ListenerSet APIs + Generated Clients

[dprotaso]

Part of #1713

Merge #3589 beforehand (to make this diff easier)

Note: this required two different client sets because if you try to generate a client set containing the stable group (gateway.networking.k8s.io) and experimental (gateway.networking.k8s-x.io) client-gen uses gateway part from both api groups for naming in the client set and it creates a conflict

• refactor codegen scripts to make it easier to generate two clients (to be removed)
• add listenerset types
• adjust GEP to match go type
• run deepcopy-gen & register-gen
• perform code generation

Release Note

Introduces ListenerSet API & Generate Clients (in the group gateway.networking.k8s-x.io)

[dprotaso]

I'm going to pull

refactor codegen scripts to make it easier to generate two clients

Into a separate PR

[dprotaso]

/hold for #3589

[dprotaso]

note this TODO

[dprotaso]

Ok this should become

self.all(l1, 
  !has(l1.port) || // Port is missing no conflict can ever occur
  self.exists_one(l2,
    has(l2.port) && // If L2 has no port than there can't be a conflict
   // Regular check since both listeners have a port
    l1.port == l2.port &&
    l1.protocol == l2.protocol  &&
    (has(l1.hostname) && has(l2.hostname) ? l1.hostname == l2.hostname : !has(l1.hostname) && !has(l2.hostname))
  )
)

[dprotaso]

/hold need to add the Gateway changes

[dprotaso]

/hold cancel

[dprotaso]

Note: this required two different client sets because if you try to generate a client set containing the stable group (gateway.networking.k8s.io) and experimental (gateway.networking.k8s-x.io) client-gen uses gateway part from both api groups for naming in the client set and it creates a conflict

Ok - I figured out there's a marker

+groupGoName=SomeUniqueShortName

So we could have a single clientset that has stable and experimental apis - let me know what people prefer

[shaneutt]

This PR seems to jump us all the way from provisional to experimental without hitting implementable. If we have consensus then there might not actually be anything wrong with that, but bare minimum we should update the GEP status accordingly here.

[dprotaso]

Want me to split out the APIs in to a separate PR?

[shaneutt]

No that's OK! I just think we should flag the status change here and then please feel free to consider this comment resolved.

I just realized another opportunity to update the GEP, but I'll create a separate comment.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dprotaso
Once this PR has been reviewed and has the lgtm label, please ask for approval from shaneutt. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[shaneutt]

I love this part of the API, because I think it captures a very important use case for cluster admins: when they want a Gateway to operate more like a classic ingress-controller, in that there's a single LB for routes across many namespaces.

What occurs to me is that we should update the GEP, as it currently states cross-namespace as a "later goal" but it seems like we're already going for it, and I'm very much in favor of this being an immediate goal. Anything I'm missing? (if not, please just feel free to update the GEP to reflect the goal and then consider my comment resolved at your discretion)

Eventually I personally would like to take this a step further: I would like our documentation to be even more clear about a strong intention for this kind of use case as I anticipate it being a very common ask over time.

[mlavacca]

+1. I think that cross-namespace is very important for this GEP and I'd love to see it in the first iteration of the API.

[shaneutt]

I think overall we're heading in a good direction here, but I think we need to reiterate what feels like a more obvious question as I read more: "What is a Gateway after this, really?"

Personally I'll have to think on this quite a bit and come back around to it 🤔

[dprotaso]

I pushed a change to combine everything into a single clientset. It requires me to have a single applyconfiguration package that contains apis and apisx. So folks will have to change their package names if they're using the types there directly. (We could add type aliases)

It should be easy to revert the single client changes so let me know what you prefer

[robscott]

Thanks @dprotaso!

[robscott]

Suggested change

	package apix
	package apisx

[robscott]

Suggested change

	// +groupName=gateway.networking.k8s-x.io
	// +groupName=gateway.networking.x-k8s.io

[robscott]

What do we do if there are conflicting Listeners within a ListenerSet?

[robscott]

🤔 how is this supposed to work in the wild world of ListenerSets? If I have listener foo and attach it to Gateway bar, can a route target the foo listener in the bar Gateway and expect to be attached to the listener in this ListenerSet? What about name conflicts?

[robscott]

When there are conflicts, how are implementations supposed to handle them? IE what if multiple Listeners across different ListenerSets claim the same hostname? Do we reject the entire ListenerSet? Just the Listener? How do we communicate this to users?

[robscott]

The structure of this status really locks us into sticking within a single ParentRef. I think this is OK, just want to call out that the lack of namespacing by parent here will make it very difficult to every support multiple ParentRefs. With that said, trying to namespace all of these conditions by parent would be hard to scale, so this feels like a strong case in favor of a single parent.

[robscott]

In what cases would we expect this status to be different than the parent status? Could a Gateway be "Programmed" but not a ListenerSet? What about the other way around?

[mlavacca]

I would expect that a ListenerSet cannot be programmed in a non-programmed Gateway, while the other way around would be possible.

[mlavacca]

+1. I think that cross-namespace is very important for this GEP and I'd love to see it in the first iteration of the API.

[mlavacca]

Since this is a generic reference, I would consider naming it differently than ParentGatewayReference, as the reference can of any group/kind

[mlavacca]

I think we should consider to make this field Required. Is there any specific reason to accept a ListenerSet with an empty ParentRef?

[mlavacca]

Why should here? I think we may want to have a MUST here, as it'll likely be part of the conditions checked by conformance tests.

[mlavacca]

I would expect that a ListenerSet cannot be programmed in a non-programmed Gateway, while the other way around would be possible.

[k8s-ci-robot]

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.