Attach VSR to VS by labels

haywoodsh · haywoodsh · commit ba3cc9784cb9 · 2024-11-13T17:03:10.000Z
Signed-off-by: Haywood Shannon &lt;5781935+haywoodsh@users.noreply.github.com&gt;
diff --git a/config/crd/bases/k8s.nginx.org_virtualserverroutes.yaml b/config/crd/bases/k8s.nginx.org_virtualserverroutes.yaml
@@ -438,6 +438,55 @@ spec:
                       type: array
                     route:
                       type: string
+                    routeSelector:
+                      description: |-
+                        A label selector is a label query over a set of resources. The result of matchLabels and
+                        matchExpressions are ANDed. An empty label selector matches all objects. A null
+                        label selector matches no objects.
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: |-
+                              A label selector requirement is a selector that contains values, a key, and an operator that
+                              relates the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: |-
+                                  operator represents a key's relationship to a set of values.
+                                  Valid operators are In, NotIn, Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: |-
+                                  values is an array of string values. If the operator is In or NotIn,
+                                  the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                  the values array must be empty. This array is replaced during a strategic
+                                  merge patch.
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: |-
+                            matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                            map is equivalent to an element of matchExpressions, whose key field is "key", the
+                            operator is "In", and the values array contains only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
                     splits:
                       items:
                         description: Split defines a split.
diff --git a/config/crd/bases/k8s.nginx.org_virtualservers.yaml b/config/crd/bases/k8s.nginx.org_virtualservers.yaml
@@ -500,6 +500,55 @@ spec:
                       type: array
                     route:
                       type: string
+                    routeSelector:
+                      description: |-
+                        A label selector is a label query over a set of resources. The result of matchLabels and
+                        matchExpressions are ANDed. An empty label selector matches all objects. A null
+                        label selector matches no objects.
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: |-
+                              A label selector requirement is a selector that contains values, a key, and an operator that
+                              relates the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: |-
+                                  operator represents a key's relationship to a set of values.
+                                  Valid operators are In, NotIn, Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: |-
+                                  values is an array of string values. If the operator is In or NotIn,
+                                  the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                  the values array must be empty. This array is replaced during a strategic
+                                  merge patch.
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: |-
+                            matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                            map is equivalent to an element of matchExpressions, whose key field is "key", the
+                            operator is "In", and the values array contains only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
                     splits:
                       items:
                         description: Split defines a split.
diff --git a/deploy/crds.yaml b/deploy/crds.yaml
@@ -1338,6 +1338,55 @@ spec:
                       type: array
                     route:
                       type: string
+                    routeSelector:
+                      description: |-
+                        A label selector is a label query over a set of resources. The result of matchLabels and
+                        matchExpressions are ANDed. An empty label selector matches all objects. A null
+                        label selector matches no objects.
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: |-
+                              A label selector requirement is a selector that contains values, a key, and an operator that
+                              relates the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: |-
+                                  operator represents a key's relationship to a set of values.
+                                  Valid operators are In, NotIn, Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: |-
+                                  values is an array of string values. If the operator is In or NotIn,
+                                  the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                  the values array must be empty. This array is replaced during a strategic
+                                  merge patch.
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: |-
+                            matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                            map is equivalent to an element of matchExpressions, whose key field is "key", the
+                            operator is "In", and the values array contains only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
                     splits:
                       items:
                         description: Split defines a split.
@@ -2129,6 +2178,55 @@ spec:
                       type: array
                     route:
                       type: string
+                    routeSelector:
+                      description: |-
+                        A label selector is a label query over a set of resources. The result of matchLabels and
+                        matchExpressions are ANDed. An empty label selector matches all objects. A null
+                        label selector matches no objects.
+                      properties:
+                        matchExpressions:
+                          description: matchExpressions is a list of label selector
+                            requirements. The requirements are ANDed.
+                          items:
+                            description: |-
+                              A label selector requirement is a selector that contains values, a key, and an operator that
+                              relates the key and values.
+                            properties:
+                              key:
+                                description: key is the label key that the selector
+                                  applies to.
+                                type: string
+                              operator:
+                                description: |-
+                                  operator represents a key's relationship to a set of values.
+                                  Valid operators are In, NotIn, Exists and DoesNotExist.
+                                type: string
+                              values:
+                                description: |-
+                                  values is an array of string values. If the operator is In or NotIn,
+                                  the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                  the values array must be empty. This array is replaced during a strategic
+                                  merge patch.
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            required:
+                            - key
+                            - operator
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        matchLabels:
+                          additionalProperties:
+                            type: string
+                          description: |-
+                            matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                            map is equivalent to an element of matchExpressions, whose key field is "key", the
+                            operator is "In", and the values array contains only "value". The requirements are ANDed.
+                          type: object
+                      type: object
+                      x-kubernetes-map-type: atomic
                     splits:
                       items:
                         description: Split defines a split.
diff --git a/examples/custom-resources/cross-namespace-configuration/cafe-virtual-server.yaml b/examples/custom-resources/cross-namespace-configuration/cafe-virtual-server.yaml
@@ -8,7 +8,15 @@ spec:
   tls:
     secret: cafe-secret
   routes:
-  - path: /tea
-    route: tea/tea
-  - path: /coffee
-    route: coffee/coffee
+#  - path: /tea
+#    route: tea/tea
+#  - path: /coffee
+#    route: coffee/coffee
+#  - path: /coffee
+#    routeSelector:
+#      matchLabels:
+#       route: coffee
+  - path: /
+    routeSelector:
+      matchLabels:
+        app: cafe
diff --git a/examples/custom-resources/cross-namespace-configuration/coffee-virtual-server-route.yaml b/examples/custom-resources/cross-namespace-configuration/coffee-virtual-server-route.yaml
@@ -3,6 +3,9 @@ kind: VirtualServerRoute
 metadata:
   name: coffee
   namespace: coffee
+  labels:
+    route: coffee
+    app: cafe
 spec:
   host: cafe.example.com
   upstreams:
diff --git a/examples/custom-resources/cross-namespace-configuration/tea-virtual-server-route.yaml b/examples/custom-resources/cross-namespace-configuration/tea-virtual-server-route.yaml
@@ -3,6 +3,9 @@ kind: VirtualServerRoute
 metadata:
   name: tea
   namespace: tea
+  labels:
+#    route: tea
+    app: cafe
 spec:
   host: cafe.example.com
   upstreams:
diff --git a/internal/configs/virtualserver.go b/internal/configs/virtualserver.go
@@ -568,6 +568,12 @@ func (vsc *virtualServerConfigurator) GenerateVirtualServerConfig(
 				vsrPoliciesFromVs[name] = r.Policies
 			}
 
+			continue
+		} else if r.RouteSelector != nil {
+			selector := r.RouteSelector
+			glog.Infof("RouteSelector: %v", selector)
+
+			// get vsr name
 			continue
 		}
 
@@ -681,6 +687,7 @@ func (vsc *virtualServerConfigurator) GenerateVirtualServerConfig(
 			}
 			errorPageLocations = append(errorPageLocations, generateErrorPageLocations(errorPages.index, errorPages.pages)...)
 			vsrNamespaceName := fmt.Sprintf("%v/%v", vsr.Namespace, vsr.Name)
+			glog.Infof("vsrNamespaceName: %v", vsrNamespaceName)
 			// use the VirtualServer error pages if the route does not define any
 			if r.ErrorPages == nil {
 				if vsErrorPages, ok := vsrErrorPagesFromVs[vsrNamespaceName]; ok {
diff --git a/internal/k8s/configuration.go b/internal/k8s/configuration.go
@@ -2,6 +2,8 @@ package k8s
 
 import (
 	"fmt"
+	"github.com/golang/glog"
+	"k8s.io/apimachinery/pkg/labels"
 	"reflect"
 	"sort"
 	"strings"
@@ -570,6 +572,7 @@ func (c *Configuration) AddOrUpdateVirtualServerRoute(vsr *conf_v1.VirtualServer
 	if !c.hasCorrectIngressClass(vsr) {
 		delete(c.virtualServerRoutes, key)
 	} else {
+		glog.Infof("labels: %v", vsr.ObjectMeta.Labels)
 		validationError = c.virtualServerValidator.ValidateVirtualServerRoute(vsr)
 		if validationError != nil {
 			delete(c.virtualServerRoutes, key)
@@ -1636,32 +1639,57 @@ func (c *Configuration) buildVirtualServerRoutes(vs *conf_v1.VirtualServer) ([]*
 	var warnings []string
 
 	for _, r := range vs.Spec.Routes {
-		if r.Route == "" {
-			continue
-		}
+		if r.Route != "" {
+			vsrKey := r.Route
 
-		vsrKey := r.Route
+			// if route is defined without a namespace, use the namespace of VirtualServer.
+			if !strings.Contains(r.Route, "/") {
+				vsrKey = fmt.Sprintf("%s/%s", vs.Namespace, r.Route)
+			}
 
-		// if route is defined without a namespace, use the namespace of VirtualServer.
-		if !strings.Contains(r.Route, "/") {
-			vsrKey = fmt.Sprintf("%s/%s", vs.Namespace, r.Route)
-		}
+			vsr, exists := c.virtualServerRoutes[vsrKey]
 
-		vsr, exists := c.virtualServerRoutes[vsrKey]
-		if !exists {
-			warning := fmt.Sprintf("VirtualServerRoute %s doesn't exist or invalid", vsrKey)
-			warnings = append(warnings, warning)
-			continue
-		}
+			// if route is defined
+			if !exists {
+				warning := fmt.Sprintf("VirtualServerRoute %s doesn't exist or invalid", vsrKey)
+				warnings = append(warnings, warning)
+				continue
+			}
+
+			err := c.virtualServerValidator.ValidateVirtualServerRouteForVirtualServer(vsr, vs.Spec.Host, r.Path)
+			if err != nil {
+				warning := fmt.Sprintf("VirtualServerRoute %s is invalid: %v", vsrKey, err)
+				warnings = append(warnings, warning)
+				continue
+			}
+
+			vsrs = append(vsrs, vsr)
+		} else if r.RouteSelector != nil {
+			selector := &metav1.LabelSelector{
+				MatchLabels: r.RouteSelector.MatchLabels,
+			}
+			sel, err := metav1.LabelSelectorAsSelector(selector)
+
+			if err != nil {
+				warning := fmt.Sprintf("VirtualServerRoute LabelSelector %s is invalid: %v", selector, err)
+				warnings = append(warnings, warning)
+				continue
+			}
+			for vsrKey, vsr := range c.virtualServerRoutes {
+				if sel.Matches(labels.Set(vsr.ObjectMeta.Labels)) {
+					err := c.virtualServerValidator.ValidateVirtualServerRouteForVirtualServer(vsr, vs.Spec.Host, r.Path)
+					if err != nil {
+						warning := fmt.Sprintf("VirtualServerRoute %s is invalid: %v", vsrKey, err)
+						warnings = append(warnings, warning)
+						continue
+					}
+					glog.Infof("VirtualServerRoute %s found for label selector %v", vsrKey, selector)
+					vsrs = append(vsrs, vsr)
+				}
+			}
 
-		err := c.virtualServerValidator.ValidateVirtualServerRouteForVirtualServer(vsr, vs.Spec.Host, r.Path)
-		if err != nil {
-			warning := fmt.Sprintf("VirtualServerRoute %s is invalid: %v", vsrKey, err)
-			warnings = append(warnings, warning)
-			continue
 		}
 
-		vsrs = append(vsrs, vsr)
 	}
 
 	return vsrs, warnings
diff --git a/internal/k8s/handlers.go b/internal/k8s/handlers.go
@@ -215,7 +215,7 @@ func createVirtualServerRouteHandlers(lbc *LoadBalancerController) cache.Resourc
 
 			}
 
-			if !reflect.DeepEqual(oldVsr.Spec, curVsr.Spec) {
+			if !reflect.DeepEqual(oldVsr.Spec, curVsr.Spec) || !reflect.DeepEqual(oldVsr.Labels, curVsr.Labels) {
 				nl.Debugf(lbc.Logger, "VirtualServerRoute %v changed, syncing", curVsr.Name)
 				lbc.AddSyncQueue(curVsr)
 			}
diff --git a/pkg/apis/configuration/v1/types.go b/pkg/apis/configuration/v1/types.go
diff --git a/pkg/apis/configuration/validation/virtualserver.go b/pkg/apis/configuration/validation/virtualserver.go

Original file line number	Diff line number	Diff line change
`@@ -568,6 +568,12 @@ func (vsc *virtualServerConfigurator) GenerateVirtualServerConfig(`
`568`	`568`	`vsrPoliciesFromVs[name] = r.Policies`
`569`	`569`	`}`
`570`	`570`
	`571`	`+ continue`
	`572`	`+ } else if r.RouteSelector != nil {`
	`573`	`+ selector := r.RouteSelector`
	`574`	`+ glog.Infof("RouteSelector: %v", selector)`
	`575`	`+`
	`576`	`+ // get vsr name`
`571`	`577`	`continue`
`572`	`578`	`}`
`573`	`579`
`@@ -681,6 +687,7 @@ func (vsc *virtualServerConfigurator) GenerateVirtualServerConfig(`
`681`	`687`	`}`
`682`	`688`	`errorPageLocations = append(errorPageLocations, generateErrorPageLocations(errorPages.index, errorPages.pages)...)`
`683`	`689`	`vsrNamespaceName := fmt.Sprintf("%v/%v", vsr.Namespace, vsr.Name)`
	`690`	`+ glog.Infof("vsrNamespaceName: %v", vsrNamespaceName)`
`684`	`691`	`// use the VirtualServer error pages if the route does not define any`
`685`	`692`	`if r.ErrorPages == nil {`
`686`	`693`	`if vsErrorPages, ok := vsrErrorPagesFromVs[vsrNamespaceName]; ok {`
Original file line number	Diff line number	Diff line change
`@@ -215,7 +215,7 @@ func createVirtualServerRouteHandlers(lbc *LoadBalancerController) cache.Resourc`
`215`	`215`
`216`	`216`	`}`
`217`	`217`
`218`		`- if !reflect.DeepEqual(oldVsr.Spec, curVsr.Spec) {`
	`218`	`+ if !reflect.DeepEqual(oldVsr.Spec, curVsr.Spec) \|\| !reflect.DeepEqual(oldVsr.Labels, curVsr.Labels) {`
`219`	`219`	`nl.Debugf(lbc.Logger, "VirtualServerRoute %v changed, syncing", curVsr.Name)`
`220`	`220`	`lbc.AddSyncQueue(curVsr)`
`221`	`221`	`}`