From fb2ad86bd5123909f0cc3fdc86171f1d289e76dd Mon Sep 17 00:00:00 2001 From: Jenny Shu <28537278+jenshu@users.noreply.github.com> Date: Mon, 13 Jan 2025 11:34:20 -0500 Subject: [PATCH] Cleanup: remove kube gateway enabled checks (#10435) --- .../gloo/templates/1-gloo-deployment.yaml | 4 -- install/test/k8sgateway_test.go | 9 ---- .../validating_admission_webhook.go | 13 ++--- .../validating_admission_webhook_test.go | 7 ++- .../gloo/cli/pkg/cmd/check/kube_gateway.go | 12 +---- .../gloo/cli/pkg/kubegatewayutils/detect.go | 53 ------------------- projects/gloo/constants/gloo_gateway.go | 5 -- projects/gloo/pkg/bootstrap/opts.go | 3 +- .../gloo/pkg/servers/iosnapshot/history.go | 11 ++-- .../pkg/servers/iosnapshot/history_test.go | 3 +- .../gloo/pkg/syncer/setup/setup_syncer.go | 11 ++-- projects/gloo/pkg/translator/clusters.go | 7 +-- test/consulvaulte2e/e2e_suite_test.go | 9 ---- test/services/gloo.go | 6 +-- 14 files changed, 19 insertions(+), 134 deletions(-) delete mode 100644 projects/gloo/constants/gloo_gateway.go diff --git a/install/helm/gloo/templates/1-gloo-deployment.yaml b/install/helm/gloo/templates/1-gloo-deployment.yaml index db7d3f7874f..5acbc0653ea 100644 --- a/install/helm/gloo/templates/1-gloo-deployment.yaml +++ b/install/helm/gloo/templates/1-gloo-deployment.yaml @@ -237,10 +237,6 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - {{- if .Values.kubeGateway.enabled }} - - name: GG_K8S_GW_CONTROLLER - value: "true" - {{- end }}{{/* if .Values.kubeGateway.enabled */}} {{- if .Values.kubeGateway.portal.enabled }} - name: GG_PORTAL_PLUGIN value: "true" diff --git a/install/test/k8sgateway_test.go b/install/test/k8sgateway_test.go index b5a322d4670..e1fd2eeb322 100644 --- a/install/test/k8sgateway_test.go +++ b/install/test/k8sgateway_test.go @@ -9,7 +9,6 @@ import ( "github.com/solo-io/gloo/pkg/utils/kubeutils" "github.com/solo-io/gloo/projects/gateway2/api/v1alpha1" "github.com/solo-io/gloo/projects/gateway2/wellknown" - "github.com/solo-io/gloo/projects/gloo/constants" "github.com/solo-io/gloo/test/gomega/matchers" glootestutils "github.com/solo-io/gloo/test/testutils" . "github.com/solo-io/k8s-utils/manifesttestutils" @@ -44,14 +43,8 @@ var _ = Describe("Kubernetes Gateway API integration", func() { }) It("relevant resources are rendered", func() { - // make sure the env variable that enables the controller is set deployment := getDeployment(testManifest, namespace, kubeutils.GlooDeploymentName) Expect(deployment.Spec.Template.Spec.Containers).To(HaveLen(1), "should have exactly 1 container") - expectEnvVarExists(deployment.Spec.Template.Spec.Containers[0], - corev1.EnvVar{ - Name: constants.GlooGatewayEnableK8sGwControllerEnv, - Value: "true", - }) // make sure the GatewayClass and RBAC resources exist (note, since they are all cluster-scoped, they do not have a namespace) testManifest.ExpectUnstructured("GatewayClass", "", "gloo-gateway").NotTo(BeNil()) @@ -491,10 +484,8 @@ var _ = Describe("Kubernetes Gateway API integration", func() { }) It("relevant resources are not rendered", func() { - // the env variable that enables the controller should not be set deployment := getDeployment(testManifest, namespace, kubeutils.GlooDeploymentName) Expect(deployment.Spec.Template.Spec.Containers).To(HaveLen(1), "should have exactly 1 container") - expectEnvVarDoesNotExist(deployment.Spec.Template.Spec.Containers[0], constants.GlooGatewayEnableK8sGwControllerEnv) // the RBAC resources should not be rendered testManifest.ExpectUnstructured("GatewayClass", "", "gloo-gateway").To(BeNil()) diff --git a/projects/gateway/pkg/services/k8sadmission/validating_admission_webhook.go b/projects/gateway/pkg/services/k8sadmission/validating_admission_webhook.go index 7b19141dc30..bd5090f04f1 100644 --- a/projects/gateway/pkg/services/k8sadmission/validating_admission_webhook.go +++ b/projects/gateway/pkg/services/k8sadmission/validating_admission_webhook.go @@ -104,7 +104,6 @@ type WebhookConfig struct { alwaysAccept bool // accept all resources readGatewaysFromAllNamespaces bool webhookNamespace string - kubeGatewayEnabled bool } func NewWebhookConfig( @@ -115,7 +114,6 @@ func NewWebhookConfig( serverCertPath, serverKeyPath string, alwaysAccept, readGatewaysFromAllNamespaces bool, webhookNamespace string, - kubeGatewayEnabled bool, ) WebhookConfig { return WebhookConfig{ ctx: ctx, @@ -127,7 +125,6 @@ func NewWebhookConfig( alwaysAccept: alwaysAccept, readGatewaysFromAllNamespaces: readGatewaysFromAllNamespaces, webhookNamespace: webhookNamespace, - kubeGatewayEnabled: kubeGatewayEnabled, } } @@ -141,7 +138,6 @@ func NewGatewayValidatingWebhook(cfg WebhookConfig) (*http.Server, error) { alwaysAccept := cfg.alwaysAccept readGatewaysFromAllNamespaces := cfg.readGatewaysFromAllNamespaces webhookNamespace := cfg.webhookNamespace - kubeGatewayEnabled := cfg.kubeGatewayEnabled certProvider, err := NewCertificateProvider(serverCertPath, serverKeyPath, log.New(&debugLogger{ctx: ctx}, "validation-webhook-certificate-watcher", log.LstdFlags), ctx, 10*time.Second) if err != nil { @@ -155,7 +151,6 @@ func NewGatewayValidatingWebhook(cfg WebhookConfig) (*http.Server, error) { alwaysAccept, readGatewaysFromAllNamespaces, webhookNamespace, - kubeGatewayEnabled, ) mux := http.NewServeMux() @@ -184,7 +179,6 @@ type gatewayValidationWebhook struct { alwaysAccept bool // read only so no races readGatewaysFromAllNamespaces bool // read only so no races webhookNamespace string // read only so no races - kubeGatewayEnabled bool // read only so no races } type AdmissionReviewWithProxies struct { @@ -210,7 +204,6 @@ func NewGatewayValidationHandler( alwaysAccept bool, readGatewaysFromAllNamespaces bool, webhookNamespace string, - kubeGatewayEnabled bool, ) *gatewayValidationWebhook { return &gatewayValidationWebhook{ ctx: ctx, @@ -219,7 +212,6 @@ func NewGatewayValidationHandler( alwaysAccept: alwaysAccept, readGatewaysFromAllNamespaces: readGatewaysFromAllNamespaces, webhookNamespace: webhookNamespace, - kubeGatewayEnabled: kubeGatewayEnabled, } } @@ -563,8 +555,9 @@ func (wh *gatewayValidationWebhook) validateList(ctx context.Context, rawJson [] func (wh *gatewayValidationWebhook) shouldValidateGvk(gvk schema.GroupVersionKind) bool { if gvk == gwv1.RouteOptionGVK || gvk == gwv1.VirtualHostOptionGVK { - // only validate RouteOption and VirtualHostOption resources if K8s Gateway is enabled - return wh.kubeGatewayEnabled + // only validate RouteOption and VirtualHostOption resources if K8s Gateway is enabled. + // it is always enabled now, so always return true + return true } // no other special considerations at this point, so continue with validation diff --git a/projects/gateway/pkg/services/k8sadmission/validating_admission_webhook_test.go b/projects/gateway/pkg/services/k8sadmission/validating_admission_webhook_test.go index 3fa426a5245..97aa801c73e 100644 --- a/projects/gateway/pkg/services/k8sadmission/validating_admission_webhook_test.go +++ b/projects/gateway/pkg/services/k8sadmission/validating_admission_webhook_test.go @@ -492,10 +492,9 @@ var _ = Describe("ValidatingAdmissionWebhook", func() { JustBeforeEach(func() { mv = &mockValidator{} wh = &gatewayValidationWebhook{ - webhookNamespace: "namespace", - ctx: context.TODO(), - validator: mv, - kubeGatewayEnabled: true, + webhookNamespace: "namespace", + ctx: context.TODO(), + validator: mv, } srv = httptest.NewServer(wh) }) diff --git a/projects/gloo/cli/pkg/cmd/check/kube_gateway.go b/projects/gloo/cli/pkg/cmd/check/kube_gateway.go index f1b134c9db6..490f71ce358 100644 --- a/projects/gloo/cli/pkg/cmd/check/kube_gateway.go +++ b/projects/gloo/cli/pkg/cmd/check/kube_gateway.go @@ -54,23 +54,13 @@ func CheckKubeGatewayResources(ctx context.Context, printer printers.P, opts *op return multiErr.ErrorOrNil() } -// check if Kubernetes Gateway integration is enabled by checking if the Gateway API CRDs are installed and -// whether the GG_K8S_GW_CONTROLLER env var is true in the gloo deployment. +// check if Kubernetes Gateway integration is enabled by checking if the Gateway API CRDs are installed func isKubeGatewayEnabled(ctx context.Context, opts *options.Options) (bool, error) { cfg, err := kubeutils.GetRestConfigWithKubeContext(opts.Top.KubeContext) if err != nil { return false, err } - gatewayEnabled, err := kubegatewayutils.DetectKubeGatewayEnabled(ctx, opts) - if err != nil { - return false, eris.Wrapf(err, "unable to determine if Kubernetes Gateway integration is enabled") - } - - if !gatewayEnabled { - return false, nil - } - hasCRDs, err := kubegatewayutils.DetectKubeGatewayCrds(cfg) if err != nil { return false, eris.Wrapf(err, "unable to determine if Kubernetes Gateway CRDs are applied") diff --git a/projects/gloo/cli/pkg/kubegatewayutils/detect.go b/projects/gloo/cli/pkg/kubegatewayutils/detect.go index 08aa0f4656b..6b496b01f92 100644 --- a/projects/gloo/cli/pkg/kubegatewayutils/detect.go +++ b/projects/gloo/cli/pkg/kubegatewayutils/detect.go @@ -1,17 +1,7 @@ package kubegatewayutils import ( - "context" - "strconv" - - "github.com/rotisserie/eris" "github.com/solo-io/gloo/projects/gateway2/wellknown" - "github.com/solo-io/gloo/projects/gloo/cli/pkg/cmd/options" - cliconstants "github.com/solo-io/gloo/projects/gloo/cli/pkg/constants" - "github.com/solo-io/gloo/projects/gloo/cli/pkg/helpers" - "github.com/solo-io/gloo/projects/gloo/constants" - corev1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/discovery" "k8s.io/client-go/rest" ) @@ -38,46 +28,3 @@ func DetectKubeGatewayCrds(cfg *rest.Config) (bool, error) { return false, nil } - -// Returns true if the GG_K8S_GW_CONTROLLER env var is true in the gloo deployment. -// Note: This is tied up with the GG implementation and will need to be updated if it changes -func DetectKubeGatewayEnabled(ctx context.Context, opts *options.Options) (bool, error) { - glooDeploymentName, err := helpers.GetGlooDeploymentName(opts.Top.Ctx, opts.Metadata.GetNamespace()) - if err != nil { - return false, err - } - - // check if Kubernetes Gateway integration is enabled by checking if the controller env variable is set in the - // gloo deployment - client, err := helpers.GetKubernetesClient(opts.Top.KubeContext) - if err != nil { - return false, eris.Wrapf(err, "could not get kubernetes client") - } - - glooDeployment, err := client.AppsV1().Deployments(opts.Metadata.GetNamespace()).Get(ctx, glooDeploymentName, metav1.GetOptions{}) - if err != nil { - return false, eris.Wrapf(err, "could not get gloo deployment") - } - - var glooContainer *corev1.Container - for _, container := range glooDeployment.Spec.Template.Spec.Containers { - if container.Name == cliconstants.GlooContainerName { - glooContainer = &container - break - } - } - if glooContainer == nil { - return false, eris.New("could not find gloo container in gloo deployment") - } - - for _, envVar := range glooContainer.Env { - if envVar.Name == constants.GlooGatewayEnableK8sGwControllerEnv { - val, err := strconv.ParseBool(envVar.Value) - if err != nil { - return false, eris.Wrapf(err, "could not parse value of %s env var in gloo deployment", constants.GlooGatewayEnableK8sGwControllerEnv) - } - return val, nil - } - } - return false, nil -} diff --git a/projects/gloo/constants/gloo_gateway.go b/projects/gloo/constants/gloo_gateway.go deleted file mode 100644 index bbbc7bed0ba..00000000000 --- a/projects/gloo/constants/gloo_gateway.go +++ /dev/null @@ -1,5 +0,0 @@ -package constants - -const ( - GlooGatewayEnableK8sGwControllerEnv = "GG_K8S_GW_CONTROLLER" -) diff --git a/projects/gloo/pkg/bootstrap/opts.go b/projects/gloo/pkg/bootstrap/opts.go index 0526bf14c9e..e6c8295ab19 100644 --- a/projects/gloo/pkg/bootstrap/opts.go +++ b/projects/gloo/pkg/bootstrap/opts.go @@ -118,8 +118,7 @@ type IstioValues struct { } type GlooGateway struct { - EnableK8sGatewayController bool - IstioValues IstioValues + IstioValues IstioValues } type Consul struct { diff --git a/projects/gloo/pkg/servers/iosnapshot/history.go b/projects/gloo/pkg/servers/iosnapshot/history.go index dfa6a757d6f..ae1009926b4 100644 --- a/projects/gloo/pkg/servers/iosnapshot/history.go +++ b/projects/gloo/pkg/servers/iosnapshot/history.go @@ -49,9 +49,8 @@ type History interface { // HistoryFactoryParameters are the inputs used to create a History object type HistoryFactoryParameters struct { - Settings *gloov1.Settings - Cache cache.SnapshotCache - EnableK8sGatewayIntegration bool + Settings *gloov1.Settings + Cache cache.SnapshotCache } // HistoryFactory is a function that produces a History object @@ -72,11 +71,7 @@ func GetHistoryFactory() HistoryFactory { } } - // By default, only return the GVKs for using Gloo Gateway, with purely the Edge Gateway APIs - var gvks = EdgeOnlyInputSnapshotGVKs - if params.EnableK8sGatewayIntegration { - gvks = CompleteInputSnapshotGVKs - } + gvks := CompleteInputSnapshotGVKs return NewHistory(params.Cache, params.Settings, kubeClient, gvks) } diff --git a/projects/gloo/pkg/servers/iosnapshot/history_test.go b/projects/gloo/pkg/servers/iosnapshot/history_test.go index 2a4aef8cbf8..f5c87189c08 100644 --- a/projects/gloo/pkg/servers/iosnapshot/history_test.go +++ b/projects/gloo/pkg/servers/iosnapshot/history_test.go @@ -69,8 +69,7 @@ var _ = Describe("History", func() { Namespace: defaults.GlooSystem, }, }, - Cache: &xds.MockXdsCache{}, - EnableK8sGatewayIntegration: true, + Cache: &xds.MockXdsCache{}, } }) diff --git a/projects/gloo/pkg/syncer/setup/setup_syncer.go b/projects/gloo/pkg/syncer/setup/setup_syncer.go index dccef5efc51..98cc942cd24 100644 --- a/projects/gloo/pkg/syncer/setup/setup_syncer.go +++ b/projects/gloo/pkg/syncer/setup/setup_syncer.go @@ -898,9 +898,8 @@ func RunGlooWithExtensions(opts bootstrap.Opts, extensions Extensions) error { // snapshotHistory is a utility for managing the state of the input/output snapshots that the Control Plane // consumes and produces. This object is then used by our Admin Server, to provide this data on demand snapshotHistory := extensions.SnapshotHistoryFactory(iosnapshot.HistoryFactoryParameters{ - Settings: opts.Settings, - Cache: opts.ControlPlane.SnapshotCache, - EnableK8sGatewayIntegration: opts.GlooGateway.EnableK8sGatewayController, + Settings: opts.Settings, + Cache: opts.ControlPlane.SnapshotCache, }) startFuncs["admin-server"] = AdminServerStartFunc(snapshotHistory, opts.KrtDebugger) @@ -1012,7 +1011,6 @@ func RunGlooWithExtensions(opts bootstrap.Opts, extensions Extensions) error { gwOpts.Validation.AlwaysAcceptResources, gwOpts.ReadGatewaysFromAllNamespaces, gwOpts.GlooNamespace, - opts.GlooGateway.EnableK8sGatewayController, // controls validation of KubeGateway policies (e.g. RouteOption, VirtualHostOption) ), ) if err != nil { @@ -1350,10 +1348,7 @@ func constructOpts(ctx context.Context, setup *bootstrap.SetupOpts, params const func constructGlooGatewayBootstrapOpts(settings *v1.Settings) bootstrap.GlooGateway { return bootstrap.GlooGateway{ - // TODO: This value should be inherited at installation time, to determine if the k8s controller is enabled - // In the interim, we use an env variable to control the value - EnableK8sGatewayController: envutils.IsEnvTruthy(constants.GlooGatewayEnableK8sGwControllerEnv), - IstioValues: constructIstioBootstrapOpts(settings), + IstioValues: constructIstioBootstrapOpts(settings), } } diff --git a/projects/gloo/pkg/translator/clusters.go b/projects/gloo/pkg/translator/clusters.go index bfb9444a144..0f59f2a0eff 100644 --- a/projects/gloo/pkg/translator/clusters.go +++ b/projects/gloo/pkg/translator/clusters.go @@ -15,8 +15,6 @@ import ( "github.com/golang/protobuf/ptypes/wrappers" "github.com/rotisserie/eris" "github.com/solo-io/gloo/pkg/utils/api_conversion" - "github.com/solo-io/gloo/pkg/utils/envutils" - "github.com/solo-io/gloo/projects/gloo/constants" v1 "github.com/solo-io/gloo/projects/gloo/pkg/api/v1" v1_options "github.com/solo-io/gloo/projects/gloo/pkg/api/v1/options" "github.com/solo-io/gloo/projects/gloo/pkg/api/v1/ssl" @@ -143,6 +141,7 @@ func (t *translatorInstance) initializeCluster( circuitBreakers := t.settings.GetGloo().GetCircuitBreakers() out := &envoy_config_cluster_v3.Cluster{ Name: UpstreamToClusterName(upstream.GetMetadata().Ref()), + AltStatName: UpstreamToClusterStatsName(upstream), Metadata: new(envoy_config_core_v3.Metadata), CircuitBreakers: getCircuitBreakers(upstream.GetCircuitBreakers(), circuitBreakers), LbSubsetConfig: createLbConfig(upstream), @@ -158,10 +157,6 @@ func (t *translatorInstance) initializeCluster( DnsRefreshRate: dnsRefreshRate, PreconnectPolicy: preconnect, } - // for kube gateway, use new stats name format - if envutils.IsEnvTruthy(constants.GlooGatewayEnableK8sGwControllerEnv) { - out.AltStatName = UpstreamToClusterStatsName(upstream) - } if sslConfig := upstream.GetSslConfig(); sslConfig != nil { applyDefaultsToUpstreamSslConfig(sslConfig, t.settings.GetUpstreamOptions()) diff --git a/test/consulvaulte2e/e2e_suite_test.go b/test/consulvaulte2e/e2e_suite_test.go index 7a170ebb6c5..36fd796593a 100644 --- a/test/consulvaulte2e/e2e_suite_test.go +++ b/test/consulvaulte2e/e2e_suite_test.go @@ -4,8 +4,6 @@ import ( "os" "testing" - "github.com/solo-io/gloo/projects/gloo/constants" - "github.com/solo-io/gloo/test/services/envoy" "github.com/solo-io/gloo/test/ginkgo/labels" @@ -49,17 +47,10 @@ var _ = BeforeSuite(func() { Expect(err).NotTo(HaveOccurred()) vaultFactory, err = services.NewVaultFactory() Expect(err).NotTo(HaveOccurred()) - - // The consulvaulte2e test suite is not run against a k8s cluster, so we must disable the features that require a k8s cluster - err = os.Setenv(constants.GlooGatewayEnableK8sGwControllerEnv, "false") - Expect(err).NotTo(HaveOccurred()) }) var _ = AfterSuite(func() { envoyFactory.Clean() _ = consulFactory.Clean() _ = vaultFactory.Clean() - - err := os.Unsetenv(constants.GlooGatewayEnableK8sGwControllerEnv) - Expect(err).NotTo(HaveOccurred()) }) diff --git a/test/services/gloo.go b/test/services/gloo.go index becbb56964d..9bcf9b13ab8 100644 --- a/test/services/gloo.go +++ b/test/services/gloo.go @@ -378,10 +378,10 @@ func constructTestOpts(ctx context.Context, runOptions *RunOptions, settings *gl GatewayControllerEnabled: settings.GetGateway().GetEnableGatewayController().GetValue(), ValidationOpts: validationOpts, Identity: singlereplica.Identity(), - GlooGateway: bootstrap.GlooGateway{ + GlooGateway: bootstrap.GlooGateway{ // The K8s Gateway Integration depends on a functioning k8s cluster - // These tests are designed to be run in-memory, without a true cluster, so we disable the relevant controller - EnableK8sGatewayController: false, + // These tests are designed to be run in-memory, without a true cluster + // TODO: delete any tests that cannot run when k8s gw api is used }, } }