Skip to content
This repository has been archived by the owner on Feb 27, 2023. It is now read-only.

Commit

Permalink
Updates NetworkPublishing to Support a List of Container Ports
Browse files Browse the repository at this point in the history 
Signed-off-by: Daneyon Hansen <daneyonhansen@gmail.com>
  • Loading branch information
@danehans
danehans committed Jan 26, 2021
1 parent ca3d599 commit a55be73
Show file tree
Hide file tree
Showing 4 changed files with 202 additions and 62 deletions.
65 changes: 39 additions & 26 deletions api/v1alpha1/contour_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,10 +27,6 @@ const (
// OwningContourNsLabel is the owner reference label used for a Contour
// created by the operator. The value should be the namespace of the contour.
OwningContourNsLabel = "contour.operator.projectcontour.io/owning-contour-namespace"

// DefaultContourSpecNs is the default name when spec.Namespace.Name of a Contour
// is unspecified.
DefaultContourSpecNs = "projectcontour"
)

// +kubebuilder:object:root=true
Expand Down Expand Up @@ -77,6 +73,7 @@ type ContourSpec struct {
//
// See each field for additional details.
//
// +kubebuilder:default={envoy: {type: LoadBalancerService, containerPorts: {{name: http, portNumber: 8080}, {name: https, portNumber: 8443}}}}
NetworkPublishing NetworkPublishing `json:"networkPublishing,omitempty"`
}

Expand Down Expand Up @@ -106,10 +103,14 @@ type NetworkPublishing struct {
// Envoy provides the schema for publishing the network endpoints of Envoy.
//
// If unset, defaults to:
// type: LoadBalancerService
// httpContainerPort: 80
// httpsContainerPort: 443
// type: LoadBalancerService
// containerPorts:
// - name: http
// portNumber: 8080
// - name: https
// portNumber: 8443
//
// +kubebuilder:default={type: LoadBalancerService, containerPorts: {{name: http, portNumber: 8080}, {name: https, portNumber: 8443}}}
Envoy EnvoyNetworkPublishing `json:"envoy,omitempty"`
}

Expand Down Expand Up @@ -147,27 +148,22 @@ type EnvoyNetworkPublishing struct {
//
LoadBalancer LoadBalancerStrategy `json:"loadBalancer,omitempty"`

// HTTPContainerPort is the HTTP port number to expose on the Envoy container.
// This must be a valid port number, 1 < x < 65536 and differ from
// HttpsContainerPort.
// ContainerPorts is a list of container ports to expose from the Envoy container(s).
// Exposing a port here gives the system additional information about the network
// connections the Envoy container uses, but is primarily informational. Not specifying
// a port here DOES NOT prevent that port from being exposed by Envoy. Any port which is
// listening on the default "0.0.0.0" address inside the Envoy container will be accessible
// from the network. Names and port numbers must be unique in the list container ports. A
// minimum of two ports must be specified, one named "http" for Envoy's insecure service
// and one named "https" for Envoy's secure service.
//
// If unset, defaults to 80.
// TODO [danehans]: Update minItems to 1, requiring only https when the following issue
// is fixed: https://github.com/projectcontour/contour/issues/2577.
//
// +kubebuilder:default=80
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=65535
HTTPContainerPort int `json:"httpContainerPort,omitempty"`

// HTTPSContainerPort is the HTTPS port number to expose on the Envoy container.
// This must be a valid port number, 1 < x < 65536 and differ from
// HttpContainerPort.
//
// If unset, defaults to 443.
//
// +kubebuilder:default=443
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=65535
HTTPSContainerPort int `json:"httpsContainerPort,omitempty"`
// +kubebuilder:validation:MinItems=2
// +kubebuilder:validation:MaxItems=6
// +kubebuilder:default={{name: http, portNumber: 8080}, {name: https, portNumber: 8443}}
ContainerPorts []ContainerPort `json:"containerPorts,omitempty"`
}

// EndpointPublishingType is a way to publish network endpoints.
Expand Down Expand Up @@ -237,6 +233,23 @@ const (
GCPLoadBalancerProvider LoadBalancerProviderType = "GCP"
)

// ContainerPort is the schema to specify a network port for a container.
// A container port gives the system additional information about network
// connections a container uses, but is primarily informational.
type ContainerPort struct {
// Name is an IANA_SVC_NAME within the pod.
//
// +kubebuilder:validation:MinLength=1
// +kubebuilder:validation:MaxLength=253
Name string `json:"name"`

// PortNumber is the network port number to expose on the envoy pod.
// The number must be greater than 0 and less than 65536.
// +kubebuilder:validation:Minimum=1
// +kubebuilder:validation:Maximum=65535
PortNumber int32 `json:"portNumber"`
}

const (
// Available indicates that the contour is running and available.
ContourAvailableConditionType = "Available"
Expand Down
26 changes: 23 additions & 3 deletions api/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

57 changes: 44 additions & 13 deletions config/crd/bases/operator.projectcontour.io_contours.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,23 +55,54 @@ spec:
type: boolean
type: object
networkPublishing:
default:
envoy:
containerPorts:
- name: http
portNumber: 8080
- name: https
portNumber: 8443
type: LoadBalancerService
description: "NetworkPublishing defines the schema for publishing Contour to a network. \n See each field for additional details."
properties:
envoy:
description: "Envoy provides the schema for publishing the network endpoints of Envoy. \n If unset, defaults to: type: LoadBalancerService httpContainerPort: 80 httpsContainerPort: 443"
default:
containerPorts:
- name: http
portNumber: 8080
- name: https
portNumber: 8443
type: LoadBalancerService
description: "Envoy provides the schema for publishing the network endpoints of Envoy. \n If unset, defaults to: type: LoadBalancerService containerPorts: - name: http portNumber: 8080 - name: https portNumber: 8443"
properties:
httpContainerPort:
default: 80
description: "HTTPContainerPort is the HTTP port number to expose on the Envoy container. This must be a valid port number, 1 < x < 65536 and differ from HttpsContainerPort. \n If unset, defaults to 80."
maximum: 65535
minimum: 1
type: integer
httpsContainerPort:
default: 443
description: "HTTPSContainerPort is the HTTPS port number to expose on the Envoy container. This must be a valid port number, 1 < x < 65536 and differ from HttpContainerPort. \n If unset, defaults to 443."
maximum: 65535
minimum: 1
type: integer
containerPorts:
default:
- name: http
portNumber: 8080
- name: https
portNumber: 8443
description: "ContainerPorts is a list of container ports to expose from the Envoy container(s). Exposing a port here gives the system additional information about the network connections the Envoy container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed by Envoy. Any port which is listening on the default \"0.0.0.0\" address inside the Envoy container will be accessible from the network. Names and port numbers must be unique in the list container ports. A minimum of two ports must be specified, one named \"http\" for Envoy's insecure service and one named \"https\" for Envoy's secure service. \n TODO [danehans]: Update minItems to 1, requiring only https when the following issue is fixed: https://github.com/projectcontour/contour/issues/2577."
items:
description: ContainerPort is the schema to specify a network port for a container. A container port gives the system additional information about network connections a container uses, but is primarily informational.
properties:
name:
description: Name is an IANA_SVC_NAME within the pod.
maxLength: 253
minLength: 1
type: string
portNumber:
description: PortNumber is the network port number to expose on the envoy pod. The number must be greater than 0 and less than 65536.
format: int32
maximum: 65535
minimum: 1
type: integer
required:
- name
- portNumber
type: object
maxItems: 6
minItems: 2
type: array
loadBalancer:
description: "loadBalancer holds parameters for the load balancer. Present only if type is LoadBalancerService. \n If unspecified, defaults to an external Classic AWS ELB."
properties:
Expand Down
116 changes: 96 additions & 20 deletions examples/operator/operator.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,32 +70,108 @@ spec:
type: boolean
type: object
networkPublishing:
default:
envoy:
containerPorts:
- name: http
portNumber: 8080
- name: https
portNumber: 8443
type: LoadBalancerService
description: "NetworkPublishing defines the schema for publishing
Contour to a network. \n See each field for additional details."
properties:
envoy:
default:
containerPorts:
- name: http
portNumber: 8080
- name: https
portNumber: 8443
type: LoadBalancerService
description: "Envoy provides the schema for publishing the network
endpoints of Envoy. \n If unset, defaults to: type: LoadBalancerService
\ httpContainerPort: 80 httpsContainerPort: 443"
endpoints of Envoy. \n If unset, defaults to: type: LoadBalancerService
\ containerPorts: - name: http portNumber: 8080 - name:
https portNumber: 8443"
properties:
httpContainerPort:
default: 80
description: "HTTPContainerPort is the HTTP port number to
expose on the Envoy container. This must be a valid port
number, 1 < x < 65536 and differ from HttpsContainerPort.
\n If unset, defaults to 80."
maximum: 65535
minimum: 1
type: integer
httpsContainerPort:
default: 443
description: "HTTPSContainerPort is the HTTPS port number
to expose on the Envoy container. This must be a valid port
number, 1 < x < 65536 and differ from HttpContainerPort.
\n If unset, defaults to 443."
maximum: 65535
minimum: 1
type: integer
containerPorts:
default:
- name: http
portNumber: 8080
- name: https
portNumber: 8443
description: "ContainerPorts is a list of container ports
to expose from the Envoy container(s). Exposing a port here
gives the system additional information about the network
connections the Envoy container uses, but is primarily informational.
Not specifying a port here DOES NOT prevent that port from
being exposed by Envoy. Any port which is listening on the
default \"0.0.0.0\" address inside the Envoy container will
be accessible from the network. Names and port numbers must
be unique in the list container ports. A minimum of two
ports must be specified, one named \"http\" for Envoy's
insecure service and one named \"https\" for Envoy's secure
service. \n TODO [danehans]: Update minItems to 1, requiring
only https when the following issue is fixed: https://github.com/projectcontour/contour/issues/2577."
items:
description: ContainerPort is the schema to specify a network
port for a container. A container port gives the system
additional information about network connections a container
uses, but is primarily informational.
properties:
name:
description: Name is an IANA_SVC_NAME within the pod.
maxLength: 253
minLength: 1
type: string
portNumber:
description: PortNumber is the network port number to
expose on the envoy pod. The number must be greater
than 0 and less than 65536.
format: int32
maximum: 65535
minimum: 1
type: integer
required:
- name
- portNumber
type: object
maxItems: 6
minItems: 2
type: array
loadBalancer:
description: "loadBalancer holds parameters for the load balancer.
Present only if type is LoadBalancerService. \n If unspecified,
defaults to an external Classic AWS ELB."
properties:
providerParameters:
default:
type: AWS
description: providerParameters contains load balancer
information specific to the underlying infrastructure
provider.
properties:
type:
default: AWS
description: type is the underlying infrastructure
provider for the load balancer. Allowed values are
"AWS", "Azure", and "GCP".
enum:
- AWS
- Azure
- GCP
type: string
type: object
scope:
default: External
description: Scope indicates the scope at which the load
balancer is exposed. Possible values are "External"
and "Internal".
enum:
- Internal
- External
type: string
type: object
type:
default: LoadBalancerService
description: "Type is the type of publishing strategy to use.
Expand Down

0 comments on commit a55be73

Please sign in to comment.