From 5211ffdfd0f6ab871db6478a0d5723041bf1de3f Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Tue, 18 Jun 2024 14:58:34 +0300 Subject: [PATCH 01/19] CoreDNS rewrite support. Signed-off-by: Avi Weit --- config/crds/clusterlink.net_imports.yaml | 4 + config/operator/rbac/role.yaml | 9 + pkg/apis/clusterlink.net/v1alpha1/import.go | 2 + pkg/controlplane/control/manager.go | 188 ++++++++++++++++-- .../controller/instance_controller.go | 3 +- 5 files changed, 191 insertions(+), 15 deletions(-) diff --git a/config/crds/clusterlink.net_imports.yaml b/config/crds/clusterlink.net_imports.yaml index 31fc41e31..ebbe9025a 100644 --- a/config/crds/clusterlink.net_imports.yaml +++ b/config/crds/clusterlink.net_imports.yaml @@ -40,6 +40,10 @@ spec: spec: description: Spec represents the attributes of the imported service. properties: + dnsName: + description: DnsName is an optional external dns name for this imported + service + type: string lbScheme: default: round-robin description: LBScheme is the load-balancing scheme to use (e.g., random, diff --git a/config/operator/rbac/role.yaml b/config/operator/rbac/role.yaml index 0d269ec51..c98131789 100644 --- a/config/operator/rbac/role.yaml +++ b/config/operator/rbac/role.yaml @@ -4,6 +4,14 @@ kind: ClusterRole metadata: name: cl-operator-manager-role rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - update - apiGroups: - "" resources: @@ -17,6 +25,7 @@ rules: resources: - pods verbs: + - delete - get - list - watch diff --git a/pkg/apis/clusterlink.net/v1alpha1/import.go b/pkg/apis/clusterlink.net/v1alpha1/import.go index c4d628fcb..5ab64479e 100644 --- a/pkg/apis/clusterlink.net/v1alpha1/import.go +++ b/pkg/apis/clusterlink.net/v1alpha1/import.go @@ -65,6 +65,8 @@ type ImportSpec struct { // +kubebuilder:default="round-robin" // LBScheme is the load-balancing scheme to use (e.g., random, static, round-robin) LBScheme LBScheme `json:"lbScheme"` + // DnsName is an optional external dns name for this imported service + DnsName string `json:"dnsName,omitempty"` } const ( diff --git a/pkg/controlplane/control/manager.go b/pkg/controlplane/control/manager.go index 256ed9f85..856d0f58a 100644 --- a/pkg/controlplane/control/manager.go +++ b/pkg/controlplane/control/manager.go @@ -144,6 +144,99 @@ type Manager struct { logger *logrus.Entry } +// Restart coredns pods +func coreDnsRestart(ctx context.Context, m *Manager) error { + var pods v1.PodList + if err := m.client.List(ctx, &pods, client.InNamespace("kube-system")); err != nil { + return err + } + + for _, pod := range pods.Items { + if strings.Contains(pod.Name, "coredns") { + m.logger.Infof("Deleting pod: %s/%s.", pod.Namespace, pod.Name) + err := m.client.Delete(ctx, &pod) + if err != nil { + return err + } + } + } + + return nil +} + +// Add coredns rewrite for a given external dns service +func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedName, dnsName string) error { + corednsName := types.NamespacedName{ + Name: "coredns", + Namespace: "kube-system", + } + var cm v1.ConfigMap + + if err := m.client.Get(ctx, corednsName, &cm); err != nil { + if k8serrors.IsNotFound(err) { + m.logger.Warnf("coredns configmap not found.") + return nil + } else { + return err + } + } + if data, ok := cm.Data["Corefile"]; ok { + // remove trailing end-of-line + dataEol := strings.TrimSuffix(data, "\n") + // break into lines + lines := strings.Split(dataEol, "\n") + serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) + + var coreFileUpdated = false + var rewriteLine = "" + for i, line := range lines { + if strings.Contains(line, serviceFqdn) { + // matched line already exists + break + } + // ready marker is reached - matched line not found, append it here + if strings.Contains(line, " ready") { + if strings.HasPrefix(dnsName, "*.") { + // wildcard dns + dnsName = strings.TrimPrefix(dnsName, "*") + dnsName = strings.ReplaceAll(dnsName, ".", "\\.") + dnsName = "(.*)" + dnsName + + rewriteLine = fmt.Sprintf(" rewrite name regex %s %s answer auto", dnsName, serviceFqdn) + } else { + rewriteLine = fmt.Sprintf(" rewrite name %s %s", dnsName, serviceFqdn) + } + // add matched line + lines = append(lines[:i+1], lines[i:]...) + lines[i] = rewriteLine + coreFileUpdated = true + break + } + } + + if coreFileUpdated { + // update configmap and restart the pods + var newLines string = "" + for _, line := range lines { + // return back EOL + newLines += (line + "\n") + } + cm.Data["Corefile"] = newLines + if err := m.client.Update(ctx, &cm); err != nil { + return err + } + + if err := coreDnsRestart(ctx, m); err != nil { + return err + } + } + } else { + return errors.New("coredns configmap['Corefile'] not found") + } + + return nil +} + // AddImport adds a listening socket for an imported remote service. func (m *Manager) AddImport(ctx context.Context, imp *v1alpha1.Import) (err error) { m.logger.Infof("Adding import '%s/%s'.", imp.Namespace, imp.Name) @@ -243,23 +336,88 @@ func (m *Manager) AddImport(ctx context.Context, imp *v1alpha1.Import) (err erro return err } - if imp.Namespace == m.namespace { - return nil + if imp.Namespace != m.namespace { + userService := &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: imp.Name, + Namespace: imp.Namespace, + Labels: make(map[string]string), + }, + Spec: v1.ServiceSpec{ + ExternalName: fmt.Sprintf("%s.%s.svc.cluster.local", serviceName, m.namespace), + Type: v1.ServiceTypeExternalName, + }, + } + + if err := m.addImportService(ctx, imp, userService); err != nil { + return err + } } - userService := &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Name: imp.Name, - Namespace: imp.Namespace, - Labels: make(map[string]string), - }, - Spec: v1.ServiceSpec{ - ExternalName: fmt.Sprintf("%s.%s.svc.cluster.local", serviceName, m.namespace), - Type: v1.ServiceTypeExternalName, - }, + if imp.Spec.DnsName != "" { + if err := addCoreDnsRewrite(ctx, m, &importName, imp.Spec.DnsName); err != nil { + m.logger.Errorf("Failed to configure CoreDns: %v.", err) + return err + } + } + return nil + +} + +// Remove coredns rewrite for a given external dns service +func removeCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedName) error { + corednsName := types.NamespacedName{ + Name: "coredns", + Namespace: "kube-system", } + var cm v1.ConfigMap - return m.addImportService(ctx, imp, userService) + if err := m.client.Get(ctx, corednsName, &cm); err != nil { + if k8serrors.IsNotFound(err) { + m.logger.Warnf("coredns configmap not found.") + return nil + } else { + return err + } + } + if data, ok := cm.Data["Corefile"]; ok { + // remove trailing end-of-line + dataEol := strings.TrimSuffix(data, "\n") + // break into lines + lines := strings.Split(dataEol, "\n") + serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) + + var coreFileUpdated = false + for i, line := range lines { + if strings.Contains(line, serviceFqdn) { + // remove matched line + lines = append(lines[:i], lines[i+1:]...) + coreFileUpdated = true + break + } + } + + if coreFileUpdated { + // update configmap and restart the pods + var newLines string = "" + for _, line := range lines { + // return back EOL + newLines += (line + "\n") + } + cm.Data["Corefile"] = newLines + if err := m.client.Update(ctx, &cm); err != nil { + return err + } + + if err := coreDnsRestart(ctx, m); err != nil { + return err + } + } + } else { + return errors.New("coredns configmap['Corefile'] not found") + } + + return nil } // DeleteImport removes the listening socket of a previously imported service. @@ -267,7 +425,7 @@ func (m *Manager) DeleteImport(ctx context.Context, name types.NamespacedName) e m.logger.Infof("Deleting import '%s/%s'.", name.Namespace, name.Name) // delete user service - errs := make([]error, 3) + errs := make([]error, 4) errs[0] = m.deleteImportService(ctx, name, name) if name.Namespace != m.namespace { @@ -284,6 +442,8 @@ func (m *Manager) DeleteImport(ctx context.Context, name types.NamespacedName) e m.ports.Release(name) + errs[3] = removeCoreDnsRewrite(ctx, m, &name) + return errors.Join(errs...) } diff --git a/pkg/operator/controller/instance_controller.go b/pkg/operator/controller/instance_controller.go index fa3482746..2d9393298 100644 --- a/pkg/operator/controller/instance_controller.go +++ b/pkg/operator/controller/instance_controller.go @@ -68,7 +68,8 @@ type InstanceReconciler struct { // +kubebuilder:rbac:groups="",resources=services;serviceaccounts,verbs=list;get;watch;create;update;patch;delete // +kubebuilder:rbac:groups="discovery.k8s.io",resources=endpointslices,verbs=list;get;watch;create;update;patch;delete // +kubebuilder:rbac:groups="",resources=nodes,verbs=list;get;watch -// +kubebuilder:rbac:groups="",resources=pods,verbs=list;get;watch +// +kubebuilder:rbac:groups="",resources=pods,verbs=list;get;delete;watch +// +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;update // +kubebuilder:rbac:groups=clusterlink.net,resources=exports;peers;accesspolicies;privilegedaccesspolicies,verbs=list;get;watch // +kubebuilder:rbac:groups=clusterlink.net,resources=imports,verbs=get;list;watch;update // +kubebuilder:rbac:groups=clusterlink.net,resources=peers/status;exports/status;imports/status,verbs=update From 083a46ccdcacb3300c44859a9bc8c1348350e5f4 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Tue, 18 Jun 2024 16:23:39 +0300 Subject: [PATCH 02/19] Update policy in instance_controller.go. Signed-off-by: Avi Weit --- pkg/operator/controller/instance_controller.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkg/operator/controller/instance_controller.go b/pkg/operator/controller/instance_controller.go index 2d9393298..0b4913711 100644 --- a/pkg/operator/controller/instance_controller.go +++ b/pkg/operator/controller/instance_controller.go @@ -429,6 +429,13 @@ func (r *InstanceReconciler) createAccessControl(ctx context.Context, name, name "get", "list", "watch", "create", "delete", "update", }, }, + { + APIGroups: []string{""}, + Resources: []string{"configmaps"}, + Verbs: []string{ + "get", "list", "update", + }, + }, { APIGroups: []string{"discovery.k8s.io"}, Resources: []string{"endpointslices"}, @@ -439,7 +446,7 @@ func (r *InstanceReconciler) createAccessControl(ctx context.Context, name, name { APIGroups: []string{""}, Resources: []string{"pods"}, - Verbs: []string{"get", "list", "watch"}, + Verbs: []string{"get", "delete", "list", "watch"}, }, { APIGroups: []string{"clusterlink.net"}, From fdcd150c60491b811018aecd068e62e5e9adbaf7 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Tue, 18 Jun 2024 17:03:28 +0300 Subject: [PATCH 03/19] Update configmap rbac. Signed-off-by: Avi Weit --- config/operator/rbac/role.yaml | 1 + pkg/operator/controller/instance_controller.go | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/config/operator/rbac/role.yaml b/config/operator/rbac/role.yaml index c98131789..9876ce1fd 100644 --- a/config/operator/rbac/role.yaml +++ b/config/operator/rbac/role.yaml @@ -12,6 +12,7 @@ rules: - get - list - update + - watch - apiGroups: - "" resources: diff --git a/pkg/operator/controller/instance_controller.go b/pkg/operator/controller/instance_controller.go index 0b4913711..9e8f13575 100644 --- a/pkg/operator/controller/instance_controller.go +++ b/pkg/operator/controller/instance_controller.go @@ -69,7 +69,7 @@ type InstanceReconciler struct { // +kubebuilder:rbac:groups="discovery.k8s.io",resources=endpointslices,verbs=list;get;watch;create;update;patch;delete // +kubebuilder:rbac:groups="",resources=nodes,verbs=list;get;watch // +kubebuilder:rbac:groups="",resources=pods,verbs=list;get;delete;watch -// +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;update +// +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;update;watch // +kubebuilder:rbac:groups=clusterlink.net,resources=exports;peers;accesspolicies;privilegedaccesspolicies,verbs=list;get;watch // +kubebuilder:rbac:groups=clusterlink.net,resources=imports,verbs=get;list;watch;update // +kubebuilder:rbac:groups=clusterlink.net,resources=peers/status;exports/status;imports/status,verbs=update @@ -433,7 +433,7 @@ func (r *InstanceReconciler) createAccessControl(ctx context.Context, name, name APIGroups: []string{""}, Resources: []string{"configmaps"}, Verbs: []string{ - "get", "list", "update", + "get", "list", "update", "watch", }, }, { From b287952cc374a1df773cdbd6a97bbc7b1b2b7ec4 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Wed, 19 Jun 2024 14:51:44 +0300 Subject: [PATCH 04/19] Update pkg/controlplane/control/manager.go Co-authored-by: Etai Lev Ran Signed-off-by: Avi Weit --- pkg/controlplane/control/manager.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkg/controlplane/control/manager.go b/pkg/controlplane/control/manager.go index 856d0f58a..062a4db0f 100644 --- a/pkg/controlplane/control/manager.go +++ b/pkg/controlplane/control/manager.go @@ -196,8 +196,7 @@ func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedNa } // ready marker is reached - matched line not found, append it here if strings.Contains(line, " ready") { - if strings.HasPrefix(dnsName, "*.") { - // wildcard dns + if strings.HasPrefix(dnsName, "*.") { // wildcard DNS dnsName = strings.TrimPrefix(dnsName, "*") dnsName = strings.ReplaceAll(dnsName, ".", "\\.") dnsName = "(.*)" + dnsName From 52ad6aff5ae15745216796da1c45989783f8b740 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Wed, 19 Jun 2024 14:52:35 +0300 Subject: [PATCH 05/19] Update pkg/apis/clusterlink.net/v1alpha1/import.go Co-authored-by: Etai Lev Ran Signed-off-by: Avi Weit --- pkg/apis/clusterlink.net/v1alpha1/import.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/apis/clusterlink.net/v1alpha1/import.go b/pkg/apis/clusterlink.net/v1alpha1/import.go index 5ab64479e..cf3374c70 100644 --- a/pkg/apis/clusterlink.net/v1alpha1/import.go +++ b/pkg/apis/clusterlink.net/v1alpha1/import.go @@ -65,8 +65,8 @@ type ImportSpec struct { // +kubebuilder:default="round-robin" // LBScheme is the load-balancing scheme to use (e.g., random, static, round-robin) LBScheme LBScheme `json:"lbScheme"` - // DnsName is an optional external dns name for this imported service - DnsName string `json:"dnsName,omitempty"` + // DNSName is an optional external DNS name for this imported service + DNSName string `json:"dnsName,omitempty"` } const ( From bb9b316a6c3ccd11570cdbce2dd1829c3203a5fd Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Wed, 19 Jun 2024 16:23:34 +0300 Subject: [PATCH 06/19] Rename DNSName to Alias. Signed-off-by: Avi Weit --- pkg/apis/clusterlink.net/v1alpha1/import.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/apis/clusterlink.net/v1alpha1/import.go b/pkg/apis/clusterlink.net/v1alpha1/import.go index cf3374c70..0824f9353 100644 --- a/pkg/apis/clusterlink.net/v1alpha1/import.go +++ b/pkg/apis/clusterlink.net/v1alpha1/import.go @@ -65,8 +65,8 @@ type ImportSpec struct { // +kubebuilder:default="round-robin" // LBScheme is the load-balancing scheme to use (e.g., random, static, round-robin) LBScheme LBScheme `json:"lbScheme"` - // DNSName is an optional external DNS name for this imported service - DNSName string `json:"dnsName,omitempty"` + // Alias is an optional external DNS name for this imported service + Alias string `json:"alias,omitempty"` } const ( From e7dad17f5612bc882d9dadf287b8a06fddc9cf35 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Wed, 19 Jun 2024 13:27:02 +0000 Subject: [PATCH 07/19] Updates per make codegen. Signed-off-by: Avi Weit --- config/crds/clusterlink.net_imports.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/crds/clusterlink.net_imports.yaml b/config/crds/clusterlink.net_imports.yaml index ebbe9025a..577752070 100644 --- a/config/crds/clusterlink.net_imports.yaml +++ b/config/crds/clusterlink.net_imports.yaml @@ -40,8 +40,8 @@ spec: spec: description: Spec represents the attributes of the imported service. properties: - dnsName: - description: DnsName is an optional external dns name for this imported + alias: + description: Alias is an optional external DNS name for this imported service type: string lbScheme: From 6e337cf627064f0dcf3eace55f25b1365a02e002 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Wed, 19 Jun 2024 16:37:38 +0300 Subject: [PATCH 08/19] Updates per dnsName to alias rename and apply nit suggestions. Signed-off-by: Avi Weit --- pkg/controlplane/control/manager.go | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/pkg/controlplane/control/manager.go b/pkg/controlplane/control/manager.go index 062a4db0f..c3b3c0849 100644 --- a/pkg/controlplane/control/manager.go +++ b/pkg/controlplane/control/manager.go @@ -165,7 +165,7 @@ func coreDnsRestart(ctx context.Context, m *Manager) error { } // Add coredns rewrite for a given external dns service -func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedName, dnsName string) error { +func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedName, alias string) error { corednsName := types.NamespacedName{ Name: "coredns", Namespace: "kube-system", @@ -182,9 +182,9 @@ func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedNa } if data, ok := cm.Data["Corefile"]; ok { // remove trailing end-of-line - dataEol := strings.TrimSuffix(data, "\n") + data := strings.TrimSuffix(data, "\n") // break into lines - lines := strings.Split(dataEol, "\n") + lines := strings.Split(data, "\n") serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) var coreFileUpdated = false @@ -196,14 +196,14 @@ func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedNa } // ready marker is reached - matched line not found, append it here if strings.Contains(line, " ready") { - if strings.HasPrefix(dnsName, "*.") { // wildcard DNS - dnsName = strings.TrimPrefix(dnsName, "*") - dnsName = strings.ReplaceAll(dnsName, ".", "\\.") - dnsName = "(.*)" + dnsName + if strings.HasPrefix(alias, "*.") { // wildcard DNS + alias = strings.TrimPrefix(alias, "*") + alias = strings.ReplaceAll(alias, ".", "\\.") + alias = "(.*)" + alias - rewriteLine = fmt.Sprintf(" rewrite name regex %s %s answer auto", dnsName, serviceFqdn) + rewriteLine = fmt.Sprintf(" rewrite name regex %s %s answer auto", alias, serviceFqdn) } else { - rewriteLine = fmt.Sprintf(" rewrite name %s %s", dnsName, serviceFqdn) + rewriteLine = fmt.Sprintf(" rewrite name %s %s", alias, serviceFqdn) } // add matched line lines = append(lines[:i+1], lines[i:]...) @@ -353,8 +353,8 @@ func (m *Manager) AddImport(ctx context.Context, imp *v1alpha1.Import) (err erro } } - if imp.Spec.DnsName != "" { - if err := addCoreDnsRewrite(ctx, m, &importName, imp.Spec.DnsName); err != nil { + if imp.Spec.Alias != "" { + if err := addCoreDnsRewrite(ctx, m, &importName, imp.Spec.Alias); err != nil { m.logger.Errorf("Failed to configure CoreDns: %v.", err) return err } From 92c266aed4a1b6f15523f50482739165d0d9d3e5 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Wed, 19 Jun 2024 17:14:53 +0300 Subject: [PATCH 09/19] Move coredns related functions to dns.go. Signed-off-by: Avi Weit --- pkg/controlplane/control/dns.go | 174 ++++++++++++++++++++++++++++ pkg/controlplane/control/manager.go | 148 ----------------------- 2 files changed, 174 insertions(+), 148 deletions(-) create mode 100644 pkg/controlplane/control/dns.go diff --git a/pkg/controlplane/control/dns.go b/pkg/controlplane/control/dns.go new file mode 100644 index 000000000..3354875c2 --- /dev/null +++ b/pkg/controlplane/control/dns.go @@ -0,0 +1,174 @@ +// Copyright (c) The ClusterLink Authors. +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package control + +import ( + "context" + "errors" + "fmt" + "strings" + + v1 "k8s.io/api/core/v1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +// Restart coredns pods +func coreDnsRestart(ctx context.Context, m *Manager) error { + var pods v1.PodList + if err := m.client.List(ctx, &pods, client.InNamespace("kube-system")); err != nil { + return err + } + + for _, pod := range pods.Items { + if strings.Contains(pod.Name, "coredns") { + m.logger.Infof("Deleting pod: %s/%s.", pod.Namespace, pod.Name) + err := m.client.Delete(ctx, &pod) + if err != nil { + return err + } + } + } + + return nil +} + +// Add coredns rewrite for a given external dns service +func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedName, alias string) error { + corednsName := types.NamespacedName{ + Name: "coredns", + Namespace: "kube-system", + } + var cm v1.ConfigMap + + if err := m.client.Get(ctx, corednsName, &cm); err != nil { + if k8serrors.IsNotFound(err) { + m.logger.Warnf("coredns configmap not found.") + return nil + } else { + return err + } + } + if data, ok := cm.Data["Corefile"]; ok { + // remove trailing end-of-line + data := strings.TrimSuffix(data, "\n") + // break into lines + lines := strings.Split(data, "\n") + serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) + + var coreFileUpdated = false + var rewriteLine = "" + for i, line := range lines { + if strings.Contains(line, serviceFqdn) { + // matched line already exists + break + } + // ready marker is reached - matched line not found, append it here + if strings.Contains(line, " ready") { + if strings.HasPrefix(alias, "*.") { // wildcard DNS + alias = strings.TrimPrefix(alias, "*") + alias = strings.ReplaceAll(alias, ".", "\\.") + alias = "(.*)" + alias + + rewriteLine = fmt.Sprintf(" rewrite name regex %s %s answer auto", alias, serviceFqdn) + } else { + rewriteLine = fmt.Sprintf(" rewrite name %s %s", alias, serviceFqdn) + } + // add matched line + lines = append(lines[:i+1], lines[i:]...) + lines[i] = rewriteLine + coreFileUpdated = true + break + } + } + + if coreFileUpdated { + // update configmap and restart the pods + var newLines string = "" + for _, line := range lines { + // return back EOL + newLines += (line + "\n") + } + cm.Data["Corefile"] = newLines + if err := m.client.Update(ctx, &cm); err != nil { + return err + } + + if err := coreDnsRestart(ctx, m); err != nil { + return err + } + } + } else { + return errors.New("coredns configmap['Corefile'] not found") + } + + return nil +} + +// Remove coredns rewrite for a given external dns service +func removeCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedName) error { + corednsName := types.NamespacedName{ + Name: "coredns", + Namespace: "kube-system", + } + var cm v1.ConfigMap + + if err := m.client.Get(ctx, corednsName, &cm); err != nil { + if k8serrors.IsNotFound(err) { + m.logger.Warnf("coredns configmap not found.") + return nil + } else { + return err + } + } + if data, ok := cm.Data["Corefile"]; ok { + // remove trailing end-of-line + dataEol := strings.TrimSuffix(data, "\n") + // break into lines + lines := strings.Split(dataEol, "\n") + serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) + + var coreFileUpdated = false + for i, line := range lines { + if strings.Contains(line, serviceFqdn) { + // remove matched line + lines = append(lines[:i], lines[i+1:]...) + coreFileUpdated = true + break + } + } + + if coreFileUpdated { + // update configmap and restart the pods + var newLines string = "" + for _, line := range lines { + // return back EOL + newLines += (line + "\n") + } + cm.Data["Corefile"] = newLines + if err := m.client.Update(ctx, &cm); err != nil { + return err + } + + if err := coreDnsRestart(ctx, m); err != nil { + return err + } + } + } else { + return errors.New("coredns configmap['Corefile'] not found") + } + + return nil +} diff --git a/pkg/controlplane/control/manager.go b/pkg/controlplane/control/manager.go index c3b3c0849..27d14c8f9 100644 --- a/pkg/controlplane/control/manager.go +++ b/pkg/controlplane/control/manager.go @@ -144,98 +144,6 @@ type Manager struct { logger *logrus.Entry } -// Restart coredns pods -func coreDnsRestart(ctx context.Context, m *Manager) error { - var pods v1.PodList - if err := m.client.List(ctx, &pods, client.InNamespace("kube-system")); err != nil { - return err - } - - for _, pod := range pods.Items { - if strings.Contains(pod.Name, "coredns") { - m.logger.Infof("Deleting pod: %s/%s.", pod.Namespace, pod.Name) - err := m.client.Delete(ctx, &pod) - if err != nil { - return err - } - } - } - - return nil -} - -// Add coredns rewrite for a given external dns service -func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedName, alias string) error { - corednsName := types.NamespacedName{ - Name: "coredns", - Namespace: "kube-system", - } - var cm v1.ConfigMap - - if err := m.client.Get(ctx, corednsName, &cm); err != nil { - if k8serrors.IsNotFound(err) { - m.logger.Warnf("coredns configmap not found.") - return nil - } else { - return err - } - } - if data, ok := cm.Data["Corefile"]; ok { - // remove trailing end-of-line - data := strings.TrimSuffix(data, "\n") - // break into lines - lines := strings.Split(data, "\n") - serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) - - var coreFileUpdated = false - var rewriteLine = "" - for i, line := range lines { - if strings.Contains(line, serviceFqdn) { - // matched line already exists - break - } - // ready marker is reached - matched line not found, append it here - if strings.Contains(line, " ready") { - if strings.HasPrefix(alias, "*.") { // wildcard DNS - alias = strings.TrimPrefix(alias, "*") - alias = strings.ReplaceAll(alias, ".", "\\.") - alias = "(.*)" + alias - - rewriteLine = fmt.Sprintf(" rewrite name regex %s %s answer auto", alias, serviceFqdn) - } else { - rewriteLine = fmt.Sprintf(" rewrite name %s %s", alias, serviceFqdn) - } - // add matched line - lines = append(lines[:i+1], lines[i:]...) - lines[i] = rewriteLine - coreFileUpdated = true - break - } - } - - if coreFileUpdated { - // update configmap and restart the pods - var newLines string = "" - for _, line := range lines { - // return back EOL - newLines += (line + "\n") - } - cm.Data["Corefile"] = newLines - if err := m.client.Update(ctx, &cm); err != nil { - return err - } - - if err := coreDnsRestart(ctx, m); err != nil { - return err - } - } - } else { - return errors.New("coredns configmap['Corefile'] not found") - } - - return nil -} - // AddImport adds a listening socket for an imported remote service. func (m *Manager) AddImport(ctx context.Context, imp *v1alpha1.Import) (err error) { m.logger.Infof("Adding import '%s/%s'.", imp.Namespace, imp.Name) @@ -363,62 +271,6 @@ func (m *Manager) AddImport(ctx context.Context, imp *v1alpha1.Import) (err erro } -// Remove coredns rewrite for a given external dns service -func removeCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedName) error { - corednsName := types.NamespacedName{ - Name: "coredns", - Namespace: "kube-system", - } - var cm v1.ConfigMap - - if err := m.client.Get(ctx, corednsName, &cm); err != nil { - if k8serrors.IsNotFound(err) { - m.logger.Warnf("coredns configmap not found.") - return nil - } else { - return err - } - } - if data, ok := cm.Data["Corefile"]; ok { - // remove trailing end-of-line - dataEol := strings.TrimSuffix(data, "\n") - // break into lines - lines := strings.Split(dataEol, "\n") - serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) - - var coreFileUpdated = false - for i, line := range lines { - if strings.Contains(line, serviceFqdn) { - // remove matched line - lines = append(lines[:i], lines[i+1:]...) - coreFileUpdated = true - break - } - } - - if coreFileUpdated { - // update configmap and restart the pods - var newLines string = "" - for _, line := range lines { - // return back EOL - newLines += (line + "\n") - } - cm.Data["Corefile"] = newLines - if err := m.client.Update(ctx, &cm); err != nil { - return err - } - - if err := coreDnsRestart(ctx, m); err != nil { - return err - } - } - } else { - return errors.New("coredns configmap['Corefile'] not found") - } - - return nil -} - // DeleteImport removes the listening socket of a previously imported service. func (m *Manager) DeleteImport(ctx context.Context, name types.NamespacedName) error { m.logger.Infof("Deleting import '%s/%s'.", name.Namespace, name.Name) From 8d7cda9177e485d7573c85a782e081b778004ac1 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Thu, 20 Jun 2024 11:19:31 +0300 Subject: [PATCH 10/19] Update pkg/controlplane/control/dns.go Co-authored-by: Etai Lev Ran Signed-off-by: Avi Weit --- pkg/controlplane/control/dns.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/controlplane/control/dns.go b/pkg/controlplane/control/dns.go index 3354875c2..575338ab1 100644 --- a/pkg/controlplane/control/dns.go +++ b/pkg/controlplane/control/dns.go @@ -26,7 +26,7 @@ import ( ) // Restart coredns pods -func coreDnsRestart(ctx context.Context, m *Manager) error { +func restartCoreDNS(ctx context.Context, m *Manager) error { var pods v1.PodList if err := m.client.List(ctx, &pods, client.InNamespace("kube-system")); err != nil { return err From d6b94fa9b27ebbcd6372020c1d65cb8e294b59f8 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Thu, 20 Jun 2024 11:22:28 +0300 Subject: [PATCH 11/19] Update pkg/controlplane/control/manager.go Co-authored-by: Etai Lev Ran Signed-off-by: Avi Weit --- pkg/controlplane/control/manager.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/controlplane/control/manager.go b/pkg/controlplane/control/manager.go index 27d14c8f9..2bd48795a 100644 --- a/pkg/controlplane/control/manager.go +++ b/pkg/controlplane/control/manager.go @@ -263,7 +263,7 @@ func (m *Manager) AddImport(ctx context.Context, imp *v1alpha1.Import) (err erro if imp.Spec.Alias != "" { if err := addCoreDnsRewrite(ctx, m, &importName, imp.Spec.Alias); err != nil { - m.logger.Errorf("Failed to configure CoreDns: %v.", err) + m.logger.Errorf("failed to configure CoreDNS: %v.", err) return err } } From b31c0a38fbbb9bd9983dd3cd409e47f94c5c51eb Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Thu, 20 Jun 2024 12:27:50 +0300 Subject: [PATCH 12/19] Pass client, logger to dns methods. Signed-off-by: Avi Weit --- pkg/controlplane/control/dns.go | 29 +++++++++++++++-------------- pkg/controlplane/control/manager.go | 4 ++-- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/pkg/controlplane/control/dns.go b/pkg/controlplane/control/dns.go index 575338ab1..0fb6486e6 100644 --- a/pkg/controlplane/control/dns.go +++ b/pkg/controlplane/control/dns.go @@ -19,6 +19,7 @@ import ( "fmt" "strings" + "github.com/sirupsen/logrus" v1 "k8s.io/api/core/v1" k8serrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/types" @@ -26,16 +27,16 @@ import ( ) // Restart coredns pods -func restartCoreDNS(ctx context.Context, m *Manager) error { +func restartCoreDNS(ctx context.Context, mClient client.Client, logger *logrus.Entry) error { var pods v1.PodList - if err := m.client.List(ctx, &pods, client.InNamespace("kube-system")); err != nil { + if err := mClient.List(ctx, &pods, client.InNamespace("kube-system")); err != nil { return err } for _, pod := range pods.Items { if strings.Contains(pod.Name, "coredns") { - m.logger.Infof("Deleting pod: %s/%s.", pod.Namespace, pod.Name) - err := m.client.Delete(ctx, &pod) + logger.Infof("Deleting pod: %s/%s.", pod.Namespace, pod.Name) + err := mClient.Delete(ctx, &pod) if err != nil { return err } @@ -46,16 +47,16 @@ func restartCoreDNS(ctx context.Context, m *Manager) error { } // Add coredns rewrite for a given external dns service -func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedName, alias string) error { +func addCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logrus.Entry, name *types.NamespacedName, alias string) error { corednsName := types.NamespacedName{ Name: "coredns", Namespace: "kube-system", } var cm v1.ConfigMap - if err := m.client.Get(ctx, corednsName, &cm); err != nil { + if err := mClient.Get(ctx, corednsName, &cm); err != nil { if k8serrors.IsNotFound(err) { - m.logger.Warnf("coredns configmap not found.") + logger.Warnf("coredns configmap not found.") return nil } else { return err @@ -102,11 +103,11 @@ func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedNa newLines += (line + "\n") } cm.Data["Corefile"] = newLines - if err := m.client.Update(ctx, &cm); err != nil { + if err := mClient.Update(ctx, &cm); err != nil { return err } - if err := coreDnsRestart(ctx, m); err != nil { + if err := restartCoreDNS(ctx, mClient, logger); err != nil { return err } } @@ -118,16 +119,16 @@ func addCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedNa } // Remove coredns rewrite for a given external dns service -func removeCoreDnsRewrite(ctx context.Context, m *Manager, name *types.NamespacedName) error { +func removeCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logrus.Entry, name *types.NamespacedName) error { corednsName := types.NamespacedName{ Name: "coredns", Namespace: "kube-system", } var cm v1.ConfigMap - if err := m.client.Get(ctx, corednsName, &cm); err != nil { + if err := mClient.Get(ctx, corednsName, &cm); err != nil { if k8serrors.IsNotFound(err) { - m.logger.Warnf("coredns configmap not found.") + logger.Warnf("coredns configmap not found.") return nil } else { return err @@ -158,11 +159,11 @@ func removeCoreDnsRewrite(ctx context.Context, m *Manager, name *types.Namespace newLines += (line + "\n") } cm.Data["Corefile"] = newLines - if err := m.client.Update(ctx, &cm); err != nil { + if err := mClient.Update(ctx, &cm); err != nil { return err } - if err := coreDnsRestart(ctx, m); err != nil { + if err := restartCoreDNS(ctx, mClient, logger); err != nil { return err } } diff --git a/pkg/controlplane/control/manager.go b/pkg/controlplane/control/manager.go index 2bd48795a..0bdb811ea 100644 --- a/pkg/controlplane/control/manager.go +++ b/pkg/controlplane/control/manager.go @@ -262,7 +262,7 @@ func (m *Manager) AddImport(ctx context.Context, imp *v1alpha1.Import) (err erro } if imp.Spec.Alias != "" { - if err := addCoreDnsRewrite(ctx, m, &importName, imp.Spec.Alias); err != nil { + if err := addCoreDNSRewrite(ctx, m.client, m.logger, &importName, imp.Spec.Alias); err != nil { m.logger.Errorf("failed to configure CoreDNS: %v.", err) return err } @@ -293,7 +293,7 @@ func (m *Manager) DeleteImport(ctx context.Context, name types.NamespacedName) e m.ports.Release(name) - errs[3] = removeCoreDnsRewrite(ctx, m, &name) + errs[3] = removeCoreDNSRewrite(ctx, m.client, m.logger, &name) return errors.Join(errs...) } From cbe72e2315cdb08b07881d3c11ca7946a2e5b3fb Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Mon, 24 Jun 2024 17:36:16 +0300 Subject: [PATCH 13/19] Patch coredns deployment to trigger pod restart. Signed-off-by: Avi Weit --- cmd/cl-controlplane/app/server.go | 6 ++++ config/operator/rbac/role.yaml | 1 - pkg/controlplane/control/dns.go | 32 +++++++++++-------- .../controller/instance_controller.go | 9 ++++-- 4 files changed, 32 insertions(+), 16 deletions(-) diff --git a/cmd/cl-controlplane/app/server.go b/cmd/cl-controlplane/app/server.go index 306365754..9ef9fc246 100644 --- a/cmd/cl-controlplane/app/server.go +++ b/cmd/cl-controlplane/app/server.go @@ -23,7 +23,9 @@ import ( "github.com/sirupsen/logrus" "github.com/spf13/cobra" "github.com/spf13/pflag" + appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" + discv1 "k8s.io/api/discovery/v1" "k8s.io/client-go/rest" ctrl "sigs.k8s.io/controller-runtime" @@ -152,6 +154,10 @@ func (o *Options) Run() error { return fmt.Errorf("unable to add discovery v1 objects to scheme: %w", err) } + if err := appsv1.AddToScheme(scheme); err != nil { + return fmt.Errorf("unable to add core appsv1 objects to scheme: %w", err) + } + // set logger for controller-runtime components ctrl.SetLogger(logrusr.New(logrus.WithField("component", "k8s.controller-runtime"))) diff --git a/config/operator/rbac/role.yaml b/config/operator/rbac/role.yaml index 9876ce1fd..49c0fb40d 100644 --- a/config/operator/rbac/role.yaml +++ b/config/operator/rbac/role.yaml @@ -26,7 +26,6 @@ rules: resources: - pods verbs: - - delete - get - list - watch diff --git a/pkg/controlplane/control/dns.go b/pkg/controlplane/control/dns.go index 0fb6486e6..13226e536 100644 --- a/pkg/controlplane/control/dns.go +++ b/pkg/controlplane/control/dns.go @@ -18,32 +18,38 @@ import ( "errors" "fmt" "strings" + "time" "github.com/sirupsen/logrus" + appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" ) -// Restart coredns pods +// Restart coredns deployment func restartCoreDNS(ctx context.Context, mClient client.Client, logger *logrus.Entry) error { - var pods v1.PodList - if err := mClient.List(ctx, &pods, client.InNamespace("kube-system")); err != nil { + logger.Infof("restarting coredns deployment") + patch := []byte( + fmt.Sprintf( + `{"spec": {"template": {"metadata": {"annotations":{"kubectl.kubernetes.io/restartedAt": "%s"}}}}}`, + time.Now().String(), + ), + ) + + if err := mClient.Patch(ctx, &appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "coredns", + }, + }, client.RawPatch(types.StrategicMergePatchType, patch)); err != nil { return err } - for _, pod := range pods.Items { - if strings.Contains(pod.Name, "coredns") { - logger.Infof("Deleting pod: %s/%s.", pod.Namespace, pod.Name) - err := mClient.Delete(ctx, &pod) - if err != nil { - return err - } - } - } - return nil + } // Add coredns rewrite for a given external dns service diff --git a/pkg/operator/controller/instance_controller.go b/pkg/operator/controller/instance_controller.go index 9e8f13575..7ecfeb94a 100644 --- a/pkg/operator/controller/instance_controller.go +++ b/pkg/operator/controller/instance_controller.go @@ -68,7 +68,7 @@ type InstanceReconciler struct { // +kubebuilder:rbac:groups="",resources=services;serviceaccounts,verbs=list;get;watch;create;update;patch;delete // +kubebuilder:rbac:groups="discovery.k8s.io",resources=endpointslices,verbs=list;get;watch;create;update;patch;delete // +kubebuilder:rbac:groups="",resources=nodes,verbs=list;get;watch -// +kubebuilder:rbac:groups="",resources=pods,verbs=list;get;delete;watch +// +kubebuilder:rbac:groups="",resources=pods,verbs=list;get;watch // +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;update;watch // +kubebuilder:rbac:groups=clusterlink.net,resources=exports;peers;accesspolicies;privilegedaccesspolicies,verbs=list;get;watch // +kubebuilder:rbac:groups=clusterlink.net,resources=imports,verbs=get;list;watch;update @@ -446,7 +446,12 @@ func (r *InstanceReconciler) createAccessControl(ctx context.Context, name, name { APIGroups: []string{""}, Resources: []string{"pods"}, - Verbs: []string{"get", "delete", "list", "watch"}, + Verbs: []string{"get", "list", "watch"}, + }, + { + APIGroups: []string{"apps"}, + Resources: []string{"deployments"}, + Verbs: []string{"get", "list", "watch", "update", "patch"}, }, { APIGroups: []string{"clusterlink.net"}, From f73b4b97901031fe395448f19a51b439195592f1 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Tue, 25 Jun 2024 09:15:46 +0000 Subject: [PATCH 14/19] Lint. Signed-off-by: Avi Weit --- pkg/controlplane/control/dns.go | 7 +++---- pkg/controlplane/control/manager.go | 2 -- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/pkg/controlplane/control/dns.go b/pkg/controlplane/control/dns.go index 13226e536..e96e4be30 100644 --- a/pkg/controlplane/control/dns.go +++ b/pkg/controlplane/control/dns.go @@ -49,7 +49,6 @@ func restartCoreDNS(ctx context.Context, mClient client.Client, logger *logrus.E } return nil - } // Add coredns rewrite for a given external dns service @@ -75,8 +74,8 @@ func addCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logru lines := strings.Split(data, "\n") serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) - var coreFileUpdated = false - var rewriteLine = "" + coreFileUpdated := false + rewriteLine := "" for i, line := range lines { if strings.Contains(line, serviceFqdn) { // matched line already exists @@ -147,7 +146,7 @@ func removeCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *lo lines := strings.Split(dataEol, "\n") serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) - var coreFileUpdated = false + coreFileUpdated := false for i, line := range lines { if strings.Contains(line, serviceFqdn) { // remove matched line diff --git a/pkg/controlplane/control/manager.go b/pkg/controlplane/control/manager.go index 2f7b5ffa7..0f35f8f70 100644 --- a/pkg/controlplane/control/manager.go +++ b/pkg/controlplane/control/manager.go @@ -278,7 +278,6 @@ func (m *Manager) addImport(ctx context.Context, imp *v1alpha1.Import) (err erro } } return nil - } // deleteImport removes the listening socket of a previously imported service. @@ -900,7 +899,6 @@ func generateJWKSecret() ([]byte, error) { Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(rsaKey), }) - if err != nil { return nil, fmt.Errorf("cannot encode JWK key: %w", err) } From 805194cbf2d96fa149c67262859ceb91a5da3e25 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Tue, 25 Jun 2024 11:10:37 +0000 Subject: [PATCH 15/19] Lint. Signed-off-by: Avi Weit --- pkg/controlplane/control/dns.go | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/pkg/controlplane/control/dns.go b/pkg/controlplane/control/dns.go index e96e4be30..e12d7ba03 100644 --- a/pkg/controlplane/control/dns.go +++ b/pkg/controlplane/control/dns.go @@ -29,12 +29,12 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" ) -// Restart coredns deployment +// Restart coredns deployment. func restartCoreDNS(ctx context.Context, mClient client.Client, logger *logrus.Entry) error { logger.Infof("restarting coredns deployment") patch := []byte( fmt.Sprintf( - `{"spec": {"template": {"metadata": {"annotations":{"kubectl.kubernetes.io/restartedAt": "%s"}}}}}`, + `{"spec": {"template": {"metadata": {"annotations":{"kubectl.kubernetes.io/restartedAt": %q}}}}}`, time.Now().String(), ), ) @@ -51,7 +51,7 @@ func restartCoreDNS(ctx context.Context, mClient client.Client, logger *logrus.E return nil } -// Add coredns rewrite for a given external dns service +// Add coredns rewrite for a given external dns service. func addCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logrus.Entry, name *types.NamespacedName, alias string) error { corednsName := types.NamespacedName{ Name: "coredns", @@ -63,9 +63,8 @@ func addCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logru if k8serrors.IsNotFound(err) { logger.Warnf("coredns configmap not found.") return nil - } else { - return err } + return err } if data, ok := cm.Data["Corefile"]; ok { // remove trailing end-of-line @@ -135,9 +134,8 @@ func removeCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *lo if k8serrors.IsNotFound(err) { logger.Warnf("coredns configmap not found.") return nil - } else { - return err } + return err } if data, ok := cm.Data["Corefile"]; ok { // remove trailing end-of-line From 40d67ced9a820980dfd247fa5122ba71f6a07696 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Tue, 25 Jun 2024 11:25:00 +0000 Subject: [PATCH 16/19] Lint. Signed-off-by: Avi Weit --- pkg/controlplane/control/dns.go | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/pkg/controlplane/control/dns.go b/pkg/controlplane/control/dns.go index e12d7ba03..1ec9de190 100644 --- a/pkg/controlplane/control/dns.go +++ b/pkg/controlplane/control/dns.go @@ -52,7 +52,9 @@ func restartCoreDNS(ctx context.Context, mClient client.Client, logger *logrus.E } // Add coredns rewrite for a given external dns service. -func addCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logrus.Entry, name *types.NamespacedName, alias string) error { +func addCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logrus.Entry, name *types.NamespacedName, + alias string, +) error { corednsName := types.NamespacedName{ Name: "coredns", Namespace: "kube-system", @@ -101,7 +103,7 @@ func addCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logru if coreFileUpdated { // update configmap and restart the pods - var newLines string = "" + var newLines string for _, line := range lines { // return back EOL newLines += (line + "\n") @@ -122,7 +124,7 @@ func addCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logru return nil } -// Remove coredns rewrite for a given external dns service +// Remove coredns rewrite for a given external dns service. func removeCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logrus.Entry, name *types.NamespacedName) error { corednsName := types.NamespacedName{ Name: "coredns", @@ -156,7 +158,7 @@ func removeCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *lo if coreFileUpdated { // update configmap and restart the pods - var newLines string = "" + var newLines string for _, line := range lines { // return back EOL newLines += (line + "\n") From f0cb1269a1eae0945b64b37f5a694574d8a5e898 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Tue, 25 Jun 2024 16:02:47 +0300 Subject: [PATCH 17/19] Add configmaps to role at bootstrap/platform/k8s.go. Signed-off-by: Avi Weit --- pkg/bootstrap/platform/k8s.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkg/bootstrap/platform/k8s.go b/pkg/bootstrap/platform/k8s.go index efc84ec0e..86cc8c8d9 100644 --- a/pkg/bootstrap/platform/k8s.go +++ b/pkg/bootstrap/platform/k8s.go @@ -198,6 +198,9 @@ kind: ClusterRole metadata: name: cl-controlplane rules: +- apiGroups: [""] + resources: ["configmaps"] + verbs: ["create", "get", "list", "update", "watch"] - apiGroups: [""] resources: ["events"] verbs: ["create", "update"] From caf3536cce48d582eb9882b0c079a3d13081ec4b Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Tue, 25 Jun 2024 16:36:51 +0300 Subject: [PATCH 18/19] Lint. Signed-off-by: Avi Weit --- pkg/controlplane/control/dns.go | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/pkg/controlplane/control/dns.go b/pkg/controlplane/control/dns.go index 1ec9de190..8a78875ab 100644 --- a/pkg/controlplane/control/dns.go +++ b/pkg/controlplane/control/dns.go @@ -39,16 +39,12 @@ func restartCoreDNS(ctx context.Context, mClient client.Client, logger *logrus.E ), ) - if err := mClient.Patch(ctx, &appsv1.Deployment{ + return mClient.Patch(ctx, &appsv1.Deployment{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "coredns", }, - }, client.RawPatch(types.StrategicMergePatchType, patch)); err != nil { - return err - } - - return nil + }, client.RawPatch(types.StrategicMergePatchType, patch)) } // Add coredns rewrite for a given external dns service. From 4177a8292091e664d161b00ef432bf23072d05a4 Mon Sep 17 00:00:00 2001 From: Avi Weit Date: Tue, 25 Jun 2024 14:08:47 +0000 Subject: [PATCH 19/19] Lint and make precommit. Signed-off-by: Avi Weit --- pkg/controlplane/control/dns.go | 156 ++++++++++++++++---------------- 1 file changed, 79 insertions(+), 77 deletions(-) diff --git a/pkg/controlplane/control/dns.go b/pkg/controlplane/control/dns.go index 8a78875ab..82b275e0a 100644 --- a/pkg/controlplane/control/dns.go +++ b/pkg/controlplane/control/dns.go @@ -64,57 +64,58 @@ func addCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *logru } return err } - if data, ok := cm.Data["Corefile"]; ok { - // remove trailing end-of-line - data := strings.TrimSuffix(data, "\n") - // break into lines - lines := strings.Split(data, "\n") - serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) - - coreFileUpdated := false - rewriteLine := "" - for i, line := range lines { - if strings.Contains(line, serviceFqdn) { - // matched line already exists - break - } - // ready marker is reached - matched line not found, append it here - if strings.Contains(line, " ready") { - if strings.HasPrefix(alias, "*.") { // wildcard DNS - alias = strings.TrimPrefix(alias, "*") - alias = strings.ReplaceAll(alias, ".", "\\.") - alias = "(.*)" + alias - - rewriteLine = fmt.Sprintf(" rewrite name regex %s %s answer auto", alias, serviceFqdn) - } else { - rewriteLine = fmt.Sprintf(" rewrite name %s %s", alias, serviceFqdn) - } - // add matched line - lines = append(lines[:i+1], lines[i:]...) - lines[i] = rewriteLine - coreFileUpdated = true - break + if _, ok := cm.Data["Corefile"]; !ok { + return errors.New("coredns configmap['Corefile'] not found") + } + + data := cm.Data["Corefile"] + // remove trailing end-of-line + data = strings.TrimSuffix(data, "\n") + // break into lines + lines := strings.Split(data, "\n") + serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) + + coreFileUpdated := false + rewriteLine := "" + for i, line := range lines { + if strings.Contains(line, serviceFqdn) { + // matched line already exists + break + } + // ready marker is reached - matched line not found, append it here + if strings.Contains(line, " ready") { + if strings.HasPrefix(alias, "*.") { // wildcard DNS + alias = strings.TrimPrefix(alias, "*") + alias = strings.ReplaceAll(alias, ".", "\\.") + alias = "(.*)" + alias + + rewriteLine = fmt.Sprintf(" rewrite name regex %s %s answer auto", alias, serviceFqdn) + } else { + rewriteLine = fmt.Sprintf(" rewrite name %s %s", alias, serviceFqdn) } + // add matched line + lines = append(lines[:i+1], lines[i:]...) + lines[i] = rewriteLine + coreFileUpdated = true + break } + } - if coreFileUpdated { - // update configmap and restart the pods - var newLines string - for _, line := range lines { - // return back EOL - newLines += (line + "\n") - } - cm.Data["Corefile"] = newLines - if err := mClient.Update(ctx, &cm); err != nil { - return err - } + if coreFileUpdated { + // update configmap and restart the pods + var newLines string + for _, line := range lines { + // return back EOL + newLines += (line + "\n") + } + cm.Data["Corefile"] = newLines + if err := mClient.Update(ctx, &cm); err != nil { + return err + } - if err := restartCoreDNS(ctx, mClient, logger); err != nil { - return err - } + if err := restartCoreDNS(ctx, mClient, logger); err != nil { + return err } - } else { - return errors.New("coredns configmap['Corefile'] not found") } return nil @@ -135,41 +136,42 @@ func removeCoreDNSRewrite(ctx context.Context, mClient client.Client, logger *lo } return err } - if data, ok := cm.Data["Corefile"]; ok { - // remove trailing end-of-line - dataEol := strings.TrimSuffix(data, "\n") - // break into lines - lines := strings.Split(dataEol, "\n") - serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) - - coreFileUpdated := false - for i, line := range lines { - if strings.Contains(line, serviceFqdn) { - // remove matched line - lines = append(lines[:i], lines[i+1:]...) - coreFileUpdated = true - break - } + if _, ok := cm.Data["Corefile"]; !ok { + return errors.New("coredns configmap['Corefile'] not found") + } + + data := cm.Data["Corefile"] + // remove trailing end-of-line + dataEol := strings.TrimSuffix(data, "\n") + // break into lines + lines := strings.Split(dataEol, "\n") + serviceFqdn := fmt.Sprintf("%s.%s.svc.cluster.local", name.Name, name.Namespace) + + coreFileUpdated := false + for i, line := range lines { + if strings.Contains(line, serviceFqdn) { + // remove matched line + lines = append(lines[:i], lines[i+1:]...) + coreFileUpdated = true + break } + } - if coreFileUpdated { - // update configmap and restart the pods - var newLines string - for _, line := range lines { - // return back EOL - newLines += (line + "\n") - } - cm.Data["Corefile"] = newLines - if err := mClient.Update(ctx, &cm); err != nil { - return err - } + if coreFileUpdated { + // update configmap and restart the pods + var newLines string + for _, line := range lines { + // return back EOL + newLines += (line + "\n") + } + cm.Data["Corefile"] = newLines + if err := mClient.Update(ctx, &cm); err != nil { + return err + } - if err := restartCoreDNS(ctx, mClient, logger); err != nil { - return err - } + if err := restartCoreDNS(ctx, mClient, logger); err != nil { + return err } - } else { - return errors.New("coredns configmap['Corefile'] not found") } return nil