make glooctl check work for kube gateways #9621

jenshu · 2024-06-14T04:25:24Z

Description

Check Kubernetes Gateway API resources during glooctl check, as long as we detect that the kube gateway integration is enabled in the given gloo installation. We assume kube gateway integration is enabled if 1) we find Gateway CRDs on the cluster and 2) a default GatewayParameters exists in the install namesapce.

Other cleanup:

Standardized the casing of the glooctl check output and use the actual CRD names, e.g. Checking auth configs... OK is now Checking AuthConfigs... OK
Removed unused KUBE2E_TESTS var from setup-kind. As of [Migrated] Remove old Istio tests, add new Istio suite with regression values solo-io/gloo#9636 it's not used anymore in the script.

Output :

Checking Deployments... OK
Checking Pods... OK
Checking Upstreams... OK
Checking UpstreamGroups... OK
Checking AuthConfigs... OK
Checking RateLimitConfigs... OK
Checking VirtualHostOptions... OK
Checking RouteOptions... OK
Checking Secrets... OK
Checking VirtualServices... OK
Checking Gateways... OK
Checking Proxies... OK

Detected Kubernetes Gateway integration!
Checking kube GatewayClasses... OK
Checking kube Gateways... OK
Checking kube HTTPRoutes... OK

Skipping Gloo Instance check -- Gloo Federation not detected.
No problems detected.

Checking Deployments... OK
Checking Pods... OK
Checking Upstreams... OK
Checking UpstreamGroups... OK
Checking AuthConfigs... OK
Checking RateLimitConfigs... OK
Checking VirtualHostOptions... OK
Checking RouteOptions... OK
Checking Secrets... OK
Checking VirtualServices... OK
Checking Gateways... OK
Checking Proxies... OK

Skipping Gloo Instance check -- Gloo Federation not detected.
Error: 1 error occurred:
	* unable to determine if kube gateway is enabled: KubeGateway is enabled but the Kubernetes Gateway CRDs are not applied. Please fix this by running `kubectl apply -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.0.0/standard-install.yaml`

Checklist:

I have performed a self-review of my own code
I have commented my code, particularly in hard-to-understand areas
I have made corresponding changes to the documentation
I have added tests that prove my fix is effective or that my feature works

solo-changelog-bot · 2024-06-14T04:25:35Z

Issues linked to changelog:
https://github.com/solo-io/solo-projects/issues/5741

github-actions · 2024-06-14T15:39:15Z

Visit the preview URL for this PR (updated for commit 3d97e2a):

https://gloo-edge--pr9621-glooctl-check-kube-3zxd8mrg.web.app

_{(expires Fri, 28 Jun 2024 19:57:50 GMT)}

_{🔥 via Firebase Hosting GitHub Action 🌎}

_{Sign: 77c2b86e287749579b7ff9cadb81e099042ef677}

…octl-check-kube

davidjumani · 2024-06-21T00:37:31Z

I have a similar approach and would like feedback on it :

First, check the presence of the GatewayParameters CR.
If found, check the presence of the k8s gateway CRDs.
If they are not found, error loudly that they are not found and the installation is misconfigured as the GatewayParameters CR is present but the k8s gateway CRDs are not.
Else proceed with the k8s gateway-related checks

Additionally I think that relying on the presence of the GatewayParameters CR wouldn't be the best way to go about this as users can delete the default CRs and replace them with their own.
Instead, we can label the gloo deployment and check for the presence of that label or the presence of the GG_EXPERIMENTAL_K8S_GW_CONTROLLER env variable something more concrete. I understand that this is tying up the check with the implementation but it seems more robust

test/kubernetes/e2e/tests/k8s_gw_tests.go

projects/gloo/cli/pkg/cmd/check/internal/checks.go

projects/gloo/cli/pkg/cmd/check/kube_gateway.go

projects/gloo/cli/pkg/kubegatewayutils/detect.go

projects/gloo/cli/pkg/cmd/check/kube_gateway.go

sam-heilbron

We have some new CRDs:

https://github.com/solo-io/gloo/blob/main/install/helm/gloo/crds/gateway.solo.io_v1_HttpListenerOption.yaml
https://github.com/solo-io/gloo/blob/main/install/helm/gloo/crds/gateway.solo.io_v1_ListenerOption.yaml
They don't report statuses, but I think it would make sense to check them still

davidjumani · 2024-06-21T21:21:06Z

kick bulldozer

* glooctl check * cl * codegen * use const * standardize casing * standardize case * update kubegateway check * fix import * scheme * KUBE2E_TESTS not needed by setup-kind * fix test * Adding changelog file to new location * Deleting changelog file from old location * fix typo * add additional check outputs * exclude kube checks * add docs to exclude * ensure kube resources are not checked if not enabled * add exclude options * add todo * update kubegatewayenabled check * fix newline * use constants * return early * update comment * Update error * address comments * rename kube gateway * update message --------- Co-authored-by: soloio-bulldozer[bot] <48420018+soloio-bulldozer[bot]@users.noreply.github.com> Co-authored-by: changelog-bot <changelog-bot> Co-authored-by: David Jumani <[email protected]>

davidjumani · 2024-06-21T21:36:52Z

We have some new CRDs:

* https://github.com/solo-io/gloo/blob/main/install/helm/gloo/crds/gateway.solo.io_v1_HttpListenerOption.yaml

* https://github.com/solo-io/gloo/blob/main/install/helm/gloo/crds/gateway.solo.io_v1_ListenerOption.yaml
  They don't report statuses, but I think it would make sense to check them still

Will tackle in a followup PR

jenshu added 4 commits June 14, 2024 00:12

glooctl check

30fe440

cl

0aba7cd

codegen

7b41647

use const

bc2fb3d

github-actions bot added the keep pr updated signals bulldozer to keep pr up to date with base branch label Jun 14, 2024

jenshu marked this pull request as ready for review June 14, 2024 15:19

jenshu requested a review from a team as a code owner June 14, 2024 15:19

soloio-bulldozer bot and others added 21 commits June 14, 2024 16:45

Merge refs/heads/main into glooctl-check-kube

88150ab

Merge refs/heads/main into glooctl-check-kube

582c59b

standardize casing

c41fecc

Merge refs/heads/main into glooctl-check-kube

d7d98a4

Merge refs/heads/main into glooctl-check-kube

e5ecdd2

Merge branch 'glooctl-check-kube' of github.com:solo-io/gloo into glo…

03a3994

…octl-check-kube

Merge refs/heads/main into glooctl-check-kube

a5a97ce

Merge refs/heads/main into glooctl-check-kube

c268b57

standardize case

abbdc7e

Merge branch 'glooctl-check-kube' of github.com:solo-io/gloo into glo…

7303677

…octl-check-kube

update kubegateway check

17034f6

Merge refs/heads/main into glooctl-check-kube

eac1691

fix import

11b42a8

Merge refs/heads/main into glooctl-check-kube

ce0f5cd

Merge refs/heads/main into glooctl-check-kube

1e3411d

scheme

ebf152b

Merge branch 'glooctl-check-kube' of github.com:solo-io/gloo into glo…

413f24f

…octl-check-kube

Merge refs/heads/main into glooctl-check-kube

2e2d9ba

KUBE2E_TESTS not needed by setup-kind

fbc93cf

fix test

0da26b1

Merge branch 'glooctl-check-kube' of github.com:solo-io/gloo into glo…

5b4a0ae

…octl-check-kube

update kubegatewayenabled check

42eb4ba

davidjumani reviewed Jun 21, 2024

View reviewed changes

test/kubernetes/e2e/tests/k8s_gw_tests.go Show resolved Hide resolved

davidjumani and others added 6 commits June 21, 2024 11:25

fix newline

f3c991f

use constants

5c0e9f5

Merge refs/heads/main into glooctl-check-kube

037ab2f

return early

603b43e

update comment

a0dcd52

Update error

406710a