Add metallb service support

Depends-On: openstack-k8s-operators/lib-common#160

api/bases/keystone.openstack.org_keystoneapis.yaml

@@ -17,7 +17,7 @@ spec:
   versions:
   - additionalPrinterColumns:
     - description: NetworkAttachments
-      jsonPath: .status.networkAttachments
+      jsonPath: .spec.networkAttachments
       name: NetworkAttachments
       type: string
     - description: Status
@@ -109,9 +109,43 @@ spec:
                   to add additional files. Those get added to the service config dir
                   in /etc/<service> . TODO: -> implement'
                 type: object
+              externalEndpoints:
+                description: ExternalEndpoints, expose a VIP using a pre-created IPAddressPool
+                items:
+                  description: MetalLBConfig to configure the MetalLB loadbalancer
+                    service
+                  properties:
+                    endpoint:
+                      description: Endpoint, OpenStack endpoint this service maps
+                        to
+                      enum:
+                      - admin
+                      - internal
+                      - public
+                      type: string
+                    ipAddressPool:
+                      description: IPAddressPool expose VIP via MetalLB on the IPAddressPool
+                      minLength: 1
+                      type: string
+                    loadBalancerIPs:
+                      description: LoadBalancerIPs, request given IPs from the pool
+                        if available. Using a list to allow dual stack (IPv4/IPv6)
+                        support
+                      items:
+                        type: string
+                      type: array
+                    sharedIP:
+                      default: true
+                      description: SharedIP if true, VIP/VIPs get shared with multiple
+                        services
+                      type: boolean
+                  required:
+                  - ipAddressPool
+                  type: object
+                type: array
               networkAttachments:
-                description: Networks list of NetworkAttachment to expose the services
-                  to
+                description: NetworkAttachments is a list of NetworkAttachment resource
+                  names to expose the services to the given network
                 items:
                   type: string
                 type: array
@@ -271,11 +305,12 @@ spec:
                 description: Map of hashes to track e.g. job status
                 type: object
               networkAttachments:
-                description: NetworkAttachments in addtion to the cluster network,
-                  the service is attached to
-                items:
-                  type: string
-                type: array
+                additionalProperties:
+                  items:
+                    type: string
+                  type: array
+                description: NetworkAttachments status of the deployment pods
+                type: object
               readyCount:
                 description: ReadyCount of keystone API instances
                 format: int32

api/go.mod

@@ -67,3 +67,5 @@ require (
 	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
 	sigs.k8s.io/yaml v1.3.0 // indirect
 )
+
+replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20230213111010-7458e283a386

api/go.sum

@@ -221,8 +221,6 @@ github.com/onsi/ginkgo/v2 v2.6.0 h1:9t9b9vRUbFq3C4qKFCGkVuq/fIHji802N1nrtkh1mNc=
 github.com/onsi/gomega v1.24.1 h1:KORJXNNTzJXzu4ScJWssJfJMnJ+2QJqhoQSRwNlze9E=
 github.com/openshift/api v3.9.0+incompatible h1:fJ/KsefYuZAjmrr3+5U9yZIZbTOpVkDDLDLFresAeYs=
 github.com/openshift/api v3.9.0+incompatible/go.mod h1:dh9o4Fs58gpFXGSYfnVxGR9PnV53I8TW84pQaJDdGiY=
-github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230208113903-f7b52e2a2ccb h1:GL2gr48Uj07HAR4m4iShujzCrHwy/vH78FIKKjgtIR0=
-github.com/openstack-k8s-operators/lib-common/modules/common v0.0.0-20230208113903-f7b52e2a2ccb/go.mod h1:qV9OlokZRpqbHI3lmeN5EOmIKynWphw6GPl3zP9KOGM=
 github.com/openstack-k8s-operators/lib-common/modules/openstack v0.0.0-20230208113903-f7b52e2a2ccb h1:J4/Q3K0zkdUwtTRcXaxvoMK+ZgggxVtNjzEvqBu/siQ=
 github.com/openstack-k8s-operators/lib-common/modules/openstack v0.0.0-20230208113903-f7b52e2a2ccb/go.mod h1:9tj29SmyP9izLIEKj5E44F7M7a82UwcPdIufc3MQpcY=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -278,6 +276,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stuggi/lib-common/modules/common v0.0.0-20230213111010-7458e283a386 h1:ETecHuZuuw8JcV8ovdnygpi+RrW9UX7o2fymH9pUi4w=
+github.com/stuggi/lib-common/modules/common v0.0.0-20230213111010-7458e283a386/go.mod h1:+EDQmWZRA8ruHnWPcw9s/el3UMi6u4EZkcSe7dCQ50k=
 github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
 github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
 github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=

api/v1beta1/keystoneapi_types.go

@@ -127,8 +127,34 @@ type KeystoneAPISpec struct {
 	Resources corev1.ResourceRequirements `json:"resources,omitempty"`
 
 	// +kubebuilder:validation:Optional
-	// Networks list of NetworkAttachment to expose the services to
+	// NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network
 	NetworkAttachments []string `json:"networkAttachments"`
+
+	// +kubebuilder:validation:Optional
+	// ExternalEndpoints, expose a VIP using a pre-created IPAddressPool
+	ExternalEndpoints []MetalLBConfig `json:"externalEndpoints"`
+}
+
+// MetalLBConfig to configure the MetalLB loadbalancer service
+type MetalLBConfig struct {
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:validation:Enum=admin;internal;public
+	// Endpoint, OpenStack endpoint this service maps to
+	Endpoint endpoint.Endpoint `json:"endpoint"`
+
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:MinLength=1
+	// IPAddressPool expose VIP via MetalLB on the IPAddressPool
+	IPAddressPool string `json:"ipAddressPool"`
+
+	// +kubebuilder:validation:Optional
+	// +kubebuilder:default=true
+	// SharedIP if true, VIP/VIPs get shared with multiple services
+	SharedIP bool `json:"sharedIP"`
+
+	// +kubebuilder:validation:Optional
+	// LoadBalancerIPs, request given IPs from the pool if available. Using a list to allow dual stack (IPv4/IPv6) support
+	LoadBalancerIPs []string `json:"loadBalancerIPs"`
 }
 
 // PasswordSelector to identify the DB and AdminUser password from the Secret
@@ -177,13 +203,13 @@ type KeystoneAPIStatus struct {
 	// Keystone Database Hostname
 	DatabaseHostname string `json:"databaseHostname,omitempty"`
 
-	// NetworkAttachments in addtion to the cluster network, the service is attached to
-	NetworkAttachments []string `json:"networkAttachments,omitempty"`
+	// NetworkAttachments status of the deployment pods
+	NetworkAttachments map[string][]string `json:"networkAttachments,omitempty"`
 }
 
 //+kubebuilder:object:root=true
 //+kubebuilder:subresource:status
-//+kubebuilder:printcolumn:name="NetworkAttachments",type="string",JSONPath=".status.networkAttachments",description="NetworkAttachments"
+//+kubebuilder:printcolumn:name="NetworkAttachments",type="string",JSONPath=".spec.networkAttachments",description="NetworkAttachments"
 //+kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.conditions[0].status",description="Status"
 //+kubebuilder:printcolumn:name="Message",type="string",JSONPath=".status.conditions[0].message",description="Message"
 

config/crd/bases/keystone.openstack.org_keystoneapis.yaml

@@ -17,7 +17,7 @@ spec:
   versions:
   - additionalPrinterColumns:
     - description: NetworkAttachments
-      jsonPath: .status.networkAttachments
+      jsonPath: .spec.networkAttachments
       name: NetworkAttachments
       type: string
     - description: Status
@@ -109,9 +109,43 @@ spec:
                   to add additional files. Those get added to the service config dir
                   in /etc/<service> . TODO: -> implement'
                 type: object
+              externalEndpoints:
+                description: ExternalEndpoints, expose a VIP using a pre-created IPAddressPool
+                items:
+                  description: MetalLBConfig to configure the MetalLB loadbalancer
+                    service
+                  properties:
+                    endpoint:
+                      description: Endpoint, OpenStack endpoint this service maps
+                        to
+                      enum:
+                      - admin
+                      - internal
+                      - public
+                      type: string
+                    ipAddressPool:
+                      description: IPAddressPool expose VIP via MetalLB on the IPAddressPool
+                      minLength: 1
+                      type: string
+                    loadBalancerIPs:
+                      description: LoadBalancerIPs, request given IPs from the pool
+                        if available. Using a list to allow dual stack (IPv4/IPv6)
+                        support
+                      items:
+                        type: string
+                      type: array
+                    sharedIP:
+                      default: true
+                      description: SharedIP if true, VIP/VIPs get shared with multiple
+                        services
+                      type: boolean
+                  required:
+                  - ipAddressPool
+                  type: object
+                type: array
               networkAttachments:
-                description: Networks list of NetworkAttachment to expose the services
-                  to
+                description: NetworkAttachments is a list of NetworkAttachment resource
+                  names to expose the services to the given network
                 items:
                   type: string
                 type: array
@@ -271,11 +305,12 @@ spec:
                 description: Map of hashes to track e.g. job status
                 type: object
               networkAttachments:
-                description: NetworkAttachments in addtion to the cluster network,
-                  the service is attached to
-                items:
-                  type: string
-                type: array
+                additionalProperties:
+                  items:
+                    type: string
+                  type: array
+                description: NetworkAttachments status of the deployment pods
+                type: object
               readyCount:
                 description: ReadyCount of keystone API instances
                 format: int32

config/rbac/role.yaml

@@ -65,6 +65,14 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - k8s.cni.cncf.io
+  resources:
+  - network-attachment-definitions
+  verbs:
+  - get
+  - list
+  - watch
 - apiGroups:
   - keystone.openstack.org
   resources: