\xc1\xe6\xd5\x19\xa4\x87\xc7\x97\xa8\xbf\xf0\xb4\x6c\xcb\xfb\x5b\x48\xd2\x28\xef\xda\x93\x68\xe3\xdc\x1a\x97\xdb\x57\x80\x9b\xdd\x6b\x62\x7e\x37\x96\x53\xcf\xf5\xdd\x3b\x6b\xe1\xcf\x4c\xf7\x87\x3f\x76\x4c\xc3\xb3\xe6\x76\x3f\x37\x08\xe1\x09\xa7\x44\x0a\x4d\x6c\xa2\x64\x06\x62\x3d\xe6\x90\x1d\x1b\x3b\xa5\x61\x36\x9f\x98\xfd\xf0\x32\xdf\xab\x09\x5d\x58\x66\xe5\xb8\xff\x32\x0a\xbd\x6d\xf2\xdf\x73\xbb\x27\xbd\x0c\xa6\x81\x5e\x85\x31\x36\xb1\x56\x1b\x03\x4e\x22\x17\xf8\x16\xb8\x96\xcf\xb6\xda\x0c\xbb\x9a\xeb\x0f\xcf\x5b\xb8\x17\x6d\x88\x38\x89\x86\x22\x83\x1f\x76\xdf\x1b\x2b\x19\x9c\xb9\x49\xd6\x11\xa8\xda\x2f\x2f\xca\x6e\x40\x22\xa0\x72\x0c\x5c\x0a\xb7\x77\xa2\x8d\xa5\xf7\xc3\x1f\x4f\x2d\xd3\xf6\xb2\x54\xbb\x67\xec\x08\x07\x4a\x73\x2e\x99\x58\x31\x7a\x0b\x99\x2f\x9b\x76\xbf\x52\x3a\x5a\x14\xc5\xa1\xe1\x6e\x72\x59\x45\x6d\x42\xd1\xbf\xa2\x9a\x88\x9c\x59\x58\x75\x3c\xde\xa8\xb0\x36\xa1\x70\xb2\xd3\xd9\x38\x9b\xcb\xb3\x32\x5e\xd8\x90\x12\xea\xcc\xe7\x9e\xda\x19\xce\x14\x5a\x14\x54\xd3\xfe\x50\xa9\x53\x35\x72\x4c\x57\x80\xde\x6f\x60\xf7\x0f\xf4\x3e\x03\x43\xfa\xd7\x6a\xe1\x40\xb7\xf7\x98\x8b\x3a\x85\xcf\xcf\x59\x18\xf4\x0b\xa5\x49\x02\xbc\xdc\xed\xd0\x5d\x0b\xa0\x4a\x2b\x6d\x63\x0a\x04\x62\x75\x7b\xad\x63\x59\x24\xa8\x89\x65\x11\x42\x33\xe9\xb6\x86\xe5\x77\xce\x62\xbd\xf4\x41\x5d\xea\x55\xe8\x3b\xd8\x39\xf0\x74\xfa\x15\x55\x20\xe4\x5e\x73\x0a\xa2\x7e\x36\xb0\x3b\xee\x7c\x07\xbb\x0e\xa9\xc0\x7c\x25\xca\x57\x56\x9e\xd2\x52\xcb\x70\x48\xd8\x6a\x48\x60\x0b\xe4\x6b\xdd\x76\x46\xd8\x6a\xaa\x3a\x9c\xa6\x6a\x58\x3c\xe8\x0c\x9f\x22\x02\x5f\x47\x20\x83\xd7\x7a\x3b\x79\xfb\x28\xde\x8b\xb2\x37\x98\x83\x38\x09\xe3\xf2\x84\xe8\xcb\xb3\xc2\x82\x71\xa9\xa3\x9b\xcf\x5f\xae\x5a\x7b\x7c\x6c\xe9\x71\x7d\xfd\xa9\x6a\xed\x52\x68\xba\x5b\xad\x32\xbf\xac\xb8\x5b\x9d\xe0\xff\xf3\x4b\x5b\x8f\x9b\x4f\xa5\xd9\x4d\x38\x93\x2c\x60\x44\x47\xcb\xc9\xa2\x6d\x3e\x49\xb4\x05\x0a\x42\x2c\x38\x7b\x84\xe3\x7c\xad\xa5\x4c\x6e\x41\x96\x4b\x2d\xc1\x72\xad\xa3\xd1\x1a\x30\x91\xeb\x5d\xf9\xe3\x3e\x6d\x1f\x0e\x3e\x70\xc0\x61\x74\x16\x88\x1a\xd9\x11\x42\xb0\x94\x07\x50\x9a\xf2\x26\x23\x7d\x19\x72\xea\xbe\x6d\x03\x7e\xed\xdf\xb3\x5e\x5f\xb3\xae\x3e\x56\x1e\xc9\x88\x80\xf6\x9b\x76\x4d\x35\x70\xf8\x99\x82\x28\x57\x31\x42\x41\x92\xea\xe8\xe6\xc3\x87\xb8\xd4\x1e\x43\xcc\xf8\x4e\x47\x1f\x6f\x3e\xcf\xa2\x6a\x2a\x7d\x10\xae\xba\x23\x54\x56\xd6\x96\x91\x34\x86\x19\x4b\xe9\xe9\x42\xcc\xad\x6a\x05\x14\x38\x26\xc3\xca\xeb\x2a\x42\xb1\x1a\xba\xc8\x0b\xa1\xd7\x4d\x37\xaf\xb8\x39\x25\x3b\x1d\xa9\x2b\x7e\x9d\x13\x77\x7b\x2d\x2a\xcc\xa8\x81\x5c\xb3\x41\x75\xa5\xf6\x96\x67\xf5\x8a\x83\xed\x19\xc9\x6d\x8f\xd2\x28\xa6\x72\x1b\xfd\x3f\x9c\x97\x6b\xce\xb6\x97\x09\x6e\x88\xf4\xb6\xa2\xfb\x9f\x9e\x2b\x0e\x97\x67\x68\x6d\x8f\xf2\xe6\x3a\x7b\x9e\x59\x2b\xce\x96\x67\xea\x6c\x8e\xd2\x5d\x67\x6e\x69\xe5\x7f\xe5\x34\x88\x2e\x1c\xae\x46\x6c\x07\x1f\xcc\x07\x1e\xdb\xe7\x6b\xb0\xfa\xb7\x82\x76\xf0\xaa\x3d\xe1\x6d\x08\xd5\xda\xea\x49\xb8\x8a\x42\xba\xd4\x05\xbb\x39\xe0\x25\x69\x6d\x63\x70\x91\xa8\x56\xe3\xeb\x6e\x7a\x6f\xa3\xb1\x95\xd0\x19\x72\xbb\x59\x5e\x37\xbb\xbb\x44\x65\x37\x1e\xe7\x09\xec\xe0\x75\xdd\x7c\xee\x42\x81\x1d\x78\x54\x08\x7c\x83\x43\x52\xde\x30\xc3\xc9\x31\xf5\x33\xe3\xfe\x2f\x00\x00\xff\xff\xad\xf9\xc4\x5d\xf2\x21\x00\x00"), @@ -208,10 +208,10 @@ var HelmTemplates = func() http.FileSystem { }, "/templates/cp-rbac.yaml": &vfsgen۰CompressedFileInfo{ name: "cp-rbac.yaml", - modTime: time.Date(2020, 11, 2, 8, 36, 18, 432029468, time.UTC), - uncompressedSize: 3622, + modTime: time.Date(2020, 11, 2, 9, 41, 54, 873603499, time.UTC), + uncompressedSize: 3636, - compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x02\xff\xd4\x56\x4d\x6f\xdb\x38\x10\xbd\xfb\x57\x10\xde\xdb\x02\x52\xb0\xc0\x1e\x02\xdf\xda\x1e\x7a\x29\x8a\x22\x29\x72\xa7\xa9\x27\x6b\x6a\x6a\xa8\x92\x43\x27\x8d\xeb\xff\x5e\x50\x72\x2c\xc7\x5f\x8d\x95\x04\x6d\x7c\x32\x87\x9a\x99\x37\x9f\x7c\xba\xa1\x1b\xf8\x40\x8e\x27\x6a\xf1\xdf\x68\x4e\x5c\x4c\xd4\x35\xfc\x82\x0c\xde\x19\xe3\x22\xcb\xa8\x86\xe8\x42\x8b\x9e\x8c\x94\x62\x5d\x63\xa2\x96\x4b\x45\x6c\x6c\x2c\xa0\xc6\xf3\x58\xeb\x3c\x89\xc7\x2a\x57\xab\x55\x66\x1c\x8b\x77\x36\x6b\xac\x66\xac\x35\x42\xa3\x4d\xa7\x96\x5f\xc1\x42\x07\xe4\x9f\x1f\xc4\x6a\xb5\x1a\x29\x65\xf5\x14\x36\x24\x0f\xcb\x65\xb6\x63\xbc\xbb\x4b\xe6\x7f\x2a\x26\x2e\xc0\xa2\xfe\x4f\x6a\x59\x96\x8d\xb6\x03\xf0\x53\x6d\x72\x1d\xa5\x72\x9e\xee\xb5\x90\xe3\x7c\x7e\x19\x72\x72\x17\x9b\xd0\x3e\xd8\x18\x04\xfe\xca\x59\x9c\x17\xd7\x64\x37\xae\x41\x88\x7d\xb4\x68\x75\x32\xa5\x1b\xfa\xe8\x5d\x6c\xda\x63\xfa\x65\x6a\x3c\x6e\xff\x7a\x04\x17\xbd\xc1\xd6\xcd\x26\x89\x61\x23\x6a\x5c\xd1\x1f\x42\x57\xb1\x5e\x60\x1c\x97\x34\xab\x75\xd3\x89\x16\xf0\xd3\x2d\x73\x33\xc8\xe6\xbf\xa5\xd0\x1f\x6e\xb5\x98\xea\x7c\x78\x58\x80\xe5\xa0\x27\xe3\xa1\x05\x3d\xe8\x53\xf6\xdb\xd4\x91\x3b\xe6\x24\x95\xaa\x4d\x7e\xd8\x17\x11\x07\x9a\x55\xd2\xdf\xd4\x08\xd5\xd6\x87\xf7\x8e\x77\x4e\x8f\x34\xce\x4d\xcf\xc1\xd8\x62\x53\x1c\x0a\x75\x8d\x14\x16\xed\xe5\x90\xc8\x1b\xef\xee\x7e\x08\xea\xc6\x6a\xc1\x1b\x44\x7c\x11\x44\x4b\xfc\x2d\xf0\x23\x70\x86\xf8\x37\xe4\x4d\x24\x99\x7a\xe8\x39\x7c\x5f\x79\xdc\x09\x3c\x6b\xbb\x37\x2f\xa5\x8e\x56\x88\xbf\xc1\xa4\xb5\xd1\xcb\x2b\x68\x2b\x95\xa9\x60\xe6\xbd\x50\xbc\x2e\x4b\x32\x0d\x7c\x4d\x21\x3c\xfa\x7e\x7d\x65\xdd\x6c\x4f\xe6\x5d\x14\xec\x49\xc5\x6f\xa6\x7a\x48\x4d\xdb\xdd\x53\x2a\x7c\x57\xf9\x8d\xb6\x11\x21\x5f\xef\xa9\x2f\x69\x2c\xf2\xda\xa5\x9d\xe4\x51\x3b\xc1\xb8\xdb\xb4\xcf\xe8\x84\xe4\x0c\x5c\x24\x3b\x6b\xbf\x1b\xa7\x4c\x39\x58\x4f\x2d\x8a\xce\xcb\xe1\xa2\x5d\x76\x5f\x1a\x36\xe5\x89\xe2\x31\xe4\xd6\xf9\x79\xa6\x45\xb4\xa9\x6a\xb0\x64\x05\x4a\x62\xea\x4b\xf3\x22\xed\xbf\x8e\x6b\x2b\xaa\xb3\x17\x5f\x5a\xc2\x17\x25\xb1\xb6\x74\xff\xd0\x67\x3b\xd8\xc6\xff\x8e\x07\x36\x71\xb7\xc3\x5e\xcd\x7c\xbf\x4f\x9f\xe4\xe2\x1f\xb5\xd0\x96\x52\x9b\xa4\x3a\x2a\x71\x73\xb0\x9a\xa2\x74\x1e\x8a\x42\x88\x20\x9e\xa9\xfa\xeb\xa7\x6b\x65\xe0\xe5\x18\xa6\xf4\x3a\x83\x85\xcc\xf6\xf3\x7c\x0c\x61\xeb\xc3\x63\x41\xb8\x3d\xf5\xb8\x3c\x8f\x06\xbc\x27\x2e\x88\x67\x7f\x84\x0d\x38\x8b\x2b\x94\x49\xeb\x21\x55\x27\xd0\x8f\x94\xda\xe7\x30\xe7\x63\x0d\x71\x9a\xb6\xdc\x9a\x85\x1c\x24\x7c\x29\xbb\xe7\x13\xbd\xa7\x51\xbd\x01\xc5\x7a\x01\xb2\xf6\x8a\x24\x74\x28\xa5\x0b\x30\x1e\x7f\x09\xff\x38\x8e\xf2\x99\x3c\x72\x30\xd0\x81\x6d\xf2\x32\xc3\xfc\x94\x6e\x19\x38\xbb\x6f\x73\x68\x7f\x05\x00\x00\xff\xff\xb2\xeb\xf2\xc0\x26\x0e\x00\x00"), + compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x02\xff\xd4\x56\x4d\x6f\xdb\x38\x10\xbd\xfb\x57\x10\xde\xdb\x02\x52\xb0\xc0\x1e\x02\xdf\x76\x7b\xe8\xa5\x28\x8a\xa4\xc8\x9d\xa6\x9e\xac\xa9\xa9\xa1\x4a\x0e\x9d\x34\xae\xff\x7b\x41\x59\xb1\x1c\x7f\x35\x56\x92\xb6\xd1\x49\x1c\x72\x66\xde\x70\x3e\xf8\x74\x43\x37\xf0\x81\x1c\x4f\xd4\xe2\x9f\xd1\x9c\xb8\x98\xa8\x6b\xf8\x05\x19\xfc\x67\x8c\x8b\x2c\xa3\x1a\xa2\x0b\x2d\x7a\x32\x52\x8a\x75\x8d\x89\x5a\x2e\x15\xb1\xb1\xb1\x80\x1a\xcf\x63\xad\xf3\x24\x1e\xab\x5c\xad\x56\x99\x71\x2c\xde\xd9\xac\xb1\x9a\xd1\x69\x84\x46\x9b\xb5\x5a\x7e\x05\x0b\x1d\x90\x7f\x7c\x10\xab\xd5\x6a\xa4\x94\xd5\x53\xd8\x90\x3c\x2c\x97\xd9\x8e\xf1\xf5\x5e\x32\xff\x5d\x31\x71\x01\x16\xf5\x6f\x52\xcb\xb2\x6c\xb4\x1d\x80\x9f\x6a\x93\xeb\x28\x95\xf3\x74\xaf\x85\x1c\xe7\xf3\xcb\x90\x93\xbb\xd8\x84\xf6\xce\xc6\x20\xf0\x57\xce\xe2\xbc\xb8\x26\xbb\x71\x0d\x42\xec\xa3\x45\xab\x93\x29\xdd\xd0\x7b\xef\x62\xd3\x2e\xd3\x97\xa9\xf1\xb8\xfd\xf5\x08\x2e\x7a\x83\xad\x9d\xcd\x25\x86\x8d\xa8\x71\x45\xbf\x08\xeb\x8c\xf5\x02\xe3\xb8\xa4\x59\xad\x9b\x5e\xc4\xae\xe8\x0e\x2c\xe0\xa7\x5b\xc6\x67\x90\xcd\xbf\xa5\xd0\x2f\x6e\xb5\x98\xea\x7c\xb0\x58\x80\xe5\xa0\x27\xe3\xa1\x05\x7d\x08\xa7\xec\xb7\x17\x49\xee\x98\x93\x94\xb8\x36\x15\x61\x5f\x44\x1c\x68\x56\x49\xbf\x53\x23\x54\x5b\x07\xef\x1d\xef\xac\x1e\x69\x9c\x7b\x3d\x07\x63\x8b\x4d\x71\x28\xd4\x0e\x29\x2c\xda\xcd\x21\x91\x37\xde\xdd\x7d\x13\xd4\x8d\xd5\x82\x37\x88\xf8\x22\x88\x96\xf8\x53\xe0\x47\xe0\x0c\xf1\x6f\xc8\x9b\x48\x32\xf5\xd0\x73\xf8\x3e\xf3\xb8\x13\x78\xd6\x76\xaf\x7b\x4a\x1d\xad\x10\x7f\x81\x49\x43\xa4\x97\x57\xd0\x56\x2a\x53\xc1\xcc\x7b\xa1\x78\x5d\x96\x64\x1a\xf8\x9a\x42\x78\x74\xbe\xdb\xb2\x6e\xb6\x27\xf3\x2e\x0a\xf6\xa4\xe2\x37\x3d\x3e\x24\xa7\xed\x24\x2a\x15\xbe\xaa\xfc\x46\xdb\x88\x90\x77\x53\xeb\x53\x6a\x8b\xbc\x76\x69\x42\x79\xd4\x4e\x30\x5e\xcf\xdd\x67\x54\x42\x72\x06\x2e\x92\x9d\xce\xef\xc6\x29\x53\x0e\xd6\x53\x8b\x62\xed\xe5\x70\xd2\x2e\xd7\x27\x0d\x9b\xf2\x44\xf2\x18\x72\xeb\xfc\x3c\xd3\x22\xda\x54\x35\x58\xb2\x02\x25\x31\xf5\xa9\x79\x91\xf2\xef\xe2\xda\x8a\xea\xec\xc1\x97\x46\xf2\x45\x49\xac\x2d\xdd\x3f\xd4\xd9\x0e\xb6\xf1\xdf\xe3\x81\x45\xbc\x9e\x61\xaf\x66\xbe\x9f\xa7\x4f\x72\xf1\x97\x5a\x68\x4b\xa9\x4c\x52\x1e\x95\xb8\x39\x58\x4d\x51\x3a\x0f\x45\x21\x44\x10\xcf\x54\xfd\xf9\xc3\xb5\x32\xf0\x72\x0c\x53\x7a\xab\xc1\x42\x66\xfb\xb1\x3e\x86\xb0\xf5\xe1\xb1\x20\xdc\x9e\x7a\x5c\x9e\x47\x0a\xfe\x27\x2e\x88\x67\xbf\x85\x1b\x38\x8b\x2b\x94\x49\xeb\xe1\xaa\x4e\xa0\x1f\x29\xb5\xcf\x68\xce\xc7\x1a\xe2\x34\x4d\xb9\x8e\x93\x1c\xa4\x7f\xe9\x76\xcf\xa7\x7d\x4f\x23\x7e\x03\x92\xf5\x02\xd4\xed\x15\x29\xe9\x50\x82\x17\x60\x3c\xfe\x10\xfe\x71\x1c\xe5\x0e\xab\xfc\x65\x40\x07\x96\xc9\xcb\x34\xf3\x53\xaa\x65\x60\xef\xbe\xcd\xa6\xfd\x11\x00\x00\xff\xff\x5b\x82\xc3\xe8\x34\x0e\x00\x00"), }, "/templates/cp-service.yaml": &vfsgen۰CompressedFileInfo{ name: "cp-service.yaml", @@ -222,7 +222,7 @@ var HelmTemplates = func() http.FileSystem { }, "/templates/cp-webhooks-and-secrets.yaml": &vfsgen۰CompressedFileInfo{ name: "cp-webhooks-and-secrets.yaml", - modTime: time.Date(2020, 11, 2, 8, 36, 18, 432933644, time.UTC), + modTime: time.Date(2020, 11, 2, 9, 41, 54, 745794754, time.UTC), uncompressedSize: 5312, compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x02\xff\xe4\x58\xdd\x6f\xdb\x36\x10\x7f\xd7\x5f\x41\x18\x2d\xd0\x16\xa0\x14\x27\x71\x90\x09\xe8\x43\xd7\xa6\xc5\xb0\xac\x08\x9a\x2c\x7b\xa6\xa8\x93\xc4\x99\x22\x35\xf2\xe4\xd4\x73\xfd\xbf\x0f\xa4\x3e\x2c\x39\x4e\xe2\x7e\x0c\xcb\x5a\x3f\x25\xf7\xc5\xbb\xfb\xfd\xee\x48\x68\xb5\xa2\xe4\x09\x67\x3f\xd7\x2a\x95\x40\xe2\x97\x24\xbc\x66\xb2\x06\x1b\x72\xad\xd0\x68\x79\x21\x99\x82\x10\xa5\x0d\x73\x50\x60\x98\x0c\x7b\xe3\xf5\x3a\x58\xad\xa2\x17\xc1\x3b\xaf\x40\x20\x1c\x0c\x8a\x4c\x70\x86\x60\x03\x0b\x10\x93\x02\xb1\xb2\x71\x14\x95\xcc\x22\x98\x52\xa8\xd4\x86\xb9\xc0\xa2\x4e\x42\xa1\x23\x5b\x19\x91\x47\xdc\x2c\x2b\xd4\x61\x81\xa5\xdc\x72\x82\x54\xd4\x65\xc8\x75\x19\xa9\x7a\xa1\x69\x6e\x74\x5d\x51\x04\x5e\x44\xa5\x5e\x00\x5d\xea\xda\x50\x77\xa6\xa5\xa8\x69\x01\xb2\xa4\xc7\xd9\x2c\x3b\x99\x1e\x1d\x9d\x32\xce\xc6\xc1\xda\x53\x7d\x30\xc0\x1b\x6d\xe6\x16\xcc\x42\x70\x28\xc1\x16\xbb\x44\x89\xd4\x49\x74\x7a\x70\xcc\xd2\xd9\xc1\xe1\x49\x92\xcc\xd2\x24\x3d\x3c\x9d\xf1\xc3\xc3\x83\x6c\x3a\x3b\xfa\x69\x96\xc1\xe1\x0c\x8e\x4f\xb2\x19\xa4\x49\x94\x42\x25\xf5\xb2\x04\x85\x36\x72\x99\x44\xca\x96\x11\x2f\x98\x41\x1b\xb1\xb4\x14\xd6\x0a\xad\xe8\x0d\x24\x85\xd6\xf3\x08\xa1\xac\xa4\xeb\xd2\x6d\x1d\xb5\xc0\x0d\x60\x88\x95\x0c\x5e\x44\xeb\x75\x10\x38\x84\x44\x46\xe0\xaf\x87\xa1\x69\x7c\xdf\xb3\x12\xc8\x64\x42\xa8\x07\xc8\xc1\xab\xcb\x52\x2b\x2f\x8e\x5f\x92\x67\x42\x71\x59\xa7\x40\x26\xf3\xba\x64\xe3\x60\x6d\x03\x9c\xe9\x84\x84\xcf\x37\x21\x98\xf4\x61\xad\x0b\x20\x85\x45\xf2\xac\x32\x42\x61\x46\x26\x4f\x6d\xf8\xd4\x4e\x46\x87\x84\x1f\x40\x02\xb3\x10\x7a\x97\x8a\x71\x78\xbe\x65\x1f\xda\x05\x7f\xd8\x67\x53\x00\x18\xbc\xba\x3a\x77\x87\x1f\x9d\xcc\x0e\x06\x0a\xe6\x64\x39\xa8\xd7\xaf\x9a\x72\x28\x67\x93\x8d\x3d\xed\xfa\xf7\xc4\x99\x80\xc1\xd6\xfa\x52\xe4\x0a\x52\x2f\x18\xe6\xa0\x84\x1c\x54\xda\x47\x71\xa7\x8c\x52\x71\x51\xba\x88\xa1\x8f\xd2\xab\xe7\xb0\x1c\x69\x7f\x85\x65\xab\x1c\x4c\xd9\x4b\xf7\x77\xe3\xf8\x89\x24\x27\xc7\xa0\xb8\x1b\x26\x4a\x69\xc0\x2a\x71\x0d\xc6\x11\x22\x26\x8b\x69\x30\x17\x2a\x8d\xc9\xa5\x87\x35\xc0\x65\x05\x31\x99\xd7\x09\x18\x05\x08\xd6\x8d\x10\x4a\x1b\x94\x80\x2c\x65\xc8\xe2\x80\x10\xc5\x4a\x88\xc9\x6a\x45\xc6\x20\xab\x06\x50\xb2\x5e\x53\x94\xd6\x0f\x4d\x6b\xec\x5b\xed\x3d\x6e\x23\xe0\x92\x22\x44\xb2\x04\xa4\x75\xc1\x3d\x13\x47\x71\x1b\x9d\x8b\xfc\x89\x28\xa1\x52\x50\x48\x8e\x9d\x5b\x97\x8f\x63\x27\x37\xe8\x0f\x68\x7a\x37\xac\xb8\xd1\xcf\x61\xd9\xe8\x5d\xf3\xb6\xf4\x9c\x0d\xdc\x47\x8b\x87\x12\x50\xe9\xae\xb6\xf5\x23\x65\x20\x17\x16\x0d\x43\xa1\x55\x38\x3f\xf5\xfd\x5a\x4c\x13\x40\xd6\x35\xf6\xb7\x1a\x19\x0a\x95\xff\xd1\xcc\xde\x6b\xad\x32\x91\xd7\x8d\xc7\x67\xb6\x75\x33\xc8\x65\x1b\xb4\x9f\x68\x3e\x0a\xfb\x25\x6d\xdf\xb7\xeb\xed\x89\xde\x8b\xb6\x49\xbb\x65\x16\xa6\x90\xb1\x5a\x22\x98\xd0\x0f\x49\x9f\xac\xff\x37\x14\x3a\x20\x84\x90\x8c\x09\x59\x1b\xb8\xd0\x52\xf0\x65\x4c\xde\x32\x21\xbd\x9c\x4b\x01\x0a\x9b\xe6\xc4\x5e\xe2\x70\x69\xb0\xb8\x8d\x4c\xa3\x6f\x17\x49\x67\xbe\x6f\xd1\x1b\xdb\x1d\xdd\xbe\x67\x53\x0d\xbd\x2b\x86\x45\x4c\xa2\xb6\x64\xea\x0b\x16\x9a\x2e\xa6\x4c\x56\x05\x9b\x52\xd7\x10\x6f\x6c\x6a\x09\xb6\xcb\x90\x12\x56\x89\x77\xee\x86\xb1\x9b\xa4\x9d\x78\xd8\x21\xf7\xdb\x50\x6d\xcb\xb0\x3b\xa0\x17\xea\x0a\x1a\xcc\xb7\x0c\x5f\x7f\x38\x7b\x75\x75\x36\x12\xfd\x7e\xf1\x66\x28\x32\x60\x75\x6d\x38\x6c\x39\xba\xcc\xc1\x7a\x91\x15\x29\x9c\x65\x19\x70\xb4\x31\x79\xaf\x15\x0c\x10\xd7\x37\x0a\x0c\x35\x90\x81\x01\xc5\xe1\xc7\x81\x7c\xab\xf0\x5b\xd0\x3f\x26\xd4\xef\x80\x98\x0b\xc3\x6b\x81\x89\x01\x36\x07\x63\x47\x3a\xf8\x88\x60\x14\x93\x6d\x1f\xc6\x4a\x4f\x76\xa1\xfe\x04\xee\xcf\x1e\xe9\x0a\x60\x12\x0b\x5e\x00\x9f\x8f\x15\x95\xd1\x1f\x97\xfd\x63\x64\xa4\x42\xc3\xb2\x4c\x70\xa9\xf3\x9d\xf2\xca\xbd\xe6\x3c\x9f\x76\xaa\x8d\xae\xef\x08\x88\x86\xf1\x3d\x38\xdc\x40\xe7\xcb\xd1\xe6\x3e\xca\x3a\x66\xed\x7a\x16\x75\xbe\x6f\x87\xe6\x1d\x67\xfe\x9f\xf4\x6e\x4a\xa2\xae\x6d\x9c\x99\xcf\x20\xf3\x64\xb2\x0f\x8f\xbf\x11\x83\x2b\x9d\xde\x05\xef\x57\xdc\xd4\xd7\x4c\x8a\xf4\x5b\xdd\xd5\x8b\x3e\xd8\x23\xb9\xa3\xdb\x84\xf4\x0f\x74\x3d\xb7\x25\x3f\xee\x25\xbd\xe3\x6a\x76\xa2\x37\x67\xe7\x67\x5f\xb7\xca\x1d\x57\x2b\xd7\xa8\x7f\x7b\xc3\x0f\x9e\x0c\x8f\x63\xe9\x77\x9a\xbf\xb5\xda\xe3\x1a\x68\x1b\x11\x7e\xc9\x80\xfc\x92\x2b\x6d\xe0\x7b\x18\x91\xc5\x94\xb6\xc6\xff\xf9\xd2\xdf\xff\xb1\x3a\xe2\xf0\xfd\x18\xfb\x0f\x1e\x7b\x41\xdc\x63\x70\x09\xd2\x5f\xef\xdd\x99\x25\x43\x5e\x9c\xf7\xeb\xb8\xf9\xb5\x9e\x91\x5d\x5a\x84\x92\x0e\x00\x9c\xa0\xa9\x61\xf2\x1d\xb0\xe6\x41\xda\xf8\x2f\x07\x8f\x90\x35\xfb\xef\xd1\xa6\x86\xbb\x78\xf4\x4f\x00\x00\x00\xff\xff\xb1\x8a\x50\x1d\xc0\x14\x00\x00"), @@ -264,7 +264,7 @@ var HelmTemplates = func() http.FileSystem { }, "/values.yaml": &vfsgen۰CompressedFileInfo{ name: "values.yaml", - modTime: time.Date(2020, 11, 2, 8, 36, 18, 433473494, time.UTC), + modTime: time.Date(2020, 11, 2, 9, 41, 54, 746421125, time.UTC), uncompressedSize: 1802, compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x02\xff\xac\x54\xc1\x6e\x23\x45\x10\xbd\xcf\x57\x94\xec\x73\x6c\x67\x21\x11\x9a\xdb\xae\x57\xa0\x88\x6c\x14\xe1\x68\x39\x97\x7b\xca\x33\x85\x7b\xaa\x87\xea\x6a\x83\x41\xfc\x3b\xea\x6e\xc7\x49\x20\x64\x41\xe2\x66\xbf\xae\x7e\xf3\xba\xea\xd5\x9b\xc3\xc3\x40\xd0\xd1\x0e\x93\x37\x50\xea\x39\x9a\x1e\x01\xa5\x03\xc3\x1e\x2c\x40\x8a\x04\xbb\xa0\x80\xde\xc3\xf7\x69\x44\xe0\x11\x7b\x8a\x4d\xef\xc3\x16\x7d\xdb\x00\x08\x8e\x14\x27\x74\xd4\xc2\x6c\x9f\x46\xbc\x88\xc7\x68\x34\xce\x1a\xa8\xb5\xb9\x06\xce\xdc\xb9\x28\x48\x7f\xd1\x05\xb7\x27\xbd\x28\x17\xea\xef\xc5\x96\xc5\x14\x8f\x0b\x0e\xb3\x72\x65\x0e\x1f\xab\xb0\x98\x85\x2c\xd6\x03\xaa\x2d\xde\x4f\xd3\x67\xd2\xc8\x41\x4e\x35\x86\x7d\x0b\xb3\x59\xd3\xcc\xe1\xc7\x81\x6c\x20\x85\xa0\x20\xc1\xf2\xa5\x09\xcd\x0d\x60\x03\x81\xa1\xf6\x64\x4f\x62\xe1\x17\xb6\x7a\x52\xe5\x82\xc7\x2d\xf9\xa6\x5c\xd8\x14\xe4\xee\xe9\x5d\xa6\x89\x9a\xc6\x05\x31\x0d\xfe\xde\xa3\x94\x47\xf9\xd0\xdf\xd2\x81\x7c\x0b\x33\x96\x5d\x11\x3d\x86\x2e\xb7\x21\x1a\x4a\x87\x3e\x08\x65\x70\x0e\xbf\x05\xa1\x2a\x12\x60\xdf\xc5\xef\x4a\xef\xde\x77\x9d\x52\x8c\x8f\xb8\x84\x8e\x36\xe4\xc9\x59\xd0\xda\xb2\x7d\xda\x92\x0a\x19\xc5\x05\x87\x65\x88\x2d\x78\x96\xf4\xeb\x2b\x67\xa8\x6e\x68\x01\xc7\xee\xfa\xeb\x4c\xc5\xf2\x53\xa1\xf9\x16\xd9\x27\xa5\xfb\xe0\xd9\x1d\x5b\xb8\xe9\x25\x28\xe5\x82\x48\x7a\x60\x77\x9a\xcc\xbc\x34\xa5\xc8\xc8\x7f\xed\x38\x51\x0b\x6b\x9f\xa2\x91\xde\xdc\x17\x0c\x45\x82\xa1\x71\x90\xd8\xc2\xef\x7f\x64\x8a\x3a\xff\x1f\x68\x0c\x46\x9b\xa3\xb8\xcd\x17\x29\x6f\x03\x76\x1f\xd0\xa3\x38\xd2\x57\x59\x33\x36\x05\xb5\x16\xae\xae\xbf\xb9\xca\x1f\x39\x19\x33\x56\xd6\xb8\xe7\xe9\x13\xc5\x61\xad\x54\x6e\xb5\xb0\x43\x1f\xcb\x83\xe6\xd9\x60\x31\x24\x75\x54\x8a\xe7\x50\x3d\xf7\x73\xa2\x68\xcf\x10\x00\x37\xa5\x16\x2e\x57\xab\xf1\x19\x36\xd2\x18\xb2\x33\xdf\x5d\x5d\x7f\xe2\x4a\xf7\x70\xbb\x29\xb6\x3f\xa0\x72\x48\xb1\x74\x8c\x34\x36\x00\xe6\x4f\x72\x7a\x12\xd2\xba\x02\x45\x1d\x39\x25\xbb\x7b\xfe\x6e\x00\x87\x1f\x92\x74\xfe\x09\xc2\x89\x37\x85\xea\xed\x6b\x9e\x49\x6c\x4d\x6a\x71\xf3\xf7\xf3\xb3\x83\xbe\xc8\xb4\xef\x62\x9d\xd0\xba\x10\xfe\x43\xe5\xcb\x45\x9d\x92\xf7\x67\xc7\xec\xee\x82\xdd\x2b\x45\x12\x3b\x6d\xf1\x14\x22\x5b\xa8\x7b\x9c\x77\xd7\x4d\xd5\xe2\x95\xf3\x6c\x0f\x92\xc3\x67\xd4\xfa\xd7\x09\xb7\x05\xc2\xad\xa7\xee\x71\x6a\x00\x6e\x40\x96\xe7\x80\x90\x7d\x64\x6d\x61\x49\xe6\x96\x4e\x78\x39\x26\x6f\x29\x2e\x85\x6c\xd1\x35\x00\x5b\x96\x7a\x7e\x40\x5d\x7a\xde\x96\x9a\x2d\xe7\x24\x70\x41\x76\xf5\x41\x55\x95\xf0\x22\x43\x2f\xb6\x34\x2f\xe9\xff\xbd\x69\xaf\x06\xdc\x29\xcf\x1e\x73\xec\x45\xd3\x7c\xd8\xee\xc3\x81\xfd\x11\x97\x2c\xd1\xd0\xfb\x2c\xf6\xb4\x27\x25\xca\x56\x8b\xd5\xe2\x5d\xc9\xb3\x75\x90\x1d\xf7\x49\x8b\xdb\x8b\x1d\x73\x5e\xe5\x07\x42\x87\x86\x53\x0e\x22\x88\xdc\x91\x43\x6d\x32\x72\x8e\xa6\x17\xba\xfe\x3a\xb2\x6e\x9a\xbd\x3d\xe9\x32\xd0\x37\x3e\xce\xc2\x06\xd3\x80\x91\x80\xa5\x66\xe8\x49\x04\x94\xb3\x9b\xb7\xbe\x9e\x0b\x66\x4d\xc3\xd2\x97\xf4\x7b\xcd\x18\x23\xc5\xa1\x7d\x5c\xfe\x1c\x03\x8a\x2c\x0f\x9c\xa7\xfb\xd5\x2a\xfe\xab\xfc\xfa\x0f\x61\x73\xb9\x5a\xad\x2e\x9b\x3f\x03\x00\x00\xff\xff\xab\xb7\x94\xbd\x0a\x07\x00\x00"), diff --git a/deployments/charts/kuma/templates/cp-rbac.yaml b/deployments/charts/kuma/templates/cp-rbac.yaml index cb56c569e06a..99b8ba5501ba 100644 --- a/deployments/charts/kuma/templates/cp-rbac.yaml +++ b/deployments/charts/kuma/templates/cp-rbac.yaml @@ -20,6 +20,7 @@ rules: - pods - services - configmaps + - nodes verbs: - get - list diff --git a/pkg/api-server/zone_overview_endpoints_test.go b/pkg/api-server/zone_overview_endpoints_test.go index 37d0edb80c9f..ba7bb70cac6b 100644 --- a/pkg/api-server/zone_overview_endpoints_test.go +++ b/pkg/api-server/zone_overview_endpoints_test.go @@ -79,17 +79,11 @@ var _ = Describe("Zone Overview Endpoints", func() { } BeforeEach(func() { - createZoneWithInsights("zone-1", system_proto.Zone{ - Ingress: &system_proto.Zone_Ingress{Address: "10.20.1.1:10001"}, - }) + createZoneWithInsights("zone-1", system_proto.Zone{}) - createZoneWithInsights("zone-2", system_proto.Zone{ - Ingress: &system_proto.Zone_Ingress{Address: "10.20.1.2:10002"}, - }) + createZoneWithInsights("zone-2", system_proto.Zone{}) - createZoneWithInsights("zone-3", system_proto.Zone{ - Ingress: &system_proto.Zone_Ingress{Address: "10.20.1.3:10003"}, - }) + createZoneWithInsights("zone-3", system_proto.Zone{}) }) zone1Json := ` @@ -99,9 +93,6 @@ var _ = Describe("Zone Overview Endpoints", func() { "creationTime": "2018-07-17T16:05:36.995Z", "modificationTime": "2018-07-17T16:05:36.995Z", "zone": { - "ingress": { - "address": "10.20.1.1:10001" - } }, "zoneInsight": { "subscriptions": [ @@ -124,9 +115,6 @@ var _ = Describe("Zone Overview Endpoints", func() { "creationTime": "2018-07-17T16:05:36.995Z", "modificationTime": "2018-07-17T16:05:36.995Z", "zone": { - "ingress": { - "address": "10.20.1.2:10002" - } }, "zoneInsight": { "subscriptions": [ @@ -149,9 +137,6 @@ var _ = Describe("Zone Overview Endpoints", func() { "creationTime": "2018-07-17T16:05:36.995Z", "modificationTime": "2018-07-17T16:05:36.995Z", "zone": { - "ingress": { - "address": "10.20.1.3:10003" - } }, "zoneInsight": { "subscriptions": [ diff --git a/pkg/api-server/zones_ws.go b/pkg/api-server/zones_ws.go index a666c35f3032..2fe66b71918a 100644 --- a/pkg/api-server/zones_ws.go +++ b/pkg/api-server/zones_ws.go @@ -55,7 +55,7 @@ func toZones(rlist system.ZoneOverviewResourceList) Zones { for _, overview := range rlist.Items { zones = append(zones, Zone{ Name: overview.GetMeta().GetName(), - Address: overview.Spec.Zone.Ingress.Address, + Address: "", // todo remove? Active: overview.Spec.ZoneInsight.IsOnline(), }) } diff --git a/pkg/core/resources/apis/mesh/dataplane_validator.go b/pkg/core/resources/apis/mesh/dataplane_validator.go index 299bf9337242..d19012b6c180 100644 --- a/pkg/core/resources/apis/mesh/dataplane_validator.go +++ b/pkg/core/resources/apis/mesh/dataplane_validator.go @@ -102,7 +102,7 @@ func validateIngressNetworking(networking *mesh_proto.Dataplane_Networking) vali } for i, inbound := range networking.GetInbound() { p := path.Field("inbound").Index(i) - if inbound.Port < 1 || inbound.Port > 65535 { + if inbound.Port > 65535 { err.AddViolationAt(p.Field("port"), `port has to be in range of [1, 65535]`) } if inbound.ServicePort != 0 { @@ -121,8 +121,26 @@ func validateIngressNetworking(networking *mesh_proto.Dataplane_Networking) vali } } } - for i, ingressInterface := range networking.GetIngress().GetAvailableServices() { - p := path.Field("ingress").Field("availableService").Index(i) + err.Add(validateIngress(path.Field("ingress"), networking.Ingress)) + return err +} + +func validateIngress(path validators.PathBuilder, ingress *mesh_proto.Dataplane_Networking_Ingress) validators.ValidationError { + if ingress == nil { + return validators.ValidationError{} + } + var err validators.ValidationError + if (ingress.GetPublicAddress() == "") != (ingress.GetPublicPort() == 0) { + err.AddViolationAt(path.Field("publicAddress"), `has to be defined with publicPort`) + } + if ingress.GetPublicAddress() != "" { + err.Add(validateAddress(path.Field("publicAddress"), ingress.GetPublicAddress())) + } + if ingress.GetPublicPort() > 65535 { + err.AddViolationAt(path.Field("publicPort"), `port has to be in range of [1, 65535]`) + } + for i, ingressInterface := range ingress.GetAvailableServices() { + p := path.Field("availableService").Index(i) if _, ok := ingressInterface.Tags[mesh_proto.ServiceTag]; !ok { err.AddViolationAt(p.Field("tags").Key(mesh_proto.ServiceTag), "cannot be empty") } diff --git a/pkg/core/resources/apis/mesh/dataplane_validator_test.go b/pkg/core/resources/apis/mesh/dataplane_validator_test.go index 89255dbda2ba..02b1e4135d81 100644 --- a/pkg/core/resources/apis/mesh/dataplane_validator_test.go +++ b/pkg/core/resources/apis/mesh/dataplane_validator_test.go @@ -112,13 +112,15 @@ var _ = Describe("Dataplane", func() { tags: kuma.io/service: redis`, ), - Entry("dataplane in ingress mode", ` + Entry("dataplane in ingress mode with public address and port", ` type: Dataplane name: dp-1 mesh: default networking: address: 192.168.0.1 ingress: + publicAddress: 10.0.0.1 + publicPort: 1234 availableServices: - tags: kuma.io/service: backend @@ -131,6 +133,18 @@ var _ = Describe("Dataplane", func() { inbound: - port: 10001`, ), + // no public address and port is valid because we may be waiting for Kubernetes to reconcile it + Entry("dataplane in ingress mode without public address and port", ` + type: Dataplane + name: dp-1 + mesh: default + networking: + address: 192.168.0.1 + ingress: + availableServices: [] + inbound: + - port: 10001`, + ), Entry("dataplane domain name in the address", ` type: Dataplane name: dp-1 @@ -742,6 +756,36 @@ var _ = Describe("Dataplane", func() { - field: networking.inbound[0].address message: cannot be defined in the ingress mode`, }), + Entry("networking.ingress: invalid public address and port", testCase{ + dataplane: ` + type: Dataplane + name: dp-1 + mesh: default + networking: + address: 192.168.0.1 + ingress: + publicAddress: "!@#$" + publicPort: 100000 + availableServices: + - tags: + kuma.io/service: backend + version: "1" + region: us + - tags: + kuma.io/service: web + version: v2 + region: eu + inbound: + - port: 10001 + tags: + name: ingress-dp`, + expected: ` + violations: + - field: networking.ingress.publicAddress.address + message: address has to be valid IP address or domain name + - field: networking.ingress.publicPort + message: port has to be in range of [1, 65535]`, + }), Entry("inbound service address", testCase{ dataplane: ` type: Dataplane diff --git a/pkg/core/resources/apis/system/zone_validator.go b/pkg/core/resources/apis/system/zone_validator.go index ffb705791fbd..c8b763af3d87 100644 --- a/pkg/core/resources/apis/system/zone_validator.go +++ b/pkg/core/resources/apis/system/zone_validator.go @@ -1,40 +1,5 @@ package system -import ( - "net" - "net/url" - - "github.com/kumahq/kuma/pkg/core/validators" -) - func (c *ZoneResource) Validate() error { - var err validators.ValidationError - err.Add(c.validateIngress()) - return err.OrNil() -} - -func (c *ZoneResource) validateIngress() validators.ValidationError { - var verr validators.ValidationError - if c.Spec.GetIngress().GetAddress() == "" { - verr.AddViolation("address", "cannot be empty") - } else { - host, port, err := net.SplitHostPort(c.Spec.GetIngress().GetAddress()) - if err != nil { - url, urlErr := url.Parse(c.Spec.GetIngress().GetAddress()) - if urlErr == nil && url.Scheme != "" { - verr.AddViolation("address", "should not be URL. Expected format is hostname:port") - } else { - verr.AddViolation("address", "invalid address: "+err.Error()) - } - } else { - if host == "" { - verr.AddViolation("address", "host has to be explicitly specified") - } - if port == "" { - verr.AddViolation("address", "port has to be explicitly specified") - } - } - } - - return verr + return nil } diff --git a/pkg/core/resources/apis/system/zone_validator_test.go b/pkg/core/resources/apis/system/zone_validator_test.go deleted file mode 100644 index 482778666e4c..000000000000 --- a/pkg/core/resources/apis/system/zone_validator_test.go +++ /dev/null @@ -1,93 +0,0 @@ -package system_test - -import ( - "fmt" - - "github.com/ghodss/yaml" - . "github.com/onsi/ginkgo" - . "github.com/onsi/ginkgo/extensions/table" - . "github.com/onsi/gomega" - - "github.com/kumahq/kuma/pkg/core/resources/apis/system" - - util_proto "github.com/kumahq/kuma/pkg/util/proto" -) - -var _ = Describe("Zone", func() { - Describe("Validate()", func() { - DescribeTable("should pass validation", - func(zoneYAML string) { - // setup - zone := system.ZoneResource{} - - // when - err := util_proto.FromYAML([]byte(zoneYAML), &zone.Spec) - // then - Expect(err).ToNot(HaveOccurred()) - fmt.Printf("%v", zone.Spec) - - // when - verr := zone.Validate() - // then - Expect(verr).ToNot(HaveOccurred()) - }, - Entry("valid zone", ` - ingress: - address: 192.168.0.2:10001`), - ) - - type testCase struct { - zone string - expected string - } - DescribeTable("should validate all fields and return as much individual errors as possible", - func(given testCase) { - // setup - zone := system.ZoneResource{} - - // when - err := util_proto.FromYAML([]byte(given.zone), &zone.Spec) - // then - Expect(err).ToNot(HaveOccurred()) - - // when - verr := zone.Validate() - // and - actual, err := yaml.Marshal(verr) - - // then - Expect(err).ToNot(HaveOccurred()) - // and - Expect(actual).To(MatchYAML(given.expected)) - }, - Entry("spec: empty", testCase{ - zone: ``, - expected: ` - violations: - - field: address - message: cannot be empty`}), - Entry("wrong format", testCase{ - zone: ` - ingress: - address: 192.168.0.2`, - expected: ` - violations: - - field: address - message: "invalid address: address 192.168.0.2: missing port in address"`}), - Entry("spec: empty", testCase{ - zone: ``, - expected: ` - violations: - - field: address - message: cannot be empty`}), - Entry("url instead of address", testCase{ - zone: ` - ingress: - address: grpcs://192.168.0.2:1234`, - expected: ` - violations: - - field: address - message: should not be URL. Expected format is hostname:port`}), - ) - }) -}) diff --git a/pkg/kds/global/components.go b/pkg/kds/global/components.go index 5b49a598746a..5cbe78e6ac11 100644 --- a/pkg/kds/global/components.go +++ b/pkg/kds/global/components.go @@ -3,11 +3,10 @@ package global import ( "context" "fmt" - "net" - "strconv" "strings" config_manager "github.com/kumahq/kuma/pkg/core/config/manager" + "github.com/kumahq/kuma/pkg/core/resources/manager" "github.com/pkg/errors" @@ -20,7 +19,6 @@ import ( "github.com/kumahq/kuma/pkg/core/resources/apis/mesh" "github.com/kumahq/kuma/pkg/core/resources/apis/system" "github.com/kumahq/kuma/pkg/core/resources/model" - "github.com/kumahq/kuma/pkg/core/resources/registry" "github.com/kumahq/kuma/pkg/core/runtime" "github.com/kumahq/kuma/pkg/kds/client" sync_store "github.com/kumahq/kuma/pkg/kds/store" @@ -67,10 +65,10 @@ func Setup(rt runtime.Runtime) (err error) { } }() kdsStream := client.NewKDSStream(session.ClientStream(), session.PeerID()) - zone := &system.ZoneResource{} - if err := rt.ReadOnlyResourceManager().Get(context.Background(), zone, store.GetByKey(session.PeerID(), "default")); err != nil { - // send error back to Remote CP, it will re-try later when ZoneResource will appear - return errors.Wrap(err, "ZoneResource doesn't exist") + zone, err := createZoneIfAbsent(session.PeerID(), rt.ResourceManager()) + if err != nil { + log.Error(err, "Global CP could not create a zone") + return errors.New("Global CP could not create a zone") // send back message without details. Remote CP will retry } sink := client.NewKDSSink(log, consumedTypes, kdsStream, Callbacks(resourceSyncer, rt.Config().Store.Type == store_config.KubernetesStore, zone)) go func() { @@ -83,6 +81,21 @@ func Setup(rt runtime.Runtime) (err error) { return rt.Add(mux.NewServer(onSessionStarted, *rt.Config().Multicluster.Global.KDS, rt.Metrics())) } +func createZoneIfAbsent(name string, resManager manager.ResourceManager) (*system.ZoneResource, error) { + zone := &system.ZoneResource{} + if err := resManager.Get(context.Background(), zone, store.GetByKey(name, model.DefaultMesh)); err != nil { + if !store.IsResourceNotFound(err) { + return nil, err + } + kdsGlobalLog.Info("creating zone", "name", name) + err := resManager.Create(context.Background(), zone, store.CreateByKey(name, model.DefaultMesh)) + if err != nil { + return nil, err + } + } + return zone, nil +} + // ProvidedFilter filter Resources provided by Remote, specifically excludes Dataplanes and Ingresses from 'clusterID' cluster func ProvidedFilter(clusterID string, r model.Resource) bool { if r.GetType() == system.ConfigType && r.GetMeta().GetName() != config_manager.ClusterIdConfigKey { @@ -106,10 +119,6 @@ func Callbacks(s sync_store.ResourceSyncer, k8sStore bool, zone *system.ZoneReso if k8sStore { util.AddSuffixToNames(rs.GetItems(), "default") } - if rs.GetItemType() == mesh.DataplaneType { - rs = dedupIngresses(rs) - adjustIngressNetworking(zone, rs) - } return s.Sync(rs, sync_store.PrefilterBy(func(r model.Resource) bool { return strings.HasPrefix(r.GetMeta().GetName(), fmt.Sprintf("%s.", clusterName)) })) @@ -117,40 +126,6 @@ func Callbacks(s sync_store.ResourceSyncer, k8sStore bool, zone *system.ZoneReso } } -func adjustIngressNetworking(zone *system.ZoneResource, rs model.ResourceList) { - host, portStr, err := net.SplitHostPort(zone.Spec.GetIngress().GetAddress()) - if err != nil { - kdsGlobalLog.Error(err, "failed parsing ingress", "host", host, "port", portStr) - return - } - port, _ := strconv.ParseUint(portStr, 10, 32) - for _, r := range rs.GetItems() { - if !r.(*mesh.DataplaneResource).Spec.IsIngress() { - continue - } - r.(*mesh.DataplaneResource).Spec.Networking.Address = host - r.(*mesh.DataplaneResource).Spec.Networking.Inbound[0].Port = uint32(port) - } -} - -// dedupIngresses returns ResourceList that consist of Dataplanes from 'rs' and has single Ingress. -// We assume to have single Ingress Resource per Zone. -func dedupIngresses(rs model.ResourceList) model.ResourceList { - rv, _ := registry.Global().NewList(rs.GetItemType()) - ingressPicked := false - for _, r := range rs.GetItems() { - if !r.(*mesh.DataplaneResource).Spec.IsIngress() { - _ = rv.AddItem(r) - continue - } - if !ingressPicked { - _ = rv.AddItem(r) - ingressPicked = true - } - } - return rv -} - func ConsumesType(typ model.ResourceType) bool { for _, consumedTyp := range consumedTypes { if consumedTyp == typ { diff --git a/pkg/kds/global/components_test.go b/pkg/kds/global/components_test.go index b06b19e8edcc..a3ecfb7cb8aa 100644 --- a/pkg/kds/global/components_test.go +++ b/pkg/kds/global/components_test.go @@ -54,11 +54,7 @@ var _ = Describe("Global Sync", func() { clientStreams = append(clientStreams, ss.ClientStream(stopCh)) } zone := &system.ZoneResource{ - Spec: system_proto.Zone{ - Ingress: &system_proto.Zone_Ingress{ - Address: "192.168.0.2:10001", - }, - }, + Spec: system_proto.Zone{}, } kds_setup.StartClient(clientStreams, []model.ResourceType{mesh.DataplaneType}, stopCh, global.Callbacks(globalSyncer, false, zone)) diff --git a/pkg/plugins/runtime/k8s/controllers/ingress_converter.go b/pkg/plugins/runtime/k8s/controllers/ingress_converter.go new file mode 100644 index 000000000000..74e465506740 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/ingress_converter.go @@ -0,0 +1,131 @@ +package controllers + +import ( + "context" + + "github.com/pkg/errors" + kube_core "k8s.io/api/core/v1" + + mesh_proto "github.com/kumahq/kuma/api/mesh/v1alpha1" + "github.com/kumahq/kuma/pkg/plugins/runtime/k8s/metadata" +) + +// List of priority for picking IP when Service that selects ingress is of type NodePort +// We first try to find ExternalIP and then InternalIP. +// ExternalIP will be available in public clouds like GCP, but not on Kind or Minikube. +// On the other hand, on Kind with multicluster, there is a connectivity between clusters using InternalIP. +// Technically there is a risk that we will pick InternalIP and other cluster will try to access it without connectivity between them. +// However, in most cases, LoadBalancer will be used anyways, therefore we accept this risk. +var NodePortAddressPriority = []kube_core.NodeAddressType{ + kube_core.NodeExternalIP, + kube_core.NodeInternalIP, +} + +func (p *PodConverter) IngressFor(pod *kube_core.Pod, services []*kube_core.Service) (*mesh_proto.Dataplane, error) { + ifaces, err := InboundInterfacesFor(p.Zone, pod, services) + if err != nil { + return nil, errors.Wrap(err, "could not generate inbound interfaces") + } + if len(ifaces) != 1 { + return nil, errors.Errorf("generated %d inbound interfaces, expected 1. Interfaces: %v", len(ifaces), ifaces) + } + if len(services) != 1 { + return nil, errors.Errorf("ingress should be matched by exactly one service. Matched %d services", len(services)) + } + + ingress, err := p.ingressSpecFromAnnotations(metadata.Annotations(pod.Annotations)) + if err != nil { + return nil, err + } + + if ingress == nil { // if ingress public coordinates were not present in annotations we will try to pick it from service + ingress, err = p.ingressSpecFromService(services[0]) + if err != nil { + return nil, err + } + } + + return &mesh_proto.Dataplane{ + Networking: &mesh_proto.Dataplane_Networking{ + Ingress: ingress, + Address: pod.Status.PodIP, + Inbound: ifaces, + }, + }, nil +} + +func (p *PodConverter) ingressSpecFromAnnotations(annotations metadata.Annotations) (*mesh_proto.Dataplane_Networking_Ingress, error) { + publicAddress, addressExist := annotations.GetString(metadata.KumaIngressPublicAddressAnnotation) + publicPort, portExist, err := annotations.GetUint32(metadata.KumaIngressPublicPortAnnotation) + if err != nil { + return nil, errors.Wrapf(err, "failed to parse annotation %s", metadata.KumaIngressPublicPortAnnotation) + } + if addressExist != portExist { + return nil, errors.Errorf("both %s and %s has to be defined", metadata.KumaIngressPublicAddressAnnotation, metadata.KumaIngressPublicPortAnnotation) + } + if addressExist && portExist { + return &mesh_proto.Dataplane_Networking_Ingress{ + PublicAddress: publicAddress, + PublicPort: publicPort, + }, nil + } + return nil, nil +} + +// ingressSpecFromService is trying to generate ingress with public address and port using Service that selects the ingress +func (p *PodConverter) ingressSpecFromService(service *kube_core.Service) (*mesh_proto.Dataplane_Networking_Ingress, error) { + switch service.Spec.Type { + case kube_core.ServiceTypeLoadBalancer: + return p.ingressSpecFromLoadBalancer(service) + case kube_core.ServiceTypeNodePort: + return p.ingressSpecFromNodePort(service) + default: + converterLog.Info("ingress service type is not public, therefore the public coordinates of the ingress will not be automatically set. Change the ingress service to LoadBalancer or NodePort or override the settings using annotations.") + return &mesh_proto.Dataplane_Networking_Ingress{}, nil + } +} + +func (p *PodConverter) ingressSpecFromNodePort(service *kube_core.Service) (*mesh_proto.Dataplane_Networking_Ingress, error) { + nodes := &kube_core.NodeList{} + if err := p.NodeGetter.List(context.Background(), nodes); err != nil { + return nil, err + } + if len(nodes.Items) < 1 { // this should not happen, K8S always has at least one node + return nil, errors.New("there are no nodes") + } + for _, addressType := range NodePortAddressPriority { + for _, address := range nodes.Items[0].Status.Addresses { + if address.Type == addressType { + ingress := &mesh_proto.Dataplane_Networking_Ingress{ + PublicAddress: address.Address, + PublicPort: uint32(service.Spec.Ports[0].NodePort), + } + return ingress, nil + } + } + } + return nil, errors.New("could not find valid Node address for Ingress publicAddress") +} + +func (p *PodConverter) ingressSpecFromLoadBalancer(service *kube_core.Service) (*mesh_proto.Dataplane_Networking_Ingress, error) { + if len(service.Status.LoadBalancer.Ingress) == 0 { + converterLog.V(1).Info("load balancer for ingress is not yet ready") + return &mesh_proto.Dataplane_Networking_Ingress{}, nil + } + publicAddress := "" + if service.Status.LoadBalancer.Ingress[0].Hostname != "" { + publicAddress = service.Status.LoadBalancer.Ingress[0].Hostname + } + if service.Status.LoadBalancer.Ingress[0].IP != "" { + publicAddress = service.Status.LoadBalancer.Ingress[0].IP + } + if publicAddress == "" { + converterLog.V(1).Info("load balancer for ingress is not yet ready. Hostname and IP are empty") + return &mesh_proto.Dataplane_Networking_Ingress{}, nil + } + ingress := &mesh_proto.Dataplane_Networking_Ingress{ + PublicAddress: publicAddress, + PublicPort: uint32(service.Spec.Ports[0].Port), // service has to have port, otherwise we would not generate inbound + } + return ingress, nil +} diff --git a/pkg/plugins/runtime/k8s/controllers/pod_converter.go b/pkg/plugins/runtime/k8s/controllers/pod_converter.go index 51dcc6738974..9f804a949cfc 100644 --- a/pkg/plugins/runtime/k8s/controllers/pod_converter.go +++ b/pkg/plugins/runtime/k8s/controllers/pod_converter.go @@ -25,6 +25,7 @@ var ( type PodConverter struct { ServiceGetter kube_client.Reader + NodeGetter kube_client.Reader Zone string } @@ -152,24 +153,6 @@ func (p *PodConverter) DataplaneFor( return dataplane, nil } -func (p *PodConverter) IngressFor(pod *kube_core.Pod, services []*kube_core.Service) (*mesh_proto.Dataplane, error) { - ifaces, err := InboundInterfacesFor(p.Zone, pod, services) - if err != nil { - return nil, errors.Wrap(err, "could not generate inbound interfaces") - } - if len(ifaces) != 1 { - return nil, errors.Errorf("generated %d inbound interfaces, expected 1. Interfaces: %v", len(ifaces), ifaces) - } - - return &mesh_proto.Dataplane{ - Networking: &mesh_proto.Dataplane_Networking{ - Ingress: &mesh_proto.Dataplane_Networking_Ingress{}, - Address: pod.Status.PodIP, - Inbound: ifaces, - }, - }, nil -} - func GatewayFor(clusterName string, pod *kube_core.Pod, services []*kube_core.Service) (*mesh_proto.Dataplane_Networking_Gateway, error) { interfaces, err := InboundInterfacesFor(clusterName, pod, services) if err != nil { diff --git a/pkg/plugins/runtime/k8s/controllers/pod_converter_test.go b/pkg/plugins/runtime/k8s/controllers/pod_converter_test.go index 9a910376b8ee..45e893a325e8 100644 --- a/pkg/plugins/runtime/k8s/controllers/pod_converter_test.go +++ b/pkg/plugins/runtime/k8s/controllers/pod_converter_test.go @@ -103,6 +103,7 @@ var _ = Describe("PodToDataplane(..)", func() { servicesForPod string otherDataplanes string otherServices string + node string dataplane string } DescribeTable("should convert Pod into a Dataplane YAML version", @@ -130,7 +131,7 @@ var _ = Describe("PodToDataplane(..)", func() { YAMLs := util_yaml.SplitYAML(string(bytes)) services, err := ParseServices(YAMLs) Expect(err).ToNot(HaveOccurred()) - reader, err := newFakeReader(services) + reader, err := newFakeServiceReader(services) Expect(err).ToNot(HaveOccurred()) serviceGetter = reader } @@ -223,6 +224,84 @@ var _ = Describe("PodToDataplane(..)", func() { }), ) + DescribeTable("should convert Pod into a Dataplane YAML version", + func(given testCase) { + // given + // pod + pod := &kube_core.Pod{} + bytes, err := ioutil.ReadFile(filepath.Join("testdata", "ingress", given.pod)) + Expect(err).ToNot(HaveOccurred()) + err = yaml.Unmarshal(bytes, pod) + Expect(err).ToNot(HaveOccurred()) + + // services for pod + bytes, err = ioutil.ReadFile(filepath.Join("testdata", "ingress", given.servicesForPod)) + Expect(err).ToNot(HaveOccurred()) + YAMLs := util_yaml.SplitYAML(string(bytes)) + services, err := ParseServices(YAMLs) + Expect(err).ToNot(HaveOccurred()) + + // node + var nodeGetter kube_client.Reader + if given.node != "" { + bytes, err = ioutil.ReadFile(filepath.Join("testdata", "ingress", given.node)) + Expect(err).ToNot(HaveOccurred()) + nodeGetter = fakeNodeReader(bytes) + } + + converter := PodConverter{ + ServiceGetter: nil, + NodeGetter: nodeGetter, + Zone: "zone-1", + } + + // when + dataplane := &mesh_k8s.Dataplane{} + err = converter.PodToIngress(dataplane, pod, services) + + // then + Expect(err).ToNot(HaveOccurred()) + + actual, err := json.Marshal(dataplane) + Expect(err).ToNot(HaveOccurred()) + expected, err := ioutil.ReadFile(filepath.Join("testdata", "ingress", given.dataplane)) + Expect(err).ToNot(HaveOccurred()) + Expect(actual).To(MatchYAML(expected)) + }, + Entry("01. Ingress with load balancer service and hostname", testCase{ // AWS use case + pod: "01.pod.yaml", + servicesForPod: "01.services-for-pod.yaml", + dataplane: "01.dataplane.yaml", + }), + Entry("02. Ingress with load balancer and ip", testCase{ // GCP use case + pod: "02.pod.yaml", + servicesForPod: "02.services-for-pod.yaml", + dataplane: "02.dataplane.yaml", + }), + Entry("03. Ingress with load balancer without public ip", testCase{ + pod: "03.pod.yaml", + servicesForPod: "03.services-for-pod.yaml", + dataplane: "03.dataplane.yaml", + }), + Entry("04. Ingress with node port external IP", testCase{ // Real deployment use case + pod: "04.pod.yaml", + servicesForPod: "04.services-for-pod.yaml", + dataplane: "04.dataplane.yaml", + node: "04.node.yaml", + }), + Entry("05. Ingress with node port internal IP", testCase{ // KIND / Minikube use case + pod: "05.pod.yaml", + servicesForPod: "05.services-for-pod.yaml", + dataplane: "05.dataplane.yaml", + node: "05.node.yaml", + }), + Entry("06. Ingress with annotations override", testCase{ + pod: "06.pod.yaml", + servicesForPod: "06.services-for-pod.yaml", + dataplane: "06.dataplane.yaml", + }), + ) + Context("when Dataplane cannot be generated", func() { type testCase struct { pod string @@ -569,9 +648,9 @@ var _ = Describe("ProtocolTagFor(..)", func() { ) }) -type fakeReader map[string]string +type fakeServiceReader map[string]string -func newFakeReader(services []*kube_core.Service) (fakeReader, error) { +func newFakeServiceReader(services []*kube_core.Service) (fakeServiceReader, error) { servicesMap := map[string]string{} for _, service := range services { bytes, err := yaml.Marshal(service) @@ -583,9 +662,9 @@ func newFakeReader(services []*kube_core.Service) (fakeReader, error) { return servicesMap, nil } -var _ kube_client.Reader = fakeReader{} +var _ kube_client.Reader = fakeServiceReader{} -func (r fakeReader) Get(ctx context.Context, key kube_client.ObjectKey, obj kube_runtime.Object) error { +func (r fakeServiceReader) Get(ctx context.Context, key kube_client.ObjectKey, obj kube_runtime.Object) error { data, ok := r[fmt.Sprintf("%s/%s", key.Namespace, key.Name)] if !ok { return errors.New("not found") @@ -593,6 +672,23 @@ func (r fakeReader) Get(ctx context.Context, key kube_client.ObjectKey, obj kube return yaml.Unmarshal([]byte(data), obj) } -func (f fakeReader) List(ctx context.Context, list kube_runtime.Object, opts ...kube_client.ListOption) error { +func (f fakeServiceReader) List(ctx context.Context, list kube_runtime.Object, opts ...kube_client.ListOption) error { return errors.New("not implemented") } + +type fakeNodeReader string + +func (r fakeNodeReader) Get(ctx context.Context, key kube_client.ObjectKey, obj kube_runtime.Object) error { + return errors.New("not implemented") +} + +func (f fakeNodeReader) List(ctx context.Context, list kube_runtime.Object, opts ...kube_client.ListOption) error { + node := kube_core.Node{} + err := yaml.Unmarshal([]byte(f), &node) + if err != nil { + return err + } + l := list.(*kube_core.NodeList) + l.Items = append(l.Items, node) + return nil +} diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.dataplane.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.dataplane.yaml new file mode 100644 index 000000000000..cdd6bbf2a357 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.dataplane.yaml @@ -0,0 +1,16 @@ +mesh: default +metadata: + creationTimestamp: null +spec: + networking: + address: 192.168.0.1 + inbound: + - port: 10001 + tags: + app: kuma-ingress + kuma.io/protocol: tcp + kuma.io/service: kuma-ingress_kuma-system_svc_10001 + kuma.io/zone: zone-1 + ingress: + publicAddress: kuma-ingress.com + publicPort: 10001 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.pod.yaml new file mode 100644 index 000000000000..3e169b57a4c7 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.pod.yaml @@ -0,0 +1,13 @@ +metadata: + namespace: kuma-system + name: kuma-ingress + labels: + app: kuma-ingress + annotations: + kuma.io/ingress: enabled +spec: + containers: + - ports: + - containerPort: 10001 +status: + podIP: 192.168.0.1 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.services-for-pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.services-for-pod.yaml new file mode 100644 index 000000000000..6fe389206646 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/01.services-for-pod.yaml @@ -0,0 +1,15 @@ +--- +metadata: + namespace: kuma-system + name: kuma-ingress +spec: + type: LoadBalancer + ports: + - port: 10001 + targetPort: 10001 + selector: + app: kuma-ingress +status: + loadBalancer: + ingress: + - hostname: "kuma-ingress.com" diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.dataplane.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.dataplane.yaml new file mode 100644 index 000000000000..ef8199ed827b --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.dataplane.yaml @@ -0,0 +1,16 @@ +mesh: default +metadata: + creationTimestamp: null +spec: + networking: + address: 192.168.0.1 + inbound: + - port: 10001 + tags: + app: kuma-ingress + kuma.io/protocol: tcp + kuma.io/service: kuma-ingress_kuma-system_svc_10001 + kuma.io/zone: zone-1 + ingress: + publicAddress: 192.168.100.1 + publicPort: 10001 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.pod.yaml new file mode 100644 index 000000000000..3e169b57a4c7 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.pod.yaml @@ -0,0 +1,13 @@ +metadata: + namespace: kuma-system + name: kuma-ingress + labels: + app: kuma-ingress + annotations: + kuma.io/ingress: enabled +spec: + containers: + - ports: + - containerPort: 10001 +status: + podIP: 192.168.0.1 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.services-for-pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.services-for-pod.yaml new file mode 100644 index 000000000000..5094495da5c3 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/02.services-for-pod.yaml @@ -0,0 +1,15 @@ +--- +metadata: + namespace: kuma-system + name: kuma-ingress +spec: + type: LoadBalancer + ports: + - port: 10001 + targetPort: 10001 + selector: + app: kuma-ingress +status: + loadBalancer: + ingress: + - ip: 192.168.100.1 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.dataplane.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.dataplane.yaml new file mode 100644 index 000000000000..91aa67cb5e2c --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.dataplane.yaml @@ -0,0 +1,14 @@ +mesh: default +metadata: + creationTimestamp: null +spec: + networking: + address: 192.168.0.1 + inbound: + - port: 10001 + tags: + app: kuma-ingress + kuma.io/protocol: tcp + kuma.io/service: kuma-ingress_kuma-system_svc_10001 + kuma.io/zone: zone-1 + ingress: {} diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.pod.yaml new file mode 100644 index 000000000000..3e169b57a4c7 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.pod.yaml @@ -0,0 +1,13 @@ +metadata: + namespace: kuma-system + name: kuma-ingress + labels: + app: kuma-ingress + annotations: + kuma.io/ingress: enabled +spec: + containers: + - ports: + - containerPort: 10001 +status: + podIP: 192.168.0.1 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.services-for-pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.services-for-pod.yaml new file mode 100644 index 000000000000..92c5f762d7af --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/03.services-for-pod.yaml @@ -0,0 +1,11 @@ +--- +metadata: + namespace: kuma-system + name: kuma-ingress +spec: + type: LoadBalancer + ports: + - port: 10001 + targetPort: 10001 + selector: + app: kuma-ingress diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.dataplane.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.dataplane.yaml new file mode 100644 index 000000000000..304ef417e9b9 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.dataplane.yaml @@ -0,0 +1,16 @@ +mesh: default +metadata: + creationTimestamp: null +spec: + networking: + address: 192.168.0.1 + inbound: + - port: 10001 + tags: + app: kuma-ingress + kuma.io/protocol: tcp + kuma.io/service: kuma-ingress_kuma-system_svc_10001 + kuma.io/zone: zone-1 + ingress: + publicAddress: 34.72.129.131 + publicPort: 12345 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.node.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.node.yaml new file mode 100644 index 000000000000..c734059a3adf --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.node.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Node +metadata: + name: sample-node +status: + addresses: + - address: 10.128.15.193 + type: InternalIP + - address: 34.72.129.131 + type: ExternalIP diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.pod.yaml new file mode 100644 index 000000000000..3e169b57a4c7 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.pod.yaml @@ -0,0 +1,13 @@ +metadata: + namespace: kuma-system + name: kuma-ingress + labels: + app: kuma-ingress + annotations: + kuma.io/ingress: enabled +spec: + containers: + - ports: + - containerPort: 10001 +status: + podIP: 192.168.0.1 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.services-for-pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.services-for-pod.yaml new file mode 100644 index 000000000000..c18b60526d72 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/04.services-for-pod.yaml @@ -0,0 +1,12 @@ +--- +metadata: + namespace: kuma-system + name: kuma-ingress +spec: + type: NodePort + ports: + - port: 10001 + targetPort: 10001 + nodePort: 12345 + selector: + app: kuma-ingress diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.dataplane.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.dataplane.yaml new file mode 100644 index 000000000000..046ed3795378 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.dataplane.yaml @@ -0,0 +1,16 @@ +mesh: default +metadata: + creationTimestamp: null +spec: + networking: + address: 192.168.0.1 + inbound: + - port: 10001 + tags: + app: kuma-ingress + kuma.io/protocol: tcp + kuma.io/service: kuma-ingress_kuma-system_svc_10001 + kuma.io/zone: zone-1 + ingress: + publicAddress: 10.128.15.193 + publicPort: 12345 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.node.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.node.yaml new file mode 100644 index 000000000000..bdb9e22d8f17 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.node.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Node +metadata: + name: sample-node +status: + addresses: + - address: 10.128.15.193 + type: InternalIP diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.pod.yaml new file mode 100644 index 000000000000..3e169b57a4c7 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.pod.yaml @@ -0,0 +1,13 @@ +metadata: + namespace: kuma-system + name: kuma-ingress + labels: + app: kuma-ingress + annotations: + kuma.io/ingress: enabled +spec: + containers: + - ports: + - containerPort: 10001 +status: + podIP: 192.168.0.1 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.services-for-pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.services-for-pod.yaml new file mode 100644 index 000000000000..c18b60526d72 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/05.services-for-pod.yaml @@ -0,0 +1,12 @@ +--- +metadata: + namespace: kuma-system + name: kuma-ingress +spec: + type: NodePort + ports: + - port: 10001 + targetPort: 10001 + nodePort: 12345 + selector: + app: kuma-ingress diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.dataplane.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.dataplane.yaml new file mode 100644 index 000000000000..e2c72a7da8ca --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.dataplane.yaml @@ -0,0 +1,16 @@ +mesh: default +metadata: + creationTimestamp: null +spec: + networking: + address: 192.168.0.1 + inbound: + - port: 10001 + tags: + app: kuma-ingress + kuma.io/protocol: tcp + kuma.io/service: kuma-ingress_kuma-system_svc_10001 + kuma.io/zone: zone-1 + ingress: + publicAddress: custom-address.com + publicPort: 1234 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.pod.yaml new file mode 100644 index 000000000000..d90abc2d49d1 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.pod.yaml @@ -0,0 +1,15 @@ +metadata: + namespace: kuma-system + name: kuma-ingress + labels: + app: kuma-ingress + annotations: + kuma.io/ingress: enabled + kuma.io/ingress-public-address: custom-address.com + kuma.io/ingress-public-port: 1234 +spec: + containers: + - ports: + - containerPort: 10001 +status: + podIP: 192.168.0.1 diff --git a/pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.services-for-pod.yaml b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.services-for-pod.yaml new file mode 100644 index 000000000000..6fe389206646 --- /dev/null +++ b/pkg/plugins/runtime/k8s/controllers/testdata/ingress/06.services-for-pod.yaml @@ -0,0 +1,15 @@ +--- +metadata: + namespace: kuma-system + name: kuma-ingress +spec: + type: LoadBalancer + ports: + - port: 10001 + targetPort: 10001 + selector: + app: kuma-ingress +status: + loadBalancer: + ingress: + - hostname: "kuma-ingress.com" diff --git a/pkg/plugins/runtime/k8s/metadata/annotations.go b/pkg/plugins/runtime/k8s/metadata/annotations.go index e13b7cfa6b47..caeb71a1bca0 100644 --- a/pkg/plugins/runtime/k8s/metadata/annotations.go +++ b/pkg/plugins/runtime/k8s/metadata/annotations.go @@ -25,6 +25,14 @@ const ( // which is crucial for Multicluster communication KumaIngressAnnotation = "kuma.io/ingress" + // KumaIngressPublicAddressAnnotation allows to pick public address for Ingress + // If not defined, Kuma will try to pick this address from the Ingress Service + KumaIngressPublicAddressAnnotation = "kuma.io/ingress-public-address" + + // KumaIngressPublicPortAnnotation allows to pick public port for Ingress + // If not defined, Kuma will try to pick this address from the Ingress Service + KumaIngressPublicPortAnnotation = "kuma.io/ingress-public-port" + // KumaDirectAccess defines a comma-separated list of Services that will be accessed directly KumaDirectAccess = "kuma.io/direct-access-services" diff --git a/pkg/plugins/runtime/k8s/plugin.go b/pkg/plugins/runtime/k8s/plugin.go index 7f7bb949456f..240574064e7d 100644 --- a/pkg/plugins/runtime/k8s/plugin.go +++ b/pkg/plugins/runtime/k8s/plugin.go @@ -111,6 +111,7 @@ func addPodReconciler(mgr kube_ctrl.Manager, rt core_runtime.Runtime) error { Log: core.Log.WithName("controllers").WithName("Pod"), PodConverter: controllers.PodConverter{ ServiceGetter: mgr.GetClient(), + NodeGetter: mgr.GetClient(), Zone: rt.Config().Multicluster.Remote.Zone, }, SystemNamespace: rt.Config().Store.Kubernetes.SystemNamespace, diff --git a/pkg/xds/topology/dataplanes.go b/pkg/xds/topology/dataplanes.go index a0ef64e9e611..c3dd9f1fa8f8 100644 --- a/pkg/xds/topology/dataplanes.go +++ b/pkg/xds/topology/dataplanes.go @@ -46,12 +46,31 @@ func ResolveAddress(lookupIPFunc lookup.LookupIPFunc, dataplane *core_mesh.Datap return nil } +func ResolveIngressPublicAddress(lookupIPFunc lookup.LookupIPFunc, dataplane *core_mesh.DataplaneResource) error { + ips, err := lookupIPFunc(dataplane.Spec.Networking.Ingress.PublicAddress) + if err != nil { + return err + } + if len(ips) == 0 { + return errors.Errorf("can't resolve address %v", dataplane.Spec.Networking.Ingress.PublicAddress) + } + dataplane.Spec.Networking.Ingress.PublicAddress = ips[0].String() + return nil +} + func ResolveAddresses(log logr.Logger, lookupIPFunc lookup.LookupIPFunc, dataplanes []*core_mesh.DataplaneResource) []*core_mesh.DataplaneResource { rv := []*core_mesh.DataplaneResource{} for _, d := range dataplanes { - if err := ResolveAddress(lookupIPFunc, d); err != nil { - log.Error(err, "failed to resolve dataplane's domain name, skipping dataplane") - continue + if d.Spec.IsIngress() { + if err := ResolveIngressPublicAddress(lookupIPFunc, d); err != nil { + log.Error(err, "failed to resolve ingress's public name, skipping dataplane") + continue + } + } else { + if err := ResolveAddress(lookupIPFunc, d); err != nil { + log.Error(err, "failed to resolve dataplane's domain name, skipping dataplane") + continue + } } rv = append(rv, d) } diff --git a/pkg/xds/topology/outbound.go b/pkg/xds/topology/outbound.go index e7a03d7320d9..974c5f8bc481 100644 --- a/pkg/xds/topology/outbound.go +++ b/pkg/xds/topology/outbound.go @@ -15,15 +15,17 @@ func BuildEndpointMap( ) core_xds.EndpointMap { outbound := core_xds.EndpointMap{} for _, dataplane := range dataplanes { - if dataplane.Spec.IsIngress() && dataplane.Spec.IsRemoteIngress(zone) && mesh.MTLSEnabled() { + // Ingress routes the request by TLS SNI, therefore for cross cluster communication MTLS is required + // We ignore Ingress from endpoints if MTLS is disabled, otherwise we would fail anyway. + if dataplane.Spec.IsIngress() && dataplane.Spec.IsRemoteIngress(zone) && mesh.MTLSEnabled() && dataplane.Spec.HasPublicAddress() { for _, ingress := range dataplane.Spec.Networking.GetIngress().GetAvailableServices() { if ingress.Mesh != mesh.GetMeta().GetName() { continue } service := ingress.Tags[mesh_proto.ServiceTag] outbound[service] = append(outbound[service], core_xds.Endpoint{ - Target: dataplane.Spec.Networking.Address, - Port: dataplane.Spec.Networking.Inbound[0].Port, + Target: dataplane.Spec.Networking.Ingress.PublicAddress, + Port: dataplane.Spec.Networking.Ingress.PublicPort, Tags: ingress.Tags, Weight: ingress.Instances, }) diff --git a/pkg/xds/topology/outbound_test.go b/pkg/xds/topology/outbound_test.go index 33101c6a57f4..4c5f53370e4a 100644 --- a/pkg/xds/topology/outbound_test.go +++ b/pkg/xds/topology/outbound_test.go @@ -259,6 +259,8 @@ var _ = Describe("TrafficRoute", func() { }, }, Ingress: &mesh_proto.Dataplane_Networking_Ingress{ + PublicAddress: "192.168.0.100", + PublicPort: 12345, AvailableServices: []*mesh_proto.Dataplane_Networking_Ingress_AvailableService{ { Instances: 2, @@ -286,14 +288,14 @@ var _ = Describe("TrafficRoute", func() { Weight: 1, }, { - Target: "10.20.1.2", - Port: 10001, + Target: "192.168.0.100", + Port: 12345, Tags: map[string]string{"kuma.io/service": "redis", "version": "v2", "region": "eu"}, Weight: 2, }, { - Target: "10.20.1.2", - Port: 10001, + Target: "192.168.0.100", + Port: 12345, Tags: map[string]string{"kuma.io/service": "redis", "version": "v3"}, Weight: 3, }, @@ -328,6 +330,8 @@ var _ = Describe("TrafficRoute", func() { }, }, Ingress: &mesh_proto.Dataplane_Networking_Ingress{ + PublicAddress: "192.168.0.100", + PublicPort: 12345, AvailableServices: []*mesh_proto.Dataplane_Networking_Ingress_AvailableService{ { Instances: 2, @@ -355,8 +359,8 @@ var _ = Describe("TrafficRoute", func() { Weight: 1, }, { - Target: "10.20.1.2", - Port: 10001, + Target: "192.168.0.100", + Port: 12345, Tags: map[string]string{"kuma.io/service": "redis", "version": "v2", "region": "eu"}, Weight: 2, }, diff --git a/test/e2e/kuma_deploy_global_remote_test.go b/test/e2e/kuma_deploy_global_remote_test.go index f8764dff1f24..4f93ecb47b0a 100644 --- a/test/e2e/kuma_deploy_global_remote_test.go +++ b/test/e2e/kuma_deploy_global_remote_test.go @@ -83,12 +83,6 @@ metadata: // then Expect(err).ToNot(HaveOccurred()) - err = k8s.KubectlApplyFromStringE(c1.GetTesting(), c1.GetKubectlOptions(), - fmt.Sprintf(ZoneTemplateK8s, - remote.GetName(), - remote.GetIngressAddress())) - Expect(err).ToNot(HaveOccurred()) - // then logs1, err := global.GetKumaCPLogs() Expect(err).ToNot(HaveOccurred()) @@ -131,15 +125,13 @@ metadata: }, time.Minute, DefaultTimeout).Should(BeTrue()) // then remote is online - found := false + active := true for _, cluster := range clustersStatus { - if cluster.Address == remote.GetIngressAddress() { - Expect(cluster.Active).To(BeTrue()) - found = true - break + if !cluster.Active { + active = false } } - Expect(found).To(BeTrue()) + Expect(active).To(BeTrue()) // and dataplanes are synced to global Eventually(func() string { diff --git a/test/e2e/kuma_deploy_hybrid_kube_global_test.go b/test/e2e/kuma_deploy_hybrid_kube_global_test.go index bda40b9c21f2..36b600a394d0 100644 --- a/test/e2e/kuma_deploy_hybrid_kube_global_test.go +++ b/test/e2e/kuma_deploy_hybrid_kube_global_test.go @@ -1,10 +1,8 @@ package e2e import ( - "fmt" "strings" - "github.com/gruntwork-io/terratest/modules/k8s" "github.com/gruntwork-io/terratest/modules/retry" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -64,13 +62,6 @@ var _ = Describe("Test Kubernetes/Universal deployment when Global is on K8S", f Expect(err).ToNot(HaveOccurred()) err = remoteCluster.VerifyKuma() Expect(err).ToNot(HaveOccurred()) - - // connect Remote with Global - err = k8s.KubectlApplyFromStringE(globalCluster.GetTesting(), globalCluster.GetKubectlOptions(), - fmt.Sprintf(ZoneTemplateK8s, - Kuma3, - remoteCluster.GetKuma().GetIngressAddress())) - Expect(err).ToNot(HaveOccurred()) }) AfterEach(func() { diff --git a/test/e2e/kuma_deploy_hybrid_test.go b/test/e2e/kuma_deploy_hybrid_test.go index 487fd9543fc5..8bd8526a2012 100644 --- a/test/e2e/kuma_deploy_hybrid_test.go +++ b/test/e2e/kuma_deploy_hybrid_test.go @@ -161,35 +161,6 @@ metadata: err = remote_4.VerifyKuma() Expect(err).ToNot(HaveOccurred()) - remote_1CP := remote_1.GetKuma() - remote_2CP := remote_2.GetKuma() - remote_3CP := remote_3.GetKuma() - remote_4CP := remote_4.GetKuma() - - err = global.GetKumactlOptions().KumactlApplyFromString( - fmt.Sprintf(ZoneTemplateUniversal, - remote_1CP.GetName(), - remote_1CP.GetIngressAddress())) - Expect(err).ToNot(HaveOccurred()) - - err = global.GetKumactlOptions().KumactlApplyFromString( - fmt.Sprintf(ZoneTemplateUniversal, - remote_2CP.GetName(), - remote_2CP.GetIngressAddress())) - Expect(err).ToNot(HaveOccurred()) - - err = global.GetKumactlOptions().KumactlApplyFromString( - fmt.Sprintf(ZoneTemplateUniversal, - Kuma3, - remote_3CP.GetIngressAddress())) - Expect(err).ToNot(HaveOccurred()) - - err = global.GetKumactlOptions().KumactlApplyFromString( - fmt.Sprintf(ZoneTemplateUniversal, - Kuma4, - remote_4CP.GetIngressAddress())) - Expect(err).ToNot(HaveOccurred()) - err = YamlUniversal(meshDefaulMtlsOn)(global) Expect(err).ToNot(HaveOccurred()) diff --git a/test/e2e/kuma_deploy_universal_test.go b/test/e2e/kuma_deploy_universal_test.go index 50a858773752..2ca17769b66b 100644 --- a/test/e2e/kuma_deploy_universal_test.go +++ b/test/e2e/kuma_deploy_universal_test.go @@ -1,7 +1,6 @@ package e2e_test import ( - "fmt" "strings" "github.com/kumahq/kuma/pkg/config/core" @@ -96,17 +95,6 @@ destinations: err = remote_2.VerifyKuma() Expect(err).ToNot(HaveOccurred()) - remote_1CP := remote_1.GetKuma() - remote_2CP := remote_2.GetKuma() - - err = global.GetKumactlOptions().KumactlApplyFromString( - fmt.Sprintf(ZoneTemplateUniversal, Kuma2, remote_1CP.GetIngressAddress())) - Expect(err).ToNot(HaveOccurred()) - - err = global.GetKumactlOptions().KumactlApplyFromString( - fmt.Sprintf(ZoneTemplateUniversal, Kuma3, remote_2CP.GetIngressAddress())) - Expect(err).ToNot(HaveOccurred()) - err = YamlUniversal(meshDefaulMtlsOn)(global) Expect(err).ToNot(HaveOccurred()) diff --git a/test/e2e/kuma_helm_deploy_global_remote_test.go b/test/e2e/kuma_helm_deploy_global_remote_test.go index cd0cb1d13a58..d561d3fc4e97 100644 --- a/test/e2e/kuma_helm_deploy_global_remote_test.go +++ b/test/e2e/kuma_helm_deploy_global_remote_test.go @@ -98,12 +98,6 @@ metadata: // then Expect(err).ToNot(HaveOccurred()) - err = k8s.KubectlApplyFromStringE(c1.GetTesting(), c1.GetKubectlOptions(), - fmt.Sprintf(ZoneTemplateK8s, - remote.GetName(), - remote.GetIngressAddress())) - Expect(err).ToNot(HaveOccurred()) - // then logs1, err := global.GetKumaCPLogs() Expect(err).ToNot(HaveOccurred()) @@ -144,15 +138,13 @@ metadata: }, time.Minute, DefaultTimeout).Should(BeTrue()) // then - found := false + active := true for _, cluster := range clustersStatus { - if cluster.Address == remote.GetIngressAddress() { - Expect(cluster.Active).To(BeTrue()) - found = true - break + if !cluster.Active { + active = false } } - Expect(found).To(BeTrue()) + Expect(active).To(BeTrue()) // and dataplanes are synced to global Eventually(func() string { diff --git a/test/framework/constants.go b/test/framework/constants.go index 92f1e441251b..f396be96f92b 100644 --- a/test/framework/constants.go +++ b/test/framework/constants.go @@ -20,24 +20,6 @@ const ( KumaUniversalImage = "kuma-universal" kdsPort = 30685 - - ZoneTemplateK8s = ` -apiVersion: kuma.io/v1alpha1 -kind: Zone -mesh: default -metadata: - name: %s -spec: - ingress: - address: %s -` - ZoneTemplateUniversal = ` -type: Zone -mesh: default -name: %s -ingress: - address: %s -` ) const ( diff --git a/test/framework/interface.go b/test/framework/interface.go index a3ebe0309adb..a283e4ca8da0 100644 --- a/test/framework/interface.go +++ b/test/framework/interface.go @@ -125,7 +125,6 @@ type ControlPlane interface { GetName() string GetKumaCPLogs() (string, error) GetKDSServerAddress() string - GetIngressAddress() string GetGlobaStatusAPI() string GenerateDpToken(appname string) (string, error) } diff --git a/test/framework/k8s_controlplane.go b/test/framework/k8s_controlplane.go index 408cdd8a14ee..a1b50594afbd 100644 --- a/test/framework/k8s_controlplane.go +++ b/test/framework/k8s_controlplane.go @@ -1,7 +1,6 @@ package framework import ( - "context" "crypto/tls" "fmt" "net/http" @@ -205,32 +204,6 @@ func (c *K8sControlPlane) GetKDSServerAddress() string { return "grpcs://" + pod.Status.HostIP + ":" + strconv.FormatUint(uint64(kdsPort), 10) } -func (c *K8sControlPlane) GetIngressAddress() string { - ctx := context.Background() - cs, err := k8s.GetKubernetesClientFromOptionsE(c.t, c.GetKubectlOptions()) - if err != nil { - return "invalid" - } - ingressSvc, err := cs.CoreV1().Services(KumaNamespace).Get(ctx, "kuma-ingress", metav1.GetOptions{}) - if err != nil { - return "invalid" - } - port := ingressSvc.Spec.Ports[0].NodePort - - nodes, err := cs.CoreV1().Nodes().List(ctx, metav1.ListOptions{}) - if err != nil { - return "invalid" - } - // assume that we have single node cluster - for _, addr := range nodes.Items[0].Status.Addresses { - if addr.Type == v1.NodeInternalIP { - return addr.Address + ":" + strconv.Itoa(int(port)) - } - } - - return "invalid" -} - func (c *K8sControlPlane) GetGlobaStatusAPI() string { return "http://localhost:" + strconv.FormatUint(uint64(c.portFwd.localAPIPort), 10) + "/status/zones" } diff --git a/test/framework/setup.go b/test/framework/setup.go index dd2c95ad45e9..674b18b14f78 100644 --- a/test/framework/setup.go +++ b/test/framework/setup.go @@ -157,7 +157,8 @@ func IngressUniversal(token string) InstallFunc { } uniCluster.apps[AppIngress] = app - dpyaml := fmt.Sprintf(IngressDataplane, kdsPort) + publicAddress := uniCluster.apps[AppIngress].ip + dpyaml := fmt.Sprintf(IngressDataplane, publicAddress, kdsPort, kdsPort) return uniCluster.CreateDP(app, "ingress", app.ip, dpyaml, token) } } diff --git a/test/framework/universal_app.go b/test/framework/universal_app.go index 5c08bcf128f1..a8611888554d 100644 --- a/test/framework/universal_app.go +++ b/test/framework/universal_app.go @@ -33,9 +33,11 @@ mesh: default name: dp-ingress networking: address: {{ address }} - ingress: {} + ingress: + publicAddress: %s + publicPort: %d inbound: - - port: %d + - port: %d tags: kuma.io/service: ingress ` diff --git a/test/framework/universal_controlplane.go b/test/framework/universal_controlplane.go index 07936bfa52ab..efbe86c766e9 100644 --- a/test/framework/universal_controlplane.go +++ b/test/framework/universal_controlplane.go @@ -2,7 +2,6 @@ package framework import ( "fmt" - "strconv" "github.com/gruntwork-io/terratest/modules/retry" "github.com/pkg/errors" @@ -49,10 +48,6 @@ func (c *UniversalControlPlane) GetKDSServerAddress() string { return "grpcs://" + c.cluster.apps[AppModeCP].ip + ":5685" } -func (c *UniversalControlPlane) GetIngressAddress() string { - return c.cluster.apps[AppIngress].ip + ":" + strconv.FormatUint(uint64(kdsPort), 10) -} - func (c *UniversalControlPlane) GetGlobaStatusAPI() string { panic("not implemented") } From a94960260efac9d184e84f4ba1b8e34c9dffdd12 Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Mon, 2 Nov 2020 11:31:33 +0100 Subject: [PATCH 2/5] remove ingress from API Signed-off-by: Jakub Dyszkiewicz --- pkg/api-server/zones_ws.go | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/pkg/api-server/zones_ws.go b/pkg/api-server/zones_ws.go index 2fe66b71918a..49f36f8ace70 100644 --- a/pkg/api-server/zones_ws.go +++ b/pkg/api-server/zones_ws.go @@ -13,9 +13,8 @@ import ( ) type Zone struct { - Name string `json:"name"` - Address string `json:"url"` - Active bool `json:"active"` + Name string `json:"name"` + Active bool `json:"active"` } type Zones []Zone @@ -54,9 +53,8 @@ func toZones(rlist system.ZoneOverviewResourceList) Zones { var zones Zones for _, overview := range rlist.Items { zones = append(zones, Zone{ - Name: overview.GetMeta().GetName(), - Address: "", // todo remove? - Active: overview.Spec.ZoneInsight.IsOnline(), + Name: overview.GetMeta().GetName(), + Active: overview.Spec.ZoneInsight.IsOnline(), }) } return zones From 57da097ec77f6a6c4e3849e790738756269cdd8e Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Mon, 2 Nov 2020 17:56:16 +0100 Subject: [PATCH 3/5] resolve ingress adress only when needed Signed-off-by: Jakub Dyszkiewicz --- pkg/config/app/kuma-cp/kuma-cp.defaults.yaml | 2 +- pkg/xds/topology/dataplanes.go | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/pkg/config/app/kuma-cp/kuma-cp.defaults.yaml b/pkg/config/app/kuma-cp/kuma-cp.defaults.yaml index bd615b2f881a..5a5f89a90ad9 100644 --- a/pkg/config/app/kuma-cp/kuma-cp.defaults.yaml +++ b/pkg/config/app/kuma-cp/kuma-cp.defaults.yaml @@ -94,7 +94,7 @@ apiServer: # Network interface on which HTTP API Server will be exposed interface: 0.0.0.0 # ENV: KUMA_API_SERVER_HTTP_INTERFACE # Port of the API Server - port: 5681 # ENV: KUMA_API_SERVER_PORT + port: 5681 # ENV: KUMA_API_SERVER_HTTP_PORT # HTTPS configuration of the API Server https: # If true then API Server will be served on HTTPS diff --git a/pkg/xds/topology/dataplanes.go b/pkg/xds/topology/dataplanes.go index c3dd9f1fa8f8..6ab05960c6b8 100644 --- a/pkg/xds/topology/dataplanes.go +++ b/pkg/xds/topology/dataplanes.go @@ -47,6 +47,9 @@ func ResolveAddress(lookupIPFunc lookup.LookupIPFunc, dataplane *core_mesh.Datap } func ResolveIngressPublicAddress(lookupIPFunc lookup.LookupIPFunc, dataplane *core_mesh.DataplaneResource) error { + if dataplane.Spec.Networking.Ingress.PublicAddress == "" { // Ingress may not have public address yet. + return nil + } ips, err := lookupIPFunc(dataplane.Spec.Networking.Ingress.PublicAddress) if err != nil { return err From 1192f325cf65fc74f312a8022fc9d0ac54e50f2f Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Mon, 2 Nov 2020 20:22:50 +0100 Subject: [PATCH 4/5] adjust loadbalancing to many instances of one ingress Signed-off-by: Jakub Dyszkiewicz --- pkg/xds/topology/outbound.go | 121 +++++++++++++++++++++--------- pkg/xds/topology/outbound_test.go | 92 ++++++++++++++++++++--- 2 files changed, 167 insertions(+), 46 deletions(-) diff --git a/pkg/xds/topology/outbound.go b/pkg/xds/topology/outbound.go index ba684367dae8..330fca410f65 100644 --- a/pkg/xds/topology/outbound.go +++ b/pkg/xds/topology/outbound.go @@ -1,6 +1,8 @@ package topology import ( + "fmt" + mesh_proto "github.com/kumahq/kuma/api/mesh/v1alpha1" mesh_core "github.com/kumahq/kuma/pkg/core/resources/apis/mesh" core_xds "github.com/kumahq/kuma/pkg/core/xds" @@ -22,49 +24,100 @@ func BuildEndpointMap( externalServices []*mesh_core.ExternalServiceResource, ) core_xds.EndpointMap { outbound := core_xds.EndpointMap{} + ingressInstances := fillIngressOutbounds(outbound, dataplanes, zone, mesh) + endpointWeight := uint32(1) + if ingressInstances > 0 { + endpointWeight = ingressInstances + } + fillDataplaneOutbounds(outbound, dataplanes, mesh, endpointWeight) + fillExternalServicesOutbounds(outbound, externalServices, mesh) + return outbound +} + +// endpointWeight defines default weight for in-cluster endpoint. +// Examples of having service "backend": +// 1) Standalone deployment, 2 instances in one cluster (zone1) +// All endpoints have to have the same weight (ex. 1) to achieve fair loadbalancing. +// Endpoints: +// * backend-zone1-1 - weight: 1 +// * backend-zone1-2 - weight: 1 +// 2) Multi-zone deployment, 2 instances in "zone1" (local zone), 3 instances in "zone2" (remote zone) with 1 Ingress instance +// Endpoints: +// * backend-zone1-1 - weight: 1 +// * backend-zone1-2 - weight: 1 +// * ingress-zone2-1 - weight: 3 (all remote endpoints are aggregated to one Ingress, it needs to have weight of instances in other cluster) +// 3) Multi-zone deployment, 2 instances in "zone1" (local zone), 2 instances in "zone2" (remote zone) with 1 Ingress instance +// Many instances of Ingress will forward the traffic to the same endpoints in "zone2" so we need to lower the weights. +// Since weights are integers, we cannot put fractional on ingress endpoints weights, we need to adjust "default" weight for local zone +// Endpoints: +// * backend-zone1-1 - weight: 2 +// * backend-zone1-2 - weight: 2 +// * ingress-zone2-1 - weight: 3 +// * ingress-zone2-2 - weight: 3 +func fillDataplaneOutbounds(outbound core_xds.EndpointMap, dataplanes []*mesh_core.DataplaneResource, mesh *mesh_core.MeshResource, endpointWeight uint32) { for _, dataplane := range dataplanes { - // Ingress routes the request by TLS SNI, therefore for cross cluster communication MTLS is required - // We ignore Ingress from endpoints if MTLS is disabled, otherwise we would fail anyway. - if dataplane.Spec.IsIngress() && dataplane.Spec.IsRemoteIngress(zone) && mesh.MTLSEnabled() && dataplane.Spec.HasPublicAddress() { - for _, ingress := range dataplane.Spec.Networking.GetIngress().GetAvailableServices() { - if ingress.Mesh != mesh.GetMeta().GetName() { - continue - } - service := ingress.Tags[mesh_proto.ServiceTag] - outbound[service] = append(outbound[service], core_xds.Endpoint{ - Target: dataplane.Spec.Networking.Ingress.PublicAddress, - Port: dataplane.Spec.Networking.Ingress.PublicPort, - Tags: ingress.Tags, - Weight: ingress.Instances, - Locality: localityFromTags(mesh, priorityRemote, ingress.Tags), - }) - } + if dataplane.Spec.IsIngress() { continue } + for _, inbound := range dataplane.Spec.Networking.GetInbound() { + service := inbound.Tags[mesh_proto.ServiceTag] + iface := dataplane.Spec.Networking.ToInboundInterface(inbound) + // TODO(yskopets): do we need to dedup? + // TODO(yskopets): sort ? + outbound[service] = append(outbound[service], core_xds.Endpoint{ + Target: iface.DataplaneIP, + Port: iface.DataplanePort, + Tags: inbound.Tags, + Weight: endpointWeight, + Locality: localityFromTags(mesh, priorityLocal, inbound.Tags), + }) + } + } +} + +func fillIngressOutbounds(outbound core_xds.EndpointMap, dataplanes []*mesh_core.DataplaneResource, zone string, mesh *mesh_core.MeshResource) uint32 { + ingressInstances := map[string]bool{} + for _, dataplane := range dataplanes { if !dataplane.Spec.IsIngress() { - for _, inbound := range dataplane.Spec.Networking.GetInbound() { - service := inbound.Tags[mesh_proto.ServiceTag] - iface := dataplane.Spec.Networking.ToInboundInterface(inbound) - // TODO(yskopets): do we need to dedup? - // TODO(yskopets): sort ? - outbound[service] = append(outbound[service], core_xds.Endpoint{ - Target: iface.DataplaneIP, - Port: iface.DataplanePort, - Tags: inbound.Tags, - Weight: 1, - Locality: localityFromTags(mesh, priorityLocal, inbound.Tags), - }) + continue + } + if !dataplane.Spec.IsRemoteIngress(zone) { + continue // we only need Ingress for other zones, we don't want to direct request to the same zone through Ingress + } + if !mesh.MTLSEnabled() { + // Ingress routes the request by TLS SNI, therefore for cross cluster communication MTLS is required + // We ignore Ingress from endpoints if MTLS is disabled, otherwise we would fail anyway. + continue + } + if !dataplane.Spec.HasPublicAddress() { + continue // Dataplane is not reachable yet from other clusters. This may happen when Ingress Service is pending waiting on External IP on Kubernetes. + } + ingressCoordinates := fmt.Sprintf("%s;%d", dataplane.Spec.Networking.Ingress.PublicAddress, dataplane.Spec.Networking.Ingress.PublicPort) + if ingressInstances[ingressCoordinates] { + continue // many Ingress instances can be placed in front of one load balancer (all instances can have the same public address and port). In this case we only need one Instance avoiding creating unnecessary duplicated endpoints + } + ingressInstances[ingressCoordinates] = true + for _, service := range dataplane.Spec.Networking.GetIngress().GetAvailableServices() { + if service.Mesh != mesh.GetMeta().GetName() { + continue } + serviceName := service.Tags[mesh_proto.ServiceTag] + outbound[serviceName] = append(outbound[serviceName], core_xds.Endpoint{ + Target: dataplane.Spec.Networking.Ingress.PublicAddress, + Port: dataplane.Spec.Networking.Ingress.PublicPort, + Tags: service.Tags, + Weight: service.Instances, + Locality: localityFromTags(mesh, priorityRemote, service.Tags), + }) } } + return uint32(len(ingressInstances)) +} +func fillExternalServicesOutbounds(outbound core_xds.EndpointMap, externalServices []*mesh_core.ExternalServiceResource, mesh *mesh_core.MeshResource) { for _, externalService := range externalServices { service := externalService.Spec.GetService() - - tlsEnabled := false - if externalService.Spec.Networking.Tls != nil { - tlsEnabled = externalService.Spec.Networking.Tls.Enabled - } + tlsEnabled := externalService.Spec.GetNetworking().GetTls().GetEnabled() tags := externalService.Spec.GetTags() if tlsEnabled { @@ -82,8 +135,6 @@ func BuildEndpointMap( Locality: localityFromTags(mesh, priorityRemote, tags), }) } - - return outbound } func localityFromTags(mesh *mesh_core.MeshResource, priority uint32, tags map[string]string) *core_xds.Locality { diff --git a/pkg/xds/topology/outbound_test.go b/pkg/xds/topology/outbound_test.go index 7443d701fb8b..7177a13cdc60 100644 --- a/pkg/xds/topology/outbound_test.go +++ b/pkg/xds/topology/outbound_test.go @@ -288,28 +288,98 @@ var _ = Describe("TrafficRoute", func() { }, }, }, + { + Spec: mesh_proto.Dataplane{ + Networking: &mesh_proto.Dataplane_Networking{ + Address: "10.20.1.3", // another instance of the same ingress will be ignored + Inbound: []*mesh_proto.Dataplane_Networking_Inbound{ + { + Tags: map[string]string{mesh_proto.ServiceTag: "ingress", mesh_proto.ZoneTag: "zone-2"}, + Port: 10001, + }, + }, + Ingress: &mesh_proto.Dataplane_Networking_Ingress{ + PublicAddress: "192.168.0.100", + PublicPort: 12345, + AvailableServices: []*mesh_proto.Dataplane_Networking_Ingress_AvailableService{ + { + Instances: 2, + Mesh: defaultMeshName, + Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v2", mesh_proto.RegionTag: "eu"}, + }, + { + Instances: 3, + Mesh: defaultMeshName, + Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v3"}, + }, + }, + }, + }, + }, + }, + { + Spec: mesh_proto.Dataplane{ + Networking: &mesh_proto.Dataplane_Networking{ + Address: "10.20.1.4", + Inbound: []*mesh_proto.Dataplane_Networking_Inbound{ + { + Tags: map[string]string{mesh_proto.ServiceTag: "ingress", mesh_proto.ZoneTag: "zone-2"}, + Port: 10001, + }, + }, + Ingress: &mesh_proto.Dataplane_Networking_Ingress{ + PublicAddress: "192.168.0.101", // instance of the ingress with different public coordinates + PublicPort: 12345, + AvailableServices: []*mesh_proto.Dataplane_Networking_Ingress_AvailableService{ + { + Instances: 2, + Mesh: defaultMeshName, + Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v2", mesh_proto.RegionTag: "eu"}, + }, + { + Instances: 3, + Mesh: defaultMeshName, + Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v3"}, + }, + }, + }, + }, + }, + }, }, mesh: defaultMeshWithMTLS, expected: core_xds.EndpointMap{ "redis": []core_xds.Endpoint{ { - Target: "192.168.0.1", - Port: 6379, - Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v1"}, - Weight: 1, + Target: "192.168.0.100", + Port: 12345, + Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v2", mesh_proto.RegionTag: "eu"}, + Weight: 2, }, { Target: "192.168.0.100", Port: 12345, + Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v3"}, + Weight: 3, + }, + { + Target: "192.168.0.101", + Port: 12345, Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v2", mesh_proto.RegionTag: "eu"}, Weight: 2, }, { - Target: "192.168.0.100", + Target: "192.168.0.101", Port: 12345, Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v3"}, Weight: 3, }, + { + Target: "192.168.0.1", + Port: 6379, + Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v1"}, + Weight: 2, // local weight is bumped to 2 to factor two instances of Ingresses + }, }, }, }), @@ -363,18 +433,18 @@ var _ = Describe("TrafficRoute", func() { mesh: defaultMeshWithMTLS, expected: core_xds.EndpointMap{ "redis": []core_xds.Endpoint{ - { - Target: "192.168.0.1", - Port: 6379, - Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v1"}, - Weight: 1, - }, { Target: "192.168.0.100", Port: 12345, Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v2", mesh_proto.RegionTag: "eu"}, Weight: 2, }, + { + Target: "192.168.0.1", + Port: 6379, + Tags: map[string]string{mesh_proto.ServiceTag: "redis", "version": "v1"}, + Weight: 1, + }, }, }, }), From a472f216af13e48935d386be2e99164b61b4bb1d Mon Sep 17 00:00:00 2001 From: Jakub Dyszkiewicz Date: Tue, 3 Nov 2020 12:08:06 +0100 Subject: [PATCH 5/5] review remarks Signed-off-by: Jakub Dyszkiewicz --- pkg/core/resources/apis/mesh/dataplane_validator.go | 7 +++++-- pkg/plugins/runtime/k8s/controllers/ingress_converter.go | 6 +++--- pkg/plugins/runtime/k8s/controllers/pod_controller.go | 1 + 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/pkg/core/resources/apis/mesh/dataplane_validator.go b/pkg/core/resources/apis/mesh/dataplane_validator.go index d19012b6c180..3bc8d4204f81 100644 --- a/pkg/core/resources/apis/mesh/dataplane_validator.go +++ b/pkg/core/resources/apis/mesh/dataplane_validator.go @@ -14,6 +14,7 @@ func (d *DataplaneResource) Validate() error { var err validators.ValidationError if d.Spec.IsIngress() { err.Add(validateIngressNetworking(d.Spec.GetNetworking())) + err.Add(validateIngress(validators.RootedAt("networking").Field("ingress"), d.Spec.GetNetworking().GetIngress())) } else { err.Add(validateNetworking(d.Spec.GetNetworking())) err.Add(validateProbes(d.Spec.GetProbes())) @@ -121,7 +122,6 @@ func validateIngressNetworking(networking *mesh_proto.Dataplane_Networking) vali } } } - err.Add(validateIngress(path.Field("ingress"), networking.Ingress)) return err } @@ -130,9 +130,12 @@ func validateIngress(path validators.PathBuilder, ingress *mesh_proto.Dataplane_ return validators.ValidationError{} } var err validators.ValidationError - if (ingress.GetPublicAddress() == "") != (ingress.GetPublicPort() == 0) { + if ingress.GetPublicAddress() == "" && ingress.GetPublicPort() != 0 { err.AddViolationAt(path.Field("publicAddress"), `has to be defined with publicPort`) } + if ingress.GetPublicPort() == 0 && ingress.GetPublicAddress() != "" { + err.AddViolationAt(path.Field("publicPort"), `has to be defined with publicAddress`) + } if ingress.GetPublicAddress() != "" { err.Add(validateAddress(path.Field("publicAddress"), ingress.GetPublicAddress())) } diff --git a/pkg/plugins/runtime/k8s/controllers/ingress_converter.go b/pkg/plugins/runtime/k8s/controllers/ingress_converter.go index 74e465506740..adbf763c4cf9 100644 --- a/pkg/plugins/runtime/k8s/controllers/ingress_converter.go +++ b/pkg/plugins/runtime/k8s/controllers/ingress_converter.go @@ -22,6 +22,9 @@ var NodePortAddressPriority = []kube_core.NodeAddressType{ } func (p *PodConverter) IngressFor(pod *kube_core.Pod, services []*kube_core.Service) (*mesh_proto.Dataplane, error) { + if len(services) != 1 { + return nil, errors.Errorf("ingress should be matched by exactly one service. Matched %d services", len(services)) + } ifaces, err := InboundInterfacesFor(p.Zone, pod, services) if err != nil { return nil, errors.Wrap(err, "could not generate inbound interfaces") @@ -29,9 +32,6 @@ func (p *PodConverter) IngressFor(pod *kube_core.Pod, services []*kube_core.Serv if len(ifaces) != 1 { return nil, errors.Errorf("generated %d inbound interfaces, expected 1. Interfaces: %v", len(ifaces), ifaces) } - if len(services) != 1 { - return nil, errors.Errorf("ingress should be matched by exactly one service. Matched %d services", len(services)) - } ingress, err := p.ingressSpecFromAnnotations(metadata.Annotations(pod.Annotations)) if err != nil { diff --git a/pkg/plugins/runtime/k8s/controllers/pod_controller.go b/pkg/plugins/runtime/k8s/controllers/pod_controller.go index 3f3ee43c6a30..750010697262 100644 --- a/pkg/plugins/runtime/k8s/controllers/pod_controller.go +++ b/pkg/plugins/runtime/k8s/controllers/pod_controller.go @@ -231,6 +231,7 @@ func (r *PodReconciler) createOrUpdateDataplane( return nil } +// HELLOOOO func (r *PodReconciler) createOrUpdateIngress(pod *kube_core.Pod, services []*kube_core.Service) error { ctx := context.Background()