Implemented WgGatewayServers controller

apis/networking/v1alpha1/wggatewayserver_types.go

@@ -65,9 +65,9 @@ type WgGatewayServerSpec struct {
 // WgGatewayServerStatus defines the observed state of WgGatewayServer.
 type WgGatewayServerStatus struct {
 	// SecretRef specifies the reference to the secret.
-	SecretRef corev1.ObjectReference `json:"secretRef,omitempty"`
+	SecretRef *corev1.ObjectReference `json:"secretRef,omitempty"`
 	// Endpoint specifies the endpoint of the server.
-	Endpoint EndpointStatus `json:"endpoint,omitempty"`
+	Endpoint *EndpointStatus `json:"endpoint,omitempty"`
 }
 
 // +kubebuilder:object:root=true

cmd/liqo-controller-manager/main.go

@@ -61,6 +61,7 @@ import (
 	"github.com/liqotech/liqo/pkg/consts"
 	identitymanager "github.com/liqotech/liqo/pkg/identityManager"
 	configurationcontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/external-network/configuration-controller"
+	wggatewaycontrollers "github.com/liqotech/liqo/pkg/liqo-controller-manager/external-network/wireguard"
 	foreignclusteroperator "github.com/liqotech/liqo/pkg/liqo-controller-manager/foreign-cluster-operator"
 	ipctrl "github.com/liqotech/liqo/pkg/liqo-controller-manager/ip-controller"
 	mapsctrl "github.com/liqotech/liqo/pkg/liqo-controller-manager/namespacemap-controller"
@@ -323,13 +324,42 @@ func main() {
 		os.Exit(1)
 	}
 
-	if err := mgr.Add(auxmgrLocalPods); err != nil {
-		klog.Errorf("Unable to add the auxiliary manager to the main one: %w", err)
+	// Create a label selector to filter only events that are part of the Gateway
+	reqExtNetworkPods, err := labels.NewRequirement(consts.ExternalNetworkLabel, selection.Equals, []string{consts.ExternalNetworkLabelValue})
+	utilruntime.Must(err)
+
+	// Create an accessory manager that cache only local offloaded pods.
+	// This manager caches only the pods that are offloaded and scheduled on a remote cluster.
+	auxmgrExtNetworkPods, err := ctrl.NewManager(config, ctrl.Options{
+		MapperProvider:     mapper.LiqoMapperProvider(scheme),
+		Scheme:             scheme,
+		MetricsBindAddress: "0", // Disable the metrics of the auxiliary manager to prevent conflicts.
+		NewCache: func(config *rest.Config, opts cache.Options) (cache.Cache, error) {
+			opts.ByObject = map[client.Object]cache.ByObject{
+				&corev1.Pod{}: {
+					Label: labels.NewSelector().Add(*reqExtNetworkPods),
+				},
+			}
+			return cache.New(config, opts)
+		},
+	})
+
+	if err != nil {
+		klog.Errorf("Unable to create auxiliary manager: %w", err)
 		os.Exit(1)
 	}
 
+	// Add all the auxiliary managers to the main one.
+	if err := mgr.Add(auxmgrLocalPods); err != nil {
+		klog.Errorf("Unable to add the LocalPods auxiliary manager to the main one: %w", err)
+		os.Exit(1)
+	}
 	if err := mgr.Add(auxmgrVirtualKubeletPods); err != nil {
-		klog.Errorf("Unable to add the auxiliary manager to the main one: %w", err)
+		klog.Errorf("Unable to add the VirtualKubeletPods auxiliary manager to the main one: %w", err)
+		os.Exit(1)
+	}
+	if err := mgr.Add(auxmgrExtNetworkPods); err != nil {
+		klog.Errorf("Unable to add the ExternalNetworkPods auxiliary manager to the main one: %w", err)
 		os.Exit(1)
 	}
 
@@ -591,11 +621,25 @@ func main() {
 			klog.Errorf("Unable to start the ipReconciler", err)
 			os.Exit(1)
 		}
+
 		cfgr := configurationcontroller.NewConfigurationReconciler(mgr.GetClient(), mgr.GetScheme(), mgr.GetEventRecorderFor("configuration-controller"))
 		if err = cfgr.SetupWithManager(mgr); err != nil {
 			klog.Errorf("unable to create controller ConfigurationReconciler: %s", err)
 			os.Exit(1)
 		}
+
+		wgServerRec := wggatewaycontrollers.NewWgGatewayServerReconciler(
+			mgr.GetClient(), mgr.GetScheme(), auxmgrExtNetworkPods.GetClient())
+		if err = wgServerRec.SetupWithManager(mgr); err != nil {
+			klog.Errorf("Unable to start the WgGatewayServerReconciler", err)
+			os.Exit(1)
+		}
+
+		wgClientRec := wggatewaycontrollers.NewWgGatewayClientReconciler(mgr.GetClient(), mgr.GetScheme())
+		if err = wgClientRec.SetupWithManager(mgr); err != nil {
+			klog.Errorf("Unable to start the WgGatewayClientReconciler", err)
+			os.Exit(1)
+		}
 	}
 
 	klog.Info("starting manager as controller manager")

deployments/liqo/files/liqo-controller-manager-ClusterRole.yaml

@@ -395,6 +395,46 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - networking.liqo.io
+  resources:
+  - wggatewayclients
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - networking.liqo.io
+  resources:
+  - wggatewayclients/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - networking.liqo.io
+  resources:
+  - wggatewayservers
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - networking.liqo.io
+  resources:
+  - wggatewayservers/status
+  verbs:
+  - get
+  - patch
+  - update
 - apiGroups:
   - offloading.liqo.io
   resources:

pkg/consts/externalnetwork.go

@@ -0,0 +1,38 @@
+// Copyright 2019-2023 The Liqo Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package consts
+
+const (
+	// // LocalKeyLabel is used to indicate if the key is local to the cluster.
+	// LocalKeyLabel = "liqo.io/local-key"
+	// // LocalKeyLabelValue indicates the key is local to the cluster.
+	// LocalKeyLabelValue = "true"
+	// // WgServerLabel is the label used to indicate if the object is created by a WireGuard server.
+	// WgServerLabel = "liqo.io/wg-server"
+	// // WgServerLabelValue indicates the object is created by a WireGuard server.
+	// WgServerLabelValue = "true"
+	// // WgClientLabel is the label used to indicate if the object is created by a WireGuard client.
+	// WgClientLabel = "liqo.io/wg-client"
+	// // WgClientLabelValue indicates the object is created by a WireGuard client.
+	// WgClientLabelValue = "true"
+	// WgServerNameLabel is the label used to indicate the name of the WireGuard server.
+	WgServerNameLabel = "liqo.io/wg-server-name"
+	// WgClientNameLabel is the label used to indicate the name of the WireGuard client.
+	WgClientNameLabel = "liqo.io/wg-client-name"
+	// ExternalNetworkLabel is the label added to all components that belong to the external network.
+	ExternalNetworkLabel = "liqo.io/external-network"
+	// ExternalNetworkLabelValue is the value of the label added to components that belong to the external network.
+	ExternalNetworkLabelValue = "true"
+)

pkg/liqo-controller-manager/external-network/wireguard/docs.go

@@ -0,0 +1,16 @@
+// Copyright 2019-2023 The Liqo Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Package wireguard contains the logic to manage WireGuard gateway servers and clients.
+package wireguard

pkg/liqo-controller-manager/external-network/wireguard/wggatewayclient_controller.go

@@ -0,0 +1,70 @@
+// Copyright 2019-2023 The Liqo Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package wireguard
+
+import (
+	"context"
+
+	appsv1 "k8s.io/api/apps/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/klog/v2"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	networkingv1alpha1 "github.com/liqotech/liqo/apis/networking/v1alpha1"
+)
+
+// WgGatewayClientReconciler manage WgGatewayClient lifecycle.
+type WgGatewayClientReconciler struct {
+	client.Client
+	Scheme *runtime.Scheme
+}
+
+// NewWgGatewayClientReconciler returns a new WgGatewayClientReconciler.
+func NewWgGatewayClientReconciler(cl client.Client, s *runtime.Scheme) *WgGatewayClientReconciler {
+	return &WgGatewayClientReconciler{
+		Client: cl,
+		Scheme: s,
+	}
+}
+
+// cluster-role
+// +kubebuilder:rbac:groups=networking.liqo.io,resources=wggatewayclients,verbs=get;list;watch;delete;create;update;patch
+// +kubebuilder:rbac:groups=networking.liqo.io,resources=wggatewayclients/status,verbs=get;update;patch
+// +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;delete;create;update;patch
+
+// Reconcile manage GatewayClient lifecycle.
+func (r *WgGatewayClientReconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.Result, err error) {
+	wgClient := &networkingv1alpha1.WgGatewayClient{}
+	if err = r.Get(ctx, req.NamespacedName, wgClient); err != nil {
+		if apierrors.IsNotFound(err) {
+			klog.Infof("WireGuard gateway client %q not found", req.NamespacedName)
+			return ctrl.Result{}, nil
+		}
+		klog.Errorf("Unable to get the WireGuard gateway client %q: %v", req.NamespacedName, err)
+		return ctrl.Result{}, err
+	}
+
+	return ctrl.Result{}, nil
+}
+
+// SetupWithManager register the WgGatewayClientReconciler to the manager.
+func (r *WgGatewayClientReconciler) SetupWithManager(mgr ctrl.Manager) error {
+	return ctrl.NewControllerManagedBy(mgr).
+		For(&networkingv1alpha1.WgGatewayClient{}).
+		Owns(&appsv1.Deployment{}).
+		Complete(r)
+}