Merge pull request #299 from sjberman/cli_args

Add route label watcher; set backend port properly

cmd/k8s-bigip-ctlr/main.go

@@ -88,9 +88,8 @@ var (
 	openshiftSDNMode string
 	openshiftSDNName *string
 
-	routeVserverAddr       *string
-	routeDefaultServerCert *string
-	routeLabel             *string
+	routeVserverAddr *string
+	routeLabel       *string
 
 	// package variables
 	isNodePort         bool
@@ -175,12 +174,9 @@ func _init() {
 	// OpenShift Route flags
 	routeVserverAddr = osRouteFlags.String("route-vserver-addr", "",
 		"Optional, bind address for virtual server for Route objects.")
-	routeDefaultServerCert = osRouteFlags.String("route-default-server-cert", "",
-		"Optional, default server cert for Route objects.")
 	routeLabel = osRouteFlags.String("route-label", "",
 		"Optional, label for which Route objects to watch.")
 	osRouteFlags.MarkHidden("route-vserver-addr")
-	osRouteFlags.MarkHidden("route-default-server-cert")
 	osRouteFlags.MarkHidden("route-label")
 
 	osRouteFlags.Usage = func() {
@@ -392,10 +388,13 @@ func main() {
 		log.Fatalf("Failed creating ConfigWriter tool: %v", err)
 	}
 	defer configWriter.Stop()
+
+	if len(*routeLabel) > 0 {
+		*routeLabel = fmt.Sprintf("f5type in (%s)", *routeLabel)
+	}
 	var routeConfig = appmanager.RouteConfig{
-		RouteVSAddr:     *routeVserverAddr,
-		RouteServerCert: *routeDefaultServerCert,
-		RouteLabel:      *routeLabel,
+		RouteVSAddr: *routeVserverAddr,
+		RouteLabel:  *routeLabel,
 	}
 
 	var appMgrParms = appmanager.Params{

pkg/appmanager/appManager.go

@@ -115,9 +115,8 @@ type Params struct {
 
 // Configuration options for Routes in OpenShift
 type RouteConfig struct {
-	RouteVSAddr     string
-	RouteServerCert string
-	RouteLabel      string
+	RouteVSAddr string
+	RouteLabel  string
 }
 
 // Create and return a new app manager that meets the Manager interface
@@ -473,12 +472,22 @@ func (appMgr *Manager) newAppInformer(
 		),
 	}
 	if nil != appMgr.routeClientV1 {
+		var label labels.Selector
+		var err error
+		if len(appMgr.routeConfig.RouteLabel) == 0 {
+			label = labels.Everything()
+		} else {
+			label, err = labels.Parse(appMgr.routeConfig.RouteLabel)
+			if err != nil {
+				log.Errorf("Failed to parse Label Selector string: %v", err)
+			}
+		}
 		appInf.routeInformer = cache.NewSharedIndexInformer(
 			newListWatchWithLabelSelector(
 				appMgr.routeClientV1,
 				"routes",
 				namespace,
-				labels.Everything(),
+				label,
 			),
 			&routeapi.Route{},
 			resyncPeriod,
@@ -808,14 +817,11 @@ func (appMgr *Manager) syncVirtualServer(sKey serviceQueueKey) error {
 	// looping through the ConfigMaps. The value is not currently used.
 	svcPortMap := make(map[int32]bool)
 	var svc *v1.Service
-	var routePort int32
 	if svcFound {
 		svc = obj.(*v1.Service)
 		for _, portSpec := range svc.Spec.Ports {
 			svcPortMap[portSpec.Port] = false
 		}
-		// For Routes, we use the first svc port we see
-		routePort = svc.Spec.Ports[0].Port
 	}
 
 	// rsMap stores all resources currently in Resources matching sKey, indexed by port
@@ -831,8 +837,8 @@ func (appMgr *Manager) syncVirtualServer(sKey serviceQueueKey) error {
 	if nil != err {
 		return err
 	}
-	if nil != appInf.routeInformer && routePort != 0 {
-		err = appMgr.syncRoutes(&stats, sKey, rsMap, svcPortMap, svc, appInf, routePort)
+	if nil != appInf.routeInformer {
+		err = appMgr.syncRoutes(&stats, sKey, rsMap, svcPortMap, svc, appInf)
 		if nil != err {
 			return err
 		}
@@ -1049,7 +1055,6 @@ func (appMgr *Manager) syncRoutes(
 	svcPortMap map[int32]bool,
 	svc *v1.Service,
 	appInf *appInformer,
-	backendPort int32,
 ) error {
 	routeByIndex, err := appInf.getOrderedRoutes(sKey.Namespace)
 	if nil != err {
@@ -1081,7 +1086,7 @@ func (appMgr *Manager) syncRoutes(
 			{protocol: "https", port: DEFAULT_HTTPS_PORT}}
 		for _, ps := range pStructs {
 			rsCfg, err := createRSConfigFromRoute(route,
-				*appMgr.resources, appMgr.routeConfig, ps, backendPort)
+				*appMgr.resources, appMgr.routeConfig, ps)
 			if err != nil {
 				// We return err if there was an error creating a rule
 				log.Warningf("%v", err)

pkg/appmanager/appManager_test.go

@@ -3605,13 +3605,13 @@ func TestVirtualServerForRoute(t *testing.T) {
 	resources := appMgr.resources()
 	// Associate a service
 	fooSvc := test.NewService("foo", "1", namespace, "NodePort",
-		[]v1.ServicePort{{Port: 443, NodePort: 37001}})
+		[]v1.ServicePort{{Port: 80, NodePort: 37001}})
 	r = appMgr.addService(fooSvc)
 	assert.True(r, "Service should be processed")
 	require.Equal(2, resources.Count())
 
 	rs, ok := resources.Get(
-		serviceKey{"foo", 443, "default"}, "openshift_default_https")
+		serviceKey{"foo", 80, "default"}, "openshift_default_https")
 	require.True(ok, "Route should be accessible")
 	require.NotNil(rs, "Route should be object")
 	assert.True(rs.MetaData.Active)
@@ -3728,7 +3728,7 @@ func TestPassthroughRoute(t *testing.T) {
 	require.True(r, "Route resource should be processed")
 	resources = appMgr.resources()
 	barSvc := test.NewService(svcName2, "1", namespace, "NodePort",
-		[]v1.ServicePort{{Port: 80, NodePort: 37001}})
+		[]v1.ServicePort{{Port: 443, NodePort: 37001}})
 	appMgr.addService(barSvc)
 	r = assert.True(r, "Service should be processed")
 	assert.Equal(4, resources.Count())
@@ -3757,7 +3757,7 @@ func TestPassthroughRoute(t *testing.T) {
 	assert.Equal(formatRoutePoolName(route2), hostDg.Records[0].Data)
 
 	rs, ok = resources.Get(
-		serviceKey{svcName2, 80, namespace}, "openshift_default_http")
+		serviceKey{svcName2, 443, namespace}, "openshift_default_http")
 	require.True(ok, "Route should be accessible")
 	require.NotNil(rs, "Route should be object")
 	assert.True(rs.MetaData.Active)

pkg/appmanager/resourceConfig.go

@@ -699,7 +699,6 @@ func createRSConfigFromRoute(
 	resources Resources,
 	routeConfig RouteConfig,
 	pStruct portStruct,
-	backendPort int32,
 ) (ResourceConfig, error) {
 	var rsCfg ResourceConfig
 	var policyName, rsName string
@@ -711,6 +710,21 @@ func createRSConfigFromRoute(
 		policyName = "openshift_secure_routes"
 		rsName = formatRouteVSName(route, "https")
 	}
+	tls := route.Spec.TLS
+
+	var backendPort int32
+	if route.Spec.Port != nil {
+		backendPort = route.Spec.Port.TargetPort.IntVal
+	} else if tls != nil && len(tls.Termination) != 0 {
+		if tls.Termination == routeapi.TLSTerminationPassthrough ||
+			tls.Termination == routeapi.TLSTerminationReencrypt {
+			backendPort = 443
+		} else {
+			backendPort = 80
+		}
+	} else {
+		backendPort = 80
+	}
 
 	// Create the pool
 	pool := Pool{
@@ -727,7 +741,6 @@ func createRSConfigFromRoute(
 		err = fmt.Errorf("Error configuring rule for Route %s: %v", route.ObjectMeta.Name, err)
 		return rsCfg, err
 	}
-	tls := route.Spec.TLS
 
 	resources.Lock()
 	defer resources.Unlock()

pkg/appmanager/resourceConfig_test.go

@@ -504,12 +504,12 @@ func TestRouteConfiguration(t *testing.T) {
 		protocol: "https",
 		port:     443,
 	}
-	cfg, _ := createRSConfigFromRoute(route, Resources{}, RouteConfig{}, ps, 443)
+	cfg, _ := createRSConfigFromRoute(route, Resources{}, RouteConfig{}, ps)
 
 	require.Equal("openshift_default_https", cfg.Virtual.VirtualServerName)
 	require.Equal("openshift_default_foo", cfg.Pools[0].Name)
 	require.Equal("foo", cfg.Pools[0].ServiceName)
-	require.Equal(int32(443), cfg.Pools[0].ServicePort)
+	require.Equal(int32(80), cfg.Pools[0].ServicePort)
 	require.Equal("openshift_secure_routes", cfg.Policies[0].Name)
 	require.Equal("openshift_route_default_route", cfg.Policies[0].Rules[0].Name)
 
@@ -526,7 +526,7 @@ func TestRouteConfiguration(t *testing.T) {
 		protocol: "http",
 		port:     80,
 	}
-	cfg, _ = createRSConfigFromRoute(route2, Resources{}, RouteConfig{}, ps, 80)
+	cfg, _ = createRSConfigFromRoute(route2, Resources{}, RouteConfig{}, ps)
 
 	require.Equal("openshift_default_http", cfg.Virtual.VirtualServerName)
 	require.Equal("openshift_default_bar", cfg.Pools[0].Name)