Network: gateway routes

Author: cheina97

.github/workflows/integration.yml

@@ -8,6 +8,7 @@ on:
       - network-general
       - network-external
       - network-internal
+      - frc/gatewayroute 
   repository_dispatch:
     types:
       - test-command

apis/networking/v1alpha1/routeconfiguration_types.go

@@ -15,6 +15,7 @@
 package v1alpha1
 
 import (
+	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )
@@ -46,6 +47,9 @@ type Route struct {
 	Dev *string `json:"dev,omitempty"`
 	// Onlink enables the onlink falg inside the route.
 	Onlink *bool `json:"onlink,omitempty"`
+	// TargetRef is the reference to the target object of the route.
+	// It is optional and it can be used for custom purposes.
+	TargetRef *corev1.ObjectReference `json:"targetRef,omitempty"`
 }
 
 // Rule is the rule of the RouteConfiguration.
@@ -61,6 +65,9 @@ type Rule struct {
 	// Routes is the list of routes of the Rule.
 	// +kubebuilder:validation:MinItems=1
 	Routes []Route `json:"routes"`
+	// TargetRef is the reference to the target object of the route.
+	// It is optional and it can be used for custom purposes.
+	TargetRef *corev1.ObjectReference `json:"targetRef,omitempty"`
 }
 
 // Table is the table of the RouteConfiguration.
@@ -70,6 +77,9 @@ type Table struct {
 	// Rules is the list of rules of the RouteConfiguration.
 	// +kubebuilder:validation:MinItems=1
 	Rules []Rule `json:"rules"`
+	// TargetRef is the reference to the target object of the route.
+	// It is optional and it can be used for custom purposes.
+	TargetRef *corev1.ObjectReference `json:"targetRef,omitempty"`
 }
 
 // RouteConfigurationSpec defines the desired state of RouteConfiguration.

apis/networking/v1alpha1/zz_generated.deepcopy.go

@@ -152,7 +152,7 @@ func run(cmd *cobra.Command, _ []string) error {
 		mgr.GetClient(),
 		mgr.GetScheme(),
 		mgr.GetEventRecorderFor("route-controller"),
-		fabric.ForgeRouteTargetLabels(),
+		[]route.LabelsSet{fabric.ForgeRouteTargetLabels()},
 	)
 	if err != nil {
 		return fmt.Errorf("unable to create route configuration reconciler: %w", err)

cmd/fabric/main.go

@@ -33,7 +33,6 @@ import (
 	networkingv1alpha1 "github.com/liqotech/liqo/apis/networking/v1alpha1"
 	"github.com/liqotech/liqo/pkg/gateway"
 	"github.com/liqotech/liqo/pkg/gateway/fabric/geneve"
-	"github.com/liqotech/liqo/pkg/route"
 	flagsutils "github.com/liqotech/liqo/pkg/utils/flags"
 	"github.com/liqotech/liqo/pkg/utils/mapper"
 	"github.com/liqotech/liqo/pkg/utils/restcfg"
@@ -113,20 +112,6 @@ func run(cmd *cobra.Command, _ []string) error {
 		return fmt.Errorf("unable to create manager: %w", err)
 	}
 
-	rcr, err := route.NewRouteConfigurationReconcilerWithoutFinalizer(
-		mgr.GetClient(),
-		mgr.GetScheme(),
-		mgr.GetEventRecorderFor("routeconfiguration-controller"),
-		geneve.ForgeRouteTargetLabels(options.GwOptions.Name),
-	)
-	if err != nil {
-		return fmt.Errorf("unable to create routeconfiguration reconciler: %w", err)
-	}
-
-	if err := rcr.SetupWithManager(mgr); err != nil {
-		return fmt.Errorf("unable to setup routeconfiguration reconciler: %w", err)
-	}
-
 	inr, err := geneve.NewInternalNodeReconciler(
 		mgr.GetClient(),
 		mgr.GetScheme(),

cmd/gateway/geneve/main.go

@@ -27,7 +27,6 @@ import (
 	"k8s.io/client-go/tools/leaderelection/resourcelock"
 	"k8s.io/klog/v2"
 	ctrl "sigs.k8s.io/controller-runtime"
-	"sigs.k8s.io/controller-runtime/pkg/cache"
 	"sigs.k8s.io/controller-runtime/pkg/client/config"
 	"sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/metrics/server"
@@ -37,8 +36,11 @@ import (
 	"github.com/liqotech/liqo/pkg/gateway"
 	"github.com/liqotech/liqo/pkg/gateway/connection"
 	"github.com/liqotech/liqo/pkg/gateway/connection/conncheck"
+	"github.com/liqotech/liqo/pkg/gateway/fabric/geneve"
 	"github.com/liqotech/liqo/pkg/gateway/remapping"
+	"github.com/liqotech/liqo/pkg/route"
 	flagsutils "github.com/liqotech/liqo/pkg/utils/flags"
+	"github.com/liqotech/liqo/pkg/utils/kernel"
 	"github.com/liqotech/liqo/pkg/utils/mapper"
 	"github.com/liqotech/liqo/pkg/utils/restcfg"
 )
@@ -98,6 +100,11 @@ func main() {
 func run(cmd *cobra.Command, _ []string) error {
 	var err error
 
+	// Enable ip_forwarding.
+	if err = kernel.EnableIPForwarding(); err != nil {
+		return err
+	}
+
 	// Set controller-runtime logger.
 	log.SetLogger(klog.NewKlogr())
 
@@ -108,11 +115,6 @@ func run(cmd *cobra.Command, _ []string) error {
 	mgr, err := ctrl.NewManager(cfg, ctrl.Options{
 		MapperProvider: mapper.LiqoMapperProvider(scheme),
 		Scheme:         scheme,
-		Cache: cache.Options{
-			DefaultNamespaces: map[string]cache.Config{
-				connoptions.GwOptions.Namespace: {},
-			},
-		},
 		Metrics: server.Options{
 			BindAddress: "0", // Metrics are exposed by "connection" container.
 		},
@@ -151,6 +153,23 @@ func run(cmd *cobra.Command, _ []string) error {
 		}
 	}
 
+	rcr, err := route.NewRouteConfigurationReconcilerWithoutFinalizer(
+		mgr.GetClient(),
+		mgr.GetScheme(),
+		mgr.GetEventRecorderFor("routeconfiguration-controller"),
+		[]route.LabelsSet{
+			geneve.ForgeRouteExternalTargetLabels(connoptions.GwOptions.RemoteClusterID),
+			geneve.ForgeRouteInternalTargetLabels(),
+		},
+	)
+	if err != nil {
+		return fmt.Errorf("unable to create routeconfiguration reconciler: %w", err)
+	}
+
+	if err := rcr.SetupWithManager(mgr); err != nil {
+		return fmt.Errorf("unable to setup routeconfiguration reconciler: %w", err)
+	}
+
 	// Setup the firewall configuration controller.
 	fwcr, err := firewall.NewFirewallConfigurationReconcilerWithoutFinalizer(
 		mgr.GetClient(),

cmd/gateway/main.go

@@ -68,12 +68,14 @@ import (
 	clientoperator "github.com/liqotech/liqo/pkg/liqo-controller-manager/external-network/client-operator"
 	configurationcontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/external-network/configuration-controller"
 	externalnetworkcontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/external-network/externalnetwork-controller"
+	externalnetworkroute "github.com/liqotech/liqo/pkg/liqo-controller-manager/external-network/route"
 	serveroperator "github.com/liqotech/liqo/pkg/liqo-controller-manager/external-network/server-operator"
 	wggatewaycontrollers "github.com/liqotech/liqo/pkg/liqo-controller-manager/external-network/wireguard"
 	foreignclusteroperator "github.com/liqotech/liqo/pkg/liqo-controller-manager/foreign-cluster-operator"
 	internalclientcontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/internal-network/client-controller"
 	internalfabriccontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/internal-network/internalfabric-controller"
 	nodecontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/internal-network/node-controller"
+	internalnetworkroute "github.com/liqotech/liqo/pkg/liqo-controller-manager/internal-network/route"
 	internalservercontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/internal-network/server-controller"
 	ipctrl "github.com/liqotech/liqo/pkg/liqo-controller-manager/ip-controller"
 	mapsctrl "github.com/liqotech/liqo/pkg/liqo-controller-manager/namespacemap-controller"
@@ -676,12 +678,43 @@ func main() {
 			os.Exit(1)
 		}
 
-		cfgr := configurationcontroller.NewConfigurationReconciler(mgr.GetClient(), mgr.GetScheme(), mgr.GetEventRecorderFor("configuration-controller"))
-		if err = cfgr.SetupWithManager(mgr); err != nil {
+		intCfg := configurationcontroller.NewConfigurationReconciler(mgr.GetClient(), mgr.GetScheme(),
+			mgr.GetEventRecorderFor("internal-configuration-controller"))
+		if err = intCfg.SetupWithManager(mgr); err != nil {
 			klog.Errorf("unable to create controller ConfigurationReconciler: %s", err)
 			os.Exit(1)
 		}
 
+		extCfg := externalnetworkroute.NewConfigurationReconciler(mgr.GetClient(), mgr.GetScheme(),
+			mgr.GetEventRecorderFor("external-configuration-controller"))
+		if err = extCfg.SetupWithManager(mgr); err != nil {
+			klog.Errorf("unable to create controller ExternalConfigurationReconciler: %s", err)
+			os.Exit(1)
+		}
+
+		allpodmgr, err := ctrl.NewManager(config, ctrl.Options{
+			MapperProvider: mapper.LiqoMapperProvider(scheme),
+			Scheme:         scheme,
+			Metrics:        server.Options{BindAddress: "0"}, // Disable the metrics of the auxiliary manager to prevent conflicts.
+		})
+
+		if err != nil {
+			klog.Errorf("Unable to create auxiliary manager: %w", err)
+			os.Exit(1)
+		}
+
+		if err := mgr.Add(allpodmgr); err != nil {
+			klog.Errorf("Unable to add the ExternalNetworkPods auxiliary manager to the main one: %w", err)
+			os.Exit(1)
+		}
+
+		intPod := internalnetworkroute.NewPodReconciler(allpodmgr.GetClient(), allpodmgr.GetScheme(),
+			allpodmgr.GetEventRecorderFor("internal-pod-controller"), &internalnetworkroute.Options{Namespace: *liqoNamespace})
+		if err = intPod.SetupWithManager(allpodmgr); err != nil {
+			klog.Errorf("unable to create controller InternalPodReconciler: %s", err)
+			os.Exit(1)
+		}
+
 		wgServerRec := wggatewaycontrollers.NewWgGatewayServerReconciler(
 			mgr.GetClient(), mgr.GetScheme(), auxmgrExtNetworkPods.GetClient(), wgGatewayServerClusterRoleName)
 		if err = wgServerRec.SetupWithManager(mgr); err != nil {

cmd/liqo-controller-manager/main.go

@@ -91,6 +91,53 @@ spec:
                                 description: Src is the source of the RouteConfiguration.
                                 pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])$
                                 type: string
+                              targetRef:
+                                description: TargetRef is the reference to the target
+                                  object of the route. It is optional and it can be
+                                  used for custom purposes.
+                                properties:
+                                  apiVersion:
+                                    description: API version of the referent.
+                                    type: string
+                                  fieldPath:
+                                    description: 'If referring to a piece of an object
+                                      instead of an entire object, this string should
+                                      contain a valid JSON/Go field access statement,
+                                      such as desiredState.manifest.containers[2].
+                                      For example, if the object reference is to a
+                                      container within a pod, this would take on a
+                                      value like: "spec.containers{name}" (where "name"
+                                      refers to the name of the container that triggered
+                                      the event) or if no container name is specified
+                                      "spec.containers[2]" (container with index 2
+                                      in this pod). This syntax is chosen only to
+                                      have some well-defined way of referencing a
+                                      part of an object. TODO: this design is not
+                                      final and this field is subject to change in
+                                      the future.'
+                                    type: string
+                                  kind:
+                                    description: 'Kind of the referent. More info:
+                                      https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+                                    type: string
+                                  name:
+                                    description: 'Name of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                                    type: string
+                                  namespace:
+                                    description: 'Namespace of the referent. More
+                                      info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+                                    type: string
+                                  resourceVersion:
+                                    description: 'Specific resourceVersion to which
+                                      this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+                                    type: string
+                                  uid:
+                                    description: 'UID of the referent. More info:
+                                      https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+                                    type: string
+                                type: object
+                                x-kubernetes-map-type: atomic
                             required:
                             - dst
                             type: object
@@ -100,11 +147,90 @@ spec:
                           description: Src is the source of the Rule.
                           pattern: ^(([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\.){3}([1-9]{0,1}[0-9]{0,2}|2[0-4][0-9]|25[0-5])\/([0-9]|[1-2][0-9]|3[0-2])$
                           type: string
+                        targetRef:
+                          description: TargetRef is the reference to the target object
+                            of the route. It is optional and it can be used for custom
+                            purposes.
+                          properties:
+                            apiVersion:
+                              description: API version of the referent.
+                              type: string
+                            fieldPath:
+                              description: 'If referring to a piece of an object instead
+                                of an entire object, this string should contain a
+                                valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
+                                For example, if the object reference is to a container
+                                within a pod, this would take on a value like: "spec.containers{name}"
+                                (where "name" refers to the name of the container
+                                that triggered the event) or if no container name
+                                is specified "spec.containers[2]" (container with
+                                index 2 in this pod). This syntax is chosen only to
+                                have some well-defined way of referencing a part of
+                                an object. TODO: this design is not final and this
+                                field is subject to change in the future.'
+                              type: string
+                            kind:
+                              description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+                              type: string
+                            name:
+                              description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                              type: string
+                            namespace:
+                              description: 'Namespace of the referent. More info:
+                                https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+                              type: string
+                            resourceVersion:
+                              description: 'Specific resourceVersion to which this
+                                reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+                              type: string
+                            uid:
+                              description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
                       required:
                       - routes
                       type: object
                     minItems: 1
                     type: array
+                  targetRef:
+                    description: TargetRef is the reference to the target object of
+                      the route. It is optional and it can be used for custom purposes.
+                    properties:
+                      apiVersion:
+                        description: API version of the referent.
+                        type: string
+                      fieldPath:
+                        description: 'If referring to a piece of an object instead
+                          of an entire object, this string should contain a valid
+                          JSON/Go field access statement, such as desiredState.manifest.containers[2].
+                          For example, if the object reference is to a container within
+                          a pod, this would take on a value like: "spec.containers{name}"
+                          (where "name" refers to the name of the container that triggered
+                          the event) or if no container name is specified "spec.containers[2]"
+                          (container with index 2 in this pod). This syntax is chosen
+                          only to have some well-defined way of referencing a part
+                          of an object. TODO: this design is not final and this field
+                          is subject to change in the future.'
+                        type: string
+                      kind:
+                        description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+                        type: string
+                      name:
+                        description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
+                        type: string
+                      namespace:
+                        description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
+                        type: string
+                      resourceVersion:
+                        description: 'Specific resourceVersion to which this reference
+                          is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
+                        type: string
+                      uid:
+                        description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
+                        type: string
+                    type: object
+                    x-kubernetes-map-type: atomic
                 required:
                 - name
                 - rules