Skip to content

Commit bfc4f26

Browse files
Make updating status on the router optional
Also unify a number of host setup paths. Makes F5 and template more consistent.
1 parent 6270675 commit bfc4f26

File tree

5 files changed

+54
-37
lines changed

5 files changed

+54
-37
lines changed

pkg/cmd/infra/router/f5.go

+13-6
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ import (
1818
projectinternalclientset "github.com/openshift/origin/pkg/project/generated/internalclientset"
1919
routeapi "github.com/openshift/origin/pkg/route/apis/route"
2020
routeinternalclientset "github.com/openshift/origin/pkg/route/generated/internalclientset"
21+
"github.com/openshift/origin/pkg/router"
2122
"github.com/openshift/origin/pkg/router/controller"
2223
f5plugin "github.com/openshift/origin/pkg/router/f5"
2324
"github.com/openshift/origin/pkg/version"
@@ -46,8 +47,6 @@ type F5RouterOptions struct {
4647

4748
// F5Router is the config necessary to start an F5 router plugin.
4849
type F5Router struct {
49-
RouterName string
50-
5150
// Host specifies the hostname or IP address of the F5 BIG-IP host.
5251
Host string
5352

@@ -95,7 +94,6 @@ type F5Router struct {
9594

9695
// Bind binds F5Router arguments to flags
9796
func (o *F5Router) Bind(flag *pflag.FlagSet) {
98-
flag.StringVar(&o.RouterName, "name", util.Env("ROUTER_SERVICE_NAME", "public"), "The name the router will identify itself with in the route status")
9997
flag.StringVar(&o.Host, "f5-host", util.Env("ROUTER_EXTERNAL_HOST_HOSTNAME", ""), "The host of F5 BIG-IP's management interface")
10098
flag.StringVar(&o.Username, "f5-username", util.Env("ROUTER_EXTERNAL_HOST_USERNAME", ""), "The username for F5 BIG-IP's management utility")
10199
flag.StringVar(&o.Password, "f5-password", util.Env("ROUTER_EXTERNAL_HOST_PASSWORD", ""), "The password for F5 BIG-IP's management utility")
@@ -230,9 +228,18 @@ func (o *F5RouterOptions) Run() error {
230228
return err
231229
}
232230

233-
statusPlugin := controller.NewStatusAdmitter(f5Plugin, routeclient.Route(), o.RouterName, "")
234-
uniqueHostPlugin := controller.NewUniqueHost(statusPlugin, o.RouteSelectionFunc(), o.RouterSelection.DisableNamespaceOwnershipCheck, statusPlugin)
235-
plugin := controller.NewHostAdmitter(uniqueHostPlugin, o.F5RouteAdmitterFunc(), false, o.RouterSelection.DisableNamespaceOwnershipCheck, statusPlugin)
231+
var recorder controller.RejectionRecorder = controller.LogRejections
232+
var plugin router.Plugin = f5Plugin
233+
if o.UpdateStatus {
234+
status := controller.NewStatusAdmitter(plugin, routeclient.Route(), o.RouterName, o.RouterCanonicalHostname)
235+
recorder = status
236+
plugin = status
237+
}
238+
if o.ExtendedValidation {
239+
plugin = controller.NewExtendedValidator(plugin, recorder)
240+
}
241+
plugin = controller.NewUniqueHost(plugin, o.RouteSelectionFunc(), o.RouterSelection.DisableNamespaceOwnershipCheck, recorder)
242+
plugin = controller.NewHostAdmitter(plugin, o.F5RouteAdmitterFunc(), o.AllowWildcardRoutes, o.RouterSelection.DisableNamespaceOwnershipCheck, recorder)
236243

237244
factory := o.RouterSelection.NewFactory(routeclient, projectclient.Project().Projects(), kc)
238245
watchNodes := (len(o.InternalAddress) != 0 && len(o.VxlanGateway) != 0)

pkg/cmd/infra/router/router.go

+21
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ import (
1111
"k8s.io/apimachinery/pkg/fields"
1212
"k8s.io/apimachinery/pkg/labels"
1313
"k8s.io/apimachinery/pkg/util/sets"
14+
"k8s.io/apimachinery/pkg/util/validation"
1415
kclientset "k8s.io/kubernetes/pkg/client/clientset_generated/internalclientset"
1516

1617
cmdutil "github.com/openshift/origin/pkg/cmd/util"
@@ -25,8 +26,13 @@ import (
2526
// RouterSelection controls what routes and resources on the server are considered
2627
// part of this router.
2728
type RouterSelection struct {
29+
RouterName string
30+
RouterCanonicalHostname string
31+
2832
ResyncInterval time.Duration
2933

34+
UpdateStatus bool
35+
3036
HostnameTemplate string
3137
OverrideHostname bool
3238

@@ -52,13 +58,18 @@ type RouterSelection struct {
5258

5359
DisableNamespaceOwnershipCheck bool
5460

61+
ExtendedValidation bool
62+
5563
EnableIngress bool
5664

5765
ListenAddr string
5866
}
5967

6068
// Bind sets the appropriate labels
6169
func (o *RouterSelection) Bind(flag *pflag.FlagSet) {
70+
flag.StringVar(&o.RouterName, "name", cmdutil.Env("ROUTER_SERVICE_NAME", "public"), "The name the router will identify itself with in the route status")
71+
flag.StringVar(&o.RouterCanonicalHostname, "router-canonical-hostname", cmdutil.Env("ROUTER_CANONICAL_HOSTNAME", ""), "CanonicalHostname is the external host name for the router that can be used as a CNAME for the host requested for this route. This value is optional and may not be set in all cases.")
72+
flag.BoolVar(&o.UpdateStatus, "update-status", cmdutil.Env("ROUTER_UPDATE_STATUS", "true") == "true", "If true, the router will update admitted route status.")
6273
flag.DurationVar(&o.ResyncInterval, "resync-interval", controllerfactory.DefaultResyncInterval, "The interval at which the route list should be fully refreshed")
6374
flag.StringVar(&o.HostnameTemplate, "hostname-template", cmdutil.Env("ROUTER_SUBDOMAIN", ""), "If specified, a template that should be used to generate the hostname for a route without spec.host (e.g. '${name}-${namespace}.myapps.mycompany.com')")
6475
flag.BoolVar(&o.OverrideHostname, "override-hostname", cmdutil.Env("ROUTER_OVERRIDE_HOSTNAME", "") == "true", "Override the spec.host value for a route with --hostname-template")
@@ -71,6 +82,7 @@ func (o *RouterSelection) Bind(flag *pflag.FlagSet) {
7182
flag.StringSliceVar(&o.AllowedDomains, "allowed-domains", envVarAsStrings("ROUTER_ALLOWED_DOMAINS", "", ","), "List of comma separated domains to allow in routes. If specified, only the domains in this list will be allowed routes. Note that domains in the denied list take precedence over the ones in the allowed list")
7283
flag.BoolVar(&o.AllowWildcardRoutes, "allow-wildcard-routes", cmdutil.Env("ROUTER_ALLOW_WILDCARD_ROUTES", "") == "true", "Allow wildcard host names for routes")
7384
flag.BoolVar(&o.DisableNamespaceOwnershipCheck, "disable-namespace-ownership-check", cmdutil.Env("ROUTER_DISABLE_NAMESPACE_OWNERSHIP_CHECK", "") == "true", "Disables the namespace ownership checks for a route host with different paths or for overlapping host names in the case of wildcard routes. Please be aware that if namespace ownership checks are disabled, routes in a different namespace can use this mechanism to 'steal' sub-paths for existing domains. This is only safe if route creation privileges are restricted, or if all the users can be trusted.")
85+
flag.BoolVar(&o.ExtendedValidation, "extended-validation", cmdutil.Env("EXTENDED_VALIDATION", "true") == "true", "If set, then an additional extended validation step is performed on all routes admitted in by this router. Defaults to true and enables the extended validation checks.")
7486
flag.BoolVar(&o.EnableIngress, "enable-ingress", cmdutil.Env("ROUTER_ENABLE_INGRESS", "") == "true", "Enable configuration via ingress resources")
7587
flag.StringVar(&o.ListenAddr, "listen-addr", cmdutil.Env("ROUTER_LISTEN_ADDR", ""), "The name of an interface to listen on to expose metrics and health checking. If not specified, will not listen. Overrides stats port.")
7688
}
@@ -205,6 +217,15 @@ func (o *RouterSelection) Complete() error {
205217
o.BlacklistedDomains = sets.NewString(o.DeniedDomains...)
206218
o.WhitelistedDomains = sets.NewString(o.AllowedDomains...)
207219

220+
if routerCanonicalHostname := o.RouterCanonicalHostname; len(routerCanonicalHostname) > 0 {
221+
if errs := validation.IsDNS1123Subdomain(routerCanonicalHostname); len(errs) != 0 {
222+
return fmt.Errorf("invalid canonical hostname: %s", routerCanonicalHostname)
223+
}
224+
if errs := validation.IsValidIP(routerCanonicalHostname); len(errs) == 0 {
225+
return fmt.Errorf("canonical hostname must not be an IP address: %s", routerCanonicalHostname)
226+
}
227+
}
228+
208229
return nil
209230
}
210231

pkg/cmd/infra/router/template.go

+11-23
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,6 @@ import (
1717

1818
ktypes "k8s.io/apimachinery/pkg/types"
1919
"k8s.io/apimachinery/pkg/util/sets"
20-
"k8s.io/apimachinery/pkg/util/validation"
2120
"k8s.io/apiserver/pkg/authentication/authenticatorfactory"
2221
"k8s.io/apiserver/pkg/authorization/authorizer"
2322
"k8s.io/apiserver/pkg/authorization/authorizerfactory"
@@ -70,8 +69,6 @@ type TemplateRouterOptions struct {
7069
}
7170

7271
type TemplateRouter struct {
73-
RouterName string
74-
RouterCanonicalHostname string
7572
WorkingDir string
7673
TemplateFile string
7774
ReloadScript string
@@ -80,7 +77,6 @@ type TemplateRouter struct {
8077
DefaultCertificatePath string
8178
DefaultCertificateDir string
8279
DefaultDestinationCAPath string
83-
ExtendedValidation bool
8480
RouterService *ktypes.NamespacedName
8581
BindPortsAfterSync bool
8682
MaxConnections string
@@ -102,8 +98,6 @@ func reloadInterval() time.Duration {
10298
}
10399

104100
func (o *TemplateRouter) Bind(flag *pflag.FlagSet) {
105-
flag.StringVar(&o.RouterName, "name", util.Env("ROUTER_SERVICE_NAME", "public"), "The name the router will identify itself with in the route status")
106-
flag.StringVar(&o.RouterCanonicalHostname, "router-canonical-hostname", util.Env("ROUTER_CANONICAL_HOSTNAME", ""), "CanonicalHostname is the external host name for the router that can be used as a CNAME for the host requested for this route. This value is optional and may not be set in all cases.")
107101
flag.StringVar(&o.WorkingDir, "working-dir", "/var/lib/haproxy/router", "The working directory for the router plugin")
108102
flag.StringVar(&o.DefaultCertificate, "default-certificate", util.Env("DEFAULT_CERTIFICATE", ""), "The contents of a default certificate to use for routes that don't expose a TLS server cert; in PEM format")
109103
flag.StringVar(&o.DefaultCertificatePath, "default-certificate-path", util.Env("DEFAULT_CERTIFICATE_PATH", ""), "A path to default certificate to use for routes that don't expose a TLS server cert; in PEM format")
@@ -112,7 +106,6 @@ func (o *TemplateRouter) Bind(flag *pflag.FlagSet) {
112106
flag.StringVar(&o.TemplateFile, "template", util.Env("TEMPLATE_FILE", ""), "The path to the template file to use")
113107
flag.StringVar(&o.ReloadScript, "reload", util.Env("RELOAD_SCRIPT", ""), "The path to the reload script to use")
114108
flag.DurationVar(&o.ReloadInterval, "interval", reloadInterval(), "Controls how often router reloads are invoked. Mutiple router reload requests are coalesced for the duration of this interval since the last reload time.")
115-
flag.BoolVar(&o.ExtendedValidation, "extended-validation", util.Env("EXTENDED_VALIDATION", "true") == "true", "If set, then an additional extended validation step is performed on all routes admitted in by this router. Defaults to true and enables the extended validation checks.")
116109
flag.BoolVar(&o.BindPortsAfterSync, "bind-ports-after-sync", util.Env("ROUTER_BIND_PORTS_AFTER_SYNC", "") == "true", "Bind ports only after route state has been synchronized")
117110
flag.StringVar(&o.MaxConnections, "max-connections", util.Env("ROUTER_MAX_CONNECTIONS", ""), "Specifies the maximum number of concurrent connections.")
118111
flag.StringVar(&o.Ciphers, "ciphers", util.Env("ROUTER_CIPHERS", ""), "Specifies the cipher suites to use. You can choose a predefined cipher set ('modern', 'intermediate', or 'old') or specify exact cipher suites by passing a : separated list.")
@@ -174,7 +167,6 @@ func NewCommandTemplateRouter(name string) *cobra.Command {
174167
func (o *TemplateRouterOptions) Complete() error {
175168
routerSvcName := util.Env("ROUTER_SERVICE_NAME", "")
176169
routerSvcNamespace := util.Env("ROUTER_SERVICE_NAMESPACE", "")
177-
routerCanonicalHostname := util.Env("ROUTER_CANONICAL_HOSTNAME", "")
178170
if len(routerSvcName) > 0 {
179171
if len(routerSvcNamespace) == 0 {
180172
return fmt.Errorf("ROUTER_SERVICE_NAMESPACE is required when ROUTER_SERVICE_NAME is specified")
@@ -213,15 +205,6 @@ func (o *TemplateRouterOptions) Complete() error {
213205
return fmt.Errorf("invalid reload interval: %v - must be a positive duration", nsecs)
214206
}
215207

216-
if len(routerCanonicalHostname) > 0 {
217-
if errs := validation.IsDNS1123Subdomain(routerCanonicalHostname); len(errs) != 0 {
218-
return fmt.Errorf("invalid canonical hostname: %s", routerCanonicalHostname)
219-
}
220-
if errs := validation.IsValidIP(routerCanonicalHostname); len(errs) == 0 {
221-
return fmt.Errorf("canonical hostname must not be an IP address: %s", routerCanonicalHostname)
222-
}
223-
}
224-
225208
return o.RouterSelection.Complete()
226209
}
227210

@@ -232,7 +215,7 @@ func (o *TemplateRouterOptions) Validate() error {
232215
if len(o.MetricsType) > 0 && !supportedMetricsTypes.Has(o.MetricsType) {
233216
return fmt.Errorf("supported metrics types are: %s", strings.Join(supportedMetricsTypes.List(), ", "))
234217
}
235-
if len(o.RouterName) == 0 {
218+
if len(o.RouterName) == 0 && o.UpdateStatus {
236219
return errors.New("router must have a name to identify itself in route status")
237220
}
238221
if len(o.TemplateFile) == 0 {
@@ -415,13 +398,18 @@ func (o *TemplateRouterOptions) Run() error {
415398
return err
416399
}
417400

418-
statusPlugin := controller.NewStatusAdmitter(templatePlugin, routeclient.Route(), o.RouterName, o.RouterCanonicalHostname)
419-
var nextPlugin router.Plugin = statusPlugin
401+
var recorder controller.RejectionRecorder = controller.LogRejections
402+
var plugin router.Plugin = templatePlugin
403+
if o.UpdateStatus {
404+
status := controller.NewStatusAdmitter(plugin, routeclient.Route(), o.RouterName, o.RouterCanonicalHostname)
405+
recorder = status
406+
plugin = status
407+
}
420408
if o.ExtendedValidation {
421-
nextPlugin = controller.NewExtendedValidator(nextPlugin, controller.RejectionRecorder(statusPlugin))
409+
plugin = controller.NewExtendedValidator(plugin, recorder)
422410
}
423-
uniqueHostPlugin := controller.NewUniqueHost(nextPlugin, o.RouteSelectionFunc(), o.RouterSelection.DisableNamespaceOwnershipCheck, controller.RejectionRecorder(statusPlugin))
424-
plugin := controller.NewHostAdmitter(uniqueHostPlugin, o.RouteAdmissionFunc(), o.AllowWildcardRoutes, o.RouterSelection.DisableNamespaceOwnershipCheck, controller.RejectionRecorder(statusPlugin))
411+
plugin = controller.NewUniqueHost(plugin, o.RouteSelectionFunc(), o.RouterSelection.DisableNamespaceOwnershipCheck, recorder)
412+
plugin = controller.NewHostAdmitter(plugin, o.RouteAdmissionFunc(), o.AllowWildcardRoutes, o.RouterSelection.DisableNamespaceOwnershipCheck, recorder)
425413

426414
factory := o.RouterSelection.NewFactory(routeclient, projectclient.Project().Projects(), kc)
427415
controller := factory.Create(plugin, false, o.EnableIngress)

pkg/router/controller/status.go

+9
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,15 @@ type RejectionRecorder interface {
2424
RecordRouteRejection(route *routeapi.Route, reason, message string)
2525
}
2626

27+
// LogRejections writes rejection messages to the log.
28+
var LogRejections = logRecorder{}
29+
30+
type logRecorder struct{}
31+
32+
func (logRecorder) RecordRouteRejection(route *routeapi.Route, reason, message string) {
33+
glog.V(3).Infof("Rejected route %s in namespace %s: %s: %s", route.Name, route.Namespace, reason, message)
34+
}
35+
2736
// StatusAdmitter ensures routes added to the plugin have status set.
2837
type StatusAdmitter struct {
2938
plugin router.Plugin

pkg/router/controller/unique_host.go

-8
Original file line numberDiff line numberDiff line change
@@ -25,14 +25,6 @@ func HostForRoute(route *routeapi.Route) string {
2525
type HostToRouteMap map[string][]*routeapi.Route
2626
type RouteToHostMap map[string]string
2727

28-
var LogRejections = logRecorder{}
29-
30-
type logRecorder struct{}
31-
32-
func (logRecorder) RecordRouteRejection(route *routeapi.Route, reason, message string) {
33-
glog.V(4).Infof("Rejected route %s: %s: %s", route.Name, reason, message)
34-
}
35-
3628
// UniqueHost implements the router.Plugin interface to provide
3729
// a template based, backend-agnostic router.
3830
type UniqueHost struct {

0 commit comments

Comments
 (0)