Merge pull request #2 from vngcloud/dev

RELEASE v0.2.1

.github/workflows/check-golangci-lint.yml

@@ -13,7 +13,7 @@ jobs:
     steps:
       - uses: actions/[email protected]
         with:
-          go-version: "1.22.3"
+          go-version: "1.22.4"
       - uses: actions/[email protected]
       - name: golangci-lint
         uses: golangci/[email protected]

.github/workflows/check-govulncheck.yml

@@ -15,5 +15,5 @@ jobs:
       - name: Scan for Vulnerabilities in Code
         uses: golang/govulncheck-action@v1
         with:
-          go-version-input: 1.22.3
+          go-version-input: 1.22.4
           go-package: ./...

.github/workflows/check-readme-linter.yml

@@ -11,7 +11,7 @@ jobs:
     steps:
       - uses: actions/[email protected]
         with:
-          go-version: "1.22.3"
+          go-version: "1.22.4"
       - uses: actions/[email protected]
         with:
           fetch-depth: 0

.github/workflows/ci-dev.yml

@@ -5,7 +5,7 @@ on:
     branches: ["dev"]
 
 env:
-  VERSION: v0.2.0
+  VERSION: v0.2.1
   REPO: vcr.vngcloud.vn/60108-annd2-ingress
 
 jobs:

.github/workflows/ci-main.yml

@@ -5,7 +5,7 @@ on:
     branches: ["main"]
 
 env:
-  VERSION: v0.2.0
+  VERSION: v0.2.1
   REPO: vcr.vngcloud.vn/81-vks-public
 
 jobs:

Dockerfile

@@ -14,15 +14,15 @@
 ##                               BUILD ARGS                                   ##
 ################################################################################
 # This build arg allows the specification of a custom Golang image.
-ARG GOLANG_IMAGE=vcr.vngcloud.vn/81-vks-public/golang:1.22.3
+ARG GOLANG_IMAGE=vcr.vngcloud.vn/81-vks-public/golang:1.22.4
 
 # The distroless image on which the CPI manager image is built.
 #
 # Please do not use "latest". Explicit tags should be used to provide
 # deterministic builds. Follow what kubernetes uses to build
 # kube-controller-manager, for example for 1.27.x:
 # https://github.com/kubernetes/kubernetes/blob/release-1.27/build/common.sh#L99
-ARG DISTROLESS_IMAGE=vcr.vngcloud.vn/81-vks-public/go-runner:v2.3.1-go1.22.3-bookworm.0
+ARG DISTROLESS_IMAGE=vcr.vngcloud.vn/81-vks-public/go-runner:v2.3.1-go1.22.4-bookworm.0
 
 # We use Alpine as the source for default CA certificates and some output
 # images

Makefile

@@ -1,3 +1,13 @@
+push-base-repo:
+	docker pull golang:1.22.4
+	docker tag golang:1.22.4 vcr.vngcloud.vn/81-vks-public/golang:1.22.4
+	docker push vcr.vngcloud.vn/81-vks-public/golang:1.22.4
+	docker image rm golang:1.22.4 vcr.vngcloud.vn/81-vks-public/golang:1.22.4
+
+	docker pull registry.k8s.io/build-image/go-runner:v2.3.1-go1.22.4-bookworm.0
+	docker tag registry.k8s.io/build-image/go-runner:v2.3.1-go1.22.4-bookworm.0 vcr.vngcloud.vn/81-vks-public/go-runner:v2.3.1-go1.22.4-bookworm.0
+	docker push vcr.vngcloud.vn/81-vks-public/go-runner:v2.3.1-go1.22.4-bookworm.0
+	docker image rm registry.k8s.io/build-image/go-runner:v2.3.1-go1.22.4-bookworm.0 vcr.vngcloud.vn/81-vks-public/go-runner:v2.3.1-go1.22.4-bookworm.0
 # golang-client Makefile
 # Follows the interface defined in the Golang CTI proposed
 # in https://review.openstack.org/410355
@@ -32,7 +42,7 @@ TAR_FILE	?= rootfs.tar
 
 GOOS		?= $(shell go env GOOS)
 GOPROXY		?= $(shell go env GOPROXY)
-VERSION     ?= v0.2.0
+VERSION     ?= v0.2.1
 GOARCH		:=
 GOFLAGS		:=
 TAGS		:=
@@ -137,9 +147,11 @@ push-multiarch-image-%:
 		--platform $(shell echo $(addprefix linux/,$(ARCHS)) | sed 's/ /,/g') \
 		--target $* \
 		.
+
+	$(CONTAINER_ENGINE) image push $(REGISTRY)/$*:$(VERSION)
 
 # Push all multiarch images
-push-multiarch-images: $(addprefix push-multiarch-image-,$(IMAGE_NAMES))
+push-multiarch-images: clean build $(addprefix push-multiarch-image-,$(IMAGE_NAMES))
 
 version:
 	@echo ${VERSION}

go.sum

@@ -229,8 +229,6 @@ github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8
 github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 h1:6fotK7otjonDflCTK0BCfls4SPy3NcCVb5dqqmbRknE=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75/go.mod h1:KO6IkyS8Y3j8OdNO85qEYBsRPuteD+YciPomcXdrMnk=
-github.com/vngcloud/vngcloud-go-sdk v1.0.6 h1:AU7cNVUq0LZ2pNyKbr7+qfE+/+6U0GnbBvwGHRV+OYk=
-github.com/vngcloud/vngcloud-go-sdk v1.0.6/go.mod h1:3ZjgN6oq5o7sYrShj2dOPOBF3cqWk6IW+/0VVpJWYf4=
 github.com/vngcloud/vngcloud-go-sdk v1.0.14-0.20240521072621-df4ad46f8a9b h1:WUU4MuMeXakkmlD3Qlt0IanlNpxgTihTy1PrI9VWqDg=
 github.com/vngcloud/vngcloud-go-sdk v1.0.14-0.20240521072621-df4ad46f8a9b/go.mod h1:3ZjgN6oq5o7sYrShj2dOPOBF3cqWk6IW+/0VVpJWYf4=
 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2 h1:eY9dn8+vbi4tKz5Qo6v2eYzo7kUS51QINcR5jNpbZS8=

pkg/utils/generate.go

@@ -5,8 +5,6 @@ import (
 	"strings"
 	"unicode"
 
-	apiv1 "k8s.io/api/core/v1"
-
 	"github.com/vngcloud/cloud-provider-vngcloud/pkg/consts"
 	"k8s.io/klog/v2"
 )
@@ -25,15 +23,15 @@ func GenerateLBName(clusterID, namespace, resourceName, resourceType string) str
 		TrimString(namespace, 10),
 		TrimString(resourceName, 10),
 		hash)
-	return validateName(name)
+	return ValidateName(name)
 }
 
 func GeneratePolicyName(clusterID, namespace, resourceName, resourceType string, mode bool, ruleIndex, pathIndex int) string {
 	prefix := GenerateHashName(clusterID, namespace, resourceName, resourceType)
 	name := fmt.Sprintf("%s_%s_%t_r%d_p%d",
 		consts.DEFAULT_LB_PREFIX_NAME,
 		prefix, mode, ruleIndex, pathIndex)
-	return validateName(name)
+	return ValidateName(name)
 }
 
 func GeneratePoolName(clusterID, namespace, resourceName, resourceType, serviceName string, port int) string {
@@ -43,10 +41,10 @@ func GeneratePoolName(clusterID, namespace, resourceName, resourceType, serviceN
 		prefix,
 		TrimString(strings.ReplaceAll(serviceName, "/", "-"), 35),
 		port)
-	return validateName(name)
+	return ValidateName(name)
 }
 
-func validateName(newName string) string {
+func ValidateName(newName string) string {
 	for _, char := range newName {
 		if !unicode.IsLetter(char) && !unicode.IsDigit(char) && char != '-' && char != '.' {
 			newName = strings.ReplaceAll(newName, string(char), "-")
@@ -57,16 +55,3 @@ func validateName(newName string) string {
 	}
 	return TrimString(newName, consts.DEFAULT_PORTAL_NAME_LENGTH)
 }
-
-func GenListenerAndPoolName(clusterName string, pService *apiv1.Service, resourceType string, pPort apiv1.ServicePort) string {
-	hash := GenerateHashName(clusterName, pService.Namespace, pService.Name, resourceType)
-	name := fmt.Sprintf("%s_%s_%s_%s_%s_%s_%d",
-		consts.DEFAULT_LB_PREFIX_NAME,
-		TrimString(clusterName, 10),
-		TrimString(pService.Namespace, 10),
-		TrimString(pService.Name, 10),
-		hash,
-		pPort.Protocol,
-		pPort.Port)
-	return validateName(name)
-}

pkg/utils/utils.go

@@ -122,7 +122,7 @@ func ParsePoolAlgorithm(pOpt string) lPoolV2.CreateOptsAlgorithmOpt {
 	return lPoolV2.CreateOptsAlgorithmOptRoundRobin
 }
 
-func ParsePoolProtocol(pPoolProtocol apiv1.Protocol) lPoolV2.CreateOptsProtocolOpt {
+func ParsePoolProtocol(pPoolProtocol string) lPoolV2.CreateOptsProtocolOpt {
 	opt := lStr.TrimSpace(lStr.ToUpper(string(pPoolProtocol)))
 	switch opt {
 	case string(lPoolV2.CreateOptsProtocolOptProxy):

pkg/vngcloud/annotation.go

@@ -1,13 +1,13 @@
 package vngcloud
 
 import (
+	"fmt"
 	"github.com/vngcloud/cloud-provider-vngcloud/pkg/consts"
 	"github.com/vngcloud/cloud-provider-vngcloud/pkg/utils"
 	"github.com/vngcloud/vngcloud-go-sdk/vngcloud/services/loadbalancer/v2/listener"
 	"github.com/vngcloud/vngcloud-go-sdk/vngcloud/services/loadbalancer/v2/loadbalancer"
 	"github.com/vngcloud/vngcloud-go-sdk/vngcloud/services/loadbalancer/v2/pool"
 	apiv1 "k8s.io/api/core/v1"
-	lCoreV1 "k8s.io/api/core/v1"
 	"k8s.io/klog/v2"
 )
 
@@ -44,6 +44,7 @@ const (
 
 	// // Pool annotations
 	ServiceAnnotationPoolAlgorithm   = DEFAULT_K8S_SERVICE_ANNOTATION_PREFIX + "/pool-algorithm" // both annotation and cloud-config
+	ServiceAnnotationProxyProtocol   = DEFAULT_K8S_SERVICE_ANNOTATION_PREFIX + "/enable-proxy-protocol"
 	ServiceAnnotationHealthcheckPort = DEFAULT_K8S_SERVICE_ANNOTATION_PREFIX + "/healthcheck-port"
 	// ServiceAnnotationEnableStickySession = DEFAULT_K8S_SERVICE_ANNOTATION_PREFIX + "/enable-sticky-session"
 	// ServiceAnnotationEnableTLSEncryption = DEFAULT_K8S_SERVICE_ANNOTATION_PREFIX + "/enable-tls-encryption"
@@ -93,9 +94,10 @@ type ServiceConfig struct {
 	TargetNodeLabels           map[string]string
 	IsAutoCreateSecurityGroup  bool
 	SecurityGroups             []string
+	EnableProxyProtocol        []string
 }
 
-func NewServiceConfig(pService *lCoreV1.Service) *ServiceConfig {
+func NewServiceConfig(pService *apiv1.Service) *ServiceConfig {
 	opt := &ServiceConfig{
 		LoadBalancerID:             "",
 		LoadBalancerName:           "",
@@ -122,6 +124,7 @@ func NewServiceConfig(pService *lCoreV1.Service) *ServiceConfig {
 		TargetNodeLabels:           map[string]string{},
 		IsAutoCreateSecurityGroup:  false,
 		SecurityGroups:             []string{},
+		EnableProxyProtocol:        []string{},
 	}
 	if pService == nil {
 		return opt
@@ -248,6 +251,9 @@ func NewServiceConfig(pService *lCoreV1.Service) *ServiceConfig {
 	if port, ok := pService.Annotations[ServiceAnnotationHealthcheckPort]; ok {
 		opt.HealthcheckPort = utils.ParseIntAnnotation(port, ServiceAnnotationHealthcheckPort, opt.HealthcheckPort)
 	}
+	if proxy, ok := pService.Annotations[ServiceAnnotationProxyProtocol]; ok {
+		opt.EnableProxyProtocol = utils.ParseStringListAnnotation(proxy, ServiceAnnotationProxyProtocol)
+	}
 	return opt
 }
 
@@ -304,12 +310,55 @@ func (s *ServiceConfig) CreatePoolOptions(pPort apiv1.ServicePort) *pool.CreateO
 	}
 	opt := &pool.CreateOpts{
 		PoolName:      "",
-		PoolProtocol:  utils.ParsePoolProtocol(pPort.Protocol),
+		PoolProtocol:  utils.ParsePoolProtocol(s.MappingProtocol(pPort)),
 		Stickiness:    nil,
 		TLSEncryption: nil,
 		HealthMonitor: healthMonitor,
 		Algorithm:     s.PoolAlgorithm,
 		Members:       []*pool.Member{},
 	}
+	for _, name := range s.EnableProxyProtocol {
+		if name == pPort.Name && pPort.Protocol == apiv1.ProtocolTCP {
+			opt.PoolProtocol = pool.CreateOptsProtocolOptProxy
+			break
+		}
+	}
 	return opt
 }
+
+func (s *ServiceConfig) MappingProtocol(pPort apiv1.ServicePort) string {
+	for _, name := range s.EnableProxyProtocol {
+		if name == pPort.Name && pPort.Protocol == apiv1.ProtocolTCP {
+			return string(pool.CreateOptsProtocolOptProxy)
+		}
+	}
+	return string(pPort.Protocol)
+}
+
+func (s *ServiceConfig) GenListenerName(clusterName string, pService *apiv1.Service, resourceType string, pPort apiv1.ServicePort) string {
+	hash := utils.GenerateHashName(clusterName, pService.Namespace, pService.Name, resourceType)
+	name := fmt.Sprintf("%s_%s_%s_%s_%s_%s_%d",
+		consts.DEFAULT_LB_PREFIX_NAME,
+		utils.TrimString(clusterName, 10),
+		utils.TrimString(pService.Namespace, 10),
+		utils.TrimString(pService.Name, 10),
+		hash,
+		pPort.Protocol,
+		pPort.Port)
+	return utils.ValidateName(name)
+}
+
+func (s *ServiceConfig) GenPoolName(clusterName string, pService *apiv1.Service, resourceType string, pPort apiv1.ServicePort) string {
+	realProtocol := s.MappingProtocol(pPort)
+
+	hash := utils.GenerateHashName(clusterName, pService.Namespace, pService.Name, resourceType)
+	name := fmt.Sprintf("%s_%s_%s_%s_%s_%s_%d",
+		consts.DEFAULT_LB_PREFIX_NAME,
+		utils.TrimString(clusterName, 10),
+		utils.TrimString(pService.Namespace, 10),
+		utils.TrimString(pService.Name, 10),
+		hash,
+		realProtocol,
+		pPort.Port)
+	return utils.ValidateName(name)
+}

pkg/vngcloud/vlb.go

@@ -535,7 +535,8 @@ func (c *vLB) inspectService(pService *lCoreV1.Service) (*Expander, error) {
 
 	// Ensure pools and listener for this loadbalancer
 	for _, port := range pService.Spec.Ports {
-		poolName := utils.GenListenerAndPoolName(c.getClusterID(), pService, consts.RESOURCE_TYPE_SERVICE, port)
+		poolName := serviceConf.GenPoolName(c.getClusterID(), pService, consts.RESOURCE_TYPE_SERVICE, port)
+		listenerName := serviceConf.GenListenerName(c.getClusterID(), pService, consts.RESOURCE_TYPE_SERVICE, port)
 
 		monitorPort := int(port.NodePort)
 		if serviceConf.HealthcheckPort != 0 {
@@ -577,7 +578,7 @@ func (c *vLB) inspectService(pService *lCoreV1.Service) (*Expander, error) {
 		}
 
 		listenerOptions := serviceConf.CreateListenerOptions(port)
-		listenerOptions.ListenerName = poolName
+		listenerOptions.ListenerName = listenerName
 
 		ingressInspect.PoolExpander = append(ingressInspect.PoolExpander, &utils.PoolExpander{
 			UUID:       "",