diff --git a/config/crds/istio_v1beta1_istio.yaml b/config/crds/istio_v1beta1_istio.yaml index 5990a1d1a..20ff5c533 100644 --- a/config/crds/istio_v1beta1_istio.yaml +++ b/config/crds/istio_v1beta1_istio.yaml @@ -64,15 +64,38 @@ spec: gateways: description: Gateways configuration options properties: - maxReplicas: - format: int32 - type: integer - minReplicas: - format: int32 - type: integer - replicaCount: - format: int32 - type: integer + egress: + properties: + maxReplicas: + format: int32 + type: integer + minReplicas: + format: int32 + type: integer + replicaCount: + format: int32 + type: integer + serviceAnnotations: + type: object + serviceLabels: + type: object + type: object + ingress: + properties: + maxReplicas: + format: int32 + type: integer + minReplicas: + format: int32 + type: integer + replicaCount: + format: int32 + type: integer + serviceAnnotations: + type: object + serviceLabels: + type: object + type: object type: object includeIPRanges: description: IncludeIPRanges the range where to capture egress traffic diff --git a/config/samples/istio_v1beta1_istio.yaml b/config/samples/istio_v1beta1_istio.yaml index a0cea6845..03cd51698 100644 --- a/config/samples/istio_v1beta1_istio.yaml +++ b/config/samples/istio_v1beta1_istio.yaml @@ -12,27 +12,34 @@ spec: - "default" controlPlaneSecurityEnabled: false pilot: - image: "istio/pilot:1.0.5" - replicaCount: 1 - minReplicas: 1 - maxReplicas: 5 + image: "istio/pilot:1.0.5" + replicaCount: 1 + minReplicas: 1 + maxReplicas: 5 citadel: - image: "istio/citadel:1.0.5" - replicaCount: 1 + image: "istio/citadel:1.0.5" + replicaCount: 1 galley: - image: "istio/galley:1.0.5" - replicaCount: 1 + image: "istio/galley:1.0.5" + replicaCount: 1 gateways: + ingress: replicaCount: 1 minReplicas: 1 maxReplicas: 5 - mixer: - image: "istio/mixer:1.0.5" + serviceAnnotations: {} + egress: replicaCount: 1 minReplicas: 1 maxReplicas: 5 + serviceAnnotations: {} + mixer: + image: "istio/mixer:1.0.5" + replicaCount: 1 + minReplicas: 1 + maxReplicas: 5 sidecarInjector: - image: "istio/sidecar_injector:1.0.5" - replicaCount: 1 + image: "istio/sidecar_injector:1.0.5" + replicaCount: 1 proxy: - image: "istio/proxyv2:1.0.5" + image: "istio/proxyv2:1.0.5" diff --git a/pkg/apis/istio/v1beta1/istio_types.go b/pkg/apis/istio/v1beta1/istio_types.go index f925b3825..b21f91fa9 100644 --- a/pkg/apis/istio/v1beta1/istio_types.go +++ b/pkg/apis/istio/v1beta1/istio_types.go @@ -70,14 +70,23 @@ func SetDefaults(config *Istio) { } // Gateways config - if config.Spec.Gateways.ReplicaCount == 0 { - config.Spec.Gateways.ReplicaCount = defaultReplicaCount + if config.Spec.Gateways.IngressConfig.ReplicaCount == 0 { + config.Spec.Gateways.IngressConfig.ReplicaCount = defaultReplicaCount } - if config.Spec.Gateways.MinReplicas == 0 { - config.Spec.Gateways.MinReplicas = defaultMinReplicas + if config.Spec.Gateways.IngressConfig.MinReplicas == 0 { + config.Spec.Gateways.IngressConfig.MinReplicas = defaultMinReplicas } - if config.Spec.Gateways.MaxReplicas == 0 { - config.Spec.Gateways.MaxReplicas = defaultMaxReplicas + if config.Spec.Gateways.IngressConfig.MaxReplicas == 0 { + config.Spec.Gateways.IngressConfig.MaxReplicas = defaultMaxReplicas + } + if config.Spec.Gateways.EgressConfig.ReplicaCount == 0 { + config.Spec.Gateways.EgressConfig.ReplicaCount = defaultReplicaCount + } + if config.Spec.Gateways.EgressConfig.MinReplicas == 0 { + config.Spec.Gateways.EgressConfig.MinReplicas = defaultMinReplicas + } + if config.Spec.Gateways.EgressConfig.MaxReplicas == 0 { + config.Spec.Gateways.EgressConfig.MaxReplicas = defaultMaxReplicas } // Mixer config @@ -130,9 +139,16 @@ type GalleyConfiguration struct { // GatewaysConfiguration defines config options for Gateways type GatewaysConfiguration struct { - ReplicaCount int32 `json:"replicaCount,omitempty"` - MinReplicas int32 `json:"minReplicas,omitempty"` - MaxReplicas int32 `json:"maxReplicas,omitempty"` + IngressConfig GatewayConfiguration `json:"ingress,omitempty"` + EgressConfig GatewayConfiguration `json:"egress,omitempty"` +} + +type GatewayConfiguration struct { + ReplicaCount int32 `json:"replicaCount,omitempty"` + MinReplicas int32 `json:"minReplicas,omitempty"` + MaxReplicas int32 `json:"maxReplicas,omitempty"` + ServiceAnnotations map[string]string `json:"serviceAnnotations,omitempty"` + ServiceLabels map[string]string `json:"serviceLabels,omitempty"` } // MixerConfiguration defines config options for Mixer diff --git a/pkg/apis/istio/v1beta1/zz_generated.deepcopy.go b/pkg/apis/istio/v1beta1/zz_generated.deepcopy.go index 9ed4cf512..72d1fc43b 100644 --- a/pkg/apis/istio/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/istio/v1beta1/zz_generated.deepcopy.go @@ -55,9 +55,41 @@ func (in *GalleyConfiguration) DeepCopy() *GalleyConfiguration { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayConfiguration) DeepCopyInto(out *GatewayConfiguration) { + *out = *in + if in.ServiceAnnotations != nil { + in, out := &in.ServiceAnnotations, &out.ServiceAnnotations + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.ServiceLabels != nil { + in, out := &in.ServiceLabels, &out.ServiceLabels + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayConfiguration. +func (in *GatewayConfiguration) DeepCopy() *GatewayConfiguration { + if in == nil { + return nil + } + out := new(GatewayConfiguration) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GatewaysConfiguration) DeepCopyInto(out *GatewaysConfiguration) { *out = *in + in.IngressConfig.DeepCopyInto(&out.IngressConfig) + in.EgressConfig.DeepCopyInto(&out.EgressConfig) return } @@ -164,7 +196,7 @@ func (in *IstioSpec) DeepCopyInto(out *IstioSpec) { out.Pilot = in.Pilot out.Citadel = in.Citadel out.Galley = in.Galley - out.Gateways = in.Gateways + in.Gateways.DeepCopyInto(&out.Gateways) out.Mixer = in.Mixer out.SidecarInjector = in.SidecarInjector out.Proxy = in.Proxy diff --git a/pkg/controller/remoteistio/remoteistio_controller.go b/pkg/controller/remoteistio/remoteistio_controller.go index f04426798..1ed82be85 100644 --- a/pkg/controller/remoteistio/remoteistio_controller.go +++ b/pkg/controller/remoteistio/remoteistio_controller.go @@ -20,8 +20,6 @@ import ( "context" "reflect" - "github.com/banzaicloud/istio-operator/pkg/util" - "github.com/goph/emperror" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" @@ -41,6 +39,7 @@ import ( istiov1beta1 "github.com/banzaicloud/istio-operator/pkg/apis/istio/v1beta1" operatorv1beta1 "github.com/banzaicloud/istio-operator/pkg/apis/istio/v1beta1" "github.com/banzaicloud/istio-operator/pkg/remoteclusters" + "github.com/banzaicloud/istio-operator/pkg/util" ) const finalizerID = "remote-istio-operator.finializer.banzaicloud.io" diff --git a/pkg/resources/gateways/deployment.go b/pkg/resources/gateways/deployment.go index dc2730d0d..fbadeeed8 100644 --- a/pkg/resources/gateways/deployment.go +++ b/pkg/resources/gateways/deployment.go @@ -19,19 +19,21 @@ package gateways import ( "fmt" - "github.com/banzaicloud/istio-operator/pkg/resources/templates" - "github.com/banzaicloud/istio-operator/pkg/util" appsv1 "k8s.io/api/apps/v1" apiv1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" + + "github.com/banzaicloud/istio-operator/pkg/resources/templates" + "github.com/banzaicloud/istio-operator/pkg/util" ) func (r *Reconciler) deployment(gw string) runtime.Object { + gwConfig := r.getGatewayConfig(gw) return &appsv1.Deployment{ ObjectMeta: templates.ObjectMeta(gatewayName(gw), labelSelector(gw), r.Config), Spec: appsv1.DeploymentSpec{ - Replicas: util.IntPointer(r.Config.Spec.Gateways.ReplicaCount), + Replicas: util.IntPointer(gwConfig.ReplicaCount), Selector: &metav1.LabelSelector{ MatchLabels: labelSelector(gw), }, @@ -135,7 +137,7 @@ func (r *Reconciler) deployment(gw string) runtime.Object { func (r *Reconciler) ports(gw string) []apiv1.ContainerPort { switch gw { - case "ingressgateway": + case ingress: return []apiv1.ContainerPort{ {ContainerPort: 80, Protocol: apiv1.ProtocolTCP}, {ContainerPort: 443, Protocol: apiv1.ProtocolTCP}, @@ -147,7 +149,7 @@ func (r *Reconciler) ports(gw string) []apiv1.ContainerPort { {ContainerPort: 15031, Protocol: apiv1.ProtocolTCP}, {ContainerPort: 15090, Protocol: apiv1.ProtocolTCP, Name: "http-envoy-prom"}, } - case "egressgateway": + case egress: return []apiv1.ContainerPort{ {ContainerPort: 80, Protocol: apiv1.ProtocolTCP}, {ContainerPort: 443, Protocol: apiv1.ProtocolTCP}, diff --git a/pkg/resources/gateways/gateways.go b/pkg/resources/gateways/gateways.go index 65fca672c..102c4e6cf 100644 --- a/pkg/resources/gateways/gateways.go +++ b/pkg/resources/gateways/gateways.go @@ -30,6 +30,8 @@ import ( const ( componentName = "gateways" + ingress = "ingressgateway" + egress = "egressgateway" ) type Reconciler struct { @@ -58,7 +60,7 @@ func (r *Reconciler) Reconcile(log logr.Logger) error { r.service, r.horizontalPodAutoscaler, } - for _, res := range append(resources.ResolveVariations("ingressgateway", rsv), resources.ResolveVariations("egressgateway", rsv)...) { + for _, res := range append(resources.ResolveVariations(ingress, rsv), resources.ResolveVariations(egress, rsv)...) { o := res() err := k8sutil.Reconcile(log, r.Client, o) if err != nil { @@ -71,6 +73,16 @@ func (r *Reconciler) Reconcile(log logr.Logger) error { return nil } +func (r *Reconciler) getGatewayConfig(gw string) *istiov1beta1.GatewayConfiguration { + switch gw { + case ingress: + return &r.Config.Spec.Gateways.IngressConfig + case egress: + return &r.Config.Spec.Gateways.EgressConfig + } + return nil +} + func serviceAccountName(gw string) string { return fmt.Sprintf("istio-%s-service-account", gw) } diff --git a/pkg/resources/gateways/hpa.go b/pkg/resources/gateways/hpa.go index 6854f6918..6d6bea616 100644 --- a/pkg/resources/gateways/hpa.go +++ b/pkg/resources/gateways/hpa.go @@ -24,11 +24,12 @@ import ( ) func (r *Reconciler) horizontalPodAutoscaler(gw string) runtime.Object { + gwConfig := r.getGatewayConfig(gw) return &autoscalev2beta1.HorizontalPodAutoscaler{ ObjectMeta: templates.ObjectMeta(hpaName(gw), nil, r.Config), Spec: autoscalev2beta1.HorizontalPodAutoscalerSpec{ - MaxReplicas: r.Config.Spec.Gateways.MaxReplicas, - MinReplicas: util.IntPointer(r.Config.Spec.Gateways.MinReplicas), + MaxReplicas: gwConfig.MaxReplicas, + MinReplicas: util.IntPointer(gwConfig.MinReplicas), ScaleTargetRef: autoscalev2beta1.CrossVersionObjectReference{ Name: gatewayName(gw), Kind: "Deployment", diff --git a/pkg/resources/gateways/service.go b/pkg/resources/gateways/service.go index f79bb1b3b..17173f694 100644 --- a/pkg/resources/gateways/service.go +++ b/pkg/resources/gateways/service.go @@ -18,14 +18,16 @@ package gateways import ( "github.com/banzaicloud/istio-operator/pkg/resources/templates" + "github.com/banzaicloud/istio-operator/pkg/util" apiv1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/intstr" ) func (r *Reconciler) service(gw string) runtime.Object { + gwConfig := r.getGatewayConfig(gw) return &apiv1.Service{ - ObjectMeta: templates.ObjectMeta(gatewayName(gw), labelSelector(gw), r.Config), + ObjectMeta: templates.ObjectMetaWithAnnotations(gatewayName(gw), util.MergeLabels(labelSelector(gw), gwConfig.ServiceLabels), gwConfig.ServiceAnnotations, r.Config), Spec: apiv1.ServiceSpec{ Type: serviceType(gw), Ports: servicePorts(gw), @@ -36,7 +38,7 @@ func (r *Reconciler) service(gw string) runtime.Object { func servicePorts(gw string) []apiv1.ServicePort { switch gw { - case "ingressgateway": + case ingress: return []apiv1.ServicePort{ {Port: 80, Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(80), Name: "http2", NodePort: 31380}, {Port: 443, Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(443), Name: "https", NodePort: 31390}, @@ -47,7 +49,7 @@ func servicePorts(gw string) []apiv1.ServicePort { {Port: 15030, Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(15030), Name: "http2-prometheus", NodePort: 31440}, {Port: 15031, Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(15031), Name: "http2-grafana", NodePort: 31450}, } - case "egressgateway": + case egress: return []apiv1.ServicePort{ {Port: 80, Name: "http2", Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(80)}, {Port: 443, Name: "https", Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(443)}, @@ -58,9 +60,9 @@ func servicePorts(gw string) []apiv1.ServicePort { func serviceType(gw string) apiv1.ServiceType { switch gw { - case "ingressgateway": + case ingress: return apiv1.ServiceTypeLoadBalancer - case "egressgateway": + case egress: return apiv1.ServiceTypeClusterIP } return "" diff --git a/pkg/resources/templates/templates.go b/pkg/resources/templates/templates.go index b22277a22..32e4a9432 100644 --- a/pkg/resources/templates/templates.go +++ b/pkg/resources/templates/templates.go @@ -22,7 +22,7 @@ import ( ) func ObjectMeta(name string, labels map[string]string, config *istiov1beta1.Istio) metav1.ObjectMeta { - o := metav1.ObjectMeta{ + return metav1.ObjectMeta{ Name: name, Namespace: config.Namespace, Labels: labels, @@ -35,11 +35,16 @@ func ObjectMeta(name string, labels map[string]string, config *istiov1beta1.Isti }, }, } +} + +func ObjectMetaWithAnnotations(name string, labels map[string]string, annotations map[string]string, config *istiov1beta1.Istio) metav1.ObjectMeta { + o := ObjectMeta(name, labels, config) + o.Annotations = annotations return o } func ObjectMetaClusterScope(name string, labels map[string]string, config *istiov1beta1.Istio) metav1.ObjectMeta { - o := metav1.ObjectMeta{ + return metav1.ObjectMeta{ Name: name, Labels: labels, OwnerReferences: []metav1.OwnerReference{ @@ -51,7 +56,6 @@ func ObjectMetaClusterScope(name string, labels map[string]string, config *istio }, }, } - return o } func ControlPlaneAuthPolicy(enabled bool) string {