feat(controller): use gateway replace ingress

Author: duanhongyi

charts/controller/templates/_helpers.tpl

@@ -3,9 +3,9 @@
 env:
 - name: REGISTRATION_MODE
   value: {{ .Values.registrationMode }}
-# Environmental variable value for $INGRESS_CLASS
-- name: "DRYCC_INGRESS_CLASS"
-  value: "{{ .Values.global.ingressClass }}"
+# Environmental variable value for $GATEWAY_CLASS
+- name: "DRYCC_GATEWAY_CLASS"
+  value: "{{ .Values.global.gatewayClass }}"
 - name: "DRYCC_PLATFORM_DOMAIN"
   value: "{{ .Values.global.platformDomain }}"
 - name: "K8S_API_VERIFY_TLS"

charts/controller/templates/controller-certificate.yaml

@@ -12,7 +12,7 @@ rules:
   verbs: ["get", "list", "create", "delete"]
 - apiGroups: [""]
   resources: ["services"]
-  verbs: ["get", "list", "create", "update", "delete"]
+  verbs: ["get", "list", "create", "patch", "update", "delete"]
 - apiGroups: [""]
   resources: ["nodes"]
   verbs: ["get", "list"]
@@ -21,7 +21,7 @@ rules:
   verbs: ["list", "create"]
 - apiGroups: [""]
   resources: ["secrets"]
-  verbs: ["list", "get", "create", "update", "delete"]
+  verbs: ["list", "get", "create", "patch", "update", "delete"]
 - apiGroups: [""]
   resources: ["replicationcontrollers"]
   verbs: ["get", "list", "create", "update", "delete"]
@@ -79,7 +79,8 @@ rules:
 - apiGroups: ["servicecatalog.k8s.io"]
   resources: ["serviceinstances", "servicebindings"]
   verbs: ["get", "list", "watch", "create", "delete", "patch", "update"]
-- apiGroups: ["traefik.containo.us"]
-  resources: ["middlewares"]
-  verbs: ["get", "list", "watch", "create", "delete", "patch", "update"]
+- apiGroups: ["gateway.networking.k8s.io"]
+  resources: ["gateways", "httproutes", "grocroutes", "tcproutes", "udproutes", "tlsroutes"]
+  verbs: ["get", "patch", "list", "create", "update", "delete"]
 {{- end -}}
+

charts/controller/templates/controller-clusterrole.yaml

@@ -0,0 +1,32 @@
+apiVersion: gateway.networking.k8s.io/v1beta1
+kind: HTTPRoute
+metadata:
+  name: controller-api-server
+  labels:
+    app: "controller"
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+spec:
+  hostnames:
+  - drycc.{{ .Values.global.platformDomain }}
+  parentRefs:
+  - group: gateway.networking.k8s.io
+    kind: Gateway
+    name: drycc-gateway
+    sectionName: drycc-gateway-listener-http
+{{- if .Values.global.certManagerEnabled }}
+  - group: gateway.networking.k8s.io
+    kind: Gateway
+    name: drycc-gateway
+    sectionName: drycc-gateway-listener-https
+{{- end }}
+  rules:
+  - matches:
+    - path:
+        type: PathPrefix
+        value: /
+    backendRefs:
+    - name: drycc-controller-api
+      port: 80
+

charts/controller/templates/controller-ingress.yaml

@@ -163,6 +163,8 @@ global:
   registrySecretPrefix: "private-registry"
   # Role-Based Access Control for Kubernetes >= 1.5
   rbac: false
+  # GatewayClass is cluster-scoped resource defined by the infrastructure provider.
+  gatewayClass: ""
   # Please check `kubernetes.io/ingress.class`
   ingressClass: ""
   # A domain name consists of one or more parts.

charts/controller/templates/controller-route.yaml

@@ -36,7 +36,6 @@ def custom_exception_handler(exc, context):
     if isinstance(exc, Http404):
         set_rollback()
         return Response(str(exc), status=status.HTTP_404_NOT_FOUND)
-
     # Call REST framework's default exception handler after specific 404 handling,
     # to get the standard error response.
     response = exception_handler(exc, context)

charts/controller/values.yaml

@@ -13,7 +13,7 @@
     "groups": [],
     "user_permissions": [],
     "password": "pbkdf2_sha256$10000$SLr4X1T9L3QA$NB4d4a0d+3NZuAwLbdnKGb2z3P/hQrKQHVaGG3zAaMw=",
-    "email": "autotest@drycc.cc",
+    "email": "autotest-1@drycc.cc",
     "date_joined": "2013-11-25T21:58:46.208Z"
   }
 },
@@ -31,7 +31,7 @@
     "groups": [],
     "user_permissions": [],
     "password": "pbkdf2_sha256$10000$FrfwTVAtWPMD$HUfDokMeY37YshdyS3uhDZ+d/r8galU7kNuBfZxJl2s=",
-    "email": "autotest@drycc.cc",
+    "email": "autotest-2@drycc.cc",
     "date_joined": "2013-11-25T21:59:30.760Z"
   }
 },
@@ -49,7 +49,7 @@
     "groups": [],
     "user_permissions": [],
     "password": "pbkdf2_sha256$10000$FrfwTVAtWPMD$HUfDokMeY37YshdyS3uhDZ+d/r8galU7kNuBfZxJl2s=",
-    "email": "autotest@drycc.cc",
+    "email": "autotest-3@drycc.cc",
     "date_joined": "2013-11-25T21:59:30.760Z"
   }
 },

rootfs/api/exceptions.py

@@ -1,4 +1,4 @@
-# Generated by Django 4.1.7 on 2023-03-17 08:18
+# Generated by Django 4.1.7 on 2023-05-05 03:32
 
 import api.models.app
 import api.models.certificate
@@ -185,6 +185,7 @@ class Migration(migrations.Migration):
                 ('uuid', models.UUIDField(auto_created=True, default=uuid.uuid4, editable=False, primary_key=True, serialize=False, unique=True, verbose_name='UUID')),
                 ('created', models.DateTimeField(auto_now_add=True)),
                 ('updated', models.DateTimeField(auto_now=True)),
+                ('issuer', models.JSONField(default={'email': 'anonymous@cert-manager.io', 'key_id': '', 'key_secret': '', 'server': 'https://acme-v02.api.letsencrypt.org/directory'})),
                 ('https_enforced', models.BooleanField(null=True)),
                 ('certs_auto_enabled', models.BooleanField(null=True)),
                 ('app', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='api.app')),
@@ -202,8 +203,7 @@ class Migration(migrations.Migration):
                 ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                 ('created', models.DateTimeField(auto_now_add=True)),
                 ('updated', models.DateTimeField(auto_now=True)),
-                ('port', models.PositiveIntegerField(default=5000)),
-                ('protocol', models.TextField(default='TCP')),
+                ('ports', models.JSONField(default=list)),
                 ('procfile_type', models.TextField()),
                 ('app', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='api.app')),
                 ('owner', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to=settings.AUTH_USER_MODEL)),
@@ -214,6 +214,28 @@ class Migration(migrations.Migration):
                 'unique_together': {('app', 'procfile_type')},
             },
         ),
+        migrations.CreateModel(
+            name='Route',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('created', models.DateTimeField(auto_now_add=True)),
+                ('updated', models.DateTimeField(auto_now=True)),
+                ('kind', models.CharField(choices=[('TLSRoute', 'TCP'), ('TCPRoute', 'TCP'), ('UDPRoute', 'UDP'), ('GRPCRoute', 'HTTPS'), ('HTTPRoute', 'HTTP/HTTPS')], max_length=15)),
+                ('name', models.CharField(db_index=True, max_length=63)),
+                ('port', models.PositiveIntegerField()),
+                ('rules', models.JSONField(default=list)),
+                ('routable', models.BooleanField(default=True)),
+                ('parent_refs', models.JSONField(default=list)),
+                ('procfile_type', models.TextField()),
+                ('app', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='api.app')),
+                ('owner', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'ordering': ['-created'],
+                'get_latest_by': 'created',
+                'unique_together': {('app', 'name')},
+            },
+        ),
         migrations.CreateModel(
             name='Resource',
             fields=[
@@ -273,13 +295,30 @@ class Migration(migrations.Migration):
                 'unique_together': {('owner', 'fingerprint')},
             },
         ),
+        migrations.CreateModel(
+            name='Gateway',
+            fields=[
+                ('id', models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('created', models.DateTimeField(auto_now_add=True)),
+                ('updated', models.DateTimeField(auto_now=True)),
+                ('name', models.CharField(db_index=True, max_length=63)),
+                ('ports', models.JSONField(default=list)),
+                ('app', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='api.app')),
+                ('owner', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to=settings.AUTH_USER_MODEL)),
+            ],
+            options={
+                'ordering': ['-created'],
+                'get_latest_by': 'created',
+                'unique_together': {('app', 'name')},
+            },
+        ),
         migrations.CreateModel(
             name='AppSettings',
             fields=[
                 ('uuid', models.UUIDField(auto_created=True, default=uuid.uuid4, editable=False, primary_key=True, serialize=False, unique=True, verbose_name='UUID')),
                 ('created', models.DateTimeField(auto_now_add=True)),
                 ('updated', models.DateTimeField(auto_now=True)),
-                ('routable', models.BooleanField(null=True)),
+                ('routable', models.BooleanField(default=True)),
                 ('autoscale', models.JSONField(blank=True, default=dict)),
                 ('label', models.JSONField(blank=True, default=dict)),
                 ('app', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='api.app')),
@@ -292,3 +331,4 @@ class Migration(migrations.Migration):
             },
         ),
     ]
+