From ecb984a1dcaaee24da54d3e0a0d0e9d94e977014 Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Mon, 9 Oct 2023 08:44:38 +0200 Subject: [PATCH 1/9] Bump to contour 1.26 and use gateway-provisioner --- README.md | 4 ++-- docs/test-version.md | 2 +- hack/test-env.sh | 4 ++-- test/e2e-common.sh | 6 +++--- third_party/contour/config-gateway.yaml | 4 ++-- third_party/contour/gateway-external.yaml | 20 ++---------------- third_party/contour/gateway-internal.yaml | 25 ++--------------------- 7 files changed, 14 insertions(+), 51 deletions(-) diff --git a/README.md b/README.md index ba0cb0889..a22bbac28 100644 --- a/README.md +++ b/README.md @@ -91,10 +91,10 @@ kubectl apply -f ./third_party/istio #### Contour ```bash echo ">> Bringing up Contour" -kubectl apply -f "https://raw.githubusercontent.com/projectcontour/contour-operator/${CONTOUR_VERSION}/examples/operator/operator.yaml" +kubectl apply -f "https://raw.githubusercontent.com/projectcontour/contour/${CONTOUR_VERSION}/examples/render/contour-gateway-provisioner.yaml" # wait for operator deployment to be Available -kubectl wait deploy --for=condition=Available --timeout=60s -n "contour-operator" -l '!job-name' +kubectl wait deploy --for=condition=Available --timeout=60s -n "projectcontour" echo ">> Deploy Gateway API resources" kubectl apply -f ./third_party/contour diff --git a/docs/test-version.md b/docs/test-version.md index 9d5493737..bf0adf835 100644 --- a/docs/test-version.md +++ b/docs/test-version.md @@ -16,4 +16,4 @@ The following Gateway API version and Ingress were tested as part of the release | Ingress | Tested version | Unavailable features | | ------- | ----------------------- | ------------------------------ | | Istio | v1.19.0 | retry,httpoption | -| Contour | v1.24.0 | httpoption,basics/http2,websocket,websocket/split,grpc,grpc/split,update,host-rewrite | +| Contour | v1.26.0 | httpoption,basics/http2,websocket,websocket/split,grpc,grpc/split,update | diff --git a/hack/test-env.sh b/hack/test-env.sh index dfe38225e..f0e5dfb70 100755 --- a/hack/test-env.sh +++ b/hack/test-env.sh @@ -17,5 +17,5 @@ export GATEWAY_API_VERSION="v0.8.1" export ISTIO_VERSION="1.19.0" export ISTIO_UNSUPPORTED_E2E_TESTS="retry,httpoption" -export CONTOUR_VERSION="v1.24.0" -export CONTOUR_UNSUPPORTED_E2E_TESTS="httpoption,basics/http2,websocket,websocket/split,grpc,grpc/split,update,host-rewrite" +export CONTOUR_VERSION="v1.26.0" +export CONTOUR_UNSUPPORTED_E2E_TESTS="httpoption,basics/http2,websocket,websocket/split,grpc,grpc/split,update" diff --git a/test/e2e-common.sh b/test/e2e-common.sh index f699c92ce..917900f44 100755 --- a/test/e2e-common.sh +++ b/test/e2e-common.sh @@ -100,7 +100,7 @@ function teardown_networking() { kubectl delete -f "${REPO_ROOT_DIR}/third_party/${INGRESS}" if [[ "$INGRESS" == "contour" ]]; then - kubectl delete -f "https://raw.githubusercontent.com/projectcontour/contour-operator/${CONTOUR_VERSION}/examples/operator/operator.yaml" + kubectl delete -f "https://raw.githubusercontent.com/projectcontour/contour/${CONTOUR_VERSION}/examples/render/contour-gateway-provisioner.yaml" else istioctl uninstall -y --purge kubectl delete namespace istio-system @@ -109,8 +109,8 @@ function teardown_networking() { function setup_contour() { # Version is selected is in $REPO_ROOT/hack/test-env.sh - kubectl apply -f "https://raw.githubusercontent.com/projectcontour/contour-operator/${CONTOUR_VERSION}/examples/operator/operator.yaml" && \ - kubectl wait deploy --for=condition=Available --timeout=60s -n "contour-operator" -l '!job-name' && \ + kubectl apply -f "https://raw.githubusercontent.com/projectcontour/contour/${CONTOUR_VERSION}/examples/render/contour-gateway-provisioner.yaml" && \ + kubectl wait deploy --for=condition=Available --timeout=60s -n "projectcontour" && \ kubectl apply -f "${REPO_ROOT_DIR}/third_party/contour" local ret=$? diff --git a/third_party/contour/config-gateway.yaml b/third_party/contour/config-gateway.yaml index d4d72e710..415bfc5f4 100644 --- a/third_party/contour/config-gateway.yaml +++ b/third_party/contour/config-gateway.yaml @@ -24,8 +24,8 @@ data: ExternalIP: class: contour gateway: contour-external/knative-gateway - service: contour-external/envoy + service: contour-external/envoy-knative-gateway ClusterLocal: class: contour gateway: contour-internal/knative-local-gateway - service: contour-internal/envoy + service: contour-internal/envoy-knative-local-gateway diff --git a/third_party/contour/gateway-external.yaml b/third_party/contour/gateway-external.yaml index fc9fb9e72..cc8cb2d4b 100644 --- a/third_party/contour/gateway-external.yaml +++ b/third_party/contour/gateway-external.yaml @@ -15,30 +15,14 @@ apiVersion: v1 kind: Namespace metadata: - labels: - control-plane: contour-operator name: contour-external --- -apiVersion: operator.projectcontour.io/v1alpha1 -kind: Contour -metadata: - name: contour-external - namespace: contour-external -spec: - gatewayControllerName: projectcontour.io/contour-external/contour - namespace: - name: contour-external - ingressClassName: contour-external - networkPublishing: - envoy: - type: LoadBalancerService ---- kind: GatewayClass apiVersion: gateway.networking.k8s.io/v1beta1 metadata: name: contour-external-gatewayclass spec: - controllerName: projectcontour.io/contour-external/contour + controllerName: projectcontour.io/gateway-controller --- kind: Gateway apiVersion: gateway.networking.k8s.io/v1beta1 @@ -48,7 +32,7 @@ metadata: spec: gatewayClassName: contour-external-gatewayclass listeners: - - name: default + - name: http port: 80 protocol: HTTP allowedRoutes: diff --git a/third_party/contour/gateway-internal.yaml b/third_party/contour/gateway-internal.yaml index b0a7e44c5..6de4a2fc2 100644 --- a/third_party/contour/gateway-internal.yaml +++ b/third_party/contour/gateway-internal.yaml @@ -15,35 +15,14 @@ apiVersion: v1 kind: Namespace metadata: - labels: - control-plane: contour-operator name: contour-internal --- -apiVersion: operator.projectcontour.io/v1alpha1 -kind: Contour -metadata: - name: contour-internal - namespace: contour-internal -spec: - gatewayControllerName: projectcontour.io/contour-internal/contour - namespace: - name: contour-internal - ingressClassName: contour-internal - networkPublishing: - envoy: - containerPorts: - - name: http - portNumber: 8081 - - name: https - portNumber: 8443 - type: ClusterIPService ---- kind: GatewayClass apiVersion: gateway.networking.k8s.io/v1beta1 metadata: name: contour-internal-gatewayclass spec: - controllerName: projectcontour.io/contour-internal/contour + controllerName: projectcontour.io/gateway-controller --- kind: Gateway apiVersion: gateway.networking.k8s.io/v1beta1 @@ -53,7 +32,7 @@ metadata: spec: gatewayClassName: contour-internal-gatewayclass listeners: - - name: default + - name: http port: 80 protocol: HTTP allowedRoutes: From 93f67ca4f1eded8478e69fa8623856b994a26841 Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Mon, 9 Oct 2023 09:34:21 +0200 Subject: [PATCH 2/9] Fix deployment wait script --- README.md | 2 +- test/e2e-common.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a22bbac28..4547c407d 100644 --- a/README.md +++ b/README.md @@ -94,7 +94,7 @@ echo ">> Bringing up Contour" kubectl apply -f "https://raw.githubusercontent.com/projectcontour/contour/${CONTOUR_VERSION}/examples/render/contour-gateway-provisioner.yaml" # wait for operator deployment to be Available -kubectl wait deploy --for=condition=Available --timeout=60s -n "projectcontour" +kubectl wait deploy --for=condition=Available --timeout=60s -n "projectcontour" contour-gateway-provisioner echo ">> Deploy Gateway API resources" kubectl apply -f ./third_party/contour diff --git a/test/e2e-common.sh b/test/e2e-common.sh index 917900f44..36ec27970 100755 --- a/test/e2e-common.sh +++ b/test/e2e-common.sh @@ -110,7 +110,7 @@ function teardown_networking() { function setup_contour() { # Version is selected is in $REPO_ROOT/hack/test-env.sh kubectl apply -f "https://raw.githubusercontent.com/projectcontour/contour/${CONTOUR_VERSION}/examples/render/contour-gateway-provisioner.yaml" && \ - kubectl wait deploy --for=condition=Available --timeout=60s -n "projectcontour" && \ + kubectl wait deploy --for=condition=Available --timeout=60s -n "projectcontour" contour-gateway-provisioner && \ kubectl apply -f "${REPO_ROOT_DIR}/third_party/contour" local ret=$? From a40781eb725bf9dc43ee340b12c7b60276edeb51 Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Tue, 10 Oct 2023 08:23:41 +0200 Subject: [PATCH 3/9] Change GATEWAY_OVERRIDE for contour --- test/e2e-common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e-common.sh b/test/e2e-common.sh index 36ec27970..99d92d5f3 100755 --- a/test/e2e-common.sh +++ b/test/e2e-common.sh @@ -37,7 +37,7 @@ function parse_flags() { ;; --contour) readonly INGRESS=contour - readonly GATEWAY_OVERRIDE=envoy + readonly GATEWAY_OVERRIDE=envoy-knative-gateway readonly GATEWAY_NAMESPACE_OVERRIDE=contour-external readonly UNSUPPORTED_E2E_TESTS="${CONTOUR_UNSUPPORTED_E2E_TESTS}" return 1 From 4f170eaf650ed1e1685cdd1b4f5147cd62d15eb1 Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Tue, 10 Oct 2023 09:39:11 +0200 Subject: [PATCH 4/9] Enable `enableExternalNameService` on contour deployments --- third_party/contour/gateway-external.yaml | 17 +++++++++++++++ third_party/contour/gateway-internal.yaml | 26 +++++++++++++++++++++++ 2 files changed, 43 insertions(+) diff --git a/third_party/contour/gateway-external.yaml b/third_party/contour/gateway-external.yaml index cc8cb2d4b..4ed999543 100644 --- a/third_party/contour/gateway-external.yaml +++ b/third_party/contour/gateway-external.yaml @@ -23,6 +23,23 @@ metadata: name: contour-external-gatewayclass spec: controllerName: projectcontour.io/gateway-controller + parametersRef: + kind: ContourDeployment + group: projectcontour.io + name: contour-external-gatewayclass + namespace: contour-external +--- +kind: ContourDeployment +apiVersion: projectcontour.io/v1alpha1 +metadata: + name: contour-external-gatewayclass + namespace: contour-external +spec: + runtimeSettings: + enableExternalNameService: true + contour: + deployment: + replicas: 1 --- kind: Gateway apiVersion: gateway.networking.k8s.io/v1beta1 diff --git a/third_party/contour/gateway-internal.yaml b/third_party/contour/gateway-internal.yaml index 6de4a2fc2..653ca31c2 100644 --- a/third_party/contour/gateway-internal.yaml +++ b/third_party/contour/gateway-internal.yaml @@ -23,6 +23,23 @@ metadata: name: contour-internal-gatewayclass spec: controllerName: projectcontour.io/gateway-controller + parametersRef: + kind: ContourDeployment + group: projectcontour.io + name: contour-internal-gatewayclass + namespace: contour-internal +--- +kind: ContourDeployment +apiVersion: projectcontour.io/v1alpha1 +metadata: + name: contour-internal-gatewayclass + namespace: contour-internal +spec: + runtimeSettings: + enableExternalNameService: true + contour: + deployment: + replicas: 1 --- kind: Gateway apiVersion: gateway.networking.k8s.io/v1beta1 @@ -38,3 +55,12 @@ spec: allowedRoutes: namespaces: from: All +--- +#apiVersion: v1 +#kind: ConfigMap +#metadata: +# name: contourconfig-knative-local-gateway +# namespace: contour-internal +#data: +# contour.yaml: | +# enableExternalNameService: true From fd52550736c1a6ed6684f570a5576924d33ea569 Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Tue, 10 Oct 2023 09:57:26 +0200 Subject: [PATCH 5/9] Enable websocket tests on contour --- hack/test-env.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/test-env.sh b/hack/test-env.sh index f0e5dfb70..f33cca888 100755 --- a/hack/test-env.sh +++ b/hack/test-env.sh @@ -18,4 +18,4 @@ export GATEWAY_API_VERSION="v0.8.1" export ISTIO_VERSION="1.19.0" export ISTIO_UNSUPPORTED_E2E_TESTS="retry,httpoption" export CONTOUR_VERSION="v1.26.0" -export CONTOUR_UNSUPPORTED_E2E_TESTS="httpoption,basics/http2,websocket,websocket/split,grpc,grpc/split,update" +export CONTOUR_UNSUPPORTED_E2E_TESTS="httpoption,basics/http2,grpc,grpc/split,update" From f703b4e1d277c38a356278d8321e4a19a90087d9 Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Tue, 10 Oct 2023 10:13:37 +0200 Subject: [PATCH 6/9] Run update-codegen --- docs/test-version.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/test-version.md b/docs/test-version.md index bf0adf835..c77e076c4 100644 --- a/docs/test-version.md +++ b/docs/test-version.md @@ -16,4 +16,4 @@ The following Gateway API version and Ingress were tested as part of the release | Ingress | Tested version | Unavailable features | | ------- | ----------------------- | ------------------------------ | | Istio | v1.19.0 | retry,httpoption | -| Contour | v1.26.0 | httpoption,basics/http2,websocket,websocket/split,grpc,grpc/split,update | +| Contour | v1.26.0 | httpoption,basics/http2,grpc,grpc/split,update | From b75388488555fdd0bb69ea36b4bbaf226d0520d0 Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Wed, 11 Oct 2023 09:01:14 +0200 Subject: [PATCH 7/9] Use service type ClusterIP for internal gateway --- third_party/contour/gateway-internal.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/third_party/contour/gateway-internal.yaml b/third_party/contour/gateway-internal.yaml index 653ca31c2..83724fa0e 100644 --- a/third_party/contour/gateway-internal.yaml +++ b/third_party/contour/gateway-internal.yaml @@ -37,6 +37,9 @@ metadata: spec: runtimeSettings: enableExternalNameService: true + envoy: + networkPublishing: + type: ClusterIPService contour: deployment: replicas: 1 From a6a2ef414c3afe3ba16d8d2f3038b6116ae81a54 Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Wed, 11 Oct 2023 09:20:16 +0200 Subject: [PATCH 8/9] Drop unused config-map --- third_party/contour/gateway-internal.yaml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/third_party/contour/gateway-internal.yaml b/third_party/contour/gateway-internal.yaml index 83724fa0e..eb46d527e 100644 --- a/third_party/contour/gateway-internal.yaml +++ b/third_party/contour/gateway-internal.yaml @@ -58,12 +58,3 @@ spec: allowedRoutes: namespaces: from: All ---- -#apiVersion: v1 -#kind: ConfigMap -#metadata: -# name: contourconfig-knative-local-gateway -# namespace: contour-internal -#data: -# contour.yaml: | -# enableExternalNameService: true From b237fbabad87b47600be117da3d4daff34a44290 Mon Sep 17 00:00:00 2001 From: Reto Lehmann Date: Wed, 11 Oct 2023 11:22:10 +0200 Subject: [PATCH 9/9] Wait for the gateway api webhook server to be ready --- test/e2e-common.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/e2e-common.sh b/test/e2e-common.sh index 99d92d5f3..18450d4b1 100755 --- a/test/e2e-common.sh +++ b/test/e2e-common.sh @@ -110,7 +110,8 @@ function teardown_networking() { function setup_contour() { # Version is selected is in $REPO_ROOT/hack/test-env.sh kubectl apply -f "https://raw.githubusercontent.com/projectcontour/contour/${CONTOUR_VERSION}/examples/render/contour-gateway-provisioner.yaml" && \ - kubectl wait deploy --for=condition=Available --timeout=60s -n "projectcontour" contour-gateway-provisioner && \ + kubectl wait deploy --for=condition=Available --timeout=60s -n projectcontour contour-gateway-provisioner && \ + kubectl wait deploy --for=condition=Available --timeout=60s -n gateway-system gateway-api-admission-server && \ kubectl apply -f "${REPO_ROOT_DIR}/third_party/contour" local ret=$?