chore: Restructure VSphereSource (#395)

Adding support for multiple sources by restructuring this source.

Also removing pkg logstream because it was not working with the standard
logging configuragion anymore. The zap configuration uses 'level' as the
log level key, whereas logstream assumes 'severity'.

Closes: #394

Signed-off-by: Michael Gasch <mgasch@vmware.com>

.github/workflows/kind-e2e.yaml

@@ -66,7 +66,7 @@ jobs:
         # Build Knative plugin
         go build -o kn-vsphere ./plugins/vsphere/cmd/vsphere
 
-        kubectl -n vmware-sources wait --timeout=10s --for=condition=Available deploy/webhook
+        kubectl -n vmware-sources wait --timeout=10s --for=condition=Available deploy/vsphere-source-webhook
 
         # For debugging.
         kubectl get pods --all-namespaces

README.md

@@ -1,39 +1,50 @@
 # VMware Tanzu Sources for Knative
 
-This repo will be the home for VMware-related event sources compatible with the
-[Knative](https://knative.dev) project.
-
 [![GoDoc](https://godoc.org/github.com/vmware-tanzu/sources-for-knative?status.svg)](https://godoc.org/github.com/vmware-tanzu/sources-for-knative)
 [![Go Report Card](https://goreportcard.com/badge/vmware-tanzu/sources-for-knative)](https://goreportcard.com/report/vmware-tanzu/sources-for-knative)
 [![Slack Status](https://img.shields.io/badge/slack-join_chat-white.svg?logo=slack&style=social)](https://knative.slack.com)
 [![codecov](https://codecov.io/gh/vmware-tanzu/sources-for-knative/branch/master/graph/badge.svg?token=QwWjUwiLIN)](undefined)
 
-This repo is under active development to get a Knative compatible Event Source
-for vSphere events, and a Binding to easily access the VSphere API.
+This repo is the home for VMware-related event sources compatible with the
+[Knative](https://knative.dev) project.
+
+
+This repo is under active development to get a Knative compatible Event `Source`
+for VMware events, e.g. VMware vSphere incl. a `Binding` to easily access the
+vSphere API from Kubernetes objects, e.g. a `Job`.
 
 ⚠️ **NOTE:** To run these examples, you will need
 [ko](https://github.com/google/ko) installed or use a
-[release](https://github.com/vmware-tanzu/sources-for-knative/releases) and
-deploy it via `kubectl`.
+[release](https://github.com/vmware-tanzu/sources-for-knative/releases)
+(preferred) and deploy it via `kubectl`.
+
+## Available `Sources` and `Bindings`
+
+- `VSphereSource` to create VMware vSphere (vCenter) event sources
+- `VSphereBinding` to inject VMware vSphere (vCenter) credentials
 
 ## Install Tanzu Sources for Knative
 
-### Install via Release
+### Install via Release (`latest`)
 
 ```
-kubectl apply -f https://github.com/vmware-tanzu/sources-for-knative/releases/download/v0.21.0/release.yaml
+kubectl apply -f https://github.com/vmware-tanzu/sources-for-knative/releases/latest/download/release.yaml
 ```
 
 ### Install from Source
 
-Install the CRD providing the control / dataplane for the
-`VSphere{Source,Binding}`:
+Install the CRD providing the control / dataplane for the various `Sources` and
+`Bindings`:
 
 ```shell
-ko apply -f config
+# define environment variables accordingly, e.g. when using kind
+# export KIND_CLUSTER_NAME=horizon
+# export KO_DOCKER_REPO=kind.local
+
+ko apply -BRf config
 ```
 
-## Samples
+## Examples
 
 To see examples of the Source and Binding in action, check out our
 [samples](./samples/README.md) directory.

cmd/README.md

@@ -1,5 +1,8 @@
 ## Binary names
 
-The binaries in this directory are prefixed with `sources-for-knative-{foo}` so
-that when published via `KO_DOCKER_REPO=docker.io/vmware ko apply -Bf config`
-the resulting images are named `vmware/sources-for-knative-{foo}`.
+The binaries in this directory are grouped by and prefixed with the
+corresponding VMware product name, e.g. `vsphere` or `horizon`.
+
+When published via `KO_DOCKER_REPO=<registry>/vmware ko apply -BRf config` the
+resulting images are named `<registry>/vmware/<product>-{adapter|controller}`,
+e.g. `docker.io/vmware/vsphere-adapter`

cmd/vsphere-controller/main.go

@@ -36,11 +36,13 @@ var types = map[schema.GroupVersionKind]resourcesemantics.GenericCRD{
 	v1alpha1.SchemeGroupVersion.WithKind("VSphereBinding"): &v1alpha1.VSphereBinding{},
 }
 
+const admissionWebhookName = "vsphere-source-webhook"
+
 func NewDefaultingAdmissionController(ctx context.Context, cmw configmap.Watcher) *controller.Impl {
 	return defaulting.NewAdmissionController(ctx,
 
 		// Name of the resource webhook.
-		"defaulting.webhook.sources.tanzu.vmware.com",
+		"defaulting.webhook.vsphere.sources.tanzu.vmware.com",
 
 		// The path on which to serve the webhook.
 		"/defaulting",
@@ -64,7 +66,7 @@ func NewValidationAdmissionController(ctx context.Context, cmw configmap.Watcher
 	return validation.NewAdmissionController(ctx,
 
 		// Name of the resource webhook.
-		"validation.webhook.sources.tanzu.vmware.com",
+		"validation.webhook.vsphere.sources.tanzu.vmware.com",
 
 		// The path on which to serve the webhook.
 		"/resource-validation",
@@ -88,7 +90,7 @@ func NewConfigValidationController(ctx context.Context, cmw configmap.Watcher) *
 	return configmaps.NewAdmissionController(ctx,
 
 		// Name of the configmap webhook.
-		"config.webhook.sources.tanzu.vmware.com",
+		"config.webhook.vsphere.sources.tanzu.vmware.com",
 
 		// The path on which to serve the webhook.
 		"/config-validation",
@@ -105,7 +107,7 @@ func NewVSphereBindingWebhook(opts ...psbinding.ReconcilerOption) injection.Cont
 	return func(ctx context.Context, cmw configmap.Watcher) *controller.Impl {
 		return psbinding.NewAdmissionController(ctx,
 			// Name of the resource webhook.
-			"vspherebindings.webhook.sources.tanzu.vmware.com",
+			"vspherebindings.webhook.vsphere.sources.tanzu.vmware.com",
 
 			// The path on which to serve the webhook.
 			"/vspherebindings",
@@ -126,17 +128,17 @@ func NewVSphereBindingWebhook(opts ...psbinding.ReconcilerOption) injection.Cont
 
 func main() {
 	ctx := webhook.WithOptions(signals.NewContext(), webhook.Options{
-		ServiceName: "webhook",
+		ServiceName: admissionWebhookName,
 		Port:        8443,
-		SecretName:  "webhook-certs",
+		SecretName:  "vsphere-webhook-certs",
 	})
 
 	vsbSelector := psbinding.WithSelector(psbinding.ExclusionSelector)
 	if os.Getenv("VSPHERE_BINDING_SELECTION_MODE") == "inclusion" {
 		vsbSelector = psbinding.WithSelector(psbinding.InclusionSelector)
 	}
 
-	sharedmain.MainWithContext(ctx, "webhook",
+	sharedmain.MainWithContext(ctx, admissionWebhookName,
 		certificates.NewController,
 		NewDefaultingAdmissionController,
 		NewValidationAdmissionController,

config/100-namespace.yaml

@@ -6,4 +6,5 @@ kind: Namespace
 metadata:
   name: vmware-sources
   labels:
+    istio-injection: enabled
     sources.tanzu.vmware.com/release: devel

config/config-logging.yaml

@@ -10,46 +10,30 @@ metadata:
     sources.tanzu.vmware.com/release: devel
 
 data:
-  _example: |
-    ################################
-    #                              #
-    #    EXAMPLE CONFIGURATION     #
-    #                              #
-    ################################
-
-    # This block is not actually functional configuration,
-    # but serves to illustrate the available configuration
-    # options and document them in a way that is accessible
-    # to users that `kubectl edit` this config map.
-    #
-    # These sample configuration options may be copied out of
-    # this example block and unindented to be in the data block
-    # to actually change the configuration.
-
-    # Common configuration for all Knative codebase
-    zap-logger-config: |
-      {
-        "level": "info",
-        "development": false,
-        "outputPaths": ["stdout"],
-        "errorOutputPaths": ["stderr"],
-        "encoding": "json",
-        "encoderConfig": {
-          "timeKey": "ts",
-          "levelKey": "level",
-          "nameKey": "logger",
-          "callerKey": "caller",
-          "messageKey": "msg",
-          "stacktraceKey": "stacktrace",
-          "lineEnding": "",
-          "levelEncoder": "",
-          "timeEncoder": "iso8601",
-          "durationEncoder": "",
-          "callerEncoder": ""
-        }
+  # Common configuration for all Knative codebase
+  zap-logger-config: |
+    {
+      "level": "info",
+      "development": false,
+      "outputPaths": ["stdout"],
+      "errorOutputPaths": ["stderr"],
+      "encoding": "json",
+      "encoderConfig": {
+        "timeKey": "ts",
+        "levelKey": "level",
+        "nameKey": "logger",
+        "callerKey": "caller",
+        "messageKey": "msg",
+        "stacktraceKey": "stacktrace",
+        "lineEnding": "",
+        "levelEncoder": "",
+        "timeEncoder": "iso8601",
+        "durationEncoder": "",
+        "callerEncoder": ""
       }
+    }
 
-    # Log level overrides
-    # Changes are be picked up immediately.
-    loglevel.controller: "info"
-    loglevel.webhook: "info"
+  # Log level overrides
+  # For all components changes are be picked up immediately.
+  loglevel.controller: "info"
+  loglevel.webhook: "info"

config/config-observability.yaml

@@ -26,6 +26,98 @@ data:
     # this example block and unindented to be in the data block
     # to actually change the configuration.
 
+    # logging.enable-var-log-collection defaults to false.
+    # A fluentd sidecar will be set up to collect var log if
+    # this flag is true.
+    logging.enable-var-log-collection: false
+
+    # logging.fluentd-sidecar-image provides the fluentd sidecar image
+    # to inject as a sidecar to collect logs from /var/log.
+    # Must be presented if logging.enable-var-log-collection is true.
+    logging.fluentd-sidecar-image: k8s.gcr.io/fluentd-elasticsearch:v2.0.4
+
+    # logging.fluentd-sidecar-output-config provides the configuration
+    # for the fluentd sidecar, which will be placed into a configmap and
+    # mounted into the fluentd sidecar image.
+    logging.fluentd-sidecar-output-config: |
+      # Parse json log before sending to Elastic Search
+      <filter **>
+        @type parser
+        key_name log
+        <parse>
+          @type multi_format
+          <pattern>
+            format json
+            time_key fluentd-time # fluentd-time is reserved for structured logs
+            time_format %Y-%m-%dT%H:%M:%S.%NZ
+          </pattern>
+          <pattern>
+            format none
+            message_key log
+          </pattern>
+        </parse>
+      </filter>
+      # Send to Elastic Search
+      <match **>
+        @id elasticsearch
+        @type elasticsearch
+        @log_level info
+        include_tag_key true
+        # Elasticsearch service is in monitoring namespace.
+        host elasticsearch-logging.knative-monitoring
+        port 9200
+        logstash_format true
+        <buffer>
+          @type file
+          path /var/log/fluentd-buffers/kubernetes.system.buffer
+          flush_mode interval
+          retry_type exponential_backoff
+          flush_thread_count 2
+          flush_interval 5s
+          retry_forever
+          retry_max_interval 30
+          chunk_limit_size 2M
+          queue_limit_length 8
+          overflow_action block
+        </buffer>
+      </match>
+
+    # logging.revision-url-template provides a template to use for producing the
+    # logging URL that is injected into the status of each Revision.
+    # This value is what you might use the the Knative monitoring bundle, and provides
+    # access to Kibana after setting up kubectl proxy.
+    logging.revision-url-template: |
+      http://localhost:8001/api/v1/namespaces/knative-monitoring/services/kibana-logging/proxy/app/kibana#/discover?_a=(query:(match:(kubernetes.labels.knative-dev%2FrevisionUID:(query:'${REVISION_UID}',type:phrase))))
+
+    # If non-empty, this enables queue proxy writing request logs to stdout.
+    # The value determines the shape of the request logs and it must be a valid go text/template.
+    # It is important to keep this as a single line. Multiple lines are parsed as separate entities
+    # by most collection agents and will split the request logs into multiple records.
+    #
+    # The following fields and functions are available to the template:
+    #
+    # Request: An http.Request (see https://golang.org/pkg/net/http/#Request)
+    # representing an HTTP request received by the server.
+    #
+    # Response:
+    # struct {
+    #   Code    int       // HTTP status code (see https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml)
+    #   Size    int       // An int representing the size of the response.
+    #   Latency float64   // A float64 representing the latency of the response in seconds.
+    # }
+    #
+    # Revision:
+    # struct {
+    #   Name          string  // Knative revision name
+    #   Namespace     string  // Knative revision namespace
+    #   Service       string  // Knative service name
+    #   Configuration string  // Knative configuration name
+    #   PodName       string  // Name of the pod hosting the revision
+    #   PodIP         string  // IP of the pod hosting the revision
+    # }
+    #
+    logging.request-log-template: '{"httpRequest": {"requestMethod": "{{.Request.Method}}", "requestUrl": "{{js .Request.RequestURI}}", "requestSize": "{{.Request.ContentLength}}", "status": {{.Response.Code}}, "responseSize": "{{.Response.Size}}", "userAgent": "{{js .Request.UserAgent}}", "remoteIp": "{{js .Request.RemoteAddr}}", "serverIp": "{{.Revision.PodIP}}", "referer": "{{js .Request.Referer}}", "latency": "{{.Response.Latency}}s", "protocol": "{{.Request.Proto}}"}, "traceId": "{{index .Request.Header "X-B3-Traceid"}}"}'
+
     # metrics.backend-destination field specifies the system metrics destination.
     # It supports either prometheus (the default) or stackdriver.
     # Note: Using stackdriver will incur additional charges

config/200-clusterrole-cm.yaml → config/vsphere/200-clusterrole-cm.yaml

@@ -1,7 +1,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: receive-adapter-cm
+  name: vsphere-receive-adapter-cm
 rules:
 - apiGroups: [""]
   # We need to create/update/get ConfigMaps so that the

config/200-serviceaccount.yaml → config/vsphere/200-serviceaccount.yaml

@@ -4,7 +4,7 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: controller
+  name: vsphere-controller
   namespace: vmware-sources
   labels:
     sources.tanzu.vmware.com/release: devel

config/201-clusterrolebinding.yaml → config/vsphere/201-clusterrolebinding.yaml

@@ -9,7 +9,7 @@ metadata:
     sources.tanzu.vmware.com/release: devel
 subjects:
   - kind: ServiceAccount
-    name: controller
+    name: vsphere-controller
     namespace: vmware-sources
 roleRef:
   kind: ClusterRole
@@ -25,7 +25,7 @@ metadata:
     sources.tanzu.vmware.com/release: devel
 subjects:
   - kind: ServiceAccount
-    name: controller
+    name: vsphere-controller
     namespace: vmware-sources
 roleRef:
   kind: ClusterRole
@@ -38,7 +38,7 @@ metadata:
   name: vmware-sources-webhook-addressable-resolver-binding
 subjects:
 - kind: ServiceAccount
-  name: controller
+  name: vsphere-controller
   namespace: vmware-sources
 roleRef:
   kind: ClusterRole

config/400-webhook-service.yaml → config/vsphere/400-webhook-service.yaml

@@ -5,13 +5,13 @@ apiVersion: v1
 kind: Service
 metadata:
   labels:
-    role: webhook
+    role: vsphere-source-webhook
     sources.tanzu.vmware.com/release: devel
-  name: webhook
+  name: vsphere-source-webhook
   namespace: vmware-sources
 spec:
   ports:
     - port: 443
       targetPort: 8443
   selector:
-    role: webhook
+    role: vsphere-source-webhook