diff --git a/README.md b/README.md index 9cf2f271..735e4780 100644 --- a/README.md +++ b/README.md @@ -377,7 +377,7 @@ sh-5.1# ip a ## Example: expose Glance to an isolated network The Glance spec can be used to configure Glance to register e.g. -the internal endpoint to an isolated network. MetalLB is used for this +the internal endpoint to an isolated network. MetalLB can be used for this scenario. As a pre requisite, MetalLB needs to be installed and worker nodes @@ -413,13 +413,15 @@ spec: ... glanceAPIInternal: ... - externalEndpoints: - - endpoint: internal - ipAddressPool: osp-internalapi - loadBalancerIPs: - - "172.17.0.202" - sharedIP: true - sharedIPKey: "" + override: + service: + metadata: + annotations: + metallb.universe.tf/address-pool: internalapi + metallb.universe.tf/allow-shared-ip: internalapi + metallb.universe.tf/loadBalancerIPs: 172.17.0.202 + spec: + type: LoadBalancer ... ... ``` diff --git a/api/bases/glance.openstack.org_glanceapis.yaml b/api/bases/glance.openstack.org_glanceapis.yaml index d5ec1d62..5e1dcca7 100644 --- a/api/bases/glance.openstack.org_glanceapis.yaml +++ b/api/bases/glance.openstack.org_glanceapis.yaml @@ -69,32 +69,6 @@ spec: additionalProperties: type: string type: object - externalEndpoints: - items: - properties: - endpoint: - enum: - - internal - - public - type: string - ipAddressPool: - minLength: 1 - type: string - loadBalancerIPs: - items: - type: string - type: array - sharedIP: - default: true - type: boolean - sharedIPKey: - default: "" - type: string - required: - - endpoint - - ipAddressPool - type: object - type: array extraMounts: items: properties: @@ -859,6 +833,55 @@ spec: additionalProperties: type: string type: object + override: + properties: + service: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object passwordSelectors: default: database: GlanceDatabasePassword diff --git a/api/bases/glance.openstack.org_glances.yaml b/api/bases/glance.openstack.org_glances.yaml index 498a6727..ba423d1c 100644 --- a/api/bases/glance.openstack.org_glances.yaml +++ b/api/bases/glance.openstack.org_glances.yaml @@ -835,32 +835,6 @@ spec: additionalProperties: type: string type: object - externalEndpoints: - items: - properties: - endpoint: - enum: - - internal - - public - type: string - ipAddressPool: - minLength: 1 - type: string - loadBalancerIPs: - items: - type: string - type: array - sharedIP: - default: true - type: boolean - sharedIPKey: - default: "" - type: string - required: - - endpoint - - ipAddressPool - type: object - type: array networkAttachments: items: type: string @@ -869,6 +843,55 @@ spec: additionalProperties: type: string type: object + override: + properties: + service: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object pvc: type: string replicas: @@ -931,32 +954,6 @@ spec: additionalProperties: type: string type: object - externalEndpoints: - items: - properties: - endpoint: - enum: - - internal - - public - type: string - ipAddressPool: - minLength: 1 - type: string - loadBalancerIPs: - items: - type: string - type: array - sharedIP: - default: true - type: boolean - sharedIPKey: - default: "" - type: string - required: - - endpoint - - ipAddressPool - type: object - type: array networkAttachments: items: type: string @@ -965,6 +962,55 @@ spec: additionalProperties: type: string type: object + override: + properties: + service: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object pvc: type: string replicas: diff --git a/api/go.mod b/api/go.mod index 0fab65fe..4e8504e3 100644 --- a/api/go.mod +++ b/api/go.mod @@ -17,7 +17,7 @@ require github.com/onsi/gomega v1.27.10 // indirect require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.1.2 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/emicklei/go-restful/v3 v3.10.1 // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect @@ -49,7 +49,7 @@ require ( github.com/prometheus/procfs v0.8.0 // indirect github.com/spf13/pflag v1.0.5 // indirect golang.org/x/net v0.12.0 // indirect - golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1 // indirect + golang.org/x/oauth2 v0.4.0 // indirect golang.org/x/sys v0.10.0 // indirect golang.org/x/term v0.10.0 // indirect golang.org/x/text v0.11.0 // indirect @@ -63,9 +63,9 @@ require ( k8s.io/apiextensions-apiserver v0.26.7 //indirect k8s.io/client-go v0.26.7 //indirect k8s.io/component-base v0.26.7 //indirect - k8s.io/klog/v2 v2.80.1 // indirect + k8s.io/klog/v2 v2.100.1 // indirect k8s.io/kube-openapi v0.0.0-20230327201221-f5883ff37f0c //indirect - k8s.io/utils v0.0.0-20230711102312-30195339c3c7 //indirect + k8s.io/utils v0.0.0-20230726121419-3b25d923346b //indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd //indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect sigs.k8s.io/yaml v1.3.0 // indirect @@ -74,3 +74,9 @@ require ( // mschuppert: map to latest commit from release-4.13 tag // must consistent within modules and service operators replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 //allow-merging + +replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20230817071545-78d401546fbd + +replace github.com/openstack-k8s-operators/lib-common/modules/openstack => github.com/stuggi/lib-common/modules/openstack v0.0.0-20230817071545-78d401546fbd + +replace github.com/openstack-k8s-operators/keystone-operator/api => github.com/stuggi/keystone-operator/api v0.0.0-20230817071801-e9a76286a0ee diff --git a/api/go.sum b/api/go.sum index fea8cc0b..f10e7416 100644 --- a/api/go.sum +++ b/api/go.sum @@ -48,8 +48,9 @@ github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx2 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= @@ -224,12 +225,6 @@ github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxCMwNRnMjhhIDOWHJowi6q8G6koI= github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= -github.com/openstack-k8s-operators/keystone-operator/api v0.1.0 h1:p98vKnS4KzdgU/+vrVKFY3y9n9v1Z6cpo4JvbTNRxlM= -github.com/openstack-k8s-operators/keystone-operator/api v0.1.0/go.mod h1:LNJJdteQG4E2fhWDerE+f8S2/ephEJg8yBkH1eqYYOo= -github.com/openstack-k8s-operators/lib-common/modules/common v0.1.0 h1:F1iYRBwa0cZ2VHw8Zs4frqSWQ1B/tiCuSwH/DuHb8VM= -github.com/openstack-k8s-operators/lib-common/modules/common v0.1.0/go.mod h1:3hAC5Ce0AOSt85BqD6DgTKNkJHmpXwqbwL8mVWRJQqo= -github.com/openstack-k8s-operators/lib-common/modules/openstack v0.1.0 h1:mMeJvCQfZmakssvMyHjzp/ngxKysETDj9GJYhRwydzg= -github.com/openstack-k8s-operators/lib-common/modules/openstack v0.1.0/go.mod h1:+paEFOL5IlJzhg9fy7/1+HSErVkWUgUj1ORLFwgvxnI= github.com/openstack-k8s-operators/lib-common/modules/storage v0.1.0 h1:rHn0wlwBBggRl65gWDniF97XW+1XB2+4PsGZS2RIJ5E= github.com/openstack-k8s-operators/lib-common/modules/storage v0.1.0/go.mod h1:KDe/7CC/9iIEaQSBI8Z5lLKP9t+x3IUHznpRNMf8MU0= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -286,6 +281,12 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stuggi/keystone-operator/api v0.0.0-20230817071801-e9a76286a0ee h1:ktRh1VHP7QB+lQTiDa8WkGzCNXyo87lUrtK2aEZqeLw= +github.com/stuggi/keystone-operator/api v0.0.0-20230817071801-e9a76286a0ee/go.mod h1:tTk8ROJBWxqmFN4HZxZw//mZcTSDi++G0sNrafHdylU= +github.com/stuggi/lib-common/modules/common v0.0.0-20230817071545-78d401546fbd h1:TMtxo1jGDwFMuFtflUn6FHLUnGY+pxbqQFvqez87Iag= +github.com/stuggi/lib-common/modules/common v0.0.0-20230817071545-78d401546fbd/go.mod h1:HwbOw/YcG6Zf3Hukq8KM3ET0s5sjNCaSJd2lyXWaZoA= +github.com/stuggi/lib-common/modules/openstack v0.0.0-20230817071545-78d401546fbd h1:BFnnrTPkkB704nzFSu7OU+luUpd11qmUeCqGYHXFmEs= +github.com/stuggi/lib-common/modules/openstack v0.0.0-20230817071545-78d401546fbd/go.mod h1:qPF+227K+j4Vbad2J87uhjk2jX58bCYbAy5iGGVtr+I= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= @@ -384,8 +385,8 @@ golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4Iltr golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1 h1:lxqLZaMad/dJHMFZH0NiNpiEZI/nhgWhe4wgzpE+MuA= -golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.4.0 h1:NF0gk8LVPg1Ml7SSbGyySuoxdsXitj7TvgvuRxIMc/M= +golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -632,12 +633,12 @@ k8s.io/client-go v0.26.7 h1:hyU9aKHlwVOykgyxzGYkrDSLCc4+mimZVyUJjPyUn1E= k8s.io/client-go v0.26.7/go.mod h1:okYjy0jtq6sdeztALDvCh24tg4opOQS1XNvsJlERDAo= k8s.io/component-base v0.26.7 h1:uqsOyZh0Zqoaup8tmHa491D/CvgFdGUs+X2H/inNUKM= k8s.io/component-base v0.26.7/go.mod h1:CZe1HTmX/DQdeBrb9XYOXzs96jXth8ZbFvhLMsoJLUg= -k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= +k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-openapi v0.0.0-20230327201221-f5883ff37f0c h1:EFfsozyzZ/pggw5qNx7ftTVZdp7WZl+3ih89GEjYEK8= k8s.io/kube-openapi v0.0.0-20230327201221-f5883ff37f0c/go.mod h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg= -k8s.io/utils v0.0.0-20230711102312-30195339c3c7 h1:ZgnF1KZsYxWIifwSNZFZgNtWE89WI5yiP5WwlfDoIyc= -k8s.io/utils v0.0.0-20230711102312-30195339c3c7/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/api/v1beta1/common.go b/api/v1beta1/common.go index 7a8a4c54..f7cdc987 100644 --- a/api/v1beta1/common.go +++ b/api/v1beta1/common.go @@ -18,16 +18,18 @@ package v1beta1 import ( "context" + "time" + "github.com/gophercloud/gophercloud" keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1" "github.com/openstack-k8s-operators/lib-common/modules/common/endpoint" "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/secret" + "github.com/openstack-k8s-operators/lib-common/modules/common/service" "github.com/openstack-k8s-operators/lib-common/modules/common/util" openstack "github.com/openstack-k8s-operators/lib-common/modules/openstack" corev1 "k8s.io/api/core/v1" ctrl "sigs.k8s.io/controller-runtime" - "time" ) const ( @@ -91,38 +93,14 @@ type GlanceAPITemplate struct { // NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network NetworkAttachments []string `json:"networkAttachments,omitempty"` - // +kubebuilder:validation:Optional - // ExternalEndpoints, expose a VIP via MetalLB on the pre-created address pool - ExternalEndpoints []MetalLBConfig `json:"externalEndpoints,omitempty"` + // Override, provides the ability to override the generated manifest of several child resources. + Override APIOverrideSpec `json:"override,omitempty"` } -// MetalLBConfig to configure the MetalLB loadbalancer service -type MetalLBConfig struct { - // +kubebuilder:validation:Required - // +kubebuilder:validation:Enum=internal;public - // Endpoint, OpenStack endpoint this service maps to - Endpoint endpoint.Endpoint `json:"endpoint"` - - // +kubebuilder:validation:Required - // +kubebuilder:validation:MinLength=1 - // IPAddressPool expose VIP via MetalLB on the IPAddressPool - IPAddressPool string `json:"ipAddressPool"` - - // +kubebuilder:validation:Optional - // +kubebuilder:default=true - // SharedIP if true, VIP/VIPs get shared with multiple services - SharedIP bool `json:"sharedIP"` - - // +kubebuilder:validation:Optional - // +kubebuilder:default="" - // SharedIPKey specifies the sharing key which gets set as the annotation on the LoadBalancer service. - // Services which share the same VIP must have the same SharedIPKey. Defaults to the IPAddressPool if - // SharedIP is true, but no SharedIPKey specified. - SharedIPKey string `json:"sharedIPKey"` - - // +kubebuilder:validation:Optional - // LoadBalancerIPs, request given IPs from the pool if available. Using a list to allow dual stack (IPv4/IPv6) support - LoadBalancerIPs []string `json:"loadBalancerIPs,omitempty"` +// APIOverrideSpec to override the generated manifest of several child resources. +type APIOverrideSpec struct { + // Override configuration for the Service created to serve traffic to the cluster. + Service *service.OverrideSpec `json:"service,omitempty"` } // SetupDefaults - initializes any CRD field defaults based on environment variables (the defaulting mechanism itself is implemented via webhooks) diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go index 9b507234..5458057f 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -23,10 +23,31 @@ package v1beta1 import ( "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + "github.com/openstack-k8s-operators/lib-common/modules/common/service" "github.com/openstack-k8s-operators/lib-common/modules/storage" "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIOverrideSpec) DeepCopyInto(out *APIOverrideSpec) { + *out = *in + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(service.OverrideSpec) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIOverrideSpec. +func (in *APIOverrideSpec) DeepCopy() *APIOverrideSpec { + if in == nil { + return nil + } + out := new(APIOverrideSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Glance) DeepCopyInto(out *Glance) { *out = *in @@ -237,13 +258,7 @@ func (in *GlanceAPITemplate) DeepCopyInto(out *GlanceAPITemplate) { *out = make([]string, len(*in)) copy(*out, *in) } - if in.ExternalEndpoints != nil { - in, out := &in.ExternalEndpoints, &out.ExternalEndpoints - *out = make([]MetalLBConfig, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.Override.DeepCopyInto(&out.Override) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GlanceAPITemplate. @@ -422,26 +437,6 @@ func (in *GlanceStatus) DeepCopy() *GlanceStatus { return out } -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MetalLBConfig) DeepCopyInto(out *MetalLBConfig) { - *out = *in - if in.LoadBalancerIPs != nil { - in, out := &in.LoadBalancerIPs, &out.LoadBalancerIPs - *out = make([]string, len(*in)) - copy(*out, *in) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetalLBConfig. -func (in *MetalLBConfig) DeepCopy() *MetalLBConfig { - if in == nil { - return nil - } - out := new(MetalLBConfig) - in.DeepCopyInto(out) - return out -} - // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PasswordSelector) DeepCopyInto(out *PasswordSelector) { *out = *in diff --git a/config/crd/bases/glance.openstack.org_glanceapis.yaml b/config/crd/bases/glance.openstack.org_glanceapis.yaml index d5ec1d62..5e1dcca7 100644 --- a/config/crd/bases/glance.openstack.org_glanceapis.yaml +++ b/config/crd/bases/glance.openstack.org_glanceapis.yaml @@ -69,32 +69,6 @@ spec: additionalProperties: type: string type: object - externalEndpoints: - items: - properties: - endpoint: - enum: - - internal - - public - type: string - ipAddressPool: - minLength: 1 - type: string - loadBalancerIPs: - items: - type: string - type: array - sharedIP: - default: true - type: boolean - sharedIPKey: - default: "" - type: string - required: - - endpoint - - ipAddressPool - type: object - type: array extraMounts: items: properties: @@ -859,6 +833,55 @@ spec: additionalProperties: type: string type: object + override: + properties: + service: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object passwordSelectors: default: database: GlanceDatabasePassword diff --git a/config/crd/bases/glance.openstack.org_glances.yaml b/config/crd/bases/glance.openstack.org_glances.yaml index 498a6727..ba423d1c 100644 --- a/config/crd/bases/glance.openstack.org_glances.yaml +++ b/config/crd/bases/glance.openstack.org_glances.yaml @@ -835,32 +835,6 @@ spec: additionalProperties: type: string type: object - externalEndpoints: - items: - properties: - endpoint: - enum: - - internal - - public - type: string - ipAddressPool: - minLength: 1 - type: string - loadBalancerIPs: - items: - type: string - type: array - sharedIP: - default: true - type: boolean - sharedIPKey: - default: "" - type: string - required: - - endpoint - - ipAddressPool - type: object - type: array networkAttachments: items: type: string @@ -869,6 +843,55 @@ spec: additionalProperties: type: string type: object + override: + properties: + service: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object pvc: type: string replicas: @@ -931,32 +954,6 @@ spec: additionalProperties: type: string type: object - externalEndpoints: - items: - properties: - endpoint: - enum: - - internal - - public - type: string - ipAddressPool: - minLength: 1 - type: string - loadBalancerIPs: - items: - type: string - type: array - sharedIP: - default: true - type: boolean - sharedIPKey: - default: "" - type: string - required: - - endpoint - - ipAddressPool - type: object - type: array networkAttachments: items: type: string @@ -965,6 +962,55 @@ spec: additionalProperties: type: string type: object + override: + properties: + service: + properties: + endpointURL: + type: string + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + externalName: + type: string + externalTrafficPolicy: + type: string + internalTrafficPolicy: + type: string + ipFamilyPolicy: + type: string + loadBalancerClass: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + type: + type: string + type: object + type: object + type: object pvc: type: string replicas: diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index a3051c30..3573bbb8 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -229,18 +229,6 @@ rules: - list - update - watch -- apiGroups: - - route.openshift.io - resources: - - routes - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - security.openshift.io resourceNames: diff --git a/controllers/glanceapi_controller.go b/controllers/glanceapi_controller.go index 8341c5b3..015ca90a 100644 --- a/controllers/glanceapi_controller.go +++ b/controllers/glanceapi_controller.go @@ -36,7 +36,6 @@ import ( "github.com/go-logr/logr" networkv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1" - routev1 "github.com/openshift/api/route/v1" cinderv1 "github.com/openstack-k8s-operators/cinder-operator/api/v1beta1" glancev1 "github.com/openstack-k8s-operators/glance-operator/api/v1beta1" "github.com/openstack-k8s-operators/glance-operator/pkg/glance" @@ -52,6 +51,7 @@ import ( "github.com/openstack-k8s-operators/lib-common/modules/common/labels" nad "github.com/openstack-k8s-operators/lib-common/modules/common/networkattachment" oko_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" + "github.com/openstack-k8s-operators/lib-common/modules/common/service" "github.com/openstack-k8s-operators/lib-common/modules/common/util" appsv1 "k8s.io/api/apps/v1" @@ -75,7 +75,6 @@ type GlanceAPIReconciler struct { // +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=core,resources=services,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list; -// +kubebuilder:rbac:groups=route.openshift.io,resources=routes,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=keystone.openstack.org,resources=keystoneapis,verbs=get;list;watch; // +kubebuilder:rbac:groups=keystone.openstack.org,resources=keystoneendpoints,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=k8s.cni.cncf.io,resources=network-attachment-definitions,verbs=get;list;watch @@ -247,7 +246,6 @@ func (r *GlanceAPIReconciler) SetupWithManager(mgr ctrl.Manager) error { Owns(&corev1.Secret{}). Owns(&corev1.ConfigMap{}). Owns(&appsv1.Deployment{}). - Owns(&routev1.Route{}). Watches(&source.Kind{Type: &corev1.Secret{}}, handler.EnqueueRequestsFromMapFunc(svcSecretFn)). Watches(&source.Kind{Type: &networkv1.NetworkAttachmentDefinition{}}, @@ -288,61 +286,90 @@ func (r *GlanceAPIReconciler) reconcileInit( r.Log.Info(fmt.Sprintf("Reconciling Service '%s' init", instance.Name)) // - // expose the service (create service, route and return the created endpoint URLs) + // create service/s // - ports := map[endpoint.Endpoint]endpoint.Data{} + glanceEndpoints := map[service.Endpoint]endpoint.Data{} if instance.Spec.APIType == glancev1.APIInternal { - ports[endpoint.EndpointInternal] = endpoint.Data{ + glanceEndpoints[service.EndpointInternal] = endpoint.Data{ Port: glance.GlanceInternalPort, } } else { - ports[endpoint.EndpointPublic] = endpoint.Data{ + glanceEndpoints[service.EndpointPublic] = endpoint.Data{ Port: glance.GlancePublicPort, } } + apiEndpoints := make(map[string]string) - for _, metallbcfg := range instance.Spec.ExternalEndpoints { - portCfg := ports[metallbcfg.Endpoint] - portCfg.MetalLB = &endpoint.MetalLBData{ - IPAddressPool: metallbcfg.IPAddressPool, - SharedIP: metallbcfg.SharedIP, - SharedIPKey: metallbcfg.SharedIPKey, - LoadBalancerIPs: metallbcfg.LoadBalancerIPs, + for endpointType, data := range glanceEndpoints { + endpointName := glance.ServiceName + "-" + string(endpointType) + svcOverride := instance.Spec.Override.Service + + exportLabels := util.MergeStringMaps( + serviceLabels, + map[string]string{ + string(endpointType): "true", + }, + ) + + // Create the service + svc, err := service.NewService( + service.GenericService(&service.GenericServiceDetails{ + Name: endpointName, + Namespace: instance.Namespace, + Labels: exportLabels, + Selector: serviceLabels, + Port: service.GenericServicePort{ + Name: endpointName, + Port: data.Port, + Protocol: corev1.ProtocolTCP, + }, + }), + 5, + svcOverride, + ) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.ExposeServiceReadyErrorMessage, + err.Error())) + + return ctrl.Result{}, err } - ports[metallbcfg.Endpoint] = portCfg - } + ctrlResult, err := svc.CreateOrPatch(ctx, helper) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.ExposeServiceReadyErrorMessage, + err.Error())) - apiEndpoints, ctrlResult, err := endpoint.ExposeEndpoints( - ctx, - helper, - glance.ServiceName, - serviceLabels, - ports, - time.Duration(5)*time.Second, - ) - if err != nil { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.ExposeServiceReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.ExposeServiceReadyErrorMessage, - err.Error())) - return ctrlResult, err - } else if (ctrlResult != ctrl.Result{}) { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.ExposeServiceReadyCondition, - condition.RequestedReason, - condition.SeverityInfo, - condition.ExposeServiceReadyRunningMessage)) - return ctrlResult, nil + return ctrlResult, err + } else if (ctrlResult != ctrl.Result{}) { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.RequestedReason, + condition.SeverityInfo, + condition.ExposeServiceReadyRunningMessage)) + return ctrlResult, nil + } + // create service - end + + // TODO: TLS, pass in https as protocol, create TLS cert + apiEndpoints[string(endpointType)], err = svc.GetAPIEndpoint( + svcOverride, data.Protocol, data.Path) + if err != nil { + return ctrl.Result{}, err + } } instance.Status.Conditions.MarkTrue(condition.ExposeServiceReadyCondition, condition.ExposeServiceReadyMessage) // // Update instance status with service endpoint url from route host information // - // TODO: need to support https default here if instance.Status.APIEndpoints == nil { instance.Status.APIEndpoints = map[string]string{} } @@ -360,7 +387,7 @@ func (r *GlanceAPIReconciler) reconcileInit( } ksSvc := keystonev1.NewKeystoneEndpoint(instance.Name, instance.Namespace, ksEndpointSpec, serviceLabels, time.Duration(10)*time.Second) - ctrlResult, err = ksSvc.CreateOrPatch(ctx, helper) + ctrlResult, err := ksSvc.CreateOrPatch(ctx, helper) if err != nil { return ctrlResult, err } diff --git a/go.mod b/go.mod index 1d44ed7d..4b21613a 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/go-logr/logr v1.2.4 github.com/onsi/ginkgo/v2 v2.11.0 github.com/onsi/gomega v1.27.10 - github.com/openshift/api v3.9.0+incompatible + github.com/openshift/api v3.9.0+incompatible // indirect github.com/openstack-k8s-operators/glance-operator/api v0.0.0-20230628073827-6eb29c5ed4ce github.com/openstack-k8s-operators/infra-operator/apis v0.1.0 github.com/openstack-k8s-operators/keystone-operator/api v0.1.0 @@ -36,7 +36,7 @@ require ( require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.1.2 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/emicklei/go-restful/v3 v3.10.1 // indirect github.com/evanphx/json-patch/v5 v5.6.0 // indirect @@ -72,7 +72,7 @@ require ( go.uber.org/multierr v1.8.0 // indirect go.uber.org/zap v1.24.0 // indirect golang.org/x/net v0.12.0 // indirect - golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1 // indirect + golang.org/x/oauth2 v0.4.0 // indirect golang.org/x/sys v0.10.0 // indirect golang.org/x/term v0.10.0 // indirect golang.org/x/text v0.11.0 // indirect @@ -85,9 +85,9 @@ require ( gopkg.in/yaml.v3 v3.0.1 k8s.io/apiextensions-apiserver v0.26.7 //indirect k8s.io/component-base v0.26.7 //indirect - k8s.io/klog/v2 v2.80.1 // indirect + k8s.io/klog/v2 v2.100.1 // indirect k8s.io/kube-openapi v0.0.0-20230327201221-f5883ff37f0c //indirect - k8s.io/utils v0.0.0-20230711102312-30195339c3c7 //indirect + k8s.io/utils v0.0.0-20230726121419-3b25d923346b //indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd //indirect sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect sigs.k8s.io/yaml v1.3.0 // indirect @@ -98,3 +98,9 @@ replace github.com/openstack-k8s-operators/glance-operator/api => ./api // mschuppert: map to latest commit from release-4.13 tag // must consistent within modules and service operators replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 //allow-merging + +replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20230817071545-78d401546fbd + +replace github.com/openstack-k8s-operators/lib-common/modules/openstack => github.com/stuggi/lib-common/modules/openstack v0.0.0-20230817071545-78d401546fbd + +replace github.com/openstack-k8s-operators/keystone-operator/api => github.com/stuggi/keystone-operator/api v0.0.0-20230817071801-e9a76286a0ee diff --git a/go.sum b/go.sum index 3ad6e5a0..8ab5cfa7 100644 --- a/go.sum +++ b/go.sum @@ -50,8 +50,9 @@ github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx2 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= @@ -238,14 +239,8 @@ github.com/openstack-k8s-operators/cinder-operator/api v0.1.0 h1:8QsJidoozdGsV9f github.com/openstack-k8s-operators/cinder-operator/api v0.1.0/go.mod h1:GEZ6VarA74XXRa4SagCymoRrxQQVWvxZ2K7O4/YSxK4= github.com/openstack-k8s-operators/infra-operator/apis v0.1.0 h1:cavVlTrKeW2xcyt78UPsj1uGxgjfKfzULLZNJEa5wgI= github.com/openstack-k8s-operators/infra-operator/apis v0.1.0/go.mod h1:t1xmsiZDqM3wXcLMqgHp7/iilK8ozuOkydV4Vi2Qibk= -github.com/openstack-k8s-operators/keystone-operator/api v0.1.0 h1:p98vKnS4KzdgU/+vrVKFY3y9n9v1Z6cpo4JvbTNRxlM= -github.com/openstack-k8s-operators/keystone-operator/api v0.1.0/go.mod h1:LNJJdteQG4E2fhWDerE+f8S2/ephEJg8yBkH1eqYYOo= -github.com/openstack-k8s-operators/lib-common/modules/common v0.1.0 h1:F1iYRBwa0cZ2VHw8Zs4frqSWQ1B/tiCuSwH/DuHb8VM= -github.com/openstack-k8s-operators/lib-common/modules/common v0.1.0/go.mod h1:3hAC5Ce0AOSt85BqD6DgTKNkJHmpXwqbwL8mVWRJQqo= github.com/openstack-k8s-operators/lib-common/modules/database v0.1.0 h1:JWLX0pyQXANEULDbjv4rWcYQ8y4OSqnQl0L6O/gIv7U= github.com/openstack-k8s-operators/lib-common/modules/database v0.1.0/go.mod h1:bbauLidBocb/iigxC0D4fIbqjkvR80o6fsKpOGyVk00= -github.com/openstack-k8s-operators/lib-common/modules/openstack v0.1.0 h1:mMeJvCQfZmakssvMyHjzp/ngxKysETDj9GJYhRwydzg= -github.com/openstack-k8s-operators/lib-common/modules/openstack v0.1.0/go.mod h1:+paEFOL5IlJzhg9fy7/1+HSErVkWUgUj1ORLFwgvxnI= github.com/openstack-k8s-operators/lib-common/modules/storage v0.1.0 h1:rHn0wlwBBggRl65gWDniF97XW+1XB2+4PsGZS2RIJ5E= github.com/openstack-k8s-operators/lib-common/modules/storage v0.1.0/go.mod h1:KDe/7CC/9iIEaQSBI8Z5lLKP9t+x3IUHznpRNMf8MU0= github.com/openstack-k8s-operators/lib-common/modules/test v0.1.1 h1:upLnnux++Cuzxuta7z4VhD3aVwslXYYuptKk5R1EJPU= @@ -308,6 +303,12 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stuggi/keystone-operator/api v0.0.0-20230817071801-e9a76286a0ee h1:ktRh1VHP7QB+lQTiDa8WkGzCNXyo87lUrtK2aEZqeLw= +github.com/stuggi/keystone-operator/api v0.0.0-20230817071801-e9a76286a0ee/go.mod h1:tTk8ROJBWxqmFN4HZxZw//mZcTSDi++G0sNrafHdylU= +github.com/stuggi/lib-common/modules/common v0.0.0-20230817071545-78d401546fbd h1:TMtxo1jGDwFMuFtflUn6FHLUnGY+pxbqQFvqez87Iag= +github.com/stuggi/lib-common/modules/common v0.0.0-20230817071545-78d401546fbd/go.mod h1:HwbOw/YcG6Zf3Hukq8KM3ET0s5sjNCaSJd2lyXWaZoA= +github.com/stuggi/lib-common/modules/openstack v0.0.0-20230817071545-78d401546fbd h1:BFnnrTPkkB704nzFSu7OU+luUpd11qmUeCqGYHXFmEs= +github.com/stuggi/lib-common/modules/openstack v0.0.0-20230817071545-78d401546fbd/go.mod h1:qPF+227K+j4Vbad2J87uhjk2jX58bCYbAy5iGGVtr+I= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= @@ -417,8 +418,8 @@ golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4Iltr golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= -golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1 h1:lxqLZaMad/dJHMFZH0NiNpiEZI/nhgWhe4wgzpE+MuA= -golang.org/x/oauth2 v0.0.0-20220909003341-f21342109be1/go.mod h1:h4gKUeWbJ4rQPri7E0u6Gs4e9Ri2zaLxzw5DI5XGrYg= +golang.org/x/oauth2 v0.4.0 h1:NF0gk8LVPg1Ml7SSbGyySuoxdsXitj7TvgvuRxIMc/M= +golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -668,12 +669,12 @@ k8s.io/client-go v0.26.7 h1:hyU9aKHlwVOykgyxzGYkrDSLCc4+mimZVyUJjPyUn1E= k8s.io/client-go v0.26.7/go.mod h1:okYjy0jtq6sdeztALDvCh24tg4opOQS1XNvsJlERDAo= k8s.io/component-base v0.26.7 h1:uqsOyZh0Zqoaup8tmHa491D/CvgFdGUs+X2H/inNUKM= k8s.io/component-base v0.26.7/go.mod h1:CZe1HTmX/DQdeBrb9XYOXzs96jXth8ZbFvhLMsoJLUg= -k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= +k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-openapi v0.0.0-20230327201221-f5883ff37f0c h1:EFfsozyzZ/pggw5qNx7ftTVZdp7WZl+3ih89GEjYEK8= k8s.io/kube-openapi v0.0.0-20230327201221-f5883ff37f0c/go.mod h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg= -k8s.io/utils v0.0.0-20230711102312-30195339c3c7 h1:ZgnF1KZsYxWIifwSNZFZgNtWE89WI5yiP5WwlfDoIyc= -k8s.io/utils v0.0.0-20230711102312-30195339c3c7/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/main.go b/main.go index f468d397..8877eefe 100644 --- a/main.go +++ b/main.go @@ -26,7 +26,6 @@ import ( "k8s.io/client-go/kubernetes" _ "k8s.io/client-go/plugin/pkg/client/auth" - routev1 "github.com/openshift/api/route/v1" "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" @@ -57,7 +56,6 @@ func init() { utilruntime.Must(mariadbv1.AddToScheme(scheme)) utilruntime.Must(keystonev1.AddToScheme(scheme)) utilruntime.Must(cinderv1.AddToScheme(scheme)) - utilruntime.Must(routev1.AddToScheme(scheme)) utilruntime.Must(networkv1.AddToScheme(scheme)) //+kubebuilder:scaffold:scheme } diff --git a/tests/functional/glance_controller_test.go b/tests/functional/glance_controller_test.go index fa7733fd..09f5a4f1 100644 --- a/tests/functional/glance_controller_test.go +++ b/tests/functional/glance_controller_test.go @@ -255,9 +255,6 @@ var _ = Describe("Glance controller", func() { th.AssertServiceExists(glanceTest.GlancePublicRoute) th.AssertServiceExists(glanceTest.GlanceInternalRoute) }) - It("Assert Routes are created", func() { - th.AssertRouteExists(glanceTest.GlancePublicRoute) - }) }) When("Glance CR is deleted", func() { BeforeEach(func() { @@ -364,8 +361,7 @@ var _ = Describe("Glance controller", func() { externalAPI := GetGlanceAPI(glanceTest.GlanceInternal) // Check GlanceAPI NADs Expect(internalAPI.Spec.NetworkAttachments).To(Equal(glance.Spec.GlanceAPIInternal.NetworkAttachments)) - Expect(internalAPI.Spec.ExternalEndpoints).To(Equal(glance.Spec.GlanceAPIInternal.ExternalEndpoints)) - Expect(externalAPI.Spec.NetworkAttachments).To(Equal(glance.Spec.GlanceAPIInternal.NetworkAttachments)) + Expect(externalAPI.Spec.NetworkAttachments).To(Equal(glance.Spec.GlanceAPIExternal.NetworkAttachments)) }) }) }) diff --git a/tests/functional/glanceapi_controller_test.go b/tests/functional/glanceapi_controller_test.go index 7602dfd9..6e992ac7 100644 --- a/tests/functional/glanceapi_controller_test.go +++ b/tests/functional/glanceapi_controller_test.go @@ -185,17 +185,14 @@ var _ = Describe("Glanceapi controller", func() { }) It("exposes the service", func() { - // Only a Public Route is exposed outside apiInstance := th.GetService(glanceTest.GlancePublicRoute) Expect(apiInstance.Labels["service"]).To(Equal("glance-external")) - // Route is created on top of the existing service - th.AssertRouteExists(glanceTest.GlancePublicRoute) }) It("creates KeystoneEndpoint", func() { keystoneEndpoint := th.GetKeystoneEndpoint(glanceTest.GlanceExternal) endpoints := keystoneEndpoint.Spec.Endpoints - Expect(endpoints).To(HaveKeyWithValue("public", "http:")) + Expect(endpoints).To(HaveKeyWithValue("public", "http://glance-public."+glanceTest.Instance.Namespace+".svc:9292")) th.ExpectCondition( glanceTest.GlanceExternal, ConditionGetterFunc(GlanceAPIConditionGetter), @@ -241,4 +238,107 @@ var _ = Describe("Glanceapi controller", func() { ) }) }) + + When("A GlanceAPI is created with service override", func() { + BeforeEach(func() { + spec := GetDefaultGlanceAPISpec(GlanceAPITypeInternal) + var serviceOverride interface{} + serviceOverride = map[string]interface{}{ + "endpoint": "internal", + "metadata": map[string]map[string]string{ + "annotations": { + "dnsmasq.network.openstack.org/hostname": "glance-internal.openstack.svc", + "metallb.universe.tf/address-pool": "osp-internalapi", + "metallb.universe.tf/allow-shared-ip": "osp-internalapi", + "metallb.universe.tf/loadBalancerIPs": "internal-lb-ip-1,internal-lb-ip-2", + }, + "labels": { + "internal": "true", + "service": "glance", + }, + }, + "spec": map[string]interface{}{ + "type": "LoadBalancer", + }, + } + + spec["override"] = map[string]interface{}{ + "service": serviceOverride, + } + + glance := CreateGlanceAPI(glanceTest.GlanceInternal, spec) + DeferCleanup(th.DeleteKeystoneAPI, th.CreateKeystoneAPI(glanceTest.GlanceInternal.Namespace)) + th.SimulateDeploymentReplicaReady(glanceTest.GlanceInternalAPI) + th.SimulateKeystoneEndpointReady(glanceTest.GlanceInternal) + DeferCleanup(th.DeleteInstance, glance) + }) + + It("creates KeystoneEndpoint", func() { + keystoneEndpoint := th.GetKeystoneEndpoint(glanceTest.GlanceInternal) + endpoints := keystoneEndpoint.Spec.Endpoints + Expect(endpoints).To(HaveKeyWithValue("internal", "http://glance-internal."+glanceTest.GlanceInternal.Namespace+".svc:9292")) + + th.ExpectCondition( + glanceTest.GlanceInternal, + ConditionGetterFunc(GlanceAPIConditionGetter), + condition.KeystoneEndpointReadyCondition, + corev1.ConditionTrue, + ) + }) + + It("creates LoadBalancer service", func() { + // As the internal endpoint is configured in service overrides it + // gets a LoadBalancer Service with annotations + service := th.GetService(glanceTest.GlanceInternalRoute) + Expect(service.Annotations).To( + HaveKeyWithValue("dnsmasq.network.openstack.org/hostname", "glance-internal.openstack.svc")) + Expect(service.Annotations).To( + HaveKeyWithValue("metallb.universe.tf/address-pool", "osp-internalapi")) + Expect(service.Annotations).To( + HaveKeyWithValue("metallb.universe.tf/allow-shared-ip", "osp-internalapi")) + Expect(service.Annotations).To( + HaveKeyWithValue("metallb.universe.tf/loadBalancerIPs", "internal-lb-ip-1,internal-lb-ip-2")) + + th.ExpectCondition( + glanceTest.GlanceInternal, + ConditionGetterFunc(GlanceAPIConditionGetter), + condition.ReadyCondition, + corev1.ConditionTrue, + ) + }) + }) + + When("A GlanceAPI is created with service override endpointURL set", func() { + BeforeEach(func() { + spec := GetDefaultGlanceAPISpec(GlanceAPITypeExternal) + var serviceOverride interface{} + serviceOverride = map[string]interface{}{ + "endpoint": "public", + "endpointURL": "http://glance-openstack.apps-crc.testing", + } + + spec["override"] = map[string]interface{}{ + "service": serviceOverride, + } + + glance := CreateGlanceAPI(glanceTest.GlanceExternal, spec) + DeferCleanup(th.DeleteKeystoneAPI, th.CreateKeystoneAPI(glanceTest.GlanceExternal.Namespace)) + th.SimulateDeploymentReplicaReady(glanceTest.GlanceExternalAPI) + th.SimulateKeystoneEndpointReady(glanceTest.GlanceExternal) + DeferCleanup(th.DeleteInstance, glance) + }) + + It("creates KeystoneEndpoint", func() { + keystoneEndpoint := th.GetKeystoneEndpoint(glanceTest.GlanceExternal) + endpoints := keystoneEndpoint.Spec.Endpoints + Expect(endpoints).To(HaveKeyWithValue("public", "http://glance-openstack.apps-crc.testing")) + + th.ExpectCondition( + glanceTest.GlanceExternal, + ConditionGetterFunc(GlanceAPIConditionGetter), + condition.KeystoneEndpointReadyCondition, + corev1.ConditionTrue, + ) + }) + }) }) diff --git a/tests/functional/suite_test.go b/tests/functional/suite_test.go index e4894c63..429a51cd 100644 --- a/tests/functional/suite_test.go +++ b/tests/functional/suite_test.go @@ -20,13 +20,14 @@ import ( "context" "crypto/tls" "fmt" - "github.com/google/uuid" - "k8s.io/apimachinery/pkg/types" "net" "path/filepath" "testing" "time" + "github.com/google/uuid" + "k8s.io/apimachinery/pkg/types" + "github.com/go-logr/logr" . "github.com/onsi/ginkgo/v2" @@ -43,7 +44,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log/zap" networkv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1" - routev1 "github.com/openshift/api/route/v1" glancev1 "github.com/openstack-k8s-operators/glance-operator/api/v1beta1" "github.com/openstack-k8s-operators/glance-operator/controllers" rabbitmqv1beta1 "github.com/openstack-k8s-operators/infra-operator/apis/rabbitmq/v1beta1" @@ -98,8 +98,6 @@ var _ = BeforeSuite(func() { mariadbCRDs, err := test.GetCRDDirFromModule( "github.com/openstack-k8s-operators/mariadb-operator/api", gomod, "bases") Expect(err).ShouldNot(HaveOccurred()) - routev1CRDs, err := test.GetOpenShiftCRDDir("route/v1", gomod) - Expect(err).ShouldNot(HaveOccurred()) By("bootstrapping test environment") testEnv = &envtest.Environment{ @@ -107,7 +105,6 @@ var _ = BeforeSuite(func() { filepath.Join("..", "..", "config", "crd", "bases"), mariadbCRDs, keystoneCRDs, - routev1CRDs, }, CRDInstallOptions: envtest.CRDInstallOptions{ Paths: []string{ @@ -137,8 +134,6 @@ var _ = BeforeSuite(func() { Expect(err).NotTo(HaveOccurred()) err = keystonev1.AddToScheme(scheme.Scheme) Expect(err).NotTo(HaveOccurred()) - err = routev1.AddToScheme(scheme.Scheme) - Expect(err).NotTo(HaveOccurred()) err = networkv1.AddToScheme(scheme.Scheme) Expect(err).NotTo(HaveOccurred()) diff --git a/tests/kuttl/tests/glance_scale/01-assert.yaml b/tests/kuttl/tests/glance_scale/01-assert.yaml index 193d803c..e4ec06c9 100644 --- a/tests/kuttl/tests/glance_scale/01-assert.yaml +++ b/tests/kuttl/tests/glance_scale/01-assert.yaml @@ -9,7 +9,6 @@ # - glance-internal-api Pod # - glance-internal service # - glance-public service -# - glance-public route # - glance internal and public endpoints apiVersion: glance.openstack.org/v1beta1 @@ -197,20 +196,6 @@ spec: selector: service: glance-external --- -apiVersion: route.openshift.io/v1 -kind: Route -metadata: - labels: - public: "true" - service: glance-external - name: glance-public -spec: - port: - targetPort: glance-public - to: - kind: Service - name: glance-public ---- # the actual addresses of the apiEndpoints are platform specific, so we can't rely on # kuttl asserts to check them. This short script gathers the addresses and checks that # the three endpoints are defined and their addresses follow the default pattern @@ -220,7 +205,7 @@ namespaced: true commands: - script: | template='{{.status.apiEndpoint.internal}}{{":"}}{{.status.apiEndpoint.public}}{{"\n"}}' - regex="http:\/\/glance-internal.$NAMESPACE.*:http:\/\/glance-public-$NAMESPACE\.apps.*" + regex="http:\/\/glance-internal.$NAMESPACE.*:http:\/\/glance-public.$NAMESPACE.**" apiEndpoints=$(oc get -n $NAMESPACE Glance glance -o go-template="$template") matches=$(echo "$apiEndpoints" | sed -e "s?$regex??") if [ -z "$matches" ]; then diff --git a/tests/kuttl/tests/glance_scale/05-errors.yaml b/tests/kuttl/tests/glance_scale/05-errors.yaml index 9bd4e6f0..7db9f5d0 100644 --- a/tests/kuttl/tests/glance_scale/05-errors.yaml +++ b/tests/kuttl/tests/glance_scale/05-errors.yaml @@ -9,7 +9,6 @@ # - No glance-internal-api Pod # - No glance-internal service # - No glance-public service -# - No glance-public route # - No glance internal and public endpoints apiVersion: glance.openstack.org/v1beta1 @@ -58,8 +57,3 @@ apiVersion: v1 kind: Service metadata: name: glance-public ---- -apiVersion: route.openshift.io/v1 -kind: Route -metadata: - name: glance-public