-
Notifications
You must be signed in to change notification settings - Fork 33
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
11 changed files
with
282 additions
and
157 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -19,18 +19,17 @@ package controllers | |
| import ( | ||
| "context" | ||
| "encoding/json" | ||
| "fmt" | ||
| "sort" | ||
|
|
||
| "github.com/go-logr/logr" | ||
| istioextensionsv1alpha1 "istio.io/api/extensions/v1alpha1" | ||
| istiov1beta1 "istio.io/api/type/v1beta1" | ||
| istioclientgoextensionv1alpha1 "istio.io/client-go/pkg/apis/extensions/v1alpha1" | ||
| apierrors "k8s.io/apimachinery/pkg/api/errors" | ||
| metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | ||
| ctrl "sigs.k8s.io/controller-runtime" | ||
| "sigs.k8s.io/controller-runtime/pkg/builder" | ||
| "sigs.k8s.io/controller-runtime/pkg/client" | ||
| "sigs.k8s.io/controller-runtime/pkg/predicate" | ||
| "sigs.k8s.io/controller-runtime/pkg/handler" | ||
| gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" | ||
|
|
||
| kuadrantv1beta2 "github.com/kuadrant/kuadrant-operator/api/v1beta2" | ||
|
|
@@ -46,8 +45,9 @@ type RateLimitingWASMPluginReconciler struct { | |
| } | ||
|
|
||
| //+kubebuilder:rbac:groups=extensions.istio.io,resources=wasmplugins,verbs=get;list;watch;create;update;patch;delete | ||
| //+kubebuilder:rbac:groups=gateway.networking.k8s.io,resources=gateways,verbs=get | ||
| //+kubebuilder:rbac:groups=kuadrant.io,resources=ratelimitpolicies,verbs=get | ||
| //+kubebuilder:rbac:groups=gateway.networking.k8s.io,resources=gateways,verbs=get;list;watch;update;patch | ||
| //+kubebuilder:rbac:groups=gateway.networking.k8s.io,resources=httproutes,verbs=get;list;watch;update;patch | ||
| //+kubebuilder:rbac:groups=kuadrant.io,resources=ratelimitpolicies,verbs=get;list;watch;update;patch | ||
|
|
||
| // For more details, check Reconcile and its Result here: | ||
| // - https://pkg.go.dev/sigs.k8s.io/[email protected]/pkg/reconcile | ||
|
|
@@ -74,58 +74,18 @@ func (r *RateLimitingWASMPluginReconciler) Reconcile(eventCtx context.Context, r | |
| logger.V(1).Info(string(jsonData)) | ||
| } | ||
|
|
||
| err := r.reconcileRateLimitingWASMPlugin(ctx, gw) | ||
|
|
||
| if err != nil { | ||
| return ctrl.Result{}, err | ||
| } | ||
|
|
||
| logger.Info("Rate limiting WASMPlugin reconciled successfully") | ||
| return ctrl.Result{}, nil | ||
| } | ||
|
|
||
| func (r *RateLimitingWASMPluginReconciler) reconcileRateLimitingWASMPlugin(ctx context.Context, gw *gatewayapiv1.Gateway) error { | ||
| desired, err := r.desiredRateLimitingWASMPlugin(ctx, gw) | ||
| if err != nil { | ||
| return err | ||
| return ctrl.Result{}, err | ||
| } | ||
|
|
||
| err = r.ReconcileResource(ctx, &istioclientgoextensionv1alpha1.WasmPlugin{}, desired, rlptools.WASMPluginMutator) | ||
| if err != nil { | ||
| return err | ||
| } | ||
|
|
||
| return nil | ||
| } | ||
|
|
||
| func (r *RateLimitingWASMPluginReconciler) gatewayAPITopologyFromGateway(ctx context.Context, gw *gatewayapiv1.Gateway) (*common.KuadrantTopology, error) { | ||
| logger, err := logr.FromContext(ctx) | ||
| if err != nil { | ||
| return nil, err | ||
| } | ||
|
|
||
| routeList := &gatewayapiv1.HTTPRouteList{} | ||
| // Get all the routes having the gateway as parent | ||
| err = r.Client().List(ctx, routeList, client.MatchingFields{common.HTTPRouteParents: client.ObjectKeyFromObject(gw).String()}) | ||
| logger.V(1).Info("gatewayAPITopologyFromGateway: list httproutes from gateway", "err", err) | ||
| if err != nil { | ||
| return nil, err | ||
| } | ||
|
|
||
| rlpList := &kuadrantv1beta2.RateLimitPolicyList{} | ||
| // Get all the rate limit policies | ||
| // TODO(eastizle): Add index field?? | ||
| err = r.Client().List(ctx, rlpList) | ||
| logger.V(1).Info("gatewayAPITopologyFromGateway: list rate limit policies", "err", err) | ||
| if err != nil { | ||
| return nil, err | ||
| return ctrl.Result{}, err | ||
| } | ||
|
|
||
| return common.NewKuadrantTopology( | ||
| []*gatewayapiv1.Gateway{gw}, | ||
| common.Map(routeList.Items, func(r gatewayapiv1.HTTPRoute) *gatewayapiv1.HTTPRoute { return &r }), | ||
| common.Map(rlpList.Items, func(p kuadrantv1beta2.RateLimitPolicy) common.KuadrantPolicy { return &p }), | ||
| ), nil | ||
| logger.Info("Rate limiting WASMPlugin reconciled successfully") | ||
| return ctrl.Result{}, nil | ||
| } | ||
|
|
||
| func (r *RateLimitingWASMPluginReconciler) desiredRateLimitingWASMPlugin(ctx context.Context, gw *gatewayapiv1.Gateway) (*istioclientgoextensionv1alpha1.WasmPlugin, error) { | ||
|
|
@@ -134,12 +94,13 @@ func (r *RateLimitingWASMPluginReconciler) desiredRateLimitingWASMPlugin(ctx con | |
| Kind: "WasmPlugin", | ||
| APIVersion: "extensions.istio.io/v1alpha1", | ||
| }, | ||
| ObjectMeta: metav1.ObjectMeta{ | ||
| Name: fmt.Sprintf("kuadrant-%s", gw.Name), | ||
| Namespace: gw.Namespace, | ||
| }, | ||
| ObjectMeta: common.RateLimitingWASMPluginName(gw), | ||
| Spec: istioextensionsv1alpha1.WasmPlugin{ | ||
| Selector: common.IstioWorkloadSelectorFromGateway(ctx, r.Client(), gw), | ||
| TargetRef: &istiov1beta1.PolicyTargetReference{ | ||
| Group: "gateway.networking.k8s.io", | ||
| Kind: "Gateway", | ||
| Name: gw.Name, | ||
| }, | ||
| Url: rlptools.WASMFilterImageURL, | ||
| PluginConfig: nil, | ||
| // Insert plugin before Istio stats filters and after Istio authorization filters. | ||
|
|
@@ -212,6 +173,36 @@ func (r *RateLimitingWASMPluginReconciler) wasmPluginConfig(ctx context.Context, | |
| return wasmPlugin, nil | ||
| } | ||
|
|
||
| func (r *RateLimitingWASMPluginReconciler) gatewayAPITopologyFromGateway(ctx context.Context, gw *gatewayapiv1.Gateway) (*common.KuadrantTopology, error) { | ||
| logger, err := logr.FromContext(ctx) | ||
| if err != nil { | ||
| return nil, err | ||
| } | ||
|
|
||
| routeList := &gatewayapiv1.HTTPRouteList{} | ||
| // Get all the routes having the gateway as parent | ||
| err = r.Client().List(ctx, routeList, client.MatchingFields{common.HTTPRouteParents: client.ObjectKeyFromObject(gw).String()}) | ||
| logger.V(1).Info("gatewayAPITopologyFromGateway: list httproutes from gateway", "err", err) | ||
| if err != nil { | ||
| return nil, err | ||
| } | ||
|
|
||
| rlpList := &kuadrantv1beta2.RateLimitPolicyList{} | ||
| // Get all the rate limit policies | ||
| // TODO(eastizle): Add index field?? | ||
| err = r.Client().List(ctx, rlpList) | ||
| logger.V(1).Info("gatewayAPITopologyFromGateway: list rate limit policies", "err", err) | ||
| if err != nil { | ||
| return nil, err | ||
| } | ||
|
|
||
| return common.NewKuadrantTopology( | ||
| []*gatewayapiv1.Gateway{gw}, | ||
| common.Map(routeList.Items, func(r gatewayapiv1.HTTPRoute) *gatewayapiv1.HTTPRoute { return &r }), | ||
| common.Map(rlpList.Items, func(p kuadrantv1beta2.RateLimitPolicy) common.KuadrantPolicy { return &p }), | ||
| ), nil | ||
| } | ||
|
|
||
| func (r *RateLimitingWASMPluginReconciler) WASMRateLimitPolicy(t *common.KuadrantTopology, rlp *kuadrantv1beta2.RateLimitPolicy, gw *gatewayapiv1.Gateway) *wasm.RateLimitPolicy { | ||
| gwHostnamesTmp := common.TargetHostnames(gw) | ||
| gwHostnames := common.Map(gwHostnamesTmp, func(str string) gatewayapiv1.Hostname { return gatewayapiv1.Hostname(str) }) | ||
|
|
@@ -274,11 +265,32 @@ func (r *RateLimitingWASMPluginReconciler) RouteFromRLP(t *common.KuadrantTopolo | |
|
|
||
| // SetupWithManager sets up the controller with the Manager. | ||
| func (r *RateLimitingWASMPluginReconciler) SetupWithManager(mgr ctrl.Manager) error { | ||
| httpRouteToParentGatewaysEventMapper := &common.HTTPRouteToParentGatewaysEventMapper{ | ||
| Logger: r.Logger().WithName("httpRouteToParentGatewaysEventMapper"), | ||
| } | ||
|
|
||
| rlpToParentGatewaysEventMapper := &common.KuadrantPolicyToParentGatewaysEventMapper{ | ||
| Logger: r.Logger().WithName("ratelimitpolicyToParentGatewaysEventMapper"), | ||
| Client: r.Client(), | ||
| } | ||
|
|
||
| return ctrl.NewControllerManagedBy(mgr). | ||
| // Rate limiting WASMPlugin controller only cares about | ||
| // the annotation having references to RLP's | ||
| // kuadrant.io/ratelimitpolicies | ||
| For(&gatewayapiv1.Gateway{}, builder.WithPredicates(predicate.AnnotationChangedPredicate{})). | ||
| // Gateway API Gateway | ||
| // Gateway API HTTPRoutes | ||
| // Kuadrant RateLimitPolicies | ||
|
|
||
| // The type of object being *reconciled* is the Gateway. | ||
| // TODO(eguzki): consider having the WasmPlugin as the type of object being *reconciled* | ||
| For(&gatewayapiv1.Gateway{}). | ||
| Owns(&istioclientgoextensionv1alpha1.WasmPlugin{}). | ||
| Watches( | ||
| &gatewayapiv1.HTTPRoute{}, | ||
| handler.EnqueueRequestsFromMapFunc(httpRouteToParentGatewaysEventMapper.Map), | ||
| ). | ||
| Watches( | ||
| &kuadrantv1beta2.RateLimitPolicy{}, | ||
| handler.EnqueueRequestsFromMapFunc(rlpToParentGatewaysEventMapper.Map), | ||
| ). | ||
| Complete(r) | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.