Add a controller in the cluster keeping in sync routes and hosts file

[guillaumerose]

• The daemon has an API available in the VM: curl http://gateway/hosts/add or remove.
• A controller is running the cluster and calls the daemon API.

For Windows, in the future, the daemon will forward request to the adminhelper daemon. Currently, a UAC prompt is shown.

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: guillaumerose

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [guillaumerose]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[gbraad]

#1793 (comment)

[gbraad]

./cmd/routes-controller this source code likely has to become a repo on it's own as this is part of a container.

[gbraad]

This 'routes-controller' is a separate binary? What is it's function?
Please describe this more clearly in the description of the PR

The problem I see is that this becomes another binary we need to maintain the lifecycle of. How will this work? Who maintains this? Why can't the/a (slightly more generic) daemon handle this? It seems this is part of a container run with podman

---

OK, so the routes-controller ends up in a container hosted in the VM... please make this part of the description. Technical details are important for a review.

The container build defintion need to be separated into their own repo. Which would also mean the routes-controller needs to be extracted.

[gbraad]

quay.io/crcont/ ?

[gbraad]

cmd/routes-controller/Dockerfile containers need to live in their own repos as part of the security review.

[cfergeau]

Could the controller be running on the host since we have the crc daemon which is running in the background anyway? It seems it would be overall easier, no new binary/container, no new VM<->host API, ...

[cfergeau]

'avoids' (twice)

[guillaumerose]

I have 4 choices in fact:

• Use this controller + API
• Make crc start run in the daemon so that I can know when the VM is started and kubeconfig is here. Then I can launch the controller
• Add events to the network stack so that, when a new VM connects, I try to run the controller
• Poll the kubeconfig file. When it appears, run the controller.

I guess the good solution is to make crc start the client of the daemon.

[cfergeau]

I have 4 choices in fact:

* Use this controller + API

* Make crc start run in the daemon so that I can know when the VM is started and kubeconfig is here. Then I can launch the controller

* Add events to the network stack so that, when a new VM connects, I try to run the controller

* Poll the kubeconfig file. When it appears, run the controller.

I guess the good solution is to make crc start the client of the daemon.

What I had in mind was to rework machine.Start() a bit:

        // Post-VM start
        vmState, err := host.Driver.GetState()
        if err != nil {                                                                                                                   
                return nil, errors.Wrap(err, "Error getting the state")                                                                  
        }
        if vmState != state.Running {
                return nil, errors.Wrap(err, "CodeReady Containers VM is not running")
        }
                
        instanceIP, err := getIP(host, client.useVSock())
        if err != nil {
                return nil, errors.Wrap(err, "Error getting the IP")
        }
        sshRunner, err := crcssh.CreateRunner(instanceIP, getSSHPort(client.useVSock()), crcBundleMetadata.GetSSHKeyPath(), constants.GetPrivateKeyPath(), constants.GetRsaPrivateKeyPath())
        if err != nil {
                return nil, errors.Wrap(err, "Error creating the ssh client")
        }
        defer sshRunner.Close()
        
        logging.Debug("Waiting until ssh is available")
        if err := cluster.WaitForSSH(sshRunner); err != nil {
                return nil, errors.Wrap(err, "Failed to connect to the CRC VM with SSH -- host might be unreachable")
        }
        logging.Info("CodeReady Containers VM is running")

The kubeconfig file could be copied to ~/.crc/machines/crc around that time, rather than being done later as being done now. And the host DNS configuration (addOpenShiftHosts / runPostStartForOS) could be also be done after checking the VM is up, but before waiting for SSH. In the vsock case, addOpenShiftHosts would talk to the daemon, starting it if necessary.

[guillaumerose]

After a long discussion, it seems that embedding this controller in the daemon is really complicated as machine.Start can be called from the crc CLI and from the daemon itself.
I propose we start with this controller in a pod and then, when crc CLI will always be a client of the daemon, move the controller to the daemon.

[guillaumerose]

I extracted the controller code to https://github.com/code-ready/routes-controller and modified everything to get it working on Windows.

UAC prompts only appear two times at crc start time and then each time a route is created/updated/deleted.

cc @gbraad

[gbraad]

So a UAC prompt is given twice on start, and each time on a route? That sounds like a lot (too much).

[guillaumerose]

twice on start, and each time on a route

Yes twice (clean + add the default ones) and then, when you add/update/delete a route, you get a prompt.
Compared to now, this is just one eventual prompt if you run oc new-app.

It will be 0 when the adminhelper will be a daemon.

For now:

• I can disable this for Windows and let the user do it by hand,
• or keep as it is.

[gbraad]

It will be 0 when the adminhelper will be a daemon.

That is what I am looking for. Can you outline the needed steps for this in a new issue or on the admin-helper issue?
Some estimation or timeline is appreciated. Especially to conclude if this should be merged or wait for to coincide with another possible follow-up.

[guillaumerose]

This is already good to take. It makes the cluster work fully. The debate for the daemon will be more intense for sure. Let's start with this.

[cfergeau]

Looks good, though probably best to land 'admin-helper as a daemon' first.

[cfergeau]

internal is very non descriptive. hostsAPIMux() since this is handling requests under the /hosts path?

[guillaumerose]

I renamed to gatewayAPIMux to indicate it's only gateway.crc.testing.

[cfergeau]

Better to avoid the code c&p.

[guillaumerose]

I don't get this. What do you mean?

[cfergeau]

The code handling /hosts/add and /hosts/remove is the same except for the line calling adminhelper.AddToHostsFile / adminhelper.RemoveFromHostsFile, dunno if it's possible to factor this somehow without making the code too complicated?

[guillaumerose]

Yes good point, done

[cfergeau]

one more container image we need to remember to maintain :)

[cfergeau]

Probably better to land first the admin-helper daemon work?

[guillaumerose]

admin-helper daemon still require some work: a preflight to install it, define the protocol, etc.

With this PR, we solve it for macOS and Linux. For Windows, the experience is not too bad. There is just one UAC prompt per new route.

This network stack could be GA on macOS/Linux after this PR (+ some minor enhancements, better errors, etc.).
I think we have the feature parity with the traditional network stack.

[cfergeau]

This network stack could be GA on macOS/Linux after this PR (+ some minor enhancements, better errors, etc.).
I think we have the feature parity with the traditional network stack.

daemon autostart is missing on linux (and on macos setups without the tray running). And if I'm not mistaken this also does not handle routes using non-standard ports? I guess autostart falls under the 'minor enhancements category')? I don't mind the non-standard thing for now, I agree we can push for wider testing after this.

[guillaumerose]

does not handle routes using non-standard ports

I tried to find examples or code around that but I couldn't find it. The only route I see like this would be the one for Kubernetes API.
Router container only exposes port 80 and 443, not others. I don't really understand how an other port can be used.

[cfergeau]

I thought our own doc had such examples ( https://code-ready.github.io/crc/#deploying-sample-application-with-odo_gsg ) but after being deployed, the app is exposed on port 80/443, not on 8080 as I expected.
https://docs.okd.io/latest/networking/configuring_ingress_cluster_traffic/configuring-ingress-cluster-traffic-load-balancer.html may be related to this, but is not working with the default networking anyway.

[guillaumerose]

/retest

[guillaumerose]

/retest

[guillaumerose]

/retest

[guillaumerose]

/retest

[cfergeau]

Still a few minor comments, but overall looks good to me.

[cfergeau]

Have you considered using github.com/code-ready/admin-helper/pkg/hosts directly? contains implementation is:

func contains(args []string) error {
        hosts, err := hosts.New()
        if err != nil {
                return err
        }
        if hosts.Contains(args[0], args[1]) {
                fmt.Println("true")
        } else {
                fmt.Println("false")
        }
        return nil
}

which is the same amount of code, and would be more efficient.

[guillaumerose]

Yes done. I wanted to avoid to vendor admin-helper in crc. We just need to remind to bump it in 2 places.

[praveenkumar]

@guillaumerose this is only pod definition so if somehow this pod crash then this route stuff will break, should we have deployment as Kind instead pod so that pod recreation happen if pod crashes?

[guillaumerose]

Deployment are useful version management. For crash, there is the RestartPolicy on the pod directly. It is "Always" by default so we should be good.

I tried to kill the process by hand. It is restarted.
I tried to start/stop/start the VM. The process is here.

[praveenkumar]

@guillaumerose For me it is not happening.

13:07 $ oc get pods -n openshift-ingress
NAME                              READY   STATUS    RESTARTS   AGE
router-default-7476bbd498-g9r7k   1/1     Running   1          13d
routes-controller                 1/1     Running   0          30m

13:08 $ oc delete pod routes-controller -n openshift-ingress
pod "routes-controller" deleted

13:11 $ oc get pods -n openshift-ingress
NAME                              READY   STATUS    RESTARTS   AGE
router-default-7476bbd498-g9r7k   1/1     Running   1          13d

[guillaumerose]

Yes sure, I mean kill with sudo kill -9 pid.
If the user does this, why bother him and recreate the pod ?

[praveenkumar]

Since it is part of openshift-ingress and if a user just delete all the pods under this namespace, all pods except this one come up without any issue, Also can we make it as static pod if we really want it to be running always?

[guillaumerose]

I tried to add in static pod directory but it doesn't work:

Apr 19 12:19:17 crc-xl2km-master-0 hyperkube[2154]: E0419 12:19:17.473167    2154 kubelet.go:1671] Failed creating a mirror pod for "routes-controller-crc-xl2km-master-0_openshift-ingress(fd89789fbe33ba7075234cb104ec8e39)": pods "routes-controller-crc-xl2km-master-0" is forbidden: a mirror pod may not reference service accounts

if a user just delete all the pods under this namespace

It should not happen or he really wants to do this?

[praveenkumar]

This is not blocker for this PR so let's have some follow up issue in case we hit it.

[guillaumerose]

retest this please

[praveenkumar]

/lgtm