diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..1540001 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1 @@ +# Please see the [official documentation](https://docs.kubermatic.com/kubelb/latest/release-notes) for the changelogs diff --git a/Makefile b/Makefile index e164ea3..79ba53c 100644 --- a/Makefile +++ b/Makefile @@ -10,6 +10,12 @@ ENVTEST_K8S_VERSION = 1.30.0 KUSTOMIZE_VERSION ?= v5.4.3 CONTROLLER_TOOLS_VERSION ?= v0.15.0 GO_VERSION = 1.22.6 +HELM_DOCS_VERSION ?= v1.14.2 +CRD_REF_DOCS_VERSION ?= v0.1.0 + +GATEWAY_RELEASE_CHANNEL ?= stable +GATEWAY_API_VERSION ?= $(shell go list -m -f '{{.Version}}' sigs.k8s.io/gateway-api) +GATEWAY_RELEASE_URL ?= https://github.com/kubernetes-sigs/gateway-api/releases/download/${GATEWAY_API_VERSION}/${GATEWAY_RELEASE_CHANNEL}-install.yaml export GOPATH?=$(shell go env GOPATH) export CGO_ENABLED=0 @@ -218,11 +224,12 @@ shfmt: shfmt -w -sr -i 2 hack HELM_DOCS ?= $(LOCALBIN)/helm-docs +CRD_REF_DOCS ?= $(LOCALBIN)/crd-ref-docs .PHONY: helm-docs helm-docs: $(HELM_DOCS) ## Download helm-docs locally if necessary. $(HELM_DOCS): $(LOCALBIN) - test -s $(LOCALBIN)/helm-docs || GOBIN=$(LOCALBIN) go install github.com/norwoodj/helm-docs/cmd/helm-docs@v1.14.2 + test -s $(LOCALBIN)/helm-docs || GOBIN=$(LOCALBIN) go install github.com/norwoodj/helm-docs/cmd/helm-docs@$(HELM_DOCS_VERSION) helm-lint: helm lint charts/* @@ -238,4 +245,23 @@ bump-chart: .PHONY: release-charts helm-docs generate-helm-docs release-charts: helm-lint generate-helm-docs bump-chart - CHART_VERSION=$(IMAGE_TAG) ./hack/release-helm-charts.sh \ No newline at end of file + CHART_VERSION=$(IMAGE_TAG) ./hack/release-helm-charts.sh + +.PHONY: crd-ref-docs +crd-ref-docs: $(CRD_REF_DOCS) ## Download crd-ref-docs locally if necessary. +$(CRD_REF_DOCS): $(LOCALBIN) + test -s $(LOCALBIN)/crd-ref-docs || GOBIN=$(LOCALBIN) go install github.com/elastic/crd-ref-docs@$(CRD_REF_DOCS_VERSION) + +generate-crd-docs: crd-ref-docs ## Generate API reference documentation. + $(LOCALBIN)/crd-ref-docs --renderer=markdown \ + --source-path ./api/kubelb.k8c.io \ + --config=./hack/crd-ref-docs.yaml \ + --output-path ./docs/api-reference.md + +.PHONY: gateway-crds-copy +gateway-crds-copy: + curl -sLo $(LOCALBIN)/gatewayapi-crds.yaml ${GATEWAY_RELEASE_URL} + # echo '{{- if .Values.gatewayAPICRDs -}}' > charts/kubelb-manager/crds/gatewayapi.yaml + # cat $(LOCALBIN)/gatewayapi-crds.yaml >> charts/kubelb-manager/crds/gatewayapi.yaml + # echo '{{- end }}' >> charts/kubelb-manager/crds/gatewayapi.yaml + mv $(LOCALBIN)/gatewayapi-crds.yaml charts/kubelb-ccm/crds/gatewayapi.yaml \ No newline at end of file diff --git a/charts/kubelb-ccm/Chart.yaml b/charts/kubelb-ccm/Chart.yaml index f29e72e..bad15ec 100644 --- a/charts/kubelb-ccm/Chart.yaml +++ b/charts/kubelb-ccm/Chart.yaml @@ -6,8 +6,9 @@ type: application maintainers: - name: Kubermatic email: support@kubermatic.com + url: https://kubermatic.com # Helm chart Version. -version: v1.0.0 +version: v1.1.0 # Application version to be deployed. -appVersion: v1.0.0 +appVersion: v1.1.0 diff --git a/charts/kubelb-ccm/LICENSE b/charts/kubelb-ccm/LICENSE new file mode 100644 index 0000000..84e6db4 --- /dev/null +++ b/charts/kubelb-ccm/LICENSE @@ -0,0 +1,176 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS \ No newline at end of file diff --git a/charts/kubelb-ccm/README.md b/charts/kubelb-ccm/README.md index 239f46f..824b187 100644 --- a/charts/kubelb-ccm/README.md +++ b/charts/kubelb-ccm/README.md @@ -2,7 +2,7 @@ Helm chart for KubeLB CCM. This is used to deploy the KubeLB CCM to a Kubernetes cluster. The CCM is responsible for propagating the load balancer configurations to the management cluster. -![Version: v1.0.0](https://img.shields.io/badge/Version-v1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.0.0](https://img.shields.io/badge/AppVersion-v1.0.0-informational?style=flat-square) +![Version: v1.1.0](https://img.shields.io/badge/Version-v1.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.1.0](https://img.shields.io/badge/AppVersion-v1.1.0-informational?style=flat-square) ## Installing the chart @@ -25,7 +25,7 @@ kubelb: Now, we can install the helm chart: ```sh -helm pull oci://quay.io/kubermatic/helm-charts/kubelb-ccm --version=v1.0.0 --untardir "kubelb-ccm" --untar +helm pull oci://quay.io/kubermatic/helm-charts/kubelb-ccm --version=v1.1.0 --untardir "kubelb-ccm" --untar ## Create and update values.yaml with the required values. helm install kubelb-ccm kubelb-ccm --namespace kubelb -f values.yaml --create-namespace ``` @@ -45,7 +45,7 @@ helm install kubelb-ccm kubelb-ccm --namespace kubelb -f values.yaml --create-na | fullnameOverride | string | `""` | | | image.pullPolicy | string | `"IfNotPresent"` | | | image.repository | string | `"quay.io/kubermatic/kubelb-ccm"` | | -| image.tag | string | `"v1.0.0"` | | +| image.tag | string | `"v1.1.0"` | | | imagePullSecrets | list | `[]` | | | kubelb.clusterSecretName | string | `"kubelb-cluster"` | Name of the secret that contains kubeconfig for the loadbalancer cluster | | kubelb.disableGRPCRouteController | bool | `false` | disableGRPCRouteController specifies whether to disable the GRPCRoute Controller. | @@ -55,7 +55,7 @@ helm install kubelb-ccm kubelb-ccm --namespace kubelb -f values.yaml --create-na | kubelb.disableIngressController | bool | `false` | disableIngressController specifies whether to disable the Ingress Controller. | | kubelb.enableLeaderElection | bool | `true` | Enable the leader election. | | kubelb.enableSecretSynchronizer | bool | `false` | Enable to automatically convert Secrets labelled with `kubelb.k8c.io/managed-by: kubelb` to Sync Secrets. This is used to sync secrets from tenants to the LB cluster in a controlled and secure way. | -| kubelb.nodeAddressType | string | `"ExternalIP"` | | +| kubelb.nodeAddressType | string | `"ExternalIP"` | Address type to use for routing traffic to node ports. Values are ExternalIP, InternalIP. | | kubelb.tenantName | string | `nil` | Name of the tenant, must be unique against a load balancer cluster. | | kubelb.useGatewayClass | bool | `true` | useGatewayClass specifies whether to target resources with `kubelb` gateway class or all resources. | | kubelb.useIngressClass | bool | `true` | useIngressClass specifies whether to target resources with `kubelb` ingress class or all resources. | @@ -86,3 +86,9 @@ helm install kubelb-ccm kubelb-ccm --namespace kubelb -f values.yaml --create-na | serviceAccount.name | string | `""` | | | serviceMonitor.enabled | bool | `false` | | | tolerations | list | `[]` | | + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| Kubermatic | | | \ No newline at end of file diff --git a/charts/kubelb-ccm/README.md.gotmpl b/charts/kubelb-ccm/README.md.gotmpl index 2c9fc16..cf74bc7 100644 --- a/charts/kubelb-ccm/README.md.gotmpl +++ b/charts/kubelb-ccm/README.md.gotmpl @@ -25,7 +25,7 @@ kubelb: Now, we can install the helm chart: ```sh -helm pull oci://quay.io/kubermatic/helm-charts/kubelb-ccm --version=v1.0.0 --untardir "kubelb-ccm" --untar +helm pull oci://quay.io/kubermatic/helm-charts/kubelb-ccm --version={{ template "chart.version" . }} --untardir "kubelb-ccm" --untar ## Create and update values.yaml with the required values. helm install kubelb-ccm kubelb-ccm --namespace kubelb -f values.yaml --create-namespace ``` @@ -33,3 +33,5 @@ helm install kubelb-ccm kubelb-ccm --namespace kubelb -f values.yaml --create-na {{ template "chart.requirementsSection" . }} {{ template "chart.valuesSection" . }} + +{{ template "chart.maintainersSection" . }} \ No newline at end of file diff --git a/charts/kubelb-ccm/templates/deployment.yaml b/charts/kubelb-ccm/templates/deployment.yaml index 2aff422..46b6db9 100644 --- a/charts/kubelb-ccm/templates/deployment.yaml +++ b/charts/kubelb-ccm/templates/deployment.yaml @@ -38,7 +38,7 @@ spec: imagePullPolicy: {{ .Values.image.pullPolicy }} args: - --enable-leader-election={{ .Values.kubelb.enableLeaderElection }} - - --node-address-type={{ default "InternalIP" .Values.kubelb.nodeAddressType }} + - --node-address-type={{ default "ExternalIP" .Values.kubelb.nodeAddressType }} - --use-loadbalancer-class={{ default false .Values.kubelb.useLoadBalancerClass }} {{ if not .Values.kubelb.useGatewayClass -}} - --use-gateway-class=false diff --git a/charts/kubelb-ccm/templates/tests/test-connection.yaml b/charts/kubelb-ccm/templates/tests/test-connection.yaml index b292e62..f469535 100644 --- a/charts/kubelb-ccm/templates/tests/test-connection.yaml +++ b/charts/kubelb-ccm/templates/tests/test-connection.yaml @@ -9,7 +9,7 @@ metadata: spec: containers: - name: wget - image: busybox + image: busybox:1.35.0 command: ['wget'] args: ['{{ include "kubelb-ccm.fullname" . }}:{{ .Values.service.port }}'] restartPolicy: Never diff --git a/charts/kubelb-ccm/values.yaml b/charts/kubelb-ccm/values.yaml index 1a06691..31f6d39 100644 --- a/charts/kubelb-ccm/values.yaml +++ b/charts/kubelb-ccm/values.yaml @@ -3,7 +3,7 @@ replicaCount: 1 image: repository: quay.io/kubermatic/kubelb-ccm pullPolicy: IfNotPresent - tag: v1.0.0 + tag: v1.1.0 imagePullSecrets: [] kubelb: @@ -14,7 +14,7 @@ kubelb: clusterSecretName: kubelb-cluster # Important configurations. - # Address type to use for routing traffic to node ports. Values are ExternalIP, InternalIP. + # -- Address type to use for routing traffic to node ports. Values are ExternalIP, InternalIP. nodeAddressType: ExternalIP # -- useLoadBalancerClass specifies whether to target services of type LoadBalancer with `kubelb` load balancer class or all services of type LoadBalancer. useLoadBalancerClass: false @@ -38,6 +38,18 @@ kubelb: # -- disableGRPCRouteController specifies whether to disable the GRPCRoute Controller. disableGRPCRouteController: false +resources: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + +################################################################################# +# Further configurations for the KubeLB Manager. +################################################################################# + extraVolumes: [] extraVolumeMounts: [] @@ -79,13 +91,6 @@ service: port: 8443 protocol: TCP -resources: - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 100m - memory: 128Mi autoscaling: enabled: false minReplicas: 1 diff --git a/charts/kubelb-manager/Chart.yaml b/charts/kubelb-manager/Chart.yaml index 66c9b2e..af3e958 100644 --- a/charts/kubelb-manager/Chart.yaml +++ b/charts/kubelb-manager/Chart.yaml @@ -6,8 +6,9 @@ type: application maintainers: - name: Kubermatic email: support@kubermatic.com + url: https://kubermatic.com # Helm chart Version. -version: v1.0.0 +version: v1.1.0 # Application version to be deployed. -appVersion: v1.0.0 +appVersion: v1.1.0 diff --git a/charts/kubelb-manager/LICENSE b/charts/kubelb-manager/LICENSE new file mode 100644 index 0000000..84e6db4 --- /dev/null +++ b/charts/kubelb-manager/LICENSE @@ -0,0 +1,176 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS \ No newline at end of file diff --git a/charts/kubelb-manager/README.md b/charts/kubelb-manager/README.md index 02842df..c753f89 100644 --- a/charts/kubelb-manager/README.md +++ b/charts/kubelb-manager/README.md @@ -2,7 +2,7 @@ Helm chart for KubeLB Manager. This is used to deploy the KubeLB CCM to a Kubernetes cluster. The CCM is responsible for propagating the load balancer configurations to the management cluster. -![Version: v1.0.0](https://img.shields.io/badge/Version-v1.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.0.0](https://img.shields.io/badge/AppVersion-v1.0.0-informational?style=flat-square) +![Version: v1.1.0](https://img.shields.io/badge/Version-v1.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.1.0](https://img.shields.io/badge/AppVersion-v1.1.0-informational?style=flat-square) ## Installing the chart @@ -15,7 +15,7 @@ Helm chart for KubeLB Manager. This is used to deploy the KubeLB CCM to a Kubern Now, we can install the helm chart: ```sh -helm pull oci://quay.io/kubermatic/helm-charts/kubelb-manager --version=v1.0.0 --untardir "kubelb-manager" --untar +helm pull oci://quay.io/kubermatic/helm-charts/kubelb-manager --version=v1.1.0 --untardir "kubelb-manager" --untar ## Create and update values.yaml with the required values. helm install kubelb-manager kubelb-manager --namespace kubelb -f values.yaml --create-namespace ``` @@ -33,10 +33,12 @@ helm install kubelb-manager kubelb-manager --namespace kubelb -f values.yaml --c | fullnameOverride | string | `""` | | | image.pullPolicy | string | `"IfNotPresent"` | | | image.repository | string | `"quay.io/kubermatic/kubelb-manager"` | | -| image.tag | string | `"v1.0.0"` | | +| image.tag | string | `"v1.1.0"` | | | imagePullSecrets | list | `[]` | | | kubelb.debug | bool | `true` | | +| kubelb.disableGatewayAPI | bool | `false` | disableGatewayAPI specifies whether to disable the Gateway API and Gateway Controllers. | | kubelb.enableLeaderElection | bool | `true` | | +| kubelb.enableTenantMigration | bool | `true` | | | kubelb.envoyProxy.affinity | object | `{}` | | | kubelb.envoyProxy.nodeSelector | object | `{}` | | | kubelb.envoyProxy.replicas | int | `3` | The number of replicas for the Envoy Proxy deployment. | @@ -74,3 +76,9 @@ helm install kubelb-manager kubelb-manager --namespace kubelb -f values.yaml --c | serviceAccount.name | string | `""` | | | serviceMonitor.enabled | bool | `false` | | | tolerations | list | `[]` | | + +## Maintainers + +| Name | Email | Url | +| ---- | ------ | --- | +| Kubermatic | | | \ No newline at end of file diff --git a/charts/kubelb-manager/README.md.gotmpl b/charts/kubelb-manager/README.md.gotmpl index 4cef620..48584ee 100644 --- a/charts/kubelb-manager/README.md.gotmpl +++ b/charts/kubelb-manager/README.md.gotmpl @@ -15,7 +15,7 @@ Helm chart for KubeLB Manager. This is used to deploy the KubeLB CCM to a Kubern Now, we can install the helm chart: ```sh -helm pull oci://quay.io/kubermatic/helm-charts/kubelb-manager --version=v1.0.0 --untardir "kubelb-manager" --untar +helm pull oci://quay.io/kubermatic/helm-charts/kubelb-manager --version={{ template "chart.version" . }} --untardir "kubelb-manager" --untar ## Create and update values.yaml with the required values. helm install kubelb-manager kubelb-manager --namespace kubelb -f values.yaml --create-namespace ``` @@ -23,3 +23,5 @@ helm install kubelb-manager kubelb-manager --namespace kubelb -f values.yaml --c {{ template "chart.requirementsSection" . }} {{ template "chart.valuesSection" . }} + +{{ template "chart.maintainersSection" . }} \ No newline at end of file diff --git a/charts/kubelb-manager/templates/clusterrole.yaml b/charts/kubelb-manager/templates/clusterrole.yaml index 3539093..8904839 100644 --- a/charts/kubelb-manager/templates/clusterrole.yaml +++ b/charts/kubelb-manager/templates/clusterrole.yaml @@ -21,6 +21,14 @@ rules: - patch - update - watch +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch - apiGroups: - apps resources: diff --git a/charts/kubelb-manager/templates/deployment.yaml b/charts/kubelb-manager/templates/deployment.yaml index 29a8336..9498e0f 100644 --- a/charts/kubelb-manager/templates/deployment.yaml +++ b/charts/kubelb-manager/templates/deployment.yaml @@ -38,6 +38,12 @@ spec: imagePullPolicy: {{ .Values.image.pullPolicy }} args: - --enable-leader-election={{ .Values.kubelb.enableLeaderElection }} + {{ if .Values.kubelb.disableGatewayAPI -}} + - --disable-gateway-api=true + {{ end -}} + {{ if .Values.kubelb.enableTenantMigration -}} + - --enable-tenant-migration=true + {{ end -}} - --debug={{ .Values.kubelb.debug }} env: - name: NAMESPACE diff --git a/charts/kubelb-manager/templates/tests/test-connection.yaml b/charts/kubelb-manager/templates/tests/test-connection.yaml index ea3d62d..54cadc3 100644 --- a/charts/kubelb-manager/templates/tests/test-connection.yaml +++ b/charts/kubelb-manager/templates/tests/test-connection.yaml @@ -9,7 +9,7 @@ metadata: spec: containers: - name: wget - image: busybox + image: busybox:1.35.0 command: ['wget'] args: ['{{ include "kubelb-manager.fullname" . }}:{{ .Values.service.port }}'] restartPolicy: Never diff --git a/charts/kubelb-manager/values.yaml b/charts/kubelb-manager/values.yaml index b40edd0..1e93738 100644 --- a/charts/kubelb-manager/values.yaml +++ b/charts/kubelb-manager/values.yaml @@ -3,14 +3,19 @@ replicaCount: 1 image: repository: quay.io/kubermatic/kubelb-manager pullPolicy: IfNotPresent - tag: v1.0.0 + tag: v1.1.0 imagePullSecrets: [] kubelb: enableLeaderElection: true debug: true + ## -- Migrate Tenant namespace to Tenant CRDs + enableTenantMigration: true # -- Set to true to skip the generation of the Config CR. Useful when the config CR needs to be managed manually. skipConfigGeneration: false + # -- disableGatewayAPI specifies whether to disable the Gateway API and Gateway Controllers. + disableGatewayAPI: false + envoyProxy: # -- Topology defines the deployment topology for Envoy Proxy. Valid values are: shared and global. topology: shared @@ -29,6 +34,10 @@ kubelb: # -- Propagate all annotations from the LB resource to the LB service. propagateAllAnnotations: false +################################################################################# +# Further configurations for the KubeLB Manager. +################################################################################# + nameOverride: "" fullnameOverride: "" podAnnotations: {} diff --git a/config/deploy/ccm/kustomization.yaml b/config/deploy/ccm/kustomization.yaml index df7a543..12bad19 100644 --- a/config/deploy/ccm/kustomization.yaml +++ b/config/deploy/ccm/kustomization.yaml @@ -6,4 +6,4 @@ resources: images: - name: controller newName: quay.io/kubermatic/kubelb-ccm - newTag: v1.0.0 + newTag: latest diff --git a/config/deploy/kubelb/kustomization.yaml b/config/deploy/kubelb/kustomization.yaml index c12421e..8e5393d 100644 --- a/config/deploy/kubelb/kustomization.yaml +++ b/config/deploy/kubelb/kustomization.yaml @@ -6,4 +6,4 @@ resources: images: - name: controller newName: quay.io/kubermatic/kubelb-manager - newTag: v1.0.0 \ No newline at end of file + newTag: latest diff --git a/config/kubelb/rbac/role.yaml b/config/kubelb/rbac/role.yaml index ee0a60e..3bc4617 100644 --- a/config/kubelb/rbac/role.yaml +++ b/config/kubelb/rbac/role.yaml @@ -4,6 +4,14 @@ kind: ClusterRole metadata: name: kubelb rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch - apiGroups: - "" resources: diff --git a/docs/api-reference.md b/docs/api-reference.md new file mode 100644 index 0000000..ebfec56 --- /dev/null +++ b/docs/api-reference.md @@ -0,0 +1,566 @@ +# API Reference + +## Packages + +- [kubelb.k8c.io/v1alpha1](#kubelbk8ciov1alpha1) + +## kubelb.k8c.io/v1alpha1 + +Package v1alpha1 contains API Schema definitions for the kubelb.k8c.io v1alpha1 API group + +### Resource Types + +- [Addresses](#addresses) +- [AddressesList](#addresseslist) +- [Config](#config) +- [ConfigList](#configlist) +- [LoadBalancer](#loadbalancer) +- [LoadBalancerList](#loadbalancerlist) +- [Route](#route) +- [RouteList](#routelist) +- [SyncSecret](#syncsecret) +- [SyncSecretList](#syncsecretlist) +- [Tenant](#tenant) +- [TenantList](#tenantlist) + +#### Addresses + +Addresses is the Schema for the addresses API + +_Appears in:_ + +- [AddressesList](#addresseslist) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `Addresses` | | | +| `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `spec` _[AddressesSpec](#addressesspec)_ | | | | +| `status` _[AddressesStatus](#addressesstatus)_ | | | | + +#### AddressesList + +AddressesList contains a list of Addresses + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `AddressesList` | | | +| `metadata` _[ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#listmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `items` _[Addresses](#addresses) array_ | | | | + +#### AddressesSpec + +AddressesSpec defines the desired state of Addresses + +_Appears in:_ + +- [Addresses](#addresses) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `addresses` _[EndpointAddress](#endpointaddress) array_ | Addresses contains a list of addresses. | | MinItems: 1
| + +#### AddressesStatus + +AddressesStatus defines the observed state of Addresses + +_Appears in:_ + +- [Addresses](#addresses) + +#### AnnotationSettings + +_Appears in:_ + +- [ConfigSpec](#configspec) +- [TenantSpec](#tenantspec) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `propagatedAnnotations` _map[string]string_ | PropagatedAnnotations defines the list of annotations(key-value pairs) that will be propagated to the LoadBalancer service. Keep the `value` field empty in the key-value pair to allow any value.
This will have a higher precedence than the annotations specified at the Config level. | | | +| `propagateAllAnnotations` _boolean_ | PropagateAllAnnotations defines whether all annotations will be propagated to the LoadBalancer service. If set to true, PropagatedAnnotations will be ignored.
This will have a higher precedence than the value specified at the Config level. | | | + +#### Config + +Config is the object that represents the Config for the KubeLB management controller. + +_Appears in:_ + +- [ConfigList](#configlist) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `Config` | | | +| `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `spec` _[ConfigSpec](#configspec)_ | | | | + +#### ConfigList + +ConfigList contains a list of Config + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `ConfigList` | | | +| `metadata` _[ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#listmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `items` _[Config](#config) array_ | | | | + +#### ConfigSpec + +ConfigSpec defines the desired state of the Config + +_Appears in:_ + +- [Config](#config) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `propagatedAnnotations` _map[string]string_ | PropagatedAnnotations defines the list of annotations(key-value pairs) that will be propagated to the LoadBalancer service. Keep the `value` field empty in the key-value pair to allow any value.
This will have a higher precedence than the annotations specified at the Config level. | | | +| `propagateAllAnnotations` _boolean_ | PropagateAllAnnotations defines whether all annotations will be propagated to the LoadBalancer service. If set to true, PropagatedAnnotations will be ignored.
This will have a higher precedence than the value specified at the Config level. | | | +| `envoyProxy` _[EnvoyProxy](#envoyproxy)_ | EnvoyProxy defines the desired state of the Envoy Proxy | | | +| `loadBalancer` _[LoadBalancerSettings](#loadbalancersettings)_ | | | | +| `ingress` _[IngressSettings](#ingresssettings)_ | | | | +| `gatewayAPI` _[GatewayAPISettings](#gatewayapisettings)_ | | | | + +#### EndpointAddress + +EndpointAddress is a tuple that describes single IP address. + +_Appears in:_ + +- [AddressesSpec](#addressesspec) +- [LoadBalancerEndpoints](#loadbalancerendpoints) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `ip` _string_ | The IP of this endpoint.
May not be loopback (127.0.0.0/8), link-local (169.254.0.0/16),
or link-local multicast ((224.0.0.0/24). | | MinLength: 7
| +| `hostname` _string_ | The Hostname of this endpoint | | | + +#### EndpointPort + +EndpointPort is a tuple that describes a single port. + +_Appears in:_ + +- [LoadBalancerEndpoints](#loadbalancerendpoints) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `name` _string_ | The name of this port. This must match the 'name' field in the
corresponding ServicePort.
Must be a DNS_LABEL.
Optional only if one port is defined. | | | +| `port` _integer_ | The port number of the endpoint. | | | +| `protocol` _[Protocol](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#protocol-v1-core)_ | The IP protocol for this port. Defaults to "TCP". | | Enum: [TCP UDP]
| + +#### EnvoyProxy + +EnvoyProxy defines the desired state of the EnvoyProxy + +_Appears in:_ + +- [ConfigSpec](#configspec) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `topology` _[EnvoyProxyTopology](#envoyproxytopology)_ | Topology defines the deployment topology for Envoy Proxy. Valid values are: shared and global.
DEPRECATION NOTICE: The value "dedicated" is deprecated and will be removed in a future release. Dedicated topology will now default to shared topology. | shared | Enum: [shared dedicated global]
| +| `useDaemonset` _boolean_ | UseDaemonset defines whether Envoy Proxy will run as daemonset. By default, Envoy Proxy will run as deployment.
If set to true, Replicas will be ignored. | | | +| `replicas` _integer_ | Replicas defines the number of replicas for Envoy Proxy. This field is ignored if UseDaemonset is set to true. | 3 | Minimum: 1
| +| `singlePodPerNode` _boolean_ | SinglePodPerNode defines whether Envoy Proxy pods will be spread across nodes. This ensures that multiple replicas are not running on the same node. | | | +| `nodeSelector` _object (keys:string, values:string)_ | NodeSelector is used to select nodes to run Envoy Proxy. If specified, the node must have all the indicated labels. | | | +| `tolerations` _[Toleration](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#toleration-v1-core) array_ | Tolerations is used to schedule Envoy Proxy pods on nodes with matching taints. | | | +| `resources` _[ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#resourcerequirements-v1-core)_ | Resources defines the resource requirements for Envoy Proxy. | | | +| `affinity` _[Affinity](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#affinity-v1-core)_ | Affinity is used to schedule Envoy Proxy pods on nodes with matching affinity. | | | + +#### EnvoyProxyTopology + +_Underlying type:_ _string_ + +_Appears in:_ + +- [EnvoyProxy](#envoyproxy) + +| Field | Description | +| --- | --- | +| `shared` | | +| `dedicated` | | +| `global` | | + +#### GatewayAPISettings + +GatewayAPISettings defines the settings for the gateway API. + +_Appears in:_ + +- [ConfigSpec](#configspec) +- [TenantSpec](#tenantspec) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `class` _string_ | Class is the class of the gateway API to use. This can be used to specify a specific gateway API implementation.
This has higher precedence than the value specified in the Config. | | | +| `disable` _boolean_ | Disable is a flag that can be used to disable Gateway API for a tenant. | | | + +#### IngressSettings + +IngressSettings defines the settings for the ingress. + +_Appears in:_ + +- [ConfigSpec](#configspec) +- [TenantSpec](#tenantspec) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `class` _string_ | Class is the class of the ingress to use.
This has higher precedence than the value specified in the Config. | | | +| `disable` _boolean_ | Disable is a flag that can be used to disable Ingress for a tenant. | | | + +#### KubernetesSource + +_Appears in:_ + +- [RouteSource](#routesource) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `resource` _[Unstructured](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#unstructured-unstructured-v1)_ | | | EmbeddedResource: \{\}
| +| `services` _[UpstreamService](#upstreamservice) array_ | Services contains the list of services that are used as the source for the Route. | | | + +#### LoadBalancer + +LoadBalancer is the Schema for the loadbalancers API + +_Appears in:_ + +- [LoadBalancerList](#loadbalancerlist) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `LoadBalancer` | | | +| `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `spec` _[LoadBalancerSpec](#loadbalancerspec)_ | | | | +| `status` _[LoadBalancerStatus](#loadbalancerstatus)_ | | | | + +#### LoadBalancerEndpoints + +LoadBalancerEndpoints is a group of addresses with a common set of ports. The +expanded set of endpoints is the Cartesian product of Addresses x Ports. +For example, given: + + { + Addresses: [{"ip": "10.10.1.1"}, {"ip": "10.10.2.2"}], + Ports: [{"name": "a", "port": 8675}, {"name": "b", "port": 309}] + } + +The resulting set of endpoints can be viewed as: + + a: [ 10.10.1.1:8675, 10.10.2.2:8675 ], + b: [ 10.10.1.1:309, 10.10.2.2:309 ] + +_Appears in:_ + +- [LoadBalancerSpec](#loadbalancerspec) +- [RouteSpec](#routespec) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `name` _string_ | Name is the name of the endpoints. | | | +| `addresses` _[EndpointAddress](#endpointaddress) array_ | IP addresses which offer the related ports that are marked as ready. These endpoints
should be considered safe for load balancers and clients to utilize. | | MinItems: 1
| +| `addressesReference` _[ObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectreference-v1-core)_ | AddressesReference is a reference to the Addresses object that contains the IP addresses.
If this field is set, the Addresses field will be ignored. | | | +| `ports` _[EndpointPort](#endpointport) array_ | Port numbers available on the related IP addresses.
This field is ignored for routes that are using kubernetes resources as the source. | | MinItems: 1
| + +#### LoadBalancerList + +LoadBalancerList contains a list of LoadBalancer + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `LoadBalancerList` | | | +| `metadata` _[ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#listmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `items` _[LoadBalancer](#loadbalancer) array_ | | | | + +#### LoadBalancerPort + +LoadBalancerPort contains information on service's port. + +_Appears in:_ + +- [LoadBalancerSpec](#loadbalancerspec) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `name` _string_ | The name of this port within the service. This must be a DNS_LABEL.
All ports within a Spec must have unique names. When considering
the endpoints for a Service, this must match the 'name' field in the
EndpointPort.
Optional if only one ServicePort is defined on this service. | | | +| `protocol` _[Protocol](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#protocol-v1-core)_ | The IP protocol for this port. Defaults to "TCP". | | Enum: [TCP UDP]
| +| `port` _integer_ | The port that will be exposed by the LoadBalancer. | | | + +#### LoadBalancerSettings + +LoadBalancerSettings defines the settings for the load balancers. + +_Appears in:_ + +- [ConfigSpec](#configspec) +- [TenantSpec](#tenantspec) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `class` _string_ | Class is the class of the load balancer to use.
This has higher precedence than the value specified in the Config. | | | +| `disable` _boolean_ | Disable is a flag that can be used to disable L4 load balancing for a tenant. | | | + +#### LoadBalancerSpec + +LoadBalancerSpec defines the desired state of LoadBalancer + +_Appears in:_ + +- [LoadBalancer](#loadbalancer) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `endpoints` _[LoadBalancerEndpoints](#loadbalancerendpoints) array_ | Sets of addresses and ports that comprise an exposed user service on a cluster. | | MinItems: 1
| +| `ports` _[LoadBalancerPort](#loadbalancerport) array_ | The list of ports that are exposed by the load balancer service.
only needed for layer 4 | | | +| `type` _[ServiceType](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#servicetype-v1-core)_ | type determines how the Service is exposed. Defaults to ClusterIP. Valid
options are ExternalName, ClusterIP, NodePort, and LoadBalancer.
"ExternalName" maps to the specified externalName.
"ClusterIP" allocates a cluster-internal IP address for load-balancing to
endpoints. Endpoints are determined by the selector or if that is not
specified, by manual construction of an Endpoints object. If clusterIP is
"None", no virtual IP is allocated and the endpoints are published as a
set of endpoints rather than a stable IP.
"NodePort" builds on ClusterIP and allocates a port on every node which
routes to the clusterIP.
"LoadBalancer" builds on NodePort and creates an
external load-balancer (if supported in the current cloud) which routes
to the clusterIP.
More info: | ClusterIP | | + +#### LoadBalancerStatus + +LoadBalancerStatus defines the observed state of LoadBalancer + +_Appears in:_ + +- [LoadBalancer](#loadbalancer) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `loadBalancer` _[LoadBalancerStatus](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#loadbalancerstatus-v1-core)_ | LoadBalancer contains the current status of the load-balancer,
if one is present. | | | +| `service` _[ServiceStatus](#servicestatus)_ | Service contains the current status of the LB service. | | | + +#### ResourceState + +_Appears in:_ + +- [RouteResourcesStatus](#routeresourcesstatus) +- [RouteServiceStatus](#routeservicestatus) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | APIVersion is the API version of the resource. | | | +| `name` _string_ | Name is the name of the resource. | | | +| `namespace` _string_ | Namespace is the namespace of the resource. | | | +| `generatedName` _string_ | GeneratedName is the generated name of the resource. | | | +| `status` _[RawExtension](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#rawextension-runtime-pkg)_ | Status is the actual status of the resource. | | | +| `conditions` _[Condition](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#condition-v1-meta) array_ | | | | + +#### Route + +Route is the object that represents a route in the cluster. + +_Appears in:_ + +- [RouteList](#routelist) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `Route` | | | +| `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `spec` _[RouteSpec](#routespec)_ | | | | +| `status` _[RouteStatus](#routestatus)_ | | | | + +#### RouteList + +RouteList contains a list of Routes + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `RouteList` | | | +| `metadata` _[ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#listmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `items` _[Route](#route) array_ | | | | + +#### RouteResourcesStatus + +_Appears in:_ + +- [RouteStatus](#routestatus) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `source` _string_ | | | | +| `services` _object (keys:string, values:[RouteServiceStatus](#routeservicestatus))_ | | | | +| `route` _[ResourceState](#resourcestate)_ | | | | + +#### RouteServiceStatus + +_Appears in:_ + +- [RouteResourcesStatus](#routeresourcesstatus) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | APIVersion is the API version of the resource. | | | +| `name` _string_ | Name is the name of the resource. | | | +| `namespace` _string_ | Namespace is the namespace of the resource. | | | +| `generatedName` _string_ | GeneratedName is the generated name of the resource. | | | +| `status` _[RawExtension](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#rawextension-runtime-pkg)_ | Status is the actual status of the resource. | | | +| `conditions` _[Condition](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#condition-v1-meta) array_ | | | | +| `ports` _[ServicePort](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#serviceport-v1-core) array_ | | | | + +#### RouteSource + +_Appears in:_ + +- [RouteSpec](#routespec) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `kubernetes` _[KubernetesSource](#kubernetessource)_ | Kubernetes contains the information about the Kubernetes source.
This field is automatically populated by the KubeLB CCM and in most cases, users should not set this field manually. | | | + +#### RouteSpec + +RouteSpec defines the desired state of the Route. + +_Appears in:_ + +- [Route](#route) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `endpoints` _[LoadBalancerEndpoints](#loadbalancerendpoints) array_ | Sets of addresses and ports that comprise an exposed user service on a cluster. | | MinItems: 1
| +| `source` _[RouteSource](#routesource)_ | Source contains the information about the source of the route. This is used when the route is created from external sources. | | | + +#### RouteStatus + +RouteStatus defines the observed state of the Route. + +_Appears in:_ + +- [Route](#route) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `resources` _[RouteResourcesStatus](#routeresourcesstatus)_ | Resources contains the list of resources that are created/processed as a result of the Route. | | | + +#### ServicePort + +ServicePort contains information on service's port. + +_Appears in:_ + +- [ServiceStatus](#servicestatus) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `name` _string_ | The name of this port within the service. This must be a DNS_LABEL.
All ports within a ServiceSpec must have unique names. When considering
the endpoints for a Service, this must match the 'name' field in the
EndpointPort.
Optional if only one ServicePort is defined on this service. | | | +| `protocol` _[Protocol](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#protocol-v1-core)_ | The IP protocol for this port. Supports "TCP", "UDP", and "SCTP".
Default is TCP. | | | +| `appProtocol` _string_ | The application protocol for this port.
This is used as a hint for implementations to offer richer behavior for protocols that they understand.
This field follows standard Kubernetes label syntax.
Valid values are either:

*Un-prefixed protocol names - reserved for IANA standard service names (as per
RFC-6335 and ).

* Kubernetes-defined prefixed names:
*'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in
* 'kubernetes.io/ws' - WebSocket over cleartext as described in
*'kubernetes.io/wss' - WebSocket over TLS as described in

* Other protocols should use implementation-defined prefixed names such as
mycompany.com/my-custom-protocol. | | | +| `port` _integer_ | The port that will be exposed by this service. | | | +| `targetPort` _[IntOrString](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#intorstring-intstr-util)_ | Number or name of the port to access on the pods targeted by the service.
Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.
If this is a string, it will be looked up as a named port in the
target Pod's container ports. If this is not specified, the value
of the 'port' field is used (an identity map).
This field is ignored for services with clusterIP=None, and should be
omitted or set equal to the 'port' field.
More info: | | | +| `nodePort` _integer_ | The port on each node on which this service is exposed when type is
NodePort or LoadBalancer. Usually assigned by the system. If a value is
specified, in-range, and not in use it will be used, otherwise the
operation will fail. If not specified, a port will be allocated if this
Service requires one. If this field is specified when creating a
Service which does not need it, creation will fail. This field will be
wiped when updating a Service to no longer need it (e.g. changing type
from NodePort to ClusterIP).
More info: | | | +| `upstreamTargetPort` _integer_ | | | | + +#### ServiceStatus + +_Appears in:_ + +- [LoadBalancerStatus](#loadbalancerstatus) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `ports` _[ServicePort](#serviceport) array_ | | | | + +#### SyncSecret + +SyncSecret is a wrapper over Kubernetes Secret object. This is used to sync secrets from tenants to the LB cluster in a controlled and secure way. + +_Appears in:_ + +- [SyncSecretList](#syncsecretlist) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `SyncSecret` | | | +| `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `data` _object (keys:string, values:integer array)_ | | | | +| `stringData` _object (keys:string, values:string)_ | | | | +| `type` _[SecretType](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#secrettype-v1-core)_ | | | | + +#### SyncSecretList + +SyncSecretList contains a list of SyncSecrets + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `SyncSecretList` | | | +| `metadata` _[ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#listmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `items` _[SyncSecret](#syncsecret) array_ | | | | + +#### Tenant + +Tenant is the Schema for the tenants API + +_Appears in:_ + +- [TenantList](#tenantlist) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `Tenant` | | | +| `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `spec` _[TenantSpec](#tenantspec)_ | | | | +| `status` _[TenantStatus](#tenantstatus)_ | | | | + +#### TenantList + +TenantList contains a list of Tenant + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `apiVersion` _string_ | `kubelb.k8c.io/v1alpha1` | | | +| `kind` _string_ | `TenantList` | | | +| `metadata` _[ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#listmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `items` _[Tenant](#tenant) array_ | | | | + +#### TenantSpec + +TenantSpec defines the desired state of Tenant + +_Appears in:_ + +- [Tenant](#tenant) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `propagatedAnnotations` _map[string]string_ | PropagatedAnnotations defines the list of annotations(key-value pairs) that will be propagated to the LoadBalancer service. Keep the `value` field empty in the key-value pair to allow any value.
This will have a higher precedence than the annotations specified at the Config level. | | | +| `propagateAllAnnotations` _boolean_ | PropagateAllAnnotations defines whether all annotations will be propagated to the LoadBalancer service. If set to true, PropagatedAnnotations will be ignored.
This will have a higher precedence than the value specified at the Config level. | | | +| `loadBalancer` _[LoadBalancerSettings](#loadbalancersettings)_ | | | | +| `ingress` _[IngressSettings](#ingresssettings)_ | | | | +| `gatewayAPI` _[GatewayAPISettings](#gatewayapisettings)_ | | | | + +#### TenantStatus + +TenantStatus defines the observed state of Tenant + +_Appears in:_ + +- [Tenant](#tenant) + +#### UpstreamService + +UpstreamService is a wrapper over the corev1.Service object. +This is required as kubebuilder:validation:EmbeddedResource marker adds the x-kubernetes-embedded-resource to the array instead of +the elements within it. Which results in a broken CRD; validation error. Without this marker, the embedded resource is not properly +serialized to the CRD. + +_Appears in:_ + +- [KubernetesSource](#kubernetessource) + +| Field | Description | Default | Validation | +| --- | --- | --- | --- | +| `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | | +| `spec` _[ServiceSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#servicespec-v1-core)_ | Spec defines the behavior of a service.
| | | +| `status` _[ServiceStatus](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.30/#servicestatus-v1-core)_ | Most recently observed status of the service.
Populated by the system.
Read-only.
More info: | | | diff --git a/hack/crd-ref-docs.yaml b/hack/crd-ref-docs.yaml new file mode 100644 index 0000000..e4a3273 --- /dev/null +++ b/hack/crd-ref-docs.yaml @@ -0,0 +1,21 @@ +# Copyright 2024 The KubeLB Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +processor: + ignoreFields: + - "TypeMeta$" + - "kind$" + - "apiversion$" +render: + kubernetesVersion: "1.30" diff --git a/internal/controllers/ccm/gateway_controller.go b/internal/controllers/ccm/gateway_controller.go index 9f29ab6..9c02df4 100644 --- a/internal/controllers/ccm/gateway_controller.go +++ b/internal/controllers/ccm/gateway_controller.go @@ -187,10 +187,7 @@ func (r *GatewayReconciler) resourceFilter() predicate.Predicate { }, UpdateFunc: func(e event.UpdateEvent) bool { if obj, ok := e.ObjectNew.(*gwapiv1.Gateway); ok { - if !r.shouldReconcile(obj) { - return false - } - return e.ObjectOld.GetResourceVersion() != e.ObjectNew.GetResourceVersion() + return r.shouldReconcile(obj) } return false }, diff --git a/internal/controllers/ccm/gateway_grpcroute_controller.go b/internal/controllers/ccm/gateway_grpcroute_controller.go index 33b03c3..13a0b65 100644 --- a/internal/controllers/ccm/gateway_grpcroute_controller.go +++ b/internal/controllers/ccm/gateway_grpcroute_controller.go @@ -240,10 +240,7 @@ func (r *GRPCRouteReconciler) resourceFilter() predicate.Predicate { }, UpdateFunc: func(e event.UpdateEvent) bool { if obj, ok := e.ObjectNew.(*gwapiv1.GRPCRoute); ok { - if !r.shouldReconcile(obj) { - return false - } - return e.ObjectOld.GetResourceVersion() != e.ObjectNew.GetResourceVersion() + return r.shouldReconcile(obj) } return false }, diff --git a/internal/controllers/ccm/gateway_httproute_controller.go b/internal/controllers/ccm/gateway_httproute_controller.go index 58888c0..1097c02 100644 --- a/internal/controllers/ccm/gateway_httproute_controller.go +++ b/internal/controllers/ccm/gateway_httproute_controller.go @@ -244,10 +244,7 @@ func (r *HTTPRouteReconciler) resourceFilter() predicate.Predicate { }, UpdateFunc: func(e event.UpdateEvent) bool { if obj, ok := e.ObjectNew.(*gwapiv1.HTTPRoute); ok { - if !r.shouldReconcile(obj) { - return false - } - return e.ObjectOld.GetResourceVersion() != e.ObjectNew.GetResourceVersion() + return r.shouldReconcile(obj) } return false }, diff --git a/internal/controllers/ccm/ingress_controller.go b/internal/controllers/ccm/ingress_controller.go index 11adf4a..c2c84fc 100644 --- a/internal/controllers/ccm/ingress_controller.go +++ b/internal/controllers/ccm/ingress_controller.go @@ -246,10 +246,7 @@ func (r *IngressReconciler) resourceFilter() predicate.Predicate { }, UpdateFunc: func(e event.UpdateEvent) bool { if obj, ok := e.ObjectNew.(*networkingv1.Ingress); ok { - if !r.shouldReconcile(obj) { - return false - } - return e.ObjectOld.GetResourceVersion() != e.ObjectNew.GetResourceVersion() + return r.shouldReconcile(obj) } return false }, diff --git a/internal/controllers/kubelb/envoy_cp_controller.go b/internal/controllers/kubelb/envoy_cp_controller.go index 7192e21..59610f7 100644 --- a/internal/controllers/kubelb/envoy_cp_controller.go +++ b/internal/controllers/kubelb/envoy_cp_controller.go @@ -314,7 +314,7 @@ func (r *EnvoyCPReconciler) getEnvoyProxyPodSpec(namespace, appName, snapshotNam template.Spec.Affinity = envoyProxy.Affinity } - if envoyProxy.Tolerations != nil && len(envoyProxy.Tolerations) > 0 { + if len(envoyProxy.Tolerations) > 0 { template.Spec.Tolerations = envoyProxy.Tolerations } diff --git a/internal/controllers/kubelb/route_controller.go b/internal/controllers/kubelb/route_controller.go index 64a902a..695ad98 100644 --- a/internal/controllers/kubelb/route_controller.go +++ b/internal/controllers/kubelb/route_controller.go @@ -172,11 +172,6 @@ func (r *RouteReconciler) reconcile(ctx context.Context, log logr.Logger, route func (r *RouteReconciler) cleanup(ctx context.Context, route *kubelbv1alpha1.Route, ns string) (ctrl.Result, error) { // Route will be removed automatically because of owner reference. We need to take care of removing // the services while ensuring that the services are not being used by other routes. - - if route.Status.Resources.Services == nil { - return reconcile.Result{}, nil - } - for _, value := range route.Status.Resources.Services { log := r.Log.WithValues("name", value.Name, "namespace", value.Namespace) log.V(1).Info("Deleting service", "name", value.GeneratedName, "namespace", ns) diff --git a/internal/controllers/kubelb/tenant_controller.go b/internal/controllers/kubelb/tenant_controller.go index df92f99..2323816 100644 --- a/internal/controllers/kubelb/tenant_controller.go +++ b/internal/controllers/kubelb/tenant_controller.go @@ -90,6 +90,7 @@ type TenantReconciler struct { // +kubebuilder:rbac:groups="",resources=namespaces,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups="",resources=serviceaccounts,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch // +kubebuilder:rbac:groups="rbac.authorization.k8s.io",resources=roles,verbs=get;list;watch;create;update;patch;delete;bind;escalate // +kubebuilder:rbac:groups="rbac.authorization.k8s.io",resources=rolebindings,verbs=get;list;watch;create;update;patch;delete;bind;escalate // +kubebuilder:rbac:groups=kubelb.k8c.io,resources=tenants,verbs=get;list;watch;create;update;patch;delete diff --git a/internal/controllers/kubelb/tenant_migration_controller.go b/internal/controllers/kubelb/tenant_migration_controller.go index 0b7610c..fe67595 100644 --- a/internal/controllers/kubelb/tenant_migration_controller.go +++ b/internal/controllers/kubelb/tenant_migration_controller.go @@ -131,10 +131,7 @@ func (r *TenantMigrationReconciler) resourceFilter() predicate.Predicate { }, UpdateFunc: func(e event.UpdateEvent) bool { if obj, ok := e.ObjectNew.(*corev1.Namespace); ok { - if !r.shouldReconcile(obj) { - return false - } - return e.ObjectOld.GetResourceVersion() != e.ObjectNew.GetResourceVersion() + return r.shouldReconcile(obj) } return false }, diff --git a/internal/kubelb/utils.go b/internal/kubelb/utils.go index 56d6150..91762ee 100644 --- a/internal/kubelb/utils.go +++ b/internal/kubelb/utils.go @@ -126,3 +126,17 @@ func PropagateAnnotations(loadbalancer map[string]string, annotations kubelbv1al } return a } + +func AddKubeLBLabels(labels map[string]string, name, namespace, gvk string) map[string]string { + if labels == nil { + labels = make(map[string]string) + } + labels[LabelOriginName] = name + labels[LabelOriginNamespace] = namespace + labels[LabelManagedBy] = LabelControllerName + + if gvk != "" { + labels[LabelOriginResourceKind] = gvk + } + return labels +} diff --git a/internal/resources/gatewayapi/gateway/gateway.go b/internal/resources/gatewayapi/gateway/gateway.go index 4c3cfd7..26a35c1 100644 --- a/internal/resources/gatewayapi/gateway/gateway.go +++ b/internal/resources/gatewayapi/gateway/gateway.go @@ -86,6 +86,9 @@ func CreateOrUpdateGateway(ctx context.Context, log logr.Logger, client ctrlclie } } + // Process labels + object.Labels = kubelb.AddKubeLBLabels(object.Labels, object.Name, object.Namespace, "") + object.Namespace = namespace object.SetUID("") // Reset UID to generate a new UID for the Gateway object diff --git a/internal/resources/gatewayapi/grpcroute/grpcroute.go b/internal/resources/gatewayapi/grpcroute/grpcroute.go index 9485ac3..c81a586 100644 --- a/internal/resources/gatewayapi/grpcroute/grpcroute.go +++ b/internal/resources/gatewayapi/grpcroute/grpcroute.go @@ -94,6 +94,9 @@ func CreateOrUpdateGRPCRoute(ctx context.Context, log logr.Logger, client ctrlcl // Process annotations. object.Annotations = kubelb.PropagateAnnotations(object.Annotations, annotations) + // Process labels + object.Labels = kubelb.AddKubeLBLabels(object.Labels, object.Name, object.Namespace, "") + object.Name = kubelb.GenerateName(globalTopology, string(object.UID), object.Name, object.Namespace) object.Namespace = namespace object.SetUID("") // Reset UID to generate a new UID for the object diff --git a/internal/resources/gatewayapi/httproute/httproute.go b/internal/resources/gatewayapi/httproute/httproute.go index d1e3012..7c16707 100644 --- a/internal/resources/gatewayapi/httproute/httproute.go +++ b/internal/resources/gatewayapi/httproute/httproute.go @@ -94,6 +94,9 @@ func CreateOrUpdateHTTPRoute(ctx context.Context, log logr.Logger, client ctrlcl // Process annotations. object.Annotations = kubelb.PropagateAnnotations(object.Annotations, annotations) + // Process labels + object.Labels = kubelb.AddKubeLBLabels(object.Labels, object.Name, object.Namespace, "") + object.Name = kubelb.GenerateName(globalTopology, string(object.UID), object.Name, object.Namespace) object.Namespace = namespace object.SetUID("") // Reset UID to generate a new UID for the object diff --git a/internal/resources/ingress/ingress.go b/internal/resources/ingress/ingress.go index 28a4628..935b76c 100644 --- a/internal/resources/ingress/ingress.go +++ b/internal/resources/ingress/ingress.go @@ -82,6 +82,9 @@ func CreateOrUpdateIngress(ctx context.Context, log logr.Logger, client ctrlclie } } + // Process labels + object.Labels = kubelb.AddKubeLBLabels(object.Labels, object.Name, object.Namespace, "") + // Update name and other fields before creating/updating the object. object.Name = kubelb.GenerateName(globalTopology, string(object.UID), object.Name, object.Namespace) object.Namespace = namespace