Configuration controller

Makefile

@@ -56,7 +56,7 @@ rbacs: controller-gen
 	rm -f deployments/liqo/files/*
 	$(CONTROLLER_GEN) paths="./internal/liqonet/route-operator" rbac:roleName=liqo-route output:rbac:stdout | awk -v RS="---\n" 'NR>1{f="./deployments/liqo/files/liqo-route-" $$4 ".yaml";printf "%s",$$0 > f; close(f)}' &&  sed -i -n '/rules/,$$p' deployments/liqo/files/liqo-route-ClusterRole.yaml deployments/liqo/files/liqo-route-Role.yaml
 	$(CONTROLLER_GEN) paths="./internal/liqonet/tunnel-operator" rbac:roleName=liqo-gateway output:rbac:stdout | awk -v RS="---\n" 'NR>1{f="./deployments/liqo/files/liqo-gateway-" $$4 ".yaml";printf "%s",$$0 > f; close(f)}' &&  sed -i -n '/rules/,$$p' deployments/liqo/files/liqo-gateway-ClusterRole.yaml deployments/liqo/files/liqo-gateway-Role.yaml
-	$(CONTROLLER_GEN) paths="./internal/liqonet/network-manager/..." rbac:roleName=liqo-network-manager output:rbac:stdout | awk -v RS="---\n" 'NR>1{f="./deployments/liqo/files/liqo-network-manager-" $$4 ".yaml";printf "%s",$$0 > f; close(f)}' &&  sed -i -n '/rules/,$$p' deployments/liqo/files/liqo-network-manager-ClusterRole.yaml deployments/liqo/files/liqo-network-manager-Role.yaml
+	$(CONTROLLER_GEN) paths="{./internal/liqonet/network-manager/...,./pkg/liqonet/...}" rbac:roleName=liqo-network-manager output:rbac:stdout | awk -v RS="---\n" 'NR>1{f="./deployments/liqo/files/liqo-network-manager-" $$4 ".yaml";printf "%s",$$0 > f; close(f)}' &&  sed -i -n '/rules/,$$p' deployments/liqo/files/liqo-network-manager-ClusterRole.yaml deployments/liqo/files/liqo-network-manager-Role.yaml
 	$(CONTROLLER_GEN) paths="./internal/crdReplicator" rbac:roleName=liqo-crd-replicator output:rbac:stdout | awk -v RS="---\n" 'NR>1{f="./deployments/liqo/files/liqo-crd-replicator-" $$4 ".yaml";printf "%s",$$0 > f; close(f)}' &&  sed -i -n '/rules/,$$p' deployments/liqo/files/liqo-crd-replicator-ClusterRole.yaml deployments/liqo/files/liqo-crd-replicator-Role.yaml
 	$(CONTROLLER_GEN) paths="./pkg/discoverymanager" rbac:roleName=liqo-discovery output:rbac:stdout | awk -v RS="---\n" 'NR>1{f="./deployments/liqo/files/liqo-discovery-" $$4 ".yaml";printf "%s",$$0 > f; close(f)}' &&  sed -i -n '/rules/,$$p' deployments/liqo/files/liqo-discovery-ClusterRole.yaml deployments/liqo/files/liqo-discovery-Role.yaml
 	$(CONTROLLER_GEN) paths="./internal/auth-service" rbac:roleName=liqo-auth-service output:rbac:stdout | awk -v RS="---\n" 'NR>1{f="./deployments/liqo/files/liqo-auth-" $$4 ".yaml";printf "%s",$$0 > f; close(f)}' &&  sed -i -n '/rules/,$$p' deployments/liqo/files/liqo-auth-ClusterRole.yaml deployments/liqo/files/liqo-auth-Role.yaml

apis/ipam/v1alpha1/network_types.go

@@ -15,6 +15,7 @@
 package v1alpha1
 
 import (
+	v1alpha1networking "github.com/liqotech/liqo/apis/networking/v1alpha1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )
@@ -36,13 +37,13 @@ var (
 // NetworkSpec defines the desired state of Network.
 type NetworkSpec struct {
 	// CIDR is the desired CIDR for the remote cluster.
-	CIDR string `json:"cidr"`
+	CIDR v1alpha1networking.CIDR `json:"cidr"`
 }
 
 // NetworkStatus defines the observed state of Network.
 type NetworkStatus struct {
 	// CIDR is the remapped CIDR for the remote cluster.
-	CIDR string `json:"cidr,omitempty"`
+	CIDR v1alpha1networking.CIDR `json:"cidr,omitempty"`
 }
 
 // +kubebuilder:object:root=true

apis/networking/v1alpha1/common_types.go

@@ -0,0 +1,29 @@
+// Copyright 2019-2023 The Liqo Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package v1alpha1 contains API Schema definitions for the networking v1alpha1 API group.
+//
+//nolint:lll // ignore long lines given by Kubebuilder marker annotations.
+package v1alpha1
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// CIDR defines a syntax validated CIDR.
+// +kubebuilder:validation:Pattern=`^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\/([0-9]|[1-2][0-9]|3[0-2])$`
+type CIDR string
+
+// IP defines a syntax validated IP.
+// +kubebuilder:validation:Pattern=`^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])$`
+type IP string

apis/networking/v1alpha1/configuration_types.go

@@ -34,18 +34,18 @@ var ConfigurationGroupResource = schema.GroupResource{Group: GroupVersion.Group,
 // ConfigurationGroupVersionResource is groupResourceVersion used to register these objects.
 var ConfigurationGroupVersionResource = GroupVersion.WithResource(ConfigurationResource)
 
-// CIDR defines the CIDR of the cluster.
-type CIDR struct {
+// ClusterConfigCIDR defines the CIDR of the cluster.
+type ClusterConfigCIDR struct {
 	// Pod CIDR of the cluster.
-	Pod string `json:"pod,omitempty"`
+	Pod CIDR `json:"pod,omitempty"`
 	// External CIDR of the cluster.
-	External string `json:"external,omitempty"`
+	External CIDR `json:"external,omitempty"`
 }
 
 // ClusterConfig defines the configuration of a cluster.
 type ClusterConfig struct {
 	// CIDR of the cluster.
-	CIDR CIDR `json:"cidr,omitempty"`
+	CIDR ClusterConfigCIDR `json:"cidr,omitempty"`
 }
 
 // ConfigurationSpec defines the desired state of Configuration.

apis/networking/v1alpha1/gatewayserver_types.go

@@ -58,7 +58,7 @@ type GatewayServerSpec struct {
 // EndpointStatus defines the observed state of the endpoint.
 type EndpointStatus struct {
 	// Addresses specifies the addresses of the endpoint.
-	Addresses []string `json:"addresses,omitempty"`
+	Addresses []IP `json:"addresses,omitempty"`
 	// Port specifies the port of the endpoint.
 	Port int32 `json:"port,omitempty"`
 	// Protocol specifies the protocol of the endpoint.

cmd/liqonet/network-manager.go

@@ -30,6 +30,7 @@ import (
 	"github.com/liqotech/liqo/internal/liqonet/network-manager/netcfgcreator"
 	"github.com/liqotech/liqo/internal/liqonet/network-manager/tunnelendpointcreator"
 	liqoconst "github.com/liqotech/liqo/pkg/consts"
+	configurationcontroller "github.com/liqotech/liqo/pkg/liqonet/configuration-controller"
 	liqonetIpam "github.com/liqotech/liqo/pkg/liqonet/ipam"
 	liqonetutils "github.com/liqotech/liqo/pkg/liqonet/utils"
 	"github.com/liqotech/liqo/pkg/utils/args"
@@ -109,6 +110,8 @@ func runNetworkManager(commonFlags *liqonetCommonFlags, managerFlags *networkMan
 		ExternalCIDR: externalCIDR,
 	}
 
+	cfgr := configurationcontroller.NewConfigurationReconciler(mgr.GetClient(), mgr.GetScheme(), mgr.GetEventRecorderFor("configuration-controller"))
+
 	if err = tec.SetupWithManager(mgr); err != nil {
 		klog.Errorf("unable to create controller TunnelEndpointCreator: %s", err)
 		os.Exit(1)
@@ -119,6 +122,11 @@ func runNetworkManager(commonFlags *liqonetCommonFlags, managerFlags *networkMan
 		os.Exit(1)
 	}
 
+	if err = cfgr.SetupWithManager(mgr); err != nil {
+		klog.Errorf("unable to create controller ConfigurationReconciler: %s", err)
+		os.Exit(1)
+	}
+
 	klog.Info("starting manager as liqo-network-manager")
 	if err := mgr.Start(tec.SetupSignalHandlerForTunEndCreator()); err != nil {
 		klog.Errorf("an error occurred while starting manager: %s", err)

deployments/liqo/crds/networking.liqo.io_configurations.yaml

@@ -47,12 +47,29 @@ spec:
                     properties:
                       external:
                         description: External CIDR of the cluster.
+                        pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\/([0-9]|[1-2][0-9]|3[0-2])$
                         type: string
                       pod:
                         description: Pod CIDR of the cluster.
+                        pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\/([0-9]|[1-2][0-9]|3[0-2])$
                         type: string
                     type: object
                 type: object
+                properties:
+                  cidr:
+                    description: CIDR of the cluster.
+                    properties:
+                      external:
+                        description: External CIDR of the cluster.
+                        pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\/([0-9]|[1-2][0-9]|3[0-2])$
+                        type: string
+                      pod:
+                        description: Pod CIDR of the cluster.
+                        pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\/([0-9]|[1-2][0-9]|3[0-2])$
+                        type: string
+                    type: object
+                type: object
+>>>>>>> 32fbdace9... Configuration controller:deployments/liqo/charts/liqo-crds/crds/networking.liqo.io_configurations.yaml
               remote:
                 description: Remote network configuration (the other cluster).
                 properties:
@@ -61,9 +78,11 @@ spec:
                     properties:
                       external:
                         description: External CIDR of the cluster.
+                        pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\/([0-9]|[1-2][0-9]|3[0-2])$
                         type: string
                       pod:
                         description: Pod CIDR of the cluster.
+                        pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\/([0-9]|[1-2][0-9]|3[0-2])$
                         type: string
                     type: object
                 type: object
@@ -80,9 +99,11 @@ spec:
                     properties:
                       external:
                         description: External CIDR of the cluster.
+                        pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\/([0-9]|[1-2][0-9]|3[0-2])$
                         type: string
                       pod:
                         description: Pod CIDR of the cluster.
+                        pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\/([0-9]|[1-2][0-9]|3[0-2])$
                         type: string
                     type: object
                 type: object

deployments/liqo/crds/networking.liqo.io_connections.yaml

@@ -88,6 +88,8 @@ spec:
                       addresses:
                         description: Addresses specifies the addresses of the endpoint.
                         items:
+                          description: IP defines a syntax validated IP.
+                          pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])$
                           type: string
                         type: array
                       port:

deployments/liqo/crds/networking.liqo.io_gatewayservers.yaml

@@ -105,6 +105,8 @@ spec:
                   addresses:
                     description: Addresses specifies the addresses of the endpoint.
                     items:
+                      description: IP defines a syntax validated IP.
+                      pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])$
                       type: string
                     type: array
                   port:

deployments/liqo/crds/networking.liqo.io_wggatewayservers.yaml

@@ -8966,6 +8966,8 @@ spec:
                   addresses:
                     description: Addresses specifies the addresses of the endpoint.
                     items:
+                      description: IP defines a syntax validated IP.
+                      pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])$
                       type: string
                     type: array
                   port:

deployments/liqo/files/liqo-network-manager-ClusterRole.yaml

@@ -84,3 +84,12 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - networking.liqo.io
+  resources:
+  - configuration
+  verbs:
+  - get
+  - list
+  - update
+  - watch

pkg/liqonet/configuration-controller/configuration-controller.go

@@ -0,0 +1,116 @@
+// Copyright 2019-2023 The Liqo Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package configurationcontroller
+
+import (
+	"context"
+	"fmt"
+
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/client-go/tools/record"
+	"k8s.io/klog/v2"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	ipamv1alpha1 "github.com/liqotech/liqo/apis/ipam/v1alpha1"
+	networkingv1alpha1 "github.com/liqotech/liqo/apis/networking/v1alpha1"
+)
+
+// ConfigurationReconciler manage Configuration lifecycle.
+type ConfigurationReconciler struct {
+	client.Client
+	Scheme         *runtime.Scheme
+	EventsRecorder record.EventRecorder
+}
+
+// NewConfigurationReconciler returns a new ConfigurationReconciler.
+func NewConfigurationReconciler(cl client.Client, s *runtime.Scheme, er record.EventRecorder) *ConfigurationReconciler {
+	return &ConfigurationReconciler{
+		Client:         cl,
+		Scheme:         s,
+		EventsRecorder: er,
+	}
+}
+
+// cluster-role
+// +kubebuilder:rbac:groups=networking.liqo.io,resources=configuration,verbs=get;list;watch;update
+
+// Reconcile manage NamespaceMaps associated with the virtual-node.
+func (r *ConfigurationReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
+	configuration := &networkingv1alpha1.Configuration{}
+	if err := r.Get(ctx, req.NamespacedName, configuration); err != nil {
+		if apierrors.IsNotFound(err) {
+			klog.Infof("There is no a configuration called '%s' in '%s'", req.Name, req.Namespace)
+			return ctrl.Result{}, nil
+		}
+		return ctrl.Result{}, fmt.Errorf(" %w --> Unable to get the configuration '%s'", err, req.Name)
+	}
+
+	requeue, err := r.RemapConfiguration(ctx, configuration)
+	if requeue || err != nil {
+		return ctrl.Result{}, err
+	}
+
+	return ctrl.Result{}, r.UpdateConfigurationStatus(ctx, configuration)
+}
+
+// RemapConfiguration remap the configuration using ipamv1alpha1.Network.
+func (r *ConfigurationReconciler) RemapConfiguration(ctx context.Context, cfg *networkingv1alpha1.Configuration) (requeue bool, err error) {
+	var cidrRemapped networkingv1alpha1.CIDR
+	for _, cidrType := range LabelCIDRTypeValues {
+		switch cidrType {
+		case LabelCIDRTypePod:
+			cidrRemapped = cfg.Status.Remote.CIDR.Pod
+		case LabelCIDRTypeExternal:
+			cidrRemapped = cfg.Status.Remote.CIDR.External
+		}
+		if cidrRemapped != "" {
+			continue
+		}
+		network, err := CreateOrGetNetwork(ctx, r.Client, r.Scheme, cfg, cidrType)
+		if err != nil {
+			return true, fmt.Errorf(" %w --> Unable to create or get the network '%s'", err, network.Name)
+		}
+		if network.Status.CIDR == "" {
+			return true, nil
+		}
+		var cidrNew, cidrOld networkingv1alpha1.CIDR
+		cidrNew = network.Status.CIDR
+		switch cidrType {
+		case LabelCIDRTypePod:
+			cidrOld = cfg.Status.Remote.CIDR.Pod
+			cfg.Status.Remote.CIDR.Pod = network.Status.CIDR
+		case LabelCIDRTypeExternal:
+			cidrOld = cfg.Status.Remote.CIDR.External
+			cfg.Status.Remote.CIDR.External = network.Status.CIDR
+		}
+		klog.Infof("Configuration %s/%s %s CIDR: %s -> %s", cfg.Name, cfg.Namespace, cidrType, cidrOld, cidrNew)
+	}
+	return false, nil
+}
+
+func (r *ConfigurationReconciler) UpdateConfigurationStatus(ctx context.Context, cfg *networkingv1alpha1.Configuration) error {
+	if err := r.Status().Update(ctx, cfg); err != nil {
+		return fmt.Errorf(" %w --> Unable to update the configuration '%s'", err, cfg.Name)
+	}
+	return nil
+}
+
+// SetupWithManager register the ConfigurationReconciler to the manager.
+func (r *ConfigurationReconciler) SetupWithManager(mgr ctrl.Manager) error {
+	return ctrl.NewControllerManagedBy(mgr).Owns(&ipamv1alpha1.Network{}).
+		For(&networkingv1alpha1.Configuration{}).Complete(r)
+}

pkg/liqonet/configuration-controller/doc.go

@@ -0,0 +1,15 @@
+// Copyright 2019-2023 The Liqo Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package configurationcontroller