feat: merge Sidero HTTP endpoints under a single port

This merges metadata server component into `metal-controller-manager`.

iPXE server, metadata server and gRPC server share a single HTTP
endpoint now.

For the users, it means that Sidero requires only a single port to be
exposed.

Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>

Dockerfile

@@ -87,15 +87,12 @@ COPY ./config ./config
 COPY ./templates ./templates
 COPY ./app/cluster-api-provider-sidero/config ./app/cluster-api-provider-sidero/config
 COPY ./app/metal-controller-manager/config ./app/metal-controller-manager/config
-COPY ./app/metal-metadata-server/config ./app/metal-metadata-server/config
 ARG REGISTRY_AND_USERNAME
 ARG TAG
 RUN cd ./app/cluster-api-provider-sidero/config/manager \
   && kustomize edit set image controller=${REGISTRY_AND_USERNAME}/cluster-api-provider-sidero:${TAG}
 RUN cd ./app/metal-controller-manager/config/manager \
   && kustomize edit set image controller=${REGISTRY_AND_USERNAME}/metal-controller-manager:${TAG}
-RUN cd ./app/metal-metadata-server/config/server \
-  && kustomize edit set image server=${REGISTRY_AND_USERNAME}/metal-metadata-server:${TAG}
 RUN kustomize build config > /infrastructure-components.yaml \
   && cp ./config/metadata/metadata.yaml /metadata.yaml \
   && cp ./templates/cluster-template.yaml /cluster-template.yaml
@@ -181,19 +178,6 @@ FROM metal-controller-manager-image AS metal-controller-manager
 LABEL org.opencontainers.image.source https://github.com/talos-systems/sidero
 ENTRYPOINT [ "/manager" ]
 
-FROM base AS build-metal-metadata-server
-ARG TARGETARCH
-ARG GO_BUILDFLAGS
-RUN --mount=type=cache,target=/.cache GOOS=linux GOARCH=${TARGETARCH} go build ${GO_BUILDFLAGS} -ldflags "-s -w" -o /metal-metadata-server ./app/metal-metadata-server
-RUN chmod +x /metal-metadata-server
-
-FROM scratch AS metal-metadata-server
-COPY --from=pkg-ca-certificates / /
-COPY --from=pkg-fhs / /
-COPY --from=build-metal-metadata-server /metal-metadata-server /metal-metadata-server
-LABEL org.opencontainers.image.source https://github.com/talos-systems/sidero
-ENTRYPOINT [ "/metal-metadata-server" ]
-
 FROM base AS unit-tests-runner
 ARG TEST_PKGS
 RUN --mount=type=cache,target=/.cache --mount=type=cache,id=testspace,target=/tmp --mount=type=cache,target=/root/.cache/go-build go test -v -covermode=atomic -coverprofile=coverage.txt -count 1 ${TEST_PKGS}

Makefile

@@ -40,7 +40,7 @@ COMMON_ARGS += --build-arg=TOOLS=$(TOOLS)
 COMMON_ARGS += --build-arg=TALOS_RELEASE=$(TALOS_RELEASE)
 COMMON_ARGS += --build-arg=GO_BUILDFLAGS="$(GO_BUILDFLAGS)"
 
-all: manifests generate cluster-api-provider-sidero metal-controller-manager metal-metadata-server sfyra
+all: manifests generate cluster-api-provider-sidero metal-controller-manager sfyra
 
 
 # Help Menu
@@ -119,10 +119,6 @@ cluster-api-provider-sidero: ## Build the CAPI provider container image.
 metal-controller-manager: ## Build the CAPI provider container image.
 	@$(MAKE) docker-$@ TARGET_ARGS="--push=$(PUSH)" NAME="$@"
 
-.PHONY: metal-metadata-server
-metal-metadata-server: ## Build the CAPI provider container image.
-	@$(MAKE) docker-$@ TARGET_ARGS="--push=$(PUSH)" NAME="$@"
-
 .PHONY: release-notes
 release-notes:
 	ARTIFACTS=$(ARTIFACTS) ./hack/release.sh $@ $(ARTIFACTS)/RELEASE_NOTES.md $(TAG)

app/metal-controller-manager/config/manager/manager.yaml

@@ -14,29 +14,16 @@ spec:
 apiVersion: v1
 kind: Service
 metadata:
-  name: ipxe
+  name: http
   namespace: system
 spec:
   ports:
-    - port: 80
+    - port: ${SIDERO_CONTROLLER_MANAGER_API_PORT:=8081}
       targetPort: http
       protocol: TCP
   selector:
     control-plane: metal-controller-manager
 ---
-apiVersion: v1
-kind: Service
-metadata:
-  name: api
-  namespace: system
-spec:
-  ports:
-    - port: 50100
-      targetPort: grpc
-      protocol: TCP
-  selector:
-    control-plane: metal-controller-manager
----
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -61,6 +48,7 @@ spec:
           args:
             - --metrics-addr=127.0.0.1:8080
             - --api-endpoint=${SIDERO_CONTROLLER_MANAGER_API_ENDPOINT:=-}
+            - --api-port=${SIDERO_CONTROLLER_MANAGER_API_PORT:=8081}
             - --extra-agent-kernel-args=${SIDERO_CONTROLLER_MANAGER_EXTRA_AGENT_KERNEL_ARGS:=-}
             - --auto-accept-servers=${SIDERO_CONTROLLER_MANAGER_AUTO_ACCEPT_SERVERS:=false}
             - --insecure-wipe=${SIDERO_CONTROLLER_MANAGER_INSECURE_WIPE:=true}
@@ -78,9 +66,6 @@ spec:
             - name: http
               containerPort: 8081
               protocol: TCP
-            - name: grpc
-              containerPort: 50100
-              protocol: TCP
           env:
             - name: API_ENDPOINT
               valueFrom:

app/metal-controller-manager/internal/ipxe/ipxe_server.go

@@ -28,7 +28,6 @@ import (
 
 	infrav1 "github.com/talos-systems/sidero/app/cluster-api-provider-sidero/api/v1alpha3"
 	metalv1alpha1 "github.com/talos-systems/sidero/app/metal-controller-manager/api/v1alpha1"
-	"github.com/talos-systems/sidero/app/metal-controller-manager/internal/server"
 	"github.com/talos-systems/sidero/app/metal-controller-manager/pkg/constants"
 )
 
@@ -37,8 +36,6 @@ var (
 	ErrBootFromDisk = errors.New("boot from disk")
 )
 
-const iPXEPort = 8081
-
 // bootFile is used when iPXE is booted without embedded script via iPXE request http://endpoint:8081/boot.ipxe.
 const bootFile = `#!ipxe
 chain ipxe?uuid=${uuid}&mac=${mac:hexhyp}&domain=${domain}&hostname=${hostname}&serial=${serial}&arch=${buildarch}
@@ -65,6 +62,7 @@ exit
 
 var (
 	apiEndpoint          string
+	apiPort              int
 	extraAgentKernelArgs string
 	c                    client.Client
 )
@@ -171,8 +169,9 @@ func ipxeHandler(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
-func ServeIPXE(endpoint, args string, mgrClient client.Client) error {
+func RegisterIPXE(mux *http.ServeMux, endpoint string, port int, args string, iPXEPort int, mgrClient client.Client) error {
 	apiEndpoint = endpoint
+	apiPort = port
 	extraAgentKernelArgs = args
 	c = mgrClient
 
@@ -189,16 +188,12 @@ func ServeIPXE(endpoint, args string, mgrClient client.Client) error {
 		return err
 	}
 
-	mux := http.NewServeMux()
-
 	mux.Handle("/boot.ipxe", logRequest(http.HandlerFunc(bootFileHandler)))
 	mux.Handle("/ipxe", logRequest(http.HandlerFunc(ipxeHandler)))
 	mux.Handle("/env/", logRequest(http.StripPrefix("/env/", http.FileServer(http.Dir("/var/lib/sidero/env")))))
 	mux.Handle("/tftp/", logRequest(http.StripPrefix("/tftp/", http.FileServer(http.Dir("/var/lib/sidero/tftp")))))
 
-	log.Println("Listening...")
-
-	return http.ListenAndServe(fmt.Sprintf(":%d", iPXEPort), mux)
+	return nil
 }
 
 func logRequest(next http.Handler) http.Handler {
@@ -324,7 +319,7 @@ func newAgentEnvironment(arch string) *metalv1alpha1.Environment {
 		"console=tty0",
 		"console=ttyS0",
 		"printk.devkmsg=on",
-		fmt.Sprintf("%s=%s:%s", constants.AgentEndpointArg, apiEndpoint, server.Port),
+		fmt.Sprintf("%s=%s:%d", constants.AgentEndpointArg, apiEndpoint, apiPort),
 	}
 
 	cmdline := procfs.NewCmdline(strings.Join(args, " "))

app/metal-metadata-server/main.go → app/metal-controller-manager/internal/metadata/metadata_server.go

@@ -2,19 +2,17 @@
 // License, v. 2.0. If a copy of the MPL was not distributed with this
 // file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
-package main
+package metadata
 
 import (
 	"context"
 	"encoding/json"
-	"flag"
 	"fmt"
 	"log"
 	"net/http"
 
 	jsonpatch "github.com/evanphx/json-patch"
 	"github.com/ghodss/yaml"
-	debug "github.com/talos-systems/go-debug"
 	"github.com/talos-systems/talos/pkg/machinery/config/configloader"
 	"github.com/talos-systems/talos/pkg/machinery/config/types/v1alpha1"
 	v1 "k8s.io/api/core/v1"
@@ -25,16 +23,6 @@ import (
 
 	"github.com/talos-systems/sidero/app/cluster-api-provider-sidero/api/v1alpha3"
 	metalv1alpha1 "github.com/talos-systems/sidero/app/metal-controller-manager/api/v1alpha1"
-	"github.com/talos-systems/sidero/internal/client"
-)
-
-const (
-	debugAddr = ":9993"
-)
-
-var (
-	kubeconfigPath *string
-	port           *string
 )
 
 type errorWithCode struct {
@@ -51,32 +39,14 @@ func throwError(w http.ResponseWriter, ewc errorWithCode) {
 	log.Println(ewc.errorObj)
 }
 
-func main() {
-	kubeconfigPath = flag.String("kubeconfig-path", "", "absolute path to the kubeconfig file")
-	port = flag.String("port", "8080", "port to use for serving metadata")
-	flag.Parse()
-
-	go func() {
-		debugLogFunc := func(msg string) {
-			log.Print(msg)
-		}
-		if err := debug.ListenAndServe(context.TODO(), debugAddr, debugLogFunc); err != nil {
-			log.Fatalf("failed to start debug server: %s", err)
-		}
-	}()
-
-	k8sClient, err := client.NewClient(kubeconfigPath)
-	if err != nil {
-		log.Fatal(fmt.Errorf("failure talking to kubernetes: %s", err))
-	}
-
+func RegisterServer(mux *http.ServeMux, k8sClient runtimeclient.Client) error {
 	mm := metadataConfigs{
 		client: k8sClient,
 	}
 
-	mux := http.NewServeMux()
 	mux.HandleFunc("/configdata", mm.FetchConfig)
-	log.Fatal(http.ListenAndServe(":"+*port, mux))
+
+	return nil
 }
 
 func (m *metadataConfigs) FetchConfig(w http.ResponseWriter, r *http.Request) {

app/metal-controller-manager/internal/server/server.go

@@ -6,9 +6,7 @@ package server
 
 import (
 	"context"
-	"fmt"
 	"log"
-	"net"
 	"reflect"
 	"time"
 
@@ -29,10 +27,6 @@ import (
 	"github.com/talos-systems/sidero/app/metal-controller-manager/internal/api"
 )
 
-const (
-	Port = "50100"
-)
-
 type server struct {
 	api.UnimplementedAgentServer
 
@@ -360,12 +354,7 @@ func (s *server) UpdateBMCInfo(ctx context.Context, in *api.UpdateBMCInfoRequest
 	return resp, nil
 }
 
-func Serve(c controllerclient.Client, recorder record.EventRecorder, scheme *runtime.Scheme, autoAccept, insecureWipe, autoBMC bool, rebootTimeout time.Duration) error {
-	lis, err := net.Listen("tcp", ":"+Port)
-	if err != nil {
-		return fmt.Errorf("failed to listen: %v", err)
-	}
-
+func CreateServer(c controllerclient.Client, recorder record.EventRecorder, scheme *runtime.Scheme, autoAccept, insecureWipe, autoBMC bool, rebootTimeout time.Duration) *grpc.Server {
 	s := grpc.NewServer()
 
 	api.RegisterAgentServer(s, &server{
@@ -378,9 +367,5 @@ func Serve(c controllerclient.Client, recorder record.EventRecorder, scheme *run
 		rebootTimeout: rebootTimeout,
 	})
 
-	if err := s.Serve(lis); err != nil {
-		return fmt.Errorf("failed to serve: %v", err)
-	}
-
-	return nil
+	return s
 }