From a4610f1a57bbbf60a74335d9067b4cece3d1b276 Mon Sep 17 00:00:00 2001 From: Mingxi Zhang Date: Thu, 1 Jun 2023 00:09:36 +0000 Subject: [PATCH 01/10] Enable passing input into controller --- helm/templates/deployment.yaml | 10 ++++ main.go | 8 ++- pkg/config/controller_config.go | 100 ++++++++++++++++++-------------- pkg/config/ec2_metadata.go | 2 - 4 files changed, 75 insertions(+), 45 deletions(-) diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index 26fafb16..311d652b 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -44,6 +44,7 @@ spec: - /manager args: - --leader-elect + - -- image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} name: manager @@ -77,3 +78,12 @@ spec: {{ if .Values.deployment.priorityClassName -}} priorityClassName: {{ .Values.deployment.priorityClassName }} {{ end -}} + {{- if .aws.region }} + - --aws-region={{ .aws.region }} + {{- end }} + {{- if .aws.accountId }} + - --aws-account-id={{ .aws.account.id }} + {{- end }} + {{- if .aws.vpc.id }} + - --aws-vpc-id={{ .aws.vpc.id }} + {{- end }} diff --git a/main.go b/main.go index f4f8700e..2513bb67 100644 --- a/main.go +++ b/main.go @@ -59,6 +59,9 @@ func main() { var metricsAddr string var enableLeaderElection bool var probeAddr string + var vpcId string + var accountId string + var region string // setup glog level flag.Lookup("logtostderr").Value.Set("true") @@ -69,6 +72,9 @@ func main() { flag.BoolVar(&enableLeaderElection, "leader-elect", false, "Enable leader election for controller manager. "+ "Enabling this will ensure there is only one active controller manager.") + flag.StringVar(&vpcId, "aws-vpc-id", "", "ID of VPC to create load balancers in.") + flag.StringVar(&accountId, "aws-account-id", "", "ID of Account to create load balancers in.") + flag.StringVar(®ion, "aws-region", "", "Region to create load balancers in.") opts := zap.Options{ Development: true, } @@ -77,7 +83,7 @@ func main() { ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts))) - config.ConfigInit() + config.ConfigInit(vpcId, region, accountId) cloud, err := aws.NewCloud() diff --git a/pkg/config/controller_config.go b/pkg/config/controller_config.go index 75889773..27151207 100644 --- a/pkg/config/controller_config.go +++ b/pkg/config/controller_config.go @@ -43,21 +43,66 @@ func GetClusterLocalGateway() (string, error) { return DefaultServiceNetwork, nil } -func ConfigInit() { - // discover VPC using environment first - VpcID = os.Getenv("CLUSTER_VPC_ID") - glog.V(2).Infoln("CLUSTER_VPC_ID: ", os.Getenv("CLUSTER_VPC_ID")) - - // discover Account - AccountID = os.Getenv("AWS_ACCOUNT_ID") - if AccountID == "" { - AccountID = os.Getenv("AWS_ACCOUNT") // Fallback to AWS_ACCOUNT for compatibility +func ConfigInit(vpcId string, region string, accountId string) { + + sess, _ := session.NewSession() + metadata := NewEC2Metadata(sess) + var err error + + // Check if controller running inside the k8s pod + configDiscoveryNeeded := ifRunningInCluster() + + // VpcId + if vpcId != "" { + VpcID = vpcId + glog.V(2).Infoln("CLUSTER_VPC_ID passed as input:", VpcID) + } else { + if configDiscoveryNeeded { + VpcID, err = metadata.VpcID() + glog.V(2).Infoln("CLUSTER_VPC_ID from IMDS config discovery :", VpcID) + if err != nil { + glog.V(2).Infoln("IMDS config discovery is NOT AVAILABLE :", err) + return + } + } else { + VpcID = os.Getenv("CLUSTER_VPC_ID") + glog.V(2).Infoln("CLUSTER_VPC_ID from local dev environment: ", VpcID) + } + } + + // Region + if region != "" { + Region = region + glog.V(2).Infoln("REGION passed as input:", Region) + } else { + if configDiscoveryNeeded { + Region, err = metadata.Region() + glog.V(2).Infoln("REGION from IMDS config discovery :", Region) + if err != nil { + return + } + } else { + Region = os.Getenv("REGION") + glog.V(2).Infoln("REGION from local dev environment: ", Region) + } } - glog.V(2).Infoln("AWS_ACCOUNT_ID:", AccountID) - // discover Region - Region = os.Getenv("REGION") - glog.V(2).Infoln("REGION:", os.Getenv("REGION")) + // AccountId + if accountId != "" { + AccountID = accountId + glog.V(2).Infoln("AWS_ACCOUNT_ID passed as input:", AccountID) + } else { + if configDiscoveryNeeded { + AccountID, err = metadata.AccountId() + glog.V(2).Infoln("AWS_ACCOUNT_ID from IMDS config discovery :", AccountID) + if err != nil { + return + } + } else { + AccountID = os.Getenv("AWS_ACCOUNT_ID") + glog.V(2).Infoln("AWS_ACCOUNT_ID from local dev environment: ", AccountID) + } + } logLevel = os.Getenv("GATEWAY_API_CONTROLLER_LOGLEVEL") glog.V(2).Infoln("Logging Level:", os.Getenv("GATEWAY_API_CONTROLLER_LOGLEVEL")) @@ -81,41 +126,12 @@ func ConfigInit() { UseLongTGName = false } - sess, _ := session.NewSession() - metadata := NewEC2Metadata(sess) - - var err error - if ifRunningInCluster() { - VpcID, err = metadata.VpcID() - if err != nil { - return - } - Region, err = metadata.Region() - if err != nil { - return - } - AccountID, err = metadata.AccountId() - if err != nil { - return - } - glog.V(2).Infoln("INSIDE CLUSTER CLUSTER_VPC_ID: ", VpcID) - glog.V(2).Infoln("INSIDE CLUSTER REGION: ", Region) - glog.V(2).Infoln("INSIDE CLUSTER ACCOUNT_ID: ", AccountID) - } } func ifRunningInCluster() bool { _, err := os.Stat("/var/run/secrets/kubernetes.io/serviceaccount") if err == nil { - glog.V(2).Infoln("Controller is running inside cluster") return true } - - if os.IsNotExist(err) { - glog.V(2).Infoln("Controller is NOT running inside cluster") - return false - } - - glog.V(2).Infoln("Controller is NOT running inside cluster") return false } diff --git a/pkg/config/ec2_metadata.go b/pkg/config/ec2_metadata.go index dfdd5eef..3b589d7c 100644 --- a/pkg/config/ec2_metadata.go +++ b/pkg/config/ec2_metadata.go @@ -34,7 +34,6 @@ func (c *defaultEC2Metadata) VpcID() (string, error) { if err != nil { return "", err } - fmt.Println("Get VPC ID from ec2 metadata: ", vpcID) return vpcID, nil } @@ -43,7 +42,6 @@ func (c *defaultEC2Metadata) Region() (string, error) { if err != nil { return "", err } - fmt.Println("Get region from ec2 metadata: ", region) return region, nil } From 80c9ac27d37c01419d97bd7e2927a783f3ef59a1 Mon Sep 17 00:00:00 2001 From: Mingxi Zhang Date: Thu, 1 Jun 2023 00:10:40 +0000 Subject: [PATCH 02/10] Enable passing input into controller --- helm/templates/deployment.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index 311d652b..95cc7b8b 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -44,7 +44,6 @@ spec: - /manager args: - --leader-elect - - -- image: {{ .Values.image.repository }}:{{ .Values.image.tag }} imagePullPolicy: {{ .Values.image.pullPolicy }} name: manager From 2702d21173fb93bc7545d64447f5b4fe1341f779 Mon Sep 17 00:00:00 2001 From: Mingxi Zhang Date: Fri, 2 Jun 2023 00:12:52 +0000 Subject: [PATCH 03/10] Improve input pass to controller --- docs/developer.md | 20 +++-------- main.go | 8 +---- pkg/config/controller_config.go | 60 ++++++++++++--------------------- 3 files changed, 28 insertions(+), 60 deletions(-) diff --git a/docs/developer.md b/docs/developer.md index 1524fb82..8b9dd22e 100644 --- a/docs/developer.md +++ b/docs/developer.md @@ -6,17 +6,16 @@ make help # This only needs to be run once after checking out the repo, and will install tools/codegen required for development # If you see this err "Go workspace's "bin" directory is not in PATH. Run 'export PATH="$PATH:${GOPATH:-$HOME/go}/bin"'." -# fix it and rerun following. +# fix it and rerun following. make toolchain # Run this before submitting code make presubmit -# Install CRDs (which only need once) +# Install CRDs (which only need once) kubectl apply -f config/crds/bases/k8s-gateway-v0.6.1.yaml kubectl apply -f config/crds/bases/multicluster.x-k8s.io_serviceexports.yaml kubectl apply -f config/crds/bases/multicluster.x-k8s.io_serviceimports.yaml -kubectl apply -f examples/gatewayclass.yaml # Run the controller against the Kubernetes cluster pointed to by `kubectl config current-context` # specify REGION where your cluster is running @@ -35,20 +34,11 @@ And use "EnvFile" GoLand plugin to read the env variables from the generated `.e ### End-to-End Testing Run the following command to run the end-to-end tests against the Kubernetes cluster pointed to by `kubectl config current-context`: -You should set up the correct `REGION` env variable and create `non-default` -namespace if it doesn't exist. - -NOTE: You'll need to allow in-bound traffics from lattice prefix list in the security -groups of your cluster. - -```bash -# create non-default namespace if it hasn't existed yet -kubectl create namespace non-default - +You should set up the correct `REGION` env variable +``` export REGION=us-west-2 make e2etest ``` - Pass `FOCUS` environment variable to run some specific test cases based on filter condition. You could assign the string in the Describe("xxxxxx") or It("xxxxxx") to the FOCUS environment variable to run the specific test cases. ```go @@ -91,4 +81,4 @@ make docker-build ``` make build-deploy ``` -Then follow [Deploying the AWS Gateway API Controller](https://github.com/aws/aws-application-networking-k8s/blob/main/docs/deploy.md) to configure and deploy the docker image +Then follow [Deploying the AWS Gateway API Controller](https://github.com/aws/aws-application-networking-k8s/blob/main/docs/deploy.md) to configure and deploy the docker image diff --git a/main.go b/main.go index 2513bb67..f4f8700e 100644 --- a/main.go +++ b/main.go @@ -59,9 +59,6 @@ func main() { var metricsAddr string var enableLeaderElection bool var probeAddr string - var vpcId string - var accountId string - var region string // setup glog level flag.Lookup("logtostderr").Value.Set("true") @@ -72,9 +69,6 @@ func main() { flag.BoolVar(&enableLeaderElection, "leader-elect", false, "Enable leader election for controller manager. "+ "Enabling this will ensure there is only one active controller manager.") - flag.StringVar(&vpcId, "aws-vpc-id", "", "ID of VPC to create load balancers in.") - flag.StringVar(&accountId, "aws-account-id", "", "ID of Account to create load balancers in.") - flag.StringVar(®ion, "aws-region", "", "Region to create load balancers in.") opts := zap.Options{ Development: true, } @@ -83,7 +77,7 @@ func main() { ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts))) - config.ConfigInit(vpcId, region, accountId) + config.ConfigInit() cloud, err := aws.NewCloud() diff --git a/pkg/config/controller_config.go b/pkg/config/controller_config.go index 27151207..6106f1d3 100644 --- a/pkg/config/controller_config.go +++ b/pkg/config/controller_config.go @@ -43,64 +43,48 @@ func GetClusterLocalGateway() (string, error) { return DefaultServiceNetwork, nil } -func ConfigInit(vpcId string, region string, accountId string) { +func ConfigInit() { sess, _ := session.NewSession() metadata := NewEC2Metadata(sess) var err error - // Check if controller running inside the k8s pod - configDiscoveryNeeded := ifRunningInCluster() - // VpcId - if vpcId != "" { - VpcID = vpcId + VpcID = os.Getenv("CLUSTER_VPC_ID") + if VpcID != "" { glog.V(2).Infoln("CLUSTER_VPC_ID passed as input:", VpcID) } else { - if configDiscoveryNeeded { - VpcID, err = metadata.VpcID() - glog.V(2).Infoln("CLUSTER_VPC_ID from IMDS config discovery :", VpcID) - if err != nil { - glog.V(2).Infoln("IMDS config discovery is NOT AVAILABLE :", err) - return - } - } else { - VpcID = os.Getenv("CLUSTER_VPC_ID") - glog.V(2).Infoln("CLUSTER_VPC_ID from local dev environment: ", VpcID) + VpcID, err = metadata.VpcID() + glog.V(2).Infoln("CLUSTER_VPC_ID from IMDS config discovery :", VpcID) + if err != nil { + glog.V(2).Infoln("IMDS config discovery for CLUSTER_VPC_ID is NOT AVAILABLE :", err) + return } } // Region - if region != "" { - Region = region + Region = os.Getenv("REGION") + if Region != "" { glog.V(2).Infoln("REGION passed as input:", Region) } else { - if configDiscoveryNeeded { - Region, err = metadata.Region() - glog.V(2).Infoln("REGION from IMDS config discovery :", Region) - if err != nil { - return - } - } else { - Region = os.Getenv("REGION") - glog.V(2).Infoln("REGION from local dev environment: ", Region) + Region, err = metadata.Region() + glog.V(2).Infoln("REGION from IMDS config discovery :", Region) + if err != nil { + glog.V(2).Infoln("IMDS config discovery for REGION is NOT AVAILABLE :", err) + return } } // AccountId - if accountId != "" { - AccountID = accountId + AccountID = os.Getenv("AWS_ACCOUNT_ID") + if AccountID != "" { glog.V(2).Infoln("AWS_ACCOUNT_ID passed as input:", AccountID) } else { - if configDiscoveryNeeded { - AccountID, err = metadata.AccountId() - glog.V(2).Infoln("AWS_ACCOUNT_ID from IMDS config discovery :", AccountID) - if err != nil { - return - } - } else { - AccountID = os.Getenv("AWS_ACCOUNT_ID") - glog.V(2).Infoln("AWS_ACCOUNT_ID from local dev environment: ", AccountID) + AccountID, err = metadata.AccountId() + glog.V(2).Infoln("AWS_ACCOUNT_ID from IMDS config discovery :", AccountID) + if err != nil { + glog.V(2).Infoln("IMDS config discovery for AWS_ACCOUNT_ID is NOT AVAILABLE :", err) + return } } From 952991fcda6578fb1de01552a6057eaf5e21fbe6 Mon Sep 17 00:00:00 2001 From: Mingxi Zhang Date: Fri, 2 Jun 2023 17:33:09 +0000 Subject: [PATCH 04/10] Change flag to env var for input --- docs/deploy.md | 9 +++++++-- docs/developer.md | 20 +++++++++++++++----- helm/templates/configmap.yaml | 8 ++++++++ helm/templates/deployment.yaml | 26 +++++++++++++++++--------- helm/values.yaml | 4 ++++ pkg/config/controller_config.go | 6 +++--- 6 files changed, 54 insertions(+), 19 deletions(-) create mode 100644 helm/templates/configmap.yaml diff --git a/docs/deploy.md b/docs/deploy.md index fe4a56ac..ce083bd7 100644 --- a/docs/deploy.md +++ b/docs/deploy.md @@ -14,7 +14,7 @@ Run through them again for a second cluster to use with the extended example sho ```bash eksctl create cluster --name $CLUSTER_NAME --region $AWS_REGION ``` -1. First, configure security group to receive traffic from the VPC Lattice fleet. You must set up security groups so that they allow all Pods communicating with VPC Lattice to allow traffic on all ports from the `169.254.171.0/24` address range. +1. First, configure security group to receive traffic from the VPC Lattice fleet. You must set up security groups so that they allow all Pods communicating with VPC Lattice to allow traffic on all ports from the `169.254.171.0/24` address range. ```bash PREFIX_LIST_ID=$(aws ec2 describe-managed-prefix-lists --query "PrefixLists[?PrefixListName=="\'com.amazonaws.$AWS_REGION.vpc-lattice\'"].PrefixListId" | jq -r '.[]') MANAGED_PREFIX=$(aws ec2 get-managed-prefix-list-entries --prefix-list-id $PREFIX_LIST_ID --output json | jq -r '.Entries[0].Cidr') @@ -79,7 +79,12 @@ Run through them again for a second cluster to use with the extended example sho helm install gateway-api-controller \ oci://public.ecr.aws/aws-application-networking-k8s/aws-gateway-controller-chart\ --version=v0.0.12 \ - --set=aws.region=$AWS_REGION --set=serviceAccount.create=false --namespace aws-application-networking-system + --set=serviceAccount.create=false --namespace aws-application-networking-system \ + # Region, clusterVpcId, awsAccountId are required for fargate use case + --set=awsRegion= \ + --set=clusterVpcId= \ + --set=awsAccountId= \ + ``` 1. Create the `amazon-vpc-lattice` GatewayClass: ```bash diff --git a/docs/developer.md b/docs/developer.md index 8b9dd22e..1524fb82 100644 --- a/docs/developer.md +++ b/docs/developer.md @@ -6,16 +6,17 @@ make help # This only needs to be run once after checking out the repo, and will install tools/codegen required for development # If you see this err "Go workspace's "bin" directory is not in PATH. Run 'export PATH="$PATH:${GOPATH:-$HOME/go}/bin"'." -# fix it and rerun following. +# fix it and rerun following. make toolchain # Run this before submitting code make presubmit -# Install CRDs (which only need once) +# Install CRDs (which only need once) kubectl apply -f config/crds/bases/k8s-gateway-v0.6.1.yaml kubectl apply -f config/crds/bases/multicluster.x-k8s.io_serviceexports.yaml kubectl apply -f config/crds/bases/multicluster.x-k8s.io_serviceimports.yaml +kubectl apply -f examples/gatewayclass.yaml # Run the controller against the Kubernetes cluster pointed to by `kubectl config current-context` # specify REGION where your cluster is running @@ -34,11 +35,20 @@ And use "EnvFile" GoLand plugin to read the env variables from the generated `.e ### End-to-End Testing Run the following command to run the end-to-end tests against the Kubernetes cluster pointed to by `kubectl config current-context`: -You should set up the correct `REGION` env variable -``` +You should set up the correct `REGION` env variable and create `non-default` +namespace if it doesn't exist. + +NOTE: You'll need to allow in-bound traffics from lattice prefix list in the security +groups of your cluster. + +```bash +# create non-default namespace if it hasn't existed yet +kubectl create namespace non-default + export REGION=us-west-2 make e2etest ``` + Pass `FOCUS` environment variable to run some specific test cases based on filter condition. You could assign the string in the Describe("xxxxxx") or It("xxxxxx") to the FOCUS environment variable to run the specific test cases. ```go @@ -81,4 +91,4 @@ make docker-build ``` make build-deploy ``` -Then follow [Deploying the AWS Gateway API Controller](https://github.com/aws/aws-application-networking-k8s/blob/main/docs/deploy.md) to configure and deploy the docker image +Then follow [Deploying the AWS Gateway API Controller](https://github.com/aws/aws-application-networking-k8s/blob/main/docs/deploy.md) to configure and deploy the docker image diff --git a/helm/templates/configmap.yaml b/helm/templates/configmap.yaml new file mode 100644 index 00000000..f5c3f914 --- /dev/null +++ b/helm/templates/configmap.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: env-config +data: + awsRegion: {{ .Values.awsRegion }} + awsAccountId: {{ .Values.awsAccountId }} + clusterVpcId: {{ .Values.clusterVpcId }} \ No newline at end of file diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml index 95cc7b8b..505dd4a3 100644 --- a/helm/templates/deployment.yaml +++ b/helm/templates/deployment.yaml @@ -66,6 +66,23 @@ spec: periodSeconds: 10 securityContext: allowPrivilegeEscalation: false + env: + - name: REGION + valueFrom: + configMapKeyRef: + name: env-config + key: awsRegion + - name: AWS_ACCOUNT_ID + valueFrom: + configMapKeyRef: + name: env-config + key: awsAccountId + - name: CLUSTER_VPC_ID + valueFrom: + configMapKeyRef: + name: env-config + key: clusterVpcId + terminationGracePeriodSeconds: 10 nodeSelector: {{ toYaml .Values.deployment.nodeSelector | nindent 8 }} {{ if .Values.deployment.tolerations -}} @@ -77,12 +94,3 @@ spec: {{ if .Values.deployment.priorityClassName -}} priorityClassName: {{ .Values.deployment.priorityClassName }} {{ end -}} - {{- if .aws.region }} - - --aws-region={{ .aws.region }} - {{- end }} - {{- if .aws.accountId }} - - --aws-account-id={{ .aws.account.id }} - {{- end }} - {{- if .aws.vpc.id }} - - --aws-vpc-id={{ .aws.vpc.id }} - {{- end }} diff --git a/helm/values.yaml b/helm/values.yaml index 0aaedfda..52e61cb3 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -70,3 +70,7 @@ serviceAccount: name: gateway-api-controller annotations: {} # eks.amazonaws.com/role-arn: arn:aws:iam::AWS_ACCOUNT_ID:role/IAM_ROLE_NAME + +awsRegion: +awsAccountId: +clusterVpcId: \ No newline at end of file diff --git a/pkg/config/controller_config.go b/pkg/config/controller_config.go index 6106f1d3..51a41d0a 100644 --- a/pkg/config/controller_config.go +++ b/pkg/config/controller_config.go @@ -17,9 +17,9 @@ const ( ) // TODO endpoint, region -var VpcID = "vpc-xxxx" -var AccountID = "yyyyyy" -var Region = "us-west-2" +var VpcID = "" +var AccountID = "" +var Region = "" var logLevel = defaultLogLevel var DefaultServiceNetwork = NoDefaultServiceNetwork var UseLongTGName = false From cf9ea34744cf2381aa0ff5941412d52c02d2d48e Mon Sep 17 00:00:00 2001 From: Mingxi Zhang Date: Fri, 2 Jun 2023 17:38:47 +0000 Subject: [PATCH 05/10] Remove checking if running inside cluster code --- helm/templates/configmap.yaml | 2 +- helm/values.yaml | 2 +- pkg/config/controller_config.go | 8 -------- 3 files changed, 2 insertions(+), 10 deletions(-) diff --git a/helm/templates/configmap.yaml b/helm/templates/configmap.yaml index f5c3f914..48762fbd 100644 --- a/helm/templates/configmap.yaml +++ b/helm/templates/configmap.yaml @@ -5,4 +5,4 @@ metadata: data: awsRegion: {{ .Values.awsRegion }} awsAccountId: {{ .Values.awsAccountId }} - clusterVpcId: {{ .Values.clusterVpcId }} \ No newline at end of file + clusterVpcId: {{ .Values.clusterVpcId }} diff --git a/helm/values.yaml b/helm/values.yaml index 52e61cb3..45739da8 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -73,4 +73,4 @@ serviceAccount: awsRegion: awsAccountId: -clusterVpcId: \ No newline at end of file +clusterVpcId: diff --git a/pkg/config/controller_config.go b/pkg/config/controller_config.go index 51a41d0a..f17e0b53 100644 --- a/pkg/config/controller_config.go +++ b/pkg/config/controller_config.go @@ -111,11 +111,3 @@ func ConfigInit() { } } - -func ifRunningInCluster() bool { - _, err := os.Stat("/var/run/secrets/kubernetes.io/serviceaccount") - if err == nil { - return true - } - return false -} From bdda6e6c561e68302a5feb05b402cf32eab42b0c Mon Sep 17 00:00:00 2001 From: Mingxi Zhang Date: Fri, 2 Jun 2023 17:41:32 +0000 Subject: [PATCH 06/10] Update deploy docs --- docs/deploy.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/deploy.md b/docs/deploy.md index ce083bd7..86719733 100644 --- a/docs/deploy.md +++ b/docs/deploy.md @@ -80,7 +80,7 @@ Run through them again for a second cluster to use with the extended example sho oci://public.ecr.aws/aws-application-networking-k8s/aws-gateway-controller-chart\ --version=v0.0.12 \ --set=serviceAccount.create=false --namespace aws-application-networking-system \ - # Region, clusterVpcId, awsAccountId are required for fargate use case + # Region, clusterVpcId, awsAccountId are required for case where IMDS is NOT AVAILABLE, e.g Fargate --set=awsRegion= \ --set=clusterVpcId= \ --set=awsAccountId= \ From f81282bfcae264b21a0991c2fc37ce98a565b9fd Mon Sep 17 00:00:00 2001 From: Mingxi Zhang Date: Fri, 2 Jun 2023 17:47:25 +0000 Subject: [PATCH 07/10] Update default setting --- pkg/config/controller_config.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkg/config/controller_config.go b/pkg/config/controller_config.go index f17e0b53..89cca54e 100644 --- a/pkg/config/controller_config.go +++ b/pkg/config/controller_config.go @@ -13,13 +13,13 @@ const ( LatticeGatewayControllerName = "application-networking.k8s.aws/gateway-api-controller" defaultLogLevel = "Info" NoDefaultServiceNetwork = "" + UnknownInput = "" NO_DEFAULT_SERVICE_NETWORK = "NO_DEFAULT_SERVICE_NETWORK" ) -// TODO endpoint, region -var VpcID = "" -var AccountID = "" -var Region = "" +var VpcID = UnknownInput +var AccountID = UnknownInput +var Region = UnknownInput var logLevel = defaultLogLevel var DefaultServiceNetwork = NoDefaultServiceNetwork var UseLongTGName = false From d443ae0d0cd11d05531ba353d7a2496c9605934b Mon Sep 17 00:00:00 2001 From: Mingxi Zhang Date: Fri, 2 Jun 2023 18:21:16 +0000 Subject: [PATCH 08/10] Update default setting --- pkg/config/controller_config.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/config/controller_config.go b/pkg/config/controller_config.go index 89cca54e..813927fd 100644 --- a/pkg/config/controller_config.go +++ b/pkg/config/controller_config.go @@ -51,7 +51,7 @@ func ConfigInit() { // VpcId VpcID = os.Getenv("CLUSTER_VPC_ID") - if VpcID != "" { + if VpcID != UnknownInput { glog.V(2).Infoln("CLUSTER_VPC_ID passed as input:", VpcID) } else { VpcID, err = metadata.VpcID() @@ -64,7 +64,7 @@ func ConfigInit() { // Region Region = os.Getenv("REGION") - if Region != "" { + if Region != UnknownInput { glog.V(2).Infoln("REGION passed as input:", Region) } else { Region, err = metadata.Region() @@ -77,7 +77,7 @@ func ConfigInit() { // AccountId AccountID = os.Getenv("AWS_ACCOUNT_ID") - if AccountID != "" { + if AccountID != UnknownInput { glog.V(2).Infoln("AWS_ACCOUNT_ID passed as input:", AccountID) } else { AccountID, err = metadata.AccountId() From f37bc66967d4623a9ef4e708d4b06f1d0a75ed62 Mon Sep 17 00:00:00 2001 From: Mingxi Zhang Date: Fri, 2 Jun 2023 19:00:52 +0000 Subject: [PATCH 09/10] Update default setting --- pkg/config/controller_config.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/config/controller_config.go b/pkg/config/controller_config.go index 813927fd..3494e8ae 100644 --- a/pkg/config/controller_config.go +++ b/pkg/config/controller_config.go @@ -13,7 +13,7 @@ const ( LatticeGatewayControllerName = "application-networking.k8s.aws/gateway-api-controller" defaultLogLevel = "Info" NoDefaultServiceNetwork = "" - UnknownInput = "" + UnknownInput = "" NO_DEFAULT_SERVICE_NETWORK = "NO_DEFAULT_SERVICE_NETWORK" ) From bab00cb9a321613f9afd0a0bd8d0707aeaf1febc Mon Sep 17 00:00:00 2001 From: Mingxi Zhang Date: Fri, 2 Jun 2023 21:28:23 +0000 Subject: [PATCH 10/10] Add unit test for env var init --- pkg/config/controller_config.go | 52 +++++++++++++----------- pkg/config/controller_config_test.go | 61 ++++++++++++++++++++++++++++ 2 files changed, 89 insertions(+), 24 deletions(-) create mode 100644 pkg/config/controller_config_test.go diff --git a/pkg/config/controller_config.go b/pkg/config/controller_config.go index 3494e8ae..95827e69 100644 --- a/pkg/config/controller_config.go +++ b/pkg/config/controller_config.go @@ -12,20 +12,28 @@ import ( const ( LatticeGatewayControllerName = "application-networking.k8s.aws/gateway-api-controller" defaultLogLevel = "Info" - NoDefaultServiceNetwork = "" UnknownInput = "" - NO_DEFAULT_SERVICE_NETWORK = "NO_DEFAULT_SERVICE_NETWORK" +) + +const ( + NO_DEFAULT_SERVICE_NETWORK = "NO_DEFAULT_SERVICE_NETWORK" + REGION = "REGION" + CLUSTER_VPC_ID = "CLUSTER_VPC_ID" + CLUSTER_LOCAL_GATEWAY = "CLUSTER_LOCAL_GATEWAY" + AWS_ACCOUNT_ID = "AWS_ACCOUNT_ID" + TARGET_GROUP_NAME_LEN_MODE = "TARGET_GROUP_NAME_LEN_MODE" + GATEWAY_API_CONTROLLER_LOGLEVEL = "GATEWAY_API_CONTROLLER_LOGLEVEL" ) var VpcID = UnknownInput var AccountID = UnknownInput var Region = UnknownInput var logLevel = defaultLogLevel -var DefaultServiceNetwork = NoDefaultServiceNetwork +var DefaultServiceNetwork = UnknownInput var UseLongTGName = false func GetLogLevel() string { - logLevel = os.Getenv("GATEWAY_API_CONTROLLER_LOGLEVEL") + logLevel = os.Getenv(GATEWAY_API_CONTROLLER_LOGLEVEL) switch strings.ToLower(logLevel) { case "debug": return "10" @@ -36,8 +44,8 @@ func GetLogLevel() string { } func GetClusterLocalGateway() (string, error) { - if DefaultServiceNetwork == NoDefaultServiceNetwork { - return NoDefaultServiceNetwork, errors.New(NO_DEFAULT_SERVICE_NETWORK) + if DefaultServiceNetwork == UnknownInput { + return UnknownInput, errors.New(NO_DEFAULT_SERVICE_NETWORK) } return DefaultServiceNetwork, nil @@ -49,8 +57,8 @@ func ConfigInit() { metadata := NewEC2Metadata(sess) var err error - // VpcId - VpcID = os.Getenv("CLUSTER_VPC_ID") + // CLUSTER_VPC_ID + VpcID = os.Getenv(CLUSTER_VPC_ID) if VpcID != UnknownInput { glog.V(2).Infoln("CLUSTER_VPC_ID passed as input:", VpcID) } else { @@ -58,12 +66,11 @@ func ConfigInit() { glog.V(2).Infoln("CLUSTER_VPC_ID from IMDS config discovery :", VpcID) if err != nil { glog.V(2).Infoln("IMDS config discovery for CLUSTER_VPC_ID is NOT AVAILABLE :", err) - return } } - // Region - Region = os.Getenv("REGION") + // REGION + Region = os.Getenv(REGION) if Region != UnknownInput { glog.V(2).Infoln("REGION passed as input:", Region) } else { @@ -71,12 +78,11 @@ func ConfigInit() { glog.V(2).Infoln("REGION from IMDS config discovery :", Region) if err != nil { glog.V(2).Infoln("IMDS config discovery for REGION is NOT AVAILABLE :", err) - return } } - // AccountId - AccountID = os.Getenv("AWS_ACCOUNT_ID") + // AWS_ACCOUNT_ID + AccountID = os.Getenv(AWS_ACCOUNT_ID) if AccountID != UnknownInput { glog.V(2).Infoln("AWS_ACCOUNT_ID passed as input:", AccountID) } else { @@ -84,24 +90,23 @@ func ConfigInit() { glog.V(2).Infoln("AWS_ACCOUNT_ID from IMDS config discovery :", AccountID) if err != nil { glog.V(2).Infoln("IMDS config discovery for AWS_ACCOUNT_ID is NOT AVAILABLE :", err) - return } } - logLevel = os.Getenv("GATEWAY_API_CONTROLLER_LOGLEVEL") - glog.V(2).Infoln("Logging Level:", os.Getenv("GATEWAY_API_CONTROLLER_LOGLEVEL")) - - DefaultServiceNetwork = os.Getenv("CLUSTER_LOCAL_GATEWAY") + // GATEWAY_API_CONTROLLER_LOGLEVEL + logLevel = os.Getenv(GATEWAY_API_CONTROLLER_LOGLEVEL) + glog.V(2).Infoln("Logging Level:", os.Getenv(GATEWAY_API_CONTROLLER_LOGLEVEL)) - if DefaultServiceNetwork == NoDefaultServiceNetwork { + // CLUSTER_LOCAL_GATEWAY + DefaultServiceNetwork = os.Getenv(CLUSTER_LOCAL_GATEWAY) + if DefaultServiceNetwork == UnknownInput { glog.V(2).Infoln("No CLUSTER_LOCAL_GATEWAY") } else { - glog.V(2).Infoln("CLUSTER_LOCAL_GATEWAY", DefaultServiceNetwork) } - tgNameLengthMode := os.Getenv("TARGET_GROUP_NAME_LEN_MODE") - + // TARGET_GROUP_NAME_LEN_MODE + tgNameLengthMode := os.Getenv(TARGET_GROUP_NAME_LEN_MODE) glog.V(2).Infoln("TARGET_GROUP_NAME_LEN_MODE", tgNameLengthMode) if tgNameLengthMode == "long" { @@ -109,5 +114,4 @@ func ConfigInit() { } else { UseLongTGName = false } - } diff --git a/pkg/config/controller_config_test.go b/pkg/config/controller_config_test.go new file mode 100644 index 00000000..2f2e3e8a --- /dev/null +++ b/pkg/config/controller_config_test.go @@ -0,0 +1,61 @@ +package config + +import ( + "github.com/stretchr/testify/assert" + "os" + "testing" +) + +func Test_config_init_with_partial_env_var(t *testing.T) { + // Test variable + testRegion := "us-west-2" + testClusterVpcId := "vpc-123456" + testClusterLocalGateway := "default" + + os.Setenv(REGION, testRegion) + os.Setenv(CLUSTER_VPC_ID, testClusterVpcId) + os.Setenv(CLUSTER_LOCAL_GATEWAY, testClusterLocalGateway) + os.Unsetenv(AWS_ACCOUNT_ID) + os.Unsetenv(TARGET_GROUP_NAME_LEN_MODE) + ConfigInit() + assert.Equal(t, Region, testRegion) + assert.Equal(t, VpcID, testClusterVpcId) + assert.Equal(t, AccountID, UnknownInput) + assert.Equal(t, DefaultServiceNetwork, testClusterLocalGateway) + assert.Equal(t, UseLongTGName, false) +} + +func Test_config_init_no_env_var(t *testing.T) { + os.Unsetenv(REGION) + os.Unsetenv(CLUSTER_VPC_ID) + os.Unsetenv(CLUSTER_LOCAL_GATEWAY) + os.Unsetenv(AWS_ACCOUNT_ID) + os.Unsetenv(TARGET_GROUP_NAME_LEN_MODE) + ConfigInit() + assert.Equal(t, Region, UnknownInput) + assert.Equal(t, VpcID, UnknownInput) + assert.Equal(t, AccountID, UnknownInput) + assert.Equal(t, DefaultServiceNetwork, UnknownInput) + assert.Equal(t, UseLongTGName, false) +} + +func Test_config_init_with_all_env_var(t *testing.T) { + // Test variable + testRegion := "us-west-2" + testClusterVpcId := "vpc-123456" + testClusterLocalGateway := "default" + testTargetGroupNameLenMode := "long" + testAwsAccountId := "12345678" + + os.Setenv(REGION, testRegion) + os.Setenv(CLUSTER_VPC_ID, testClusterVpcId) + os.Setenv(CLUSTER_LOCAL_GATEWAY, testClusterLocalGateway) + os.Setenv(AWS_ACCOUNT_ID, testAwsAccountId) + os.Setenv(TARGET_GROUP_NAME_LEN_MODE, testTargetGroupNameLenMode) + ConfigInit() + assert.Equal(t, Region, testRegion) + assert.Equal(t, VpcID, testClusterVpcId) + assert.Equal(t, AccountID, testAwsAccountId) + assert.Equal(t, DefaultServiceNetwork, testClusterLocalGateway) + assert.Equal(t, UseLongTGName, true) +}