From 0cea547819896538bd02f3b45da527303f1569dc Mon Sep 17 00:00:00 2001 From: David Cheung Date: Wed, 11 Sep 2024 18:34:32 +0000 Subject: [PATCH 1/2] Refactor addBackendPolicyIfConfigured to allow future features --- .../gce/extensions/input_extensions.go | 29 ++++++++++++++++ .../gce/extensions/output_extensions.go | 33 +++++++++++++++++++ pkg/i2gw/providers/gce/gce_extensions.go | 23 +++++-------- 3 files changed, 70 insertions(+), 15 deletions(-) create mode 100644 pkg/i2gw/providers/gce/extensions/input_extensions.go create mode 100644 pkg/i2gw/providers/gce/extensions/output_extensions.go diff --git a/pkg/i2gw/providers/gce/extensions/input_extensions.go b/pkg/i2gw/providers/gce/extensions/input_extensions.go new file mode 100644 index 00000000..94af4a9c --- /dev/null +++ b/pkg/i2gw/providers/gce/extensions/input_extensions.go @@ -0,0 +1,29 @@ +/* +Copyright 2024 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package extensions + +import ( + "github.com/kubernetes-sigs/ingress2gateway/pkg/i2gw/intermediate" + backendconfigv1 "k8s.io/ingress-gce/pkg/apis/backendconfig/v1" +) + +func BuildIRSessionAffinityConfig(beConfig *backendconfigv1.BackendConfig) *intermediate.SessionAffinityConfig { + return &intermediate.SessionAffinityConfig{ + AffinityType: beConfig.Spec.SessionAffinity.AffinityType, + CookieTTLSec: beConfig.Spec.SessionAffinity.AffinityCookieTtlSec, + } +} diff --git a/pkg/i2gw/providers/gce/extensions/output_extensions.go b/pkg/i2gw/providers/gce/extensions/output_extensions.go new file mode 100644 index 00000000..aa946d91 --- /dev/null +++ b/pkg/i2gw/providers/gce/extensions/output_extensions.go @@ -0,0 +1,33 @@ +/* +Copyright 2024 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package extensions + +import ( + gkegatewayv1 "github.com/GoogleCloudPlatform/gke-gateway-api/apis/networking/v1" + "github.com/kubernetes-sigs/ingress2gateway/pkg/i2gw/intermediate" +) + +func BuildBackendPolicySessionAffinityConfig(serviceIR intermediate.ProviderSpecificServiceIR) *gkegatewayv1.SessionAffinityConfig { + affinityType := serviceIR.Gce.SessionAffinity.AffinityType + saConfig := gkegatewayv1.SessionAffinityConfig{ + Type: &affinityType, + } + if affinityType == "GENERATED_COOKIE" { + saConfig.CookieTTLSec = serviceIR.Gce.SessionAffinity.CookieTTLSec + } + return &saConfig +} diff --git a/pkg/i2gw/providers/gce/gce_extensions.go b/pkg/i2gw/providers/gce/gce_extensions.go index d566d575..aa42404f 100644 --- a/pkg/i2gw/providers/gce/gce_extensions.go +++ b/pkg/i2gw/providers/gce/gce_extensions.go @@ -24,6 +24,7 @@ import ( "github.com/kubernetes-sigs/ingress2gateway/pkg/i2gw" "github.com/kubernetes-sigs/ingress2gateway/pkg/i2gw/intermediate" "github.com/kubernetes-sigs/ingress2gateway/pkg/i2gw/notifications" + "github.com/kubernetes-sigs/ingress2gateway/pkg/i2gw/providers/gce/extensions" apiv1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" @@ -141,11 +142,7 @@ func parseBackendConfigName(ctx context.Context, val string) (string, bool) { func beConfigToGceServiceIR(beConfig *backendconfigv1.BackendConfig) intermediate.GceServiceIR { var gceServiceIR intermediate.GceServiceIR if beConfig.Spec.SessionAffinity != nil { - saConfig := intermediate.SessionAffinityConfig{ - AffinityType: beConfig.Spec.SessionAffinity.AffinityType, - CookieTTLSec: beConfig.Spec.SessionAffinity.AffinityCookieTtlSec, - } - gceServiceIR.SessionAffinity = &saConfig + gceServiceIR.SessionAffinity = extensions.BuildIRSessionAffinityConfig(beConfig) } return gceServiceIR @@ -167,21 +164,16 @@ func buildGceServiceExtensions(ir intermediate.IR, gatewayResources *i2gw.Gatewa } func addBackendPolicyIfConfigured(serviceNamespacedName types.NamespacedName, serviceIR intermediate.ProviderSpecificServiceIR) *gkegatewayv1.GCPBackendPolicy { - if serviceIR.Gce == nil || serviceIR.Gce.SessionAffinity == nil { + if serviceIR.Gce == nil { return nil } - affinityType := serviceIR.Gce.SessionAffinity.AffinityType backendPolicy := gkegatewayv1.GCPBackendPolicy{ ObjectMeta: metav1.ObjectMeta{ Namespace: serviceNamespacedName.Namespace, Name: serviceNamespacedName.Name, }, Spec: gkegatewayv1.GCPBackendPolicySpec{ - Default: &gkegatewayv1.GCPBackendPolicyConfig{ - SessionAffinity: &gkegatewayv1.SessionAffinityConfig{ - Type: &affinityType, - }, - }, + Default: &gkegatewayv1.GCPBackendPolicyConfig{}, TargetRef: gatewayv1alpha2.NamespacedPolicyTargetReference{ Group: "", Kind: "Service", @@ -189,10 +181,11 @@ func addBackendPolicyIfConfigured(serviceNamespacedName types.NamespacedName, se }, }, } - if affinityType == "GENERATED_COOKIE" { - backendPolicy.Spec.Default.SessionAffinity.CookieTTLSec = serviceIR.Gce.SessionAffinity.CookieTTLSec + backendPolicy.SetGroupVersionKind(GCPBackendPolicyGVK) + + if serviceIR.Gce.SessionAffinity != nil { + backendPolicy.Spec.Default.SessionAffinity = extensions.BuildBackendPolicySessionAffinityConfig(serviceIR) } - backendPolicy.SetGroupVersionKind(GCPBackendPolicyGVK) return &backendPolicy } From 2dbec7cec0df46712f300dc2423e9f2a5496a1a6 Mon Sep 17 00:00:00 2001 From: David Cheung Date: Thu, 12 Sep 2024 19:56:48 +0000 Subject: [PATCH 2/2] Add validation on Session Affinity Config --- .../gce/extensions/input_extensions.go | 19 +++++++++++++++++++ pkg/i2gw/providers/gce/gce_extensions.go | 4 ++++ 2 files changed, 23 insertions(+) diff --git a/pkg/i2gw/providers/gce/extensions/input_extensions.go b/pkg/i2gw/providers/gce/extensions/input_extensions.go index 94af4a9c..3f154a23 100644 --- a/pkg/i2gw/providers/gce/extensions/input_extensions.go +++ b/pkg/i2gw/providers/gce/extensions/input_extensions.go @@ -17,10 +17,29 @@ limitations under the License. package extensions import ( + "fmt" + "github.com/kubernetes-sigs/ingress2gateway/pkg/i2gw/intermediate" backendconfigv1 "k8s.io/ingress-gce/pkg/apis/backendconfig/v1" ) +func ValidateBeConfig(beConfig *backendconfigv1.BackendConfig) error { + if beConfig.Spec.SessionAffinity != nil { + if err := validateSessionAffinity(beConfig); err != nil { + return err + } + } + + return nil +} + +func validateSessionAffinity(beConfig *backendconfigv1.BackendConfig) error { + if beConfig.Spec.SessionAffinity.AffinityCookieTtlSec != nil && beConfig.Spec.SessionAffinity.AffinityType != "GENERATED_COOKIE" { + return fmt.Errorf("BackendConfig has affinityCookieTtlSec set, but affinityType is not GENERATED_COOKIE") + } + return nil +} + func BuildIRSessionAffinityConfig(beConfig *backendconfigv1.BackendConfig) *intermediate.SessionAffinityConfig { return &intermediate.SessionAffinityConfig{ AffinityType: beConfig.Spec.SessionAffinity.AffinityType, diff --git a/pkg/i2gw/providers/gce/gce_extensions.go b/pkg/i2gw/providers/gce/gce_extensions.go index aa42404f..f480d7d5 100644 --- a/pkg/i2gw/providers/gce/gce_extensions.go +++ b/pkg/i2gw/providers/gce/gce_extensions.go @@ -45,6 +45,10 @@ func buildGceServiceIR(ctx context.Context, storage *storage, ir *intermediate.I if beConfig == nil { continue } + if err := extensions.ValidateBeConfig(beConfig); err != nil { + notify(notifications.ErrorNotification, err.Error(), beConfig) + continue + } gceServiceIR := beConfigToGceServiceIR(beConfig) services := beConfigToSvcs[beConfigKey] for _, svcKey := range services {