release: 0.6.0 add snat feature.

.gitignore

@@ -1,4 +1,5 @@
 dist/ces-controller
 .idea
 .vscode
-.DS_Store
+.DS_Store
+cmd/ces/test_data

Makefile

@@ -1,11 +1,11 @@
 GOFILES_NOVENDOR = $(shell find . -type f -name '*.go' -not -path "./vendor/*")
 GO_VERSION = 1.16
 
-GITHUBACTIONTRIGGERNUMBER = 11
+GITHUBACTIONTRIGGERNUMBER = 12
 
 REGISTRY = f5devcentral
 NAME = ces-controller
-RELEASE_TAG = 0.5.3.2
+RELEASE_TAG = 0.6.0
 COMMIT = git-$(shell git rev-parse --short HEAD)
 DATE = $(shell date +"%Y-%m-%d_%H:%M:%S")
 GOLDFLAGS = "-w -s -X github.com/kubeovn/$(NAME)/versions.COMMIT=$(COMMIT) -X github.com/kubeovn/$(NAME)/versions.VERSION=$(RELEASE_TAG) -X github.com/kubeovn/$(NAME)/versions.BUILDDATE=$(DATE)"

cmd/ces/main.go

@@ -122,14 +122,19 @@ func main() {
 
 	kubeInformerFactory := kubeinformers.NewSharedInformerFactory(kubeClient, time.Second*30)
 	as3InformerFactory := informers.NewSharedInformerFactory(as3Client, time.Second*30)
+
 	endpointsInformer := kubeInformerFactory.Core().V1().Endpoints()
 	externalServiceInformer := as3InformerFactory.Kubeovn().V1alpha1().ExternalServices()
 	clusterEgressRuleInformer := as3InformerFactory.Kubeovn().V1alpha1().ClusterEgressRules()
 	namespaceEgressRuleInformer := as3InformerFactory.Kubeovn().V1alpha1().NamespaceEgressRules()
 	serviceEgressRuleInformer := as3InformerFactory.Kubeovn().V1alpha1().ServiceEgressRules()
+	externalIPRuleInformer := as3InformerFactory.Bigip().V1alpha1().ExternalIPRules()
 
-	controller := controller.NewController(kubeClient, as3Client, endpointsInformer, externalServiceInformer, clusterEgressRuleInformer,
-		namespaceEgressRuleInformer, serviceEgressRuleInformer, bigIpClient)
+	controller := controller.NewController(kubeClient, as3Client,
+		endpointsInformer, externalServiceInformer, clusterEgressRuleInformer,
+		namespaceEgressRuleInformer, serviceEgressRuleInformer,
+		externalIPRuleInformer,
+		bigIpClient)
 
 	// notice that there is no need to run Start methods in a separate goroutine. (i.e. go kubeInformerFactory.Start(stopCh)
 	// Start method is non-blocking and runs all registered informers in a dedicated goroutine.

config/crd/v1alpha1_externaliprule.yaml

@@ -0,0 +1,68 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: externaliprules.bigip.io
+spec:
+  scope: Namespaced
+  group: bigip.io
+  names:
+    kind: ExternalIPRule
+    listKind: ExternalIPRuleList
+    plural: externaliprules
+    singular: externaliprule
+    shortNames:
+      - eipr
+  versions:
+    - name: v1alpha1
+      served: true
+      storage: true
+      additionalPrinterColumns:
+        - name: ExternalIP
+          type: string
+          jsonPath: .spec.externalAddresses
+        - name: Services
+          type: string
+          jsonPath: .spec.services
+      schema:
+        openAPIV3Schema:
+          type: object
+          properties:
+            spec:
+              type: object
+              required:
+                - externalAddresses
+                - services
+              properties:
+                externalAddresses:
+                  type: array
+                  items:
+                    type: string
+                  minItems: 1
+                destinationMatch:
+                  type: object
+                  properties:
+                    name:
+                      type: string
+                    addresses:
+                      type: array
+                      items:
+                        type: string
+                    destinationMatchPorts:
+                      type: object
+                      properties:
+                        protocol:
+                          type: string
+                          enum:
+                            - tcp
+                            - udp
+                        ports:
+                          type: array
+                          items:
+                            type: string
+                            pattern: "^[0-9]+(-[0-9]+)?(,[0-9]+(-[0-9]+)?)*$"
+                services:
+                  type: array
+                  items:
+                    type: string
+                  minItems: 1

dist/install.sh

@@ -237,6 +237,74 @@ spec:
               type: object
       subresources:
         status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: externaliprules.bigip.io
+spec:
+  scope: Namespaced
+  group: bigip.io
+  names:
+    kind: ExternalIPRule
+    listKind: ExternalIPRuleList
+    plural: externaliprules
+    singular: externaliprule
+    shortNames:
+      - eipr
+  versions:
+    - name: v1alpha1
+      served: true
+      storage: true
+      additionalPrinterColumns:
+        - name: ExternalIP
+          type: string
+          jsonPath: .spec.externalAddresses
+        - name: Services
+          type: string
+          jsonPath: .spec.services
+      schema:
+        openAPIV3Schema:
+          type: object
+          properties:
+            spec:
+              type: object
+              required:
+                - externalAddresses
+                - services
+              properties:
+                externalAddresses:
+                  type: array
+                  items:
+                    type: string
+                  minItems: 1
+                destinationMatch:
+                  type: object
+                  properties:
+                    name:
+                      type: string
+                    addresses:
+                      type: array
+                      items:
+                        type: string
+                    destinationMatchPorts:
+                      type: object
+                      properties:
+                        protocol:
+                          type: string
+                          enum:
+                            - tcp
+                            - udp
+                        ports:
+                          type: array
+                          items:
+                            type: string
+                            pattern: "^[0-9]+(-[0-9]+)?(,[0-9]+(-[0-9]+)?)*$"
+                services:
+                  type: array
+                  items:
+                    type: string
+                  minItems: 1
 EOF
 echo "-------------------------------"
 echo ""
@@ -308,6 +376,16 @@ rules:
       - list
       - update
       - patch
+  - apiGroups:
+      - bigip.io
+    resources:
+      - externaliprules
+    verbs:
+      - get
+      - watch
+      - list
+      - update
+      - patch
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
@@ -415,6 +493,8 @@ data:
                          "type": "remote-syslog"
                      }
                  }'
+    externalIPAddresses
+      - 10.5.0.20
     tenant:
       ##common partiton config, init AS3 needs
       - name: "Common"
@@ -452,7 +532,7 @@ spec:
       serviceAccountName: ces-controller
       containers:
         - name: ces-controller
-          image: f5devcentral/ces-controller:0.5.3
+          image: f5devcentral/ces-controller:0.6.0
           env:
             - name: CES_NAMESPACE
               value: $CES_NAMESPACE

dist/uninstall.sh

@@ -21,6 +21,7 @@ kubectl delete --ignore-not-found crd externalservices.kubeovn.io
 kubectl delete --ignore-not-found crd clusteregressrules.kubeovn.io
 kubectl delete --ignore-not-found crd namespaceegressrules.kubeovn.io
 kubectl delete --ignore-not-found crd serviceegressrules.kubeovn.io
+kubectl delete --ignore-not-found crd externaliprules.bigip.io
 echo "-------------------------------"
 echo ""
 

examples/examples.yaml

@@ -84,4 +84,24 @@ spec:
   action: accept
   service: mysql-service
   externalServices:
-    - exsvc4
+    - exsvc4
+
+---
+apiVersion: bigip.io/v1alpha1
+kind: ExternalIPRule
+metadata:
+  name: busybox-test-rule
+  namespace: default
+spec:
+  externalAddresses:
+    - 192.168.21.68
+  destinationMatch:
+    name: win-ng
+    addresses:
+      - "1.2.3.4"
+    destinationMatchPorts:
+      protocol: "tcp"
+      ports: 
+        - "80"
+  services: 
+    - busybox-svc

hack/update-codegen.sh

@@ -27,5 +27,12 @@ CODEGEN_PKG=${CODEGEN_PKG:-$(cd "${SCRIPT_ROOT}"; ls -d -1 ./vendor/k8s.io/code-
 #                  instead of the $GOPATH directly. For normal projects this can be dropped.
 bash "${CODEGEN_PKG}"/generate-groups.sh all \
   github.com/kubeovn/ces-controller/pkg/generated github.com/kubeovn/ces-controller/pkg/apis \
-  kubeovn.io:v1alpha1 \
---go-header-file "${SCRIPT_ROOT}"/hack/boilerplate.go.txt
+  "kubeovn.io:v1alpha1 bigip.io:v1alpha1" \
+  --output-base "$(dirname "${BASH_SOURCE[0]}")/../../../.." \
+  --go-header-file "${SCRIPT_ROOT}"/hack/boilerplate.go.txt
+
+bash "${CODEGEN_PKG}"/generate-internal-groups.sh defaulter \
+  github.com/kubeovn/ces-controller/pkg/generated github.com/kubeovn/ces-controller/pkg/apis github.com/kubeovn/ces-controller/pkg/apis \
+  bigip.io:v1alpha1 \
+  --output-base "$(dirname "${BASH_SOURCE[0]}")/../../../.." \
+  --go-header-file "${SCRIPT_ROOT}"/hack/boilerplate.go.txt

pkg/apis/bigip.io/register.go

@@ -0,0 +1,20 @@
+/*
+Copyright 2021 The Kube-OVN CES Controller Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package snat
+
+// GroupName is the group name used in this package
+const GroupName = "bigip.io"

pkg/apis/bigip.io/v1alpha1/defaults.go

@@ -0,0 +1,13 @@
+package v1alpha1
+
+import "k8s.io/apimachinery/pkg/runtime"
+
+func addDefaultingFuncs(scheme *runtime.Scheme) error {
+	return RegisterDefaults(scheme)
+}
+
+func SetDefaults_ExternalIPRule(obj *ExternalIPRule) {
+	if obj.Spec.Priority == 0 {
+		obj.Spec.Priority = 1000
+	}
+}

pkg/apis/bigip.io/v1alpha1/doc.go

@@ -0,0 +1,22 @@
+/*
+Copyright 2021 The Kube-OVN CES Controller Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package
+// +k8s:defaulter-gen=TypeMeta
+// +groupName=bigip.io
+
+// Package v1alpha1 is the v1alpha1 version of the API.
+package v1alpha1 // import "github.com/kubeovn/ces-controller/pkg/apis/snat/v1alpha1"

pkg/apis/bigip.io/v1alpha1/register.go

@@ -0,0 +1,59 @@
+/*
+Copyright 2021 The Kube-OVN CES Controller Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+
+	snat "github.com/kubeovn/ces-controller/pkg/apis/bigip.io"
+)
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: snat.GroupName, Version: "v1alpha1"}
+
+// Kind takes an unqualified kind and returns back a Group qualified GroupKind
+func Kind(kind string) schema.GroupKind {
+	return SchemeGroupVersion.WithKind(kind).GroupKind()
+}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	// SchemeBuilder initializes a scheme builder
+	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+	// AddToScheme is a global function that registers this API group & version to a scheme
+	AddToScheme = SchemeBuilder.AddToScheme
+)
+
+// Adds the list of known types to Scheme.
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&ExternalIPRule{},
+		&ExternalIPRuleList{},
+	)
+	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
+	return nil
+}
+
+func init() {
+	SchemeBuilder.Register(addDefaultingFuncs)
+}