Skip to content

Commit

Permalink
Upgrade to aws-load-balancer-controller for NLB Services
Browse files Browse the repository at this point in the history
  • Loading branch information
roivaz committed May 15, 2024
1 parent 27e3c2c commit 0722acb
Show file tree
Hide file tree
Showing 23 changed files with 408 additions and 39 deletions.
2 changes: 1 addition & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
# To re-generate a bundle for another specific version without changing the standard setup, you can:
# - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
# - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
VERSION ?= 0.23.0-alpha.9
VERSION ?= 0.24.0-alpha.1
# CHANNELS define the bundle channels used in the bundle.
# Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
# To re-generate a bundle for other specific channels without changing the standard setup, you can:
Expand Down
1 change: 1 addition & 0 deletions api/v1alpha1/backend_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ var (
backendDefaultListenerNLBLoadBalancer defaultNLBLoadBalancerSpec = defaultNLBLoadBalancerSpec{
ProxyProtocol: util.Pointer(true),
CrossZoneLoadBalancingEnabled: util.Pointer(true),
TerminationProtection: util.Pointer(false),
}
backendDefaultListenerReplicas int32 = 2
backendDefaultListenerResources defaultResourceRequirementsSpec = defaultResourceRequirementsSpec{
Expand Down
12 changes: 10 additions & 2 deletions api/v1alpha1/common_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -247,17 +247,25 @@ type NLBLoadBalancerSpec struct {
// +operator-sdk:csv:customresourcedefinitions:type=spec
// +optional
EIPAllocations []string `json:"eipAllocations,omitempty"`
// Optionally specify the load balancer name
// +operator-sdk:csv:customresourcedefinitions:type=spec
// +optional
LoadBalancerName *string `json:"loadBalancerName,omitempty"`
// Termination protection setting
// +operator-sdk:csv:customresourcedefinitions:type=spec
// +optional
TerminationProtection *bool `json:"terminationProtection,omitempty"`
}

type defaultNLBLoadBalancerSpec struct {
CrossZoneLoadBalancingEnabled, ProxyProtocol *bool
EIPAllocations []string
CrossZoneLoadBalancingEnabled, ProxyProtocol, TerminationProtection *bool
}

// Default sets default values for any value not specifically set in the NLBLoadBalancerSpec struct
func (spec *NLBLoadBalancerSpec) Default(def defaultNLBLoadBalancerSpec) {
spec.ProxyProtocol = boolOrDefault(spec.ProxyProtocol, def.ProxyProtocol)
spec.CrossZoneLoadBalancingEnabled = boolOrDefault(spec.CrossZoneLoadBalancingEnabled, def.CrossZoneLoadBalancingEnabled)
spec.TerminationProtection = boolOrDefault(spec.TerminationProtection, def.TerminationProtection)
}

// IsDeactivated true if the field is set with the deactivated value (empty struct)
Expand Down
1 change: 1 addition & 0 deletions api/v1alpha1/echoapi_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ var (
echoapiDefaultNLBLoadBalancer defaultNLBLoadBalancerSpec = defaultNLBLoadBalancerSpec{
ProxyProtocol: util.Pointer(true),
CrossZoneLoadBalancingEnabled: util.Pointer(true),
TerminationProtection: util.Pointer(false),
}
)

Expand Down
10 changes: 10 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

20 changes: 16 additions & 4 deletions bundle/manifests/saas-operator.clusterserviceversion.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions bundle/manifests/saas.3scale.net_backends.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions bundle/manifests/saas.3scale.net_echoapis.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions config/crd/bases/saas.3scale.net_backends.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 6 additions & 0 deletions config/crd/bases/saas.3scale.net_echoapis.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion config/manager/kustomization.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,4 @@ kind: Kustomization
images:
- name: controller
newName: quay.io/3scale/saas-operator
newTag: v0.23.0-alpha.9
newTag: v0.24.0-alpha.1
12 changes: 12 additions & 0 deletions config/manifests/bases/saas-operator.clusterserviceversion.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1143,9 +1143,15 @@ spec:
- description: The list of optional Elastic IPs allocations
displayName: EIPAllocations
path: listener.loadBalancer.eipAllocations
- description: Optionally specify the load balancer name
displayName: Load Balancer Name
path: listener.loadBalancer.loadBalancerName
- description: Enables/disbles use of proxy protocol in the load balancer
displayName: Proxy Protocol
path: listener.loadBalancer.proxyProtocol
- description: Termination protection setting
displayName: Termination Protection
path: listener.loadBalancer.terminationProtection
- description: Marin3r configures the Marin3r sidecars for the component
displayName: Marin3r
path: listener.marin3r
Expand Down Expand Up @@ -1720,9 +1726,15 @@ spec:
- description: The list of optional Elastic IPs allocations
displayName: EIPAllocations
path: loadBalancer.eipAllocations
- description: Optionally specify the load balancer name
displayName: Load Balancer Name
path: loadBalancer.loadBalancerName
- description: Enables/disbles use of proxy protocol in the load balancer
displayName: Proxy Protocol
path: loadBalancer.proxyProtocol
- description: Termination protection setting
displayName: Termination Protection
path: loadBalancer.terminationProtection
- description: Marin3r configures the Marin3r sidecars for the component
displayName: Marin3r
path: marin3r
Expand Down
38 changes: 37 additions & 1 deletion controllers/backend_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,17 @@ package controllers

import (
"context"
"strings"

"github.com/3scale-ops/basereconciler/reconciler"
"github.com/3scale-ops/basereconciler/util"
saasv1alpha1 "github.com/3scale-ops/saas-operator/api/v1alpha1"
"github.com/3scale-ops/saas-operator/pkg/generators/backend"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/client"
)

// BackendReconciler reconciles a Backend object
Expand All @@ -49,7 +53,7 @@ type BackendReconciler struct {
// move the current state of the cluster closer to the desired state.
func (r *BackendReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {

ctx, _ = r.Logger(ctx, "name", req.Name, "namespace", req.Namespace)
ctx, logger := r.Logger(ctx, "name", req.Name, "namespace", req.Namespace)
instance := &saasv1alpha1.Backend{}
result := r.ManageResourceLifecycle(ctx, req, instance,
reconciler.WithInMemoryInitializationFunc(util.ResourceDefaulter(instance)))
Expand All @@ -61,6 +65,38 @@ func (r *BackendReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
if err != nil {
return ctrl.Result{}, err
}

// Upgrade NLBs managed by nlb-helper-operator
svc := &corev1.Service{ObjectMeta: metav1.ObjectMeta{Name: gen.Listener.GetComponent(), Namespace: req.Namespace}}
if err := r.Client.Get(ctx, client.ObjectKeyFromObject(svc), svc); err == nil {
// 1. Update parent resource with NLB name for NLB adoption
// 2. Add termination protection
nlbName := strings.Split(strings.Split(svc.Status.LoadBalancer.Ingress[0].Hostname, ".")[0], "-")[0]
if instance.Spec.Listener.LoadBalancer.LoadBalancerName == nil ||
*instance.Spec.Listener.LoadBalancer.LoadBalancerName != nlbName {
patch := client.MergeFrom(instance.DeepCopy())
instance.Spec.Listener.LoadBalancer.LoadBalancerName = &nlbName
instance.Spec.Listener.LoadBalancer.TerminationProtection = util.Pointer(true)
if err := r.Client.Patch(ctx, instance, patch); err != nil {
return ctrl.Result{}, err
}
logger.Info("resource patched", "kind", "Backend", "key", req)
}

// 3. Abandon old Service resource
if svc.GetOwnerReferences() != nil || svc.GetAnnotations()["service.beta.kubernetes.io/aws-load-balancer-type"] != "external" {
svc.ObjectMeta.OwnerReferences = nil
svc.ObjectMeta.Annotations["service.beta.kubernetes.io/aws-load-balancer-type"] = "external"
if err := r.Client.Update(ctx, svc); err != nil {
return ctrl.Result{}, err
}
logger.Info("resource abandoned", "kind", "Service", "key", req)
}

} else if !errors.IsNotFound(err) {
return ctrl.Result{}, err
}

resources, err := gen.Resources()
if err != nil {
return ctrl.Result{}, err
Expand Down
31 changes: 16 additions & 15 deletions controllers/backend_controller_suite_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -142,9 +142,9 @@ var _ = Describe("Backend controller", func() {
}).Assert(k8sClient, dep, timeout, poll))

svc := &corev1.Service{}
By("deploying the backend-listener service",
By("deploying the backend-listener-nlb service",
(&testutil.ExpectedResource{
Name: "backend-listener", Namespace: namespace,
Name: "backend-listener-nlb", Namespace: namespace,
}).Assert(k8sClient, svc, timeout, poll))

Expect(svc.Spec.Selector["deployment"]).To(Equal("backend-listener"))
Expand Down Expand Up @@ -290,8 +290,8 @@ var _ = Describe("Backend controller", func() {
return err
}

rvs["svc/backend-listener"] = testutil.GetResourceVersion(
k8sClient, &corev1.Service{}, "backend-listener", namespace, timeout, poll)
rvs["svc/backend-listener-nlb"] = testutil.GetResourceVersion(
k8sClient, &corev1.Service{}, "backend-listener-nlb", namespace, timeout, poll)
rvs["deployment/backend-listener"] = testutil.GetResourceVersion(
k8sClient, &appsv1.Deployment{}, "backend-listener", namespace, timeout, poll)
rvs["hpa/backend-worker"] = testutil.GetResourceVersion(
Expand Down Expand Up @@ -376,14 +376,15 @@ var _ = Describe("Backend controller", func() {
}).Assert(k8sClient, dep, timeout, poll))

svc := &corev1.Service{}
By("updating backend-listener service",
By("updating backend-listener-nlb service",
(&testutil.ExpectedResource{
Name: "backend-listener", Namespace: namespace,
LastVersion: rvs["svc/backend-listener"],
Name: "backend-listener-nlb", Namespace: namespace,
LastVersion: rvs["svc/backend-listener-nlb"],
}).Assert(k8sClient, svc, timeout, poll))

Expect(svc.Spec.Selector["deployment"]).To(Equal("backend-listener"))
Expect(svc.GetAnnotations()["service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled"]).To(Equal("false"))
Expect(svc.GetAnnotations()["service.beta.kubernetes.io/aws-load-balancer-attributes"]).
To(Equal("load_balancing.cross_zone.enabled=false,deletion_protection.enabled=false"))

hpa := &autoscalingv2.HorizontalPodAutoscaler{}
By("updating the backend-worker workload",
Expand Down Expand Up @@ -482,7 +483,7 @@ var _ = Describe("Backend controller", func() {
}

rvs["svc/backend-listener"] = testutil.GetResourceVersion(
k8sClient, &corev1.Service{}, "backend-listener", namespace, timeout, poll)
k8sClient, &corev1.Service{}, "backend-listener-nlb", namespace, timeout, poll)
rvs["deployment/backend-listener"] = testutil.GetResourceVersion(
k8sClient, &appsv1.Deployment{}, "backend-listener", namespace, timeout, poll)
rvs["deployment/backend-worker"] = testutil.GetResourceVersion(
Expand Down Expand Up @@ -541,9 +542,9 @@ var _ = Describe("Backend controller", func() {
}).Assert(k8sClient, dep, timeout, poll))

svc := &corev1.Service{}
By("keeps the backend-listener service deployment label selector",
By("keeps the backend-listener-nlb service deployment label selector",
(&testutil.ExpectedResource{
Name: "backend-listener", Namespace: namespace,
Name: "backend-listener-nlb", Namespace: namespace,
}).Assert(k8sClient, svc, timeout, poll))

Expect(svc.Spec.Selector["deployment"]).To(Equal("backend-listener"))
Expand Down Expand Up @@ -594,8 +595,8 @@ var _ = Describe("Backend controller", func() {

rvs["deployment/backend-listener-canary"] = testutil.GetResourceVersion(
k8sClient, &appsv1.Deployment{}, "backend-listener-canary", namespace, timeout, poll)
rvs["svc/backend-listener"] = testutil.GetResourceVersion(
k8sClient, &corev1.Service{}, "backend-listener", namespace, timeout, poll)
rvs["svc/backend-listener-nlb"] = testutil.GetResourceVersion(
k8sClient, &corev1.Service{}, "backend-listener-nlb", namespace, timeout, poll)
rvs["deployment/backend-worker-canary"] = testutil.GetResourceVersion(
k8sClient, &appsv1.Deployment{}, "backend-worker-canary", namespace, timeout, poll)

Expand Down Expand Up @@ -634,8 +635,8 @@ var _ = Describe("Backend controller", func() {
svc := &corev1.Service{}
By("removing the backend-listener service deployment label selector",
(&testutil.ExpectedResource{
Name: "backend-listener", Namespace: namespace,
LastVersion: rvs["svc/backend-listener"],
Name: "backend-listener-nlb", Namespace: namespace,
LastVersion: rvs["svc/backend-listener-nlb"],
}).Assert(k8sClient, svc, timeout, poll))

Expect(svc.Spec.Selector).ToNot(HaveKey("deployment"))
Expand Down
Loading

0 comments on commit 0722acb

Please sign in to comment.