diff --git a/cmd/loxilb-agent/agent.go b/cmd/loxilb-agent/agent.go index 52b7e0c..8cda6a0 100644 --- a/cmd/loxilb-agent/agent.go +++ b/cmd/loxilb-agent/agent.go @@ -29,14 +29,17 @@ import ( "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/bgppolicyapply" "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/bgppolicydefinedsets" "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/bgppolicydefinition" + "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/egress" "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/gatewayapi" "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/loadbalancer" "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/loxiurl" "github.com/loxilb-io/kube-loxilb/pkg/api" bgpCRDinformers "github.com/loxilb-io/kube-loxilb/pkg/bgp-client/informers/externalversions" + egressCRDinformers "github.com/loxilb-io/kube-loxilb/pkg/egress-client/informers/externalversions" "github.com/loxilb-io/kube-loxilb/pkg/ippool" "github.com/loxilb-io/kube-loxilb/pkg/k8s" klbCRDinformers "github.com/loxilb-io/kube-loxilb/pkg/klb-client/informers/externalversions" + "github.com/loxilb-io/kube-loxilb/pkg/log" "k8s.io/client-go/informers" @@ -64,7 +67,8 @@ func run(o *Options) error { klog.Infof(" Build: %s", BuildInfo) // create k8s Clientset, CRD Clientset and SharedInformerFactory for the given config. - k8sClient, _, bgpCRDClient, klbCRDClient, k8sExtClient, sigsClient, err := k8s.CreateClients(o.config.ClientConnection, "") + // TODO: crdClient must be integrated into one. + k8sClient, _, bgpCRDClient, klbCRDClient, egressClient, k8sExtClient, sigsClient, err := k8s.CreateClients(o.config.ClientConnection, "") if err != nil { return fmt.Errorf("error creating k8s clients: %v", err) } @@ -78,6 +82,9 @@ func run(o *Options) error { loxilbURLInformerFactory := klbCRDinformers.NewSharedInformerFactory(klbCRDClient, informerDefaultResync) loxilbURLInformer := loxilbURLInformerFactory.Loxiurl().V1().LoxiURLs() + + egressInformerFactory := egressCRDinformers.NewSharedInformerFactory(egressClient, informerDefaultResync) + egressInformer := egressInformerFactory.Egress().V1().Egresses() sigsInformerFactory := sigsInformer.NewSharedInformerFactory(sigsClient, informerDefaultResync) // networkReadyCh is used to notify that the Node's network is ready. @@ -174,8 +181,10 @@ func run(o *Options) error { } } - loxilbClients := make([]*api.LoxiClient, 0) - loxilbPeerClients := make([]*api.LoxiClient, 0) + //loxilbClients := make([]*api.LoxiClient, 0) + //loxilbPeerClients := make([]*api.LoxiClient, 0) + loxilbClients := api.NewLoxiClientPool() + loxilbPeerClients := api.NewLoxiClientPool() loxiLBLiveCh := make(chan *api.LoxiClient, 50) loxiLBPurgeCh := make(chan *api.LoxiClient, 5) loxiLBSelMasterEvent := make(chan bool) @@ -188,7 +197,7 @@ func run(o *Options) error { if err != nil { return err } - loxilbClients = append(loxilbClients, loxilbClient) + loxilbClients.AddLoxiClient(loxilbClient) } } @@ -207,7 +216,7 @@ func run(o *Options) error { bgpCRDClient, networkConfig, BGPPeerInformer, - lbManager, + loxilbClients, ) BGPPolicyDefinedSetsManager := bgppolicydefinedsets.NewBGPPolicyDefinedSetsManager( @@ -215,7 +224,7 @@ func run(o *Options) error { bgpCRDClient, networkConfig, BGPPolicyDefinedSetInformer, - lbManager, + loxilbClients, ) BGPPolicyDefinitionManager := bgppolicydefinition.NewBGPPolicyDefinitionManager( @@ -223,14 +232,14 @@ func run(o *Options) error { bgpCRDClient, networkConfig, BGPPolicyDefinitionInformer, - lbManager, + loxilbClients, ) BGPPolicyApplyManager := bgppolicyapply.NewBGPPolicyApplyManager( k8sClient, bgpCRDClient, networkConfig, BGPPolicyApplyInformer, - lbManager, + loxilbClients, ) loxilbURLMgr := loxiurl.NewLoxiLBURLManager( @@ -242,6 +251,14 @@ func run(o *Options) error { lbManager, ) + egressMgr := egress.NewEgressManager( + k8sClient, + egressClient, + networkConfig, + egressInformer, + loxilbClients, + ) + go func() { for { select { @@ -277,6 +294,8 @@ func run(o *Options) error { } go loxilbURLMgr.Start(loxilbURLInformerFactory, stopCh, loxiLBLiveCh, loxiLBDeadCh, loxiLBPurgeCh) + egressInformerFactory.Start(stopCh) + go egressMgr.Run(stopCh) // Run gateway API managers if o.config.EnableGatewayAPI { diff --git a/go.mod b/go.mod index d3c55f5..0ecebf1 100644 --- a/go.mod +++ b/go.mod @@ -7,16 +7,15 @@ require ( github.com/spf13/cobra v1.7.0 github.com/spf13/pflag v1.0.5 gopkg.in/yaml.v2 v2.4.0 - k8s.io/api v0.31.1 + k8s.io/api v0.32.0 k8s.io/apiextensions-apiserver v0.28.3 - k8s.io/apimachinery v0.31.1 - k8s.io/client-go v0.31.1 - k8s.io/code-generator v0.28.3 + k8s.io/apimachinery v0.32.0 + k8s.io/client-go v0.32.0 k8s.io/component-base v0.28.3 k8s.io/klog/v2 v2.130.1 k8s.io/kube-aggregator v0.26.0 sigs.k8s.io/gateway-api v1.0.0 - sigs.k8s.io/structured-merge-diff/v4 v4.4.1 + sigs.k8s.io/structured-merge-diff/v4 v4.4.2 ) require ( @@ -27,16 +26,15 @@ require ( github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-logr/logr v1.4.2 // indirect - github.com/go-openapi/jsonpointer v0.20.0 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.4 // indirect + github.com/go-openapi/swag v0.23.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/imdario/mergo v0.3.16 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect @@ -52,23 +50,18 @@ require ( github.com/prometheus/common v0.45.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect github.com/x448/float16 v0.8.4 // indirect - golang.org/x/mod v0.17.0 // indirect golang.org/x/net v0.33.0 // indirect - golang.org/x/oauth2 v0.21.0 // indirect - golang.org/x/sync v0.10.0 // indirect + golang.org/x/oauth2 v0.23.0 // indirect golang.org/x/sys v0.28.0 // indirect golang.org/x/term v0.27.0 // indirect golang.org/x/text v0.21.0 // indirect - golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect - google.golang.org/protobuf v1.34.2 // indirect + golang.org/x/time v0.7.0 // indirect + google.golang.org/protobuf v1.35.1 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 // indirect - k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70 // indirect - k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect - k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect - sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect + k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect + k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 // indirect + sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index a0b35d8..974e40d 100644 --- a/go.sum +++ b/go.sum @@ -14,19 +14,18 @@ github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxER github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= -github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/zapr v1.2.3 h1:a9vnzlIBPQBBkeaR9IuMUfmVOrQlkoC4YfPoFkX3T7A= github.com/go-logr/zapr v1.2.3/go.mod h1:eIauM6P8qSvTw5o2ez6UEAfGjQKrxQTl5EoK+Qa2oG4= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= -github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= -github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= @@ -35,20 +34,16 @@ github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af h1:kmjWCqn2qkEml422C2Rrd27c3VGxi6a/6HNq8QmHRKM= -github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo= +github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= -github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= @@ -57,7 +52,6 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= @@ -80,10 +74,10 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= -github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= -github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE= -github.com/onsi/gomega v1.27.6/go.mod h1:PIQNjfQwkP3aQAH7lf7j87O/5FiNr+ZR8+ipb+qQlhg= +github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= +github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= +github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= +github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -126,21 +120,17 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= -golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= -golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= -golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs= +golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= -golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -152,66 +142,55 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ= +golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200505023115-26f46d2f7ef8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg= -golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= +golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ= +golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= -google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= +google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= +google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= -gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.31.1 h1:Xe1hX/fPW3PXYYv8BlozYqw63ytA92snr96zMW9gWTU= -k8s.io/api v0.31.1/go.mod h1:sbN1g6eY6XVLeqNsZGLnI5FwVseTrZX7Fv3O26rhAaI= +k8s.io/api v0.32.0 h1:OL9JpbvAU5ny9ga2fb24X8H6xQlVp+aJMFlgtQjR9CE= +k8s.io/api v0.32.0/go.mod h1:4LEwHZEf6Q/cG96F3dqR965sYOfmPM7rq81BLgsE0p0= k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08= k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM7gJSisbRt8Lc= -k8s.io/apimachinery v0.31.1 h1:mhcUBbj7KUjaVhyXILglcVjuS4nYXiwC+KKFBgIVy7U= -k8s.io/apimachinery v0.31.1/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= -k8s.io/client-go v0.31.1 h1:f0ugtWSbWpxHR7sjVpQwuvw9a3ZKLXX0u0itkFXufb0= -k8s.io/client-go v0.31.1/go.mod h1:sKI8871MJN2OyeqRlmA4W4KM9KBdBUpDLu/43eGemCg= -k8s.io/code-generator v0.28.3 h1:I847QvdpYx7xKiG2KVQeCSyNF/xU9TowaDAg601mvlw= -k8s.io/code-generator v0.28.3/go.mod h1:A2EAHTRYvCvBrb/MM2zZBNipeCk3f8NtpdNIKawC43M= +k8s.io/apimachinery v0.32.0 h1:cFSE7N3rmEEtv4ei5X6DaJPHHX0C+upp+v5lVPiEwpg= +k8s.io/apimachinery v0.32.0/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= +k8s.io/client-go v0.32.0 h1:DimtMcnN/JIKZcrSrstiwvvZvLjG0aSxy8PxN8IChp8= +k8s.io/client-go v0.32.0/go.mod h1:boDWvdM1Drk4NJj/VddSLnx59X3OPgwrOo0vGbtq9+8= k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= -k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 h1:pWEwq4Asjm4vjW7vcsmijwBhOr1/shsbSYiWXmNGlks= -k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= -k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70 h1:NGrVE502P0s0/1hudf8zjgwki1X/TByhmAoILTarmzo= -k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70/go.mod h1:VH3AT8AaQOqiGjMF9p0/IM1Dj+82ZwjfxUP1IxaHE+8= -k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-aggregator v0.26.0 h1:XF/Q5FwdLmCsK1RKGFNWfIo/b+r63sXOu+KKcaIFa/M= k8s.io/kube-aggregator v0.26.0/go.mod h1:QUGAvubVFZ43JiT2gMm6f15FvFkyJcZeDcV1nIbmfgk= -k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag= -k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= -k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= -k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJJ4JRdzg3+O6e8I+e+8T5Y= +k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f/go.mod h1:R/HEjbvWI0qdfb8viZUeVZm0X6IZnxAydC7YU42CMw4= +k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro= +k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/gateway-api v1.0.0 h1:iPTStSv41+d9p0xFydll6d7f7MOBGuqXM6p2/zVYMAs= sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudLlf4c= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= -sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= -sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= -sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= +sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 h1:/Rv+M11QRah1itp8VhT6HoVx1Ray9eB4DBr+K+/sCJ8= +sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3/go.mod h1:18nIHnGi6636UCz6m8i4DhaJ65T6EruyzmoQqI2BVDo= +sigs.k8s.io/structured-merge-diff/v4 v4.4.2 h1:MdmvkGuXi/8io6ixD5wud3vOLwc1rj0aNqRlpuvjmwA= +sigs.k8s.io/structured-merge-diff/v4 v4.4.2/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/hack/boilerplate.go.txt b/hack/boilerplate.go.txt new file mode 100644 index 0000000..cb77fe9 --- /dev/null +++ b/hack/boilerplate.go.txt @@ -0,0 +1,15 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ diff --git a/hack/update-codegen.sh b/hack/update-codegen.sh new file mode 100755 index 0000000..e88713b --- /dev/null +++ b/hack/update-codegen.sh @@ -0,0 +1,42 @@ +#!/usr/bin/env bash + +# Copyright 2017 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +SCRIPT_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. +echo $SCRIPT_ROOT +GOPATH=$(go env GOPATH) +echo $GOPATH +CODEGEN_PKG=${CODEGEN_PKG:-$(cd "${SCRIPT_ROOT}"; ls -d -1 $GOPATH/src/k8s.io/code-generator 2>/dev/null || echo ../code-generator)} +echo $CODEGEN_PKG + +source "${CODEGEN_PKG}/kube_codegen.sh" + +THIS_PKG="github.com/loxilb-io/kube-loxilb" + +kube::codegen::gen_helpers \ + --boilerplate "${SCRIPT_ROOT}/hack/boilerplate.go.txt" \ + "${SCRIPT_ROOT}/pkg/crds" + +kube::codegen::gen_client \ + --with-watch \ + --output-dir "${SCRIPT_ROOT}/pkg/egress-client" \ + --output-pkg "${THIS_PKG}/pkg/egress-client" \ + --boilerplate "${SCRIPT_ROOT}/hack/boilerplate.go.txt" \ + --one-input-api "egress" \ + "${SCRIPT_ROOT}/pkg/crds" diff --git a/manifest/crds/egress-crd.yaml b/manifest/crds/egress-crd.yaml new file mode 100644 index 0000000..4923bfc --- /dev/null +++ b/manifest/crds/egress-crd.yaml @@ -0,0 +1,52 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: egresses.egress.loxilb.io +spec: + group: egress.loxilb.io + names: + kind: Egress + listKind: EgressList + plural: egresses + singular: egress + scope: Namespaced + versions: + - name: v1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + required: + - spec + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: EgressSpec defines the desired state of Egress + type: object + properties: + addresses: + type: array + items: + type: string + vip: + type: string + required: + - addresses + - vip \ No newline at end of file diff --git a/manifest/crds/egress-example.yaml b/manifest/crds/egress-example.yaml new file mode 100644 index 0000000..4513a7e --- /dev/null +++ b/manifest/crds/egress-example.yaml @@ -0,0 +1,11 @@ +apiVersion: "egress.loxilb.io/v1" +kind: Egress +metadata: + name: test-egress +spec: + #address: IP list of the Pod on which you want the egress rule applied + addresses: + - 10.42.1.2/32 + - 10.42.0.5/32 + #vip: IP in addresses is SNATed to the corresponding VIP. + vip: 172.18.0.254 \ No newline at end of file diff --git a/manifest/ext-cluster/kube-loxilb-cidrv6.yaml b/manifest/ext-cluster/kube-loxilb-cidrv6.yaml index 4e6f51b..d8a0d20 100644 --- a/manifest/ext-cluster/kube-loxilb-cidrv6.yaml +++ b/manifest/ext-cluster/kube-loxilb-cidrv6.yaml @@ -90,6 +90,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/ext-cluster/kube-loxilb-secondaryIPs.yaml b/manifest/ext-cluster/kube-loxilb-secondaryIPs.yaml index 17cd59d..922b414 100644 --- a/manifest/ext-cluster/kube-loxilb-secondaryIPs.yaml +++ b/manifest/ext-cluster/kube-loxilb-secondaryIPs.yaml @@ -90,6 +90,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/ext-cluster/kube-loxilb.yaml b/manifest/ext-cluster/kube-loxilb.yaml index d69a148..41c6d66 100644 --- a/manifest/ext-cluster/kube-loxilb.yaml +++ b/manifest/ext-cluster/kube-loxilb.yaml @@ -134,6 +134,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/ext-peer-cluster/kube-loxilb.yaml b/manifest/ext-peer-cluster/kube-loxilb.yaml index dcfc6bd..82b7bae 100644 --- a/manifest/ext-peer-cluster/kube-loxilb.yaml +++ b/manifest/ext-peer-cluster/kube-loxilb.yaml @@ -134,6 +134,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/gateway-api/kube-loxilb.yaml b/manifest/gateway-api/kube-loxilb.yaml index 8239ec8..86a6956 100644 --- a/manifest/gateway-api/kube-loxilb.yaml +++ b/manifest/gateway-api/kube-loxilb.yaml @@ -138,7 +138,22 @@ rules: - create - update - delete - + - apiGroups: + - loxiurl.loxilb.io + resources: + - loxiurls + verbs: + - get + - watch + - list + - create + - update + - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/in-cluster/kube-loxilb-nobgp.yaml b/manifest/in-cluster/kube-loxilb-nobgp.yaml index bcbdb84..1064e1c 100644 --- a/manifest/in-cluster/kube-loxilb-nobgp.yaml +++ b/manifest/in-cluster/kube-loxilb-nobgp.yaml @@ -134,6 +134,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/in-cluster/kube-loxilb.yaml b/manifest/in-cluster/kube-loxilb.yaml index 5a403f0..bb87ef8 100644 --- a/manifest/in-cluster/kube-loxilb.yaml +++ b/manifest/in-cluster/kube-loxilb.yaml @@ -134,6 +134,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/in-cluster/loxilb-localvip.yaml b/manifest/in-cluster/loxilb-localvip.yaml index 5ebe1c5..b4c6563 100644 --- a/manifest/in-cluster/loxilb-localvip.yaml +++ b/manifest/in-cluster/loxilb-localvip.yaml @@ -88,6 +88,25 @@ spec: --- apiVersion: v1 kind: Service +metadata: + name: loxilb-egress-service + namespace: kube-system + annotations: + loxilb.io/usepodnetwork: "yes" +spec: + externalTrafficPolicy: Local + type: LoadBalancer + loadBalancerClass: loxilb.io/loxilb + selector: + app: loxilb-app + ports: + - name: loxilb-egress + port: 2020 + targetPort: 8080 + protocol: TCP +--- +apiVersion: v1 +kind: Service metadata: name: loxilb-lb-service namespace: kube-system diff --git a/manifest/in-cluster/loxilb-nobgp.yaml b/manifest/in-cluster/loxilb-nobgp.yaml index fec3c97..310e786 100644 --- a/manifest/in-cluster/loxilb-nobgp.yaml +++ b/manifest/in-cluster/loxilb-nobgp.yaml @@ -44,6 +44,25 @@ spec: --- apiVersion: v1 kind: Service +metadata: + name: loxilb-egress-service + namespace: kube-system + annotations: + loxilb.io/usepodnetwork: "yes" +spec: + externalTrafficPolicy: Local + type: LoadBalancer + loadBalancerClass: loxilb.io/loxilb + selector: + app: loxilb-app + ports: + - name: loxilb-egress + port: 2020 + targetPort: 8080 + protocol: TCP +--- +apiVersion: v1 +kind: Service metadata: name: loxilb-lb-service namespace: kube-system diff --git a/manifest/in-cluster/loxilb.yaml b/manifest/in-cluster/loxilb.yaml index 21bf2d3..9cca6d6 100644 --- a/manifest/in-cluster/loxilb.yaml +++ b/manifest/in-cluster/loxilb.yaml @@ -46,6 +46,25 @@ spec: --- apiVersion: v1 kind: Service +metadata: + name: loxilb-egress-service + namespace: kube-system + annotations: + loxilb.io/usepodnetwork: "yes" +spec: + externalTrafficPolicy: Local + type: LoadBalancer + loadBalancerClass: loxilb.io/loxilb + selector: + app: loxilb-app + ports: + - name: loxilb-egress + port: 2020 + targetPort: 8080 + protocol: TCP +--- +apiVersion: v1 +kind: Service metadata: name: loxilb-lb-service namespace: kube-system diff --git a/manifest/multus/kube-loxilb.yaml b/manifest/multus/kube-loxilb.yaml index 49456dd..acba845 100644 --- a/manifest/multus/kube-loxilb.yaml +++ b/manifest/multus/kube-loxilb.yaml @@ -134,6 +134,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/multus/loxilb.yaml b/manifest/multus/loxilb.yaml index 95a9fdd..0872e2f 100644 --- a/manifest/multus/loxilb.yaml +++ b/manifest/multus/loxilb.yaml @@ -48,6 +48,25 @@ spec: --- apiVersion: v1 kind: Service +metadata: + name: loxilb-egress-service + namespace: kube-system + annotations: + loxilb.io/usepodnetwork: "yes" +spec: + externalTrafficPolicy: Local + type: LoadBalancer + loadBalancerClass: loxilb.io/loxilb + selector: + app: loxilb-app + ports: + - name: loxilb-egress + port: 2020 + targetPort: 8080 + protocol: TCP +--- +apiVersion: v1 +kind: Service metadata: name: loxilb-lb-service #namespace: kube-system diff --git a/manifest/service-proxy/kube-loxilb.yml b/manifest/service-proxy/kube-loxilb.yml index a39fd5b..f367b1b 100644 --- a/manifest/service-proxy/kube-loxilb.yml +++ b/manifest/service-proxy/kube-loxilb.yml @@ -134,6 +134,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/service-proxy/loxilb-service-proxy-non-privileged.yml b/manifest/service-proxy/loxilb-service-proxy-non-privileged.yml index 2199c9a..a388da5 100644 --- a/manifest/service-proxy/loxilb-service-proxy-non-privileged.yml +++ b/manifest/service-proxy/loxilb-service-proxy-non-privileged.yml @@ -71,6 +71,25 @@ spec: --- apiVersion: v1 kind: Service +metadata: + name: loxilb-egress-service + namespace: kube-system + annotations: + loxilb.io/usepodnetwork: "yes" +spec: + externalTrafficPolicy: Local + type: LoadBalancer + loadBalancerClass: loxilb.io/loxilb + selector: + app: loxilb-app + ports: + - name: loxilb-egress + port: 2020 + targetPort: 8080 + protocol: TCP +--- +apiVersion: v1 +kind: Service metadata: name: loxilb-lb-service namespace: kube-system diff --git a/manifest/service-proxy/loxilb-service-proxy.yml b/manifest/service-proxy/loxilb-service-proxy.yml index df4ff03..57e63fb 100644 --- a/manifest/service-proxy/loxilb-service-proxy.yml +++ b/manifest/service-proxy/loxilb-service-proxy.yml @@ -131,6 +131,25 @@ spec: --- apiVersion: v1 kind: Service +metadata: + name: loxilb-egress-service + namespace: kube-system + annotations: + loxilb.io/usepodnetwork: "yes" +spec: + externalTrafficPolicy: Local + type: LoadBalancer + loadBalancerClass: loxilb.io/loxilb + selector: + app: loxilb-app + ports: + - name: loxilb-egress + port: 2020 + targetPort: 8080 + protocol: TCP +--- +apiVersion: v1 +kind: Service metadata: name: loxilb-lb-service namespace: kube-system diff --git a/manifest/virtual-cluster/kube-loxilb.yaml b/manifest/virtual-cluster/kube-loxilb.yaml index fc660f0..3bc0331 100644 --- a/manifest/virtual-cluster/kube-loxilb.yaml +++ b/manifest/virtual-cluster/kube-loxilb.yaml @@ -134,6 +134,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/zones/kube-loxilb-north.yml b/manifest/zones/kube-loxilb-north.yml index 0280d35..b102a22 100644 --- a/manifest/zones/kube-loxilb-north.yml +++ b/manifest/zones/kube-loxilb-north.yml @@ -134,6 +134,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/manifest/zones/kube-loxilb-south.yml b/manifest/zones/kube-loxilb-south.yml index 9601aae..16f2688 100644 --- a/manifest/zones/kube-loxilb-south.yml +++ b/manifest/zones/kube-loxilb-south.yml @@ -134,6 +134,11 @@ rules: - create - update - delete + - apiGroups: + - egress.loxilb.io + resources: + - egresses + verbs: ["get", "watch", "list", "patch", "update"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/pkg/agent/manager/bgppeer/bgppeer.go b/pkg/agent/manager/bgppeer/bgppeer.go index 1b64732..a82b975 100644 --- a/pkg/agent/manager/bgppeer/bgppeer.go +++ b/pkg/agent/manager/bgppeer/bgppeer.go @@ -23,7 +23,6 @@ import ( "time" "github.com/loxilb-io/kube-loxilb/pkg/agent/config" - "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/loadbalancer" "github.com/loxilb-io/kube-loxilb/pkg/api" "github.com/loxilb-io/kube-loxilb/pkg/bgp-client/clientset/versioned" crdInformer "github.com/loxilb-io/kube-loxilb/pkg/bgp-client/informers/externalversions/bgppeer/v1" @@ -53,7 +52,7 @@ type Manager struct { bgpPeerLister crdLister.BGPPeerServiceLister bgpPeerListerSynced cache.InformerSynced queue workqueue.RateLimitingInterface - lbManager *loadbalancer.Manager + loxiClients *api.LoxiClientPool } // Create and Init Manager. @@ -63,18 +62,17 @@ func NewBGPPeerManager( crdClient versioned.Interface, networkConfig *config.NetworkConfig, bgpPeerInformer crdInformer.BGPPeerServiceInformer, - lbManager *loadbalancer.Manager, + loxiClients *api.LoxiClientPool, ) *Manager { manager := &Manager{ - kubeClient: kubeClient, crdClient: crdClient, bgpPeerInformer: bgpPeerInformer, bgpPeerLister: bgpPeerInformer.Lister(), bgpPeerListerSynced: bgpPeerInformer.Informer().HasSynced, - - queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewItemExponentialFailureRateLimiter(minRetryDelay, maxRetryDelay), "loadbalancer"), + loxiClients: loxiClients, + queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewItemExponentialFailureRateLimiter(minRetryDelay, maxRetryDelay), "loadbalancer"), } bgpPeerInformer.Informer().AddEventHandlerWithResyncPeriod( @@ -191,7 +189,7 @@ func (m *Manager) addBGPPeerService(lb *crdv1.BGPPeerService) error { klog.Infof("RemotePort: %v", lb.Spec.RemotePort) var errChList []chan error - for _, client := range m.lbManager.LoxiClients { + for _, client := range m.loxiClients.Clients { ch := make(chan error) go func(c *api.LoxiClient, h chan error) { var err error @@ -225,7 +223,7 @@ func (m *Manager) addBGPPeerService(lb *crdv1.BGPPeerService) error { func (m *Manager) deleteBGPPeerService(lb *crdv1.BGPPeerService) error { var errChList []chan error - for _, loxiClient := range m.lbManager.LoxiClients { + for _, loxiClient := range m.loxiClients.Clients { ch := make(chan error) errChList = append(errChList, ch) diff --git a/pkg/agent/manager/bgppolicyapply/bgppolicyapply.go b/pkg/agent/manager/bgppolicyapply/bgppolicyapply.go index 636b4a3..e2e9960 100644 --- a/pkg/agent/manager/bgppolicyapply/bgppolicyapply.go +++ b/pkg/agent/manager/bgppolicyapply/bgppolicyapply.go @@ -23,7 +23,6 @@ import ( "time" "github.com/loxilb-io/kube-loxilb/pkg/agent/config" - "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/loadbalancer" "github.com/loxilb-io/kube-loxilb/pkg/api" "github.com/loxilb-io/kube-loxilb/pkg/bgp-client/clientset/versioned" crdInformer "github.com/loxilb-io/kube-loxilb/pkg/bgp-client/informers/externalversions/bgppolicyapply/v1" @@ -52,7 +51,7 @@ type Manager struct { BGPPolicyApplyLister crdLister.BGPPolicyApplyServiceLister BGPPolicyApplyListerSynced cache.InformerSynced queue workqueue.RateLimitingInterface - lbManager *loadbalancer.Manager + loxiClients *api.LoxiClientPool } // Create and Init Manager. @@ -62,7 +61,7 @@ func NewBGPPolicyApplyManager( crdClient versioned.Interface, networkConfig *config.NetworkConfig, BGPPolicyApplyInformer crdInformer.BGPPolicyApplyServiceInformer, - lbManager *loadbalancer.Manager, + loxiClients *api.LoxiClientPool, ) *Manager { manager := &Manager{ @@ -72,7 +71,7 @@ func NewBGPPolicyApplyManager( BGPPolicyApplyInformer: BGPPolicyApplyInformer, BGPPolicyApplyLister: BGPPolicyApplyInformer.Lister(), BGPPolicyApplyListerSynced: BGPPolicyApplyInformer.Informer().HasSynced, - lbManager: lbManager, + loxiClients: loxiClients, queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewItemExponentialFailureRateLimiter(minRetryDelay, maxRetryDelay), "BGPPolicyApply"), } @@ -176,7 +175,7 @@ func (m *Manager) addBGPPolicyApplyService(bgpdf *crdv1.BGPPolicyApplyService) e klog.Infof("bgpdf.Spec.RouteAction: %v\n", bgpdf.Spec.RouteAction) var errChList []chan error - for _, client := range m.lbManager.LoxiClients { + for _, client := range m.loxiClients.Clients { ch := make(chan error) go func(c *api.LoxiClient, h chan error) { var err error @@ -214,7 +213,7 @@ func (m *Manager) deleteBGPPolicyApplyService(bgpdf *crdv1.BGPPolicyApplyService defer cancel() klog.Infof("bgpdf.Spec.NeighIPAddress: %v\n", bgpdf.Spec.NeighIPAddress) var errChList []chan error - for _, client := range m.lbManager.LoxiClients { + for _, client := range m.loxiClients.Clients { ch := make(chan error) go func(c *api.LoxiClient, h chan error) { var err error diff --git a/pkg/agent/manager/bgppolicydefinedsets/bgppolicydefinedsets.go b/pkg/agent/manager/bgppolicydefinedsets/bgppolicydefinedsets.go index 1ef8e78..ba32390 100644 --- a/pkg/agent/manager/bgppolicydefinedsets/bgppolicydefinedsets.go +++ b/pkg/agent/manager/bgppolicydefinedsets/bgppolicydefinedsets.go @@ -23,7 +23,6 @@ import ( "time" "github.com/loxilb-io/kube-loxilb/pkg/agent/config" - "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/loadbalancer" "github.com/loxilb-io/kube-loxilb/pkg/api" "github.com/loxilb-io/kube-loxilb/pkg/bgp-client/clientset/versioned" crdInformer "github.com/loxilb-io/kube-loxilb/pkg/bgp-client/informers/externalversions/bgppolicydefinedsets/v1" @@ -53,7 +52,7 @@ type Manager struct { BGPPolicyDefinedSetsLister crdLister.BGPPolicyDefinedSetsServiceLister BGPPolicyDefinedSetsListerSynced cache.InformerSynced queue workqueue.RateLimitingInterface - lbManager *loadbalancer.Manager + loxiClients *api.LoxiClientPool } // Create and Init Manager. @@ -63,7 +62,7 @@ func NewBGPPolicyDefinedSetsManager( crdClient versioned.Interface, networkConfig *config.NetworkConfig, BGPPolicyDefinedSetsInformer crdInformer.BGPPolicyDefinedSetsServiceInformer, - lbManager *loadbalancer.Manager, + loxiClients *api.LoxiClientPool, ) *Manager { manager := &Manager{ @@ -73,7 +72,7 @@ func NewBGPPolicyDefinedSetsManager( BGPPolicyDefinedSetsInformer: BGPPolicyDefinedSetsInformer, BGPPolicyDefinedSetsLister: BGPPolicyDefinedSetsInformer.Lister(), BGPPolicyDefinedSetsListerSynced: BGPPolicyDefinedSetsInformer.Informer().HasSynced, - lbManager: lbManager, + loxiClients: loxiClients, queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewItemExponentialFailureRateLimiter(minRetryDelay, maxRetryDelay), "bgppolicydefinedsets"), } @@ -191,7 +190,7 @@ func (m *Manager) addBGPPolicyDefinedSetsService(bgpdf *crdv1.BGPPolicyDefinedSe klog.Infof("bgpdf.Spec.DefinedType: %v\n", bgpdf.Spec.DefinedType) var errChList []chan error - for _, client := range m.lbManager.LoxiClients { + for _, client := range m.loxiClients.Clients { ch := make(chan error) go func(c *api.LoxiClient, h chan error) { var err error @@ -225,7 +224,7 @@ func (m *Manager) addBGPPolicyDefinedSetsService(bgpdf *crdv1.BGPPolicyDefinedSe func (m *Manager) deleteBGPPolicyDefinedSetsService(bgpdf *crdv1.BGPPolicyDefinedSetsService) error { var errChList []chan error - for _, loxiClient := range m.lbManager.LoxiClients { + for _, loxiClient := range m.loxiClients.Clients { ch := make(chan error) errChList = append(errChList, ch) diff --git a/pkg/agent/manager/bgppolicydefinition/bgppolicydefinition.go b/pkg/agent/manager/bgppolicydefinition/bgppolicydefinition.go index 4148e9f..1e5e071 100644 --- a/pkg/agent/manager/bgppolicydefinition/bgppolicydefinition.go +++ b/pkg/agent/manager/bgppolicydefinition/bgppolicydefinition.go @@ -23,7 +23,6 @@ import ( "time" "github.com/loxilb-io/kube-loxilb/pkg/agent/config" - "github.com/loxilb-io/kube-loxilb/pkg/agent/manager/loadbalancer" "github.com/loxilb-io/kube-loxilb/pkg/api" "github.com/loxilb-io/kube-loxilb/pkg/bgp-client/clientset/versioned" crdInformer "github.com/loxilb-io/kube-loxilb/pkg/bgp-client/informers/externalversions/bgppolicydefinition/v1" @@ -52,7 +51,7 @@ type Manager struct { BGPPolicyDefinitionLister crdLister.BGPPolicyDefinitionServiceLister BGPPolicyDefinitionListerSynced cache.InformerSynced queue workqueue.RateLimitingInterface - lbManager *loadbalancer.Manager + loxiClients *api.LoxiClientPool } // Create and Init Manager. @@ -62,7 +61,7 @@ func NewBGPPolicyDefinitionManager( crdClient versioned.Interface, networkConfig *config.NetworkConfig, BGPPolicyDefinitionInformer crdInformer.BGPPolicyDefinitionServiceInformer, - lbManager *loadbalancer.Manager, + loxiClients *api.LoxiClientPool, ) *Manager { manager := &Manager{ @@ -72,7 +71,7 @@ func NewBGPPolicyDefinitionManager( BGPPolicyDefinitionInformer: BGPPolicyDefinitionInformer, BGPPolicyDefinitionLister: BGPPolicyDefinitionInformer.Lister(), BGPPolicyDefinitionListerSynced: BGPPolicyDefinitionInformer.Informer().HasSynced, - lbManager: lbManager, + loxiClients: loxiClients, queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewItemExponentialFailureRateLimiter(minRetryDelay, maxRetryDelay), "BGPPolicyDefinition"), } @@ -173,7 +172,7 @@ func (m *Manager) addBGPPolicyDefinitionService(bgpdf *crdv1.BGPPolicyDefinition klog.Infof("bgpdf.Spec.Name: %v\n", bgpdf.Spec.Name) fmt.Printf("bgpdf.Spec: %v\n", bgpdf.Spec) var errChList []chan error - for _, client := range m.lbManager.LoxiClients { + for _, client := range m.loxiClients.Clients { ch := make(chan error) go func(c *api.LoxiClient, h chan error) { var err error @@ -207,7 +206,7 @@ func (m *Manager) addBGPPolicyDefinitionService(bgpdf *crdv1.BGPPolicyDefinition func (m *Manager) deleteBGPPolicyDefinitionService(bgpdf *crdv1.BGPPolicyDefinitionService) error { var errChList []chan error - for _, loxiClient := range m.lbManager.LoxiClients { + for _, loxiClient := range m.loxiClients.Clients { ch := make(chan error) errChList = append(errChList, ch) diff --git a/pkg/agent/manager/egress/egress.go b/pkg/agent/manager/egress/egress.go new file mode 100644 index 0000000..28c0fb9 --- /dev/null +++ b/pkg/agent/manager/egress/egress.go @@ -0,0 +1,281 @@ +/* + * Copyright (c) 2024 NetLOX Inc + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package egress + +import ( + "context" + "fmt" + "strings" + "time" + + "github.com/loxilb-io/kube-loxilb/pkg/agent/config" + "github.com/loxilb-io/kube-loxilb/pkg/api" + crdv1 "github.com/loxilb-io/kube-loxilb/pkg/crds/egress/v1" + "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned" + crdInformer "github.com/loxilb-io/kube-loxilb/pkg/egress-client/informers/externalversions/egress/v1" + crdLister "github.com/loxilb-io/kube-loxilb/pkg/egress-client/listers/egress/v1" + + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/util/workqueue" + "k8s.io/klog/v2" +) + +const ( + mgrName = "LoxilbEgressManager" + defaultWorkers = 4 + minRetryDelay = 2 * time.Second + maxRetryDelay = 120 * time.Second +) + +type Manager struct { + kubeClient kubernetes.Interface + crdClient versioned.Interface + EgressInformer crdInformer.EgressInformer + EgressLister crdLister.EgressLister + EgressListerSynced cache.InformerSynced + LoxiClients *api.LoxiClientPool + queue workqueue.RateLimitingInterface +} + +// Create and Init Manager. +// Manager is called by kube-loxilb when k8s service is created & updated. +func NewEgressManager( + kubeClient kubernetes.Interface, + crdClient versioned.Interface, + networkConfig *config.NetworkConfig, + EgressInformer crdInformer.EgressInformer, + LoxiClients *api.LoxiClientPool, +) *Manager { + + manager := &Manager{ + kubeClient: kubeClient, + crdClient: crdClient, + EgressInformer: EgressInformer, + EgressLister: EgressInformer.Lister(), + EgressListerSynced: EgressInformer.Informer().HasSynced, + LoxiClients: LoxiClients, + + queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewItemExponentialFailureRateLimiter(minRetryDelay, maxRetryDelay), "Egress"), + } + + EgressInformer.Informer().AddEventHandler( + cache.ResourceEventHandlerFuncs{ + AddFunc: func(cur interface{}) { + manager.enqueueService(cur) + }, + UpdateFunc: func(old, cur interface{}) { + manager.enqueueService(cur) + }, + DeleteFunc: func(old interface{}) { + manager.enqueueService(old) + }, + }, + ) + + return manager +} + +func (m *Manager) enqueueService(obj interface{}) { + lb, ok := obj.(*crdv1.Egress) + if !ok { + deletedState, ok := obj.(cache.DeletedFinalStateUnknown) + if !ok { + klog.Errorf("Received unexpected object: %v", obj) + return + } + lb, ok = deletedState.Obj.(*crdv1.Egress) + if !ok { + klog.Errorf("DeletedFinalStateUnknown contains non-Egress object: %v", deletedState.Obj) + } + } + + m.queue.Add(lb) +} + +func (m *Manager) Run(stopCh <-chan struct{}) { + defer m.queue.ShutDown() + + klog.Infof("Starting %s", mgrName) + defer klog.Infof("Shutting down %s", mgrName) + + if !cache.WaitForNamedCacheSync( + mgrName, + stopCh, + m.EgressListerSynced) { + return + } + for i := 0; i < defaultWorkers; i++ { + go wait.Until(m.worker, time.Second, stopCh) + } + <-stopCh +} + +func (m *Manager) worker() { + for m.processNextWorkItem() { + } +} + +func (m *Manager) processNextWorkItem() bool { + obj, quit := m.queue.Get() + if quit { + return false + } + defer m.queue.Done(obj) + if egress, ok := obj.(*crdv1.Egress); !ok { + m.queue.Forget(obj) + klog.Errorf("Expected string in work queue but got %#v", obj) + return true + } else if err := m.syncEgress(egress); err == nil { + m.queue.Forget(obj) + } else { + m.queue.AddRateLimited(obj) + klog.Errorf("Error syncing CRD Egress %s, requeuing. Error: %v", egress.Name, err) + } + + return true +} + +func (m *Manager) syncEgress(egress *crdv1.Egress) error { + startTime := time.Now() + defer func() { + klog.V(4).Infof("Finished syncing Egress %s. (%v)", egress.Name, time.Since(startTime)) + }() + + _, err := m.EgressLister.Egresses(egress.Namespace).Get(egress.Name) + if err != nil { + return m.deleteEgress(egress) + } + return m.addEgress(egress) +} + +func (m *Manager) addEgress(egress *crdv1.Egress) error { + ctx, cancel := context.WithTimeout(context.Background(), time.Second*30) + defer cancel() + + // Create Loxilb firewall rule for egress + klog.V(4).Infof("Adding Egress %s/%s", egress.Namespace, egress.Name) + fwModels := m.makeLoxiFirewallModel(egress) + klog.V(4).Infof("Make LoxiLB Firewall Models for Egress %s/%s: %v", egress.Namespace, egress.Name, fwModels) + for _, fwModel := range fwModels { + if err := m.callLoxiFirewallCreateAPI(ctx, fwModel); err != nil { + return err + } + } + + return nil +} + +func (m *Manager) deleteEgress(egress *crdv1.Egress) error { + ctx, cancel := context.WithTimeout(context.Background(), time.Second*30) + defer cancel() + + klog.V(4).Infof("Deleting Egress %s/%s", egress.Namespace, egress.Name) + fwModels := m.makeLoxiFirewallModel(egress) + klog.V(4).Infof("Make LoxiLB Firewall Models for Egress %s/%s: %v", egress.Namespace, egress.Name, fwModels) + for _, fwModel := range fwModels { + if err := m.callLoxiFirewallDeleteAPI(ctx, fwModel); err != nil { + return err + } + } + + return nil +} + +func (m *Manager) makeLoxiFirewallModel(egress *crdv1.Egress) []*api.FwRuleMod { + newFwModels := []*api.FwRuleMod{} + for _, address := range egress.Spec.Addresses { + newFwModel := &api.FwRuleMod{ + Rule: api.FwRuleArg{ + SrcIP: address, + }, + Opts: api.FwOptArg{ + DoSnat: true, + ToIP: egress.Spec.Vip, + ToPort: 0, + OnDefault: true, + }, + } + newFwModels = append(newFwModels, newFwModel) + } + return newFwModels +} + +func (m *Manager) callLoxiFirewallCreateAPI(ctx context.Context, fwModel *api.FwRuleMod) error { + var errChList []chan error + for _, client := range m.LoxiClients.Clients { + ch := make(chan error) + + go func(c *api.LoxiClient, h chan error) { + var err error + if err = c.Firewall().Create(ctx, fwModel); err != nil { + if !strings.Contains(err.Error(), "exist") { + klog.Errorf("failed to create Egress(%s) :%v", c.Url, err) + } else { + err = nil + } + } + h <- err + }(client, ch) + + errChList = append(errChList, ch) + } + + isError := true + for _, errCh := range errChList { + err := <-errCh + if err == nil { + isError = false + } else { + klog.Errorf("failed to add Egress firewall rule (%v). err: %v", fwModel, err) + } + } + if isError { + return fmt.Errorf("failed to add loxiLB Egress firewall rule") + } + + return nil +} + +func (m *Manager) callLoxiFirewallDeleteAPI(ctx context.Context, fwModel *api.FwRuleMod) error { + var errChList []chan error + for _, loxiClient := range m.LoxiClients.Clients { + ch := make(chan error) + errChList = append(errChList, ch) + + go func(client *api.LoxiClient, ch chan error) { + ch <- client.Firewall().Delete(ctx, fwModel) + }(loxiClient, ch) + } + + isError := true + errStr := "" + for _, errCh := range errChList { + err := <-errCh + if err == nil { + isError = false + break + } else { + errStr = err.Error() + } + } + if isError { + return fmt.Errorf("failed to delete loxiLB Firewall rule. Error: %v", errStr) + } + return nil +} diff --git a/pkg/agent/manager/loadbalancer/loadbalancer.go b/pkg/agent/manager/loadbalancer/loadbalancer.go index ecf706c..9b24cf6 100644 --- a/pkg/agent/manager/loadbalancer/loadbalancer.go +++ b/pkg/agent/manager/loadbalancer/loadbalancer.go @@ -80,6 +80,7 @@ const ( loxilbZoneLabelKey = "loxilb.io/zonelabel" loxilbZoneInstance = "loxilb.io/zoneinstance" enProxyProtov2Annotation = "loxilb.io/useproxyprotov2" + egressAnnotation = "loxilb.io/egress" ) type LoxiInstRole struct { @@ -89,8 +90,8 @@ type LoxiInstRole struct { type Manager struct { mtx sync.RWMutex kubeClient clientset.Interface - LoxiClients []*api.LoxiClient - LoxiPeerClients []*api.LoxiClient + LoxiClients *api.LoxiClientPool + LoxiPeerClients *api.LoxiClientPool networkConfig *config.NetworkConfig serviceInformer coreinformers.ServiceInformer serviceLister corelisters.ServiceLister @@ -128,6 +129,7 @@ type LbArgs struct { usePodNetwork bool inst string ppv2En bool + egress bool } type LbModelEnt struct { @@ -150,6 +152,7 @@ type LbCacheEntry struct { ActCheck bool PrefLocal bool ppv2En bool + egress bool Inst string Addr string State string @@ -228,8 +231,8 @@ func (m *Manager) genExtIPName(ipStr string) []string { // Manager is called by kube-loxilb when k8s service is created & updated. func NewLoadBalancerManager( kubeClient clientset.Interface, - loxiClients []*api.LoxiClient, - loxiPeerClients []*api.LoxiClient, + loxiClients *api.LoxiClientPool, + loxiPeerClients *api.LoxiClientPool, ipPoolTbl map[string]*ippool.IPPool, ip6PoolTbl map[string]*ippool.IPPool, networkConfig *config.NetworkConfig, @@ -383,8 +386,8 @@ func (m *Manager) addLoadBalancer(svc *corev1.Service) error { } // check loxilb - if len(m.LoxiClients) == 0 { - return errors.New("service cannot be added because there are no loxilb instances") + if len(m.LoxiClients.Clients) == 0 { + return fmt.Errorf("service cannot be added because there are no loxilb instances") } // check LoadBalancerClass @@ -417,6 +420,7 @@ func (m *Manager) addLoadBalancer(svc *corev1.Service) error { hasSharedPool := false overrideZoneInst := "" enProxyProtov2 := false + isEgress := false if strings.Compare(*lbClassName, m.networkConfig.LoxilbLoadBalancerClass) != 0 && !needMultusEP { return nil @@ -523,6 +527,14 @@ func (m *Manager) addLoadBalancer(svc *corev1.Service) error { } } + if eg := svc.Annotations[egressAnnotation]; eg != "" { + if eg == "yes" { + isEgress = true + } else if eg == "no" { + isEgress = false + } + } + // Check for loxilb specific annotations - loxilbZoneInstance if zni := svc.Annotations[loxilbZoneInstance]; zni != "" { overrideZoneInst = zni @@ -895,6 +907,15 @@ func (m *Manager) addLoadBalancer(svc *corev1.Service) error { klog.Infof("%s: enProxyProtov2 update", cacheKey) } + if isEgress != m.lbCache[cacheKey].egress { + m.lbCache[cacheKey].egress = isEgress + update = true + if added { + needDelete = true + } + klog.Infof("%s: egress update", cacheKey) + } + // If the user specifies a secondary IP in the annotation, update the existing secondary IP. if len(secIPs) > 0 { if !added { @@ -980,6 +1001,7 @@ func (m *Manager) addLoadBalancer(svc *corev1.Service) error { sel: m.lbCache[cacheKey].EpSelect, inst: m.lbCache[cacheKey].Inst, ppv2En: m.lbCache[cacheKey].ppv2En, + egress: m.lbCache[cacheKey].egress, needMultusEP: needMultusEP, usePodNetwork: usePodNet, } @@ -1004,7 +1026,7 @@ func (m *Manager) addLoadBalancer(svc *corev1.Service) error { return errors.Wrap(err, "makeLoxiLoadBalancerModel return error") } - for _, client := range m.LoxiClients { + for _, client := range m.LoxiClients.Clients { ch := make(chan error) go func(c *api.LoxiClient, h chan error) { err := m.installLB(c, lbModel, m.lbCache[cacheKey].PrefLocal) @@ -1023,7 +1045,7 @@ func (m *Manager) addLoadBalancer(svc *corev1.Service) error { errCount++ } } - if loxilbAPIErr != nil && errCount >= len(m.LoxiClients) { + if loxilbAPIErr != nil && errCount >= len(m.LoxiClients.Clients) { retIPAMOnErr = true return fmt.Errorf("failed to add loxiLB loadBalancer - spair(%s). err: %v", GenSPKey(sp.ExternalIP, sp.Port, sp.Protocol), loxilbAPIErr) } @@ -1149,7 +1171,7 @@ func (m *Manager) deleteLoadBalancer(ns, name string, releaseAll bool) error { for _, sp := range lbEntry.LbServicePairs { var errChList []chan error for _, lb := range sp.LbModelList { - for _, loxiClient := range m.LoxiClients { + for _, loxiClient := range m.LoxiClients.Clients { ch := make(chan error) errChList = append(errChList, ch) @@ -1209,7 +1231,7 @@ func (m *Manager) DeleteAllLoadBalancer() { sipPools := lbEntry.SIPPools for _, sp := range lbEntry.LbServicePairs { - for _, loxiClient := range m.LoxiClients { + for _, loxiClient := range m.LoxiClients.Clients { for _, lb := range sp.LbModelList { klog.Infof("loxilb(%s): deleteAll lb %v", loxiClient.Host, lb) loxiClient.LoadBalancer().Delete(context.Background(), &lb) @@ -1887,6 +1909,7 @@ func (m *Manager) makeLoxiLoadBalancerModel(lbArgs *LbArgs, svc *corev1.Service, ProbeTimeout: lbArgs.probeTimeo, ProbeRetries: int32(lbArgs.probeRetries), PpV2: lbArgs.ppv2En, + Egress: lbArgs.egress, Sel: lbArgs.sel, Name: fmt.Sprintf("%s_%s:%s", svc.Namespace, svc.Name, lbArgs.inst), }, @@ -1969,11 +1992,11 @@ func (m *Manager) DiscoverLoxiLBServices(loxiLBAliveCh chan *api.LoxiClient, lox ips = []net.IP{} } - if len(ips) != len(m.LoxiClients) { + if len(ips) != len(m.LoxiClients.Clients) { klog.Infof("loxilb-service end-points: %v", ips) } - for _, v := range m.LoxiClients { + for _, v := range m.LoxiClients.Clients { v.Purge = true for _, ip := range ips { if v.Host == ip.String() { @@ -1992,7 +2015,7 @@ func (m *Manager) DiscoverLoxiLBServices(loxiLBAliveCh chan *api.LoxiClient, lox break } } - for _, v := range m.LoxiClients { + for _, v := range m.LoxiClients.Clients { if v.Host == ip.String() { found = true } @@ -2006,10 +2029,10 @@ func (m *Manager) DiscoverLoxiLBServices(loxiLBAliveCh chan *api.LoxiClient, lox } } if len(tmploxilbClients) > 0 { - m.LoxiClients = append(m.LoxiClients, tmploxilbClients...) + m.LoxiClients.Clients = append(m.LoxiClients.Clients, tmploxilbClients...) } - tmp := m.LoxiClients[:0] - for _, v := range m.LoxiClients { + tmp := m.LoxiClients.Clients[:0] + for _, v := range m.LoxiClients.Clients { if !v.Purge { tmp = append(tmp, v) } else { @@ -2018,7 +2041,7 @@ func (m *Manager) DiscoverLoxiLBServices(loxiLBAliveCh chan *api.LoxiClient, lox loxiLBPurgeCh <- v } } - m.LoxiClients = tmp + m.LoxiClients.Clients = tmp } func (m *Manager) DiscoverLoxiLBPeerServices(loxiLBAliveCh chan *api.LoxiClient, loxiLBDeadCh chan struct{}, loxiLBPurgeCh chan *api.LoxiClient) { @@ -2031,7 +2054,7 @@ func (m *Manager) DiscoverLoxiLBPeerServices(loxiLBAliveCh chan *api.LoxiClient, ips = []net.IP{} } - for _, v := range m.LoxiPeerClients { + for _, v := range m.LoxiPeerClients.Clients { v.Purge = true for _, ip := range ips { if v.Host == ip.String() { @@ -2042,7 +2065,7 @@ func (m *Manager) DiscoverLoxiLBPeerServices(loxiLBAliveCh chan *api.LoxiClient, for _, ip := range ips { found := false - for _, v := range m.LoxiPeerClients { + for _, v := range m.LoxiPeerClients.Clients { if v.Host == ip.String() { found = true } @@ -2056,10 +2079,10 @@ func (m *Manager) DiscoverLoxiLBPeerServices(loxiLBAliveCh chan *api.LoxiClient, } } if len(tmploxilbPeerClients) > 0 { - m.LoxiPeerClients = append(m.LoxiPeerClients, tmploxilbPeerClients...) + m.LoxiPeerClients.Clients = append(m.LoxiPeerClients.Clients, tmploxilbPeerClients...) } - tmp1 := m.LoxiPeerClients[:0] - for _, v := range m.LoxiPeerClients { + tmp1 := m.LoxiPeerClients.Clients[:0] + for _, v := range m.LoxiPeerClients.Clients { if !v.Purge { tmp1 = append(tmp1, v) } else { @@ -2068,7 +2091,7 @@ func (m *Manager) DiscoverLoxiLBPeerServices(loxiLBAliveCh chan *api.LoxiClient, loxiLBPurgeCh <- v } } - m.LoxiPeerClients = tmp1 + m.LoxiPeerClients.Clients = tmp1 } func (m *Manager) removeAllCacheEndpoints(cacheKey string) { @@ -2084,8 +2107,8 @@ func (m *Manager) SelectInstLoxiLBRoles(instName string, selhint int) (bool, int reElect := false hasMaster := false - for i := range m.LoxiClients { - v := m.LoxiClients[i] + for i := range m.LoxiClients.Clients { + v := m.LoxiClients.Clients[i] vi := v.InstRoles[instName] if vi == nil { return false, 0 @@ -2101,12 +2124,12 @@ func (m *Manager) SelectInstLoxiLBRoles(instName string, selhint int) (bool, int selMaster := false if reElect || !hasMaster { nproc := 0 - for i := selhint; nproc < len(m.LoxiClients); i++ { + for i := selhint; nproc < len(m.LoxiClients.Clients); i++ { nproc++ - if i >= len(m.LoxiClients) { + if i >= len(m.LoxiClients.Clients) { i = 0 } - v := m.LoxiClients[i] + v := m.LoxiClients.Clients[i] vi := v.InstRoles[instName] if v.NoRole { continue @@ -2131,7 +2154,7 @@ func (m *Manager) ResetRolesOnNeedRebalanceInstLoxiLBRoles() bool { numInstRoles := len(m.zoneInstRoleMap) maxMasterPerClient := 0 activeClients := 0 - for _, client := range m.LoxiClients { + for _, client := range m.LoxiClients.Clients { if client.IsAlive { activeClients++ } @@ -2147,7 +2170,7 @@ func (m *Manager) ResetRolesOnNeedRebalanceInstLoxiLBRoles() bool { } if activeClients >= numInstRoles && maxMasterPerClient >= numInstRoles && m.networkConfig.ExclIPAM { - for _, client := range m.LoxiClients { + for _, client := range m.LoxiClients.Clients { for _, val := range client.InstRoles { if val.MasterLB { val.MasterLB = false @@ -2208,7 +2231,7 @@ loop: case <-m.instAddrApplyCh: m.updateAllLoxiLBServiceStatus() case <-masterEventCh: - for _, lc := range m.LoxiClients { + for _, lc := range m.LoxiClients.Clients { if !lc.IsAlive { continue } @@ -2241,7 +2264,7 @@ loop: return client.BGP().DeleteNeigh(ctx, neighIP, remoteAs) } - for _, otherClient := range m.LoxiClients { + for _, otherClient := range m.LoxiClients.Clients { if purgedClient.Host == otherClient.Host { continue } @@ -2286,19 +2309,19 @@ loop: var bgpPeers []*api.LoxiClient if aliveClient.PeeringOnly { - for _, lc := range m.LoxiClients { + for _, lc := range m.LoxiClients.Clients { if aliveClient.Host != lc.Host { bgpPeers = append(bgpPeers, lc) } } } else { - for _, lpc := range m.LoxiPeerClients { + for _, lpc := range m.LoxiPeerClients.Clients { if aliveClient.Host != lpc.Host { bgpPeers = append(bgpPeers, lpc) } } if len(m.networkConfig.LoxilbURLs) <= 0 { - for _, lc := range m.LoxiClients { + for _, lc := range m.LoxiClients.Clients { if aliveClient.Host != lc.Host { bgpPeers = append(bgpPeers, lc) } diff --git a/pkg/agent/manager/loxiurl/loxiurl.go b/pkg/agent/manager/loxiurl/loxiurl.go index 19510f6..99df757 100644 --- a/pkg/agent/manager/loxiurl/loxiurl.go +++ b/pkg/agent/manager/loxiurl/loxiurl.go @@ -220,12 +220,12 @@ func (m *Manager) syncLBURLs(url *crdv1.LoxiURL) error { } func (m *Manager) deleteAllLoxiClients() error { - for _, v := range m.lbManager.LoxiClients { + for _, v := range m.lbManager.LoxiClients.Clients { v.StopLoxiHealthCheckChan() klog.Infof("loxi-client (%v) removed", v.Host) m.loxiLBURLPurgeCh <- v } - m.lbManager.LoxiClients = nil + m.lbManager.LoxiClients.Clients = nil return nil } @@ -233,7 +233,7 @@ func (m *Manager) deleteSingleLoxiClientsWithName(name string) bool { var validLoxiClients []*api.LoxiClient match := false - for _, v := range m.lbManager.LoxiClients { + for _, v := range m.lbManager.LoxiClients.Clients { if v.Name == name { match = true v.StopLoxiHealthCheckChan() @@ -245,7 +245,7 @@ func (m *Manager) deleteSingleLoxiClientsWithName(name string) bool { } if match { - m.lbManager.LoxiClients = validLoxiClients + m.lbManager.LoxiClients.Clients = validLoxiClients } return match @@ -293,7 +293,7 @@ func (m *Manager) addLoxiLBURL(url *crdv1.LoxiURL) error { m.crdControlOn = true } - for _, client := range m.lbManager.LoxiClients { + for _, client := range m.lbManager.LoxiClients.Clients { currLoxiURLs = append(currLoxiURLs, client.Url) } @@ -329,7 +329,7 @@ nextURL: tmploxilbClients = append(tmploxilbClients, client) } - m.lbManager.LoxiClients = append(m.lbManager.LoxiClients, tmploxilbClients...) + m.lbManager.LoxiClients.Clients = append(m.lbManager.LoxiClients.Clients, tmploxilbClients...) } return nil @@ -373,7 +373,7 @@ func (m *Manager) deleteLoxiLBURL(url *crdv1.LoxiURL) error { klog.Infof("loxilb-url delete (%v)", url) - for _, client := range m.lbManager.LoxiClients { + for _, client := range m.lbManager.LoxiClients.Clients { currLoxiURLs = append(currLoxiURLs, validLoxiURLwName{url: client.Url, name: client.Name}) } @@ -416,7 +416,7 @@ nextURL1: if err2 != nil { continue } - m.lbManager.LoxiClients = append(m.lbManager.LoxiClients, client) + m.lbManager.LoxiClients.Clients = append(m.lbManager.LoxiClients.Clients, client) } } diff --git a/pkg/api/client.go b/pkg/api/client.go index 65a535e..0fa1006 100644 --- a/pkg/api/client.go +++ b/pkg/api/client.go @@ -5,20 +5,35 @@ import ( "crypto/tls" "crypto/x509" "fmt" - tk "github.com/loxilb-io/loxilib" - "k8s.io/apimachinery/pkg/util/wait" - "k8s.io/klog/v2" "net" "net/http" "net/url" "strings" "time" + + tk "github.com/loxilb-io/loxilib" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/klog/v2" ) type LoxiZoneInst struct { MasterLB bool } +type LoxiClientPool struct { + Clients []*LoxiClient +} + +func (l *LoxiClientPool) AddLoxiClient(newLoxiClient *LoxiClient) { + l.Clients = append(l.Clients, newLoxiClient) +} + +func NewLoxiClientPool() *LoxiClientPool { + return &LoxiClientPool{ + Clients: make([]*LoxiClient, 0), + } +} + type LoxiClient struct { RestClient *RESTClient InstRoles map[string]*LoxiZoneInst @@ -209,6 +224,10 @@ func (l *LoxiClient) BGPPolicyApply() *BGPPolicyApplyAPI { return newBGPPolicyApplyAPI(l.GetRESTClient()) } +func (l *LoxiClient) Firewall() *FirewallAPI { + return newFirewallAPI(l.GetRESTClient()) +} + func (l *LoxiClient) GetRESTClient() *RESTClient { if l == nil { return nil diff --git a/pkg/api/firewall.go b/pkg/api/firewall.go new file mode 100644 index 0000000..a5ede16 --- /dev/null +++ b/pkg/api/firewall.go @@ -0,0 +1,139 @@ +/* + * Copyright (c) 2022 NetLOX Inc + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package api + +import ( + "context" + "net/http" +) + +// FwRuleOpts - Information related to Firewall options +type FwOptArg struct { + // Drop - Drop any matching rule + Drop bool `json:"drop" yaml:"drop"` + // Trap - Trap anything matching rule + Trap bool `json:"trap" yaml:"trap"` + // Redirect - Redirect any matching rule + Rdr bool `json:"redirect" yaml:"redirect"` + RdrPort string `json:"redirectPortName" yaml:"redirectPortName"` + // Allow - Allow any matching rule + Allow bool `json:"allow" yaml:"allow"` + Mark uint32 `json:"fwMark" yaml:"fwMark"` + // Record - Record packets matching rule + Record bool `json:"record" yaml:"record"` + // DoSNAT - Do snat on matching rule + DoSnat bool `json:"doSnat"` + ToIP string `json:"toIP"` + ToPort uint16 `json:"toPort"` + // OnDefault - Trigger only on default cases + OnDefault bool `json:"onDefault"` + // Counter - Traffic counter + Counter string `json:"counter"` +} + +// FwRuleArg - Information related to firewall rule +type FwRuleArg struct { + // SrcIP - Source IP in CIDR notation + SrcIP string `json:"sourceIP" yaml:"sourceIP" options:"sourceIP"` + // DstIP - Destination IP in CIDR notation + DstIP string `json:"destinationIP" yaml:"destinationIP"` + // SrcPortMin - Minimum source port range + SrcPortMin uint16 `json:"minSourcePort" yaml:"minSourcePort"` + // SrcPortMax - Maximum source port range + SrcPortMax uint16 `json:"maxSourcePort" yaml:"maxSourcePort"` + // DstPortMin - Minimum destination port range + DstPortMin uint16 `json:"minDestinationPort" yaml:"minDestinationPort"` + // SrcPortMax - Maximum source port range + DstPortMax uint16 `json:"maxDestinationPort" yaml:"maxDestinationPort"` + // Proto - the protocol + Proto uint8 `json:"protocol" yaml:"protocol"` + // InPort - the incoming port + InPort string `json:"portName" yaml:"portName"` + // Pref - User preference for ordering + Pref uint16 `json:"preference" yaml:"preference"` +} + +func (fwRule *FwRuleArg) GetKeyStruct() LoxiModel { + return fwRule +} + +// FwRuleMod - Info related to a firewall entry +type FwRuleMod struct { + // Serv - service argument of type FwRuleArg + Rule FwRuleArg `json:"ruleArguments" yaml:"ruleArguments"` + // Opts - firewall options + Opts FwOptArg `json:"opts" yaml:"opts"` +} + +func (firewallModel *FwRuleMod) GetKeyStruct() LoxiModel { + return &firewallModel.Rule +} + +type FirewallAPI struct { + resource string + provider string + version string + client *RESTClient + APICommonFunc +} + +func newFirewallAPI(r *RESTClient) *FirewallAPI { + return &FirewallAPI{ + resource: "config/firewall", + provider: r.provider, + version: r.version, + client: r, + } +} + +func (f *FirewallAPI) GetModel() LoxiModel { + return &FwRuleMod{} +} + +func (f *FirewallAPI) Create(ctx context.Context, fwModel LoxiModel) error { + resp := f.client.POST(f.resource).Body(fwModel).Do(ctx) + if resp.err != nil { + return resp.err + } + return nil +} + +func (f *FirewallAPI) Get(ctx context.Context, name string) error { + fwModel := f.GetModel() + + resp := f.client.GET(f.resource).SubResource(name).Do(ctx).UnMarshal(fwModel) + if resp.err != nil { + return resp.err + } + return nil +} + +func (f *FirewallAPI) Delete(ctx context.Context, fwModel LoxiModel) error { + queryParam, err := f.MakeQueryParam(fwModel) + if err != nil { + return err + } + + resp := f.client.DELETE(f.resource).Query(queryParam).Do(ctx) + if resp.statusCode != http.StatusOK { + if resp.err != nil { + return resp.err + } + } + + return nil +} diff --git a/pkg/api/lb.go b/pkg/api/lb.go index dad4b18..f3100b2 100644 --- a/pkg/api/lb.go +++ b/pkg/api/lb.go @@ -95,6 +95,7 @@ type LoadBalancerService struct { Oper LbOP `json:"oper,omitempty"` Host string `json:"host,omitempty"` PpV2 bool `json:"proxyprotocolv2,omitempty"` + Egress bool `json:"egress,omitempty"` } func (lbService *LoadBalancerService) GetKeyStruct() LoxiModel { diff --git a/pkg/crds/bgppeer/v1/zz_generated.deepcopy.go b/pkg/crds/bgppeer/v1/zz_generated.deepcopy.go index c3ea942..6b4d975 100644 --- a/pkg/crds/bgppeer/v1/zz_generated.deepcopy.go +++ b/pkg/crds/bgppeer/v1/zz_generated.deepcopy.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* -Copyright The Kubernetes Authors. +Copyright (c) NetLOX Inc Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/crds/bgppolicyapply/v1/zz_generated.deepcopy.go b/pkg/crds/bgppolicyapply/v1/zz_generated.deepcopy.go index b6c8056..4e23df0 100644 --- a/pkg/crds/bgppolicyapply/v1/zz_generated.deepcopy.go +++ b/pkg/crds/bgppolicyapply/v1/zz_generated.deepcopy.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* -Copyright The Kubernetes Authors. +Copyright (c) NetLOX Inc Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/crds/bgppolicydefinedsets/v1/zz_generated.deepcopy.go b/pkg/crds/bgppolicydefinedsets/v1/zz_generated.deepcopy.go index 8ced79b..0917bd2 100644 --- a/pkg/crds/bgppolicydefinedsets/v1/zz_generated.deepcopy.go +++ b/pkg/crds/bgppolicydefinedsets/v1/zz_generated.deepcopy.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* -Copyright The Kubernetes Authors. +Copyright (c) NetLOX Inc Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/crds/bgppolicydefinition/v1/zz_generated.deepcopy.go b/pkg/crds/bgppolicydefinition/v1/zz_generated.deepcopy.go index 723a936..6885523 100644 --- a/pkg/crds/bgppolicydefinition/v1/zz_generated.deepcopy.go +++ b/pkg/crds/bgppolicydefinition/v1/zz_generated.deepcopy.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* -Copyright The Kubernetes Authors. +Copyright (c) NetLOX Inc Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/crds/egress/v1/doc.go b/pkg/crds/egress/v1/doc.go new file mode 100644 index 0000000..05ebf08 --- /dev/null +++ b/pkg/crds/egress/v1/doc.go @@ -0,0 +1,4 @@ +// +k8s:deepcopy-gen=package +// +groupName=egress.loxilb.io + +package v1 diff --git a/pkg/crds/egress/v1/egress_types.go b/pkg/crds/egress/v1/egress_types.go new file mode 100644 index 0000000..e5fe6bf --- /dev/null +++ b/pkg/crds/egress/v1/egress_types.go @@ -0,0 +1,26 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type Egress struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec EgressSpec `json:"spec,omitempty"` +} + +type EgressSpec struct { + Addresses []string `json:"addresses"` + Vip string `json:"vip"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type EgressList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []Egress `json:"egresses"` +} diff --git a/pkg/crds/egress/v1/register.go b/pkg/crds/egress/v1/register.go new file mode 100644 index 0000000..a53790d --- /dev/null +++ b/pkg/crds/egress/v1/register.go @@ -0,0 +1,30 @@ +package v1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "egress.loxilb.io" + +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes( + SchemeGroupVersion, + &Egress{}, + ) + + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/pkg/crds/egress/v1/zz_generated.deepcopy.go b/pkg/crds/egress/v1/zz_generated.deepcopy.go new file mode 100644 index 0000000..137865a --- /dev/null +++ b/pkg/crds/egress/v1/zz_generated.deepcopy.go @@ -0,0 +1,107 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Egress) DeepCopyInto(out *Egress) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Egress. +func (in *Egress) DeepCopy() *Egress { + if in == nil { + return nil + } + out := new(Egress) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Egress) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressList) DeepCopyInto(out *EgressList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Egress, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressList. +func (in *EgressList) DeepCopy() *EgressList { + if in == nil { + return nil + } + out := new(EgressList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *EgressList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressSpec) DeepCopyInto(out *EgressSpec) { + *out = *in + if in.Addresses != nil { + in, out := &in.Addresses, &out.Addresses + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressSpec. +func (in *EgressSpec) DeepCopy() *EgressSpec { + if in == nil { + return nil + } + out := new(EgressSpec) + in.DeepCopyInto(out) + return out +} diff --git a/pkg/crds/loxiurl/v1/zz_generated.deepcopy.go b/pkg/crds/loxiurl/v1/zz_generated.deepcopy.go index 1783526..ea94a1e 100644 --- a/pkg/crds/loxiurl/v1/zz_generated.deepcopy.go +++ b/pkg/crds/loxiurl/v1/zz_generated.deepcopy.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* -Copyright The Kubernetes Authors. +Copyright (c) NetLOX Inc Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/pkg/egress-client/clientset/versioned/clientset.go b/pkg/egress-client/clientset/versioned/clientset.go new file mode 100644 index 0000000..3d77348 --- /dev/null +++ b/pkg/egress-client/clientset/versioned/clientset.go @@ -0,0 +1,120 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + fmt "fmt" + http "net/http" + + egressv1 "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned/typed/egress/v1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + EgressV1() egressv1.EgressV1Interface +} + +// Clientset contains the clients for groups. +type Clientset struct { + *discovery.DiscoveryClient + egressV1 *egressv1.EgressV1Client +} + +// EgressV1 retrieves the EgressV1Client +func (c *Clientset) EgressV1() egressv1.EgressV1Interface { + return c.egressV1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + + if configShallowCopy.UserAgent == "" { + configShallowCopy.UserAgent = rest.DefaultKubernetesUserAgent() + } + + // share the transport between all clients + httpClient, err := rest.HTTPClientFor(&configShallowCopy) + if err != nil { + return nil, err + } + + return NewForConfigAndClient(&configShallowCopy, httpClient) +} + +// NewForConfigAndClient creates a new Clientset for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfigAndClient will generate a rate-limiter in configShallowCopy. +func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + + var cs Clientset + var err error + cs.egressV1, err = egressv1.NewForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + cs, err := NewForConfig(c) + if err != nil { + panic(err) + } + return cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.egressV1 = egressv1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/pkg/egress-client/clientset/versioned/fake/clientset_generated.go b/pkg/egress-client/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 0000000..0a9427d --- /dev/null +++ b/pkg/egress-client/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,89 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned" + egressv1 "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned/typed/egress/v1" + fakeegressv1 "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned/typed/egress/v1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any field management, validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +// +// DEPRECATED: NewClientset replaces this with support for field management, which significantly improves +// server side apply testing. NewClientset is only available when apply configurations are generated (e.g. +// via --with-applyconfig). +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +var ( + _ clientset.Interface = &Clientset{} + _ testing.FakeClient = &Clientset{} +) + +// EgressV1 retrieves the EgressV1Client +func (c *Clientset) EgressV1() egressv1.EgressV1Interface { + return &fakeegressv1.FakeEgressV1{Fake: &c.Fake} +} diff --git a/pkg/egress-client/clientset/versioned/fake/doc.go b/pkg/egress-client/clientset/versioned/fake/doc.go new file mode 100644 index 0000000..8b3c686 --- /dev/null +++ b/pkg/egress-client/clientset/versioned/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/pkg/egress-client/clientset/versioned/fake/register.go b/pkg/egress-client/clientset/versioned/fake/register.go new file mode 100644 index 0000000..d581d75 --- /dev/null +++ b/pkg/egress-client/clientset/versioned/fake/register.go @@ -0,0 +1,56 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + egressv1 "github.com/loxilb-io/kube-loxilb/pkg/crds/egress/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) + +var localSchemeBuilder = runtime.SchemeBuilder{ + egressv1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/pkg/egress-client/clientset/versioned/scheme/doc.go b/pkg/egress-client/clientset/versioned/scheme/doc.go new file mode 100644 index 0000000..2561069 --- /dev/null +++ b/pkg/egress-client/clientset/versioned/scheme/doc.go @@ -0,0 +1,20 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/pkg/egress-client/clientset/versioned/scheme/register.go b/pkg/egress-client/clientset/versioned/scheme/register.go new file mode 100644 index 0000000..5410aab --- /dev/null +++ b/pkg/egress-client/clientset/versioned/scheme/register.go @@ -0,0 +1,56 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + egressv1 "github.com/loxilb-io/kube-loxilb/pkg/crds/egress/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + egressv1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/pkg/egress-client/clientset/versioned/typed/egress/v1/doc.go b/pkg/egress-client/clientset/versioned/typed/egress/v1/doc.go new file mode 100644 index 0000000..8915d4a --- /dev/null +++ b/pkg/egress-client/clientset/versioned/typed/egress/v1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1 diff --git a/pkg/egress-client/clientset/versioned/typed/egress/v1/egress.go b/pkg/egress-client/clientset/versioned/typed/egress/v1/egress.go new file mode 100644 index 0000000..6c06d33 --- /dev/null +++ b/pkg/egress-client/clientset/versioned/typed/egress/v1/egress.go @@ -0,0 +1,68 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + context "context" + + egressv1 "github.com/loxilb-io/kube-loxilb/pkg/crds/egress/v1" + scheme "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned/scheme" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + gentype "k8s.io/client-go/gentype" +) + +// EgressesGetter has a method to return a EgressInterface. +// A group's client should implement this interface. +type EgressesGetter interface { + Egresses(namespace string) EgressInterface +} + +// EgressInterface has methods to work with Egress resources. +type EgressInterface interface { + Create(ctx context.Context, egress *egressv1.Egress, opts metav1.CreateOptions) (*egressv1.Egress, error) + Update(ctx context.Context, egress *egressv1.Egress, opts metav1.UpdateOptions) (*egressv1.Egress, error) + Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error + Get(ctx context.Context, name string, opts metav1.GetOptions) (*egressv1.Egress, error) + List(ctx context.Context, opts metav1.ListOptions) (*egressv1.EgressList, error) + Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *egressv1.Egress, err error) + EgressExpansion +} + +// egresses implements EgressInterface +type egresses struct { + *gentype.ClientWithList[*egressv1.Egress, *egressv1.EgressList] +} + +// newEgresses returns a Egresses +func newEgresses(c *EgressV1Client, namespace string) *egresses { + return &egresses{ + gentype.NewClientWithList[*egressv1.Egress, *egressv1.EgressList]( + "egresses", + c.RESTClient(), + scheme.ParameterCodec, + namespace, + func() *egressv1.Egress { return &egressv1.Egress{} }, + func() *egressv1.EgressList { return &egressv1.EgressList{} }, + ), + } +} diff --git a/pkg/egress-client/clientset/versioned/typed/egress/v1/egress_client.go b/pkg/egress-client/clientset/versioned/typed/egress/v1/egress_client.go new file mode 100644 index 0000000..579cb0e --- /dev/null +++ b/pkg/egress-client/clientset/versioned/typed/egress/v1/egress_client.go @@ -0,0 +1,107 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +import ( + http "net/http" + + egressv1 "github.com/loxilb-io/kube-loxilb/pkg/crds/egress/v1" + scheme "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type EgressV1Interface interface { + RESTClient() rest.Interface + EgressesGetter +} + +// EgressV1Client is used to interact with features provided by the egress.loxilb.io group. +type EgressV1Client struct { + restClient rest.Interface +} + +func (c *EgressV1Client) Egresses(namespace string) EgressInterface { + return newEgresses(c, namespace) +} + +// NewForConfig creates a new EgressV1Client for the given config. +// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient), +// where httpClient was generated with rest.HTTPClientFor(c). +func NewForConfig(c *rest.Config) (*EgressV1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + httpClient, err := rest.HTTPClientFor(&config) + if err != nil { + return nil, err + } + return NewForConfigAndClient(&config, httpClient) +} + +// NewForConfigAndClient creates a new EgressV1Client for the given config and http client. +// Note the http client provided takes precedence over the configured transport values. +func NewForConfigAndClient(c *rest.Config, h *http.Client) (*EgressV1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientForConfigAndClient(&config, h) + if err != nil { + return nil, err + } + return &EgressV1Client{client}, nil +} + +// NewForConfigOrDie creates a new EgressV1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *EgressV1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new EgressV1Client for the given RESTClient. +func New(c rest.Interface) *EgressV1Client { + return &EgressV1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := egressv1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = rest.CodecFactoryForGeneratedClient(scheme.Scheme, scheme.Codecs).WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *EgressV1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/egress-client/clientset/versioned/typed/egress/v1/fake/doc.go b/pkg/egress-client/clientset/versioned/typed/egress/v1/fake/doc.go new file mode 100644 index 0000000..5edb93a --- /dev/null +++ b/pkg/egress-client/clientset/versioned/typed/egress/v1/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/egress-client/clientset/versioned/typed/egress/v1/fake/fake_egress.go b/pkg/egress-client/clientset/versioned/typed/egress/v1/fake/fake_egress.go new file mode 100644 index 0000000..cf87159 --- /dev/null +++ b/pkg/egress-client/clientset/versioned/typed/egress/v1/fake/fake_egress.go @@ -0,0 +1,48 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/loxilb-io/kube-loxilb/pkg/crds/egress/v1" + egressv1 "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned/typed/egress/v1" + gentype "k8s.io/client-go/gentype" +) + +// fakeEgresses implements EgressInterface +type fakeEgresses struct { + *gentype.FakeClientWithList[*v1.Egress, *v1.EgressList] + Fake *FakeEgressV1 +} + +func newFakeEgresses(fake *FakeEgressV1, namespace string) egressv1.EgressInterface { + return &fakeEgresses{ + gentype.NewFakeClientWithList[*v1.Egress, *v1.EgressList]( + fake.Fake, + namespace, + v1.SchemeGroupVersion.WithResource("egresses"), + v1.SchemeGroupVersion.WithKind("Egress"), + func() *v1.Egress { return &v1.Egress{} }, + func() *v1.EgressList { return &v1.EgressList{} }, + func(dst, src *v1.EgressList) { dst.ListMeta = src.ListMeta }, + func(list *v1.EgressList) []*v1.Egress { return gentype.ToPointerSlice(list.Items) }, + func(list *v1.EgressList, items []*v1.Egress) { list.Items = gentype.FromPointerSlice(items) }, + ), + fake, + } +} diff --git a/pkg/egress-client/clientset/versioned/typed/egress/v1/fake/fake_egress_client.go b/pkg/egress-client/clientset/versioned/typed/egress/v1/fake/fake_egress_client.go new file mode 100644 index 0000000..e965ed2 --- /dev/null +++ b/pkg/egress-client/clientset/versioned/typed/egress/v1/fake/fake_egress_client.go @@ -0,0 +1,40 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1 "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned/typed/egress/v1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeEgressV1 struct { + *testing.Fake +} + +func (c *FakeEgressV1) Egresses(namespace string) v1.EgressInterface { + return newFakeEgresses(c, namespace) +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeEgressV1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/egress-client/clientset/versioned/typed/egress/v1/generated_expansion.go b/pkg/egress-client/clientset/versioned/typed/egress/v1/generated_expansion.go new file mode 100644 index 0000000..ea659af --- /dev/null +++ b/pkg/egress-client/clientset/versioned/typed/egress/v1/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1 + +type EgressExpansion interface{} diff --git a/pkg/egress-client/informers/externalversions/egress/interface.go b/pkg/egress-client/informers/externalversions/egress/interface.go new file mode 100644 index 0000000..2a0c9a0 --- /dev/null +++ b/pkg/egress-client/informers/externalversions/egress/interface.go @@ -0,0 +1,46 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package egress + +import ( + v1 "github.com/loxilb-io/kube-loxilb/pkg/egress-client/informers/externalversions/egress/v1" + internalinterfaces "github.com/loxilb-io/kube-loxilb/pkg/egress-client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1 provides access to shared informers for resources in V1. + V1() v1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1 returns a new v1.Interface. +func (g *group) V1() v1.Interface { + return v1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/pkg/egress-client/informers/externalversions/egress/v1/egress.go b/pkg/egress-client/informers/externalversions/egress/v1/egress.go new file mode 100644 index 0000000..fa3eee6 --- /dev/null +++ b/pkg/egress-client/informers/externalversions/egress/v1/egress.go @@ -0,0 +1,90 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1 + +import ( + context "context" + time "time" + + crdsegressv1 "github.com/loxilb-io/kube-loxilb/pkg/crds/egress/v1" + versioned "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned" + internalinterfaces "github.com/loxilb-io/kube-loxilb/pkg/egress-client/informers/externalversions/internalinterfaces" + egressv1 "github.com/loxilb-io/kube-loxilb/pkg/egress-client/listers/egress/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// EgressInformer provides access to a shared informer and lister for +// Egresses. +type EgressInformer interface { + Informer() cache.SharedIndexInformer + Lister() egressv1.EgressLister +} + +type egressInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewEgressInformer constructs a new informer for Egress type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewEgressInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredEgressInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredEgressInformer constructs a new informer for Egress type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredEgressInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options metav1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.EgressV1().Egresses(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.EgressV1().Egresses(namespace).Watch(context.TODO(), options) + }, + }, + &crdsegressv1.Egress{}, + resyncPeriod, + indexers, + ) +} + +func (f *egressInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredEgressInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *egressInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdsegressv1.Egress{}, f.defaultInformer) +} + +func (f *egressInformer) Lister() egressv1.EgressLister { + return egressv1.NewEgressLister(f.Informer().GetIndexer()) +} diff --git a/pkg/egress-client/informers/externalversions/egress/v1/interface.go b/pkg/egress-client/informers/externalversions/egress/v1/interface.go new file mode 100644 index 0000000..0edfadb --- /dev/null +++ b/pkg/egress-client/informers/externalversions/egress/v1/interface.go @@ -0,0 +1,45 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1 + +import ( + internalinterfaces "github.com/loxilb-io/kube-loxilb/pkg/egress-client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // Egresses returns a EgressInformer. + Egresses() EgressInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// Egresses returns a EgressInformer. +func (v *version) Egresses() EgressInformer { + return &egressInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/pkg/egress-client/informers/externalversions/factory.go b/pkg/egress-client/informers/externalversions/factory.go new file mode 100644 index 0000000..c7cfff2 --- /dev/null +++ b/pkg/egress-client/informers/externalversions/factory.go @@ -0,0 +1,262 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned" + egress "github.com/loxilb-io/kube-loxilb/pkg/egress-client/informers/externalversions/egress" + internalinterfaces "github.com/loxilb-io/kube-loxilb/pkg/egress-client/informers/externalversions/internalinterfaces" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + transform cache.TransformFunc + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool + // wg tracks how many goroutines were started. + wg sync.WaitGroup + // shuttingDown is true when Shutdown has been called. It may still be running + // because it needs to wait for goroutines. + shuttingDown bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// WithTransform sets a transform on all informers. +func WithTransform(transform cache.TransformFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.transform = transform + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + if f.shuttingDown { + return + } + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + f.wg.Add(1) + // We need a new variable in each loop iteration, + // otherwise the goroutine would use the loop variable + // and that keeps changing. + informer := informer + go func() { + defer f.wg.Done() + informer.Run(stopCh) + }() + f.startedInformers[informerType] = true + } + } +} + +func (f *sharedInformerFactory) Shutdown() { + f.lock.Lock() + f.shuttingDown = true + f.lock.Unlock() + + // Will return immediately if there is nothing to wait for. + f.wg.Wait() +} + +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + informer.SetTransform(f.transform) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +// +// It is typically used like this: +// +// ctx, cancel := context.Background() +// defer cancel() +// factory := NewSharedInformerFactory(client, resyncPeriod) +// defer factory.WaitForStop() // Returns immediately if nothing was started. +// genericInformer := factory.ForResource(resource) +// typedInformer := factory.SomeAPIGroup().V1().SomeType() +// factory.Start(ctx.Done()) // Start processing these informers. +// synced := factory.WaitForCacheSync(ctx.Done()) +// for v, ok := range synced { +// if !ok { +// fmt.Fprintf(os.Stderr, "caches failed to sync: %v", v) +// return +// } +// } +// +// // Creating informers can also be created after Start, but then +// // Start must be called again: +// anotherGenericInformer := factory.ForResource(resource) +// factory.Start(ctx.Done()) +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + + // Start initializes all requested informers. They are handled in goroutines + // which run until the stop channel gets closed. + // Warning: Start does not block. When run in a go-routine, it will race with a later WaitForCacheSync. + Start(stopCh <-chan struct{}) + + // Shutdown marks a factory as shutting down. At that point no new + // informers can be started anymore and Start will return without + // doing anything. + // + // In addition, Shutdown blocks until all goroutines have terminated. For that + // to happen, the close channel(s) that they were started with must be closed, + // either before Shutdown gets called or while it is waiting. + // + // Shutdown may be called multiple times, even concurrently. All such calls will + // block until all goroutines have terminated. + Shutdown() + + // WaitForCacheSync blocks until all started informers' caches were synced + // or the stop channel gets closed. + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + // ForResource gives generic access to a shared informer of the matching type. + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + + // InformerFor returns the SharedIndexInformer for obj using an internal + // client. + InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer + + Egress() egress.Interface +} + +func (f *sharedInformerFactory) Egress() egress.Interface { + return egress.New(f, f.namespace, f.tweakListOptions) +} diff --git a/pkg/egress-client/informers/externalversions/generic.go b/pkg/egress-client/informers/externalversions/generic.go new file mode 100644 index 0000000..fe4e907 --- /dev/null +++ b/pkg/egress-client/informers/externalversions/generic.go @@ -0,0 +1,62 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + fmt "fmt" + + v1 "github.com/loxilb-io/kube-loxilb/pkg/crds/egress/v1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=egress.loxilb.io, Version=v1 + case v1.SchemeGroupVersion.WithResource("egresses"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Egress().V1().Egresses().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/pkg/egress-client/informers/externalversions/internalinterfaces/factory_interfaces.go b/pkg/egress-client/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 0000000..429204b --- /dev/null +++ b/pkg/egress-client/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,40 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +// TweakListOptionsFunc is a function that transforms a v1.ListOptions. +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/pkg/egress-client/listers/egress/v1/egress.go b/pkg/egress-client/listers/egress/v1/egress.go new file mode 100644 index 0000000..57122bf --- /dev/null +++ b/pkg/egress-client/listers/egress/v1/egress.go @@ -0,0 +1,70 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1 + +import ( + egressv1 "github.com/loxilb-io/kube-loxilb/pkg/crds/egress/v1" + labels "k8s.io/apimachinery/pkg/labels" + listers "k8s.io/client-go/listers" + cache "k8s.io/client-go/tools/cache" +) + +// EgressLister helps list Egresses. +// All objects returned here must be treated as read-only. +type EgressLister interface { + // List lists all Egresses in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*egressv1.Egress, err error) + // Egresses returns an object that can list and get Egresses. + Egresses(namespace string) EgressNamespaceLister + EgressListerExpansion +} + +// egressLister implements the EgressLister interface. +type egressLister struct { + listers.ResourceIndexer[*egressv1.Egress] +} + +// NewEgressLister returns a new EgressLister. +func NewEgressLister(indexer cache.Indexer) EgressLister { + return &egressLister{listers.New[*egressv1.Egress](indexer, egressv1.Resource("egress"))} +} + +// Egresses returns an object that can list and get Egresses. +func (s *egressLister) Egresses(namespace string) EgressNamespaceLister { + return egressNamespaceLister{listers.NewNamespaced[*egressv1.Egress](s.ResourceIndexer, namespace)} +} + +// EgressNamespaceLister helps list and get Egresses. +// All objects returned here must be treated as read-only. +type EgressNamespaceLister interface { + // List lists all Egresses in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*egressv1.Egress, err error) + // Get retrieves the Egress from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*egressv1.Egress, error) + EgressNamespaceListerExpansion +} + +// egressNamespaceLister implements the EgressNamespaceLister +// interface. +type egressNamespaceLister struct { + listers.ResourceIndexer[*egressv1.Egress] +} diff --git a/pkg/egress-client/listers/egress/v1/expansion_generated.go b/pkg/egress-client/listers/egress/v1/expansion_generated.go new file mode 100644 index 0000000..32e21ca --- /dev/null +++ b/pkg/egress-client/listers/egress/v1/expansion_generated.go @@ -0,0 +1,27 @@ +/* +Copyright (c) NetLOX Inc + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1 + +// EgressListerExpansion allows custom methods to be added to +// EgressLister. +type EgressListerExpansion interface{} + +// EgressNamespaceListerExpansion allows custom methods to be added to +// EgressNamespaceLister. +type EgressNamespaceListerExpansion interface{} diff --git a/pkg/k8s/client.go b/pkg/k8s/client.go index a0ae553..875e0f8 100644 --- a/pkg/k8s/client.go +++ b/pkg/k8s/client.go @@ -18,6 +18,7 @@ package k8s import ( bpgcrdclientset "github.com/loxilb-io/kube-loxilb/pkg/bgp-client/clientset/versioned" + egresscrdclientset "github.com/loxilb-io/kube-loxilb/pkg/egress-client/clientset/versioned" klbcrdclientset "github.com/loxilb-io/kube-loxilb/pkg/klb-client/clientset/versioned" apiextensionclientset "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset" clientset "k8s.io/client-go/kubernetes" @@ -32,7 +33,7 @@ import ( // CreateClients creates kube clients from the given config. func CreateClients(config componentbaseconfig.ClientConnectionConfiguration, kubeAPIServerOverride string) ( - clientset.Interface, aggregatorclientset.Interface, bpgcrdclientset.Interface, klbcrdclientset.Interface, apiextensionclientset.Interface, sigsclientset.Interface, error) { + clientset.Interface, aggregatorclientset.Interface, bpgcrdclientset.Interface, klbcrdclientset.Interface, egresscrdclientset.Interface, apiextensionclientset.Interface, sigsclientset.Interface, error) { var kubeConfig *rest.Config var err error @@ -50,7 +51,7 @@ func CreateClients(config componentbaseconfig.ClientConnectionConfiguration, kub } if err != nil { - return nil, nil, nil, nil, nil, nil, err + return nil, nil, nil, nil, nil, nil, nil, err } kubeConfig.AcceptContentTypes = config.AcceptContentTypes @@ -60,33 +61,40 @@ func CreateClients(config componentbaseconfig.ClientConnectionConfiguration, kub client, err := clientset.NewForConfig(kubeConfig) if err != nil { - return nil, nil, nil, nil, nil, nil, err + return nil, nil, nil, nil, nil, nil, nil, err } aggregatorClient, err := aggregatorclientset.NewForConfig(kubeConfig) if err != nil { - return nil, nil, nil, nil, nil, nil, err + return nil, nil, nil, nil, nil, nil, nil, err } // Create client for crd operations crdClient, err := bpgcrdclientset.NewForConfig(kubeConfig) if err != nil { - return nil, nil, nil, nil, nil, nil, err + return nil, nil, nil, nil, nil, nil, nil, err } // Create client for crd operations klbClient, err := klbcrdclientset.NewForConfig(kubeConfig) if err != nil { - return nil, nil, nil, nil, nil, nil, err + return nil, nil, nil, nil, nil, nil, nil, err + } + + // Create client for egress crd operations + // TODO: so many crdClient returned. crdClient must be integrated into one. + egressClient, err := egresscrdclientset.NewForConfig(kubeConfig) + if err != nil { + return nil, nil, nil, nil, nil, nil, nil, err } // Create client for crd manipulations apiExtensionClient, err := apiextensionclientset.NewForConfig(kubeConfig) if err != nil { - return nil, nil, nil, nil, nil, nil, err + return nil, nil, nil, nil, nil, nil, nil, err } sigsClient, err := sigsclientset.NewForConfig(kubeConfig) if err != nil { - return nil, nil, nil, nil, nil, nil, err + return nil, nil, nil, nil, nil, nil, nil, err } - return client, aggregatorClient, crdClient, klbClient, apiExtensionClient, sigsClient, nil + return client, aggregatorClient, crdClient, klbClient, egressClient, apiExtensionClient, sigsClient, nil }