kuadrant-operator
kuadrant-operator copied to clipboard
Published
20 hours ago •
Kuadrant
Kuadrant
Have Istio optional
What
This is a preparation work for on-boarding EnvoyGateway on following up PRs. It is, essentially, moving Istio from being the required GatewayAPI provider to optional gateway provider. Among other things, being optional means that when Istio is not installed in the cluster, the kuadrant operator does not die. Additionally, make room for on-boarding other GatewayAPI providers.
- [X] Make Istio EnvoyFilter controller optional. When istio envoy filter CRD or GatewayAPI CRD is not installed, the controller does not start.
- [X] Make Istio Wasmplugin controller optional. When istio WasmPlugin CRD or GatewayAPI CRD is not installed, the controller does not start.
- [X] Make kuadrant controller optional. When GatewayAPI CRD is not installed, the controller does not start.
- [X] Make ratelimitpolicy controller optional. When GatewayAPI CRD is not installed, the controller does not start.
- [X] Make authpolicy controller optional. When GatewayAPI CRD is not installed, the controller does not start.
- [X] Make dnspolicy controller optional. When GatewayAPI CRD is not installed, the controller does not start.
- [X] Make tlspolicy controller optional. When GatewayAPI CRD is not installed, the controller does not start.
- [X] Make target status controller optional. When GatewayAPI CRD is not installed, the controller does not start.
- [X] Make ratelimit policy enforcedstatus controller optional. When GatewayAPI CRD is not installed, the controller does not start.
- [x] Make Istio optional. When istio is not installed, the kuadrant operator still runs.
- [X] At golang level, helper functions working with Istio APIs in
github.com/kuadrant/kuadrant-operator/pkg/istiopackage. Controllers should be the only one importing that package. - [ ] Add check or die test to find one of the supported GatewayAPI providers.
- [x] (Integration) Tests refactor.
| Golang package | Required environment | Makefile env setup target | Makefile test run target |
|---|---|---|---|
github.com/kuadrant/kuadrant-operator/tests/bare_k8s |
no gateway provider, no GatewayAPI CRDs. Just Kuadrant API and Kuadrant dependencies. | make local-k8s-env-setup |
make test-bare-k8s-integration |
github.com/kuadrant/kuadrant-operator/tests/gatewayapi |
no gateway provider. GatewayAPI CRDs, Kuadrant API and Kuadrant dependencies. | make local-gatewayapi-env-setup |
make test-gatewayapi-env-integration |
github.com/kuadrant/kuadrant-operator/controllers |
at least one gatewayapi provider. It can be any: istio, envoygateway, ... | make local-env-setup GATEWAYAPI_PROVIDER=[ISTIO|SAIL] (Default Istio) |
make test-integration |
github.com/kuadrant/kuadrant-operator/tests/istio |
GatewayAPI CRDs, Istio, Kuadrant API and Kuadrant dependencies. | make local-env-setup GATEWAYAPI_PROVIDER=ISTIO |
make test-istio-env-integration |
Defined behavior
| GatewayAPI CRDs | Istio | Kuadrant CR status |
|---|---|---|
| NO | NO | Not reconciled |
| YES | NO | Error: GatewayAPI provider not found |
| YES | YES | OK |
Verification Steps
- Run cluster without gatewayAPI and without Istio installed
make kind-delete-cluster \
&& make kind-create-cluster \
&& make deploy-metrics-server \
&& make namespace \
&& make install-cert-manager \
&& make deploy-dependencies \
&& kubectl -n kuadrant-system wait --timeout=300s --for=condition=Available deployments --all \
&& make install
- Run the operator
make run
The operator should report in logs that multiple controller were disabled as required APIs not found.
2024-05-17T11:27:03+02:00 INFO kuadrant-operator.kuadrant Kuadrant controller disabled. GatewayAPI was not found
2024-05-17T11:27:03+02:00 INFO kuadrant-operator.ratelimitpolicy Ratelimitpolicy controller disabled. GatewayAPI was not found
2024-05-17T11:27:03+02:00 INFO kuadrant-operator.authpolicy AuthPolicy controller disabled. GatewayAPI was not found
2024-05-17T11:27:03+02:00 INFO kuadrant-operator.dnspolicy DNSPolicy controller disabled. GatewayAPI was not found
2024-05-17T11:27:03+02:00 INFO kuadrant-operator.tlspolicy TLSPolicy controller disabled. GatewayAPI was not found
2024-05-17T11:27:03+02:00 INFO kuadrant-operator.ratelimitpolicy.envoyfilter Istio EnvoyFilter controller disabled. Istio was not found
2024-05-17T11:27:03+02:00 INFO kuadrant-operator.kuadrant.gateway GatewayKuadrant controller disabled. GatewayAPI was not found
2024-05-17T11:27:03+02:00 INFO kuadrant-operator.ratelimitpolicy.wasmplugin Istio WasmPlugin controller disabled. Istio was not found
2024-05-17T11:27:03+02:00 INFO kuadrant-operator.targetstatus TargetStatus controller disabled. GatewayAPI was not found
2024-05-17T11:27:03+02:00 INFO kuadrant-operator.ratelimitpolicy.status RateLimitPolicyEnforcedStatus controller disabled. GatewayAPI was not found
