From bd3b57cdbfc22c66d36cc35001b5a66d51c92b1e Mon Sep 17 00:00:00 2001 From: Mridul Gain Date: Fri, 3 Nov 2023 11:55:54 +0530 Subject: [PATCH] feat(AM-11741): protocol specification for slice gateway load balancer (#190) * feat(AM-11741): define protocol for gw svc type * feat(AM-11741): reconcilation logic for gateway service protocol * feat(AM-11741): provide gw protocol during cert generation * fix(AM-11741): webhook validation, env var & wsc reconciler * fix(): gwsvctype mistatch --------- Signed-off-by: Mridul Gain --- apis/controller/v1alpha1/sliceconfig_types.go | 4 ++ .../v1alpha1/workersliceconfig_types.go | 3 ++ .../v1alpha1/workerslicegateway_types.go | 13 +++-- .../controller.kubeslice.io_sliceconfigs.yaml | 7 +++ ...orker.kubeslice.io_workersliceconfigs.yaml | 6 +++ ...rker.kubeslice.io_workerslicegateways.yaml | 6 +++ service/kube_slice_resource_names.go | 9 ++-- service/mocks/IWorkerSliceGatewayService.go | 10 ++-- service/service_helper.go | 17 +++++++ service/slice_config_service.go | 14 ++---- service/slice_config_webhook_validation.go | 2 +- .../slice_config_webhook_validation_test.go | 11 ++++ service/vpn_key_rotation_service.go | 2 +- service/vpn_key_rotation_service_test.go | 4 +- service/worker_slice_config_service.go | 35 +++++++------ service/worker_slice_gateway_service.go | 50 +++++++++++++------ 16 files changed, 133 insertions(+), 60 deletions(-) diff --git a/apis/controller/v1alpha1/sliceconfig_types.go b/apis/controller/v1alpha1/sliceconfig_types.go index 1a80d105..ce16514d 100644 --- a/apis/controller/v1alpha1/sliceconfig_types.go +++ b/apis/controller/v1alpha1/sliceconfig_types.go @@ -85,6 +85,10 @@ type SliceGatewayServiceType struct { //+kubebuilder:default:=NodePort //+kubebuilder:validation:Enum:=NodePort;LoadBalancer Type string `json:"type"` + // +kubebuilder:validation:Required + //+kubebuilder:default:=UDP + //+kubebuilder:validation:Enum:=TCP;UDP + Protocol string `json:"protocol"` } // QOSProfile is the QOS Profile configuration from backend diff --git a/apis/worker/v1alpha1/workersliceconfig_types.go b/apis/worker/v1alpha1/workersliceconfig_types.go index 55125e1f..3215b929 100644 --- a/apis/worker/v1alpha1/workersliceconfig_types.go +++ b/apis/worker/v1alpha1/workersliceconfig_types.go @@ -62,6 +62,9 @@ type WorkerSliceGatewayProvider struct { //+kubebuilder:default:=NodePort //+kubebuilder:validation:Enum:=NodePort;LoadBalancer SliceGatewayServiceType string `json:"sliceGatewayServiceType,omitempty"` + //+kubebuilder:default:=UDP + //+kubebuilder:validation:Enum:=TCP;UDP + SliceGatewayProtocol string `json:"sliceGatewayProtocol,omitempty"` } // QOSProfile is the QOS Profile configuration from backend diff --git a/apis/worker/v1alpha1/workerslicegateway_types.go b/apis/worker/v1alpha1/workerslicegateway_types.go index 82820e62..51e5fa03 100644 --- a/apis/worker/v1alpha1/workerslicegateway_types.go +++ b/apis/worker/v1alpha1/workerslicegateway_types.go @@ -32,11 +32,14 @@ type WorkerSliceGatewaySpec struct { GatewayHostType string `json:"gatewayHostType,omitempty"` //+kubebuilder:default:=NodePort //+kubebuilder:validation:Enum:=NodePort;LoadBalancer - GatewayConnectivityType string `json:"gatewayConnectivityType,omitempty"` - GatewayCredentials GatewayCredentials `json:"gatewayCredentials,omitempty"` - LocalGatewayConfig SliceGatewayConfig `json:"localGatewayConfig,omitempty"` - RemoteGatewayConfig SliceGatewayConfig `json:"remoteGatewayConfig,omitempty"` - GatewayNumber int `json:"gatewayNumber,omitempty"` + GatewayConnectivityType string `json:"gatewayConnectivityType,omitempty"` + //+kubebuilder:default:=UDP + //+kubebuilder:validation:Enum:=TCP;UDP + GatewayProtocol string `json:"gatewayProtocol,omitempty"` + GatewayCredentials GatewayCredentials `json:"gatewayCredentials,omitempty"` + LocalGatewayConfig SliceGatewayConfig `json:"localGatewayConfig,omitempty"` + RemoteGatewayConfig SliceGatewayConfig `json:"remoteGatewayConfig,omitempty"` + GatewayNumber int `json:"gatewayNumber,omitempty"` } type SliceGatewayConfig struct { diff --git a/config/crd/bases/controller.kubeslice.io_sliceconfigs.yaml b/config/crd/bases/controller.kubeslice.io_sliceconfigs.yaml index 39adb202..35fa8ac9 100644 --- a/config/crd/bases/controller.kubeslice.io_sliceconfigs.yaml +++ b/config/crd/bases/controller.kubeslice.io_sliceconfigs.yaml @@ -164,6 +164,12 @@ spec: properties: cluster: type: string + protocol: + default: UDP + enum: + - TCP + - UDP + type: string type: default: NodePort enum: @@ -172,6 +178,7 @@ spec: type: string required: - cluster + - protocol - type type: object type: array diff --git a/config/crd/bases/worker.kubeslice.io_workersliceconfigs.yaml b/config/crd/bases/worker.kubeslice.io_workersliceconfigs.yaml index e497fdb3..7a618e54 100644 --- a/config/crd/bases/worker.kubeslice.io_workersliceconfigs.yaml +++ b/config/crd/bases/worker.kubeslice.io_workersliceconfigs.yaml @@ -117,6 +117,12 @@ spec: sliceCaType: default: Local type: string + sliceGatewayProtocol: + default: UDP + enum: + - TCP + - UDP + type: string sliceGatewayServiceType: default: NodePort enum: diff --git a/config/crd/bases/worker.kubeslice.io_workerslicegateways.yaml b/config/crd/bases/worker.kubeslice.io_workerslicegateways.yaml index fc78c8c7..8266a588 100644 --- a/config/crd/bases/worker.kubeslice.io_workerslicegateways.yaml +++ b/config/crd/bases/worker.kubeslice.io_workerslicegateways.yaml @@ -53,6 +53,12 @@ spec: type: string gatewayNumber: type: integer + gatewayProtocol: + default: UDP + enum: + - TCP + - UDP + type: string gatewayType: default: OpenVPN type: string diff --git a/service/kube_slice_resource_names.go b/service/kube_slice_resource_names.go index 03932de3..244a043c 100644 --- a/service/kube_slice_resource_names.go +++ b/service/kube_slice_resource_names.go @@ -151,10 +151,11 @@ var ( ) const ( - serverGateway = "Server" - clientGateway = "Client" - workerSliceGatewayType = "OpenVPN" - defaultSliceGatewayServiceType = "NodePort" + serverGateway = "Server" + clientGateway = "Client" + workerSliceGatewayType = "OpenVPN" + defaultSliceGatewayServiceType = "NodePort" + defaultSliceGatewayServiceProtocol = "UDP" ) var ( diff --git a/service/mocks/IWorkerSliceGatewayService.go b/service/mocks/IWorkerSliceGatewayService.go index 51a827c7..602ed66b 100644 --- a/service/mocks/IWorkerSliceGatewayService.go +++ b/service/mocks/IWorkerSliceGatewayService.go @@ -72,13 +72,13 @@ func (_m *IWorkerSliceGatewayService) DeleteWorkerSliceGatewaysByLabel(ctx conte return r0 } -// GenerateCerts provides a mock function with given fields: ctx, sliceName, namespace, serverGateway, clientGateway, gatewayAddresses -func (_m *IWorkerSliceGatewayService) GenerateCerts(ctx context.Context, sliceName string, namespace string, serverGateway *workerv1alpha1.WorkerSliceGateway, clientGateway *workerv1alpha1.WorkerSliceGateway, gatewayAddresses util.WorkerSliceGatewayNetworkAddresses) error { - ret := _m.Called(ctx, sliceName, namespace, serverGateway, clientGateway, gatewayAddresses) +// GenerateCerts provides a mock function with given fields: ctx, sliceName, namespace, gatewayProtocol, serverGateway, clientGateway, gatewayAddresses +func (_m *IWorkerSliceGatewayService) GenerateCerts(ctx context.Context, sliceName string, namespace string, gatewayProtocol string, serverGateway *workerv1alpha1.WorkerSliceGateway, clientGateway *workerv1alpha1.WorkerSliceGateway, gatewayAddresses util.WorkerSliceGatewayNetworkAddresses) error { + ret := _m.Called(ctx, sliceName, namespace, gatewayProtocol, serverGateway, clientGateway, gatewayAddresses) var r0 error - if rf, ok := ret.Get(0).(func(context.Context, string, string, *workerv1alpha1.WorkerSliceGateway, *workerv1alpha1.WorkerSliceGateway, util.WorkerSliceGatewayNetworkAddresses) error); ok { - r0 = rf(ctx, sliceName, namespace, serverGateway, clientGateway, gatewayAddresses) + if rf, ok := ret.Get(0).(func(context.Context, string, string, string, *workerv1alpha1.WorkerSliceGateway, *workerv1alpha1.WorkerSliceGateway, util.WorkerSliceGatewayNetworkAddresses) error); ok { + r0 = rf(ctx, sliceName, namespace, gatewayProtocol, serverGateway, clientGateway, gatewayAddresses) } else { r0 = ret.Error(0) } diff --git a/service/service_helper.go b/service/service_helper.go index 61727e6c..092848a7 100644 --- a/service/service_helper.go +++ b/service/service_helper.go @@ -20,6 +20,7 @@ import ( "context" "time" + "github.com/kubeslice/kubeslice-controller/apis/controller/v1alpha1" "github.com/kubeslice/kubeslice-controller/util" "go.uber.org/zap" ctrl "sigs.k8s.io/controller-runtime" @@ -65,3 +66,19 @@ func RemoveWorkerFinalizers(ctx context.Context, object client.Object, workerFin } return result } + +// get Slice gateway service type for each cluster registered with given slice +func getSliceGwSvcTypes(sliceConfig *v1alpha1.SliceConfig) map[string]*v1alpha1.SliceGatewayServiceType { + var sliceGwSvcTypeMap = make(map[string]*v1alpha1.SliceGatewayServiceType) + for i := range sliceConfig.Spec.SliceGatewayProvider.SliceGatewayServiceType { + gwSvctype := &sliceConfig.Spec.SliceGatewayProvider.SliceGatewayServiceType[i] + if gwSvctype.Cluster == "*" { + for _, cluster := range sliceConfig.Spec.Clusters { + sliceGwSvcTypeMap[cluster] = gwSvctype + } + } else { + sliceGwSvcTypeMap[gwSvctype.Cluster] = gwSvctype + } + } + return sliceGwSvcTypeMap +} diff --git a/service/slice_config_service.go b/service/slice_config_service.go index 730ddd1f..5dbcb517 100644 --- a/service/slice_config_service.go +++ b/service/slice_config_service.go @@ -133,17 +133,9 @@ func (s *SliceConfigService) ReconcileSliceConfig(ctx context.Context, req ctrl. clusterCidr := util.FindCIDRByMaxClusters(sliceConfig.Spec.MaxClusters) completeResourceName := fmt.Sprintf(util.LabelValue, util.GetObjectKind(sliceConfig), sliceConfig.GetName()) ownershipLabel := util.GetOwnerLabel(completeResourceName) - // collect cluster wise slice gw svc info - var sliceGwSvcTypeMap = make(map[string]*v1alpha1.SliceGatewayServiceType) - for _, gwSvctype := range sliceConfig.Spec.SliceGatewayProvider.SliceGatewayServiceType { - if gwSvctype.Cluster == "*" { - for _, cluster := range sliceConfig.Spec.Clusters { - sliceGwSvcTypeMap[cluster] = &gwSvctype - } - } else { - sliceGwSvcTypeMap[gwSvctype.Cluster] = &gwSvctype - } - } + // collect slice gw svc info for given clusters + sliceGwSvcTypeMap := getSliceGwSvcTypes(sliceConfig) + clusterMap, err := s.ms.CreateMinimalWorkerSliceConfig(ctx, sliceConfig.Spec.Clusters, req.Namespace, ownershipLabel, sliceConfig.Name, sliceConfig.Spec.SliceSubnet, clusterCidr, sliceGwSvcTypeMap) if err != nil { return ctrl.Result{}, err diff --git a/service/slice_config_webhook_validation.go b/service/slice_config_webhook_validation.go index e313d3cf..e5f81cf7 100644 --- a/service/slice_config_webhook_validation.go +++ b/service/slice_config_webhook_validation.go @@ -391,7 +391,7 @@ func preventUpdate(ctx context.Context, sc *controllerv1alpha1.SliceConfig, old // check new config for _, new := range sc.Spec.SliceGatewayProvider.SliceGatewayServiceType { oldType, exists := gwSvcType[new.Cluster] - if exists && new.Type != oldType { + if exists && oldType != defaultSliceGatewayServiceType && new.Type != oldType { return field.Forbidden(field.NewPath("Spec").Child("SliceGatewayProvider").Child("SliceGatewayServiceType"), "update not allowed") } if !exists && new.Type != defaultSliceGatewayServiceType { diff --git a/service/slice_config_webhook_validation_test.go b/service/slice_config_webhook_validation_test.go index 5ba28282..5c4996a8 100644 --- a/service/slice_config_webhook_validation_test.go +++ b/service/slice_config_webhook_validation_test.go @@ -142,12 +142,23 @@ func UpdateValidateSliceConfig_SliceGatewayServiceType(t *testing.T) { Type: "NodePort", }, } + // loadbalancer to nodeport not allowed err := ValidateSliceConfigUpdate(ctx, newSliceConfig, runtime.Object(&oldSliceConfig)) require.NotNil(t, err) require.Contains(t, err.Error(), "Spec.SliceGatewayProvider.SliceGatewayServiceType: Forbidden:") require.Contains(t, err.Error(), "update not allowed") + + // err := ValidateSliceConfigUpdate(ctx, newSliceConfig, runtime.Object(&oldSliceConfig)) + oldSliceConfig.Spec.SliceGatewayProvider.SliceGatewayServiceType[0].Type = "NodePort" + newSliceConfig.Spec.SliceGatewayProvider.SliceGatewayServiceType[0].Type = "LoadBalancer" + err = ValidateSliceConfigUpdate(ctx, newSliceConfig, runtime.Object(&oldSliceConfig)) + require.NotNil(t, err) + require.NotContains(t, err.Error(), "Spec.SliceGatewayProvider.SliceGatewayServiceType: Forbidden:") + require.NotContains(t, err.Error(), "update not allowed") + clientMock.AssertExpectations(t) } + func CreateValidateProjectNamespaceDoesNotExist(t *testing.T) { name := "slice_config" namespace := "namespace" diff --git a/service/vpn_key_rotation_service.go b/service/vpn_key_rotation_service.go index 19780a32..7da8437c 100644 --- a/service/vpn_key_rotation_service.go +++ b/service/vpn_key_rotation_service.go @@ -356,7 +356,7 @@ func (v *VpnKeyRotationService) triggerJobsForCertCreation(ctx context.Context, // contruct gw address gatewayAddresses := v.wsgs.BuildNetworkAddresses(s.Spec.SliceSubnet, gateway.Spec.LocalGatewayConfig.ClusterName, gateway.Spec.RemoteGatewayConfig.ClusterName, clusterMap, clusterCidr) // call GenerateCerts() - if err := v.wsgs.GenerateCerts(ctx, s.Name, s.Namespace, &gateway, cl, gatewayAddresses); err != nil { + if err := v.wsgs.GenerateCerts(ctx, s.Name, s.Namespace, gateway.Spec.GatewayProtocol, &gateway, cl, gatewayAddresses); err != nil { return err } } diff --git a/service/vpn_key_rotation_service_test.go b/service/vpn_key_rotation_service_test.go index 2e98ee9f..e302849d 100644 --- a/service/vpn_key_rotation_service_test.go +++ b/service/vpn_key_rotation_service_test.go @@ -589,7 +589,7 @@ func runReconcileVpnKeyRotationConfig(t *testing.T, tc *reconcileVpnKeyRotationC wg.On("BuildNetworkAddresses", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(gwAddress).Once() - wg.On("GenerateCerts", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(nil).Once() + wg.On("GenerateCerts", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(nil).Once() clientMock. On("Update", tc.updateArg1, tc.updateArg2).Return(tc.updateRet1).Once() @@ -1103,7 +1103,7 @@ func runTriggerJobsForCertCreation(t *testing.T, tc triggerJobsForCertCreationTe wg.On("BuildNetworkAddresses", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(gwAddress).Once() - wg.On("GenerateCerts", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(tc.generateCertsRet1).Once() + wg.On("GenerateCerts", mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything, mock.Anything).Return(tc.generateCertsRet1).Once() gotResp := vpn.triggerJobsForCertCreation(ctx, tc.arg1, tc.arg2) require.Equal(t, gotResp, tc.expectedResp) diff --git a/service/worker_slice_config_service.go b/service/worker_slice_config_service.go index 4676faca..f1bbe45e 100644 --- a/service/worker_slice_config_service.go +++ b/service/worker_slice_config_service.go @@ -212,21 +212,18 @@ outer: logger.With(zap.Error(err)).Errorf("Failed to deep copy external gateway configuration") } - // Reconcile Slice gateway service type - sliceGatewayProvider := workerv1alpha1.WorkerSliceGatewayProvider{ - SliceGatewayType: sliceConfig.Spec.SliceGatewayProvider.SliceGatewayType, - SliceCaType: sliceConfig.Spec.SliceGatewayProvider.SliceCaType, - } - gwSvcTypePresent := false - for _, gwSvcType := range sliceConfig.Spec.SliceGatewayProvider.SliceGatewayServiceType { - if gwSvcType.Cluster == "*" || gwSvcType.Cluster == workerSliceConfig.Labels["worker-cluster"] { - sliceGatewayProvider.SliceGatewayServiceType = gwSvcType.Type - gwSvcTypePresent = true - } - } - if !gwSvcTypePresent { - sliceGatewayProvider.SliceGatewayServiceType = defaultSliceGatewayServiceType + // determine Slice gateway service type + sliceGwSvcTypeMap := getSliceGwSvcTypes(sliceConfig) + sliceGwSvcType := defaultSliceGatewayServiceType + sliceGwSvcProtocol := defaultSliceGatewayServiceProtocol + cluster := workerSliceConfig.Labels["worker-cluster"] + if val, exists := sliceGwSvcTypeMap[cluster]; exists { + sliceGwSvcType = val.Type + sliceGwSvcProtocol = val.Protocol } + logger.Debugf("wsc %s reconciler, sliceGwSvcType %s", workerSliceConfig.Name, sliceGwSvcType) + logger.Debugf("slicegwsvctype map in wsc %s", sliceGwSvcTypeMap) + logger.Debugf("wsc reconciler cluster %s, sliceGwProtocol %s", workerSliceConfig.Labels["worker-cluster"], sliceGwSvcProtocol) // Reconcile the Namespace Isolation Profile controllerIsolationProfile := sliceConfig.Spec.NamespaceIsolationProfile @@ -254,7 +251,8 @@ outer: } workerSliceConfig.Spec.ExternalGatewayConfig = externalGatewayConfig - workerSliceConfig.Spec.SliceGatewayProvider = sliceGatewayProvider + workerSliceConfig.Spec.SliceGatewayProvider.SliceGatewayServiceType = sliceGwSvcType + workerSliceConfig.Spec.SliceGatewayProvider.SliceGatewayProtocol = sliceGwSvcProtocol workerSliceConfig.Spec.NamespaceIsolationProfile = workerIsolationProfile workerSliceConfig.Spec.SliceName = sliceConfig.Name workerSliceConfig.Spec.Octet = octet @@ -307,9 +305,14 @@ func (s *WorkerSliceConfigService) CreateMinimalWorkerSliceConfig(ctx context.Co clusterSubnetCIDR := fmt.Sprintf(util.GetClusterPrefixPool(sliceSubnet, ipamOctet, clusterCidr)) // determine gw svc type sliceGwSvcType := defaultSliceGatewayServiceType + sliceGwSvcProtocol := defaultSliceGatewayServiceProtocol if val, exists := sliceGwSvcTypeMap[cluster]; exists { sliceGwSvcType = val.Type + sliceGwSvcProtocol = val.Protocol } + logger.Debugf("setting sliceGwSvcType in create_minwsc %s", sliceGwSvcType) + logger.Debugf("setting sliceGwProtocol in create_minwsc %s", sliceGwSvcProtocol) + if !found { label["project-namespace"] = namespace label["original-slice-name"] = name @@ -329,6 +332,7 @@ func (s *WorkerSliceConfigService) CreateMinimalWorkerSliceConfig(ctx context.Co expectedSlice.Spec.ClusterSubnetCIDR = clusterSubnetCIDR expectedSlice.Spec.SliceSubnet = sliceSubnet expectedSlice.Spec.SliceGatewayProvider.SliceGatewayServiceType = sliceGwSvcType + expectedSlice.Spec.SliceGatewayProvider.SliceGatewayProtocol = sliceGwSvcProtocol err = util.CreateResource(ctx, &expectedSlice) if err != nil { //Register an event for worker slice config creation failure @@ -362,6 +366,7 @@ func (s *WorkerSliceConfigService) CreateMinimalWorkerSliceConfig(ctx context.Co existingSlice.Spec.Octet = &ipamOctet existingSlice.Spec.ClusterSubnetCIDR = clusterSubnetCIDR existingSlice.Spec.SliceGatewayProvider.SliceGatewayServiceType = sliceGwSvcType + existingSlice.Spec.SliceGatewayProvider.SliceGatewayProtocol = sliceGwSvcProtocol logger.Debug("updating slice with new octet", existingSlice) if existingSlice.Annotations == nil { existingSlice.Annotations = make(map[string]string) diff --git a/service/worker_slice_gateway_service.go b/service/worker_slice_gateway_service.go index bb6f06a0..9ea74a7a 100644 --- a/service/worker_slice_gateway_service.go +++ b/service/worker_slice_gateway_service.go @@ -50,7 +50,7 @@ type IWorkerSliceGatewayService interface { ListWorkerSliceGateways(ctx context.Context, ownerLabel map[string]string, namespace string) ([]v1alpha1.WorkerSliceGateway, error) DeleteWorkerSliceGatewaysByLabel(ctx context.Context, label map[string]string, namespace string) error NodeIpReconciliationOfWorkerSliceGateways(ctx context.Context, cluster *controllerv1alpha1.Cluster, namespace string) error - GenerateCerts(ctx context.Context, sliceName string, namespace string, + GenerateCerts(ctx context.Context, sliceName, namespace, gatewayProtocol string, serverGateway *v1alpha1.WorkerSliceGateway, clientGateway *v1alpha1.WorkerSliceGateway, gatewayAddresses util.WorkerSliceGatewayNetworkAddresses) error BuildNetworkAddresses(sliceSubnet, sourceClusterName, destinationClusterName string, @@ -207,21 +207,26 @@ func (s *WorkerSliceGatewayService) ReconcileWorkerSliceGateways(ctx context.Con logger.Infof("sliceConfig %v not found, returning from reconciler loop.", req.NamespacedName) return ctrl.Result{}, nil } - // reconcile gateway connectivity type + + // determine gateway connectivity type & gateway protocol var clusterName string if workerSliceGateway.Spec.GatewayHostType == serverGateway { clusterName = workerSliceGateway.Labels["worker-cluster"] } else { clusterName = workerSliceGateway.Labels["remote-cluster"] } + sliceGwSvcTypeMap := getSliceGwSvcTypes(sliceConfig) gatewayConnectivityType := defaultSliceGatewayServiceType - for _, gwSvcType := range sliceConfig.Spec.SliceGatewayProvider.SliceGatewayServiceType { - if gwSvcType.Cluster == "*" || gwSvcType.Cluster == clusterName { - gatewayConnectivityType = gwSvcType.Type - } + gatewayProtocol := defaultSliceGatewayServiceProtocol + if val, exists := sliceGwSvcTypeMap[clusterName]; exists { + gatewayConnectivityType = val.Type + gatewayProtocol = val.Protocol } workerSliceGateway.Spec.GatewayConnectivityType = gatewayConnectivityType - logger.Debugf("setting gwsvctype %s", workerSliceGateway.Spec.GatewayConnectivityType) + workerSliceGateway.Spec.GatewayProtocol = gatewayProtocol + logger.Debugf("setting gwConType in reconciler %s", workerSliceGateway.Spec.GatewayConnectivityType) + logger.Debugf("setting gwProto in reconciler %s", workerSliceGateway.Spec.GatewayProtocol) + workerSliceGateway.Spec.GatewayType = workerSliceGatewayType workerSliceGateway.UID = "" err = util.UpdateResource(ctx, workerSliceGateway) @@ -435,6 +440,7 @@ func (s *WorkerSliceGatewayService) createMinimumGatewaysIfNotExists(ctx context clusterNames []string, namespace string, ownerLabel map[string]string, clusterMap map[string]int, sliceSubnet string, clusterCidr string, sliceGwSvcTypeMap map[string]*controllerv1alpha1.SliceGatewayServiceType) (ctrl.Result, error) { noClusters := len(clusterNames) + logger := util.CtxLogger(ctx) clusterMapping := map[string]*controllerv1alpha1.Cluster{} for _, clusterName := range clusterNames { cluster := controllerv1alpha1.Cluster{} @@ -451,10 +457,14 @@ func (s *WorkerSliceGatewayService) createMinimumGatewaysIfNotExists(ctx context gatewayAddresses := s.BuildNetworkAddresses(sliceSubnet, sourceCluster.Name, destinationCluster.Name, clusterMap, clusterCidr) // determine the gateway svc parameters sliceGwSvcType := defaultSliceGatewayServiceType + gwSvcProtocol := defaultSliceGatewayServiceProtocol if val, exists := sliceGwSvcTypeMap[sourceCluster.Name]; exists { sliceGwSvcType = val.Type + gwSvcProtocol = val.Protocol } - err := s.createMinimumGateWayPairIfNotExists(ctx, sourceCluster, destinationCluster, sliceName, namespace, sliceGwSvcType, ownerLabel, gatewayNumber, gatewayAddresses) + logger.Debugf("setting gwConType in create_minwsg %s", sliceGwSvcType) + logger.Debugf("setting gwProto in create_minwsg %s", gwSvcProtocol) + err := s.createMinimumGateWayPairIfNotExists(ctx, sourceCluster, destinationCluster, sliceName, namespace, sliceGwSvcType, gwSvcProtocol, ownerLabel, gatewayNumber, gatewayAddresses) if err != nil { return ctrl.Result{}, err } @@ -467,7 +477,7 @@ func (s *WorkerSliceGatewayService) createMinimumGatewaysIfNotExists(ctx context // createMinimumGateWayPairIfNotExists is a function to create the pair of gatways between 2 clusters if not exists func (s *WorkerSliceGatewayService) createMinimumGateWayPairIfNotExists(ctx context.Context, sourceCluster *controllerv1alpha1.Cluster, destinationCluster *controllerv1alpha1.Cluster, - sliceName, namespace, sliceGwSvcType string, label map[string]string, gatewayNumber int, + sliceName, namespace, gatewayConnType, gatewayProtocol string, label map[string]string, gatewayNumber int, gatewayAddresses util.WorkerSliceGatewayNetworkAddresses) error { serverGatewayName := fmt.Sprintf(gatewayName, sliceName, sourceCluster.Name, destinationCluster.Name) clientGatewayName := fmt.Sprintf(gatewayName, sliceName, destinationCluster.Name, sourceCluster.Name) @@ -499,7 +509,10 @@ func (s *WorkerSliceGatewayService) createMinimumGateWayPairIfNotExists(ctx cont WithNamespace(namespace). WithSlice(sliceName) - serverGatewayObject := s.buildMinimumGateway(sourceCluster, destinationCluster, sliceName, namespace, serverGateway, sliceGwSvcType, label, gatewayNumber, gatewayAddresses.ServerSubnet, gatewayAddresses.ServerVpnAddress, clientGatewayName, gatewayAddresses.ClientSubnet, gatewayAddresses.ClientVpnAddress, serverGatewayName) + serverGatewayObject := s.buildMinimumGateway(sourceCluster, destinationCluster, sliceName, namespace, + serverGateway, gatewayConnType, gatewayProtocol, label, gatewayNumber, + gatewayAddresses.ServerSubnet, gatewayAddresses.ServerVpnAddress, + clientGatewayName, gatewayAddresses.ClientSubnet, gatewayAddresses.ClientVpnAddress, serverGatewayName) err = util.CreateResource(ctx, serverGatewayObject) if err != nil { //Register an event for worker slice gateway creation failure @@ -524,7 +537,10 @@ func (s *WorkerSliceGatewayService) createMinimumGateWayPairIfNotExists(ctx cont "object_kind": metricKindWorkerSliceGateway, }, ) - clientGatewayObject := s.buildMinimumGateway(destinationCluster, sourceCluster, sliceName, namespace, clientGateway, sliceGwSvcType, label, gatewayNumber, gatewayAddresses.ClientSubnet, gatewayAddresses.ClientVpnAddress, serverGatewayName, gatewayAddresses.ServerSubnet, gatewayAddresses.ServerVpnAddress, clientGatewayName) + clientGatewayObject := s.buildMinimumGateway(destinationCluster, sourceCluster, sliceName, namespace, + clientGateway, gatewayConnType, gatewayProtocol, label, gatewayNumber, + gatewayAddresses.ClientSubnet, gatewayAddresses.ClientVpnAddress, + serverGatewayName, gatewayAddresses.ServerSubnet, gatewayAddresses.ServerVpnAddress, clientGatewayName) err = util.CreateResource(ctx, clientGatewayObject) if err != nil { //Register an event for worker slice gateway creation failure @@ -550,7 +566,7 @@ func (s *WorkerSliceGatewayService) createMinimumGateWayPairIfNotExists(ctx cont }, ) - err = s.GenerateCerts(ctx, sliceName, namespace, serverGatewayObject, clientGatewayObject, gatewayAddresses) + err = s.GenerateCerts(ctx, sliceName, namespace, gatewayProtocol, serverGatewayObject, clientGatewayObject, gatewayAddresses) if err != nil { return err } @@ -577,7 +593,7 @@ func (s *WorkerSliceGatewayService) BuildNetworkAddresses(sliceSubnet, sourceClu // buildMinimumGateway function returns the gateway object func (s *WorkerSliceGatewayService) buildMinimumGateway(sourceCluster, destinationCluster *controllerv1alpha1.Cluster, - sliceName, namespace, gatewayHostType, sliceGwSvcType string, labels map[string]string, gatewayNumber int, + sliceName, namespace, gatewayHostType, gatewayConnType, gatewayProtocol string, labels map[string]string, gatewayNumber int, gatewaySubnet, localVpnAddress, remoteGatewayName, remoteGatewaySubnet, remoteVpnAddress, localGatewayName string) *v1alpha1.WorkerSliceGateway { labels["worker-cluster"] = sourceCluster.Name labels["remote-cluster"] = destinationCluster.Name @@ -624,13 +640,14 @@ func (s *WorkerSliceGatewayService) buildMinimumGateway(sourceCluster, destinati }, GatewayHostType: gatewayHostType, GatewayNumber: gatewayNumber, - GatewayConnectivityType: sliceGwSvcType, + GatewayConnectivityType: gatewayConnType, + GatewayProtocol: gatewayProtocol, }, } } // generateCerts is a function to generate the certificates between serverGateway and clientGateway -func (s *WorkerSliceGatewayService) GenerateCerts(ctx context.Context, sliceName string, namespace string, +func (s *WorkerSliceGatewayService) GenerateCerts(ctx context.Context, sliceName, namespace, gatewayProtocol string, serverGateway *v1alpha1.WorkerSliceGateway, clientGateway *v1alpha1.WorkerSliceGateway, gatewayAddresses util.WorkerSliceGatewayNetworkAddresses) error { sliceConfig := &controllerv1alpha1.SliceConfig{} @@ -658,8 +675,9 @@ func (s *WorkerSliceGatewayService) GenerateCerts(ctx context.Context, sliceName WithNamespace(namespace). WithSlice(sliceName) - environment := make(map[string]string, 5) + environment := make(map[string]string, 6) environment["NAMESPACE"] = namespace + environment["GATEWAY_PROTOCOL"] = gatewayProtocol environment["SERVER_SLICEGATEWAY_NAME"] = serverGateway.Name environment["CLIENT_SLICEGATEWAY_NAME"] = clientGateway.Name environment["SLICE_NAME"] = sliceName