Skip to content

Commit

Permalink
chores(k8s-backend): add svc ip families config
Browse files Browse the repository at this point in the history
  • Loading branch information
motoki317 committed Jul 27, 2024
1 parent 57273f5 commit 60c98ec
Show file tree
Hide file tree
Showing 3 changed files with 46 additions and 3 deletions.
4 changes: 4 additions & 0 deletions cmd/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,10 @@ func init() {

viper.SetDefault("components.controller.k8s.routing.type", "traefik")
viper.SetDefault("components.controller.k8s.routing.traefik.priorityOffset", 0)

viper.SetDefault("components.controller.k8s.service.ipFamilies", nil)
viper.SetDefault("components.controller.k8s.service.ipFamilyPolicy", "PreferDualStack")

viper.SetDefault("components.controller.k8s.tls.type", "traefik")
viper.SetDefault("components.controller.k8s.tls.traefik.certResolver", "nsresolver")
viper.SetDefault("components.controller.k8s.tls.traefik.wildcard.domains", nil)
Expand Down
36 changes: 36 additions & 0 deletions pkg/infrastructure/backend/k8simpl/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -181,6 +181,15 @@ type Config struct {
PriorityOffset int `mapstructure:"priorityOffset" yaml:"priorityOffset"`
} `mapstructure:"traefik" yaml:"traefik"`
} `mapstructure:"routing" yaml:"routing"`
// Service section defines Service (L4) routing settings.
Service struct {
// IPFamilies defines ipFamilies field for the service objects.
// Allowed values: IPv4, IPv6
IPFamilies []v1.IPFamily `mapstructure:"ipFamilies" yaml:"ipFamilies"`
// IPFamilyPolicy defines ipFamilyPolicy field for the service objects.
// Allowed values: "", "SingleStack", "PreferDualStack", "RequireDualStack"
IPFamilyPolicy v1.IPFamilyPolicy `mapstructure:"ipFamilyPolicy" yaml:"ipFamilyPolicy"`
}
// TLS section defines tls setting for user app ingress.
TLS struct {
// Type defines which provider is responsible for obtaining http certificates.
Expand Down Expand Up @@ -264,6 +273,17 @@ func (c *Config) selectNode(appID string) map[string]string {
return map[string]string{hostnameNodeSelectorLabel: host}
}

func (c *Config) serviceIPFamilies() []v1.IPFamily {
return c.Service.IPFamilies
}

func (c *Config) serviceIPFamilyPolicy() *v1.IPFamilyPolicy {
if c.Service.IPFamilyPolicy == "" {
return nil
}
return lo.ToPtr(c.Service.IPFamilyPolicy)
}

var tolerationOperatorMapper = mapper.MustNewValueMapper(map[string]v1.TolerationOperator{
string(v1.TolerationOpEqual): v1.TolerationOpEqual,
string(v1.TolerationOpExists): v1.TolerationOpExists,
Expand Down Expand Up @@ -347,6 +367,22 @@ func (c *Config) Validate() error {
default:
return errors.New(fmt.Sprintf("k8s.routing.type is invalid: %s", c.Routing.Type))
}

for _, family := range c.Service.IPFamilies {
if !lo.Contains([]v1.IPFamily{v1.IPv4Protocol, v1.IPv6Protocol}, family) {
return errors.New(fmt.Sprintf("invalid IPFamily %s", family))
}
}
if !lo.Contains([]v1.IPFamilyPolicy{
// Allow empty value
"",
v1.IPFamilyPolicySingleStack,
v1.IPFamilyPolicyPreferDualStack,
v1.IPFamilyPolicyRequireDualStack,
}, c.Service.IPFamilyPolicy) {
return errors.New(fmt.Sprintf("invalid IPFamily policy: %s", c.Service.IPFamilyPolicy))
}

switch c.TLS.Type {
case tlsTypeTraefik:
if err := c.TLS.Traefik.Wildcard.Domains.Validate(); err != nil {
Expand Down
9 changes: 6 additions & 3 deletions pkg/infrastructure/backend/k8simpl/synchronize_runtime.go
Original file line number Diff line number Diff line change
Expand Up @@ -140,7 +140,8 @@ func (b *Backend) runtimeSpec(app *domain.RuntimeDesiredState) (*appsv1.Stateful
},
Spec: v1.ServiceSpec{
Type: "ClusterIP",
IPFamilyPolicy: lo.ToPtr(v1.IPFamilyPolicyPreferDualStack),
IPFamilies: b.config.serviceIPFamilies(),
IPFamilyPolicy: b.config.serviceIPFamilyPolicy(),
Selector: appSelector(app.App.ID),
Ports: ds.Map(cont.Ports, func(port v1.ContainerPort) v1.ServicePort {
return v1.ServicePort{
Expand Down Expand Up @@ -186,8 +187,10 @@ func (b *Backend) runtimePortService(app *domain.Application, port *domain.PortP
Labels: b.appLabel(app.ID),
},
Spec: v1.ServiceSpec{
Type: "LoadBalancer",
Selector: appSelector(app.ID),
Type: "LoadBalancer",
IPFamilies: b.config.serviceIPFamilies(),
IPFamilyPolicy: b.config.serviceIPFamilyPolicy(),
Selector: appSelector(app.ID),
Ports: []v1.ServicePort{{
Protocol: protocolMapper.IntoMust(port.Protocol),
Port: int32(port.InternetPort),
Expand Down

0 comments on commit 60c98ec

Please sign in to comment.