remove controlplane CRUD mode

.github/dependabot.yml

@@ -32,10 +32,6 @@ updates:
     directory: "cmd/cl-go-dataplane"
     schedule:
       interval: "monthly"
-  - package-ecosystem: "docker"
-    directory: "cmd/gwctl"
-    schedule:
-      interval: "monthly"
   - package-ecosystem: "docker"
     directory: "cmd/cl-dataplane"
     schedule:

Makefile

@@ -116,7 +116,6 @@ codegen: controller-gen  ## Generate ClusterRole, CRDs and DeepCopyObject.
 
 cli-build:
 	@echo "Start go build phase"
-	$(GO) build -o $(BIN_DIR)/gwctl $(LD_FLAGS) ./cmd/gwctl
 	$(GO) build -o $(BIN_DIR)/clusterlink $(LD_FLAGS) ./cmd/clusterlink
 
 build: cli-build
@@ -129,19 +128,16 @@ docker-build: build
 	docker build --platform $(PLATFORMS) --progress=plain --rm --tag cl-controlplane -f ./cmd/cl-controlplane/Dockerfile .
 	docker build --platform $(PLATFORMS) --progress=plain --rm --tag cl-dataplane -f ./cmd/cl-dataplane/Dockerfile .
 	docker build --platform $(PLATFORMS) --progress=plain --rm --tag cl-go-dataplane -f ./cmd/cl-go-dataplane/Dockerfile .
-	docker build --platform $(PLATFORMS) --progress=plain --rm --tag gwctl -f ./cmd/gwctl/Dockerfile .
 	docker build --platform $(PLATFORMS) --progress=plain --rm --tag cl-operator -f ./cmd/cl-operator/Dockerfile .
 
 push-image: build
 	docker buildx build --platform $(PLATFORMS) --progress=plain --rm --tag $(IMAGE_BASE)/cl-controlplane:$(IMAGE_VERSION) --push -f ./cmd/cl-controlplane/Dockerfile .
 	docker buildx build --platform $(PLATFORMS) --progress=plain --rm --tag $(IMAGE_BASE)/cl-go-dataplane:$(IMAGE_VERSION) --push  -f ./cmd/cl-go-dataplane/Dockerfile .
 	docker buildx build --platform $(PLATFORMS) --progress=plain --rm --tag $(IMAGE_BASE)/cl-dataplane:$(IMAGE_VERSION) --push  -f ./cmd/cl-dataplane/Dockerfile .
 	docker buildx build --platform $(PLATFORMS) --progress=plain --rm --tag $(IMAGE_BASE)/cl-operator:$(IMAGE_VERSION) --push -f ./cmd/cl-operator/Dockerfile .
-	docker buildx build --platform $(PLATFORMS) --progress=plain --rm --tag $(IMAGE_BASE)/gwctl:$(IMAGE_VERSION) --push -f ./cmd/gwctl/Dockerfile .
 
 install:
 	mkdir -p ~/.local/bin
-	cp ./bin/gwctl ~/.local/bin/
 	cp ./bin/clusterlink ~/.local/bin/
 
 clean-tests:

cmd/cl-controlplane/app/server.go

@@ -34,14 +34,11 @@ import (
 	"github.com/clusterlink-net/clusterlink/pkg/controlplane/api"
 	"github.com/clusterlink-net/clusterlink/pkg/controlplane/authz"
 	"github.com/clusterlink-net/clusterlink/pkg/controlplane/control"
-	cprest "github.com/clusterlink-net/clusterlink/pkg/controlplane/rest"
 	"github.com/clusterlink-net/clusterlink/pkg/controlplane/xds"
-	"github.com/clusterlink-net/clusterlink/pkg/store/kv"
-	"github.com/clusterlink-net/clusterlink/pkg/store/kv/bolt"
 	"github.com/clusterlink-net/clusterlink/pkg/util/controller"
 	"github.com/clusterlink-net/clusterlink/pkg/util/grpc"
+	"github.com/clusterlink-net/clusterlink/pkg/util/http"
 	"github.com/clusterlink-net/clusterlink/pkg/util/log"
-	utilrest "github.com/clusterlink-net/clusterlink/pkg/util/rest"
 	"github.com/clusterlink-net/clusterlink/pkg/util/runnable"
 	"github.com/clusterlink-net/clusterlink/pkg/util/sniproxy"
 	"github.com/clusterlink-net/clusterlink/pkg/util/tls"
@@ -80,9 +77,6 @@ type Options struct {
 	LogFile string
 	// LogLevel is the log level.
 	LogLevel string
-	// CRDMode indicates a k8s CRD-based controlplane.
-	// This flag will be removed once the CRD-based controlplane feature is complete and stable.
-	CRDMode bool
 }
 
 // AddFlags adds flags to fs and binds them to options.
@@ -91,7 +85,6 @@ func (o *Options) AddFlags(fs *pflag.FlagSet) {
 		"Path to a file where logs will be written. If not specified, logs will be printed to stderr.")
 	fs.StringVar(&o.LogLevel, "log-level", logLevel,
 		"The log level. One of fatal, error, warn, info, debug.")
-	fs.BoolVar(&o.CRDMode, "crd-mode", false, "Run a CRD-based controlplane.")
 }
 
 // Run the various controlplane servers.
@@ -160,20 +153,17 @@ func (o *Options) Run() error {
 
 	managerOptions := manager.Options{
 		Cache: cache.Options{
-			ByObject: make(map[client.Object]cache.ByObject),
+			ByObject: map[client.Object]cache.ByObject{
+				&v1alpha1.Peer{}: {
+					Namespaces: map[string]cache.Config{
+						namespace: {},
+					},
+				},
+			},
 		},
 		Scheme: scheme,
 	}
 
-	// limit watch for v1alpha1.Peer and EndpointSlice to the namespace given by 'namespace'
-	if o.CRDMode {
-		managerOptions.Cache.ByObject[&v1alpha1.Peer{}] = cache.ByObject{
-			Namespaces: map[string]cache.Config{
-				namespace: {},
-			},
-		}
-	}
-
 	mgr, err := manager.New(config, managerOptions)
 	if err != nil {
 		return fmt.Errorf(
@@ -186,71 +176,34 @@ func (o *Options) Run() error {
 		grpcServerName: grpcServerAddress,
 	})
 
-	httpServer := utilrest.NewServer("controlplane-http", parsedCertData.ServerConfig())
+	httpServer := http.NewServer("controlplane-http", parsedCertData.ServerConfig())
 	grpcServer := grpc.NewServer("controlplane-grpc", parsedCertData.ServerConfig())
 
 	authzManager, err := authz.NewManager(parsedCertData, mgr.GetClient(), namespace)
 	if err != nil {
 		return fmt.Errorf("cannot create authorization manager: %w", err)
 	}
 
-	err = authz.CreateControllers(authzManager, mgr, o.CRDMode)
+	err = authz.CreateControllers(authzManager, mgr)
 	if err != nil {
 		return fmt.Errorf("cannot create authz controllers: %w", err)
 	}
 
-	authz.RegisterHandlers(authzManager, &httpServer.Server)
+	authz.RegisterHandlers(authzManager, httpServer)
 
-	controlManager := control.NewManager(mgr.GetClient(), parsedCertData, namespace, o.CRDMode)
+	controlManager := control.NewManager(mgr.GetClient(), parsedCertData, namespace)
 
-	err = control.CreateControllers(controlManager, mgr, o.CRDMode)
+	err = control.CreateControllers(controlManager, mgr)
 	if err != nil {
 		return fmt.Errorf("cannot create control controllers: %w", err)
 	}
 
-	xdsManager := xds.NewManager(o.CRDMode)
+	xdsManager := xds.NewManager()
 	xds.RegisterService(
 		context.Background(), xdsManager, grpcServer.GetGRPCServer())
 
-	if o.CRDMode {
-		err := xds.CreateControllers(xdsManager, mgr)
-		if err != nil {
-			return fmt.Errorf("cannot create xDS controllers: %w", err)
-		}
-	} else {
-		// open store
-		kvStore, err := bolt.Open(StoreFile)
-		if err != nil {
-			return err
-		}
-
-		defer func() {
-			if err := kvStore.Close(); err != nil {
-				logrus.Warnf("Cannot close store: %v.", err)
-			}
-		}()
-
-		storeManager := kv.NewManager(kvStore)
-
-		restManager, err := cprest.NewManager(
-			namespace, storeManager, xdsManager, authzManager, controlManager)
-		if err != nil {
-			return err
-		}
-
-		cprest.RegisterHandlers(restManager, httpServer)
-
-		authzManager.SetGetImportCallback(restManager.GetK8sImport)
-		authzManager.SetGetExportCallback(restManager.GetK8sExport)
-		authzManager.SetGetPeerCallback(restManager.GetK8sPeer)
-		controlManager.SetGetImportCallback(restManager.GetK8sImport)
-		controlManager.SetGetMergeImportListCallback(restManager.GetMergeImportList)
-		controlManager.SetPeerStatusCallback(func(pr *v1alpha1.Peer) {
-			restManager.UpdatePeerStatus(pr.Name, &pr.Status)
-		})
-		controlManager.SetExportStatusCallback(func(export *v1alpha1.Export) {
-			restManager.UpdateExportStatus(export.Name, &export.Status)
-		})
+	if err := xds.CreateControllers(xdsManager, mgr); err != nil {
+		return fmt.Errorf("cannot create xDS controllers: %w", err)
 	}
 
 	runnableManager := runnable.NewManager()

cmd/clusterlink/cmd/create/create_peer.go

@@ -95,24 +95,6 @@ func (o *PeerOptions) createDataplane(peerCert *bootstrap.Certificate) (*bootstr
 	return cert, nil
 }
 
-func (o *PeerOptions) createGWCTL(peerCert *bootstrap.Certificate) (*bootstrap.Certificate, error) {
-	cert, err := bootstrap.CreateGWCTLCertificate(peerCert)
-	if err != nil {
-		return nil, err
-	}
-
-	outDirectory := config.GWCTLDirectory(o.Name, o.Fabric, o.Path)
-	if err := os.Mkdir(outDirectory, 0o755); err != nil {
-		return nil, err
-	}
-
-	if err := o.saveCertificate(cert, outDirectory); err != nil {
-		return nil, err
-	}
-
-	return cert, nil
-}
-
 // Run the 'create peer-cert' subcommand.
 func (o *PeerOptions) Run() error {
 	if _, err := idna.Lookup.ToASCII(o.Name); err != nil {
@@ -151,10 +133,6 @@ func (o *PeerOptions) Run() error {
 		return err
 	}
 
-	if _, err := o.createGWCTL(peerCertificate); err != nil {
-		return err
-	}
-
 	return nil
 }
 

cmd/clusterlink/cmd/deploy/deploy_peer.go

@@ -78,9 +78,6 @@ type PeerOptions struct {
 	DataplaneType string
 	// LogLevel is the log level.
 	LogLevel string
-	// CRDMode indicates whether to run a k8s CRD-based controlplane.
-	// This flag will be removed once the CRD-based controlplane feature is complete and stable.
-	CRDMode bool
 }
 
 // NewCmdDeployPeer returns a cobra.Command to run the 'deploy peer' subcommand.
@@ -135,7 +132,6 @@ func (o *PeerOptions) AddFlags(fs *pflag.FlagSet) {
 	fs.Uint16Var(&o.DataplaneReplicas, "dataplane-replicas", 1, "Number of dataplanes.")
 	fs.StringVar(&o.LogLevel, "log-level", "info",
 		"The log level. One of fatal, error, warn, info, debug.")
-	fs.BoolVar(&o.CRDMode, "crd-mode", false, "Run a CRD-based controlplane.")
 }
 
 // RequiredFlags are the names of flags that must be explicitly specified.
@@ -181,25 +177,17 @@ func (o *PeerOptions) Run() error {
 		return err
 	}
 
-	gwctlCert, err := bootstrap.ReadCertificates(
-		config.GWCTLDirectory(o.Name, o.Fabric, o.Path), true)
-	if err != nil {
-		return err
-	}
-
 	// Create k8s deployment YAML
 	platformCfg := &platform.Config{
 		Peer:                    o.Name,
 		FabricCertificate:       fabricCert,
 		PeerCertificate:         peerCertificate,
 		ControlplaneCertificate: controlplaneCert,
 		DataplaneCertificate:    dataplaneCert,
-		GWCTLCertificate:        gwctlCert,
 		Dataplanes:              o.DataplaneReplicas,
 		DataplaneType:           o.DataplaneType,
 		LogLevel:                o.LogLevel,
 		ContainerRegistry:       o.ContainerRegistry,
-		CRDMode:                 o.CRDMode,
 		Namespace:               o.Namespace,
 		IngressType:             o.Ingress,
 		IngressAnnotations:      o.IngressAnnotations,

cmd/clusterlink/config/config.go

@@ -24,25 +24,15 @@ const (
 	CertificateFileName = "cert.pem"
 	// DefaultFabric is the default fabric name.
 	DefaultFabric = "default_fabric"
-	// DockerRunFile is the filename of the docker-run script.
-	DockerRunFile = "docker-run.sh"
-	// GWCTLInitFile is the filename of the gwctl-init script.
-	GWCTLInitFile = "gwctl-init.sh"
 	// K8SYAMLFile is the filename of the kubernetes deployment yaml file.
 	K8SYAMLFile = "k8s.yaml"
-	// K8SSecretYAMLFile is the filename of the kubernetes secrets yaml file.
-	K8SSecretYAMLFile = "cl-secret.yaml" //nolint:gosec // G101(Potential hardcoded credentials): Enable secret usage in filenames.
 	// K8SClusterLinkInstanceYAMLFile is the filename of the ClusterLink instance CRD file that will use by the operator.
 	K8SClusterLinkInstanceYAMLFile = "cl-instance.yaml"
-	// PersistencyDirectoryName is the directory name containing container persisted files.
-	PersistencyDirectoryName = "persist"
 
 	// ControlplaneDirectoryName is the directory name containing controlplane server configuration.
 	ControlplaneDirectoryName = "controlplane"
 	// DataplaneDirectoryName is the directory name containing dataplane server configuration.
 	DataplaneDirectoryName = "dataplane"
-	// GWCTLDirectoryName is the directory name containing gwctl certificates.
-	GWCTLDirectoryName = "gwctl"
 
 	// GHCR is the path to the GitHub container registry.
 	GHCR = "ghcr.io/clusterlink-net"
@@ -70,11 +60,6 @@ func DataplaneDirectory(peer, fabric, path string) string {
 	return filepath.Join(PeerDirectory(peer, fabric, path), DataplaneDirectoryName)
 }
 
-// GWCTLDirectory returns the path for a gwctl instance.
-func GWCTLDirectory(peer, fabric, path string) string {
-	return filepath.Join(PeerDirectory(peer, fabric, path), GWCTLDirectoryName)
-}
-
 // FabricCertificate returns the fabric certificate name.
 func FabricCertificate(name, path string) string {
 	return filepath.Join(FabricDirectory(name, path), CertificateFileName)