From d8ee86360bbb03bbf5264a40cbbf0b30134ee4cd Mon Sep 17 00:00:00 2001 From: Adam Drew Date: Wed, 13 Mar 2024 11:36:07 -0400 Subject: [PATCH 1/2] feat(clowdapp): add sessionAffinity support for PublicWebService This commit introduces a new boolean field in the PublicWebService struct of the ClowdApp CRD. When set to true, this enables session affinity (ClientIP) for the corresponding Kubernetes service, ensuring that requests from the same client are routed to the same pod. --- .../v1alpha1/clowdapp_types.go | 3 + .../crd/bases/cloud.redhat.com_clowdapps.yaml | 4 ++ .../cloud.redhat.com/providers/web/impl.go | 5 ++ deploy-mutate.yml | 4 ++ deploy.yml | 4 ++ .../modules/ROOT/pages/api_reference.adoc | 1 + .../00-install.yaml | 7 ++ .../01-assert.yaml | 68 +++++++++++++++++++ .../01-pods.yaml | 56 +++++++++++++++ .../03-delete.yaml | 10 +++ 10 files changed, 162 insertions(+) create mode 100644 tests/kuttl/test-public-webservice-sessionaffinity/00-install.yaml create mode 100644 tests/kuttl/test-public-webservice-sessionaffinity/01-assert.yaml create mode 100644 tests/kuttl/test-public-webservice-sessionaffinity/01-pods.yaml create mode 100644 tests/kuttl/test-public-webservice-sessionaffinity/03-delete.yaml diff --git a/apis/cloud.redhat.com/v1alpha1/clowdapp_types.go b/apis/cloud.redhat.com/v1alpha1/clowdapp_types.go index 6bce93a7d..dcee14dd6 100644 --- a/apis/cloud.redhat.com/v1alpha1/clowdapp_types.go +++ b/apis/cloud.redhat.com/v1alpha1/clowdapp_types.go @@ -157,6 +157,9 @@ type PublicWebService struct { // WhitelistPaths define the paths that do not require authentication WhitelistPaths []string `json:"whitelistPaths,omitempty"` + + // Set SessionAffinity to true to enable sticky sessions + SessionAffinity bool `json:"sessionAffinity,omitempty"` } // AppProtocol is used to define an appProtocol for Istio diff --git a/config/crd/bases/cloud.redhat.com_clowdapps.yaml b/config/crd/bases/cloud.redhat.com_clowdapps.yaml index 1d8639ea8..e1360e923 100644 --- a/config/crd/bases/cloud.redhat.com_clowdapps.yaml +++ b/config/crd/bases/cloud.redhat.com_clowdapps.yaml @@ -3172,6 +3172,10 @@ spec: the public service and provide the configuration in the cdappconfig. type: boolean + sessionAffinity: + description: Set SessionAffinity to true to enable sticky + sessions + type: boolean whitelistPaths: description: WhitelistPaths define the paths that do not require authentication diff --git a/controllers/cloud.redhat.com/providers/web/impl.go b/controllers/cloud.redhat.com/providers/web/impl.go index ba3f62954..92c05e548 100644 --- a/controllers/cloud.redhat.com/providers/web/impl.go +++ b/controllers/cloud.redhat.com/providers/web/impl.go @@ -108,6 +108,11 @@ func makeService(cache *rc.ObjectCache, deployment *crd.Deployment, app *crd.Clo Protocol: core.ProtocolTCP, }, ) + + // Set session affinity if enabled + if deployment.WebServices.Public.SessionAffinity { + s.Spec.SessionAffinity = core.ServiceAffinityClientIP + } } var pub, priv bool diff --git a/deploy-mutate.yml b/deploy-mutate.yml index 59cf6b202..77e9b9380 100644 --- a/deploy-mutate.yml +++ b/deploy-mutate.yml @@ -3254,6 +3254,10 @@ objects: the public service and provide the configuration in the cdappconfig. type: boolean + sessionAffinity: + description: Set SessionAffinity to true to enable + sticky sessions + type: boolean whitelistPaths: description: WhitelistPaths define the paths that do not require authentication diff --git a/deploy.yml b/deploy.yml index 1e4ae9788..766d6ab6c 100644 --- a/deploy.yml +++ b/deploy.yml @@ -3254,6 +3254,10 @@ objects: the public service and provide the configuration in the cdappconfig. type: boolean + sessionAffinity: + description: Set SessionAffinity to true to enable + sticky sessions + type: boolean whitelistPaths: description: WhitelistPaths define the paths that do not require authentication diff --git a/docs/antora/modules/ROOT/pages/api_reference.adoc b/docs/antora/modules/ROOT/pages/api_reference.adoc index 176e6d6f2..080784847 100644 --- a/docs/antora/modules/ROOT/pages/api_reference.adoc +++ b/docs/antora/modules/ROOT/pages/api_reference.adoc @@ -1380,6 +1380,7 @@ PublicWebService is the definition of the public web service. There can be only | *`apiPath`* __string__ | (DEPRECATED, use apiPaths instead) Configures a path named '/api//' that this app will serve requests from. | *`apiPaths`* __xref:{anchor_prefix}-github-com-redhatinsights-clowder-apis-cloud-redhat-com-v1alpha1-apipath[$$APIPath$$] array__ | Defines a list of API paths (each matching format: "/api/some-path/") that this app will serve requests from. | *`whitelistPaths`* __string array__ | WhitelistPaths define the paths that do not require authentication +| *`sessionAffinity`* __boolean__ | Set SessionAffinity to true to enable sticky sessions |=== diff --git a/tests/kuttl/test-public-webservice-sessionaffinity/00-install.yaml b/tests/kuttl/test-public-webservice-sessionaffinity/00-install.yaml new file mode 100644 index 000000000..583426133 --- /dev/null +++ b/tests/kuttl/test-public-webservice-sessionaffinity/00-install.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: test-web-services-sessionaffinity +spec: + finalizers: + - kubernetes diff --git a/tests/kuttl/test-public-webservice-sessionaffinity/01-assert.yaml b/tests/kuttl/test-public-webservice-sessionaffinity/01-assert.yaml new file mode 100644 index 000000000..daf4414f8 --- /dev/null +++ b/tests/kuttl/test-public-webservice-sessionaffinity/01-assert.yaml @@ -0,0 +1,68 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: puptoo + namespace: test-web-services-sessionaffinity + labels: + app: puptoo + ownerReferences: + - apiVersion: cloud.redhat.com/v1alpha1 + kind: ClowdApp + name: puptoo +type: Opaque +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: puptoo-processor + namespace: test-web-services-sessionaffinity +spec: + template: + spec: + containers: + - env: + - name: ENV_VAR_1 + value: "env_var_1" + - name: ENV_VAR_2 + value: "env_var_2" + - name: ACG_CONFIG + value: /cdapp/cdappconfig.json +--- +apiVersion: v1 +kind: Service +metadata: + name: puptoo-processor + namespace: test-web-services-sessionaffinity +spec: + selector: + pod: puptoo-processor + sessionAffinity: ClientIP + ports: + - port: 8000 + targetPort: 8000 + name: public + protocol: TCP + appProtocol: http + - port: 10000 + targetPort: 10000 + name: private + protocol: TCP + appProtocol: http + - port: 9000 + targetPort: 9000 + name: metrics + protocol: TCP + appProtocol: http +--- +apiVersion: cloud.redhat.com/v1alpha1 +kind: ClowdEnvironment +metadata: + name: test-web-services-sessionaffinity +status: + apps: + - name: puptoo + deployments: + - hostname: puptoo-processor.test-web-services-sessionaffinity.svc + name: puptoo-processor + port: 8000 diff --git a/tests/kuttl/test-public-webservice-sessionaffinity/01-pods.yaml b/tests/kuttl/test-public-webservice-sessionaffinity/01-pods.yaml new file mode 100644 index 000000000..7bcbc87a3 --- /dev/null +++ b/tests/kuttl/test-public-webservice-sessionaffinity/01-pods.yaml @@ -0,0 +1,56 @@ +--- +apiVersion: cloud.redhat.com/v1alpha1 +kind: ClowdEnvironment +metadata: + name: test-web-services-sessionaffinity +spec: + targetNamespace: test-web-services-sessionaffinity + providers: + web: + port: 8000 + privatePort: 10000 + mode: operator + metrics: + port: 9000 + mode: operator + path: "/metrics" + kafka: + mode: none + db: + mode: none + logging: + mode: none + objectStore: + mode: none + inMemoryDb: + mode: none + resourceDefaults: + limits: + cpu: 400m + memory: 1024Mi + requests: + cpu: 30m + memory: 512Mi +--- +apiVersion: cloud.redhat.com/v1alpha1 +kind: ClowdApp +metadata: + name: puptoo + namespace: test-web-services-sessionaffinity +spec: + envName: test-web-services-sessionaffinity + deployments: + - name: processor + podSpec: + image: quay.io/psav/clowder-hello + env: + - name: ENV_VAR_1 + value: env_var_1 + - name: ENV_VAR_2 + value: env_var_2 + webServices: + private: + enabled: True + public: + enabled: True + sessionAffinity: True diff --git a/tests/kuttl/test-public-webservice-sessionaffinity/03-delete.yaml b/tests/kuttl/test-public-webservice-sessionaffinity/03-delete.yaml new file mode 100644 index 000000000..29670008c --- /dev/null +++ b/tests/kuttl/test-public-webservice-sessionaffinity/03-delete.yaml @@ -0,0 +1,10 @@ +--- +apiVersion: kuttl.dev/v1beta1 +kind: TestStep +delete: +- apiVersion: v1 + kind: Namespace + name: test-web-services +- apiVersion: cloud.redhat.com/v1alpha1 + kind: ClowdEnvironment + name: test-web-services From 972775a4762fe363699270c0ba7d33c5de2d9249 Mon Sep 17 00:00:00 2001 From: Adam Drew Date: Thu, 14 Mar 2024 14:33:43 -0400 Subject: [PATCH 2/2] fix: update object names for deletion --- .../test-public-webservice-sessionaffinity/03-delete.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/kuttl/test-public-webservice-sessionaffinity/03-delete.yaml b/tests/kuttl/test-public-webservice-sessionaffinity/03-delete.yaml index 29670008c..ab00e4767 100644 --- a/tests/kuttl/test-public-webservice-sessionaffinity/03-delete.yaml +++ b/tests/kuttl/test-public-webservice-sessionaffinity/03-delete.yaml @@ -4,7 +4,7 @@ kind: TestStep delete: - apiVersion: v1 kind: Namespace - name: test-web-services + name: test-web-services-sessionaffinity - apiVersion: cloud.redhat.com/v1alpha1 kind: ClowdEnvironment - name: test-web-services + name: test-web-services-sessionaffinity