Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configure Gateway Controller with Helm values #2158

Merged
merged 58 commits into from
May 24, 2023
Merged

Configure Gateway Controller with Helm values #2158

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
58 commits
Select commit Hold shift + click to select a range
b8260f4
Stub out the gatewayclass controller
Apr 14, 2023
d4ac434
Change the controller name
Apr 17, 2023
21a490d
Only register gwv1beta1
Apr 17, 2023
5bd6a65
Address PR feedback
Apr 19, 2023
87da237
Adds stub of Gateway Controller
missylbytes Apr 25, 2023
92725c3
cannot understand why the indexes are not working
missylbytes Apr 26, 2023
3a52d0e
some updates, want to do cleanup
missylbytes Apr 27, 2023
7b926b5
rebase and cleanup
missylbytes Apr 27, 2023
4840c92
Start adding deployer
Apr 26, 2023
c5d88ee
Flesh out tests
Apr 26, 2023
d9c6af1
Refactor into a "gatekeeper"
Apr 28, 2023
4cf2818
Integrate the gatekeeper into the gateway controller
Apr 28, 2023
42f8b92
Simplify the api
May 1, 2023
39a7168
Remove the creation of helm config until later
May 1, 2023
efe63fb
Remove use and rename package to gatekeeper
May 2, 2023
17dfe01
Add labels to apigateway
May 2, 2023
c88cf10
Manage ServiceAccount
May 2, 2023
64e9615
Manage Deployment
May 2, 2023
0b323e0
Add more to deployment
May 2, 2023
4c2f468
Update Helm Values
May 5, 2023
c240329
WIP fleshing out the gateway deployment upsert behavior
May 8, 2023
14e9d9f
Update role and service
May 9, 2023
ecfd8fb
Merge branch 'api-gateways' into NET-3661/gateway-manager
May 9, 2023
09297df
Fix merge conflicts
May 9, 2023
a5ae539
Round out tests
May 10, 2023
7f020a6
Add test for respecting replicas
May 10, 2023
d635633
Change the Gatekeeper New API and add comments for Upsert and Delete
May 11, 2023
c41bb23
implement joinResources
May 11, 2023
1dd3cfc
accept suggestions from @jm96441n
May 11, 2023
76f57c3
Use pointer receivers
May 11, 2023
0794d4d
Separate out mutator
May 11, 2023
d0a13fc
Update deployment correctly
May 12, 2023
16a12f1
Update Role and ServiceAccount
May 12, 2023
bb77bd4
Fix that silly linting error
May 12, 2023
899207c
Comments on HelmConfig
May 12, 2023
93256e6
Add Image to deployment
May 12, 2023
e206797
Add Gateway flags to inject-connect
May 18, 2023
8a33492
Pass through env vars
May 18, 2023
51cb68d
Add environment variables to the deployment template
May 18, 2023
dcc6d6c
Add conditional injection of environment variables
May 18, 2023
cfd398e
Add env vars back in
May 19, 2023
2870632
Merge branch 'api-gateways' into apigw/pass-in-helm-values
May 19, 2023
636e415
Fix up issues from merge
May 19, 2023
5a11863
Test default env vars
May 19, 2023
c9aa2c0
Test all of the env vars
May 20, 2023
c1fa879
Fix up more issues from merge
May 20, 2023
d9540f3
Merge branch 'api-gateways' into apigw/pass-in-helm-values
May 20, 2023
a34ea22
Pass in values to HelmConfig then to Controller
May 23, 2023
189bbf4
Just pass config in as a struct
May 23, 2023
673d84d
Add gateway-gatewayclass
May 23, 2023
1189974
Add gateway-gatewayclassconfig
May 23, 2023
76e0ce6
Add DeploymentSpec to GatewayClassConfig
May 23, 2023
46bad42
Remove deployment configuration settings from HelmConfig
May 23, 2023
62f9015
Remove BATs on deployment configuration
May 23, 2023
f3b0efb
Expand gatewayclassconfig
May 24, 2023
bb3297d
Set deployment replicas in test
May 24, 2023
c69da33
Place GatewayClassConfig in the crds/ dir
May 24, 2023
1739073
Update control-plane/api-gateway/gatekeeper/gatekeeper_test.go
May 24, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 30 additions & 8 deletions ...ul/templates/crd-gatewayclassconfigs.yaml → ...wayclassconfigs.consul.hashicorp.com.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
{{- if .Values.connectInject.enabled }}
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
Expand All @@ -7,12 +9,6 @@ metadata:
controller-gen.kubebuilder.io/version: v0.8.0
creationTimestamp: null
name: gatewayclassconfigs.consul.hashicorp.com
labels:
app: {{ template "consul.name" . }}
chart: {{ template "consul.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
component: crd
spec:
group: consul.hashicorp.com
names:
Expand Down Expand Up @@ -52,6 +48,33 @@ spec:
type: string
type: array
type: object
deployment:
description: Deployment defines the deployment configuration for the
gateway.
properties:
defaultInstances:
default: 1
description: Number of gateway instances that should be deployed
by default
format: int32
maximum: 8
minimum: 1
type: integer
maxInstances:
default: 8
description: Max allowed number of gateway instances
format: int32
maximum: 8
minimum: 1
type: integer
minInstances:
default: 1
description: Minimum allowed number of gateway instances
format: int32
maximum: 8
minimum: 1
type: integer
type: object
nodeSelector:
additionalProperties:
type: string
Expand Down Expand Up @@ -117,4 +140,3 @@ status:
plural: ""
conditions: []
storedVersions: []
{{- end }}
3 changes: 3 additions & 0 deletions charts/consul/crds/gatewayclasses.gateway.networking.k8s.io.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
Expand Down
3 changes: 3 additions & 0 deletions charts/consul/crds/gateways.gateway.networking.k8s.io.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
Expand Down
3 changes: 3 additions & 0 deletions charts/consul/crds/grpcroutes.gateway.networking.k8s.io.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
Expand Down
3 changes: 3 additions & 0 deletions charts/consul/crds/httproutes.gateway.networking.k8s.io.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
Expand Down
3 changes: 3 additions & 0 deletions charts/consul/crds/kustomization.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

# This file is Helm ignored. It it only used for the `make generate-external-crds` command.

apiVersion: kustomize.config.k8s.io/v1beta1
Expand Down
3 changes: 3 additions & 0 deletions charts/consul/crds/referencegrants.gateway.networking.k8s.io.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
Expand Down
3 changes: 3 additions & 0 deletions charts/consul/crds/tcproutes.gateway.networking.k8s.io.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
Expand Down
3 changes: 3 additions & 0 deletions charts/consul/crds/tlsroutes.gateway.networking.k8s.io.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
Expand Down
3 changes: 3 additions & 0 deletions charts/consul/crds/udproutes.gateway.networking.k8s.io.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
Expand Down
18 changes: 18 additions & 0 deletions charts/consul/templates/gateway-gatewayclass.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
{{- if (and .Values.connectInject.enabled .Values.connectInject.apiGateway.managedGatewayClass.enabled) }}
apiVersion: gateway.networking.k8s.io/v1beta1
kind: GatewayClass
metadata:
name: consul-api-gateway
labels:
app: {{ template "consul.name" . }}
chart: {{ template "consul.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
component: api-gateway-controller
spec:
controllerName: consul.hashicorp.com/consul-api-gateway-controller
parametersRef:
group: consul.hashicorp.com
kind: GatewayClassConfig
name: consul-api-gateway
{{- end }}
74 changes: 74 additions & 0 deletions charts/consul/templates/gateway-gatewayclassconfig.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
{{- if .Values.connectInject.enabled }}
---
apiVersion: consul.hashicorp.com/v1alpha1
kind: GatewayClassConfig
metadata:
name: consul-api-gateway
labels:
app: {{ template "consul.name" . }}
chart: {{ template "consul.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
component: api-gateway
spec:
{{- if .Values.apiGateway.enabled }} # Overide values from the old stanza. To be removed in 1.17 (t-eckert 2023-05-19)

{{- if .Values.apiGateway.managedGatewayClass.deployment }}
deployment:
{{- if .Values.apiGateway.managedGatewayClass.deployment.defaultInstances }}
defaultInstances: {{ .Values.apiGateway.managedGatewayClass.deployment.defaultInstances }}
{{- end}}
{{- if .Values.apiGateway.managedGatewayClass.deployment.maxInstances }}
maxInstances: {{ .Values.apiGateway.managedGatewayClass.deployment.maxInstances }}
{{- end}}
{{- if .Values.apiGateway.managedGatewayClass.deployment.minInstances }}
minInstances: {{ .Values.apiGateway.managedGatewayClass.deployment.minInstances }}
{{- end}}
{{- end}}
{{- if .Values.apiGateway.managedGatewayClass.nodeSelector }}
nodeSelector:
{{ tpl .Values.apiGateway.managedGatewayClass.nodeSelector . | indent 4 | trim }}
{{- end }}
{{- if .Values.apiGateway.managedGatewayClass.tolerations }}
tolerations:
{{ tpl .Values.apiGateway.managedGatewayClass.tolerations . | indent 4 | trim }}
{{- end }}
{{- if .Values.apiGateway.managedGatewayClass.copyAnnotations.service }}
copyAnnotations:
service:
{{ tpl .Values.apiGateway.managedGatewayClass.copyAnnotations.service.annotations . | nindent 6 | trim }}
{{- end }}
serviceType: {{ .Values.apiGateway.managedGatewayClass.serviceType }}

{{- else }}

{{- if .Values.connectInject.apiGateway.managedGatewayClass.deployment }}
deployment:
{{- if .Values.connectInject.apiGateway.managedGatewayClass.deployment.defaultInstances }}
defaultInstances: {{ .Values.connectInject.apiGateway.managedGatewayClass.deployment.defaultInstances }}
{{- end}}
{{- if .Values.connectInject.apiGateway.managedGatewayClass.deployment.maxInstances }}
maxInstances: {{ .Values.connectInject.apiGateway.managedGatewayClass.deployment.maxInstances }}
{{- end}}
{{- if .Values.connectInject.apiGateway.managedGatewayClass.deployment.minInstances }}
minInstances: {{ .Values.connectInject.apiGateway.managedGatewayClass.deployment.minInstances }}
{{- end}}
{{- end}}
{{- if .Values.connectInject.apiGateway.managedGatewayClass.nodeSelector }}
nodeSelector:
{{ tpl .Values.connectInject.apiGateway.managedGatewayClass.nodeSelector . | indent 4 | trim }}
{{- end }}
{{- if .Values.connectInject.apiGateway.managedGatewayClass.tolerations }}
tolerations:
{{ tpl .Values.connectInject.apiGateway.managedGatewayClass.tolerations . | indent 4 | trim }}
{{- end }}
{{- if .Values.connectInject.apiGateway.managedGatewayClass.copyAnnotations.service }}
copyAnnotations:
service:
{{ tpl .Values.connectInject.apiGateway.managedGatewayClass.copyAnnotations.service.annotations . | nindent 6 | trim }}
{{- end }}
serviceType: {{ .Values.connectInject.apiGateway.managedGatewayClass.serviceType }}

{{- end }}

{{- end }}
1 change: 1 addition & 0 deletions charts/consul/test/unit/connect-inject-deployment.bats
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2436,3 +2436,4 @@ reservedNameTest() {
jq -r '. | select( .name == "CONSUL_TLS_SERVER_NAME").value' | tee /dev/stderr)
[ "${actual}" = "server.dc1.consul" ]
}

29 changes: 29 additions & 0 deletions charts/consul/test/unit/gateway-gatewayclass.bats
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#!/usr/bin/env bats

load _helpers

@test "apiGateway/GatewayClass: enabled by default" {
cd `chart_dir`
local actual=$(helm template \
-s templates/gateway-gatewayclass.yaml \
. | tee /dev/stderr |
yq 'length > 0' | tee /dev/stderr)
[ "${actual}" = "true" ]
}

@test "apiGateway/GatewayClass: disabled with connectInject.enabled" {
cd `chart_dir`
assert_empty helm template \
-s templates/gateway-gatewayclass.yaml \
--set 'connectInject.enabled=false' \
.
}

@test "apiGateway/GatewayClass: disabled with connectInject.apiGateway.managedGatewayClass.enabled" {
cd `chart_dir`
assert_empty helm template \
-s templates/gateway-gatewayclass.yaml \
--set 'connectInject.apiGateway.managedGatewayClass.enabled=false' \
.
}

117 changes: 117 additions & 0 deletions charts/consul/test/unit/gateway-gatewayclassconfig.bats
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,117 @@
#!/usr/bin/env bats

load _helpers

@test "apiGateway/GatewayClassConfig: enabled by default" {
cd `chart_dir`
local actual=$(helm template \
-s templates/gateway-gatewayclassconfig.yaml \
. | tee /dev/stderr |
yq 'length > 0' | tee /dev/stderr)
[ "${actual}" = "true" ]
}

@test "apiGateway/GatewayClassConfig: disabled with connectInject.enabled" {
cd `chart_dir`
assert_empty helm template \
-s templates/gateway-gatewayclassconfig.yaml \
--set 'connectInject.enabled=false' \
.
}

#--------------------------------------------------------------------
# fallback configuration
# to be removed in 1.17 (t-eckert 2023-05-23)

@test "apiGateway/GatewayClassConfig: fallback configuration is used when apiGateway.enabled is true" {
cd `chart_dir`
local spec=$(helm template \
-s templates/gateway-gatewayclassconfig.yaml \
--set 'apiGateway.enabled=true' \
--set 'apiGateway.image=testing' \
--set 'apiGateway.managedGatewayClass.nodeSelector=foo: bar' \
--set 'apiGateway.managedGatewayClass.tolerations=- key: bar' \
--set 'apiGateway.managedGatewayClass.copyAnnotations.service.annotations=- bingo' \
--set 'apiGateway.managedGatewayClass.serviceType=LoadBalancer' \
. | tee /dev/stderr |
yq '.spec' | tee /dev/stderr)

local actual=$(echo "$spec" |
jq -r '.nodeSelector.foo')
[ "${actual}" = "bar" ]

local actual=$(echo "$spec" |
jq -r '.tolerations[0].key')
[ "${actual}" = "bar" ]

local actual=$(echo "$spec" |
jq -r '.copyAnnotations.service[0]')
[ "${actual}" = "bingo" ]

local actual=$(echo "$spec" |
jq -r '.serviceType')
[ "${actual}" = "LoadBalancer" ]
}

#--------------------------------------------------------------------
# configuration

@test "apiGateway/GatewayClassConfig: default configuration" {
cd `chart_dir`
local spec=$(helm template \
-s templates/gateway-gatewayclassconfig.yaml \
. | tee /dev/stderr |
yq '.spec' | tee /dev/stderr)

local actual=$(echo "$spec" |
jq -r '.deployment.defaultInstances')
[ "${actual}" = 1 ]

local actual=$(echo "$spec" |
jq -r '.deployment.maxInstances')
[ "${actual}" = 1 ]

local actual=$(echo "$spec" |
jq -r '.deployment.minInstances')
[ "${actual}" = 1 ]
}

@test "apigateway/gatewayclassconfig: custom configuration" {
cd `chart_dir`
local spec=$(helm template \
-s templates/gateway-gatewayclassconfig.yaml \
--set 'connectInject.apiGateway.managedGatewayClass.nodeSelector=foo: bar' \
--set 'connectInject.apiGateway.managedGatewayClass.tolerations=- key: bar' \
--set 'connectInject.apiGateway.managedGatewayClass.copyAnnotations.service.annotations=- bingo' \
--set 'connectInject.apiGateway.managedGatewayClass.serviceType=LoadBalancer' \
. | tee /dev/stderr |
yq '.spec' | tee /dev/stderr)

local actual=$(echo "$spec" |
jq -r '.deployment.defaultInstances')
[ "${actual}" = "1" ]

local actual=$(echo "$spec" |
jq -r '.deployment.maxInstances')
[ "${actual}" = "1" ]

local actual=$(echo "$spec" |
jq -r '.deployment.minInstances')
[ "${actual}" = "1" ]

local actual=$(echo "$spec" |
jq -r '.nodeSelector.foo')
[ "${actual}" = "bar" ]

local actual=$(echo "$spec" |
jq -r '.tolerations[0].key')
[ "${actual}" = "bar" ]

local actual=$(echo "$spec" |
jq -r '.copyAnnotations.service[0]')
[ "${actual}" = "bingo" ]

local actual=$(echo "$spec" |
jq -r '.serviceType')
[ "${actual}" = "LoadBalancer" ]
}
Loading