-
Notifications
You must be signed in to change notification settings - Fork 170
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
It currently implements only one feature: NSG flow logs
- Loading branch information
Showing
8 changed files
with
250 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
48 changes: 48 additions & 0 deletions
48
pkg/operator/controllers/previewfeature/nsgflowlogs/nsgflowlogs.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
package nsgflowlogs | ||
|
||
// Copyright (c) Microsoft Corporation. | ||
// Licensed under the Apache License 2.0. | ||
|
||
import ( | ||
"context" | ||
|
||
aropreviewv1alpha1 "github.com/Azure/ARO-RP/pkg/operator/apis/preview.aro.openshift.io/v1alpha1" | ||
|
||
"github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/network" | ||
) | ||
|
||
func NewFeature(flowLogsClient network.FlowLogsClient) *nsgFlowLogsFeature { | ||
return &nsgFlowLogsFeature{ | ||
flowLogsClient: flowLogsClient, | ||
} | ||
} | ||
|
||
type nsgFlowLogsFeature struct { | ||
flowLogsClient network.FlowLogsClient | ||
} | ||
|
||
func (n *nsgFlowLogsFeature) Name() string { | ||
return "nsgFlowLogsFeature" | ||
} | ||
|
||
func (n *nsgFlowLogsFeature) Reconcile(ctx context.Context, instance *aropreviewv1alpha1.PreviewFeature) error { | ||
if instance.Spec.NSGFlowLogs == nil { | ||
return nil | ||
} | ||
|
||
if !instance.Spec.NSGFlowLogs.Enabled { | ||
return n.Disable(instance) | ||
} | ||
|
||
return n.Enable(instance) | ||
} | ||
|
||
func (n *nsgFlowLogsFeature) Enable(instance *aropreviewv1alpha1.PreviewFeature) error { | ||
// TODO: Implement | ||
return nil | ||
} | ||
|
||
func (n *nsgFlowLogsFeature) Disable(instance *aropreviewv1alpha1.PreviewFeature) error { | ||
// TODO: Implement | ||
return nil | ||
} |
102 changes: 102 additions & 0 deletions
102
pkg/operator/controllers/previewfeature/previewfeature_controller.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
package previewfeature | ||
|
||
// Copyright (c) Microsoft Corporation. | ||
// Licensed under the Apache License 2.0. | ||
|
||
import ( | ||
"context" | ||
|
||
"github.com/sirupsen/logrus" | ||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | ||
"k8s.io/client-go/kubernetes" | ||
ctrl "sigs.k8s.io/controller-runtime" | ||
"sigs.k8s.io/controller-runtime/pkg/builder" | ||
"sigs.k8s.io/controller-runtime/pkg/client" | ||
"sigs.k8s.io/controller-runtime/pkg/predicate" | ||
"sigs.k8s.io/controller-runtime/pkg/reconcile" | ||
|
||
aropreviewv1alpha1 "github.com/Azure/ARO-RP/pkg/operator/apis/preview.aro.openshift.io/v1alpha1" | ||
aroclient "github.com/Azure/ARO-RP/pkg/operator/clientset/versioned" | ||
"github.com/Azure/ARO-RP/pkg/operator/controllers" | ||
"github.com/Azure/ARO-RP/pkg/operator/controllers/previewfeature/nsgflowlogs" | ||
"github.com/Azure/ARO-RP/pkg/util/azureclient" | ||
"github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/network" | ||
"github.com/Azure/ARO-RP/pkg/util/clusterauthorizer" | ||
"github.com/Azure/go-autorest/autorest/azure" | ||
) | ||
|
||
type feature interface { | ||
Name() string | ||
Reconcile(ctx context.Context, instance *aropreviewv1alpha1.PreviewFeature) error | ||
} | ||
|
||
type Reconciler struct { | ||
log *logrus.Entry | ||
|
||
arocli aroclient.Interface | ||
kubernetescli kubernetes.Interface | ||
} | ||
|
||
func NewReconciler(log *logrus.Entry, arocli aroclient.Interface, kubernetescli kubernetes.Interface) *Reconciler { | ||
return &Reconciler{ | ||
log: log, | ||
arocli: arocli, | ||
kubernetescli: kubernetescli, | ||
} | ||
} | ||
|
||
// Reconcile reconciles ARO preview features | ||
func (r *Reconciler) Reconcile(ctx context.Context, request ctrl.Request) (ctrl.Result, error) { | ||
instance, err := r.arocli.PreviewV1alpha1().PreviewFeatures().Get(ctx, aropreviewv1alpha1.SingletonPreviewFeatureName, metav1.GetOptions{}) | ||
if err != nil { | ||
return reconcile.Result{}, err | ||
} | ||
|
||
// Get endpoints from operator | ||
azEnv, err := azureclient.EnvironmentFromName(instance.Spec.AZEnvironment) | ||
if err != nil { | ||
return reconcile.Result{}, err | ||
} | ||
|
||
resource, err := azure.ParseResourceID(instance.Spec.ResourceID) | ||
if err != nil { | ||
return reconcile.Result{}, err | ||
} | ||
|
||
// create refreshable authorizer from token | ||
authorizer, err := clusterauthorizer.NewAzRefreshableAuthorizer(ctx, r.log, &azEnv, r.kubernetescli) | ||
if err != nil { | ||
return reconcile.Result{}, err | ||
} | ||
|
||
flowLogsClient := network.NewFlowLogsClient(&azEnv, resource.SubscriptionID, authorizer) | ||
|
||
features := []feature{ | ||
nsgflowlogs.NewFeature(flowLogsClient), | ||
} | ||
|
||
err = nil | ||
for _, f := range features { | ||
thisErr := f.Reconcile(ctx, instance) | ||
if thisErr != nil { | ||
// Reconcile all features even if there is an error in some of them | ||
err = thisErr | ||
r.log.Errorf("error reconciling %q: %s", f.Name(), err) | ||
} | ||
} | ||
|
||
// Controller-runtime will requeue when err != nil | ||
return reconcile.Result{}, err | ||
} | ||
|
||
// SetupWithManager setup our manager | ||
func (r *Reconciler) SetupWithManager(mgr ctrl.Manager) error { | ||
aroPreviewFeaturePredicate := predicate.NewPredicateFuncs(func(o client.Object) bool { | ||
return o.GetName() == aropreviewv1alpha1.SingletonPreviewFeatureName | ||
}) | ||
|
||
return ctrl.NewControllerManagedBy(mgr). | ||
For(&aropreviewv1alpha1.PreviewFeature{}, builder.WithPredicates(aroPreviewFeaturePredicate)). | ||
Named(controllers.PreviewFeatureControllerName). | ||
Complete(r) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
package network | ||
|
||
// Copyright (c) Microsoft Corporation. | ||
// Licensed under the Apache License 2.0. | ||
|
||
import ( | ||
mgmtnetwork "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2020-08-01/network" | ||
"github.com/Azure/go-autorest/autorest" | ||
|
||
"github.com/Azure/ARO-RP/pkg/util/azureclient" | ||
) | ||
|
||
// FlowLogsClient is a minimal interface for azure FlowLogsClient | ||
type FlowLogsClient interface { | ||
FlowLogsClientAddons | ||
} | ||
|
||
type flowLogsClient struct { | ||
mgmtnetwork.FlowLogsClient | ||
} | ||
|
||
var _ FlowLogsClient = &flowLogsClient{} | ||
|
||
// NewFlowLogsClient creates a new FlowLogsClient | ||
func NewFlowLogsClient(environment *azureclient.AROEnvironment, tenantID string, authorizer autorest.Authorizer) FlowLogsClient { | ||
client := mgmtnetwork.NewFlowLogsClientWithBaseURI(environment.ResourceManagerEndpoint, tenantID) | ||
client.Authorizer = authorizer | ||
|
||
return &flowLogsClient{ | ||
FlowLogsClient: client, | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
package network | ||
|
||
// Copyright (c) Microsoft Corporation. | ||
// Licensed under the Apache License 2.0. | ||
|
||
import ( | ||
"context" | ||
|
||
mgmtnetwork "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2020-08-01/network" | ||
) | ||
|
||
// FlowLogsClientAddons contains addons to WatchersClient | ||
type FlowLogsClientAddons interface { | ||
CreateOrUpdateAndWait(ctx context.Context, resourceGroupName string, networkWatcherName string, flowLogName string, parameters mgmtnetwork.FlowLog) error | ||
} | ||
|
||
func (c *flowLogsClient) CreateOrUpdateAndWait(ctx context.Context, resourceGroupName string, networkWatcherName string, flowLogName string, parameters mgmtnetwork.FlowLog) error { | ||
future, err := c.FlowLogsClient.CreateOrUpdate(ctx, resourceGroupName, networkWatcherName, flowLogName, parameters) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
return future.WaitForCompletionRef(ctx, c.Client) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.