From 08cdd1ddb71167086eda98153fdba4bb846d0a95 Mon Sep 17 00:00:00 2001 From: andrew Date: Mon, 10 Jun 2024 13:46:27 +0700 Subject: [PATCH 1/3] =?UTF-8?q?=F0=9F=8C=B1=20add=20annotation=20support?= =?UTF-8?q?=20enable=20proxy=20protocol?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pkg/utils/generate.go | 23 +++------------- pkg/utils/utils.go | 2 +- pkg/vngcloud/annotation.go | 55 +++++++++++++++++++++++++++++++++++--- pkg/vngcloud/vlb.go | 5 ++-- 4 files changed, 60 insertions(+), 25 deletions(-) diff --git a/pkg/utils/generate.go b/pkg/utils/generate.go index a6e7d5b..19ef189 100644 --- a/pkg/utils/generate.go +++ b/pkg/utils/generate.go @@ -5,8 +5,6 @@ import ( "strings" "unicode" - apiv1 "k8s.io/api/core/v1" - "github.com/vngcloud/cloud-provider-vngcloud/pkg/consts" "k8s.io/klog/v2" ) @@ -25,7 +23,7 @@ func GenerateLBName(clusterID, namespace, resourceName, resourceType string) str TrimString(namespace, 10), TrimString(resourceName, 10), hash) - return validateName(name) + return ValidateName(name) } func GeneratePolicyName(clusterID, namespace, resourceName, resourceType string, mode bool, ruleIndex, pathIndex int) string { @@ -33,7 +31,7 @@ func GeneratePolicyName(clusterID, namespace, resourceName, resourceType string, name := fmt.Sprintf("%s_%s_%t_r%d_p%d", consts.DEFAULT_LB_PREFIX_NAME, prefix, mode, ruleIndex, pathIndex) - return validateName(name) + return ValidateName(name) } func GeneratePoolName(clusterID, namespace, resourceName, resourceType, serviceName string, port int) string { @@ -43,10 +41,10 @@ func GeneratePoolName(clusterID, namespace, resourceName, resourceType, serviceN prefix, TrimString(strings.ReplaceAll(serviceName, "/", "-"), 35), port) - return validateName(name) + return ValidateName(name) } -func validateName(newName string) string { +func ValidateName(newName string) string { for _, char := range newName { if !unicode.IsLetter(char) && !unicode.IsDigit(char) && char != '-' && char != '.' { newName = strings.ReplaceAll(newName, string(char), "-") @@ -57,16 +55,3 @@ func validateName(newName string) string { } return TrimString(newName, consts.DEFAULT_PORTAL_NAME_LENGTH) } - -func GenListenerAndPoolName(clusterName string, pService *apiv1.Service, resourceType string, pPort apiv1.ServicePort) string { - hash := GenerateHashName(clusterName, pService.Namespace, pService.Name, resourceType) - name := fmt.Sprintf("%s_%s_%s_%s_%s_%s_%d", - consts.DEFAULT_LB_PREFIX_NAME, - TrimString(clusterName, 10), - TrimString(pService.Namespace, 10), - TrimString(pService.Name, 10), - hash, - pPort.Protocol, - pPort.Port) - return validateName(name) -} diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go index 14b1035..5d157e6 100644 --- a/pkg/utils/utils.go +++ b/pkg/utils/utils.go @@ -122,7 +122,7 @@ func ParsePoolAlgorithm(pOpt string) lPoolV2.CreateOptsAlgorithmOpt { return lPoolV2.CreateOptsAlgorithmOptRoundRobin } -func ParsePoolProtocol(pPoolProtocol apiv1.Protocol) lPoolV2.CreateOptsProtocolOpt { +func ParsePoolProtocol(pPoolProtocol string) lPoolV2.CreateOptsProtocolOpt { opt := lStr.TrimSpace(lStr.ToUpper(string(pPoolProtocol))) switch opt { case string(lPoolV2.CreateOptsProtocolOptProxy): diff --git a/pkg/vngcloud/annotation.go b/pkg/vngcloud/annotation.go index 2b8016a..8cd9595 100644 --- a/pkg/vngcloud/annotation.go +++ b/pkg/vngcloud/annotation.go @@ -1,13 +1,13 @@ package vngcloud import ( + "fmt" "github.com/vngcloud/cloud-provider-vngcloud/pkg/consts" "github.com/vngcloud/cloud-provider-vngcloud/pkg/utils" "github.com/vngcloud/vngcloud-go-sdk/vngcloud/services/loadbalancer/v2/listener" "github.com/vngcloud/vngcloud-go-sdk/vngcloud/services/loadbalancer/v2/loadbalancer" "github.com/vngcloud/vngcloud-go-sdk/vngcloud/services/loadbalancer/v2/pool" apiv1 "k8s.io/api/core/v1" - lCoreV1 "k8s.io/api/core/v1" "k8s.io/klog/v2" ) @@ -44,6 +44,7 @@ const ( // // Pool annotations ServiceAnnotationPoolAlgorithm = DEFAULT_K8S_SERVICE_ANNOTATION_PREFIX + "/pool-algorithm" // both annotation and cloud-config + ServiceAnnotationProxyProtocol = DEFAULT_K8S_SERVICE_ANNOTATION_PREFIX + "/enable-proxy-protocol" ServiceAnnotationHealthcheckPort = DEFAULT_K8S_SERVICE_ANNOTATION_PREFIX + "/healthcheck-port" // ServiceAnnotationEnableStickySession = DEFAULT_K8S_SERVICE_ANNOTATION_PREFIX + "/enable-sticky-session" // ServiceAnnotationEnableTLSEncryption = DEFAULT_K8S_SERVICE_ANNOTATION_PREFIX + "/enable-tls-encryption" @@ -93,9 +94,10 @@ type ServiceConfig struct { TargetNodeLabels map[string]string IsAutoCreateSecurityGroup bool SecurityGroups []string + EnableProxyProtocol []string } -func NewServiceConfig(pService *lCoreV1.Service) *ServiceConfig { +func NewServiceConfig(pService *apiv1.Service) *ServiceConfig { opt := &ServiceConfig{ LoadBalancerID: "", LoadBalancerName: "", @@ -122,6 +124,7 @@ func NewServiceConfig(pService *lCoreV1.Service) *ServiceConfig { TargetNodeLabels: map[string]string{}, IsAutoCreateSecurityGroup: false, SecurityGroups: []string{}, + EnableProxyProtocol: []string{}, } if pService == nil { return opt @@ -248,6 +251,9 @@ func NewServiceConfig(pService *lCoreV1.Service) *ServiceConfig { if port, ok := pService.Annotations[ServiceAnnotationHealthcheckPort]; ok { opt.HealthcheckPort = utils.ParseIntAnnotation(port, ServiceAnnotationHealthcheckPort, opt.HealthcheckPort) } + if proxy, ok := pService.Annotations[ServiceAnnotationProxyProtocol]; ok { + opt.EnableProxyProtocol = utils.ParseStringListAnnotation(proxy, ServiceAnnotationProxyProtocol) + } return opt } @@ -304,12 +310,55 @@ func (s *ServiceConfig) CreatePoolOptions(pPort apiv1.ServicePort) *pool.CreateO } opt := &pool.CreateOpts{ PoolName: "", - PoolProtocol: utils.ParsePoolProtocol(pPort.Protocol), + PoolProtocol: utils.ParsePoolProtocol(s.MappingProtocol(pPort)), Stickiness: nil, TLSEncryption: nil, HealthMonitor: healthMonitor, Algorithm: s.PoolAlgorithm, Members: []*pool.Member{}, } + for _, name := range s.EnableProxyProtocol { + if name == pPort.Name && pPort.Protocol == apiv1.ProtocolTCP { + opt.PoolProtocol = pool.CreateOptsProtocolOptProxy + break + } + } return opt } + +func (s *ServiceConfig) MappingProtocol(pPort apiv1.ServicePort) string { + for _, name := range s.EnableProxyProtocol { + if name == pPort.Name && pPort.Protocol == apiv1.ProtocolTCP { + return string(pool.CreateOptsProtocolOptProxy) + } + } + return string(pPort.Protocol) +} + +func (s *ServiceConfig) GenListenerName(clusterName string, pService *apiv1.Service, resourceType string, pPort apiv1.ServicePort) string { + hash := utils.GenerateHashName(clusterName, pService.Namespace, pService.Name, resourceType) + name := fmt.Sprintf("%s_%s_%s_%s_%s_%s_%d", + consts.DEFAULT_LB_PREFIX_NAME, + utils.TrimString(clusterName, 10), + utils.TrimString(pService.Namespace, 10), + utils.TrimString(pService.Name, 10), + hash, + pPort.Protocol, + pPort.Port) + return utils.ValidateName(name) +} + +func (s *ServiceConfig) GenPoolName(clusterName string, pService *apiv1.Service, resourceType string, pPort apiv1.ServicePort) string { + realProtocol := s.MappingProtocol(pPort) + + hash := utils.GenerateHashName(clusterName, pService.Namespace, pService.Name, resourceType) + name := fmt.Sprintf("%s_%s_%s_%s_%s_%s_%d", + consts.DEFAULT_LB_PREFIX_NAME, + utils.TrimString(clusterName, 10), + utils.TrimString(pService.Namespace, 10), + utils.TrimString(pService.Name, 10), + hash, + realProtocol, + pPort.Port) + return utils.ValidateName(name) +} diff --git a/pkg/vngcloud/vlb.go b/pkg/vngcloud/vlb.go index db8fb0f..e560b32 100644 --- a/pkg/vngcloud/vlb.go +++ b/pkg/vngcloud/vlb.go @@ -535,7 +535,8 @@ func (c *vLB) inspectService(pService *lCoreV1.Service) (*Expander, error) { // Ensure pools and listener for this loadbalancer for _, port := range pService.Spec.Ports { - poolName := utils.GenListenerAndPoolName(c.getClusterID(), pService, consts.RESOURCE_TYPE_SERVICE, port) + poolName := serviceConf.GenPoolName(c.getClusterID(), pService, consts.RESOURCE_TYPE_SERVICE, port) + listenerName := serviceConf.GenListenerName(c.getClusterID(), pService, consts.RESOURCE_TYPE_SERVICE, port) monitorPort := int(port.NodePort) if serviceConf.HealthcheckPort != 0 { @@ -577,7 +578,7 @@ func (c *vLB) inspectService(pService *lCoreV1.Service) (*Expander, error) { } listenerOptions := serviceConf.CreateListenerOptions(port) - listenerOptions.ListenerName = poolName + listenerOptions.ListenerName = listenerName ingressInspect.PoolExpander = append(ingressInspect.PoolExpander, &utils.PoolExpander{ UUID: "", From 1fdc884ee0496554f540a7d4903ef724cbb863f7 Mon Sep 17 00:00:00 2001 From: andrew Date: Mon, 10 Jun 2024 17:39:56 +0700 Subject: [PATCH 2/3] =?UTF-8?q?=F0=9F=9A=80=20release=200.2.1=20dev?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/ci-dev.yml | 2 +- .github/workflows/ci-main.yml | 2 +- Makefile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci-dev.yml b/.github/workflows/ci-dev.yml index 7a875fc..98b896f 100644 --- a/.github/workflows/ci-dev.yml +++ b/.github/workflows/ci-dev.yml @@ -5,7 +5,7 @@ on: branches: ["dev"] env: - VERSION: v0.2.0 + VERSION: v0.2.1 REPO: vcr.vngcloud.vn/60108-annd2-ingress jobs: diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml index eaaecb8..3308a93 100644 --- a/.github/workflows/ci-main.yml +++ b/.github/workflows/ci-main.yml @@ -5,7 +5,7 @@ on: branches: ["main"] env: - VERSION: v0.2.0 + VERSION: v0.2.1 REPO: vcr.vngcloud.vn/81-vks-public jobs: diff --git a/Makefile b/Makefile index ab838bd..fc889a9 100644 --- a/Makefile +++ b/Makefile @@ -32,7 +32,7 @@ TAR_FILE ?= rootfs.tar GOOS ?= $(shell go env GOOS) GOPROXY ?= $(shell go env GOPROXY) -VERSION ?= v0.2.0 +VERSION ?= v0.2.1 GOARCH := GOFLAGS := TAGS := From 3dfc54a58439b6d3d53407280301bbb980903927 Mon Sep 17 00:00:00 2001 From: andrew Date: Mon, 10 Jun 2024 19:19:41 +0700 Subject: [PATCH 3/3] =?UTF-8?q?=E2=9A=A1=20update=20go=20version=201.22.3-?= =?UTF-8?q?>1.22.4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/check-golangci-lint.yml | 2 +- .github/workflows/check-govulncheck.yml | 2 +- .github/workflows/check-readme-linter.yml | 2 +- Dockerfile | 4 ++-- Makefile | 14 +++++++++++++- go.sum | 2 -- 6 files changed, 18 insertions(+), 8 deletions(-) diff --git a/.github/workflows/check-golangci-lint.yml b/.github/workflows/check-golangci-lint.yml index ddfb3a4..2353fdf 100644 --- a/.github/workflows/check-golangci-lint.yml +++ b/.github/workflows/check-golangci-lint.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/setup-go@v5.0.0 with: - go-version: "1.22.3" + go-version: "1.22.4" - uses: actions/checkout@v4.1.1 - name: golangci-lint uses: golangci/golangci-lint-action@v4.0.0 diff --git a/.github/workflows/check-govulncheck.yml b/.github/workflows/check-govulncheck.yml index 0f982fa..eb48306 100644 --- a/.github/workflows/check-govulncheck.yml +++ b/.github/workflows/check-govulncheck.yml @@ -15,5 +15,5 @@ jobs: - name: Scan for Vulnerabilities in Code uses: golang/govulncheck-action@v1 with: - go-version-input: 1.22.3 + go-version-input: 1.22.4 go-package: ./... diff --git a/.github/workflows/check-readme-linter.yml b/.github/workflows/check-readme-linter.yml index c20bc12..6c2e7ab 100644 --- a/.github/workflows/check-readme-linter.yml +++ b/.github/workflows/check-readme-linter.yml @@ -11,7 +11,7 @@ jobs: steps: - uses: actions/setup-go@v5.0.0 with: - go-version: "1.22.3" + go-version: "1.22.4" - uses: actions/checkout@v4.1.1 with: fetch-depth: 0 diff --git a/Dockerfile b/Dockerfile index 3e896e9..eff8694 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,7 +14,7 @@ ## BUILD ARGS ## ################################################################################ # This build arg allows the specification of a custom Golang image. -ARG GOLANG_IMAGE=vcr.vngcloud.vn/81-vks-public/golang:1.22.3 +ARG GOLANG_IMAGE=vcr.vngcloud.vn/81-vks-public/golang:1.22.4 # The distroless image on which the CPI manager image is built. # @@ -22,7 +22,7 @@ ARG GOLANG_IMAGE=vcr.vngcloud.vn/81-vks-public/golang:1.22.3 # deterministic builds. Follow what kubernetes uses to build # kube-controller-manager, for example for 1.27.x: # https://github.com/kubernetes/kubernetes/blob/release-1.27/build/common.sh#L99 -ARG DISTROLESS_IMAGE=vcr.vngcloud.vn/81-vks-public/go-runner:v2.3.1-go1.22.3-bookworm.0 +ARG DISTROLESS_IMAGE=vcr.vngcloud.vn/81-vks-public/go-runner:v2.3.1-go1.22.4-bookworm.0 # We use Alpine as the source for default CA certificates and some output # images diff --git a/Makefile b/Makefile index fc889a9..99e3c87 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,13 @@ +push-base-repo: + docker pull golang:1.22.4 + docker tag golang:1.22.4 vcr.vngcloud.vn/81-vks-public/golang:1.22.4 + docker push vcr.vngcloud.vn/81-vks-public/golang:1.22.4 + docker image rm golang:1.22.4 vcr.vngcloud.vn/81-vks-public/golang:1.22.4 + + docker pull registry.k8s.io/build-image/go-runner:v2.3.1-go1.22.4-bookworm.0 + docker tag registry.k8s.io/build-image/go-runner:v2.3.1-go1.22.4-bookworm.0 vcr.vngcloud.vn/81-vks-public/go-runner:v2.3.1-go1.22.4-bookworm.0 + docker push vcr.vngcloud.vn/81-vks-public/go-runner:v2.3.1-go1.22.4-bookworm.0 + docker image rm registry.k8s.io/build-image/go-runner:v2.3.1-go1.22.4-bookworm.0 vcr.vngcloud.vn/81-vks-public/go-runner:v2.3.1-go1.22.4-bookworm.0 # golang-client Makefile # Follows the interface defined in the Golang CTI proposed # in https://review.openstack.org/410355 @@ -137,9 +147,11 @@ push-multiarch-image-%: --platform $(shell echo $(addprefix linux/,$(ARCHS)) | sed 's/ /,/g') \ --target $* \ . + + $(CONTAINER_ENGINE) image push $(REGISTRY)/$*:$(VERSION) # Push all multiarch images -push-multiarch-images: $(addprefix push-multiarch-image-,$(IMAGE_NAMES)) +push-multiarch-images: clean build $(addprefix push-multiarch-image-,$(IMAGE_NAMES)) version: @echo ${VERSION} diff --git a/go.sum b/go.sum index 9321d20..9583f2e 100755 --- a/go.sum +++ b/go.sum @@ -229,8 +229,6 @@ github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8 github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 h1:6fotK7otjonDflCTK0BCfls4SPy3NcCVb5dqqmbRknE= github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75/go.mod h1:KO6IkyS8Y3j8OdNO85qEYBsRPuteD+YciPomcXdrMnk= -github.com/vngcloud/vngcloud-go-sdk v1.0.6 h1:AU7cNVUq0LZ2pNyKbr7+qfE+/+6U0GnbBvwGHRV+OYk= -github.com/vngcloud/vngcloud-go-sdk v1.0.6/go.mod h1:3ZjgN6oq5o7sYrShj2dOPOBF3cqWk6IW+/0VVpJWYf4= github.com/vngcloud/vngcloud-go-sdk v1.0.14-0.20240521072621-df4ad46f8a9b h1:WUU4MuMeXakkmlD3Qlt0IanlNpxgTihTy1PrI9VWqDg= github.com/vngcloud/vngcloud-go-sdk v1.0.14-0.20240521072621-df4ad46f8a9b/go.mod h1:3ZjgN6oq5o7sYrShj2dOPOBF3cqWk6IW+/0VVpJWYf4= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2 h1:eY9dn8+vbi4tKz5Qo6v2eYzo7kUS51QINcR5jNpbZS8=