Add support for load balancers and upgrade CRDs to v1 (!16) · Merge requests · paas-tools / operators / landb-operator

Jack Henschel requested to merge jack-lbaas into master Nov 04, 2021

This MR implements support for the new LBaaS feature. [1] Namely, if we want to our load balancer endpoints to be reachable from outside CERN network, they need to be added to the same LanDB set as the router nodes (ingress) so that they get the appropriate firewall openings.

The updated LanDB set looks like this:

- apiVersion: landb.operator.cern.ch/v1alpha1
  kind: LandbSet
  metadata:
    name: landb-sync-ingress-nodes
    namespace: openshift-cern-landb
  spec:
    domain: GPN
    labelSelector: router.cern.ch/request-external-firewall-opening-for-http-https=true
    loadbalancerLabelSelector: "" # will select all loadbalancer services
    loadbalancerNamespace: "" # will watch all namespaces
    setName: IT OKD webeos INGRESS NODES
    type: INTER

Additionally, this PR also upgrades the CRDs to v1, since v1beta will be removed in Kubernetes 1.22 [2].

Since this PR is quite large, I recommend reviewers to look at the individual commits.

[1] https://gitlab.cern.ch/webservices/webframeworks-planning/-/issues/638 [2] https://kubernetes.io/docs/reference/using-api/deprecation-guide/#customresourcedefinition-v122

Edited Nov 08, 2021 by Jack Henschel

Add support for load balancers and upgrade CRDs to v1

Merge request reports