Skip to content

Commit

Permalink
Merge pull request openshift#1597 from pcrentsil/IngressEndpoint
Browse files Browse the repository at this point in the history
Ingress endpoint
  • Loading branch information
openshift-merge-robot authored Aug 8, 2022
2 parents c5df260 + 3227508 commit b5b6b91
Show file tree
Hide file tree
Showing 6 changed files with 86 additions and 3 deletions.
5 changes: 5 additions & 0 deletions api/v1alpha1/hostedcluster_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,11 @@ const (
// PortierisImageAnnotation is an annotation that allows the specification of the portieries component
// (performs container image verification).
PortierisImageAnnotation = "hypershift.openshift.io/portieris-image"
// Configure ingress controller with endpoint publishing strategy as Private.
// This overrides any opinionated strategy set by platform in ReconcileDefaultIngressController.
// It's used by IBM cloud to support ingress endpoint publishing strategy scope
// NOTE: We'll expose this in the API if the use case gets generalised.
PrivateIngressControllerAnnotation = "hypershift.openshift.io/private-ingress-controller"

// ClusterAPIProviderAWSImage overrides the CAPI AWS provider image to use for
// a HostedControlPlane.
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
package ingress

import (
configv1 "github.com/openshift/api/config/v1"
hyperv1 "github.com/openshift/hypershift/api/v1alpha1"
"github.com/openshift/hypershift/support/globalconfig"
)
Expand All @@ -9,16 +10,30 @@ type IngressParams struct {
IngressSubdomain string
Replicas int32
PlatformType hyperv1.PlatformType
IsPrivate bool
IBMCloudUPI bool
}

func NewIngressParams(hcp *hyperv1.HostedControlPlane) *IngressParams {
var replicas int32 = 1
isPrivate := false
ibmCloudUPI := false
if hcp.Spec.Platform.IBMCloud != nil && hcp.Spec.Platform.IBMCloud.ProviderType == configv1.IBMCloudProviderTypeUPI {
ibmCloudUPI = true
}
if hcp.Annotations[hyperv1.PrivateIngressControllerAnnotation] == "true" {
isPrivate = true
}
if hcp.Spec.InfrastructureAvailabilityPolicy == hyperv1.HighlyAvailable {
replicas = 2
}

return &IngressParams{
IngressSubdomain: globalconfig.IngressDomain(hcp),
Replicas: replicas,
PlatformType: hcp.Spec.Platform.Type,
IsPrivate: isPrivate,
IBMCloudUPI: ibmCloudUPI,
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import (
"github.com/openshift/hypershift/control-plane-operator/hostedclusterconfigoperator/controllers/resources/manifests"
)

func ReconcileDefaultIngressController(ingressController *operatorv1.IngressController, ingressSubdomain string, platformType hyperv1.PlatformType, replicas int32, isIBMCloudUPI bool) error {
func ReconcileDefaultIngressController(ingressController *operatorv1.IngressController, ingressSubdomain string, platformType hyperv1.PlatformType, replicas int32, isIBMCloudUPI bool, isPrivate bool) error {
ingressController.Spec.Domain = ingressSubdomain
ingressController.Spec.EndpointPublishingStrategy = &operatorv1.EndpointPublishingStrategy{
Type: operatorv1.LoadBalancerServiceStrategyType,
Expand Down Expand Up @@ -65,6 +65,12 @@ func ReconcileDefaultIngressController(ingressController *operatorv1.IngressCont
Name: manifests.IngressDefaultIngressControllerCert().Name,
}
}
if isPrivate {
ingressController.Spec.EndpointPublishingStrategy = &operatorv1.EndpointPublishingStrategy{
Type: operatorv1.PrivateStrategyType,
Private: &operatorv1.PrivateStrategy{},
}
}
return nil
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ func TestReconcileDefaultIngressController(t *testing.T) {
inputPlatformType hyperv1.PlatformType
inputReplicas int32
inputIsIBMCloudUPI bool
inputIsPrivate bool
expectedIngressController *operatorv1.IngressController
}{
{
Expand All @@ -29,6 +30,7 @@ func TestReconcileDefaultIngressController(t *testing.T) {
inputPlatformType: hyperv1.IBMCloudPlatform,
inputReplicas: fakeInputReplicas,
inputIsIBMCloudUPI: true,
inputIsPrivate: false,
expectedIngressController: &operatorv1.IngressController{
ObjectMeta: manifests.IngressDefaultIngressController().ObjectMeta,
Spec: operatorv1.IngressControllerSpec{
Expand Down Expand Up @@ -58,6 +60,7 @@ func TestReconcileDefaultIngressController(t *testing.T) {
inputPlatformType: hyperv1.IBMCloudPlatform,
inputReplicas: fakeInputReplicas,
inputIsIBMCloudUPI: false,
inputIsPrivate: false,
expectedIngressController: &operatorv1.IngressController{
ObjectMeta: manifests.IngressDefaultIngressController().ObjectMeta,
Spec: operatorv1.IngressControllerSpec{
Expand Down Expand Up @@ -87,6 +90,7 @@ func TestReconcileDefaultIngressController(t *testing.T) {
inputPlatformType: hyperv1.KubevirtPlatform,
inputReplicas: fakeInputReplicas,
inputIsIBMCloudUPI: false,
inputIsPrivate: false,
expectedIngressController: &operatorv1.IngressController{
ObjectMeta: manifests.IngressDefaultIngressController().ObjectMeta,
Spec: operatorv1.IngressControllerSpec{
Expand All @@ -108,6 +112,7 @@ func TestReconcileDefaultIngressController(t *testing.T) {
inputPlatformType: hyperv1.NonePlatform,
inputReplicas: fakeInputReplicas,
inputIsIBMCloudUPI: false,
inputIsPrivate: false,
expectedIngressController: &operatorv1.IngressController{
ObjectMeta: manifests.IngressDefaultIngressController().ObjectMeta,
Spec: operatorv1.IngressControllerSpec{
Expand All @@ -129,6 +134,7 @@ func TestReconcileDefaultIngressController(t *testing.T) {
inputPlatformType: hyperv1.AWSPlatform,
inputReplicas: fakeInputReplicas,
inputIsIBMCloudUPI: false,
inputIsPrivate: false,
expectedIngressController: &operatorv1.IngressController{
ObjectMeta: manifests.IngressDefaultIngressController().ObjectMeta,
Spec: operatorv1.IngressControllerSpec{
Expand All @@ -143,11 +149,61 @@ func TestReconcileDefaultIngressController(t *testing.T) {
},
},
},
{
name: "Private Publishing Strategy on IBM Cloud",
inputIngressController: manifests.IngressDefaultIngressController(),
inputIngressDomain: fakeIngressDomain,
inputPlatformType: hyperv1.IBMCloudPlatform,
inputReplicas: fakeInputReplicas,
inputIsIBMCloudUPI: false,
inputIsPrivate: true,
expectedIngressController: &operatorv1.IngressController{
ObjectMeta: manifests.IngressDefaultIngressController().ObjectMeta,
Spec: operatorv1.IngressControllerSpec{
Domain: fakeIngressDomain,
Replicas: &fakeInputReplicas,
EndpointPublishingStrategy: &operatorv1.EndpointPublishingStrategy{
Type: operatorv1.PrivateStrategyType,
Private: &operatorv1.PrivateStrategy{},
},
NodePlacement: &operatorv1.NodePlacement{
Tolerations: []corev1.Toleration{
{
Key: "dedicated",
Value: "edge",
},
},
},
},
},
},
{
name: "Private Publishing Strategy on other Platforms",
inputIngressController: manifests.IngressDefaultIngressController(),
inputIngressDomain: fakeIngressDomain,
inputReplicas: fakeInputReplicas,
inputIsIBMCloudUPI: false,
inputIsPrivate: true,
expectedIngressController: &operatorv1.IngressController{
ObjectMeta: manifests.IngressDefaultIngressController().ObjectMeta,
Spec: operatorv1.IngressControllerSpec{
Domain: fakeIngressDomain,
Replicas: &fakeInputReplicas,
EndpointPublishingStrategy: &operatorv1.EndpointPublishingStrategy{
Type: operatorv1.PrivateStrategyType,
Private: &operatorv1.PrivateStrategy{},
},
DefaultCertificate: &corev1.LocalObjectReference{
Name: manifests.IngressDefaultIngressControllerCert().Name,
},
},
},
},
}
for _, tc := range testsCases {
t.Run(tc.name, func(t *testing.T) {
g := NewGomegaWithT(t)
err := ReconcileDefaultIngressController(tc.inputIngressController, tc.inputIngressDomain, tc.inputPlatformType, tc.inputReplicas, tc.inputIsIBMCloudUPI)
err := ReconcileDefaultIngressController(tc.inputIngressController, tc.inputIngressDomain, tc.inputPlatformType, tc.inputReplicas, tc.inputIsIBMCloudUPI, tc.inputIsPrivate)
g.Expect(err).To(BeNil())
g.Expect(tc.inputIngressController).To(BeEquivalentTo(tc.expectedIngressController))
})
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -626,7 +626,7 @@ func (r *reconciler) reconcileIngressController(ctx context.Context, hcp *hyperv
p := ingress.NewIngressParams(hcp)
ingressController := manifests.IngressDefaultIngressController()
if _, err := r.CreateOrUpdate(ctx, r.client, ingressController, func() error {
return ingress.ReconcileDefaultIngressController(ingressController, p.IngressSubdomain, p.PlatformType, p.Replicas, (hcp.Spec.Platform.IBMCloud != nil && hcp.Spec.Platform.IBMCloud.ProviderType == configv1.IBMCloudProviderTypeUPI))
return ingress.ReconcileDefaultIngressController(ingressController, p.IngressSubdomain, p.PlatformType, p.Replicas, p.IBMCloudUPI, p.IsPrivate)
}); err != nil {
errs = append(errs, fmt.Errorf("failed to reconcile default ingress controller: %w", err))
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1376,6 +1376,7 @@ func reconcileHostedControlPlane(hcp *hyperv1.HostedControlPlane, hcluster *hype
hyperv1.PortierisImageAnnotation,
hyperutil.DebugDeploymentsAnnotation,
hyperv1.DisableProfilingAnnotation,
hyperv1.PrivateIngressControllerAnnotation,
}
for _, key := range mirroredAnnotations {
val, hasVal := hcluster.Annotations[key]
Expand Down

0 comments on commit b5b6b91

Please sign in to comment.