feat: Initial support for Gateway API (#789)

.github/workflows/e2e-test-ci.yml

@@ -77,12 +77,12 @@ jobs:
           chmod +x ./kind
           sudo mv kind /usr/local/bin
       - name: Setup Go Env
-        uses: actions/setup-go@v1
+        uses: actions/setup-go@v2
         with:
-          go-version: "1.13"
+          go-version: "1.16"
       - name: Install ginkgo
         run: |
-          go get -u github.com/onsi/ginkgo/ginkgo
+          go install github.com/onsi/ginkgo/ginkgo@v1.16.4
           sudo cp ~/go/bin/ginkgo /usr/local/bin
       - name: Create K8s cluster
         run: |

.github/workflows/golangci-lint.yml

@@ -65,10 +65,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - name: setup go
-        uses: actions/setup-go@v1
+      - name: Setup Go Env
+        uses: actions/setup-go@v2
         with:
-          go-version: '1.13'
+          go-version: '1.16'
 
       - name: Download golangci-lint
         run: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.39.0

.github/workflows/lint-checker.yml

@@ -64,10 +64,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - name: setup go
-        uses: actions/setup-go@v1
+      - name: Setup Go Env
+        uses: actions/setup-go@v2
         with:
-          go-version: '1.13'
+          go-version: '1.16'
       - name: run gofmt
         working-directory: ./
         run: |

.github/workflows/unit-test-ci.yml

@@ -63,16 +63,16 @@ jobs:
       (needs.changes.outputs.go == 'true')
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
-    - name: setup go
-      uses: actions/setup-go@v1
-      with:
-        go-version: '1.13'
-    - name: run unit test
-      working-directory: ./
-      run: |
-        make unit-test
-    - name: upload coverage profile
-      working-directory: ./
-      run: |
-        bash <(curl -s https://codecov.io/bash)
+      - uses: actions/checkout@v2
+      - name: Setup Go Env
+        uses: actions/setup-go@v2
+        with:
+          go-version: "1.16"
+      - name: Run unit test
+        working-directory: ./
+        run: |
+          make unit-test
+      - name: Upload coverage profile
+        working-directory: ./
+        run: |
+          bash <(curl -s https://codecov.io/bash)

.github/workflows/verify-codegen.yml

@@ -62,12 +62,12 @@ jobs:
       (needs.changes.outputs.go == 'true')
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
-    - name: setup go
-      uses: actions/setup-go@v1
-      with:
-        go-version: '1.13'
-    - name: make verify-codegen
-      working-directory: ./
-      run: |
-        make verify-codegen
+      - uses: actions/checkout@v2
+      - name: Setup Go Env
+        uses: actions/setup-go@v2
+        with:
+          go-version: "1.16"
+      - name: Make verify-codegen
+        working-directory: ./
+        run: |
+          make verify-codegen

Dockerfile

@@ -14,7 +14,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-FROM golang:1.13.8 AS build-env
+FROM golang:1.16 AS build-env
 LABEL maintainer="gxthrj@163.com"
 
 ARG ENABLE_PROXY=false
@@ -24,8 +24,7 @@ RUN rm -rf /etc/localtime \
     && dpkg-reconfigure -f noninteractive tzdata
 
 WORKDIR /build
-COPY go.mod .
-COPY go.sum .
+COPY go.* ./
 
 RUN if [ "$ENABLE_PROXY" = "true" ] ; then go env -w GOPROXY=https://goproxy.cn,direct ; fi \
     && go mod download

Makefile

@@ -72,7 +72,9 @@ unit-test:
 .PHONY: e2e-test
 e2e-test: ginkgo-check push-images-to-kind
 	kubectl apply -k $(PWD)/samples/deploy/crd
-	cd test/e2e && ginkgo -cover -coverprofile=coverage.txt -r --randomizeSuites --randomizeAllSpecs --trace -p --nodes=$(E2E_CONCURRENCY)
+	cd test/e2e \
+		&& go mod download \
+		&& ACK_GINKGO_RC=true ginkgo -cover -coverprofile=coverage.txt -r --randomizeSuites --randomizeAllSpecs --trace --nodes=$(E2E_CONCURRENCY)
 
 .PHONY: ginkgo-check
 ginkgo-check:

cmd/ingress/ingress.go

@@ -158,6 +158,7 @@ For example, no available LB exists in the bare metal environment.`)
 	cmd.PersistentFlags().StringVar(&cfg.Kubernetes.IngressVersion, "ingress-version", config.IngressNetworkingV1, "the supported ingress api group version, can be \"networking/v1beta1\", \"networking/v1\" (for Kubernetes version v1.19.0 or higher) and \"extensions/v1beta1\"")
 	cmd.PersistentFlags().StringVar(&cfg.Kubernetes.ApisixRouteVersion, "apisix-route-version", config.ApisixRouteV2beta3, "the supported apisixroute api group version, can be \"apisix.apache.org/v2beta1\" or \"apisix.apache.org/v2beta2\" or \"apisix.apache.org/v2beta3\"")
 	cmd.PersistentFlags().BoolVar(&cfg.Kubernetes.WatchEndpointSlices, "watch-endpointslices", false, "whether to watch endpointslices rather than endpoints")
+	cmd.PersistentFlags().BoolVar(&cfg.Kubernetes.EnableGatewayAPI, "enable-gateway-api", false, "whether to enable support for Gateway API")
 	cmd.PersistentFlags().StringVar(&cfg.APISIX.BaseURL, "apisix-base-url", "", "the base URL for APISIX admin api / manager api (deprecated, using --default-apisix-cluster-base-url instead)")
 	cmd.PersistentFlags().StringVar(&cfg.APISIX.AdminKey, "apisix-admin-key", "", "admin key used for the authorization of APISIX admin api / manager api (deprecated, using --default-apisix-cluster-admin-key instead)")
 	cmd.PersistentFlags().StringVar(&cfg.APISIX.DefaultClusterBaseURL, "default-apisix-cluster-base-url", "", "the base URL of admin api / manager api for the default APISIX cluster")

conf/config-default.yaml

@@ -72,6 +72,12 @@ kubernetes:
 
   apisix_route_version: "apisix.apache.org/v2beta3"  # the supported apisixroute api group version.
                                                      # the latest version is "apisix.apache.org/v2beta3".
+
+  enable_gateway_api: false            # whether to enable support for Gateway API.
+                                       # Note: This feature is currently under development and may not work as expected. 
+                                       # It is not recommended to use it in a production environment.
+                                       # Before we announce support for it to reach Beta level or GA.
+
 # APISIX related configurations.
 apisix:
   base_url: "http://127.0.0.1:9080/apisix/admin" # (Deprecated, use default_cluster_base_url) the APISIX admin api / manager api

docs/en/latest/aeps/0001-gateway-api.md

@@ -0,0 +1,182 @@
+---
+title: AEP-0001 Gateway API support
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+## Summary
+
+[Gateway API](https://github.com/kubernetes-sigs/gateway-api) is dedicated to achieving expressive and scalable Kubernetes service networking through many custom resources.
+
+Apache APISIX Ingress controller can realize richer functions by adding support for Gateway API, including Gateway management, multi-cluster support and other features.
+
+## Motivation
+
+* Improve ease of use
+* Support lifecycle management of Apache APISIX Gateway
+
+### Goals
+
+* Can bind the Apache APISIX Ingress controller with Gateway resources.
+* The traffic rules defined by the Gateway API are processed by the Apache APISIX Gateway
+
+### Non-Goals
+
+* Supports all Gateway API versions and capabilities.
+
+## Proposal
+
+Add support from the definition of HTTP routing. Mainly cover the following resources:
+
+* GatewayClass
+* Gateway
+* HTTPRoute
+* TLSRoute
+* ...
+
+## Design Details
+
+We need to add a separate switch for the Gateway API to control whether to enable this feature, and add corresponding controllers for various resources.
+
+* `pkg/ingress/gateway_class.go`
+* `pkg/ingress/gateway.go`
+* `pkg/ingress/http_route.go`
+
+These controllers can handle `gateway.networking.k8s.io/v1alpha2` version of `GatewayClass`, `Gateway` and `HTTPRoute` resources.
+
+For real traffic definition rules, it needs to be translated into rules in Apache APISIX.
+
+### GatewayClass controller
+
+For `GatewayClass` resources, we need to have a unique identifier. We can define `controllerName = apisix.apache.org/gateway-controller` in the code.
+
+```yaml
+apiVersion: gateway.networking.k8s.io/v1alpha2
+kind: GatewayClass
+metadata:
+  name: apisix-lb
+spec:
+  controllerName: apisix.apache.org/gateway-controller
+```
+
+After the creation is successful, you will see the following results.
+
+```bash
+➜  ~ kubectl get gatewayclass
+NAME        CONTROLLER                             AGE
+apisix-lb   apisix.apache.org/gateway-controller   7m
+```
+
+We need to update its Status.
+
+### Gateway controller
+
+For the `Gateway` resource, we have two stages:
+
+* Binding the existing Apache APISIX data plane;
+* Create a self-managed Apache APISIX Gateway;
+
+```yaml
+apiVersion: gateway.networking.k8s.io/v1alpha2
+kind: Gateway
+metadata:
+  name: my-gateway
+spec:
+  gatewayClassName: apisix-lb
+  listeners:
+  - name: http
+    protocol: HTTP
+    port: 80
+```
+
+After correct processing, you will get the following results:
+
+```bash
+➜  ~ kubectl get gateway
+NAME         CLASS       ADDRESS   READY   AGE
+my-gateway   apisix-lb   6.6.6.6   True    12m
+```
+
+### HTTPRoute controller
+
+For the `HTTPRoute` resource, we need to complete its translation to APISIX.
+
+```yaml
+apiVersion: gateway.networking.k8s.io/v1alpha2
+kind: HTTPRoute
+metadata:
+  name: http-app-1
+spec:
+  parentRefs:
+  - name: my-gateway
+  hostnames:
+  - "foo.com"
+  rules:
+  - matches:
+    - path:
+        type: PathPrefix
+        value: /bar
+    backendRefs:
+    - name: my-service1
+      port: 8080
+  - matches:
+    - headers:
+      - type: Exact
+        name: magic
+        value: foo
+      queryParams:
+      - type: Exact
+        name: great
+        value: example
+      path:
+        type: PathPrefix
+        value: /some/thing
+      method: GET
+    backendRefs:
+    - name: my-service2
+      port: 8080
+```
+
+Need to create the corresponding route on Apache APISIX.
+
+### TLSRoute Controller
+
+TBD
+
+### TCPRoute Controller
+
+TBD
+
+### UDPRoute Controller
+
+TBD
+
+### Test Plan
+
+* Use the e2e test case cover examples in the above document.
+
+### Graduation Criteria
+
+TBD
+
+## Production Readiness
+
+* We already have perfect e2e coverage
+* Gateway API reaches GA

docs/en/latest/aeps/README.md

@@ -0,0 +1,28 @@
+---
+title: APISIX Ingress Enhancement Proposals (AEPs)
+---
+
+<!--
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+-->
+
+This document was inspired by the [Kubernetes Enhancement Proposals (KEPs)](https://github.com/kubernetes/enhancements/tree/master/keps) of the Kubernetes community.
+
+By recording the long-term plan Proposal of the current Apache APISIX Ingress project in this directory, it is convenient for the community to participate in and contribute.
+
+The most successful example before this is [Proposal: add ApisixPluginConfig CRD](https://github.com/apache/apisix-ingress-controller/issues/638). But this way is not friendly enough.