Merge pull request #77 from banzaicloud/serviceAnnotations

configurable labels and annotations on gateway services
banzaicloud · Mar 2, 2019 · bbed406 · bbed406
2 parents 1de9c31 + 91c9ed6
commit bbed406
Show file tree

Hide file tree

Showing 10 changed files with 148 additions and 50 deletions.
diff --git a/config/crds/istio_v1beta1_istio.yaml b/config/crds/istio_v1beta1_istio.yaml
@@ -64,15 +64,38 @@ spec:
             gateways:
               description: Gateways configuration options
               properties:
-                maxReplicas:
-                  format: int32
-                  type: integer
-                minReplicas:
-                  format: int32
-                  type: integer
-                replicaCount:
-                  format: int32
-                  type: integer
+                egress:
+                  properties:
+                    maxReplicas:
+                      format: int32
+                      type: integer
+                    minReplicas:
+                      format: int32
+                      type: integer
+                    replicaCount:
+                      format: int32
+                      type: integer
+                    serviceAnnotations:
+                      type: object
+                    serviceLabels:
+                      type: object
+                  type: object
+                ingress:
+                  properties:
+                    maxReplicas:
+                      format: int32
+                      type: integer
+                    minReplicas:
+                      format: int32
+                      type: integer
+                    replicaCount:
+                      format: int32
+                      type: integer
+                    serviceAnnotations:
+                      type: object
+                    serviceLabels:
+                      type: object
+                  type: object
               type: object
             includeIPRanges:
               description: IncludeIPRanges the range where to capture egress traffic

diff --git a/config/samples/istio_v1beta1_istio.yaml b/config/samples/istio_v1beta1_istio.yaml
@@ -12,27 +12,34 @@ spec:
   - "default"
   controlPlaneSecurityEnabled: false
   pilot:
-      image: "istio/pilot:1.0.5"
-      replicaCount: 1
-      minReplicas: 1
-      maxReplicas: 5
+    image: "istio/pilot:1.0.5"
+    replicaCount: 1
+    minReplicas: 1
+    maxReplicas: 5
   citadel:
-      image: "istio/citadel:1.0.5"
-      replicaCount: 1
+    image: "istio/citadel:1.0.5"
+    replicaCount: 1
   galley:
-      image: "istio/galley:1.0.5"
-      replicaCount: 1
+    image: "istio/galley:1.0.5"
+    replicaCount: 1
   gateways:
+    ingress:
       replicaCount: 1
       minReplicas: 1
       maxReplicas: 5
-  mixer:
-      image: "istio/mixer:1.0.5"
+      serviceAnnotations: {}
+    egress:
       replicaCount: 1
       minReplicas: 1
       maxReplicas: 5
+      serviceAnnotations: {}
+  mixer:
+    image: "istio/mixer:1.0.5"
+    replicaCount: 1
+    minReplicas: 1
+    maxReplicas: 5
   sidecarInjector:
-      image: "istio/sidecar_injector:1.0.5"
-      replicaCount: 1
+    image: "istio/sidecar_injector:1.0.5"
+    replicaCount: 1
   proxy:
-      image: "istio/proxyv2:1.0.5"
+    image: "istio/proxyv2:1.0.5"
diff --git a/pkg/apis/istio/v1beta1/istio_types.go b/pkg/apis/istio/v1beta1/istio_types.go
@@ -70,14 +70,23 @@ func SetDefaults(config *Istio) {
 	}
 
 	// Gateways config
-	if config.Spec.Gateways.ReplicaCount == 0 {
-		config.Spec.Gateways.ReplicaCount = defaultReplicaCount
+	if config.Spec.Gateways.IngressConfig.ReplicaCount == 0 {
+		config.Spec.Gateways.IngressConfig.ReplicaCount = defaultReplicaCount
 	}
-	if config.Spec.Gateways.MinReplicas == 0 {
-		config.Spec.Gateways.MinReplicas = defaultMinReplicas
+	if config.Spec.Gateways.IngressConfig.MinReplicas == 0 {
+		config.Spec.Gateways.IngressConfig.MinReplicas = defaultMinReplicas
 	}
-	if config.Spec.Gateways.MaxReplicas == 0 {
-		config.Spec.Gateways.MaxReplicas = defaultMaxReplicas
+	if config.Spec.Gateways.IngressConfig.MaxReplicas == 0 {
+		config.Spec.Gateways.IngressConfig.MaxReplicas = defaultMaxReplicas
+	}
+	if config.Spec.Gateways.EgressConfig.ReplicaCount == 0 {
+		config.Spec.Gateways.EgressConfig.ReplicaCount = defaultReplicaCount
+	}
+	if config.Spec.Gateways.EgressConfig.MinReplicas == 0 {
+		config.Spec.Gateways.EgressConfig.MinReplicas = defaultMinReplicas
+	}
+	if config.Spec.Gateways.EgressConfig.MaxReplicas == 0 {
+		config.Spec.Gateways.EgressConfig.MaxReplicas = defaultMaxReplicas
 	}
 
 	// Mixer config
@@ -130,9 +139,16 @@ type GalleyConfiguration struct {
 
 // GatewaysConfiguration defines config options for Gateways
 type GatewaysConfiguration struct {
-	ReplicaCount int32 `json:"replicaCount,omitempty"`
-	MinReplicas  int32 `json:"minReplicas,omitempty"`
-	MaxReplicas  int32 `json:"maxReplicas,omitempty"`
+	IngressConfig GatewayConfiguration `json:"ingress,omitempty"`
+	EgressConfig  GatewayConfiguration `json:"egress,omitempty"`
+}
+
+type GatewayConfiguration struct {
+	ReplicaCount       int32             `json:"replicaCount,omitempty"`
+	MinReplicas        int32             `json:"minReplicas,omitempty"`
+	MaxReplicas        int32             `json:"maxReplicas,omitempty"`
+	ServiceAnnotations map[string]string `json:"serviceAnnotations,omitempty"`
+	ServiceLabels      map[string]string `json:"serviceLabels,omitempty"`
 }
 
 // MixerConfiguration defines config options for Mixer

diff --git a/pkg/apis/istio/v1beta1/zz_generated.deepcopy.go b/pkg/apis/istio/v1beta1/zz_generated.deepcopy.go
diff --git a/pkg/controller/remoteistio/remoteistio_controller.go b/pkg/controller/remoteistio/remoteistio_controller.go
@@ -20,8 +20,6 @@ import (
 	"context"
 	"reflect"
 
-	"github.com/banzaicloud/istio-operator/pkg/util"
-
 	"github.com/goph/emperror"
 	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
@@ -41,6 +39,7 @@ import (
 	istiov1beta1 "github.com/banzaicloud/istio-operator/pkg/apis/istio/v1beta1"
 	operatorv1beta1 "github.com/banzaicloud/istio-operator/pkg/apis/istio/v1beta1"
 	"github.com/banzaicloud/istio-operator/pkg/remoteclusters"
+	"github.com/banzaicloud/istio-operator/pkg/util"
 )
 
 const finalizerID = "remote-istio-operator.finializer.banzaicloud.io"

diff --git a/pkg/resources/gateways/deployment.go b/pkg/resources/gateways/deployment.go
@@ -19,19 +19,21 @@ package gateways
 import (
 	"fmt"
 
-	"github.com/banzaicloud/istio-operator/pkg/resources/templates"
-	"github.com/banzaicloud/istio-operator/pkg/util"
 	appsv1 "k8s.io/api/apps/v1"
 	apiv1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
+
+	"github.com/banzaicloud/istio-operator/pkg/resources/templates"
+	"github.com/banzaicloud/istio-operator/pkg/util"
 )
 
 func (r *Reconciler) deployment(gw string) runtime.Object {
+	gwConfig := r.getGatewayConfig(gw)
 	return &appsv1.Deployment{
 		ObjectMeta: templates.ObjectMeta(gatewayName(gw), labelSelector(gw), r.Config),
 		Spec: appsv1.DeploymentSpec{
-			Replicas: util.IntPointer(r.Config.Spec.Gateways.ReplicaCount),
+			Replicas: util.IntPointer(gwConfig.ReplicaCount),
 			Selector: &metav1.LabelSelector{
 				MatchLabels: labelSelector(gw),
 			},
@@ -135,7 +137,7 @@ func (r *Reconciler) deployment(gw string) runtime.Object {
 
 func (r *Reconciler) ports(gw string) []apiv1.ContainerPort {
 	switch gw {
-	case "ingressgateway":
+	case ingress:
 		return []apiv1.ContainerPort{
 			{ContainerPort: 80, Protocol: apiv1.ProtocolTCP},
 			{ContainerPort: 443, Protocol: apiv1.ProtocolTCP},
@@ -147,7 +149,7 @@ func (r *Reconciler) ports(gw string) []apiv1.ContainerPort {
 			{ContainerPort: 15031, Protocol: apiv1.ProtocolTCP},
 			{ContainerPort: 15090, Protocol: apiv1.ProtocolTCP, Name: "http-envoy-prom"},
 		}
-	case "egressgateway":
+	case egress:
 		return []apiv1.ContainerPort{
 			{ContainerPort: 80, Protocol: apiv1.ProtocolTCP},
 			{ContainerPort: 443, Protocol: apiv1.ProtocolTCP},

diff --git a/pkg/resources/gateways/gateways.go b/pkg/resources/gateways/gateways.go
@@ -30,6 +30,8 @@ import (
 
 const (
 	componentName = "gateways"
+	ingress       = "ingressgateway"
+	egress        = "egressgateway"
 )
 
 type Reconciler struct {
@@ -58,7 +60,7 @@ func (r *Reconciler) Reconcile(log logr.Logger) error {
 		r.service,
 		r.horizontalPodAutoscaler,
 	}
-	for _, res := range append(resources.ResolveVariations("ingressgateway", rsv), resources.ResolveVariations("egressgateway", rsv)...) {
+	for _, res := range append(resources.ResolveVariations(ingress, rsv), resources.ResolveVariations(egress, rsv)...) {
 		o := res()
 		err := k8sutil.Reconcile(log, r.Client, o)
 		if err != nil {
@@ -71,6 +73,16 @@ func (r *Reconciler) Reconcile(log logr.Logger) error {
 	return nil
 }
 
+func (r *Reconciler) getGatewayConfig(gw string) *istiov1beta1.GatewayConfiguration {
+	switch gw {
+	case ingress:
+		return &r.Config.Spec.Gateways.IngressConfig
+	case egress:
+		return &r.Config.Spec.Gateways.EgressConfig
+	}
+	return nil
+}
+
 func serviceAccountName(gw string) string {
 	return fmt.Sprintf("istio-%s-service-account", gw)
 }

diff --git a/pkg/resources/gateways/hpa.go b/pkg/resources/gateways/hpa.go
@@ -24,11 +24,12 @@ import (
 )
 
 func (r *Reconciler) horizontalPodAutoscaler(gw string) runtime.Object {
+	gwConfig := r.getGatewayConfig(gw)
 	return &autoscalev2beta1.HorizontalPodAutoscaler{
 		ObjectMeta: templates.ObjectMeta(hpaName(gw), nil, r.Config),
 		Spec: autoscalev2beta1.HorizontalPodAutoscalerSpec{
-			MaxReplicas: r.Config.Spec.Gateways.MaxReplicas,
-			MinReplicas: util.IntPointer(r.Config.Spec.Gateways.MinReplicas),
+			MaxReplicas: gwConfig.MaxReplicas,
+			MinReplicas: util.IntPointer(gwConfig.MinReplicas),
 			ScaleTargetRef: autoscalev2beta1.CrossVersionObjectReference{
 				Name:       gatewayName(gw),
 				Kind:       "Deployment",

diff --git a/pkg/resources/gateways/service.go b/pkg/resources/gateways/service.go
@@ -18,14 +18,16 @@ package gateways
 
 import (
 	"github.com/banzaicloud/istio-operator/pkg/resources/templates"
+	"github.com/banzaicloud/istio-operator/pkg/util"
 	apiv1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/intstr"
 )
 
 func (r *Reconciler) service(gw string) runtime.Object {
+	gwConfig := r.getGatewayConfig(gw)
 	return &apiv1.Service{
-		ObjectMeta: templates.ObjectMeta(gatewayName(gw), labelSelector(gw), r.Config),
+		ObjectMeta: templates.ObjectMetaWithAnnotations(gatewayName(gw), util.MergeLabels(labelSelector(gw), gwConfig.ServiceLabels), gwConfig.ServiceAnnotations, r.Config),
 		Spec: apiv1.ServiceSpec{
 			Type:     serviceType(gw),
 			Ports:    servicePorts(gw),
@@ -36,7 +38,7 @@ func (r *Reconciler) service(gw string) runtime.Object {
 
 func servicePorts(gw string) []apiv1.ServicePort {
 	switch gw {
-	case "ingressgateway":
+	case ingress:
 		return []apiv1.ServicePort{
 			{Port: 80, Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(80), Name: "http2", NodePort: 31380},
 			{Port: 443, Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(443), Name: "https", NodePort: 31390},
@@ -47,7 +49,7 @@ func servicePorts(gw string) []apiv1.ServicePort {
 			{Port: 15030, Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(15030), Name: "http2-prometheus", NodePort: 31440},
 			{Port: 15031, Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(15031), Name: "http2-grafana", NodePort: 31450},
 		}
-	case "egressgateway":
+	case egress:
 		return []apiv1.ServicePort{
 			{Port: 80, Name: "http2", Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(80)},
 			{Port: 443, Name: "https", Protocol: apiv1.ProtocolTCP, TargetPort: intstr.FromInt(443)},
@@ -58,9 +60,9 @@ func servicePorts(gw string) []apiv1.ServicePort {
 
 func serviceType(gw string) apiv1.ServiceType {
 	switch gw {
-	case "ingressgateway":
+	case ingress:
 		return apiv1.ServiceTypeLoadBalancer
-	case "egressgateway":
+	case egress:
 		return apiv1.ServiceTypeClusterIP
 	}
 	return ""

diff --git a/pkg/resources/templates/templates.go b/pkg/resources/templates/templates.go
@@ -22,7 +22,7 @@ import (
 )
 
 func ObjectMeta(name string, labels map[string]string, config *istiov1beta1.Istio) metav1.ObjectMeta {
-	o := metav1.ObjectMeta{
+	return metav1.ObjectMeta{
 		Name:      name,
 		Namespace: config.Namespace,
 		Labels:    labels,
@@ -35,11 +35,16 @@ func ObjectMeta(name string, labels map[string]string, config *istiov1beta1.Isti
 			},
 		},
 	}
+}
+
+func ObjectMetaWithAnnotations(name string, labels map[string]string, annotations map[string]string, config *istiov1beta1.Istio) metav1.ObjectMeta {
+	o := ObjectMeta(name, labels, config)
+	o.Annotations = annotations
 	return o
 }
 
 func ObjectMetaClusterScope(name string, labels map[string]string, config *istiov1beta1.Istio) metav1.ObjectMeta {
-	o := metav1.ObjectMeta{
+	return metav1.ObjectMeta{
 		Name:   name,
 		Labels: labels,
 		OwnerReferences: []metav1.OwnerReference{
@@ -51,7 +56,6 @@ func ObjectMetaClusterScope(name string, labels map[string]string, config *istio
 			},
 		},
 	}
-	return o
 }
 
 func ControlPlaneAuthPolicy(enabled bool) string {