adding probe worker

Signed-off-by: Phil Brookes <[email protected]>
Kuadrant · Oct 15, 2024 · 5eb982d · 5eb982d
1 parent c8bb5d6
commit 5eb982d
Show file tree

Hide file tree

Showing 16 changed files with 410 additions and 50 deletions.
diff --git a/Makefile b/Makefile
@@ -241,12 +241,14 @@ run: DIRTY=$(shell hack/check-git-dirty.sh || echo "unknown")
 run: manifests generate fmt vet ## Run a controller from your host.
 	go run -ldflags "-X main.gitSHA=${GIT_SHA} -X main.dirty=${DIRTY}" ./cmd/main.go --zap-devel --provider inmemory,aws,google,azure
 
+
 .PHONY: run-with-probes
-run-with-probes: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown") 
+run-with-probes: GIT_SHA=$(shell git rev-parse HEAD || echo "unknown")
 run-with-probes: DIRTY=$(shell hack/check-git-dirty.sh || echo "unknown")
 run-with-probes: manifests generate fmt vet ## Run a controller from your host.
 	go run -ldflags "-X main.gitSHA=${GIT_SHA} -X main.dirty=${DIRTY}" ./cmd/main.go --zap-devel --provider inmemory,aws,google,azure --enable-probes
 
+
 # If you wish built the manager image targeting other platforms you can use the --platform flag.
 # (i.e. docker build --platform linux/arm64 ). However, you must enable docker buildKit for it.
 # More info: https://docs.docker.com/develop/develop-images/build_enhancements/

diff --git a/api/v1alpha1/dnshealthcheckprobe_types.go b/api/v1alpha1/dnshealthcheckprobe_types.go
@@ -18,7 +18,6 @@ package v1alpha1
 
 import (
 	"fmt"
-	"time"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -27,13 +26,13 @@ import (
 type DNSHealthCheckProbeSpec struct {
 	// Port to connect to the host on. Must be either 80, 443 or 1024-49151
 	// +kubebuilder:validation:XValidation:rule="self in [80, 443] || (self >= 1024 && self <= 49151)",message="Only ports 80, 443, 1024-49151 are allowed"
-	Port *int `json:"port,omitempty"`
+	Port int `json:"port,omitempty"`
 	// Hostname is the value sent in the host header, to route the request to the correct service
 	// +kubebuilder:validation:Pattern=`^[a-z][a-z0-9\-]+\.([a-z][a-z0-9\-]+\.)*[a-z][a-z0-9\-]+$`
 	Hostname string `json:"hostname,omitempty"`
-	// IP Address to connect to the host on.
-	// +kubebuilder:validation:Pattern=`^[1-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?$`
-	IPAddress string `json:"ipAddress,omitempty"`
+	// Address to connect to the host on (IP Address (A Record) or hostname (CNAME)).
+	// +kubebuilder:validation:Pattern=`^([1-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]|[a-z][a-z0-9\-]+\.([a-z][a-z0-9\-]+\.)*[a-z][a-z0-9\-]+)?$`
+	Address string `json:"address,omitempty"`
 	// Path is the path to append to the host to reach the expected health check.
 	// Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common
 	// +kubebuilder:validation:Pattern=`^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$`
@@ -42,13 +41,13 @@ type DNSHealthCheckProbeSpec struct {
 	// +kubebuilder:validation:XValidation:rule="self in ['HTTP','HTTPS']",message="Only HTTP or HTTPS protocols are allowed"
 	Protocol Protocol `json:"protocol,omitempty"`
 	// Interval defines how frequently this probe should execute
-	Interval time.Duration `json:"interval,omitempty"`
+	Interval metav1.Duration `json:"interval,omitempty"`
 	// AdditionalHeadersRef refers to a secret that contains extra headers to send in the probe request, this is primarily useful if an authentication
 	// token is required by the endpoint.
 	AdditionalHeadersRef *AdditionalHeadersRef `json:"additionalHeadersRef,omitempty"`
 	// FailureThreshold is a limit of consecutive failures that must occur for a host to be considered unhealthy
 	// +kubebuilder:validation:XValidation:rule="self > 0",message="Failure threshold must be greater than 0"
-	FailureThreshold *int `json:"failureThreshold,omitempty"`
+	FailureThreshold int `json:"failureThreshold,omitempty"`
 	// AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate
 	// this is primarily used in development or testing environments
 	AllowInsecureCertificate bool `json:"allowInsecureCertificate,omitempty"`
@@ -104,7 +103,7 @@ func (p *DNSHealthCheckProbe) Default() {
 }
 
 func (p *DNSHealthCheckProbe) ToString() string {
-	return fmt.Sprintf("%v://%v:%v/%v", p.Spec.Protocol, p.Spec.Hostname, p.Spec.Port, p.Spec.Path)
+	return fmt.Sprintf("%v://%v:%v%v", p.Spec.Protocol, p.Spec.Hostname, p.Spec.Port, p.Spec.Path)
 }
 
 func init() {

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/bundle/manifests/dns-operator.clusterserviceversion.yaml b/bundle/manifests/dns-operator.clusterserviceversion.yaml
@@ -4,6 +4,26 @@ metadata:
   annotations:
     alm-examples: |-
       [
+        {
+          "apiVersion": "kuadrant.io/v1alpha1",
+          "kind": "DNSHealthCheckProbe",
+          "metadata": {
+            "name": "$NAME"
+          },
+          "spec": {
+            "additionalHeadersRef": {
+              "name": "headers"
+            },
+            "address": "192.168.0.16",
+            "allowInsecureCertificate": true,
+            "failureThreshold": 5,
+            "hostname": "test.com",
+            "interval": "60s",
+            "path": "/healthz",
+            "port": 443,
+            "protocol": "HTTPS"
+          }
+        },
         {
           "apiVersion": "kuadrant.io/v1alpha1",
           "kind": "DNSRecord",
@@ -38,7 +58,7 @@ metadata:
     capabilities: Basic Install
     categories: Integration & Delivery
     containerImage: quay.io/kuadrant/dns-operator:latest
-    createdAt: "2024-10-11T09:16:57Z"
+    createdAt: "2024-10-15T08:54:17Z"
     description: A Kubernetes Operator to manage the lifecycle of DNS resources
     operators.operatorframework.io/builder: operator-sdk-v1.33.0
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v4
@@ -50,7 +70,10 @@ spec:
   apiservicedefinitions: {}
   customresourcedefinitions:
     owned:
-    - kind: DNSHealthCheckProbe
+    - description: DNSHealthCheckProbe is the Schema for the dnshealthcheckprobes
+        API
+      displayName: DNSHealthCheckProbe
+      kind: DNSHealthCheckProbe
       name: dnshealthcheckprobes.kuadrant.io
       version: v1alpha1
     - description: DNSRecord is the Schema for the dnsrecords API

diff --git a/bundle/manifests/kuadrant.io_dnshealthcheckprobes.yaml b/bundle/manifests/kuadrant.io_dnshealthcheckprobes.yaml
@@ -59,6 +59,11 @@ spec:
                 required:
                 - name
                 type: object
+              address:
+                description: Address to connect to the host on (IP Address (A Record)
+                  or hostname (CNAME)).
+                pattern: ^([1-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]|[a-z][a-z0-9\-]+\.([a-z][a-z0-9\-]+\.)*[a-z][a-z0-9\-]+)?$
+                type: string
               allowInsecureCertificate:
                 description: |-
                   AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate
@@ -78,11 +83,6 @@ spec:
                 type: string
               interval:
                 description: Interval defines how frequently this probe should execute
-                format: int64
-                type: integer
-              ipAddress:
-                description: IP Address to connect to the host on.
-                pattern: ^[1-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?$
                 type: string
               path:
                 description: |-

diff --git a/charts/dns-operator/templates/manifests.yaml b/charts/dns-operator/templates/manifests.yaml
@@ -60,6 +60,11 @@ spec:
                 required:
                 - name
                 type: object
+              address:
+                description: Address to connect to the host on (IP Address (A Record)
+                  or hostname (CNAME)).
+                pattern: ^([1-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]|[a-z][a-z0-9\-]+\.([a-z][a-z0-9\-]+\.)*[a-z][a-z0-9\-]+)?$
+                type: string
               allowInsecureCertificate:
                 description: |-
                   AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate
@@ -79,11 +84,6 @@ spec:
                 type: string
               interval:
                 description: Interval defines how frequently this probe should execute
-                format: int64
-                type: integer
-              ipAddress:
-                description: IP Address to connect to the host on.
-                pattern: ^[1-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?$
                 type: string
               path:
                 description: |-

diff --git a/cmd/main.go b/cmd/main.go
@@ -36,6 +36,7 @@ import (
 
 	"github.com/kuadrant/dns-operator/api/v1alpha1"
 	"github.com/kuadrant/dns-operator/internal/controller"
+	"github.com/kuadrant/dns-operator/internal/probes"
 	"github.com/kuadrant/dns-operator/internal/provider"
 	_ "github.com/kuadrant/dns-operator/internal/provider/aws"
 	_ "github.com/kuadrant/dns-operator/internal/provider/azure"
@@ -158,9 +159,11 @@ func main() {
 	}
 
 	if dnsProbesEnabled {
+		workerManager := probes.NewWorkerManager()
 		if err = (&controller.DNSProbeReconciler{
-			Client: mgr.GetClient(),
-			Scheme: mgr.GetScheme(),
+			Client:        mgr.GetClient(),
+			Scheme:        mgr.GetScheme(),
+			WorkerManager: workerManager,
 		}).SetupWithManager(mgr, maxRequeueTime, validFor, minRequeueTime); err != nil {
 			setupLog.Error(err, "unable to create controller", "controller", "DNSProbe")
 			os.Exit(1)

diff --git a/config/crd/bases/kuadrant.io_dnshealthcheckprobes.yaml b/config/crd/bases/kuadrant.io_dnshealthcheckprobes.yaml
@@ -59,6 +59,11 @@ spec:
                 required:
                 - name
                 type: object
+              address:
+                description: Address to connect to the host on (IP Address (A Record)
+                  or hostname (CNAME)).
+                pattern: ^([1-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]|[a-z][a-z0-9\-]+\.([a-z][a-z0-9\-]+\.)*[a-z][a-z0-9\-]+)?$
+                type: string
               allowInsecureCertificate:
                 description: |-
                   AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate
@@ -78,11 +83,6 @@ spec:
                 type: string
               interval:
                 description: Interval defines how frequently this probe should execute
-                format: int64
-                type: integer
-              ipAddress:
-                description: IP Address to connect to the host on.
-                pattern: ^[1-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?\.[0-9][0-9]?[0-9]?$
                 type: string
               path:
                 description: |-

diff --git a/config/manifests/bases/dns-operator.clusterserviceversion.yaml b/config/manifests/bases/dns-operator.clusterserviceversion.yaml
@@ -15,6 +15,12 @@ spec:
   apiservicedefinitions: {}
   customresourcedefinitions:
     owned:
+    - description: DNSHealthCheckProbe is the Schema for the dnshealthcheckprobes
+        API
+      displayName: DNSHealthCheckProbe
+      kind: DNSHealthCheckProbe
+      name: dnshealthcheckprobes.kuadrant.io
+      version: v1alpha1
     - description: DNSRecord is the Schema for the dnsrecords API
       displayName: DNSRecord
       kind: DNSRecord

diff --git a/config/rbac/dnshealthcheckprobe_editor_role.yaml b/config/rbac/dnshealthcheckprobe_editor_role.yaml
@@ -0,0 +1,31 @@
+# permissions for end users to edit dnsrecords.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: clusterrole
+    app.kubernetes.io/instance: dnshealthcheckprobe-editor-role
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: dns-operator
+    app.kubernetes.io/part-of: dns-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: dnshealthcheckprobe-editor-role
+rules:
+- apiGroups:
+  - kuadrant.io
+  resources:
+  - dnshealthcheckprobes
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - kuadrant.io
+  resources:
+  - dnshealthcheckprobes/status
+  verbs:
+  - get
diff --git a/config/rbac/dnshealthcheckprobe_viewer_role.yaml b/config/rbac/dnshealthcheckprobe_viewer_role.yaml
@@ -0,0 +1,27 @@
+# permissions for end users to view dnsrecords.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: clusterrole
+    app.kubernetes.io/instance: dnshealthcheckprobe-viewer-role
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: dns-operator
+    app.kubernetes.io/part-of: dns-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: dnshealthcheckprobe-viewer-role
+rules:
+- apiGroups:
+  - kuadrant.io
+  resources:
+  - dnshealthcheckprobes
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - kuadrant.io
+  resources:
+  - dnshealthcheckprobes/status
+  verbs:
+  - get
diff --git a/config/samples/kuadrant.io_v1alpha1_dnshealthcheckprobe.yaml b/config/samples/kuadrant.io_v1alpha1_dnshealthcheckprobe.yaml
@@ -1,15 +1,15 @@
 apiVersion: kuadrant.io/v1alpha1
 kind: DNSHealthCheckProbe
 metadata:
-  name: dnsprobe-sample
+  name: $NAME
 spec:
   port: 443
-  hostname: "test.com"
-  ipAddress: "192.168.0.16"
-  path: "/"
-  protocol: "HTTPS"
-  interval: "60s"
-  additionalHeadersRef: 
-    name: "headersSecret"
+  hostname: test.com
+  address: 192.168.0.16
+  path: /healthz
+  protocol: HTTPS
+  interval: 60s
+  additionalHeadersRef:
+    name: headers
   failureThreshold: 5
   allowInsecureCertificate: True
diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml
@@ -1,4 +1,5 @@
 ## Append samples of your project ##
 resources:
 - kuadrant.io_v1alpha1_dnsrecord.yaml
+- kuadrant.io_v1alpha1_dnshealthcheckprobe.yaml
 #+kubebuilder:scaffold:manifestskustomizesamples
diff --git a/internal/controller/dnshealthcheckprobe_reconciler.go b/internal/controller/dnshealthcheckprobe_reconciler.go
@@ -12,12 +12,14 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/log"
 
 	"github.com/kuadrant/dns-operator/api/v1alpha1"
+	"github.com/kuadrant/dns-operator/internal/probes"
 )
 
 // DNSProbeReconciler reconciles a DNSRecord object
 type DNSProbeReconciler struct {
 	client.Client
-	Scheme *runtime.Scheme
+	Scheme        *runtime.Scheme
+	WorkerManager *probes.WorkerManager
 }
 
 //+kubebuilder:rbac:groups=kuadrant.io,resources=dnshealthcheckprobes,verbs=get;list;watch;create;update;patch;delete
@@ -29,7 +31,7 @@ func (r *DNSProbeReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c
 	ctx = log.IntoContext(ctx, baseLogger)
 	logger := baseLogger
 
-	logger.Info("TODO Reconciling DNSHealthCheckProbe")
+	logger.Info("Reconciling DNSHealthCheckProbe")
 
 	previous := &v1alpha1.DNSHealthCheckProbe{}
 	err := r.Client.Get(ctx, client.ObjectKey{Namespace: req.Namespace, Name: req.Name}, previous)
@@ -43,9 +45,8 @@ func (r *DNSProbeReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c
 	dnsProbe := previous.DeepCopy()
 	ctx, _ = r.setLoggerValues(ctx, baseLogger, dnsProbe)
 
-	log.FromContext(ctx).Info("TODO reconcile probe")
+	r.WorkerManager.EnsureProbeWorker(ctx, r.Client, dnsProbe)
 
-	//TODO reconcile probe
 	return ctrl.Result{}, nil
 }