eclipse-che · sparkoo · Aug 31, 2020 · Aug 4, 2020 · Aug 4, 2020 · Aug 4, 2020
diff --git a/assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java b/assembly/assembly-wsmaster-war/src/main/java/org/eclipse/che/api/deploy/WsMasterModule.java
@@ -89,6 +89,7 @@
 import org.eclipse.che.security.oauth.EmbeddedOAuthAPI;
 import org.eclipse.che.security.oauth.OAuthAPI;
 import org.eclipse.che.security.oauth.OpenShiftOAuthModule;
+import org.eclipse.che.workspace.infrastructure.kubernetes.GatewayRouterProvisioner;
 import org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesInfraModule;
 import org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesInfrastructure;
 import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment;

diff --git a/...in/java/org/eclipse/che/workspace/infrastructure/kubernetes/GatewayRouterProvisioner.java b/...in/java/org/eclipse/che/workspace/infrastructure/kubernetes/GatewayRouterProvisioner.java
@@ -0,0 +1,75 @@
+package org.eclipse.che.workspace.infrastructure.kubernetes;
+
+import static org.eclipse.che.workspace.infrastructure.kubernetes.provision.TlsProvisioner.getSecureProtocol;
+
+import com.google.common.collect.ImmutableMap;
+import io.fabric8.kubernetes.api.model.ConfigMap;
+import io.fabric8.kubernetes.api.model.ConfigMapBuilder;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.concurrent.Executor;
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.inject.Singleton;
+import org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity;
+import org.eclipse.che.api.workspace.server.model.impl.ServerConfigImpl;
+import org.eclipse.che.api.workspace.server.spi.InfrastructureException;
+import org.eclipse.che.api.workspace.server.spi.environment.GatewayRouteConfig;
+import org.eclipse.che.api.workspace.server.spi.environment.InternalEnvironment;
+import org.eclipse.che.api.workspace.server.spi.provision.InternalEnvironmentProvisioner;
+import org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespace;
+import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.GatewayRouteConfigGenerator;
+import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.TraefikGatewayRouteConfigGenerator;
+import org.eclipse.che.workspace.infrastructure.kubernetes.util.KubernetesSharedPool;
+
+@Singleton
+public class GatewayRouterProvisioner {
+
+  protected static final Map<String, String> GATEWAY_CONFIGMAP_LABELS =
+      ImmutableMap.<String, String>builder()
+          .put("app", "che")
+          .put("role", "gateway-config")
+          .build();
+
+  private final KubernetesClientFactory clientFactory;
+  private final Executor k8sExecutor;
+
+  @Inject
+  public GatewayRouterProvisioner(KubernetesClientFactory clientFactory,
+      KubernetesSharedPool sharedPool) {
+    this.clientFactory = clientFactory;
+    this.k8sExecutor = sharedPool.getExecutor();
+  }
+
+  public List<ConfigMap> provision(RuntimeIdentity id, InternalEnvironment internalEnvironment)
+      throws InfrastructureException {
+    if (internalEnvironment.getGatewayRouteConfigs().isEmpty()) {
+      return Collections.emptyList();
+    }
+    List<ConfigMap> routeConfigMaps = new ArrayList<>();
+    KubernetesNamespace cheNamespace = new KubernetesNamespace(clientFactory, k8sExecutor, "che",
+        id.getWorkspaceId());
+
+    for (GatewayRouteConfig routeConfig : internalEnvironment.getGatewayRouteConfigs()) {
+      GatewayRouteConfigGenerator gatewayRouteConfigGenerator = new TraefikGatewayRouteConfigGenerator(
+          id.getInfrastructureNamespace());
+      gatewayRouteConfigGenerator.addRouteConfig(routeConfig);
+      ConfigMapBuilder configMapBuilder = new ConfigMapBuilder()
+          .withNewMetadata()
+          .withName(id.getWorkspaceId() + routeConfig.getName())
+          .withLabels(GATEWAY_CONFIGMAP_LABELS)
+          .withAnnotations(routeConfig.getAnnotations())
+          .endMetadata()
+          .withData(gatewayRouteConfigGenerator.generate());
+
+      ConfigMap routeConfigMap = cheNamespace.configMaps().create(configMapBuilder.build());
+      routeConfigMaps.add(routeConfigMap);
+    }
+
+    return routeConfigMaps;
+  }
+}
diff --git a/.../main/java/org/eclipse/che/workspace/infrastructure/kubernetes/KubernetesInfraModule.java b/.../main/java/org/eclipse/che/workspace/infrastructure/kubernetes/KubernetesInfraModule.java
@@ -70,11 +70,13 @@
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.DefaultHostExternalServiceExposureStrategy;
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.ExternalServerExposer;
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.ExternalServiceExposureStrategy;
+import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.GatewayRouteConfigGenerator;
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.GatewayServerExposer;
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.IngressServerExposer;
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.IngressServiceExposureStrategyProvider;
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.MultiHostExternalServiceExposureStrategy;
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.SingleHostExternalServiceExposureStrategy;
+import org.eclipse.che.workspace.infrastructure.kubernetes.server.external.TraefikGatewayRouteConfigGenerator;
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.SecureServerExposer;
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.SecureServerExposerFactory;
 import org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.SecureServerExposerFactoryProvider;

diff --git a/...n/java/org/eclipse/che/workspace/infrastructure/kubernetes/KubernetesInternalRuntime.java b/...n/java/org/eclipse/che/workspace/infrastructure/kubernetes/KubernetesInternalRuntime.java
@@ -131,6 +131,7 @@ public class KubernetesInternalRuntime<E extends KubernetesEnvironment>
   private final PreviewUrlCommandProvisioner previewUrlCommandProvisioner;
   private final SecretAsContainerResourceProvisioner secretAsContainerResourceProvisioner;
   private final KubernetesServerResolverFactory serverResolverFactory;
+  private final GatewayRouterProvisioner gatewayRouterProvisioner;
   protected final Tracer tracer;
 
   @Inject
@@ -155,6 +156,7 @@ public KubernetesInternalRuntime(
       PreviewUrlCommandProvisioner previewUrlCommandProvisioner,
       SecretAsContainerResourceProvisioner secretAsContainerResourceProvisioner,
       KubernetesServerResolverFactory kubernetesServerResolverFactory,
+      GatewayRouterProvisioner gatewayRouterProvisioner,
       Tracer tracer,
       @Assisted KubernetesRuntimeContext<E> context,
       @Assisted KubernetesNamespace namespace) {
@@ -180,6 +182,7 @@ public KubernetesInternalRuntime(
     this.secretAsContainerResourceProvisioner = secretAsContainerResourceProvisioner;
     this.serverResolverFactory = kubernetesServerResolverFactory;
     this.tracer = tracer;
+    this.gatewayRouterProvisioner = gatewayRouterProvisioner;
   }
 
   @Override
@@ -615,6 +618,7 @@ protected void startMachines() throws InfrastructureException {
 
     createSecrets(k8sEnv, workspaceId);
     List<ConfigMap> createdConfigMaps = createConfigMaps(k8sEnv, workspaceId);
+    createdConfigMaps.addAll(gatewayRouterProvisioner.provision(getContext().getIdentity(), k8sEnv));
     List<Service> createdServices = createServices(k8sEnv, workspaceId);
 
     // needed for resolution later on, even though n routes are actually created by ingress

diff --git a/...in/java/org/eclipse/che/workspace/infrastructure/kubernetes/KubernetesRuntimeContext.java b/...in/java/org/eclipse/che/workspace/infrastructure/kubernetes/KubernetesRuntimeContext.java
@@ -47,8 +47,7 @@ public KubernetesRuntimeContext(
       KubernetesRuntimeStateCache runtimeStatuses,
       @Assisted T kubernetesEnvironment,
       @Assisted RuntimeIdentity identity,
-      @Assisted RuntimeInfrastructure infrastructure)
-      throws ValidationException, InfrastructureException {
+      @Assisted RuntimeInfrastructure infrastructure) {
     super(kubernetesEnvironment, identity, infrastructure);
     this.namespaceFactory = namespaceFactory;
     this.runtimeFactory = runtimeFactory;

diff --git a/.../org/eclipse/che/workspace/infrastructure/kubernetes/namespace/KubernetesConfigsMaps.java b/.../org/eclipse/che/workspace/infrastructure/kubernetes/namespace/KubernetesConfigsMaps.java
@@ -20,6 +20,7 @@
 import org.eclipse.che.api.workspace.server.spi.InfrastructureException;
 import org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesClientFactory;
 import org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesInfrastructureException;
+import org.eclipse.che.workspace.infrastructure.kubernetes.server.secure.jwtproxy.model.Config;
 
 /**
  * Defines an internal API for managing {@link ConfigMap} instances in {@link

diff --git a/.../org/eclipse/che/workspace/infrastructure/kubernetes/provision/GatewayTlsProvisioner.java b/.../org/eclipse/che/workspace/infrastructure/kubernetes/provision/GatewayTlsProvisioner.java
@@ -20,6 +20,7 @@
 import javax.inject.Singleton;
 import org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity;
 import org.eclipse.che.api.workspace.server.model.impl.ServerConfigImpl;
+import org.eclipse.che.api.workspace.server.spi.environment.GatewayRouteConfig;
 import org.eclipse.che.workspace.infrastructure.kubernetes.Annotations;
 import org.eclipse.che.workspace.infrastructure.kubernetes.KubernetesInfrastructureException;
 import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment;
@@ -45,14 +46,14 @@ public void provision(T k8sEnv, RuntimeIdentity identity)
       return;
     }
 
-    for (ConfigMap cm : k8sEnv.getConfigMaps().values()) {
-      useSecureProtocolForGatewayServers(cm);
+    for (GatewayRouteConfig routeConfig : k8sEnv.getGatewayRouteConfigs()) {
+      useSecureProtocolForGatewayServers(routeConfig);
     }
   }
 
-  private void useSecureProtocolForGatewayServers(ConfigMap cm) {
+  private void useSecureProtocolForGatewayServers(GatewayRouteConfig routeConfig) {
     Map<String, ServerConfigImpl> servers =
-        Annotations.newDeserializer(cm.getMetadata().getAnnotations()).servers();
+        Annotations.newDeserializer(routeConfig.getAnnotations()).servers();
 
     if (servers.isEmpty()) {
       return;
@@ -61,8 +62,8 @@ private void useSecureProtocolForGatewayServers(ConfigMap cm) {
     servers.values().forEach(s -> s.setProtocol(getSecureProtocol(s.getProtocol())));
 
     Map<String, String> annotations = Annotations.newSerializer().servers(servers).annotations();
-    if (!annotations.isEmpty() && cm.getMetadata().getAnnotations() != null) {
-      cm.getMetadata().getAnnotations().putAll(annotations);
+    if (!annotations.isEmpty() && routeConfig.getAnnotations() != null) {
+      routeConfig.getAnnotations().putAll(annotations);
     }
   }
 }
diff --git a/.../che/workspace/infrastructure/kubernetes/server/external/GatewayRouteConfigGenerator.java b/.../che/workspace/infrastructure/kubernetes/server/external/GatewayRouteConfigGenerator.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2012-2018 Red Hat, Inc.
+ * This program and the accompanying materials are made
+ * available under the terms of the Eclipse Public License 2.0
+ * which is available at https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ *   Red Hat, Inc. - initial API and implementation
+ */
+package org.eclipse.che.workspace.infrastructure.kubernetes.server.external;
+
+import java.util.Map;
+import org.eclipse.che.api.workspace.server.spi.environment.GatewayRouteConfig;
+
+/**
+ * Generates config for single external server that we want to expose in the Gateway.
+ *
+ * <p>Implementation provides configuration for specific Gateway technology (e.g., Traefik).
+ */
+public interface GatewayRouteConfigGenerator {
+  void addRouteConfig(GatewayRouteConfig routeConfig);
+
+  /**
+   * Generates content of configuration for service, defined by passed parameters, that should be
+   * exposed by the Gateway. Returned {@code Map<String, String>} will be used as a value of
+   * ConfigMap.
+   *
+   * <p>Implementation must ensure that Gateway configured with returned content will route the
+   * requests on {@code path} into {@code serviceUrl}. Also it must strip {@code path} from request
+   * url.
+   *
+   * @param name name of the service
+   * @param serviceUrl url of service we want to route to
+   * @param path path to route and strip
+   * @return full content of configuration for the service
+   */
+  Map<String, String> generate();
+}
diff --git a/...eclipse/che/workspace/infrastructure/kubernetes/server/external/GatewayServerExposer.java b/...eclipse/che/workspace/infrastructure/kubernetes/server/external/GatewayServerExposer.java
@@ -11,29 +11,102 @@
  */
 package org.eclipse.che.workspace.infrastructure.kubernetes.server.external;
 
+import io.fabric8.kubernetes.api.model.IntOrString;
 import io.fabric8.kubernetes.api.model.ServicePort;
+import java.util.HashMap;
 import java.util.Map;
+import javax.inject.Inject;
 import org.eclipse.che.api.core.model.workspace.config.ServerConfig;
+import org.eclipse.che.api.workspace.server.model.impl.ServerConfigImpl;
+import org.eclipse.che.api.workspace.server.spi.environment.GatewayRouteConfig;
+import org.eclipse.che.commons.annotation.Nullable;
+import org.eclipse.che.workspace.infrastructure.kubernetes.Annotations;
 import org.eclipse.che.workspace.infrastructure.kubernetes.environment.KubernetesEnvironment;
+import org.eclipse.che.workspace.infrastructure.kubernetes.server.KubernetesServerExposer;
 
 /**
- * Uses Traefik gateway configured with ConfigMaps to expose servers.
- *
- * <p>TODO: implement
+ * Uses gateway configured with ConfigMaps to expose servers.
  *
  * @param <T> type of environment
  */
 public class GatewayServerExposer<T extends KubernetesEnvironment>
     implements ExternalServerExposer<T> {
 
+  private final ExternalServiceExposureStrategy strategy;
+
+  @Inject
+  public GatewayServerExposer(
+      ExternalServiceExposureStrategy strategy) {
+    this.strategy = strategy;
+  }
+
+  /**
+   * Exposes service port on given service externally (outside kubernetes cluster) using the Gateway
+   * specific configurations.
+   *
+   * @param k8sEnv Kubernetes environment
+   * @param machineName machine containing servers
+   * @param serviceName service associated with machine, mapping all machine server ports
+   * @param serverId non-null for a unique server, null for a compound set of servers that should be
+   *     exposed together.
+   * @param servicePort specific service port to be exposed externally
+   * @param externalServers server configs of servers to be exposed externally
+   */
   @Override
   public void expose(
       T k8sEnv,
-      String machineName,
+      @Nullable String machineName,
       String serviceName,
       String serverId,
       ServicePort servicePort,
       Map<String, ServerConfig> externalServers) {
-    throw new UnsupportedOperationException("Not implemented yet.");
+
+    if (serverId == null) {
+      // this is the ID for non-unique servers
+      serverId = servicePort.getName();
+    }
+
+    k8sEnv.addGatewayRouteConfig(
+        createGatewayRouteConfig(machineName, serviceName, serverId, servicePort, externalServers));
+  }
+
+  private GatewayRouteConfig createGatewayRouteConfig(String machineName,
+      String serviceName,
+      String serverId,
+      ServicePort servicePort,
+      Map<String, ServerConfig> serversConfigs) {
+    final String serverName = KubernetesServerExposer.makeServerNameValidForDns(serverId);
+    final String name = createName(serviceName, serverName);
+    final String path = ensureEndsWithSlash(strategy.getExternalPath(serviceName, serverName));
+    final Map<String, String> annotations = createAnnotations(serversConfigs, path, machineName);
+    return new GatewayRouteConfig(name, serviceName, getTargetPort(servicePort.getTargetPort()),
+        path, annotations);
+  }
+
+  private String ensureEndsWithSlash(String path) {
+    return path.endsWith("/") ? path : path + '/';
+  }
+
+  private String createName(String serviceName, String serverName) {
+    return serviceName + "-" + serverName;
+  }
+
+  private String getTargetPort(IntOrString targetPort) {
+    return targetPort.getIntVal() != null
+        ? targetPort.getIntVal().toString()
+        : targetPort.getStrVal();
+  }
+
+  private Map<String, String> createAnnotations(
+      Map<String, ServerConfig> serversConfigs, String path, String machineName) {
+    Map<String, ServerConfig> configsWithPaths = new HashMap<>();
+    for (String scKey : serversConfigs.keySet()) {
+      configsWithPaths.put(scKey, new ServerConfigImpl(serversConfigs.get(scKey)).withPath(path));
+    }
+
+    return Annotations.newSerializer()
+        .servers(configsWithPaths)
+        .machineName(machineName)
+        .annotations();
   }
 }