From c8e5d9e27e78f021630d708b88a3387eeec90ab5 Mon Sep 17 00:00:00 2001 From: John Maguire Date: Thu, 14 Dec 2023 14:15:12 -0500 Subject: [PATCH] [NET-6787] HostNetwork support for meshgw deployments (#3379) Add configuration for host network for mesh gateway deployments --- .../consul/templates/crd-gatewayclassconfigs.yaml | 4 ++++ .../templates/gateway-resources-configmap.yaml | 3 +++ .../api/mesh/v2beta1/gateway_class_config_types.go | 2 ++ ...sh.consul.hashicorp.com_gatewayclassconfigs.yaml | 4 ++++ control-plane/gateways/deployment.go | 13 ++++--------- .../subcommand/gateway-resources/command_test.go | 2 ++ 6 files changed, 19 insertions(+), 9 deletions(-) diff --git a/charts/consul/templates/crd-gatewayclassconfigs.yaml b/charts/consul/templates/crd-gatewayclassconfigs.yaml index 1edc3de8ad..68122e21bc 100644 --- a/charts/consul/templates/crd-gatewayclassconfigs.yaml +++ b/charts/consul/templates/crd-gatewayclassconfigs.yaml @@ -164,6 +164,10 @@ spec: type: object type: object type: object + hostNetwork: + description: HostNetwork specifies whether the gateway pods should + run on the host network + type: boolean initContainer: description: InitContainer contains config specific to the created Deployment's init container diff --git a/charts/consul/templates/gateway-resources-configmap.yaml b/charts/consul/templates/gateway-resources-configmap.yaml index 6f0fcc1712..9da3e4eec8 100644 --- a/charts/consul/templates/gateway-resources-configmap.yaml +++ b/charts/consul/templates/gateway-resources-configmap.yaml @@ -60,6 +60,9 @@ data: {{- with .Values.meshGateway.nodeSelector }} nodeSelector: {{ fromYaml . | toJson }} {{- end }} + {{- with .Values.meshGateway.hostNetwork }} + hostNetwork: {{ . }} + {{- end }} priorityClassName: {{ toJson .Values.meshGateway.priorityClassName }} replicas: default: {{ .Values.meshGateway.replicas }} diff --git a/control-plane/api/mesh/v2beta1/gateway_class_config_types.go b/control-plane/api/mesh/v2beta1/gateway_class_config_types.go index cded2b18ab..fb47c56510 100644 --- a/control-plane/api/mesh/v2beta1/gateway_class_config_types.go +++ b/control-plane/api/mesh/v2beta1/gateway_class_config_types.go @@ -67,6 +67,8 @@ type GatewayClassDeploymentConfig struct { SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"` // Tolerations specifies the tolerations to use on the created Deployment Tolerations []corev1.Toleration `json:"tolerations,omitempty"` + // HostNetwork specifies whether the gateway pods should run on the host network + HostNetwork bool `json:"hostNetwork,omitempty"` } type GatewayClassReplicasConfig struct { diff --git a/control-plane/config/crd/bases/mesh.consul.hashicorp.com_gatewayclassconfigs.yaml b/control-plane/config/crd/bases/mesh.consul.hashicorp.com_gatewayclassconfigs.yaml index aab856de9e..a36f540772 100644 --- a/control-plane/config/crd/bases/mesh.consul.hashicorp.com_gatewayclassconfigs.yaml +++ b/control-plane/config/crd/bases/mesh.consul.hashicorp.com_gatewayclassconfigs.yaml @@ -160,6 +160,10 @@ spec: type: object type: object type: object + hostNetwork: + description: HostNetwork specifies whether the gateway pods should + run on the host network + type: boolean initContainer: description: InitContainer contains config specific to the created Deployment's init container diff --git a/control-plane/gateways/deployment.go b/control-plane/gateways/deployment.go index 7dd1d1fcbf..bcd44a279a 100644 --- a/control-plane/gateways/deployment.go +++ b/control-plane/gateways/deployment.go @@ -38,18 +38,12 @@ func (b *meshGatewayBuilder) deploymentSpec() (*appsv1.DeploymentSpec, error) { var ( containerConfig *meshv2beta1.GatewayClassContainerConfig - nodeSelector map[string]string - tolerations []corev1.Toleration deploymentConfig meshv2beta1.GatewayClassDeploymentConfig - replicas *meshv2beta1.GatewayClassReplicasConfig ) if b.gcc != nil { containerConfig = b.gcc.Spec.Deployment.Container deploymentConfig = b.gcc.Spec.Deployment - nodeSelector = b.gcc.Spec.Deployment.NodeSelector - tolerations = b.gcc.Spec.Deployment.Tolerations - replicas = b.gcc.Spec.Deployment.Replicas } container, err := consulDataplaneContainer(b.config, containerConfig, b.gateway.Name, b.gateway.Namespace) @@ -59,7 +53,7 @@ func (b *meshGatewayBuilder) deploymentSpec() (*appsv1.DeploymentSpec, error) { return &appsv1.DeploymentSpec{ // TODO NET-6721 - Replicas: deploymentReplicaCount(replicas, nil), + Replicas: deploymentReplicaCount(deploymentConfig.Replicas, nil), Selector: &metav1.LabelSelector{ MatchLabels: b.Labels(), }, @@ -101,9 +95,10 @@ func (b *meshGatewayBuilder) deploymentSpec() (*appsv1.DeploymentSpec, error) { }, }, }, - NodeSelector: nodeSelector, + NodeSelector: deploymentConfig.NodeSelector, PriorityClassName: deploymentConfig.PriorityClassName, - Tolerations: tolerations, + HostNetwork: deploymentConfig.HostNetwork, + Tolerations: deploymentConfig.Tolerations, ServiceAccountName: b.serviceAccountName(), }, }, diff --git a/control-plane/subcommand/gateway-resources/command_test.go b/control-plane/subcommand/gateway-resources/command_test.go index 35b9ae2e49..0064e9545f 100644 --- a/control-plane/subcommand/gateway-resources/command_test.go +++ b/control-plane/subcommand/gateway-resources/command_test.go @@ -372,6 +372,7 @@ var validGWConfigurationKitchenSink = `gatewayClassConfigs: name: consul-mesh-gateway spec: deployment: + hostNetwork: true replicas: min: 3 default: 3 @@ -449,6 +450,7 @@ func TestRun_loadGatewayConfigs(t *testing.T) { config: validGWConfigurationKitchenSink, filename: "kitchenSinkConfig.yaml", expectedDeployment: v2beta1.GatewayClassDeploymentConfig{ + HostNetwork: true, NodeSelector: map[string]string{ "beta.kubernetes.io/arch": "amd64", "beta.kubernetes.io/os": "linux",