Merge branch '2.x-master' into 2.x-as3-3.50

F5Networks · Mar 6, 2024 · 5a82238 · 5a82238
2 parents 3343c97 + b324353
commit 5a82238
Show file tree

Hide file tree

Showing 5 changed files with 99 additions and 53 deletions.
diff --git a/cmd/k8s-bigip-ctlr/main.go b/cmd/k8s-bigip-ctlr/main.go
@@ -169,14 +169,15 @@ var (
 	trustedCerts              *string
 	as3PostDelay              *int
 
-	trustedCertsCfgmap     *string
-	agent                  *string
-	ccclGtmAgent           *bool
-	logAS3Response         *bool
-	logAS3Request          *bool
-	shareNodes             *bool
-	overriderAS3CfgmapName *string
-	filterTenants          *bool
+	trustedCertsCfgmap      *string
+	agent                   *string
+	ccclGtmAgent            *bool
+	logAS3Response          *bool
+	logAS3Request           *bool
+	shareNodes              *bool
+	overriderAS3CfgmapName  *string
+	filterTenants           *bool
+	disableDefaultPartition bool
 
 	vxlanMode        string
 	openshiftSDNName *string
@@ -543,7 +544,11 @@ func verifyArgs() error {
 	}
 
 	if len(*bigIPPartitions) == 0 {
-		return fmt.Errorf("missing a BIG-IP partition")
+		if *agent != cisAgent.AS3Agent || !*manageConfigMaps || *manageRoutes || *manageIngress || *customResourceMode || *poolMemberType == "cluster" {
+			return fmt.Errorf("missing a BIG-IP partition")
+		} else {
+			disableDefaultPartition = true
+		}
 	} else if len(*bigIPPartitions) > 0 {
 		err := hasCommonPartition(*bigIPPartitions)
 		if false != err {
@@ -980,7 +985,9 @@ func main() {
 	if len(*routeSpecConfigmap) > 0 && len(*extendedSpecConfigmap) > 0 {
 		log.Warningf("extended-spec-configmap and route-spec-configmap both are present. extended-spec-configmap will be given priority over route-spec-configmap")
 	}
-	resource.DEFAULT_PARTITION = (*bigIPPartitions)[0]
+	if len(*bigIPPartitions) > 0 {
+		resource.DEFAULT_PARTITION = (*bigIPPartitions)[0]
+	}
 	dgPath = resource.DEFAULT_PARTITION
 	if strings.ToLower(*agent) == "as3" {
 		*agent = "as3"
@@ -1092,46 +1099,58 @@ func main() {
 		disableARP = true
 	}
 
-	gs := globalSection{
-		LogLevel:          *logLevel,
-		VerifyInterval:    *verifyInterval,
-		VXLANPartition:    vxlanPartition,
-		DisableLTM:        disableLTM,
-		DisableARP:        disableARP,
-		StaticRoutingMode: *staticRoutingMode,
-	}
-	// If AS3DEBUG is set, set log level to DEBUG
-	if gs.LogLevel == "AS3DEBUG" {
-		gs.LogLevel = "DEBUG"
-	}
-	if *ccclLogLevel != "" {
-		gs.LogLevel = *ccclLogLevel
-	}
-	bs := bigIPSection{
-		BigIPUsername:   *bigIPUsername,
-		BigIPPassword:   *bigIPPassword,
-		BigIPURL:        *bigIPURL,
-		BigIPPartitions: *bigIPPartitions,
-	}
+	// Python driver disable for the nodeport and nodeportlocal mode
+	if *poolMemberType == "cluster" || !disableLTM {
+		gs := globalSection{
+			LogLevel:          *logLevel,
+			VerifyInterval:    *verifyInterval,
+			VXLANPartition:    vxlanPartition,
+			DisableLTM:        disableLTM,
+			DisableARP:        disableARP,
+			StaticRoutingMode: *staticRoutingMode,
+		}
+		// If AS3DEBUG is set, set log level to DEBUG
+		if gs.LogLevel == "AS3DEBUG" {
+			gs.LogLevel = "DEBUG"
+		}
+		if *ccclLogLevel != "" {
+			gs.LogLevel = *ccclLogLevel
+		}
+		bs := bigIPSection{
+			BigIPUsername:   *bigIPUsername,
+			BigIPPassword:   *bigIPPassword,
+			BigIPURL:        *bigIPURL,
+			BigIPPartitions: *bigIPPartitions,
+		}
 
-	subPidCh, err := startPythonDriver(getConfigWriter(), gs, bs, *pythonBaseDir)
-	if nil != err {
-		log.Fatalf("Could not initialize subprocess configuration: %v", err)
-	}
-	subPid := <-subPidCh
-	defer func(pid int) {
-		if 0 != pid {
-			var proc *os.Process
-			proc, err = os.FindProcess(pid)
-			if nil != err {
-				log.Warningf("Failed to find sub-process on exit: %v", err)
-			}
-			err = proc.Signal(os.Interrupt)
-			if nil != err {
-				log.Warningf("Could not stop sub-process on exit: %d - %v", pid, err)
+		subPidCh, err := startPythonDriver(getConfigWriter(), gs, bs, *pythonBaseDir)
+		if nil != err {
+			log.Fatalf("Could not initialize subprocess configuration: %v", err)
+		}
+		subPid := <-subPidCh
+		defer func(pid int) {
+			if 0 != pid {
+				var proc *os.Process
+				proc, err = os.FindProcess(pid)
+				if nil != err {
+					log.Warningf("Failed to find sub-process on exit: %v", err)
+				}
+				err = proc.Signal(os.Interrupt)
+				if nil != err {
+					log.Warningf("Could not stop sub-process on exit: %d - %v", pid, err)
+				}
 			}
+		}(subPid)
+
+		// Add health check e.g. is Python process still there?
+		hc := &health.HealthChecker{
+			SubPID: subPid,
 		}
-	}(subPid)
+		http.Handle("/health", hc.HealthCheckHandler())
+	} else { // a new health checker for nodeport and nodeportlocal mode for AS3
+		hc := &health.HealthChecker{}
+		http.Handle("/health", hc.CISHealthCheckHandler(kubeClient))
+	}
 
 	if _, isSet := os.LookupEnv("SCALE_PERF_ENABLE"); isSet {
 		now := time.Now()
@@ -1186,11 +1205,7 @@ func main() {
 	setupWatchers(appMgr, time.Duration(*syncInterval)*time.Second)
 	// Expose Prometheus metrics
 	http.Handle("/metrics", promhttp.Handler())
-	// Add health check e.g. is Python process still there?
-	hc := &health.HealthChecker{
-		SubPID: subPid,
-	}
-	http.Handle("/health", hc.HealthCheckHandler())
+
 	bigIPPrometheus.RegisterMetrics(*httpClientMetrics)
 	go func() {
 		log.Fatal(http.ListenAndServe(*httpAddress, nil).Error())
@@ -1302,6 +1317,7 @@ func getAS3Params() *as3.Params {
 		DefaultRouteDomain:        *defaultRouteDomain,
 		PoolMemberType:            *poolMemberType,
 		HTTPClientMetrics:         *httpClientMetrics,
+		DisableDefaultPartition:   disableDefaultPartition,
 	}
 }
 

diff --git a/docs/RELEASE-NOTES.rst b/docs/RELEASE-NOTES.rst
@@ -18,6 +18,7 @@ Added Functionality
       * `Issue 3263 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3263>`_: Support for Host group virtual server name in virtual server to customise the virtual server name when Host Group exists.
       * `Issue 3262 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3262>`_: Support for Host Aliases to allow defining multiple hosts in VS CRD. `Example <https://github.com/F5Networks/k8s-bigip-ctlr/blob/2.x-master/docs/config_examples/customResource/VirtualServer>`_
       * `Issue 3295 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3295>`_: Support for setting the default pool via policy CRD for virtual server and nextgen routes. `Example <https://github.com/F5Networks/k8s-bigip-ctlr/blob/2.x-master/docs/config_examples/customResource/Policy>`_
+      * `Issue 3295 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3279>`_: Support for disabling default partition in AS3 legacy nodeport mode.
     * Support for pool-member-type auto for CRD, NextGen Routes and multiCluster mode. Please refer `Documentation <https://github.com/F5Networks/k8s-bigip-ctlr/blob/2.x-master/docs/config_examples/PoolType-Auto/README.md>`.
     * Support for CIS deployment parameters "trusted-certs-cfgmap" && "insecure"  in CRD and NextGen
     * CIS compatible with AS3 3.50

diff --git a/pkg/agent/as3/as3Manager.go b/pkg/agent/as3/as3Manager.go
@@ -122,6 +122,7 @@ type AS3Manager struct {
 	bigIPAS3Version           float64
 	as3LogLevel               *string
 	as3DeclarationPersistence *bool
+	disableDefaultPartition   bool
 }
 
 // Struct to allow NewManager to receive all or only specific parameters.
@@ -158,6 +159,7 @@ type Params struct {
 	DefaultRouteDomain        int
 	PoolMemberType            string
 	HTTPClientMetrics         bool
+	DisableDefaultPartition   bool
 }
 
 type failureContext struct {
@@ -201,6 +203,7 @@ func NewAS3Manager(params *Params) *AS3Manager {
 			LogAS3Request:     params.LogAS3Request,
 			HTTPClientMetrics: params.HTTPClientMetrics,
 		}),
+		disableDefaultPartition: params.DisableDefaultPartition,
 	}
 
 	if as3Manager.tls13CipherGroupReference == "" {

diff --git a/pkg/agent/as3/as3Resource.go b/pkg/agent/as3/as3Resource.go
@@ -37,7 +37,7 @@ func (am *AS3Manager) generateAS3ResourceDeclaration() as3ADC {
 	// Create Shared as3Application object for Routes
 	adc := as3ADC{}
 	var partitions map[string]struct{}
-	if len(am.Resources.Partitions) == 0 {
+	if len(am.Resources.Partitions) == 0 && !am.disableDefaultPartition {
 		partitions = make(map[string]struct{})
 		partitions[DEFAULT_PARTITION] = struct{}{}
 	} else {

diff --git a/pkg/health/health.go b/pkg/health/health.go
@@ -1,16 +1,42 @@
 package health
 
 import (
+	"context"
 	"net/http"
 	"os"
 
 	log "github.com/F5Networks/k8s-bigip-ctlr/v2/pkg/vlogger"
+	"k8s.io/client-go/kubernetes"
+)
+
+const (
+	clusterHealthPath = "/readyz"
 )
 
 type HealthChecker struct {
 	SubPID int
 }
 
+func (hc HealthChecker) CISHealthCheckHandler(kubeClient kubernetes.Interface) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if kubeClient != nil {
+			var response string
+			// Check if kube-api server is reachable
+			_, err := kubeClient.Discovery().RESTClient().Get().AbsPath(clusterHealthPath).DoRaw(context.TODO())
+			if err != nil {
+				response = "kube-api server is not reachable."
+			}
+			if err == nil {
+				w.WriteHeader(http.StatusOK)
+				w.Write([]byte("Ok"))
+			} else {
+				w.WriteHeader(http.StatusInternalServerError)
+				w.Write([]byte(response))
+			}
+		}
+	})
+}
+
 func (hc HealthChecker) HealthCheckHandler() http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if hc.SubPID != 0 {