Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: fill in AttachedRoutes in Gateways' Listeners status #251

Merged
merged 9 commits into from May 22, 2024
Merged

feat: fill in AttachedRoutes in Gateways' Listeners status #251

merged 9 commits into from May 22, 2024

Conversation

pmalek
Copy link
Member

@pmalek pmalek commented May 9, 2024
edited

What this PR does / why we need it:

This PR adds support for setting the correct attachedRoutes count in Gateway's listeners status.

Which issue this PR fixes

Part of #56

Special notes for your reviewer:

TestGatewayConformance/GatewayWithAttachedRoutes/Gateway_listener_should_have_AttachedRoutes_set_even_when_Gateway_has_unresolved_refs fails because for some reason HTTPRoute's status flips back and forth between

[
    {
        "parents": [
            {
                "conditions": [
                    {
                        "lastTransitionTime": "2024-05-09T12:16:14Z",
                        "message": "",
                        "observedGeneration": 1,
                        "reason": "Accepted",
                        "status": "True",
                        "type": "Accepted"
                    },
                    {
                        "lastTransitionTime": "2024-05-09T12:16:14Z",
                        "message": "",
                        "observedGeneration": 1,
                        "reason": "BackendNotFound",
                        "status": "False",
                        "type": "ResolvedRefs"
                    },
                    {
                        "lastTransitionTime": "2024-05-09T12:16:14Z",
                        "message": "",
                        "observedGeneration": 1,
                        "reason": "Unknown",
                        "status": "Unknown",
                        "type": "Programmed"
                    }
                ],
                "controllerName": "konghq.com/gateway-operator-integration-tests",
                "parentRef": {
                    "group": "gateway.networking.k8s.io",
                    "kind": "Gateway",
                    "name": "unresolved-gateway-with-one-attached-unresolved-route",
                    "namespace": "gateway-conformance-infra",
                    "sectionName": "tls"
                }
            }
        ]
    }
]

and

[
    {
        "parents": []
    }
]

Which I couldn't reproduce outside of conformance tests with manifests from https://github.com/kubernetes-sigs/gateway-api/blob/8b7639171b5ae5007c8a7abd1796f02a053313cf/conformance/tests/gateway-with-attached-routes.yaml#L90-L132

Below, I attach the dump of logs and resources as retrieved from the cluster during the conformance tests run. It seems that we do not set the ResolvedRefs condition on the Gateway properly when the tls secret that's referenced by the listener does not exist. That should be resolved separately when working on HTTPS/TLS routes

    helpers.go:716: 2024-05-21T18:56:23.89174+02:00: Programmed condition set to Status True with Reason Programmed, expected Status False
    helpers.go:716: 2024-05-21T18:56:23.891786+02:00: Programmed was not in conditions list [[{Conflicted False 1 2024-05-21 18:56:23 +0200 CEST NoConflicts } {Accepted True 1 2024-05-21 18:56:23 +0200 CEST Accepted } {Programmed True 1 2024-05-21 18:56:23 +0200 CEST Programmed } {ResolvedRefs False 1 2024-05-21 18:56:23 +0200 CEST InvalidCertificateRef Referenced secret gateway-conformance-infra/does-not-exist does not exist.}]]
    helpers.go:716: 2024-05-21T18:56:23.891848+02:00: Expected Conditions to be [{Programmed False 0 0001-01-01 00:00:00 +0000 UTC  } {ResolvedRefs False 0 0001-01-01 00:00:00 +0000 UTC  }], got [{Conflicted False 1 2024-05-21 18:56:23 +0200 CEST NoConflicts } {Accepted True 1 2024-05-21 18:56:23 +0200 CEST Accepted } {Programmed True 1 2024-05-21 18:56:23 +0200 CEST Programmed } {ResolvedRefs False 1 2024-05-21 18:56:23 +0200 CEST InvalidCertificateRef Referenced secret gateway-conformance-infra/does-not-exist does not exist.}]
    gateway-with-attached-routes.go:119:
                Error Trace:    /Users/patryk.malek@konghq.com/.gvm/pkgsets/go1.22.3/global/pkg/mod/sigs.k8s.io/gateway-api@v1.1.0/conformance/utils/kubernetes/helpers.go:718
                                                        /Users/patryk.malek@konghq.com/.gvm/pkgsets/go1.22.3/global/pkg/mod/sigs.k8s.io/gateway-api@v1.1.0/conformance/tests/gateway-with-attached-routes.go:119
                Error:          Received unexpected error:
                                error fetching Gateway: client rate limiter Wait returned an error: rate: Wait(n=1) would exceed context deadline
                Test:           TestGatewayConformance/GatewayWithAttachedRoutes/Gateway_listener_should_have_AttachedRoutes_set_even_when_Gateway_has_unresolved_refs
                Messages:       error waiting for Gateway status to have listeners matching expectations

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  creationTimestamp: "2024-05-21T17:34:45Z"
  generation: 1
  name: http-route-4
  namespace: gateway-conformance-infra
  resourceVersion: "416722"
  uid: 7041ffee-3393-4936-8a15-c72edfb3620a
spec:
  parentRefs:
  - group: gateway.networking.k8s.io
    kind: Gateway
    name: unresolved-gateway-with-one-attached-unresolved-route
    namespace: gateway-conformance-infra
    sectionName: tls
  rules:
  - backendRefs:
    - group: ""
      kind: Service
      name: does-not-exist
      port: 8080
      weight: 1
    matches:
    - path:
        type: PathPrefix
        value: /
status:
  parents: []
---
apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  creationTimestamp: "2024-05-21T17:34:45Z"
  finalizers:
  - gateway-operator.konghq.com/cleanup-controlplanes
  - gateway-operator.konghq.com/cleanup-dataplanes
  - gateway-operator.konghq.com/cleanup-network-policies
  generation: 1
  name: unresolved-gateway-with-one-attached-unresolved-route
  namespace: gateway-conformance-infra
  resourceVersion: "421522"
  uid: 4c7fa789-101e-4719-97fd-911d7ef4fd1f
spec:
  gatewayClassName: 2279a556-36e6-4fb5-a928-c67c0454263d
  listeners:
  - allowedRoutes:
      kinds:
      - group: gateway.networking.k8s.io
        kind: HTTPRoute
      namespaces:
        from: Selector
        selector:
          matchLabels:
            kubernetes.io/metadata.name: gateway-conformance-infra
    name: tls
    port: 443
    protocol: HTTPS
    tls:
      certificateRefs:
      - group: ""
        kind: Secret
        name: does-not-exist
      mode: Terminate
status:
  addresses:
  - type: IPAddress
    value: 172.18.128.6
  conditions:
  - lastTransitionTime: "2024-05-21T17:35:41Z"
    message: All listeners are accepted.
    observedGeneration: 1
    reason: Accepted
    status: "True"
    type: Accepted
  - lastTransitionTime: "2024-05-21T17:35:41Z"
    message: ""
    observedGeneration: 1
    reason: Programmed
    status: "True"
    type: Programmed
  - lastTransitionTime: "2024-05-21T17:35:41Z"
    message: ""
    observedGeneration: 1
    reason: Ready
    status: "True"
    type: DataPlaneReady
  - lastTransitionTime: "2024-05-21T17:35:41Z"
    message: ""
    observedGeneration: 1
    reason: Ready
    status: "True"
    type: ControlPlaneReady
  - lastTransitionTime: "2024-05-21T17:35:41Z"
    message: ""
    observedGeneration: 1
    reason: Ready
    status: "True"
    type: GatewayService
  listeners:
  - attachedRoutes: 1
    conditions:
    - lastTransitionTime: "2024-05-21T17:35:41Z"
      message: ""
      observedGeneration: 1
      reason: NoConflicts
      status: "False"
      type: Conflicted
    - lastTransitionTime: "2024-05-21T17:35:41Z"
      message: ""
      observedGeneration: 1
      reason: Accepted
      status: "True"
      type: Accepted
    - lastTransitionTime: "2024-05-21T17:35:41Z"
      message: ""
      observedGeneration: 1
      reason: Programmed
      status: "True"
      type: Programmed
    - lastTransitionTime: "2024-05-21T17:35:41Z"
      message: Referenced secret gateway-conformance-infra/does-not-exist does not
        exist.
      observedGeneration: 1
      reason: InvalidCertificateRef
      status: "False"
      type: ResolvedRefs
    name: tls
    supportedKinds:
    - group: gateway.networking.k8s.io
      kind: HTTPRoute

PR Readiness Checklist:

Complete these before marking the PR as ready to review:

  • the CHANGELOG.md release notes have been updated to reflect significant changes

@pmalek pmalek added this to the KGO v1.3.x milestone May 9, 2024
@pmalek pmalek self-assigned this May 9, 2024
@pmalek pmalek requested a review from mlavacca May 9, 2024 12:25
@pmalek pmalek force-pushed the gateway-api-attached-routes branch from 9fd853e to 73ecc2a Compare May 9, 2024 12:36
@pmalek pmalek force-pushed the gateway-api-attached-routes branch from a1ce712 to 4c515c8 Compare May 21, 2024 15:42
@pmalek pmalek force-pushed the gateway-api-attached-routes branch from 4c515c8 to 5dd6765 Compare May 21, 2024 15:42
@pmalek pmalek marked this pull request as ready for review May 21, 2024 17:43
@pmalek pmalek requested a review from a team as a code owner May 21, 2024 17:43
@pmalek pmalek requested a review from mlavacca May 21, 2024 17:44
programmer04
programmer04 reviewed May 22, 2024
View reviewed changes
controller/gateway/controller.go Outdated Show resolved Hide resolved
controller/gateway/controller_reconciler_utils.go Outdated Show resolved Hide resolved
pkg/utils/gateway/ownerrefs.go Outdated Show resolved Hide resolved
controller/gateway/controller_watch.go Outdated Show resolved Hide resolved
pmalek and others added 3 commits May 22, 2024 14:57
@pmalek @programmer04
Apply suggestions from code review
f972eeb 
Co-authored-by: Jakub Warczarek <jakub.warczarek@konghq.com>
@pmalek
tests: cleanup
000d594
@pmalek
chore: rename
b8c9a9f
@pmalek pmalek requested a review from programmer04 May 22, 2024 13:01
pmalek and others added 2 commits May 22, 2024 15:02
@pmalek pmalek merged commit 7f7db79 into main May 22, 2024
14 checks passed
@pmalek pmalek deleted the gateway-api-attached-routes branch May 22, 2024 14:59
@pmalek pmalek mentioned this pull request May 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@programmer04 programmer04 programmer04 approved these changes

@mlavacca mlavacca Awaiting requested review from mlavacca

Assignees

@pmalek pmalek

Labels
area/gateway-api area/managed-gateways
Projects
None yet
Milestone
KGO v1.3.x
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@pmalek @programmer04 @mlavacca