diff --git a/deployments/liqo/templates/_helpers.tpl b/deployments/liqo/templates/_helpers.tpl index 34806e05d8..bf609e1e0e 100644 --- a/deployments/liqo/templates/_helpers.tpl +++ b/deployments/liqo/templates/_helpers.tpl @@ -76,6 +76,36 @@ app.kubernetes.io/component: {{ quote .module }} app.kubernetes.io/part-of: {{ quote (include "liqo.name" .) }} {{- end }} +{{/* +Common metadata for Templates +*/}} +{{- define "liqo.metadataTemplate" -}} +name: {{ include "liqo.prefixedNameTemplate" . }} +namespace: {{ quote "{{ .Namespace }}" }} +labels: +{{ include "liqo.labelsTemplate" . | indent 2 }} +{{- end }} + +{{/* +Common Labels for Templates +*/}} +{{- define "liqo.labelsTemplate" -}} +{{ include "liqo.selectorLabelsTemplate" . }} +helm.sh/chart: {{ quote (include "liqo.chart" .) }} +app.kubernetes.io/version: {{ quote (include "liqo.version" .) }} +app.kubernetes.io/managed-by: {{ quote .Release.Service }} +{{- end }} + +{{/* +Selector labels template, it accepts a dict which contains fields "name" and "module" +*/}} +{{- define "liqo.selectorLabelsTemplate" -}} +app.kubernetes.io/name: {{ quote "{{ .Name }}" }} +app.kubernetes.io/instance: {{ quote (printf "%s-%s" .Release.Name "{{ .Name }}") }} +app.kubernetes.io/component: {{ quote .module }} +app.kubernetes.io/part-of: {{ quote (include "liqo.name" .) }} +{{- end }} + {{/* Create a name prefixed with the chart name, it accepts a dict which contains the field "name". */}} @@ -83,6 +113,13 @@ Create a name prefixed with the chart name, it accepts a dict which contains the {{- printf "%s-%s" (include "liqo.name" .) .name }} {{- end }} +{{/* +Create a name prefixed with the chart name, it accepts a dict which contains the field "name". +*/}} +{{- define "liqo.prefixedNameTemplate" -}} +{{- printf "%s-{{ .Name }}" (include "liqo.name" .) }} +{{- end }} + {{/* Create the file name of a role starting from a prefix, it accepts a dict which contains the field "prefix". */}} diff --git a/deployments/liqo/templates/liqo-wireguard-gateway-client-template.yaml b/deployments/liqo/templates/liqo-wireguard-gateway-client-template.yaml new file mode 100644 index 0000000000..90463a916a --- /dev/null +++ b/deployments/liqo/templates/liqo-wireguard-gateway-client-template.yaml @@ -0,0 +1,61 @@ +{{- $templateConfig := (merge (dict "name" "wg-client-template" "module" "networking") .) -}} + +{{- if .Values.networking.internal }} + +apiVersion: networking.liqo.io/v1alpha1 +kind: WgGatewayClientTemplate +metadata: + name: {{ $templateConfig.name }} + labels: + {{- include "liqo.labels" $templateConfig | nindent 4 }} +spec: + objectKind: + apiVersion: networking.liqo.io/v1alpha1 + kind: WgGatewayClient + template: + metadata: + {{- include "liqo.metadataTemplate" $templateConfig | nindent 6 }} + spec: + deployment: + metadata: + {{- include "liqo.metadataTemplate" $templateConfig | nindent 10 }} + spec: + replicas: 1 + selector: + matchLabels: + {{- include "liqo.labelsTemplate" $templateConfig | nindent 14 }} + template: + metadata: + {{- include "liqo.metadataTemplate" $templateConfig | nindent 14 }} + spec: + containers: + - name: wireguard + image: ghcr.io/liqotech/gateway/wireguard{{ include "liqo.suffix" $templateConfig }}:{{ include "liqo.version" $templateConfig }} + imagePullPolicy: Always + args: + - --name="{{"{{ .Name }}"}}" + - --namespace="{{"{{ .Namespace }}"}}" + - --remote-cluster-id="{{"{{ .ClusterID }}"}}" + - --wireguard-gateway-uid="{{"{{ .GatewayUID }}"}}" + - --mode=client + - --mtu="{{"{{ .Spec.MTU }}"}}" + - --endpoint-address="{{"{{ index .Spec.Endpoint.Addresses 0 }}"}}" + - --endpoint-port="{{"{{ .Spec.Endpoint.Port }}"}}" + securityContext: + privileged: true + capabilities: + add: + - ALL + - name: gateway + image: ghcr.io/liqotech/gateway{{ include "liqo.suffix" $templateConfig }}:{{ include "liqo.version" $templateConfig }} + imagePullPolicy: Always + args: + - --name="{{"{{ .Name }}"}}" + - --namespace="{{"{{ .Namespace }}"}}" + - --mode=client + securityContext: + privileged: true + capabilities: + add: + - ALL +{{- end }} diff --git a/deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml b/deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml new file mode 100644 index 0000000000..f8007fe057 --- /dev/null +++ b/deployments/liqo/templates/liqo-wireguard-gateway-server-template.yaml @@ -0,0 +1,71 @@ +{{- $templateConfig := (merge (dict "name" "wg-server-template" "module" "networking") .) -}} + +{{- if .Values.networking.internal }} + +apiVersion: networking.liqo.io/v1alpha1 +kind: WgGatewayServerTemplate +metadata: + name: {{ $templateConfig.name }} + labels: + {{- include "liqo.labels" $templateConfig | nindent 4 }} +spec: + objectKind: + apiVersion: networking.liqo.io/v1alpha1 + kind: WgGatewayServer + template: + metadata: + {{- include "liqo.metadataTemplate" $templateConfig | nindent 6 }} + spec: + service: + metadata: + {{- include "liqo.metadataTemplate" $templateConfig | nindent 12 }} + spec: + selector: + {{- include "liqo.labelsTemplate" $templateConfig | nindent 12 }} + type: "{{"{{ .Spec.Endpoint.ServiceType }}"}}" + ports: + - port: "{{"{{ .Spec.Endpoint.Port }}"}}" + protocol: UDP + deployment: + metadata: + {{- include "liqo.metadataTemplate" $templateConfig | nindent 10 }} + spec: + replicas: 1 + selector: + matchLabels: + {{- include "liqo.labelsTemplate" $templateConfig | nindent 14 }} + template: + metadata: + {{- include "liqo.metadataTemplate" $templateConfig | nindent 14 }} + spec: + containers: + - name: wireguard + image: ghcr.io/liqotech/gateway/wireguard{{ include "liqo.suffix" $templateConfig }}:{{ include "liqo.version" $templateConfig }} + imagePullPolicy: Always + args: + - --name="{{"{{ .Name }}"}}" + - --namespace="{{"{{ .Namespace }}"}}" + - --remote-cluster-id="{{"{{ .ClusterID }}"}}" + - --wireguard-gateway-uid="{{"{{ .GatewayUID }}"}}" + - --mode=server + - --mtu="{{"{{ .Spec.MTU }}"}}" + - --listen-port="{{"{{ .Spec.Endpoint.Port }}"}}" + securityContext: + privileged: true + capabilities: + add: + - ALL + - name: gateway + image: ghcr.io/liqotech/gateway{{ include "liqo.suffix" $templateConfig }}:{{ include "liqo.version" $templateConfig }} + imagePullPolicy: Always + args: + - --name="{{"{{ .Name }}"}}" + - --namespace="{{"{{ .Namespace }}"}}" + - --mode=server + securityContext: + privileged: true + capabilities: + add: + - ALL +{{- end }} + diff --git a/pkg/liqo-controller-manager/external-network/client-operator/client_controller.go b/pkg/liqo-controller-manager/external-network/client-operator/client_controller.go index dc143847ea..580d3da0d6 100644 --- a/pkg/liqo-controller-manager/external-network/client-operator/client_controller.go +++ b/pkg/liqo-controller-manager/external-network/client-operator/client_controller.go @@ -47,6 +47,8 @@ type ClientReconciler struct { type templateData struct { Spec networkingv1alpha1.GatewayClientSpec + Name string + Namespace string GatewayUID string ClusterID string } @@ -150,10 +152,8 @@ func (r *ClientReconciler) EnsureGatewayClient(ctx context.Context, gwClient *ne return fmt.Errorf("unable to get the metadata of the client template") } objectTemplateMetadata := metav1.ObjectMeta{ - Name: enutils.GetValueOrDefault(objectTemplateMetadataInt, "name", gwClient.Name), - Namespace: enutils.GetValueOrDefault(objectTemplateMetadataInt, "namespace", gwClient.Namespace), - Labels: enutils.TranslateMap(objectTemplateMetadataInt["labels"]), - Annotations: enutils.TranslateMap(objectTemplateMetadataInt["annotations"]), + Name: enutils.GetValueOrDefault(objectTemplateMetadataInt, "name", gwClient.Name), + Namespace: enutils.GetValueOrDefault(objectTemplateMetadataInt, "namespace", gwClient.Namespace), } objectTemplateSpec, ok := objectTemplate["spec"].(map[string]interface{}) if !ok { @@ -166,7 +166,6 @@ func (r *ClientReconciler) EnsureGatewayClient(ctx context.Context, gwClient *ne obj.SetGroupVersionKind(objectKind.GroupVersionKind()) obj.SetName(gwClient.Name) obj.SetNamespace(gwClient.Namespace) - obj.SetLabels(objectTemplateMetadata.Labels) obj.SetAnnotations(objectTemplateMetadata.Annotations) obj.SetOwnerReferences([]metav1.OwnerReference{ { @@ -177,13 +176,24 @@ func (r *ClientReconciler) EnsureGatewayClient(ctx context.Context, gwClient *ne Controller: pointer.Bool(true), }, }) - spec, err := enutils.RenderTemplate(objectTemplateSpec, templateData{ + + td := templateData{ Spec: gwClient.Spec, + Name: gwClient.Name, + Namespace: gwClient.Namespace, GatewayUID: string(gwClient.UID), ClusterID: remoteClusterID, - }) + } + + meta, err := enutils.RenderTemplate(objectTemplateMetadata, td) + if err != nil { + return fmt.Errorf("unable to render the template metadata: %w", err) + } + obj.Object["metadata"] = meta + + spec, err := enutils.RenderTemplate(objectTemplateSpec, td) if err != nil { - return fmt.Errorf("unable to render the template: %w", err) + return fmt.Errorf("unable to render the template spec: %w", err) } obj.Object["spec"] = spec return nil diff --git a/pkg/liqo-controller-manager/external-network/server-operator/server_controller.go b/pkg/liqo-controller-manager/external-network/server-operator/server_controller.go index 778000be7f..dbeaebfcf8 100644 --- a/pkg/liqo-controller-manager/external-network/server-operator/server_controller.go +++ b/pkg/liqo-controller-manager/external-network/server-operator/server_controller.go @@ -47,6 +47,8 @@ type ServerReconciler struct { type templateData struct { Spec networkingv1alpha1.GatewayServerSpec + Name string + Namespace string GatewayUID string ClusterID string } @@ -145,16 +147,10 @@ func (r *ServerReconciler) EnsureGatewayServer(ctx context.Context, server *netw if !ok { return fmt.Errorf("unable to get the template of the server template") } - objectTemplateMetadataInt, ok := objectTemplate["metadata"].(map[string]interface{}) + objectTemplateMetadata, ok := objectTemplate["metadata"].(map[string]interface{}) if !ok { return fmt.Errorf("unable to get the metadata of the server template") } - objectTemplateMetadata := metav1.ObjectMeta{ - Name: enutils.GetValueOrDefault(objectTemplateMetadataInt, "name", server.Name), - Namespace: enutils.GetValueOrDefault(objectTemplateMetadataInt, "namespace", server.Namespace), - Labels: enutils.TranslateMap(objectTemplateMetadataInt["labels"]), - Annotations: enutils.TranslateMap(objectTemplateMetadataInt["annotations"]), - } objectTemplateSpec, ok := objectTemplate["spec"].(map[string]interface{}) if !ok { return fmt.Errorf("unable to get the spec of the server template") @@ -164,10 +160,6 @@ func (r *ServerReconciler) EnsureGatewayServer(ctx context.Context, server *netw GroupVersion().WithResource(enutils.KindToResource(objectKind.Kind))). Namespace(server.Namespace), server.Name, func(obj *unstructured.Unstructured) error { obj.SetGroupVersionKind(objectKind.GroupVersionKind()) - obj.SetName(server.Name) - obj.SetNamespace(server.Namespace) - obj.SetLabels(objectTemplateMetadata.Labels) - obj.SetAnnotations(objectTemplateMetadata.Annotations) obj.SetOwnerReferences([]metav1.OwnerReference{ { APIVersion: server.APIVersion, @@ -177,13 +169,24 @@ func (r *ServerReconciler) EnsureGatewayServer(ctx context.Context, server *netw Controller: pointer.Bool(true), }, }) - spec, err := enutils.RenderTemplate(objectTemplateSpec, templateData{ + + td := templateData{ Spec: server.Spec, + Name: server.Name, + Namespace: server.Namespace, GatewayUID: string(server.UID), ClusterID: remoteClusterID, - }) + } + + metadata, err := enutils.RenderTemplate(objectTemplateMetadata, td) + if err != nil { + return fmt.Errorf("unable to render the template metadata: %w", err) + } + obj.Object["metadata"] = metadata + + spec, err := enutils.RenderTemplate(objectTemplateSpec, td) if err != nil { - return fmt.Errorf("unable to render the template: %w", err) + return fmt.Errorf("unable to render the template spec: %w", err) } obj.Object["spec"] = spec return nil