Skip to content

Commit 50ce85b

Browse files
Deydra71Deydra71
committed
[tlse] internal TLS support for telemetry aodh service
Creates the telemetry aodh route and svc overrides. Creates certs for k8s service of the service operator when spec.tls.endpoint.internal.enabled: true For a service like nova which talks to multiple service internal endpoints, this has to be set for each of them for, like: ~~~ customServiceConfig: | [keystone_authtoken] insecure = true [placement] insecure = true [neutron] insecure = true [glance] insecure = true [cinder] insecure = true ~~~ Depends-On: openstack-k8s-operators/lib-common#428 Depends-On: openstack-k8s-operators#620 Depends-On: openstack-k8s-operators/telemetry-operator#310 Depends-On: openstack-k8s-operators/telemetry-operator#327 Depends-On: openstack-k8s-operators/telemetry-operator#330 Signed-off-by: Veronika Fisarova <[email protected]>
1 parent 81a98c7 commit 50ce85b

File tree

10 files changed

+367
-88
lines changed

10 files changed

+367
-88
lines changed

apis/bases/core.openstack.org_openstackcontrolplanes.yaml

Lines changed: 149 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -15324,6 +15324,112 @@ spec:
1532415324
type: object
1532515325
telemetry:
1532615326
properties:
15327+
apiOverride:
15328+
properties:
15329+
route:
15330+
properties:
15331+
metadata:
15332+
properties:
15333+
annotations:
15334+
additionalProperties:
15335+
type: string
15336+
type: object
15337+
labels:
15338+
additionalProperties:
15339+
type: string
15340+
type: object
15341+
type: object
15342+
spec:
15343+
properties:
15344+
alternateBackends:
15345+
items:
15346+
properties:
15347+
kind:
15348+
enum:
15349+
- Service
15350+
- ""
15351+
type: string
15352+
name:
15353+
type: string
15354+
weight:
15355+
format: int32
15356+
maximum: 256
15357+
minimum: 0
15358+
type: integer
15359+
type: object
15360+
maxItems: 3
15361+
type: array
15362+
host:
15363+
maxLength: 253
15364+
pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$
15365+
type: string
15366+
path:
15367+
pattern: ^/
15368+
type: string
15369+
port:
15370+
properties:
15371+
targetPort:
15372+
anyOf:
15373+
- type: integer
15374+
- type: string
15375+
x-kubernetes-int-or-string: true
15376+
required:
15377+
- targetPort
15378+
type: object
15379+
subdomain:
15380+
maxLength: 253
15381+
pattern: ^([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*$
15382+
type: string
15383+
tls:
15384+
properties:
15385+
caCertificate:
15386+
type: string
15387+
certificate:
15388+
type: string
15389+
destinationCACertificate:
15390+
type: string
15391+
insecureEdgeTerminationPolicy:
15392+
type: string
15393+
key:
15394+
type: string
15395+
termination:
15396+
enum:
15397+
- edge
15398+
- reencrypt
15399+
- passthrough
15400+
type: string
15401+
required:
15402+
- termination
15403+
type: object
15404+
to:
15405+
properties:
15406+
kind:
15407+
enum:
15408+
- Service
15409+
- ""
15410+
type: string
15411+
name:
15412+
type: string
15413+
weight:
15414+
format: int32
15415+
maximum: 256
15416+
minimum: 0
15417+
type: integer
15418+
type: object
15419+
wildcardPolicy:
15420+
enum:
15421+
- None
15422+
- Subdomain
15423+
- ""
15424+
type: string
15425+
type: object
15426+
type: object
15427+
tls:
15428+
properties:
15429+
secretName:
15430+
type: string
15431+
type: object
15432+
type: object
1532715433
enabled:
1532815434
default: true
1532915435
type: boolean
@@ -15363,50 +15469,52 @@ spec:
1536315469
override:
1536415470
properties:
1536515471
service:
15366-
properties:
15367-
endpointURL:
15368-
type: string
15369-
metadata:
15370-
properties:
15371-
annotations:
15372-
additionalProperties:
15472+
additionalProperties:
15473+
properties:
15474+
endpointURL:
15475+
type: string
15476+
metadata:
15477+
properties:
15478+
annotations:
15479+
additionalProperties:
15480+
type: string
15481+
type: object
15482+
labels:
15483+
additionalProperties:
15484+
type: string
15485+
type: object
15486+
type: object
15487+
spec:
15488+
properties:
15489+
externalName:
1537315490
type: string
15374-
type: object
15375-
labels:
15376-
additionalProperties:
15491+
externalTrafficPolicy:
1537715492
type: string
15378-
type: object
15379-
type: object
15380-
spec:
15381-
properties:
15382-
externalName:
15383-
type: string
15384-
externalTrafficPolicy:
15385-
type: string
15386-
internalTrafficPolicy:
15387-
type: string
15388-
ipFamilyPolicy:
15389-
type: string
15390-
loadBalancerClass:
15391-
type: string
15392-
loadBalancerSourceRanges:
15393-
items:
15493+
internalTrafficPolicy:
1539415494
type: string
15395-
type: array
15396-
sessionAffinity:
15397-
type: string
15398-
sessionAffinityConfig:
15399-
properties:
15400-
clientIP:
15401-
properties:
15402-
timeoutSeconds:
15403-
format: int32
15404-
type: integer
15405-
type: object
15406-
type: object
15407-
type:
15408-
type: string
15409-
type: object
15495+
ipFamilyPolicy:
15496+
type: string
15497+
loadBalancerClass:
15498+
type: string
15499+
loadBalancerSourceRanges:
15500+
items:
15501+
type: string
15502+
type: array
15503+
sessionAffinity:
15504+
type: string
15505+
sessionAffinityConfig:
15506+
properties:
15507+
clientIP:
15508+
properties:
15509+
timeoutSeconds:
15510+
format: int32
15511+
type: integer
15512+
type: object
15513+
type: object
15514+
type:
15515+
type: string
15516+
type: object
15517+
type: object
1541015518
type: object
1541115519
type: object
1541215520
passwordSelector:

apis/core/v1beta1/conditions.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -108,6 +108,9 @@ const (
108108
// OpenStackControlPlaneTelemetryReadyCondition Status=True condition which indicates if OpenStack Telemetry service is configured and operational
109109
OpenStackControlPlaneTelemetryReadyCondition condition.Type = "OpenStackControlPlaneTelemetryReady"
110110

111+
// OpenStackControlPlaneExposeTelemetryReadyCondition Status=True condition which indicates if Telemetry is exposed via a route
112+
OpenStackControlPlaneExposeTelemetryReadyCondition condition.Type = "OpenStackControlPlaneExposeTelemetryReady"
113+
111114
// OpenStackControlPlaneServiceOverrideReadyCondition Status=True condition which indicates if OpenStack service override has created ok
112115
OpenStackControlPlaneServiceOverrideReadyCondition condition.Type = "OpenStackControlPlaneServiceOverrideReady"
113116

apis/core/v1beta1/openstackcontrolplane_types.go

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -605,6 +605,11 @@ type TelemetrySection struct {
605605
//+operator-sdk:csv:customresourcedefinitions:type=spec
606606
// Template - Overrides to use when creating the OpenStack Telemetry services
607607
Template telemetryv1.TelemetrySpec `json:"template,omitempty"`
608+
609+
// +kubebuilder:validation:Optional
610+
// +operator-sdk:csv:customresourcedefinitions:type=spec
611+
// APIOverride, provides the ability to override the generated manifest of several child resources.
612+
APIOverride Override `json:"apiOverride,omitempty"`
608613
}
609614

610615
// SwiftSection defines the desired state of Swift service

apis/core/v1beta1/zz_generated.deepcopy.go

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

apis/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ require (
2424
github.com/openstack-k8s-operators/ovn-operator/api v0.3.1-0.20240307150054-826f3260f9aa
2525
github.com/openstack-k8s-operators/placement-operator/api v0.3.1-0.20240307105529-ab602118fd5d
2626
github.com/openstack-k8s-operators/swift-operator/api v0.3.1-0.20240307114522-1fa027839890
27-
github.com/openstack-k8s-operators/telemetry-operator/api v0.3.1-0.20240307120415-25f01ea4a7fd
27+
github.com/openstack-k8s-operators/telemetry-operator/api v0.3.1-0.20240311060559-4ecd4f5c3961
2828
github.com/rabbitmq/cluster-operator/v2 v2.6.0
2929
k8s.io/api v0.28.7
3030
k8s.io/apimachinery v0.28.7

apis/go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -113,8 +113,8 @@ github.com/openstack-k8s-operators/placement-operator/api v0.3.1-0.2024030710552
113113
github.com/openstack-k8s-operators/placement-operator/api v0.3.1-0.20240307105529-ab602118fd5d/go.mod h1:PmT8kZ4JmtjHLAcsr9BNqD3gSSM9QrMLqokapSxaPJs=
114114
github.com/openstack-k8s-operators/swift-operator/api v0.3.1-0.20240307114522-1fa027839890 h1:jW8UefyCC49Xj/BCMy0LrKPD9CvNivWNwaIHCzPuWis=
115115
github.com/openstack-k8s-operators/swift-operator/api v0.3.1-0.20240307114522-1fa027839890/go.mod h1:GaoEq+SBg1xlafynZQEyK7wU0YMkajHEbig6J1CQjUo=
116-
github.com/openstack-k8s-operators/telemetry-operator/api v0.3.1-0.20240307120415-25f01ea4a7fd h1:4du2HsmcEZRc06Ams3FI9kQZDkcYg3FxeDXsfkx9jSg=
117-
github.com/openstack-k8s-operators/telemetry-operator/api v0.3.1-0.20240307120415-25f01ea4a7fd/go.mod h1:QUHaxzPPQ1OzWvG8BJIE+D1LSpm+bdv2yfrXHXiYQ+4=
116+
github.com/openstack-k8s-operators/telemetry-operator/api v0.3.1-0.20240311060559-4ecd4f5c3961 h1:YYeHx9q2/ohmCwezfdw+qDJywpSZVgo9Ud24Oyie2J4=
117+
github.com/openstack-k8s-operators/telemetry-operator/api v0.3.1-0.20240311060559-4ecd4f5c3961/go.mod h1:QUHaxzPPQ1OzWvG8BJIE+D1LSpm+bdv2yfrXHXiYQ+4=
118118
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
119119
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
120120
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=

0 commit comments

Comments
 (0)