-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(gateway-api): Add initial support for tls and grpc routes #238
feat(gateway-api): Add initial support for tls and grpc routes #238
Conversation
Thanks for enabling ci, I'll fix those linting issues |
96b73b0
to
d22df0a
Compare
hi @networkop , i'm going to have to find a better way to test. from what i understand, i'll need an SSL cert in order to do proper integration tests, this might be complicated to do or perhaps i should spoof them with self signed certs? do you have any ideas? side note: i fixed the linting and added tls/grpc to the tests controller i was sure i had previously done that but apparently not. |
I think doing tests with self-signed certs should be good enough. |
just letting you know, i'm having issues running kind on my arm Mac. i was able to generate the cert locally and create with just letting you know i didn't forget, trying to configure my local env on m2 properly. |
hi @networkop I was finally able to get some very basic integration tests done Below is the output for k8s-gateway plugin accepting the new tls/grpc routes
You can see that it properly matches the IP of (⎈|local:kube-system)➜ home-cluster git:(main) ✗ k -n default get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.43.0.1 <none> 443/TCP 2d14h
istiod ClusterIP 10.43.18.104 <none> 15010/TCP,15012/TCP,443/TCP,15014/TCP 19m
backend ClusterIP 10.43.204.227 <none> 80/TCP 19m
annotation-bad LoadBalancer 10.43.249.147 198.51.100.5 80:31092/TCP 19m
annotation-bad-2 LoadBalancer 10.43.16.121 198.51.100.148 80:32460/TCP 19m
annotation-good LoadBalancer 10.43.196.200 198.51.100.99 80:30094/TCP 19m
gateway LoadBalancer 10.43.7.176 198.51.100.111 15021:32018/TCP,80:30444/TCP,443:31129/TCP 19m
ingress-nginx-controller LoadBalancer 10.43.102.214 198.51.100.53 80:32344/TCP,443:30830/TCP 19m
nginxinc-nginx-ingress-controller LoadBalancer 10.43.95.164 198.51.100.82 80:32342/TCP,443:30857/TCP 19m
test LoadBalancer 10.43.199.34 198.51.100.66 80:31382/TCP 19m
gateway-one-istio LoadBalancer 10.43.59.247 198.51.100.116 15021:32366/TCP,80:32636/TCP 17m
gateway-two-istio LoadBalancer 10.43.36.109 198.51.100.200 15021:30421/TCP,80:32122/TCP 17m colima:/Users/christopher$ nslookup myservicetls.gw.foo.org 10.43.150.78
Server: 10.43.150.78
Address: 10.43.150.78:53
Name: myservicetls.gw.foo.org
Address: 198.51.100.116 I had to heavily modify the tiltfiles and had to seperate the stacks into single-stack (ipv4) and dual-stack(ipv6) because I was unable to test ipv6 with Colima on M2 Pro. I took the liberty of updating the Tiltfiles with latest chart versions.
I'll be committing all these changes |
4261eb2
to
d088b80
Compare
also, 1.0.0 of gateway-apis was just released, should probably consider adding v1 afterwards in a seperate PR. i was able to bump at least the CRDs to 1.0.0 without impact. |
20694b4
to
5f0ee52
Compare
nice, thanks @larivierec , let me know when the PR is ready for review |
Oh, yeah @networkop you can go ahead. |
5f0ee52
to
a538b2c
Compare
sorry @larivierec , been a bit busy. will try to review this week |
No rush :) |
README.md
Outdated
|
||
### Steps | ||
|
||
1. In `Tiltfile.single`, ensure that you have commented out the `docker` portion and uncommented the `nerdctl` portion. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So I understand the only purpose Tiltfile.single
is for lima VM development? Why do you need to uncomment something then? Is there another purpose for this tiltfile?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You have a good point actually.
Since the .single is already aimed towards Lima I could simply remove the docker commands and use nerdctl directly.
I'll do that yeah
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
perfect. so there's one file for linux and one file for mac
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you just update the readme and maybe rename the file to something reflecting that it's for mac or nerdctl.
otherwise single is a bit confusing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done, i opted for Tiltfile.nerdctl
finally, it made more sense because nerdctl any os and the tiltfile isn't restricted to M powered macs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hey @larivierec , thanks for the massive PR and apologies for the delay in reviewing.
I've left a few comments, let me know what you think
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i reviewed your comments, see my replies if you can :) thanks
i'll have another review for Gateway APIs v1.0.0 update after this one gets merged. |
@larivierec so apart from tiltfile updates this PR is good to be merged. |
Awesome, do you want me to rename the file to something else maybe? Tiltfile.mac |
yep. Tiltfile.mac sounds good. |
Ok for the tiltfile. I'll go ahead and make the changes and squash everything nicely. |
- use nerdctl and cilium for integration tests - update tiltfile dependencies - update Golang dependencies - seperate into 2 stacks - update CRDs for Gateway-API to 1.0.0 GA - update helm chart values for updates - add unit tests for TLSRoute, GRPCRoute - keep same kind registry as default (for makefile) - update README.md - 0.8.1+ minimum for CRDs + dev notes - fix variable GOATCH to GOARCH in both Tiltiles - add nerdctl tiltfile when we are using containerd Signed-off-by: Christopher Larivière <lariviere.c@gmail.com>
9d82ef9
to
2a53d47
Compare
everything should be good, let me know if I need to do something else. |
awesome 🎉 |
would close #237