MGMT-18131: Make application work on non-OCP kubernetes (#6446)

* Add API to AgentServiceConfig for ingress hostnames These will be used to create ingress resources when not running on an OCP cluster. https://issues.redhat.com/browse/MGMT-18131 * Skip webhooks and https to get the services deployed There is no way to deploy our webhooks without tls config and deciding on a way to manage certificates is out of the scope of this patch. https://issues.redhat.com/browse/MGMT-18131 * Deploy ingress instead of routes when not running in OCP This will allow traffic based on a hostname and on a standard port rather than using hostport type services. https://issues.redhat.com/browse/MGMT-18131 * Add ingress class name API If a user hasn't marked a particular ingress class as the default they will need to specify an ingress class. https://issues.redhat.com/browse/MGMT-18131 * Document deploying the operator on a kind cluster for dev * Create a separate struct for ingress config * Make ingress hostnames required and ingress itself properly optional This also adds a validation to ensure that Ingress is provided if the operator is running on a non-OpenShift kubernetes platform
openshift · Jul 3, 2024 · b7116f3 · b7116f3
1 parent e220d57
commit b7116f3
Show file tree

Hide file tree

Showing 18 changed files with 907 additions and 123 deletions.
diff --git a/api/v1beta1/agentserviceconfig_types.go b/api/v1beta1/agentserviceconfig_types.go
@@ -122,6 +122,29 @@ type AgentServiceConfigSpec struct {
 	// +optional
 	OSImageAdditionalParamsRef *corev1.LocalObjectReference `json:"OSImageAdditionalParamsRef,omitempty"`
 
+	// Ingress contains configuration for the ingress resources.
+	// Has no effect when running on an OpenShift cluster.
+	//+operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Ingress"
+	// +optional
+	Ingress *Ingress `json:"ingress,omitempty"`
+}
+
+type Ingress struct {
+	// AssistedServiceHostname is the hostname to be assigned to the assisted-service ingress.
+	// Has no effect when running on an OpenShift cluster.
+	//+operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Assisted Service hostname"
+	AssistedServiceHostname string `json:"assistedServiceHostname"`
+
+	// ImageServiceHostname is the hostname to be assigned to the assisted-image-service ingress.
+	// Has no effect when running on an OpenShift cluster.
+	//+operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Assisted Image Service hostname"
+	ImageServiceHostname string `json:"imageServiceHostname"`
+
+	// ClassName is the name of the ingress class to be used when configuring ingress resources.
+	// Has no effect when running on an OpenShift cluster.
+	//+operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Class Name"
+	// +optional
+	ClassName *string `json:"className,omitempty"`
 }
 
 // ConditionType related to our reconcile loop in addition to all the reasons
@@ -206,6 +229,8 @@ const (
 	ReasonOSImageCACertRefFailure string = "OSImageCACertRefFailure"
 	// ReasonMonitoringFailure indicates there was a failure monitoring operand status
 	ReasonMonitoringFailure string = "MonitoringFailure"
+	// ReasonKubernetesIngressMissing indicates the user has not provided the required configuration for kubernetes ingress
+	ReasonKubernetesIngressMissing string = "KubernetesIngressConfigMissing"
 
 	// IPXEHTTPRouteEnabled is expected value in IPXEHTTPRoute to enable the route
 	IPXEHTTPRouteEnabled string = "enabled"

diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
diff --git a/config/crd/bases/agent-install.openshift.io_agentserviceconfigs.yaml b/config/crd/bases/agent-install.openshift.io_agentserviceconfigs.yaml
@@ -669,6 +669,29 @@ spec:
                       backing this claim.
                     type: string
                 type: object
+              ingress:
+                description: Ingress contains configuration for the ingress resources.
+                  Has no effect when running on an OpenShift cluster.
+                properties:
+                  assistedServiceHostname:
+                    description: AssistedServiceHostname is the hostname to be assigned
+                      to the assisted-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                  className:
+                    description: ClassName is the name of the ingress class to be
+                      used when configuring ingress resources. Has no effect when
+                      running on an OpenShift cluster.
+                    type: string
+                  imageServiceHostname:
+                    description: ImageServiceHostname is the hostname to be assigned
+                      to the assisted-image-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                required:
+                - assistedServiceHostname
+                - imageServiceHostname
+                type: object
               mirrorRegistryRef:
                 description: 'MirrorRegistryRef is the reference to the configmap
                   that contains mirror registry configuration In case no configuration

diff --git a/config/crd/bases/agent-install.openshift.io_hypershiftagentserviceconfigs.yaml b/config/crd/bases/agent-install.openshift.io_hypershiftagentserviceconfigs.yaml
@@ -672,6 +672,29 @@ spec:
                       backing this claim.
                     type: string
                 type: object
+              ingress:
+                description: Ingress contains configuration for the ingress resources.
+                  Has no effect when running on an OpenShift cluster.
+                properties:
+                  assistedServiceHostname:
+                    description: AssistedServiceHostname is the hostname to be assigned
+                      to the assisted-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                  className:
+                    description: ClassName is the name of the ingress class to be
+                      used when configuring ingress resources. Has no effect when
+                      running on an OpenShift cluster.
+                    type: string
+                  imageServiceHostname:
+                    description: ImageServiceHostname is the hostname to be assigned
+                      to the assisted-image-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                required:
+                - assistedServiceHostname
+                - imageServiceHostname
+                type: object
               kubeconfigSecretRef:
                 description: KubeconfigSecretRef is a reference to the secret containing
                   the kubeconfig for the destination Hypershift instance.

diff --git a/config/crd/resources.yaml b/config/crd/resources.yaml
@@ -1772,6 +1772,29 @@ spec:
                       backing this claim.
                     type: string
                 type: object
+              ingress:
+                description: Ingress contains configuration for the ingress resources.
+                  Has no effect when running on an OpenShift cluster.
+                properties:
+                  assistedServiceHostname:
+                    description: AssistedServiceHostname is the hostname to be assigned
+                      to the assisted-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                  className:
+                    description: ClassName is the name of the ingress class to be
+                      used when configuring ingress resources. Has no effect when
+                      running on an OpenShift cluster.
+                    type: string
+                  imageServiceHostname:
+                    description: ImageServiceHostname is the hostname to be assigned
+                      to the assisted-image-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                required:
+                - assistedServiceHostname
+                - imageServiceHostname
+                type: object
               mirrorRegistryRef:
                 description: 'MirrorRegistryRef is the reference to the configmap
                   that contains mirror registry configuration In case no configuration
@@ -2570,6 +2593,29 @@ spec:
                       backing this claim.
                     type: string
                 type: object
+              ingress:
+                description: Ingress contains configuration for the ingress resources.
+                  Has no effect when running on an OpenShift cluster.
+                properties:
+                  assistedServiceHostname:
+                    description: AssistedServiceHostname is the hostname to be assigned
+                      to the assisted-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                  className:
+                    description: ClassName is the name of the ingress class to be
+                      used when configuring ingress resources. Has no effect when
+                      running on an OpenShift cluster.
+                    type: string
+                  imageServiceHostname:
+                    description: ImageServiceHostname is the hostname to be assigned
+                      to the assisted-image-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                required:
+                - assistedServiceHostname
+                - imageServiceHostname
+                type: object
               kubeconfigSecretRef:
                 description: KubeconfigSecretRef is a reference to the secret containing
                   the kubeconfig for the destination Hypershift instance.

diff --git a/config/manifests/bases/assisted-service-operator.clusterserviceversion.yaml b/config/manifests/bases/assisted-service-operator.clusterserviceversion.yaml
@@ -63,6 +63,22 @@ spec:
           is provided 2GiB per OSImage entry is required
         displayName: Storage for images
         path: imageStorage
+      - description: Ingress contains configuration for the ingress resources. Has
+          no effect when running on an OpenShift cluster.
+        displayName: Ingress
+        path: ingress
+      - description: AssistedServiceHostname is the hostname to be assigned to the
+          assisted-service ingress. Has no effect when running on an OpenShift cluster.
+        displayName: Assisted Service hostname
+        path: ingress.assistedServiceHostname
+      - description: ClassName is the name of the ingress class to be used when configuring
+          ingress resources. Has no effect when running on an OpenShift cluster.
+        displayName: Class Name
+        path: ingress.className
+      - description: ImageServiceHostname is the hostname to be assigned to the assisted-image-service
+          ingress. Has no effect when running on an OpenShift cluster.
+        displayName: Assisted Image Service hostname
+        path: ingress.imageServiceHostname
       - description: 'MirrorRegistryRef is the reference to the configmap that contains
           mirror registry configuration In case no configuration is need, this field
           will be nil. ConfigMap must contain to entries: ca-bundle.crt - hold the

diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
@@ -493,6 +493,18 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - networking.k8s.io
+  resources:
+  - ingresses
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
 - apiGroups:
   - rbac.authorization.k8s.io
   resources:

diff --git a/deploy/olm-catalog/manifests/agent-install.openshift.io_agentserviceconfigs.yaml b/deploy/olm-catalog/manifests/agent-install.openshift.io_agentserviceconfigs.yaml
@@ -667,6 +667,29 @@ spec:
                       backing this claim.
                     type: string
                 type: object
+              ingress:
+                description: Ingress contains configuration for the ingress resources.
+                  Has no effect when running on an OpenShift cluster.
+                properties:
+                  assistedServiceHostname:
+                    description: AssistedServiceHostname is the hostname to be assigned
+                      to the assisted-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                  className:
+                    description: ClassName is the name of the ingress class to be
+                      used when configuring ingress resources. Has no effect when
+                      running on an OpenShift cluster.
+                    type: string
+                  imageServiceHostname:
+                    description: ImageServiceHostname is the hostname to be assigned
+                      to the assisted-image-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                required:
+                - assistedServiceHostname
+                - imageServiceHostname
+                type: object
               mirrorRegistryRef:
                 description: 'MirrorRegistryRef is the reference to the configmap
                   that contains mirror registry configuration In case no configuration

diff --git a/deploy/olm-catalog/manifests/agent-install.openshift.io_hypershiftagentserviceconfigs.yaml b/deploy/olm-catalog/manifests/agent-install.openshift.io_hypershiftagentserviceconfigs.yaml
@@ -670,6 +670,29 @@ spec:
                       backing this claim.
                     type: string
                 type: object
+              ingress:
+                description: Ingress contains configuration for the ingress resources.
+                  Has no effect when running on an OpenShift cluster.
+                properties:
+                  assistedServiceHostname:
+                    description: AssistedServiceHostname is the hostname to be assigned
+                      to the assisted-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                  className:
+                    description: ClassName is the name of the ingress class to be
+                      used when configuring ingress resources. Has no effect when
+                      running on an OpenShift cluster.
+                    type: string
+                  imageServiceHostname:
+                    description: ImageServiceHostname is the hostname to be assigned
+                      to the assisted-image-service ingress. Has no effect when running
+                      on an OpenShift cluster.
+                    type: string
+                required:
+                - assistedServiceHostname
+                - imageServiceHostname
+                type: object
               kubeconfigSecretRef:
                 description: KubeconfigSecretRef is a reference to the secret containing
                   the kubeconfig for the destination Hypershift instance.

diff --git a/deploy/olm-catalog/manifests/assisted-service-operator.clusterserviceversion.yaml b/deploy/olm-catalog/manifests/assisted-service-operator.clusterserviceversion.yaml
@@ -319,6 +319,22 @@ spec:
           is provided 2GiB per OSImage entry is required
         displayName: Storage for images
         path: imageStorage
+      - description: Ingress contains configuration for the ingress resources. Has
+          no effect when running on an OpenShift cluster.
+        displayName: Ingress
+        path: ingress
+      - description: AssistedServiceHostname is the hostname to be assigned to the
+          assisted-service ingress. Has no effect when running on an OpenShift cluster.
+        displayName: Assisted Service hostname
+        path: ingress.assistedServiceHostname
+      - description: ClassName is the name of the ingress class to be used when configuring
+          ingress resources. Has no effect when running on an OpenShift cluster.
+        displayName: Class Name
+        path: ingress.className
+      - description: ImageServiceHostname is the hostname to be assigned to the assisted-image-service
+          ingress. Has no effect when running on an OpenShift cluster.
+        displayName: Assisted Image Service hostname
+        path: ingress.imageServiceHostname
       - description: 'MirrorRegistryRef is the reference to the configmap that contains
           mirror registry configuration In case no configuration is need, this field
           will be nil. ConfigMap must contain to entries: ca-bundle.crt - hold the
@@ -920,6 +936,18 @@ spec:
           - patch
           - update
           - watch
+        - apiGroups:
+          - networking.k8s.io
+          resources:
+          - ingresses
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
         - apiGroups:
           - rbac.authorization.k8s.io
           resources: