Skip to content

Commit

Permalink
Update horizon to use service override
Browse files Browse the repository at this point in the history
Removes creation of routes.Those get done in the openstack-operator.
Via service overrides the service can be customized. The service operator
adds annotation to the service which needs to be exposed as a route.

Jira: OSP-26690

Depends-On: openstack-k8s-operators/lib-common#332
  • Loading branch information
stuggi committed Sep 12, 2023
1 parent 4eae318 commit 0cc7bfe
Show file tree
Hide file tree
Showing 14 changed files with 497 additions and 170 deletions.
4 changes: 0 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -79,8 +79,6 @@ template:
preserveJobs: false
replicas: 1
resources: {}
route:
routeName: horizon
secret: osp-secret
```

Expand Down Expand Up @@ -110,8 +108,6 @@ template:
preserveJobs: false
replicas: 1
resources: {}
route:
routeName: horizon
secret: osp-secret
memcachedInstance: my-custom-memcached #<<-- Custom memcached instance supplied here.
```
Expand Down
200 changes: 174 additions & 26 deletions api/bases/horizon.openstack.org_horizons.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,180 @@ spec:
description: NodeSelector to target subset of worker nodes running
this service
type: object
override:
description: Override, provides the ability to override the generated
manifest of several child resources.
properties:
service:
additionalProperties:
description: RoutedOverrideSpec - a routed service override
configuration for the Service created to serve traffic to
the cluster. Allows for the manifest of the created Service
to be overwritten with custom configuration.
properties:
endpointURL:
type: string
metadata:
description: EmbeddedLabelsAnnotations is an embedded subset
of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta.
Only labels and annotations are included.
properties:
annotations:
additionalProperties:
type: string
description: 'Annotations is an unstructured key value
map stored with a resource that may be set by external
tools to store and retrieve arbitrary metadata. They
are not queryable and should be preserved when modifying
objects. More info: http://kubernetes.io/docs/user-guide/annotations'
type: object
labels:
additionalProperties:
type: string
description: 'Map of string keys and values that can
be used to organize and categorize (scope and select)
objects. May match selectors of replication controllers
and services. More info: http://kubernetes.io/docs/user-guide/labels'
type: object
type: object
spec:
description: OverrideServiceSpec is a subset of the fields
included in https://pkg.go.dev/k8s.io/[email protected]/core/v1#ServiceSpec
Limited to Type, SessionAffinity, LoadBalancerSourceRanges,
ExternalName, ExternalTrafficPolicy, SessionAffinityConfig,
IPFamilyPolicy, LoadBalancerClass and InternalTrafficPolicy
properties:
externalName:
description: externalName is the external reference
that discovery mechanisms will return as an alias
for this service (e.g. a DNS CNAME record). No proxying
will be involved. Must be a lowercase RFC-1123 hostname
(https://tools.ietf.org/html/rfc1123) and requires
`type` to be "ExternalName".
type: string
externalTrafficPolicy:
description: externalTrafficPolicy describes how nodes
distribute service traffic they receive on one of
the Service's "externally-facing" addresses (NodePorts,
ExternalIPs, and LoadBalancer IPs). If set to "Local",
the proxy will configure the service in a way that
assumes that external load balancers will take care
of balancing the service traffic between nodes, and
so each node will deliver traffic only to the node-local
endpoints of the service, without masquerading the
client source IP. (Traffic mistakenly sent to a node
with no endpoints will be dropped.) The default value,
"Cluster", uses the standard behavior of routing to
all endpoints evenly (possibly modified by topology
and other features). Note that traffic sent to an
External IP or LoadBalancer IP from within the cluster
will always get "Cluster" semantics, but clients sending
to a NodePort from within the cluster may need to
take traffic policy into account when picking a node.
type: string
internalTrafficPolicy:
description: InternalTrafficPolicy describes how nodes
distribute service traffic they receive on the ClusterIP.
If set to "Local", the proxy will assume that pods
only want to talk to endpoints of the service on the
same node as the pod, dropping the traffic if there
are no local endpoints. The default value, "Cluster",
uses the standard behavior of routing to all endpoints
evenly (possibly modified by topology and other features).
type: string
ipFamilyPolicy:
description: IPFamilyPolicy represents the dual-stack-ness
requested or required by this Service. If there is
no value provided, then this field will be set to
SingleStack. Services can be "SingleStack" (a single
IP family), "PreferDualStack" (two IP families on
dual-stack configured clusters or a single IP family
on single-stack clusters), or "RequireDualStack" (two
IP families on dual-stack configured clusters, otherwise
fail). The ipFamilies and clusterIPs fields depend
on the value of this field. This field will be wiped
when updating a service to type ExternalName.
type: string
loadBalancerClass:
description: loadBalancerClass is the class of the load
balancer implementation this Service belongs to. If
specified, the value of this field must be a label-style
identifier, with an optional prefix, e.g. "internal-vip"
or "example.com/internal-vip". Unprefixed names are
reserved for end-users. This field can only be set
when the Service type is 'LoadBalancer'. If not set,
the default load balancer implementation is used,
today this is typically done through the cloud provider
integration, but should apply for any default implementation.
If set, it is assumed that a load balancer implementation
is watching for Services with a matching class. Any
default load balancer implementation (e.g. cloud providers)
should ignore Services that set this field. This field
can only be set when creating or updating a Service
to type 'LoadBalancer'. Once set, it can not be changed.
This field will be wiped when a service is updated
to a non 'LoadBalancer' type.
type: string
loadBalancerSourceRanges:
description: 'If specified and supported by the platform,
this will restrict traffic through the cloud-provider
load-balancer will be restricted to the specified
client IPs. This field will be ignored if the cloud-provider
does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/'
items:
type: string
type: array
sessionAffinity:
description: 'Supports "ClientIP" and "None". Used to
maintain session affinity. Enable client IP based
session affinity. Must be ClientIP or None. Defaults
to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies'
type: string
sessionAffinityConfig:
description: sessionAffinityConfig contains the configurations
of session affinity.
properties:
clientIP:
description: clientIP contains the configurations
of Client IP based session affinity.
properties:
timeoutSeconds:
description: timeoutSeconds specifies the seconds
of ClientIP type session sticky time. The
value must be >0 && <=86400(for 1 day) if
ServiceAffinity == "ClientIP". Default value
is 10800(for 3 hours).
format: int32
type: integer
type: object
type: object
type:
description: 'type determines how the Service is exposed.
Defaults to ClusterIP. Valid options are ExternalName,
ClusterIP, NodePort, and LoadBalancer. "ClusterIP"
allocates a cluster-internal IP address for load-balancing
to endpoints. Endpoints are determined by the selector
or if that is not specified, by manual construction
of an Endpoints object or EndpointSlice objects. If
clusterIP is "None", no virtual IP is allocated and
the endpoints are published as a set of endpoints
rather than a virtual IP. "NodePort" builds on ClusterIP
and allocates a port on every node which routes to
the same endpoints as the clusterIP. "LoadBalancer"
builds on NodePort and creates an external load-balancer
(if supported in the current cloud) which routes to
the same endpoints as the clusterIP. "ExternalName"
aliases this service to the specified externalName.
Several other fields do not apply to ExternalName
services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types'
type: string
type: object
type: object
description: Override configuration for the Service created to
serve traffic to the cluster. The key must be the endpoint type
(public, internal)
type: object
type: object
preserveJobs:
default: false
description: PreserveJobs - do not delete jobs after they finished
Expand Down Expand Up @@ -143,32 +317,6 @@ spec:
to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
route:
description: HorizonRoute holds all of the necessary options for configuring
the Horizon Route object. This can be used to configure TLS TODO(bshephar)
Implement everything about this. It's just a placeholder at the
moment.
properties:
routeLocation:
description: TODO(bshephar) We need to implement TLS handling
here to secure the route
type: string
routeName:
default: horizon
type: string
routeTLSCA:
description: TODO(bshephar) We need to implement TLS handling
here to secure the route
type: string
routeTLSEnabled:
description: TODO(bshephar) We need to implement TLS handling
here to secure the route
type: string
routeTLSKey:
description: TODO(bshephar) We need to implement TLS handling
here to secure the route
type: string
type: object
secret:
description: Secret containing OpenStack password information for
Horizon Secret Key
Expand Down
4 changes: 4 additions & 0 deletions api/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -66,3 +66,7 @@ require (
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
)

replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20230911170028-26ca518cd865

replace github.com/openstack-k8s-operators/keystone-operator/api => github.com/stuggi/keystone-operator/api v0.0.0-20230912050541-29ec0f576466
4 changes: 2 additions & 2 deletions api/go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -222,8 +222,6 @@ github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRW
github.com/onsi/ginkgo/v2 v2.12.0 h1:UIVDowFPwpg6yMUpPjGkYvf06K3RAiJXUhCxEwQVHRI=
github.com/onsi/ginkgo/v2 v2.12.0/go.mod h1:ZNEzXISYlqpb8S36iN71ifqLi3vVD1rVJGvWRCJOUpQ=
github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI=
github.com/openstack-k8s-operators/lib-common/modules/common v0.1.1-0.20230824094610-976b18ca2875 h1:pj22n6PQy/XAmV5m6XaarMY6X1lvxAh16oVT5ZSVoNI=
github.com/openstack-k8s-operators/lib-common/modules/common v0.1.1-0.20230824094610-976b18ca2875/go.mod h1:Mqg9hyHpWPda62750vqmk5TajxP3zbYPDP1rtSH7mg0=
github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
Expand Down Expand Up @@ -278,6 +276,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/stuggi/lib-common/modules/common v0.0.0-20230911170028-26ca518cd865 h1:6KbPTZCQRwZ/dUKLkyyIaKjT2HcMQDqjEcBQjEPXRv0=
github.com/stuggi/lib-common/modules/common v0.0.0-20230911170028-26ca518cd865/go.mod h1:Mqg9hyHpWPda62750vqmk5TajxP3zbYPDP1rtSH7mg0=
github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=
Expand Down
42 changes: 12 additions & 30 deletions api/v1beta1/horizon_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
"fmt"

condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition"
"github.com/openstack-k8s-operators/lib-common/modules/common/service"
"github.com/openstack-k8s-operators/lib-common/modules/common/util"

corev1 "k8s.io/api/core/v1"
Expand Down Expand Up @@ -80,16 +81,21 @@ type HorizonSpec struct {
// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
Resources corev1.ResourceRequirements `json:"resources,omitempty"`

// +kubebuilder:validation:Optional
// HorizonRoute holds all of the necessary options for configuring the Horizon Route object.
// This can be used to configure TLS
//TODO(bshephar) Implement everything about this. It's just a placeholder at the moment.
Route HorizonRoute `json:"route,omitempty"`

// +kubebuilder:validation:Required
// +kubebuilder:default=memcached
// Memcached instance name.
MemcachedInstance string `json:"memcachedInstance"`

// +kubebuilder:validation:Optional
// Override, provides the ability to override the generated manifest of several child resources.
Override HorizionOverrideSpec `json:"override,omitempty"`
}

// HorizionOverrideSpec to override the generated manifest of several child resources.
type HorizionOverrideSpec struct {
// Override configuration for the Service created to serve traffic to the cluster.
// The key must be the endpoint type (public, internal)
Service map[string]service.RoutedOverrideSpec `json:"service,omitempty"`
}

// HorizonDebug can be used to enable debug in the Horizon service
Expand All @@ -100,30 +106,6 @@ type HorizonDebug struct {
Service bool `json:"service"`
}

// HorizonRoute is used to define all of the information for the OpenShift route
// todo(bshephar) implement
type HorizonRoute struct {
// +kubebuilder:validation:Optional
// +kubebuilder:default=horizon
RouteName string `json:"routeName"`

//TODO(bshephar) We need to implement TLS handling here to secure the route
// +kubebuilder:validation:Optional
RouteTLSEnabled string `json:"routeTLSEnabled,omitempty"`

//TODO(bshephar) We need to implement TLS handling here to secure the route
// +kubebuilder:validation:Optional
RouteTLSCA string `json:"routeTLSCA,omitempty"`

//TODO(bshephar) We need to implement TLS handling here to secure the route
// +kubebuilder:validation:Optional
RouteTLSKey string `json:"routeTLSKey,omitempty"`

//TODO(bshephar) We need to implement TLS handling here to secure the route
// +kubebuilder:validation:Optional
RouteLocation string `json:"routeLocation,omitempty"`
}

// HorizonStatus defines the observed state of Horizon
type HorizonStatus struct {
// ReadyCount of Horizon instances
Expand Down
Loading

0 comments on commit 0cc7bfe

Please sign in to comment.