From 1e1716beaa6b79a7f96283a3714aeb521afc12d1 Mon Sep 17 00:00:00 2001 From: Martin Schuppert Date: Mon, 7 Aug 2023 16:27:26 +0200 Subject: [PATCH] Update novaapi, novametadata and novanovncproxy to use service override Removes creation of routes.Those get done in the openstack-operator. Via service overrides the service can be customized. The service operator adds annotation to the service which needs to be exposed as a route. Jira: OSP-26690 Depends-On: openstack-k8s-operators/lib-common#332 --- api/bases/nova.openstack.org_nova.yaml | 930 ++++++++++++++---- api/bases/nova.openstack.org_novaapis.yaml | 214 +++- api/bases/nova.openstack.org_novacells.yaml | 448 +++++++-- .../nova.openstack.org_novametadata.yaml | 214 +++- .../nova.openstack.org_novanovncproxies.yaml | 214 +++- api/go.mod | 5 +- api/go.sum | 6 +- api/v1beta1/common_types.go | 30 - api/v1beta1/novaapi_types.go | 16 +- api/v1beta1/novametadata_types.go | 18 +- api/v1beta1/novanovncproxy_types.go | 25 +- api/v1beta1/zz_generated.deepcopy.go | 111 ++- config/crd/bases/nova.openstack.org_nova.yaml | 930 ++++++++++++++---- .../bases/nova.openstack.org_novaapis.yaml | 214 +++- .../bases/nova.openstack.org_novacells.yaml | 448 +++++++-- .../nova.openstack.org_novametadata.yaml | 214 +++- .../nova.openstack.org_novanovncproxies.yaml | 214 +++- config/rbac/role.yaml | 12 - controllers/nova_controller.go | 20 +- controllers/novaapi_controller.go | 142 ++- controllers/novacell_controller.go | 43 +- controllers/novametadata_controller.go | 119 ++- controllers/novanovncproxy_controller.go | 131 ++- go.mod | 4 + go.sum | 8 +- main.go | 2 - templates/nova.conf | 2 +- test/functional/base_test.go | 43 +- test/functional/nova_controller_test.go | 2 +- .../nova_metadata_controller_test.go | 40 +- test/functional/nova_multicell_test.go | 6 - test/functional/nova_novncproxy_test.go | 40 +- test/functional/nova_reconfiguration_test.go | 2 - test/functional/novaapi_controller_test.go | 51 +- test/functional/novacell_controller_test.go | 14 +- .../default/scale-tests/01-assert.yaml | 24 - 36 files changed, 3775 insertions(+), 1181 deletions(-) diff --git a/api/bases/nova.openstack.org_nova.yaml b/api/bases/nova.openstack.org_nova.yaml index b46e58dbb..f1fe43b54 100644 --- a/api/bases/nova.openstack.org_nova.yaml +++ b/api/bases/nova.openstack.org_nova.yaml @@ -75,49 +75,6 @@ spec: add additional files. Those get added to the service config dir in /etc/ . type: object - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the - pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the - IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the - pool if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with - multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which - gets set as the annotation on the LoadBalancer service. - Services which share the same VIP must have the same SharedIPKey. - Defaults to the IPAddressPool if SharedIP is true, but - no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -131,6 +88,187 @@ spec: this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the cluster. + Allows for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the + service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run @@ -353,49 +491,6 @@ spec: state until the manually create NovaMetadata CR is deleted manually. type: boolean - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB - on the pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service - maps to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB - on the IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from - the pool if available. Using a list to allow dual - stack (IPv4/IPv6) support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared - with multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key - which gets set as the annotation on the LoadBalancer - service. Services which share the same VIP must - have the same SharedIPKey. Defaults to the IPAddressPool - if SharedIP is true, but no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -409,6 +504,204 @@ spec: running this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object + override: + description: Override, provides the ability to override + the generated manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the + cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register + the service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured + key value map stored with a resource that + may be set by external tools to store and + retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values + that can be used to organize and categorize + (scope and select) objects. May match selectors + of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external + reference that discovery mechanisms will + return as an alias for this service (e.g. + a DNS CNAME record). No proxying will be + involved. Must be a lowercase RFC-1123 + hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes + how nodes distribute service traffic they + receive on one of the Service's "externally-facing" + addresses (NodePorts, ExternalIPs, and LoadBalancer + IPs). If set to "Local", the proxy will + configure the service in a way that assumes + that external load balancers will take care + of balancing the service traffic between + nodes, and so each node will deliver traffic + only to the node-local endpoints of the + service, without masquerading the client + source IP. (Traffic mistakenly sent to a + node with no endpoints will be dropped.) + The default value, "Cluster", uses the standard + behavior of routing to all endpoints evenly + (possibly modified by topology and other + features). Note that traffic sent to an + External IP or LoadBalancer IP from within + the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy + into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes + how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", + the proxy will assume that pods only want + to talk to endpoints of the service on the + same node as the pod, dropping the traffic + if there are no local endpoints. The default + value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly + modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the + dual-stack-ness requested or required by + this Service. If there is no value provided, + then this field will be set to SingleStack. + Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families + on dual-stack configured clusters or a single + IP family on single-stack clusters), or + "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The + ipFamilies and clusterIPs fields depend + on the value of this field. This field will + be wiped when updating a service to type + ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class + of the load balancer implementation this + Service belongs to. If specified, the value + of this field must be a label-style identifier, + with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed + names are reserved for end-users. This field + can only be set when the Service type is + 'LoadBalancer'. If not set, the default + load balancer implementation is used, today + this is typically done through the cloud + provider integration, but should apply for + any default implementation. If set, it is + assumed that a load balancer implementation + is watching for Services with a matching + class. Any default load balancer implementation + (e.g. cloud providers) should ignore Services + that set this field. This field can only + be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can + not be changed. This field will be wiped + when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by + the platform, this will restrict traffic + through the cloud-provider load-balancer + will be restricted to the specified client + IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: + https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". + Used to maintain session affinity. Enable + client IP based session affinity. Must be + ClientIP or None. Defaults to None. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains + the configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies + the seconds of ClientIP type session + sticky time. The value must be >0 + && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is + 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service + is exposed. Defaults to ClusterIP. Valid + options are ExternalName, ClusterIP, NodePort, + and LoadBalancer. "ClusterIP" allocates + a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by + the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is + "None", no virtual IP is allocated and the + endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds + on ClusterIP and allocates a port on every + node which routes to the same endpoints + as the clusterIP. "LoadBalancer" builds + on NodePort and creates an external load-balancer + (if supported in the current cloud) which + routes to the same endpoints as the clusterIP. + "ExternalName" aliases this service to the + specified externalName. Several other fields + do not apply to ExternalName services. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service + created to serve traffic to the cluster. The key must + be the endpoint type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run @@ -507,49 +800,6 @@ spec: until the manually create NovaNoVNCProxy CR is deleted by the operator. type: boolean - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB - on the pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service - maps to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB - on the IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from - the pool if available. Using a list to allow dual - stack (IPv4/IPv6) support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared - with multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key - which gets set as the annotation on the LoadBalancer - service. Services which share the same VIP must - have the same SharedIPKey. Defaults to the IPAddressPool - if SharedIP is true, but no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -562,6 +812,204 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override + the generated manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the + cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register + the service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured + key value map stored with a resource that + may be set by external tools to store and + retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values + that can be used to organize and categorize + (scope and select) objects. May match selectors + of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external + reference that discovery mechanisms will + return as an alias for this service (e.g. + a DNS CNAME record). No proxying will be + involved. Must be a lowercase RFC-1123 + hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes + how nodes distribute service traffic they + receive on one of the Service's "externally-facing" + addresses (NodePorts, ExternalIPs, and LoadBalancer + IPs). If set to "Local", the proxy will + configure the service in a way that assumes + that external load balancers will take care + of balancing the service traffic between + nodes, and so each node will deliver traffic + only to the node-local endpoints of the + service, without masquerading the client + source IP. (Traffic mistakenly sent to a + node with no endpoints will be dropped.) + The default value, "Cluster", uses the standard + behavior of routing to all endpoints evenly + (possibly modified by topology and other + features). Note that traffic sent to an + External IP or LoadBalancer IP from within + the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy + into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes + how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", + the proxy will assume that pods only want + to talk to endpoints of the service on the + same node as the pod, dropping the traffic + if there are no local endpoints. The default + value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly + modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the + dual-stack-ness requested or required by + this Service. If there is no value provided, + then this field will be set to SingleStack. + Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families + on dual-stack configured clusters or a single + IP family on single-stack clusters), or + "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The + ipFamilies and clusterIPs fields depend + on the value of this field. This field will + be wiped when updating a service to type + ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class + of the load balancer implementation this + Service belongs to. If specified, the value + of this field must be a label-style identifier, + with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed + names are reserved for end-users. This field + can only be set when the Service type is + 'LoadBalancer'. If not set, the default + load balancer implementation is used, today + this is typically done through the cloud + provider integration, but should apply for + any default implementation. If set, it is + assumed that a load balancer implementation + is watching for Services with a matching + class. Any default load balancer implementation + (e.g. cloud providers) should ignore Services + that set this field. This field can only + be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can + not be changed. This field will be wiped + when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by + the platform, this will restrict traffic + through the cloud-provider load-balancer + will be restricted to the specified client + IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: + https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". + Used to maintain session affinity. Enable + client IP based session affinity. Must be + ClientIP or None. Defaults to None. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains + the configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies + the seconds of ClientIP type session + sticky time. The value must be >0 + && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is + 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service + is exposed. Defaults to ClusterIP. Valid + options are ExternalName, ClusterIP, NodePort, + and LoadBalancer. "ClusterIP" allocates + a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by + the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is + "None", no virtual IP is allocated and the + endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds + on ClusterIP and allocates a port on every + node which routes to the same endpoints + as the clusterIP. "LoadBalancer" builds + on NodePort and creates an external load-balancer + (if supported in the current cloud) which + routes to the same endpoints as the clusterIP. + "ExternalName" aliases this service to the + specified externalName. Several other fields + do not apply to ExternalName services. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service + created to serve traffic to the cluster. The key must + be the endpoint type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run @@ -730,49 +1178,6 @@ spec: error state until the manually create NovaMetadata CR is deleted manually. type: boolean - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the - pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the - IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the - pool if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with - multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which - gets set as the annotation on the LoadBalancer service. - Services which share the same VIP must have the same SharedIPKey. - Defaults to the IPAddressPool if SharedIP is true, but - no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -786,6 +1191,187 @@ spec: this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the cluster. + Allows for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the + service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run diff --git a/api/bases/nova.openstack.org_novaapis.yaml b/api/bases/nova.openstack.org_novaapis.yaml index e112a662c..8b4a75adb 100644 --- a/api/bases/nova.openstack.org_novaapis.yaml +++ b/api/bases/nova.openstack.org_novaapis.yaml @@ -117,48 +117,6 @@ spec: to add additional files. Those get added to the service config dir in /etc/ . type: object - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the pre-created - address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the pool - if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with multiple - services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which gets - set as the annotation on the LoadBalancer service. Services - which share the same VIP must have the same SharedIPKey. Defaults - to the IPAddressPool if SharedIP is true, but no SharedIPKey - specified. - type: string - required: - - ipAddressPool - type: object - type: array keystoneAuthURL: type: string networkAttachments: @@ -173,6 +131,178 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration for + the Service created to serve traffic to the cluster. Allows + for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the service + in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object registeredCells: additionalProperties: type: string diff --git a/api/bases/nova.openstack.org_novacells.yaml b/api/bases/nova.openstack.org_novacells.yaml index b993257af..f02d09e63 100644 --- a/api/bases/nova.openstack.org_novacells.yaml +++ b/api/bases/nova.openstack.org_novacells.yaml @@ -226,49 +226,6 @@ spec: error state until the manually create NovaMetadata CR is deleted manually. type: boolean - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the - pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the - IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the - pool if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with - multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which - gets set as the annotation on the LoadBalancer service. - Services which share the same VIP must have the same SharedIPKey. - Defaults to the IPAddressPool if SharedIP is true, but - no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -282,6 +239,187 @@ spec: this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the cluster. + Allows for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the + service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run @@ -374,49 +512,6 @@ spec: state until the manually create NovaNoVNCProxy CR is deleted by the operator. type: boolean - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the - pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the - IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the - pool if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with - multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which - gets set as the annotation on the LoadBalancer service. - Services which share the same VIP must have the same SharedIPKey. - Defaults to the IPAddressPool if SharedIP is true, but - no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -429,6 +524,187 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the cluster. + Allows for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the + service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run diff --git a/api/bases/nova.openstack.org_novametadata.yaml b/api/bases/nova.openstack.org_novametadata.yaml index ded0a5821..eb3173a1a 100644 --- a/api/bases/nova.openstack.org_novametadata.yaml +++ b/api/bases/nova.openstack.org_novametadata.yaml @@ -126,48 +126,6 @@ spec: to add additional files. Those get added to the service config dir in /etc/ . type: object - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the pre-created - address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the pool - if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with multiple - services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which gets - set as the annotation on the LoadBalancer service. Services - which share the same VIP must have the same SharedIPKey. Defaults - to the IPAddressPool if SharedIP is true, but no SharedIPKey - specified. - type: string - required: - - ipAddressPool - type: object - type: array keystoneAuthURL: description: KeystoneAuthURL - the URL that the nova-metadata service can use to talk to keystone TODO(ksambor) Add checking if dynamic @@ -185,6 +143,178 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration for + the Service created to serve traffic to the cluster. Allows + for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the service + in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object registeredCells: additionalProperties: type: string diff --git a/api/bases/nova.openstack.org_novanovncproxies.yaml b/api/bases/nova.openstack.org_novanovncproxies.yaml index d368bcbfd..853f9b5fa 100644 --- a/api/bases/nova.openstack.org_novanovncproxies.yaml +++ b/api/bases/nova.openstack.org_novanovncproxies.yaml @@ -112,48 +112,6 @@ spec: to add additional files. Those get added to the service config dir in /etc/ . type: object - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the pre-created - address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the pool - if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with multiple - services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which gets - set as the annotation on the LoadBalancer service. Services - which share the same VIP must have the same SharedIPKey. Defaults - to the IPAddressPool if SharedIP is true, but no SharedIPKey - specified. - type: string - required: - - ipAddressPool - type: object - type: array keystoneAuthURL: description: KeystoneAuthURL - the URL that the nova-novncproxy service can use to talk to keystone @@ -170,6 +128,178 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration for + the Service created to serve traffic to the cluster. Allows + for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the service + in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run diff --git a/api/go.mod b/api/go.mod index 2220618b8..192b3630b 100644 --- a/api/go.mod +++ b/api/go.mod @@ -37,7 +37,6 @@ require ( github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/onsi/ginkgo/v2 v2.12.0 // indirect - github.com/openshift/api v3.9.0+incompatible // indirect github.com/pkg/errors v0.9.1 // indirect github.com/prometheus/client_golang v1.14.0 // indirect github.com/prometheus/client_model v0.3.0 // indirect @@ -69,3 +68,7 @@ require ( // mschuppert: map to latest commit from release-4.13 tag // must consistent within modules and service operators replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 //allow-merging + +replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20230907061102-0705359fc344 + +replace github.com/openstack-k8s-operators/keystone-operator/api => github.com/stuggi/keystone-operator/api v0.0.0-20230907062239-b15a4b6cfdb6 diff --git a/api/go.sum b/api/go.sum index 228bea16c..46f6e8bf3 100644 --- a/api/go.sum +++ b/api/go.sum @@ -221,10 +221,6 @@ github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRW github.com/onsi/ginkgo/v2 v2.12.0 h1:UIVDowFPwpg6yMUpPjGkYvf06K3RAiJXUhCxEwQVHRI= github.com/onsi/ginkgo/v2 v2.12.0/go.mod h1:ZNEzXISYlqpb8S36iN71ifqLi3vVD1rVJGvWRCJOUpQ= github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= -github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxCMwNRnMjhhIDOWHJowi6q8G6koI= -github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= -github.com/openstack-k8s-operators/lib-common/modules/common v0.1.1-0.20230824094610-976b18ca2875 h1:pj22n6PQy/XAmV5m6XaarMY6X1lvxAh16oVT5ZSVoNI= -github.com/openstack-k8s-operators/lib-common/modules/common v0.1.1-0.20230824094610-976b18ca2875/go.mod h1:Mqg9hyHpWPda62750vqmk5TajxP3zbYPDP1rtSH7mg0= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= @@ -279,6 +275,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stuggi/lib-common/modules/common v0.0.0-20230907061102-0705359fc344 h1:NZDTBuxxyFn6JJN1nHHknhzD6k/m2AwDdv0z/lRaKWQ= +github.com/stuggi/lib-common/modules/common v0.0.0-20230907061102-0705359fc344/go.mod h1:Mqg9hyHpWPda62750vqmk5TajxP3zbYPDP1rtSH7mg0= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= diff --git a/api/v1beta1/common_types.go b/api/v1beta1/common_types.go index ff8277ff4..04b002f5f 100644 --- a/api/v1beta1/common_types.go +++ b/api/v1beta1/common_types.go @@ -19,7 +19,6 @@ package v1beta1 import ( corev1 "k8s.io/api/core/v1" - "github.com/openstack-k8s-operators/lib-common/modules/common/endpoint" "github.com/openstack-k8s-operators/lib-common/modules/common/util" ) @@ -122,35 +121,6 @@ type CellPasswordSelector struct { Database string `json:"database"` } -// MetalLBConfig to configure the MetalLB loadbalancer service -type MetalLBConfig struct { - // +kubebuilder:validation:Optional - // +kubebuilder:validation:Enum=internal;public - // Endpoint, OpenStack endpoint this service maps to - Endpoint endpoint.Endpoint `json:"endpoint"` - - // +kubebuilder:validation:Required - // +kubebuilder:validation:MinLength=1 - // IPAddressPool expose VIP via MetalLB on the IPAddressPool - IPAddressPool string `json:"ipAddressPool"` - - // +kubebuilder:validation:Optional - // +kubebuilder:default=true - // SharedIP if true, VIP/VIPs get shared with multiple services - SharedIP bool `json:"sharedIP"` - - // +kubebuilder:validation:Optional - // +kubebuilder:default="" - // SharedIPKey specifies the sharing key which gets set as the annotation on the LoadBalancer service. - // Services which share the same VIP must have the same SharedIPKey. Defaults to the IPAddressPool if - // SharedIP is true, but no SharedIPKey specified. - SharedIPKey string `json:"sharedIPKey"` - - // +kubebuilder:validation:Optional - // LoadBalancerIPs, request given IPs from the pool if available. Using a list to allow dual stack (IPv4/IPv6) support - LoadBalancerIPs []string `json:"loadBalancerIPs"` -} - // SetupDefaults - initializes any CRD field defaults based on environment variables (the defaulting mechanism itself is implemented via webhooks) func SetupDefaults() { // Acquire environmental defaults and initialize Nova defaults with them diff --git a/api/v1beta1/novaapi_types.go b/api/v1beta1/novaapi_types.go index f6f02c260..77ee083c4 100644 --- a/api/v1beta1/novaapi_types.go +++ b/api/v1beta1/novaapi_types.go @@ -18,6 +18,7 @@ package v1beta1 import ( condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + service "github.com/openstack-k8s-operators/lib-common/modules/common/service" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -69,8 +70,15 @@ type NovaAPITemplate struct { NetworkAttachments []string `json:"networkAttachments,omitempty"` // +kubebuilder:validation:Optional - // ExternalEndpoints, expose a VIP via MetalLB on the pre-created address pool - ExternalEndpoints []MetalLBConfig `json:"externalEndpoints,omitempty"` + // Override, provides the ability to override the generated manifest of several child resources. + Override APIOverrideSpec `json:"override,omitempty"` +} + +// APIOverrideSpec to override the generated manifest of several child resources. +type APIOverrideSpec struct { + // Override configuration for the Service created to serve traffic to the cluster. + // The key must be the endpoint type (public, internal) + Service map[string]service.OverrideSpec `json:"service,omitempty"` } // NovaAPISpec defines the desired state of NovaAPI @@ -129,8 +137,8 @@ type NovaAPISpec struct { NovaServiceBase `json:",inline"` // +kubebuilder:validation:Optional - // ExternalEndpoints, expose a VIP via MetalLB on the pre-created address pool - ExternalEndpoints []MetalLBConfig `json:"externalEndpoints,omitempty"` + // Override, provides the ability to override the generated manifest of several child resources. + Override APIOverrideSpec `json:"override,omitempty"` // +kubebuilder:validation:Required // ServiceAccount - service account name used internally to provide Nova services the default SA name diff --git a/api/v1beta1/novametadata_types.go b/api/v1beta1/novametadata_types.go index 66b58624f..9c925a3e8 100644 --- a/api/v1beta1/novametadata_types.go +++ b/api/v1beta1/novametadata_types.go @@ -18,6 +18,7 @@ package v1beta1 import ( condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + service "github.com/openstack-k8s-operators/lib-common/modules/common/service" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -80,9 +81,15 @@ type NovaMetadataTemplate struct { NetworkAttachments []string `json:"networkAttachments,omitempty"` // +kubebuilder:validation:Optional - // ExternalEndpoints, expose a VIP via MetalLB on the pre-created address pool - // - ExternalEndpoints []MetalLBConfig `json:"externalEndpoints,omitempty"` + // Override, provides the ability to override the generated manifest of several child resources. + Override MetadataOverrideSpec `json:"override,omitempty"` +} + +// MetadataOverrideSpec to override the generated manifest of several child resources. +type MetadataOverrideSpec struct { + // Override configuration for the Service created to serve traffic to the cluster. + // The key must be the endpoint type (public, internal) + Service map[string]service.OverrideSpec `json:"service,omitempty"` } // NovaMetadataSpec defines the desired state of NovaMetadata @@ -156,8 +163,8 @@ type NovaMetadataSpec struct { NovaServiceBase `json:",inline"` // +kubebuilder:validation:Optional - // ExternalEndpoints, expose a VIP via MetalLB on the pre-created address pool - ExternalEndpoints []MetalLBConfig `json:"externalEndpoints,omitempty"` + // Override, provides the ability to override the generated manifest of several child resources. + Override MetadataOverrideSpec `json:"override,omitempty"` // +kubebuilder:validation:Required // ServiceAccount - service account name used internally to provide Nova services the default SA name @@ -249,6 +256,7 @@ func NewNovaMetadataSpec( }, KeystoneAuthURL: novaCell.KeystoneAuthURL, ServiceUser: novaCell.ServiceUser, + Override: novaCell.MetadataServiceTemplate.Override, } return metadataSpec } diff --git a/api/v1beta1/novanovncproxy_types.go b/api/v1beta1/novanovncproxy_types.go index 3895f1e2a..01747175d 100644 --- a/api/v1beta1/novanovncproxy_types.go +++ b/api/v1beta1/novanovncproxy_types.go @@ -18,6 +18,7 @@ package v1beta1 import ( condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + service "github.com/openstack-k8s-operators/lib-common/modules/common/service" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -76,9 +77,15 @@ type NovaNoVNCProxyTemplate struct { NetworkAttachments []string `json:"networkAttachments,omitempty"` // +kubebuilder:validation:Optional - // ExternalEndpoints, expose a VIP via MetalLB on the pre-created address pool - // - ExternalEndpoints []MetalLBConfig `json:"externalEndpoints,omitempty"` + // Override, provides the ability to override the generated manifest of several child resources. + Override VNCProxyOverrideSpec `json:"override,omitempty"` +} + +// VNCProxyOverrideSpec to override the generated manifest of several child resources. +type VNCProxyOverrideSpec struct { + // Override configuration for the Service created to serve traffic to the cluster. + // The key must be the endpoint type (public, internal) + Service map[string]service.OverrideSpec `json:"service,omitempty"` } // NovaNoVNCProxySpec defines the desired state of NovaNoVNCProxy @@ -128,8 +135,8 @@ type NovaNoVNCProxySpec struct { NovaServiceBase `json:",inline"` // +kubebuilder:validation:Optional - // ExternalEndpoints, expose a VIP via MetalLB on the pre-created address pool - ExternalEndpoints []MetalLBConfig `json:"externalEndpoints,omitempty"` + // Override, provides the ability to override the generated manifest of several child resources. + Override VNCProxyOverrideSpec `json:"override,omitempty"` // +kubebuilder:validation:Required // ServiceAccount - service account name used internally to provide Nova services the default SA name @@ -213,10 +220,10 @@ func NewNovaNoVNCProxySpec( Resources: novaCell.NoVNCProxyServiceTemplate.Resources, NetworkAttachments: novaCell.NoVNCProxyServiceTemplate.NetworkAttachments, }, - KeystoneAuthURL: novaCell.KeystoneAuthURL, - ServiceUser: novaCell.ServiceUser, - ServiceAccount: novaCell.ServiceAccount, - ExternalEndpoints: novaCell.NoVNCProxyServiceTemplate.ExternalEndpoints, + KeystoneAuthURL: novaCell.KeystoneAuthURL, + ServiceUser: novaCell.ServiceUser, + ServiceAccount: novaCell.ServiceAccount, + Override: novaCell.NoVNCProxyServiceTemplate.Override, } return noVNCProxSpec } diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go index a5afe4660..0c0128596 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -23,9 +23,32 @@ package v1beta1 import ( "github.com/openstack-k8s-operators/lib-common/modules/common/condition" + "github.com/openstack-k8s-operators/lib-common/modules/common/service" "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *APIOverrideSpec) DeepCopyInto(out *APIOverrideSpec) { + *out = *in + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = make(map[string]service.OverrideSpec, len(*in)) + for key, val := range *in { + (*out)[key] = *val.DeepCopy() + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIOverrideSpec. +func (in *APIOverrideSpec) DeepCopy() *APIOverrideSpec { + if in == nil { + return nil + } + out := new(APIOverrideSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CellPasswordSelector) DeepCopyInto(out *CellPasswordSelector) { *out = *in @@ -57,21 +80,23 @@ func (in *Debug) DeepCopy() *Debug { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *MetalLBConfig) DeepCopyInto(out *MetalLBConfig) { +func (in *MetadataOverrideSpec) DeepCopyInto(out *MetadataOverrideSpec) { *out = *in - if in.LoadBalancerIPs != nil { - in, out := &in.LoadBalancerIPs, &out.LoadBalancerIPs - *out = make([]string, len(*in)) - copy(*out, *in) + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = make(map[string]service.OverrideSpec, len(*in)) + for key, val := range *in { + (*out)[key] = *val.DeepCopy() + } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetalLBConfig. -func (in *MetalLBConfig) DeepCopy() *MetalLBConfig { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetadataOverrideSpec. +func (in *MetadataOverrideSpec) DeepCopy() *MetadataOverrideSpec { if in == nil { return nil } - out := new(MetalLBConfig) + out := new(MetadataOverrideSpec) in.DeepCopyInto(out) return out } @@ -182,13 +207,7 @@ func (in *NovaAPISpec) DeepCopyInto(out *NovaAPISpec) { *out = *in out.Debug = in.Debug in.NovaServiceBase.DeepCopyInto(&out.NovaServiceBase) - if in.ExternalEndpoints != nil { - in, out := &in.ExternalEndpoints, &out.ExternalEndpoints - *out = make([]MetalLBConfig, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.Override.DeepCopyInto(&out.Override) if in.RegisteredCells != nil { in, out := &in.RegisteredCells, &out.RegisteredCells *out = make(map[string]string, len(*in)) @@ -280,13 +299,7 @@ func (in *NovaAPITemplate) DeepCopyInto(out *NovaAPITemplate) { *out = make([]string, len(*in)) copy(*out, *in) } - if in.ExternalEndpoints != nil { - in, out := &in.ExternalEndpoints, &out.ExternalEndpoints - *out = make([]MetalLBConfig, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.Override.DeepCopyInto(&out.Override) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NovaAPITemplate. @@ -755,13 +768,7 @@ func (in *NovaMetadataSpec) DeepCopyInto(out *NovaMetadataSpec) { *out = *in out.Debug = in.Debug in.NovaServiceBase.DeepCopyInto(&out.NovaServiceBase) - if in.ExternalEndpoints != nil { - in, out := &in.ExternalEndpoints, &out.ExternalEndpoints - *out = make([]MetalLBConfig, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.Override.DeepCopyInto(&out.Override) if in.RegisteredCells != nil { in, out := &in.RegisteredCells, &out.RegisteredCells *out = make(map[string]string, len(*in)) @@ -858,13 +865,7 @@ func (in *NovaMetadataTemplate) DeepCopyInto(out *NovaMetadataTemplate) { *out = make([]string, len(*in)) copy(*out, *in) } - if in.ExternalEndpoints != nil { - in, out := &in.ExternalEndpoints, &out.ExternalEndpoints - *out = make([]MetalLBConfig, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.Override.DeepCopyInto(&out.Override) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NovaMetadataTemplate. @@ -956,13 +957,7 @@ func (in *NovaNoVNCProxySpec) DeepCopyInto(out *NovaNoVNCProxySpec) { *out = *in out.Debug = in.Debug in.NovaServiceBase.DeepCopyInto(&out.NovaServiceBase) - if in.ExternalEndpoints != nil { - in, out := &in.ExternalEndpoints, &out.ExternalEndpoints - *out = make([]MetalLBConfig, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.Override.DeepCopyInto(&out.Override) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NovaNoVNCProxySpec. @@ -1052,13 +1047,7 @@ func (in *NovaNoVNCProxyTemplate) DeepCopyInto(out *NovaNoVNCProxyTemplate) { *out = make([]string, len(*in)) copy(*out, *in) } - if in.ExternalEndpoints != nil { - in, out := &in.ExternalEndpoints, &out.ExternalEndpoints - *out = make([]MetalLBConfig, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } + in.Override.DeepCopyInto(&out.Override) } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NovaNoVNCProxyTemplate. @@ -1377,3 +1366,25 @@ func (in *PasswordSelector) DeepCopy() *PasswordSelector { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VNCProxyOverrideSpec) DeepCopyInto(out *VNCProxyOverrideSpec) { + *out = *in + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = make(map[string]service.OverrideSpec, len(*in)) + for key, val := range *in { + (*out)[key] = *val.DeepCopy() + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VNCProxyOverrideSpec. +func (in *VNCProxyOverrideSpec) DeepCopy() *VNCProxyOverrideSpec { + if in == nil { + return nil + } + out := new(VNCProxyOverrideSpec) + in.DeepCopyInto(out) + return out +} diff --git a/config/crd/bases/nova.openstack.org_nova.yaml b/config/crd/bases/nova.openstack.org_nova.yaml index b46e58dbb..f1fe43b54 100644 --- a/config/crd/bases/nova.openstack.org_nova.yaml +++ b/config/crd/bases/nova.openstack.org_nova.yaml @@ -75,49 +75,6 @@ spec: add additional files. Those get added to the service config dir in /etc/ . type: object - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the - pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the - IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the - pool if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with - multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which - gets set as the annotation on the LoadBalancer service. - Services which share the same VIP must have the same SharedIPKey. - Defaults to the IPAddressPool if SharedIP is true, but - no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -131,6 +88,187 @@ spec: this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the cluster. + Allows for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the + service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run @@ -353,49 +491,6 @@ spec: state until the manually create NovaMetadata CR is deleted manually. type: boolean - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB - on the pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service - maps to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB - on the IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from - the pool if available. Using a list to allow dual - stack (IPv4/IPv6) support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared - with multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key - which gets set as the annotation on the LoadBalancer - service. Services which share the same VIP must - have the same SharedIPKey. Defaults to the IPAddressPool - if SharedIP is true, but no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -409,6 +504,204 @@ spec: running this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object + override: + description: Override, provides the ability to override + the generated manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the + cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register + the service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured + key value map stored with a resource that + may be set by external tools to store and + retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values + that can be used to organize and categorize + (scope and select) objects. May match selectors + of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external + reference that discovery mechanisms will + return as an alias for this service (e.g. + a DNS CNAME record). No proxying will be + involved. Must be a lowercase RFC-1123 + hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes + how nodes distribute service traffic they + receive on one of the Service's "externally-facing" + addresses (NodePorts, ExternalIPs, and LoadBalancer + IPs). If set to "Local", the proxy will + configure the service in a way that assumes + that external load balancers will take care + of balancing the service traffic between + nodes, and so each node will deliver traffic + only to the node-local endpoints of the + service, without masquerading the client + source IP. (Traffic mistakenly sent to a + node with no endpoints will be dropped.) + The default value, "Cluster", uses the standard + behavior of routing to all endpoints evenly + (possibly modified by topology and other + features). Note that traffic sent to an + External IP or LoadBalancer IP from within + the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy + into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes + how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", + the proxy will assume that pods only want + to talk to endpoints of the service on the + same node as the pod, dropping the traffic + if there are no local endpoints. The default + value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly + modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the + dual-stack-ness requested or required by + this Service. If there is no value provided, + then this field will be set to SingleStack. + Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families + on dual-stack configured clusters or a single + IP family on single-stack clusters), or + "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The + ipFamilies and clusterIPs fields depend + on the value of this field. This field will + be wiped when updating a service to type + ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class + of the load balancer implementation this + Service belongs to. If specified, the value + of this field must be a label-style identifier, + with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed + names are reserved for end-users. This field + can only be set when the Service type is + 'LoadBalancer'. If not set, the default + load balancer implementation is used, today + this is typically done through the cloud + provider integration, but should apply for + any default implementation. If set, it is + assumed that a load balancer implementation + is watching for Services with a matching + class. Any default load balancer implementation + (e.g. cloud providers) should ignore Services + that set this field. This field can only + be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can + not be changed. This field will be wiped + when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by + the platform, this will restrict traffic + through the cloud-provider load-balancer + will be restricted to the specified client + IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: + https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". + Used to maintain session affinity. Enable + client IP based session affinity. Must be + ClientIP or None. Defaults to None. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains + the configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies + the seconds of ClientIP type session + sticky time. The value must be >0 + && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is + 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service + is exposed. Defaults to ClusterIP. Valid + options are ExternalName, ClusterIP, NodePort, + and LoadBalancer. "ClusterIP" allocates + a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by + the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is + "None", no virtual IP is allocated and the + endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds + on ClusterIP and allocates a port on every + node which routes to the same endpoints + as the clusterIP. "LoadBalancer" builds + on NodePort and creates an external load-balancer + (if supported in the current cloud) which + routes to the same endpoints as the clusterIP. + "ExternalName" aliases this service to the + specified externalName. Several other fields + do not apply to ExternalName services. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service + created to serve traffic to the cluster. The key must + be the endpoint type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run @@ -507,49 +800,6 @@ spec: until the manually create NovaNoVNCProxy CR is deleted by the operator. type: boolean - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB - on the pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service - maps to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB - on the IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from - the pool if available. Using a list to allow dual - stack (IPv4/IPv6) support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared - with multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key - which gets set as the annotation on the LoadBalancer - service. Services which share the same VIP must - have the same SharedIPKey. Defaults to the IPAddressPool - if SharedIP is true, but no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -562,6 +812,204 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override + the generated manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the + cluster. Allows for the manifest of the created + Service to be overwritten with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register + the service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured + key value map stored with a resource that + may be set by external tools to store and + retrieve arbitrary metadata. They are not + queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values + that can be used to organize and categorize + (scope and select) objects. May match selectors + of replication controllers and services. + More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external + reference that discovery mechanisms will + return as an alias for this service (e.g. + a DNS CNAME record). No proxying will be + involved. Must be a lowercase RFC-1123 + hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes + how nodes distribute service traffic they + receive on one of the Service's "externally-facing" + addresses (NodePorts, ExternalIPs, and LoadBalancer + IPs). If set to "Local", the proxy will + configure the service in a way that assumes + that external load balancers will take care + of balancing the service traffic between + nodes, and so each node will deliver traffic + only to the node-local endpoints of the + service, without masquerading the client + source IP. (Traffic mistakenly sent to a + node with no endpoints will be dropped.) + The default value, "Cluster", uses the standard + behavior of routing to all endpoints evenly + (possibly modified by topology and other + features). Note that traffic sent to an + External IP or LoadBalancer IP from within + the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy + into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes + how nodes distribute service traffic they + receive on the ClusterIP. If set to "Local", + the proxy will assume that pods only want + to talk to endpoints of the service on the + same node as the pod, dropping the traffic + if there are no local endpoints. The default + value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly + modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the + dual-stack-ness requested or required by + this Service. If there is no value provided, + then this field will be set to SingleStack. + Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families + on dual-stack configured clusters or a single + IP family on single-stack clusters), or + "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The + ipFamilies and clusterIPs fields depend + on the value of this field. This field will + be wiped when updating a service to type + ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class + of the load balancer implementation this + Service belongs to. If specified, the value + of this field must be a label-style identifier, + with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed + names are reserved for end-users. This field + can only be set when the Service type is + 'LoadBalancer'. If not set, the default + load balancer implementation is used, today + this is typically done through the cloud + provider integration, but should apply for + any default implementation. If set, it is + assumed that a load balancer implementation + is watching for Services with a matching + class. Any default load balancer implementation + (e.g. cloud providers) should ignore Services + that set this field. This field can only + be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can + not be changed. This field will be wiped + when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by + the platform, this will restrict traffic + through the cloud-provider load-balancer + will be restricted to the specified client + IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: + https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". + Used to maintain session affinity. Enable + client IP based session affinity. Must be + ClientIP or None. Defaults to None. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains + the configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies + the seconds of ClientIP type session + sticky time. The value must be >0 + && <=86400(for 1 day) if ServiceAffinity + == "ClientIP". Default value is + 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service + is exposed. Defaults to ClusterIP. Valid + options are ExternalName, ClusterIP, NodePort, + and LoadBalancer. "ClusterIP" allocates + a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by + the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is + "None", no virtual IP is allocated and the + endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds + on ClusterIP and allocates a port on every + node which routes to the same endpoints + as the clusterIP. "LoadBalancer" builds + on NodePort and creates an external load-balancer + (if supported in the current cloud) which + routes to the same endpoints as the clusterIP. + "ExternalName" aliases this service to the + specified externalName. Several other fields + do not apply to ExternalName services. More + info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service + created to serve traffic to the cluster. The key must + be the endpoint type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run @@ -730,49 +1178,6 @@ spec: error state until the manually create NovaMetadata CR is deleted manually. type: boolean - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the - pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the - IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the - pool if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with - multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which - gets set as the annotation on the LoadBalancer service. - Services which share the same VIP must have the same SharedIPKey. - Defaults to the IPAddressPool if SharedIP is true, but - no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -786,6 +1191,187 @@ spec: this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the cluster. + Allows for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the + service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run diff --git a/config/crd/bases/nova.openstack.org_novaapis.yaml b/config/crd/bases/nova.openstack.org_novaapis.yaml index e112a662c..8b4a75adb 100644 --- a/config/crd/bases/nova.openstack.org_novaapis.yaml +++ b/config/crd/bases/nova.openstack.org_novaapis.yaml @@ -117,48 +117,6 @@ spec: to add additional files. Those get added to the service config dir in /etc/ . type: object - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the pre-created - address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the pool - if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with multiple - services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which gets - set as the annotation on the LoadBalancer service. Services - which share the same VIP must have the same SharedIPKey. Defaults - to the IPAddressPool if SharedIP is true, but no SharedIPKey - specified. - type: string - required: - - ipAddressPool - type: object - type: array keystoneAuthURL: type: string networkAttachments: @@ -173,6 +131,178 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration for + the Service created to serve traffic to the cluster. Allows + for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the service + in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object registeredCells: additionalProperties: type: string diff --git a/config/crd/bases/nova.openstack.org_novacells.yaml b/config/crd/bases/nova.openstack.org_novacells.yaml index b993257af..f02d09e63 100644 --- a/config/crd/bases/nova.openstack.org_novacells.yaml +++ b/config/crd/bases/nova.openstack.org_novacells.yaml @@ -226,49 +226,6 @@ spec: error state until the manually create NovaMetadata CR is deleted manually. type: boolean - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the - pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the - IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the - pool if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with - multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which - gets set as the annotation on the LoadBalancer service. - Services which share the same VIP must have the same SharedIPKey. - Defaults to the IPAddressPool if SharedIP is true, but - no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -282,6 +239,187 @@ spec: this service. Setting here overrides any global NodeSelector settings within the Nova CR. type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the cluster. + Allows for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the + service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run @@ -374,49 +512,6 @@ spec: state until the manually create NovaNoVNCProxy CR is deleted by the operator. type: boolean - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the - pre-created address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the - IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the - pool if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with - multiple services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which - gets set as the annotation on the LoadBalancer service. - Services which share the same VIP must have the same SharedIPKey. - Defaults to the IPAddressPool if SharedIP is true, but - no SharedIPKey specified. - type: string - required: - - ipAddressPool - type: object - type: array networkAttachments: description: NetworkAttachments is a list of NetworkAttachment resource names to expose the services to the given network @@ -429,6 +524,187 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration + for the Service created to serve traffic to the cluster. + Allows for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the + service in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded + subset of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key + value map stored with a resource that may be set + by external tools to store and retrieve arbitrary + metadata. They are not queryable and should be + preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that + can be used to organize and categorize (scope + and select) objects. May match selectors of replication + controllers and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No + proxying will be involved. Must be a lowercase + RFC-1123 hostname (https://tools.ietf.org/html/rfc1123) + and requires `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how + nodes distribute service traffic they receive + on one of the Service's "externally-facing" addresses + (NodePorts, ExternalIPs, and LoadBalancer IPs). + If set to "Local", the proxy will configure the + service in a way that assumes that external load + balancers will take care of balancing the service + traffic between nodes, and so each node will deliver + traffic only to the node-local endpoints of the + service, without masquerading the client source + IP. (Traffic mistakenly sent to a node with no + endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing + to all endpoints evenly (possibly modified by + topology and other features). Note that traffic + sent to an External IP or LoadBalancer IP from + within the cluster will always get "Cluster" semantics, + but clients sending to a NodePort from within + the cluster may need to take traffic policy into + account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how + nodes distribute service traffic they receive + on the ClusterIP. If set to "Local", the proxy + will assume that pods only want to talk to endpoints + of the service on the same node as the pod, dropping + the traffic if there are no local endpoints. The + default value, "Cluster", uses the standard behavior + of routing to all endpoints evenly (possibly modified + by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there + is no value provided, then this field will be + set to SingleStack. Services can be "SingleStack" + (a single IP family), "PreferDualStack" (two IP + families on dual-stack configured clusters or + a single IP family on single-stack clusters), + or "RequireDualStack" (two IP families on dual-stack + configured clusters, otherwise fail). The ipFamilies + and clusterIPs fields depend on the value of this + field. This field will be wiped when updating + a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the + load balancer implementation this Service belongs + to. If specified, the value of this field must + be a label-style identifier, with an optional + prefix, e.g. "internal-vip" or "example.com/internal-vip". + Unprefixed names are reserved for end-users. This + field can only be set when the Service type is + 'LoadBalancer'. If not set, the default load balancer + implementation is used, today this is typically + done through the cloud provider integration, but + should apply for any default implementation. If + set, it is assumed that a load balancer implementation + is watching for Services with a matching class. + Any default load balancer implementation (e.g. + cloud providers) should ignore Services that set + this field. This field can only be set when creating + or updating a Service to type 'LoadBalancer'. + Once set, it can not be changed. This field will + be wiped when a service is updated to a non 'LoadBalancer' + type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the + platform, this will restrict traffic through the + cloud-provider load-balancer will be restricted + to the specified client IPs. This field will be + ignored if the cloud-provider does not support + the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used + to maintain session affinity. Enable client IP + based session affinity. Must be ClientIP or None. + Defaults to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the + configurations of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the + seconds of ClientIP type session sticky + time. The value must be >0 && <=86400(for + 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is + exposed. Defaults to ClusterIP. Valid options + are ExternalName, ClusterIP, NodePort, and LoadBalancer. + "ClusterIP" allocates a cluster-internal IP address + for load-balancing to endpoints. Endpoints are + determined by the selector or if that is not specified, + by manual construction of an Endpoints object + or EndpointSlice objects. If clusterIP is "None", + no virtual IP is allocated and the endpoints are + published as a set of endpoints rather than a + virtual IP. "NodePort" builds on ClusterIP and + allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes + to the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created + to serve traffic to the cluster. The key must be the endpoint + type (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run diff --git a/config/crd/bases/nova.openstack.org_novametadata.yaml b/config/crd/bases/nova.openstack.org_novametadata.yaml index ded0a5821..eb3173a1a 100644 --- a/config/crd/bases/nova.openstack.org_novametadata.yaml +++ b/config/crd/bases/nova.openstack.org_novametadata.yaml @@ -126,48 +126,6 @@ spec: to add additional files. Those get added to the service config dir in /etc/ . type: object - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the pre-created - address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the pool - if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with multiple - services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which gets - set as the annotation on the LoadBalancer service. Services - which share the same VIP must have the same SharedIPKey. Defaults - to the IPAddressPool if SharedIP is true, but no SharedIPKey - specified. - type: string - required: - - ipAddressPool - type: object - type: array keystoneAuthURL: description: KeystoneAuthURL - the URL that the nova-metadata service can use to talk to keystone TODO(ksambor) Add checking if dynamic @@ -185,6 +143,178 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration for + the Service created to serve traffic to the cluster. Allows + for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the service + in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object registeredCells: additionalProperties: type: string diff --git a/config/crd/bases/nova.openstack.org_novanovncproxies.yaml b/config/crd/bases/nova.openstack.org_novanovncproxies.yaml index d368bcbfd..853f9b5fa 100644 --- a/config/crd/bases/nova.openstack.org_novanovncproxies.yaml +++ b/config/crd/bases/nova.openstack.org_novanovncproxies.yaml @@ -112,48 +112,6 @@ spec: to add additional files. Those get added to the service config dir in /etc/ . type: object - externalEndpoints: - description: ExternalEndpoints, expose a VIP via MetalLB on the pre-created - address pool - items: - description: MetalLBConfig to configure the MetalLB loadbalancer - service - properties: - endpoint: - description: Endpoint, OpenStack endpoint this service maps - to - enum: - - internal - - public - type: string - ipAddressPool: - description: IPAddressPool expose VIP via MetalLB on the IPAddressPool - minLength: 1 - type: string - loadBalancerIPs: - description: LoadBalancerIPs, request given IPs from the pool - if available. Using a list to allow dual stack (IPv4/IPv6) - support - items: - type: string - type: array - sharedIP: - default: true - description: SharedIP if true, VIP/VIPs get shared with multiple - services - type: boolean - sharedIPKey: - default: "" - description: SharedIPKey specifies the sharing key which gets - set as the annotation on the LoadBalancer service. Services - which share the same VIP must have the same SharedIPKey. Defaults - to the IPAddressPool if SharedIP is true, but no SharedIPKey - specified. - type: string - required: - - ipAddressPool - type: object - type: array keystoneAuthURL: description: KeystoneAuthURL - the URL that the nova-novncproxy service can use to talk to keystone @@ -170,6 +128,178 @@ spec: description: NodeSelector to target subset of worker nodes running this service type: object + override: + description: Override, provides the ability to override the generated + manifest of several child resources. + properties: + service: + additionalProperties: + description: OverrideSpec - service override configuration for + the Service created to serve traffic to the cluster. Allows + for the manifest of the created Service to be overwritten + with custom configuration. + properties: + endpointURL: + description: EndpointURL to be used to register the service + in keystone. + type: string + metadata: + description: EmbeddedLabelsAnnotations is an embedded subset + of the fields included in k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta. + Only labels and annotations are included. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value + map stored with a resource that may be set by external + tools to store and retrieve arbitrary metadata. They + are not queryable and should be preserved when modifying + objects. More info: http://kubernetes.io/docs/user-guide/annotations' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can + be used to organize and categorize (scope and select) + objects. May match selectors of replication controllers + and services. More info: http://kubernetes.io/docs/user-guide/labels' + type: object + type: object + spec: + description: Spec defines the behavior of a Service. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + properties: + externalName: + description: externalName is the external reference + that discovery mechanisms will return as an alias + for this service (e.g. a DNS CNAME record). No proxying + will be involved. Must be a lowercase RFC-1123 hostname + (https://tools.ietf.org/html/rfc1123) and requires + `type` to be "ExternalName". + type: string + externalTrafficPolicy: + description: externalTrafficPolicy describes how nodes + distribute service traffic they receive on one of + the Service's "externally-facing" addresses (NodePorts, + ExternalIPs, and LoadBalancer IPs). If set to "Local", + the proxy will configure the service in a way that + assumes that external load balancers will take care + of balancing the service traffic between nodes, and + so each node will deliver traffic only to the node-local + endpoints of the service, without masquerading the + client source IP. (Traffic mistakenly sent to a node + with no endpoints will be dropped.) The default value, + "Cluster", uses the standard behavior of routing to + all endpoints evenly (possibly modified by topology + and other features). Note that traffic sent to an + External IP or LoadBalancer IP from within the cluster + will always get "Cluster" semantics, but clients sending + to a NodePort from within the cluster may need to + take traffic policy into account when picking a node. + type: string + internalTrafficPolicy: + description: InternalTrafficPolicy describes how nodes + distribute service traffic they receive on the ClusterIP. + If set to "Local", the proxy will assume that pods + only want to talk to endpoints of the service on the + same node as the pod, dropping the traffic if there + are no local endpoints. The default value, "Cluster", + uses the standard behavior of routing to all endpoints + evenly (possibly modified by topology and other features). + type: string + ipFamilyPolicy: + description: IPFamilyPolicy represents the dual-stack-ness + requested or required by this Service. If there is + no value provided, then this field will be set to + SingleStack. Services can be "SingleStack" (a single + IP family), "PreferDualStack" (two IP families on + dual-stack configured clusters or a single IP family + on single-stack clusters), or "RequireDualStack" (two + IP families on dual-stack configured clusters, otherwise + fail). The ipFamilies and clusterIPs fields depend + on the value of this field. This field will be wiped + when updating a service to type ExternalName. + type: string + loadBalancerClass: + description: loadBalancerClass is the class of the load + balancer implementation this Service belongs to. If + specified, the value of this field must be a label-style + identifier, with an optional prefix, e.g. "internal-vip" + or "example.com/internal-vip". Unprefixed names are + reserved for end-users. This field can only be set + when the Service type is 'LoadBalancer'. If not set, + the default load balancer implementation is used, + today this is typically done through the cloud provider + integration, but should apply for any default implementation. + If set, it is assumed that a load balancer implementation + is watching for Services with a matching class. Any + default load balancer implementation (e.g. cloud providers) + should ignore Services that set this field. This field + can only be set when creating or updating a Service + to type 'LoadBalancer'. Once set, it can not be changed. + This field will be wiped when a service is updated + to a non 'LoadBalancer' type. + type: string + loadBalancerSourceRanges: + description: 'If specified and supported by the platform, + this will restrict traffic through the cloud-provider + load-balancer will be restricted to the specified + client IPs. This field will be ignored if the cloud-provider + does not support the feature." More info: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/' + items: + type: string + type: array + sessionAffinity: + description: 'Supports "ClientIP" and "None". Used to + maintain session affinity. Enable client IP based + session affinity. Must be ClientIP or None. Defaults + to None. More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + type: string + sessionAffinityConfig: + description: sessionAffinityConfig contains the configurations + of session affinity. + properties: + clientIP: + description: clientIP contains the configurations + of Client IP based session affinity. + properties: + timeoutSeconds: + description: timeoutSeconds specifies the seconds + of ClientIP type session sticky time. The + value must be >0 && <=86400(for 1 day) if + ServiceAffinity == "ClientIP". Default value + is 10800(for 3 hours). + format: int32 + type: integer + type: object + type: object + type: + description: 'type determines how the Service is exposed. + Defaults to ClusterIP. Valid options are ExternalName, + ClusterIP, NodePort, and LoadBalancer. "ClusterIP" + allocates a cluster-internal IP address for load-balancing + to endpoints. Endpoints are determined by the selector + or if that is not specified, by manual construction + of an Endpoints object or EndpointSlice objects. If + clusterIP is "None", no virtual IP is allocated and + the endpoints are published as a set of endpoints + rather than a virtual IP. "NodePort" builds on ClusterIP + and allocates a port on every node which routes to + the same endpoints as the clusterIP. "LoadBalancer" + builds on NodePort and creates an external load-balancer + (if supported in the current cloud) which routes to + the same endpoints as the clusterIP. "ExternalName" + aliases this service to the specified externalName. + Several other fields do not apply to ExternalName + services. More info: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types' + type: string + type: object + type: object + description: Override configuration for the Service created to + serve traffic to the cluster. The key must be the endpoint type + (public, internal) + type: object + type: object replicas: default: 1 description: Replicas of the service to run diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 5944882c0..07b7752f7 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -348,18 +348,6 @@ rules: - list - update - watch -- apiGroups: - - route.openshift.io - resources: - - routes - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - security.openshift.io resourceNames: diff --git a/controllers/nova_controller.go b/controllers/nova_controller.go index 614074b1f..655058de8 100644 --- a/controllers/nova_controller.go +++ b/controllers/nova_controller.go @@ -836,11 +836,11 @@ func (r *NovaReconciler) ensureAPI( Resources: instance.Spec.APIServiceTemplate.Resources, NetworkAttachments: instance.Spec.APIServiceTemplate.NetworkAttachments, }, - ExternalEndpoints: instance.Spec.APIServiceTemplate.ExternalEndpoints, - KeystoneAuthURL: keystoneAuthURL, - ServiceUser: instance.Spec.ServiceUser, - ServiceAccount: instance.RbacResourceName(), - RegisteredCells: instance.Status.RegisteredCells, + Override: instance.Spec.APIServiceTemplate.Override, + KeystoneAuthURL: keystoneAuthURL, + ServiceUser: instance.Spec.ServiceUser, + ServiceAccount: instance.RbacResourceName(), + RegisteredCells: instance.Status.RegisteredCells, } api := &novav1.NovaAPI{ ObjectMeta: metav1.ObjectMeta{ @@ -1238,11 +1238,11 @@ func (r *NovaReconciler) ensureMetadata( Resources: instance.Spec.MetadataServiceTemplate.Resources, NetworkAttachments: instance.Spec.MetadataServiceTemplate.NetworkAttachments, }, - ExternalEndpoints: instance.Spec.MetadataServiceTemplate.ExternalEndpoints, - ServiceUser: instance.Spec.ServiceUser, - KeystoneAuthURL: keystoneAuthURL, - ServiceAccount: instance.RbacResourceName(), - RegisteredCells: instance.Status.RegisteredCells, + Override: instance.Spec.MetadataServiceTemplate.Override, + ServiceUser: instance.Spec.ServiceUser, + KeystoneAuthURL: keystoneAuthURL, + ServiceAccount: instance.RbacResourceName(), + RegisteredCells: instance.Status.RegisteredCells, } metadata = &novav1.NovaMetadata{ ObjectMeta: metav1.ObjectMeta{ diff --git a/controllers/novaapi_controller.go b/controllers/novaapi_controller.go index c40bcb4e1..d851f8ad7 100644 --- a/controllers/novaapi_controller.go +++ b/controllers/novaapi_controller.go @@ -29,8 +29,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/source" - routev1 "github.com/openshift/api/route/v1" - common "github.com/openstack-k8s-operators/lib-common/modules/common" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" "github.com/openstack-k8s-operators/lib-common/modules/common/endpoint" @@ -38,6 +36,7 @@ import ( helper "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/labels" nad "github.com/openstack-k8s-operators/lib-common/modules/common/networkattachment" + "github.com/openstack-k8s-operators/lib-common/modules/common/service" "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" @@ -62,7 +61,6 @@ type NovaAPIReconciler struct { // +kubebuilder:rbac:groups=core,resources=services,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=batch,resources=jobs,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;watch;create;update;patch;delete; -// +kubebuilder:rbac:groups=route.openshift.io,resources=routes,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=keystone.openstack.org,resources=keystoneendpoints,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=k8s.cni.cncf.io,resources=network-attachment-definitions,verbs=get;list;watch @@ -222,7 +220,7 @@ func (r *NovaAPIReconciler) Reconcile(ctx context.Context, req ctrl.Request) (re apiEndpoints, result, err := r.ensureServiceExposed(ctx, h, instance) if (err != nil || result != ctrl.Result{}) { - // We can ignore RequeueAfter as we are watching the Service and Route resource + // We can ignore RequeueAfter as we are watching the Service resource // but we have to return while waiting for the service to be exposed return ctrl.Result{}, err } @@ -459,52 +457,104 @@ func (r *NovaAPIReconciler) ensureServiceExposed( h *helper.Helper, instance *novav1.NovaAPI, ) (map[string]string, ctrl.Result, error) { - var ports = map[endpoint.Endpoint]endpoint.Data{ - endpoint.EndpointPublic: {Port: novaapi.APIServicePort}, - endpoint.EndpointInternal: {Port: novaapi.APIServicePort}, - } - - for _, metallbcfg := range instance.Spec.ExternalEndpoints { - portCfg := ports[metallbcfg.Endpoint] - portCfg.MetalLB = &endpoint.MetalLBData{ - IPAddressPool: metallbcfg.IPAddressPool, - SharedIP: metallbcfg.SharedIP, - SharedIPKey: metallbcfg.SharedIPKey, - LoadBalancerIPs: metallbcfg.LoadBalancerIPs, + var ports = map[service.Endpoint]endpoint.Data{ + service.EndpointPublic: { + Port: novaapi.APIServicePort, + Path: "/v2.1", + }, + service.EndpointInternal: { + Port: novaapi.APIServicePort, + Path: "/v2.1", + }, + } + + apiEndpoints := make(map[string]string) + + for endpointType, data := range ports { + endpointTypeStr := string(endpointType) + endpointName := novaapi.ServiceName + "-" + endpointTypeStr + svcOverride := instance.Spec.Override.Service[endpointTypeStr] + + exportLabels := util.MergeStringMaps( + getAPIServiceLabels(), + map[string]string{ + service.AnnotationEndpointKey: endpointTypeStr, + }, + ) + + // Create the service + svc, err := service.NewService( + service.GenericService(&service.GenericServiceDetails{ + Name: endpointName, + Namespace: instance.Namespace, + Labels: exportLabels, + Selector: getAPIServiceLabels(), + Port: service.GenericServicePort{ + Name: endpointName, + Port: data.Port, + Protocol: corev1.ProtocolTCP, + }, + }), + 5, + &svcOverride, + ) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.ExposeServiceReadyErrorMessage, + err.Error())) + + return nil, ctrl.Result{}, err } - ports[metallbcfg.Endpoint] = portCfg - } + svc.AddAnnotation(map[string]string{ + service.AnnotationEndpointKey: endpointTypeStr, + }) + + // add Annotation to whether creating an ingress is required or not + if endpointType == service.EndpointPublic && svc.GetServiceType() == corev1.ServiceTypeClusterIP { + svc.AddAnnotation(map[string]string{ + service.AnnotationIngressCreateKey: "true", + }) + svc.AddAnnotation(map[string]string{ + service.AnnotationIngressNameKey: novaapi.ServiceName, + }) + } else { + svc.AddAnnotation(map[string]string{ + service.AnnotationIngressCreateKey: "false", + }) + } - apiEndpoints, ctrlResult, err := endpoint.ExposeEndpoints( - ctx, - h, - novaapi.ServiceName, - getAPIServiceLabels(), - ports, - r.RequeueTimeout, - ) - if err != nil { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.ExposeServiceReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.ExposeServiceReadyErrorMessage, - err.Error())) - return nil, ctrlResult, err - } else if (ctrlResult != ctrl.Result{}) { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.ExposeServiceReadyCondition, - condition.RequestedReason, - condition.SeverityInfo, - condition.ExposeServiceReadyRunningMessage)) - return nil, ctrlResult, err - } - instance.Status.Conditions.MarkTrue(condition.ExposeServiceReadyCondition, condition.ExposeServiceReadyMessage) + ctrlResult, err := svc.CreateOrPatch(ctx, h) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.ExposeServiceReadyErrorMessage, + err.Error())) + + return nil, ctrlResult, err + } else if (ctrlResult != ctrl.Result{}) { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.RequestedReason, + condition.SeverityInfo, + condition.ExposeServiceReadyRunningMessage)) + return nil, ctrlResult, nil + } + // create service - end - for k, v := range apiEndpoints { - apiEndpoints[k] = v + "/v2.1" + // TODO: TLS, pass in https as protocol, create TLS cert + apiEndpoints[string(endpointType)], err = svc.GetAPIEndpoint( + &svcOverride, data.Protocol, data.Path) + if err != nil { + return nil, ctrl.Result{}, err + } } + instance.Status.Conditions.MarkTrue(condition.ExposeServiceReadyCondition, condition.ExposeServiceReadyMessage) return apiEndpoints, ctrl.Result{}, nil } @@ -610,7 +660,7 @@ func (r *NovaAPIReconciler) SetupWithManager(mgr ctrl.Manager) error { For(&novav1.NovaAPI{}). Owns(&v1.StatefulSet{}). Owns(&corev1.Service{}). - Owns(&routev1.Route{}). + Owns(&corev1.ConfigMap{}). Owns(&keystonev1.KeystoneEndpoint{}). Owns(&corev1.Secret{}). Watches(&source.Kind{Type: &corev1.Secret{}}, diff --git a/controllers/novacell_controller.go b/controllers/novacell_controller.go index bba26cb09..04d0f8ad3 100644 --- a/controllers/novacell_controller.go +++ b/controllers/novacell_controller.go @@ -19,22 +19,24 @@ package controllers import ( "context" "fmt" + "time" corev1 "k8s.io/api/core/v1" k8s_errors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" + "k8s.io/utils/ptr" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/source" - routev1 "github.com/openshift/api/route/v1" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" "github.com/openstack-k8s-operators/lib-common/modules/common/env" helper "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/labels" + "github.com/openstack-k8s-operators/lib-common/modules/common/service" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" @@ -191,7 +193,7 @@ func (r *NovaCellReconciler) Reconcile(ctx context.Context, req ctrl.Request) (r } // We need to wait for the NovaNoVNCProxy to become Ready before we can try - // to generate the compute config secret as that needs the route of the + // to generate the compute config secret as that needs the endpoint of the // proxy to be included. // However NovaNoVNCProxy is never deployed in cell0, and optional in other // cells too. @@ -585,7 +587,7 @@ func (r *NovaCellReconciler) ensureComputeConfig( func (r *NovaCellReconciler) generateComputeConfigs( ctx context.Context, h *helper.Helper, instance *novav1.NovaCell, - secret corev1.Secret, messageBusSecret corev1.Secret, vncHost *string, + secret corev1.Secret, messageBusSecret corev1.Secret, vncProxyURL *string, ) error { templateParameters := map[string]interface{}{ "service_name": "nova-compute", @@ -601,8 +603,8 @@ func (r *NovaCellReconciler) generateComputeConfigs( } // vnc is optional so we only need to configure it for the compute // if the proxy service is deployed in the cell - if vncHost != nil { - templateParameters["novncproxy_base_url"] = "http://" + *vncHost // fixme use https + if vncProxyURL != nil { + templateParameters["novncproxy_base_url"] = *vncProxyURL } cmLabels := labels.GetLabels( @@ -630,23 +632,28 @@ func (r *NovaCellReconciler) getVNCHost( // --- vncRouteName := fmt.Sprintf("nova-novncproxy-%s-public", instance.Spec.CellName) - vncRoute := &routev1.Route{} - err := h.GetClient().Get(ctx, types.NamespacedName{ - Namespace: instance.Namespace, - Name: vncRouteName, - }, vncRoute) + svcOverride := ptr.To(instance.Spec.NoVNCProxyServiceTemplate.Override.Service[string(service.EndpointPublic)]) + if svcOverride != nil && + svcOverride.EndpointURL != nil { + return svcOverride.EndpointURL, nil + } + + vncSvc, err := service.GetServiceWithName(ctx, h, vncRouteName, instance.Namespace) if err != nil { return nil, err } - vncHost := vncRoute.Spec.Host - if vncHost == "" && len(vncRoute.Status.Ingress) > 0 { - vncHost = vncRoute.Status.Ingress[0].Host - } else if vncHost == "" { - // This should not happen as we waited for the NovaNoVncProxy to - // to become ready, so the route should exits - return nil, fmt.Errorf("vncHost is empty") + svc, err := service.NewService(vncSvc, time.Duration(5)*time.Second, svcOverride) + if err != nil { + return nil, err } - return &vncHost, nil + + // TODO: TLS + vncProxyURL, err := svc.GetAPIEndpoint(svcOverride, ptr.To(service.ProtocolHTTP), "/vnc_lite.html") + if err != nil { + return nil, err + } + + return ptr.To(vncProxyURL), nil } // SetupWithManager sets up the controller with the Manager. diff --git a/controllers/novametadata_controller.go b/controllers/novametadata_controller.go index a75b80ce2..3fc6fcf32 100644 --- a/controllers/novametadata_controller.go +++ b/controllers/novametadata_controller.go @@ -28,8 +28,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/source" - routev1 "github.com/openshift/api/route/v1" - common "github.com/openstack-k8s-operators/lib-common/modules/common" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" "github.com/openstack-k8s-operators/lib-common/modules/common/endpoint" @@ -37,6 +35,7 @@ import ( helper "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/labels" nad "github.com/openstack-k8s-operators/lib-common/modules/common/networkattachment" + "github.com/openstack-k8s-operators/lib-common/modules/common/service" "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" @@ -57,7 +56,6 @@ type NovaMetadataReconciler struct { // +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list; // +kubebuilder:rbac:groups=core,resources=services,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;watch;create;update;patch;delete; -// +kubebuilder:rbac:groups=route.openshift.io,resources=routes,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=k8s.cni.cncf.io,resources=network-attachment-definitions,verbs=get;list;watch // Reconcile is part of the main kubernetes reconciliation loop which aims to @@ -196,7 +194,7 @@ func (r *NovaMetadataReconciler) Reconcile(ctx context.Context, req ctrl.Request result, err = r.ensureServiceExposed(ctx, h, instance) if (err != nil || result != ctrl.Result{}) { - // We can ignore RequeueAfter as we are watching the Service and Route resource + // We can ignore RequeueAfter as we are watching the Service resource // but we have to return while waiting for the service to be exposed return ctrl.Result{}, err } @@ -430,57 +428,85 @@ func (r *NovaMetadataReconciler) ensureServiceExposed( h *helper.Helper, instance *novav1.NovaMetadata, ) (ctrl.Result, error) { - var ports = map[endpoint.Endpoint]endpoint.Data{ - endpoint.EndpointInternal: {Port: novametadata.APIServicePort}, + var ports = map[service.Endpoint]endpoint.Data{ + service.EndpointInternal: {Port: novametadata.APIServicePort}, } - for _, metallbcfg := range instance.Spec.ExternalEndpoints { - portCfg := ports[metallbcfg.Endpoint] - portCfg.MetalLB = &endpoint.MetalLBData{ - IPAddressPool: metallbcfg.IPAddressPool, - SharedIP: metallbcfg.SharedIP, - SharedIPKey: metallbcfg.SharedIPKey, - LoadBalancerIPs: metallbcfg.LoadBalancerIPs, + apiEndpoints := make(map[string]string) + + for endpointType, data := range ports { + endpointTypeStr := string(endpointType) + serviceName := novametadata.ServiceName + if instance.Spec.CellName != "" { + serviceName = novametadata.ServiceName + "-" + instance.Spec.CellName } + serviceName = serviceName + "-" + endpointTypeStr + svcOverride := instance.Spec.Override.Service[endpointTypeStr] + + exportLabels := util.MergeStringMaps( + getMetadataServiceLabels(instance.Spec.CellName), + map[string]string{ + string(endpointType): "true", + }, + ) - ports[metallbcfg.Endpoint] = portCfg - } + // Create the service + svc, err := service.NewService( + service.GenericService(&service.GenericServiceDetails{ + Name: serviceName, + Namespace: instance.Namespace, + Labels: exportLabels, + Selector: getMetadataServiceLabels(instance.Spec.CellName), + Port: service.GenericServicePort{ + Name: serviceName, + Port: data.Port, + Protocol: corev1.ProtocolTCP, + }, + }), + 5, + &svcOverride, + ) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.ExposeServiceReadyErrorMessage, + err.Error())) - serviceName := novametadata.ServiceName - if instance.Spec.CellName != "" { - serviceName = novametadata.ServiceName + "-" + instance.Spec.CellName - } + return ctrl.Result{}, err + } - apiEndpoints, ctrlResult, err := endpoint.ExposeEndpoints( - ctx, - h, - serviceName, - getMetadataServiceLabels(instance.Spec.CellName), - ports, - r.RequeueTimeout, - ) - if err != nil { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.ExposeServiceReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.ExposeServiceReadyErrorMessage, - err.Error())) - return ctrlResult, err - } else if (ctrlResult != ctrl.Result{}) { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.ExposeServiceReadyCondition, - condition.RequestedReason, - condition.SeverityInfo, - condition.ExposeServiceReadyRunningMessage)) - return ctrlResult, err - } - instance.Status.Conditions.MarkTrue(condition.ExposeServiceReadyCondition, condition.ExposeServiceReadyMessage) + ctrlResult, err := svc.CreateOrPatch(ctx, h) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.ExposeServiceReadyErrorMessage, + err.Error())) + + return ctrlResult, err + } else if (ctrlResult != ctrl.Result{}) { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.RequestedReason, + condition.SeverityInfo, + condition.ExposeServiceReadyRunningMessage)) + return ctrlResult, nil + } + // create service - end - for k, v := range apiEndpoints { - apiEndpoints[k] = v + // TODO: TLS, pass in https as protocol, create TLS cert + apiEndpoints[string(endpointType)], err = svc.GetAPIEndpoint( + &svcOverride, data.Protocol, data.Path) + if err != nil { + return ctrl.Result{}, err + } } + instance.Status.Conditions.MarkTrue(condition.ExposeServiceReadyCondition, condition.ExposeServiceReadyMessage) + return ctrl.Result{}, nil } @@ -514,7 +540,6 @@ func (r *NovaMetadataReconciler) SetupWithManager(mgr ctrl.Manager) error { For(&novav1.NovaMetadata{}). Owns(&v1.StatefulSet{}). Owns(&corev1.Service{}). - Owns(&routev1.Route{}). Owns(&corev1.Secret{}). Watches(&source.Kind{Type: &corev1.Secret{}}, handler.EnqueueRequestsFromMapFunc(r.GetSecretMapperFor(&novav1.NovaMetadataList{}))). diff --git a/controllers/novanovncproxy_controller.go b/controllers/novanovncproxy_controller.go index 2fb2173b2..8fe40f1c5 100644 --- a/controllers/novanovncproxy_controller.go +++ b/controllers/novanovncproxy_controller.go @@ -20,7 +20,6 @@ import ( "context" "fmt" - routev1 "github.com/openshift/api/route/v1" v1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" @@ -36,6 +35,7 @@ import ( helper "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/labels" nad "github.com/openstack-k8s-operators/lib-common/modules/common/networkattachment" + "github.com/openstack-k8s-operators/lib-common/modules/common/service" "github.com/openstack-k8s-operators/lib-common/modules/common/statefulset" util "github.com/openstack-k8s-operators/lib-common/modules/common/util" novav1 "github.com/openstack-k8s-operators/nova-operator/api/v1beta1" @@ -56,7 +56,6 @@ type NovaNoVNCProxyReconciler struct { // +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list; // +kubebuilder:rbac:groups=core,resources=services,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;watch;create;update;patch;delete; -// +kubebuilder:rbac:groups=route.openshift.io,resources=routes,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=keystone.openstack.org,resources=keystoneendpoints,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=k8s.cni.cncf.io,resources=network-attachment-definitions,verbs=get;list;watch @@ -158,7 +157,7 @@ func (r *NovaNoVNCProxyReconciler) Reconcile(ctx context.Context, req ctrl.Reque apiEndpoints, result, err := r.ensureServiceExposed(ctx, h, instance) if (err != nil || result != ctrl.Result{}) { - // We can ignore RequeueAfter as we are watching the Service and Route resource + // We can ignore RequeueAfter as we are watching the Service resource // but we have to return while waiting for the service to be exposed return ctrl.Result{}, err } @@ -409,55 +408,100 @@ func (r *NovaNoVNCProxyReconciler) ensureServiceExposed( h *helper.Helper, instance *novav1.NovaNoVNCProxy, ) (map[string]string, ctrl.Result, error) { - var ports = map[endpoint.Endpoint]endpoint.Data{ - endpoint.EndpointPublic: {Port: novncproxy.NoVNCProxyPort}, - endpoint.EndpointInternal: {Port: novncproxy.NoVNCProxyPort}, + var ports = map[service.Endpoint]endpoint.Data{ + service.EndpointPublic: {Port: novncproxy.NoVNCProxyPort}, + service.EndpointInternal: {Port: novncproxy.NoVNCProxyPort}, } - for _, metallbcfg := range instance.Spec.ExternalEndpoints { - portCfg := ports[metallbcfg.Endpoint] - portCfg.MetalLB = &endpoint.MetalLBData{ - IPAddressPool: metallbcfg.IPAddressPool, - SharedIP: metallbcfg.SharedIP, - SharedIPKey: metallbcfg.SharedIPKey, - LoadBalancerIPs: metallbcfg.LoadBalancerIPs, + apiEndpoints := make(map[string]string) + + for endpointType, data := range ports { + endpointTypeStr := string(endpointType) + serviceName := novncproxy.ServiceName + "-" + instance.Spec.CellName + "-" + endpointTypeStr + + svcOverride := instance.Spec.Override.Service[endpointTypeStr] + + exportLabels := util.MergeStringMaps( + getNoVNCProxyServiceLabels(instance.Spec.CellName), + map[string]string{ + service.AnnotationEndpointKey: endpointTypeStr, + }, + ) + + // Create the service + svc, err := service.NewService( + service.GenericService(&service.GenericServiceDetails{ + Name: serviceName, + Namespace: instance.Namespace, + Labels: exportLabels, + Selector: getNoVNCProxyServiceLabels(instance.Spec.CellName), + Port: service.GenericServicePort{ + Name: serviceName, + Port: data.Port, + Protocol: corev1.ProtocolTCP, + }, + }), + 5, + &svcOverride, + ) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.ExposeServiceReadyErrorMessage, + err.Error())) + + return nil, ctrl.Result{}, err } - ports[metallbcfg.Endpoint] = portCfg - } + svc.AddAnnotation(map[string]string{ + service.AnnotationEndpointKey: endpointTypeStr, + }) + + // add Annotation to whether creating an ingress is required or not + if endpointType == service.EndpointPublic && svc.GetServiceType() == corev1.ServiceTypeClusterIP { + svc.AddAnnotation(map[string]string{ + service.AnnotationIngressCreateKey: "true", + }) + svc.AddAnnotation(map[string]string{ + service.AnnotationIngressNameKey: novncproxy.ServiceName + "-" + instance.Spec.CellName, + }) + } else { + svc.AddAnnotation(map[string]string{ + service.AnnotationIngressCreateKey: "false", + }) + } - serviceName := novncproxy.ServiceName + "-" + instance.Spec.CellName + ctrlResult, err := svc.CreateOrPatch(ctx, h) + if err != nil { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.ErrorReason, + condition.SeverityWarning, + condition.ExposeServiceReadyErrorMessage, + err.Error())) + + return nil, ctrlResult, err + } else if (ctrlResult != ctrl.Result{}) { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.ExposeServiceReadyCondition, + condition.RequestedReason, + condition.SeverityInfo, + condition.ExposeServiceReadyRunningMessage)) + return nil, ctrlResult, nil + } + // create service - end - apiEndpoints, ctrlResult, err := endpoint.ExposeEndpoints( - ctx, - h, - serviceName, - getNoVNCProxyServiceLabels(instance.Spec.CellName), - ports, - r.RequeueTimeout, - ) - if err != nil { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.ExposeServiceReadyCondition, - condition.ErrorReason, - condition.SeverityWarning, - condition.ExposeServiceReadyErrorMessage, - err.Error())) - return apiEndpoints, ctrlResult, err - } else if (ctrlResult != ctrl.Result{}) { - instance.Status.Conditions.Set(condition.FalseCondition( - condition.ExposeServiceReadyCondition, - condition.RequestedReason, - condition.SeverityInfo, - condition.ExposeServiceReadyRunningMessage)) - return apiEndpoints, ctrlResult, err + // TODO: TLS, pass in https as protocol, create TLS cert + apiEndpoints[string(endpointType)], err = svc.GetAPIEndpoint( + &svcOverride, data.Protocol, data.Path) + if err != nil { + return nil, ctrl.Result{}, err + } } instance.Status.Conditions.MarkTrue(condition.ExposeServiceReadyCondition, condition.ExposeServiceReadyMessage) - for k, v := range apiEndpoints { - apiEndpoints[k] = v - } - return apiEndpoints, ctrl.Result{}, nil } @@ -485,7 +529,6 @@ func (r *NovaNoVNCProxyReconciler) SetupWithManager(mgr ctrl.Manager) error { For(&novav1.NovaNoVNCProxy{}). Owns(&v1.StatefulSet{}). Owns(&corev1.Service{}). - Owns(&routev1.Route{}). Owns(&corev1.Secret{}). Watches(&source.Kind{Type: &corev1.Secret{}}, handler.EnqueueRequestsFromMapFunc(r.GetSecretMapperFor(&novav1.NovaNoVNCProxyList{}))). diff --git a/go.mod b/go.mod index 127ee3839..b7766e6d8 100644 --- a/go.mod +++ b/go.mod @@ -95,3 +95,7 @@ replace github.com/openshift/api => github.com/openshift/api v0.0.0-202304141430 // needed to to cert-manager v1.11.4 see https://github.com/cert-manager/cert-manager/blob/v1.11.4/go.mod#L263C1-L264C104 // remove this once we bump to cert-manager v1.12.x replace github.com/Venafi/vcert/v4 => github.com/jetstack/vcert/v4 v4.9.6-0.20230519122548-219f317ae107 //allow-merging + +replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/stuggi/lib-common/modules/common v0.0.0-20230907061102-0705359fc344 + +replace github.com/openstack-k8s-operators/keystone-operator/api => github.com/stuggi/keystone-operator/api v0.0.0-20230907062239-b15a4b6cfdb6 diff --git a/go.sum b/go.sum index 568bbe050..5886a9a61 100644 --- a/go.sum +++ b/go.sum @@ -239,10 +239,6 @@ github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxC github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= github.com/openstack-k8s-operators/infra-operator/apis v0.1.1-0.20230905074428-c6aefc16dd01 h1:Edoxiq+Tawt4P14oyuSGTCng23vcmKy4Hi68jMcpP14= github.com/openstack-k8s-operators/infra-operator/apis v0.1.1-0.20230905074428-c6aefc16dd01/go.mod h1:14D4OyzE7A5S3IkfXhU3B43mobM4QfdyQCCqLNLR4No= -github.com/openstack-k8s-operators/keystone-operator/api v0.1.1-0.20230830083045-d73d07cca617 h1:+Sz5kbF6QzXgKROXp3S+X22ZHdt68zvj1tBOu94OGKU= -github.com/openstack-k8s-operators/keystone-operator/api v0.1.1-0.20230830083045-d73d07cca617/go.mod h1:CmUe4tHh990eRUj6Ou8gD9JE0PQ38LGnUu3kaaP8K50= -github.com/openstack-k8s-operators/lib-common/modules/common v0.1.1-0.20230824094610-976b18ca2875 h1:pj22n6PQy/XAmV5m6XaarMY6X1lvxAh16oVT5ZSVoNI= -github.com/openstack-k8s-operators/lib-common/modules/common v0.1.1-0.20230824094610-976b18ca2875/go.mod h1:Mqg9hyHpWPda62750vqmk5TajxP3zbYPDP1rtSH7mg0= github.com/openstack-k8s-operators/lib-common/modules/database v0.1.1-0.20230824094610-976b18ca2875 h1:Hqzy5HbNS98ZyVxNmLnOgoPjWPMm0eOHx1lHIoN/5UM= github.com/openstack-k8s-operators/lib-common/modules/database v0.1.1-0.20230824094610-976b18ca2875/go.mod h1:Z5qA6F9H/4iYPjcqehlFJ1I68icwBKIVMB00ruNLKaM= github.com/openstack-k8s-operators/lib-common/modules/openstack v0.1.1-0.20230824094610-976b18ca2875 h1:aUlwELsLYWQ3FL+/nRG/1uGVNW86c3MhtLrHNVDd57k= @@ -307,6 +303,10 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stuggi/keystone-operator/api v0.0.0-20230907062239-b15a4b6cfdb6 h1:5VrV9yQtmT7Bj9XM7TFMDgfZprgqPfw2AqK+khEwjjs= +github.com/stuggi/keystone-operator/api v0.0.0-20230907062239-b15a4b6cfdb6/go.mod h1:xVGf/an6HspP2PmYvTxJG07kq4hOX/f2nRx9tMK2k7A= +github.com/stuggi/lib-common/modules/common v0.0.0-20230907061102-0705359fc344 h1:NZDTBuxxyFn6JJN1nHHknhzD6k/m2AwDdv0z/lRaKWQ= +github.com/stuggi/lib-common/modules/common v0.0.0-20230907061102-0705359fc344/go.mod h1:Mqg9hyHpWPda62750vqmk5TajxP3zbYPDP1rtSH7mg0= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= diff --git a/main.go b/main.go index 43d4dd85e..d4403b73c 100644 --- a/main.go +++ b/main.go @@ -37,7 +37,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log/zap" networkv1 "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1" - routev1 "github.com/openshift/api/route/v1" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -63,7 +62,6 @@ func init() { utilruntime.Must(keystonev1.AddToScheme(scheme)) utilruntime.Must(corev1.AddToScheme(scheme)) utilruntime.Must(appsv1.AddToScheme(scheme)) - utilruntime.Must(routev1.AddToScheme(scheme)) utilruntime.Must(rabbitmqv1.AddToScheme(scheme)) utilruntime.Must(networkv1.AddToScheme(scheme)) //+kubebuilder:scaffold:scheme diff --git a/templates/nova.conf b/templates/nova.conf index 39bfc8666..914e03aa0 100644 --- a/templates/nova.conf +++ b/templates/nova.conf @@ -132,7 +132,7 @@ server_listen = {{ if (index . "novncproxy_service_host") }}{{ .novncproxy_servi # https://docs.openstack.org/nova/latest/configuration/config.html#DEFAULT.console_host server_proxyclient_address = "$my_ip" {{if (index . "novncproxy_base_url")}} -novncproxy_base_url = {{ .novncproxy_base_url }}/vnc_lite.html +novncproxy_base_url = {{ .novncproxy_base_url }} {{ end }} {{ end }} {{ end }} diff --git a/test/functional/base_test.go b/test/functional/base_test.go index 80132f492..677d2dc86 100644 --- a/test/functional/base_test.go +++ b/test/functional/base_test.go @@ -20,7 +20,6 @@ import ( "time" . "github.com/onsi/gomega" - routev1 "github.com/openshift/api/route/v1" corev1 "k8s.io/api/core/v1" k8s_errors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -442,8 +441,6 @@ type NovaNames struct { InternalNovaServiceName types.NamespacedName PublicNovaServiceName types.NamespacedName AdminNovaServiceName types.NamespacedName - InternalNovaRouteName types.NamespacedName - PublicNovaRouteName types.NamespacedName KeystoneServiceName types.NamespacedName APIName types.NamespacedName APIMariaDBDatabaseName types.NamespacedName @@ -468,7 +465,6 @@ type NovaNames struct { RoleBindingName types.NamespacedName MetadataConfigDataName types.NamespacedName InternalNovaMetadataServiceName types.NamespacedName - InternalNovaMetadataRouteName types.NamespacedName InternalTopLevelSecretName types.NamespacedName Cells map[string]CellNames } @@ -510,14 +506,6 @@ func GetNovaNames(novaName types.NamespacedName, cellNames []string) NovaNames { Namespace: novaName.Namespace, Name: "nova-public", }, - InternalNovaRouteName: types.NamespacedName{ - Namespace: novaName.Namespace, - Name: "nova-internal", - }, - PublicNovaRouteName: types.NamespacedName{ - Namespace: novaName.Namespace, - Name: "nova-public", - }, KeystoneServiceName: types.NamespacedName{ Namespace: novaName.Namespace, Name: "nova", // static value hardcoded in controller code @@ -583,10 +571,6 @@ func GetNovaNames(novaName types.NamespacedName, cellNames []string) NovaNames { Namespace: novaMetadata.Namespace, Name: "nova-metadata-internal", }, - InternalNovaMetadataRouteName: types.NamespacedName{ - Namespace: novaMetadata.Namespace, - Name: "nova-metadata-internal", - }, InternalTopLevelSecretName: novaName, Cells: cells, @@ -726,26 +710,9 @@ func AssertNoVNCProxyDoesNotExist(name types.NamespacedName) { }, timeout, interval).Should(Succeed()) } -func SimulateNoVNCProxyRouteIngress(cellName string, namespace string) string { - vncRouteName := types.NamespacedName{ - Namespace: namespace, - Name: fmt.Sprintf("nova-novncproxy-%s-public", cellName), - } - ingress := routev1.RouteIngress{ - Host: fmt.Sprintf( - "nova-novncproxy-%s-public-openstack.apps-crc.testing", cellName), - RouterName: "name", - } - Eventually(func(g Gomega) { - vncRoute := &routev1.Route{} - g.Expect(k8sClient.Get(ctx, vncRouteName, vncRoute)).Should(Succeed()) - - vncRoute.Status.Ingress = append(vncRoute.Status.Ingress, ingress) - // NOTE(gibi): Here we intentionally not using the Status client even - // though we are updating the Status. While this is strange but it - // does not work otherwise. (The status client will return 404) - g.Expect(k8sClient.Update(ctx, vncRoute)).Should(Succeed()) - }, timeout, interval).Should(Succeed()) - logger.Info("Simulated Ingress for the NovaNoVncProxy Route", "on", vncRouteName) - return ingress.Host +func SimulateNoVNCProxyService(cellName string, namespace string) string { + vncServiceHost := fmt.Sprintf("nova-novncproxy-%s-public.%s.svc:6080", cellName, namespace) + logger.Info("Simulated host for the NovaNoVncProxy Service", "on", vncServiceHost) + + return vncServiceHost } diff --git a/test/functional/nova_controller_test.go b/test/functional/nova_controller_test.go index c6e754337..c65b24137 100644 --- a/test/functional/nova_controller_test.go +++ b/test/functional/nova_controller_test.go @@ -889,7 +889,7 @@ var _ = Describe("Nova controller", func() { api := GetNovaAPI(novaNames.APIName) Expect(api.Spec.NetworkAttachments).To(Equal(nova.Spec.APIServiceTemplate.NetworkAttachments)) - Expect(api.Spec.ExternalEndpoints).To(Equal(nova.Spec.APIServiceTemplate.ExternalEndpoints)) + Expect(api.Spec.Override).To(Equal(nova.Spec.APIServiceTemplate.Override)) scheduler := GetNovaScheduler(novaNames.SchedulerName) Expect(scheduler.Spec.NetworkAttachments).To(Equal(nova.Spec.APIServiceTemplate.NetworkAttachments)) diff --git a/test/functional/nova_metadata_controller_test.go b/test/functional/nova_metadata_controller_test.go index 9b07af6e9..dce5fddfc 100644 --- a/test/functional/nova_metadata_controller_test.go +++ b/test/functional/nova_metadata_controller_test.go @@ -469,39 +469,53 @@ var _ = Describe("NovaMetadata controller", func() { ) }) }) - When("NovaMetadata is created with externalEndpoints", func() { + When("NovaMetadata is created with service override", func() { BeforeEach(func() { DeferCleanup( k8sClient.Delete, ctx, CreateNovaMetadataSecret(novaNames.MetadataName.Namespace, SecretName)) spec := GetDefaultNovaMetadataSpec() - var externalEndpoints []interface{} - externalEndpoints = append( - externalEndpoints, map[string]interface{}{ - "endpoint": "internal", - "ipAddressPool": "osp-internalapi", - "loadBalancerIPs": []string{"internal-lb-ip-1", "internal-lb-ip-2"}, + serviceOverride := map[string]interface{}{} + serviceOverride["internal"] = map[string]interface{}{ + "metadata": map[string]map[string]string{ + "annotations": { + "dnsmasq.network.openstack.org/hostname": "nova-metadata-internal.openstack.svc", + "metallb.universe.tf/address-pool": "osp-internalapi", + "metallb.universe.tf/allow-shared-ip": "osp-internalapi", + "metallb.universe.tf/loadBalancerIPs": "internal-lb-ip-1,internal-lb-ip-2", + }, + "labels": { + "internal": "true", + "service": "nova", + }, }, - ) - spec["externalEndpoints"] = externalEndpoints + "spec": map[string]interface{}{ + "type": "LoadBalancer", + }, + } + + spec["override"] = map[string]interface{}{ + "service": serviceOverride, + } metadata := CreateNovaMetadata(novaNames.MetadataName, spec) DeferCleanup(th.DeleteInstance, metadata) }) - It("creates MetalLB service", func() { + It("creates LoadBalancer service", func() { th.SimulateStatefulSetReplicaReady(novaNames.MetadataStatefulSetName) - // As the internal endpoint is configured in ExternalEndpoints it does not - // get a Route but a Service with MetalLB annotations instead + // As the internal endpoint is configured in service override it + // gets a LoadBalancer Service with MetalLB annotations service := th.GetService(novaNames.InternalNovaMetadataServiceName) + Expect(service.Annotations).To( + HaveKeyWithValue("dnsmasq.network.openstack.org/hostname", "nova-metadata-internal.openstack.svc")) Expect(service.Annotations).To( HaveKeyWithValue("metallb.universe.tf/address-pool", "osp-internalapi")) Expect(service.Annotations).To( HaveKeyWithValue("metallb.universe.tf/allow-shared-ip", "osp-internalapi")) Expect(service.Annotations).To( HaveKeyWithValue("metallb.universe.tf/loadBalancerIPs", "internal-lb-ip-1,internal-lb-ip-2")) - th.AssertRouteNotExists(novaNames.InternalNovaMetadataRouteName) th.ExpectCondition( novaNames.MetadataName, diff --git a/test/functional/nova_multicell_test.go b/test/functional/nova_multicell_test.go index 8f17417e9..0735c3196 100644 --- a/test/functional/nova_multicell_test.go +++ b/test/functional/nova_multicell_test.go @@ -300,7 +300,6 @@ var _ = Describe("Nova multicell", func() { novaNames.APIMariaDBDatabaseName.Name)), ) th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell1", novaNames.Namespace) th.SimulateJobSuccess(cell1.CellDBSyncJobName) th.ExpectCondition( cell1.CellConductorName, @@ -353,7 +352,6 @@ var _ = Describe("Nova multicell", func() { th.SimulateMariaDBDatabaseCompleted(cell1.MariaDBDatabaseName) th.SimulateTransportURLReady(cell1.TransportURLName) th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell1", novaNames.Namespace) th.SimulateJobSuccess(cell1.CellDBSyncJobName) th.SimulateStatefulSetReplicaReady(cell1.ConductorStatefulSetName) th.SimulateJobSuccess(cell1.CellMappingJobName) @@ -388,7 +386,6 @@ var _ = Describe("Nova multicell", func() { ContainSubstring("[api_database]"), ) th.SimulateStatefulSetReplicaReady(cell2.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell2", novaNames.Namespace) th.SimulateJobSuccess(cell2.CellDBSyncJobName) th.ExpectCondition( cell2.CellConductorName, @@ -472,7 +469,6 @@ var _ = Describe("Nova multicell", func() { GetNovaConductor(cell2.CellConductorName) th.SimulateStatefulSetReplicaReady(cell2.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell2", novaNames.Namespace) th.SimulateJobSuccess(cell2.CellDBSyncJobName) th.ExpectCondition( cell2.CellConductorName, @@ -624,7 +620,6 @@ var _ = Describe("Nova multicell", func() { // As cell0 is ready cell1 is deployed th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell1", novaNames.Namespace) th.SimulateJobSuccess(cell1.CellDBSyncJobName) th.SimulateStatefulSetReplicaReady(cell1.ConductorStatefulSetName) th.SimulateJobSuccess(cell1.CellMappingJobName) @@ -788,7 +783,6 @@ var _ = Describe("Nova multicell", func() { // As cell0 is ready cell1 is deployed th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell1", cell1.CellName.Namespace) th.SimulateJobSuccess(cell1.CellDBSyncJobName) th.SimulateStatefulSetReplicaReady(cell1.ConductorStatefulSetName) th.SimulateStatefulSetReplicaReady(cell1.MetadataStatefulSetName) diff --git a/test/functional/nova_novncproxy_test.go b/test/functional/nova_novncproxy_test.go index 50a56cdbb..dac937fd8 100644 --- a/test/functional/nova_novncproxy_test.go +++ b/test/functional/nova_novncproxy_test.go @@ -429,39 +429,53 @@ var _ = Describe("NovaNoVNCProxy controller", func() { }) }) - When("NovaNoVNCProxy is created with externalEndpoints", func() { + When("NovaNoVNCProxy is created with service override", func() { BeforeEach(func() { DeferCleanup( k8sClient.Delete, ctx, CreateNovaNoVNCProxySecret(cell1.NoVNCProxyName.Namespace, SecretName)) spec := GetDefaultNovaNoVNCProxySpec() - var externalEndpoints []interface{} - externalEndpoints = append( - externalEndpoints, map[string]interface{}{ - "endpoint": "internal", - "ipAddressPool": "osp-internalapi", - "loadBalancerIPs": []string{"internal-lb-ip-1", "internal-lb-ip-2"}, + serviceOverride := map[string]interface{}{} + serviceOverride["internal"] = map[string]interface{}{ + "metadata": map[string]map[string]string{ + "annotations": { + "dnsmasq.network.openstack.org/hostname": "nova-novncproxy-cell1-internal.openstack.svc", + "metallb.universe.tf/address-pool": "osp-internalapi", + "metallb.universe.tf/allow-shared-ip": "osp-internalapi", + "metallb.universe.tf/loadBalancerIPs": "internal-lb-ip-1,internal-lb-ip-2", + }, + "labels": { + "internal": "true", + "service": "nova", + }, }, - ) - spec["externalEndpoints"] = externalEndpoints + "spec": map[string]interface{}{ + "type": "LoadBalancer", + }, + } + + spec["override"] = map[string]interface{}{ + "service": serviceOverride, + } noVNCP := CreateNovaNoVNCProxy(cell1.NoVNCProxyName, spec) DeferCleanup(th.DeleteInstance, noVNCP) }) - It("creates MetalLB service", func() { + It("creates LoadBalancer service", func() { th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - // As the internal endpoint is configured in ExternalEndpoints it does not - // get a Route but a Service with MetalLB annotations instead + // As the internal endpoint is configured in ExternalEndpoints it + // gets a LoadBalancer Service with MetalLB annotations service := th.GetService(types.NamespacedName{Namespace: cell1.NoVNCProxyName.Namespace, Name: "nova-novncproxy-cell1-internal"}) + Expect(service.Annotations).To( + HaveKeyWithValue("dnsmasq.network.openstack.org/hostname", "nova-novncproxy-cell1-internal.openstack.svc")) Expect(service.Annotations).To( HaveKeyWithValue("metallb.universe.tf/address-pool", "osp-internalapi")) Expect(service.Annotations).To( HaveKeyWithValue("metallb.universe.tf/allow-shared-ip", "osp-internalapi")) Expect(service.Annotations).To( HaveKeyWithValue("metallb.universe.tf/loadBalancerIPs", "internal-lb-ip-1,internal-lb-ip-2")) - th.AssertRouteNotExists(types.NamespacedName{Namespace: cell1.NoVNCProxyName.Namespace, Name: "nova-novncproxy-cell1-internal"}) th.ExpectCondition( cell1.NoVNCProxyName, diff --git a/test/functional/nova_reconfiguration_test.go b/test/functional/nova_reconfiguration_test.go index 472641bfa..fccb46c38 100644 --- a/test/functional/nova_reconfiguration_test.go +++ b/test/functional/nova_reconfiguration_test.go @@ -106,13 +106,11 @@ func CreateNovaWith3CellsAndEnsureReady(novaNames NovaNames) { th.SimulateKeystoneEndpointReady(novaNames.APIKeystoneEndpointName) th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell1", novaNames.Namespace) th.SimulateJobSuccess(cell1.CellDBSyncJobName) th.SimulateStatefulSetReplicaReady(cell1.ConductorStatefulSetName) th.SimulateJobSuccess(cell1.CellMappingJobName) th.SimulateStatefulSetReplicaReady(cell2.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell2", novaNames.Namespace) th.SimulateJobSuccess(cell2.CellDBSyncJobName) th.SimulateStatefulSetReplicaReady(cell2.ConductorStatefulSetName) th.SimulateJobSuccess(cell2.CellMappingJobName) diff --git a/test/functional/novaapi_controller_test.go b/test/functional/novaapi_controller_test.go index 06a9b0bec..8d3aeaea1 100644 --- a/test/functional/novaapi_controller_test.go +++ b/test/functional/novaapi_controller_test.go @@ -292,7 +292,6 @@ var _ = Describe("NovaAPI controller", func() { Expect(public.Labels["service"]).To(Equal("nova-api")) internal := th.GetService(novaNames.InternalNovaServiceName) Expect(internal.Labels["service"]).To(Equal("nova-api")) - th.AssertRouteExists(novaNames.PublicNovaRouteName) }) It("creates KeystoneEndpoint", func() { @@ -301,7 +300,7 @@ var _ = Describe("NovaAPI controller", func() { keystoneEndpoint := th.GetKeystoneEndpoint(types.NamespacedName{Namespace: novaNames.APIName.Namespace, Name: "nova"}) endpoints := keystoneEndpoint.Spec.Endpoints - Expect(endpoints).To(HaveKeyWithValue("public", "http:/v2.1")) + Expect(endpoints).To(HaveKeyWithValue("public", "http://nova-public."+novaNames.APIName.Namespace+".svc:8774/v2.1")) Expect(endpoints).To(HaveKeyWithValue("internal", "http://nova-internal."+novaNames.APIName.Namespace+".svc:8774/v2.1")) th.ExpectCondition( @@ -486,50 +485,60 @@ var _ = Describe("NovaAPI controller", func() { }) }) - When("NovaAPI is created with externalEndpoints", func() { + When("NovaAPI is created with service override", func() { BeforeEach(func() { spec := GetDefaultNovaAPISpec() - // NOTE(gibi): We need to create the data as raw list of maps - // to allow defaulting to happen according to the kubebuilder - // definitions - var externalEndpoints []interface{} - externalEndpoints = append( - externalEndpoints, map[string]interface{}{ - "endpoint": "internal", - "ipAddressPool": "osp-internalapi", - "loadBalancerIPs": []string{"internal-lb-ip-1", "internal-lb-ip-2"}, + serviceOverride := map[string]interface{}{} + serviceOverride["internal"] = map[string]interface{}{ + "metadata": map[string]map[string]string{ + "annotations": { + "dnsmasq.network.openstack.org/hostname": "nova-internal.openstack.svc", + "metallb.universe.tf/address-pool": "osp-internalapi", + "metallb.universe.tf/allow-shared-ip": "osp-internalapi", + "metallb.universe.tf/loadBalancerIPs": "internal-lb-ip-1,internal-lb-ip-2", + }, + "labels": { + "internal": "true", + "service": "nova", + }, }, - ) - spec["externalEndpoints"] = externalEndpoints + "spec": map[string]interface{}{ + "type": "LoadBalancer", + }, + } + + spec["override"] = map[string]interface{}{ + "service": serviceOverride, + } DeferCleanup( k8sClient.Delete, ctx, CreateNovaAPISecret(novaNames.APIName.Namespace, SecretName)) DeferCleanup(th.DeleteInstance, CreateNovaAPI(novaNames.APIName, spec)) }) - It("creates MetalLB service", func() { + It("creates LoadBalancer service", func() { th.SimulateStatefulSetReplicaReady(novaNames.APIStatefulSetName) th.SimulateKeystoneEndpointReady(novaNames.APIKeystoneEndpointName) - // As the internal endpoint is configured in ExternalEndpoints it does not - // get a Route but a Service with MetalLB annotations instead + // As the internal endpoint has service override configured it + // gets a LoadBalancer Service with MetalLB annotations service := th.GetService(novaNames.InternalNovaServiceName) + Expect(service.Annotations).To( + HaveKeyWithValue("dnsmasq.network.openstack.org/hostname", "nova-internal.openstack.svc")) Expect(service.Annotations).To( HaveKeyWithValue("metallb.universe.tf/address-pool", "osp-internalapi")) Expect(service.Annotations).To( HaveKeyWithValue("metallb.universe.tf/allow-shared-ip", "osp-internalapi")) Expect(service.Annotations).To( HaveKeyWithValue("metallb.universe.tf/loadBalancerIPs", "internal-lb-ip-1,internal-lb-ip-2")) - th.AssertRouteNotExists(novaNames.InternalNovaRouteName) - // As the public endpoint is not mentioned in the ExternalEndpoints a generic Service and - // a Route is created + // As the public endpoint does not have overrides, a generic Service + // is created service = th.GetService(novaNames.PublicNovaServiceName) Expect(service.Annotations).NotTo(HaveKey("metallb.universe.tf/address-pool")) Expect(service.Annotations).NotTo(HaveKey("metallb.universe.tf/allow-shared-ip")) Expect(service.Annotations).NotTo(HaveKey("metallb.universe.tf/loadBalancerIPs")) - th.AssertRouteExists(novaNames.PublicNovaRouteName) th.ExpectCondition( novaNames.APIName, diff --git a/test/functional/novacell_controller_test.go b/test/functional/novacell_controller_test.go index 11eb0ec04..b922bb002 100644 --- a/test/functional/novacell_controller_test.go +++ b/test/functional/novacell_controller_test.go @@ -217,7 +217,6 @@ var _ = Describe("NovaCell controller", func() { // make novncproxy ready th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell1", cell1.CellName.Namespace) th.ExpectCondition( cell1.CellName, @@ -265,7 +264,7 @@ var _ = Describe("NovaCell controller", func() { // compute config only generated after VNCProxy is ready, // so make novncproxy ready th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - host := SimulateNoVNCProxyRouteIngress("cell1", cell1.CellName.Namespace) + host := SimulateNoVNCProxyService("cell1", cell1.CellName.Namespace) th.ExpectCondition( cell1.CellName, ConditionGetterFunc(NovaCellConditionGetter), @@ -296,7 +295,6 @@ var _ = Describe("NovaCell controller", func() { th.SimulateJobSuccess(cell1.CellDBSyncJobName) th.SimulateStatefulSetReplicaReady(cell1.ConductorStatefulSetName) th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell1", cell1.CellName.Namespace) th.SimulateStatefulSetReplicaReady(cell1.MetadataStatefulSetName) th.ExpectCondition( @@ -311,7 +309,7 @@ var _ = Describe("NovaCell controller", func() { th.SimulateJobSuccess(cell1.CellDBSyncJobName) th.SimulateStatefulSetReplicaReady(cell1.ConductorStatefulSetName) th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell1", cell1.CellName.Namespace) + SimulateNoVNCProxyService("cell1", cell1.CellName.Namespace) th.SimulateStatefulSetReplicaReady(cell1.MetadataStatefulSetName) th.ExpectCondition( @@ -343,7 +341,7 @@ var _ = Describe("NovaCell controller", func() { th.SimulateJobSuccess(cell1.CellDBSyncJobName) th.SimulateStatefulSetReplicaReady(cell1.ConductorStatefulSetName) th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell1", cell1.CellName.Namespace) + SimulateNoVNCProxyService("cell1", cell1.CellName.Namespace) th.SimulateStatefulSetReplicaReady(cell1.MetadataStatefulSetName) th.ExpectCondition( @@ -464,7 +462,7 @@ var _ = Describe("NovaCell controller", func() { // make novncproxy ready th.SimulateStatefulSetReplicaReady(cell2.NoVNCProxyStatefulSetName) - host := SimulateNoVNCProxyRouteIngress("cell2", cell2.CellName.Namespace) + host := SimulateNoVNCProxyService("cell2", cell2.CellName.Namespace) th.ExpectCondition( cell2.CellName, @@ -573,7 +571,7 @@ var _ = Describe("NovaCell controller", func() { "Deployment in progress", ) th.SimulateStatefulSetReplicaReady(cell2.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell2", cell2.CellName.Namespace) + SimulateNoVNCProxyService("cell2", cell2.CellName.Namespace) th.ExpectCondition( cell2.CellName, ConditionGetterFunc(NovaCellConditionGetter), @@ -843,7 +841,7 @@ var _ = Describe("NovaCell controller", func() { th.SimulateJobSuccess(cell1.CellDBSyncJobName) th.SimulateStatefulSetReplicaReady(cell1.ConductorStatefulSetName) th.SimulateStatefulSetReplicaReady(cell1.NoVNCProxyStatefulSetName) - SimulateNoVNCProxyRouteIngress("cell1", cell1.CellName.Namespace) + SimulateNoVNCProxyService("cell1", cell1.CellName.Namespace) th.SimulateStatefulSetReplicaReady(cell1.MetadataStatefulSetName) cell := GetNovaCell(cell1.CellName) diff --git a/test/kuttl/test-suites/default/scale-tests/01-assert.yaml b/test/kuttl/test-suites/default/scale-tests/01-assert.yaml index 6453a8426..3a27390a2 100644 --- a/test/kuttl/test-suites/default/scale-tests/01-assert.yaml +++ b/test/kuttl/test-suites/default/scale-tests/01-assert.yaml @@ -276,30 +276,6 @@ spec: selector: service: nova-api --- -apiVersion: route.openshift.io/v1 -kind: Route -metadata: - labels: - public: "true" - service: nova-api - name: nova-public - ownerReferences: - - blockOwnerDeletion: true - controller: true - kind: NovaAPI - name: nova-kuttl-api -spec: - port: - targetPort: nova-public - to: - kind: Service - name: nova-public -status: - ingress: - - conditions: - - status: "True" - type: Admitted ---- apiVersion: v1 kind: Secret metadata: