From bb2285d5bd6e54d2b9bbc2665147781512df4c3c Mon Sep 17 00:00:00 2001 From: Michael Nairn Date: Fri, 8 Mar 2024 11:29:47 +0000 Subject: [PATCH] Update local-setup Update local-setup so it can be used for both an e2e test suite and local development setup. Adds commands to generate AWS and GCP dns provider configuration and credentials used by local-setup ``` make local-setup-aws-mz-clean local-setup-aws-mz-generate AWS_ZONE_ROOT_DOMAIN= AWS_DNS_PUBLIC_ZONE_ID= AWS_ACCESS_KEY_ID= AWS_SECRET_ACCESS_KEY= make local-setup-gcp-mz-clean local-setup-gcp-mz-generate GCP_ZONE_NAME= GCP_ZONE_DNS_NAME=GCP_GOOGLE='' ``` `make local-setup` will generate a ManagedZone for AWS and/or GCP depending on the correct configuration existing (Generated by the above commands). Update README --- Makefile | 23 +++++- README.md | 70 +++++++++--------- .../aws/aws-credentials.env.template | 3 + .../managedzone/aws/kustomization.yaml | 2 +- .../aws/managed-zone-config.env.template | 2 + .../gcp/gcp-credentials.env.template | 2 + .../managedzone/gcp/kustomization.yaml | 4 +- .../gcp/managed-zone-config.env.template | 2 + make/managedzones.mk | 73 +++++++++++++++++++ 9 files changed, 141 insertions(+), 40 deletions(-) create mode 100644 config/local-setup/managedzone/aws/aws-credentials.env.template create mode 100644 config/local-setup/managedzone/aws/managed-zone-config.env.template create mode 100644 config/local-setup/managedzone/gcp/gcp-credentials.env.template create mode 100644 config/local-setup/managedzone/gcp/managed-zone-config.env.template create mode 100644 make/managedzones.mk diff --git a/Makefile b/Makefile index 2770663..7feecbc 100644 --- a/Makefile +++ b/Makefile @@ -144,9 +144,26 @@ test-integration: manifests generate fmt vet envtest ## Run integration tests. KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./internal/controller... -tags=integration -coverprofile cover-integration.out .PHONY: local-setup -local-setup: $(KIND) ## Setup local development kind cluster and dependencies - $(MAKE) kind-delete-cluster - $(MAKE) kind-create-cluster +local-setup: DEPLOY=false +local-setup: TEST_NAMESPACE=dnstest +local-setup: $(KIND) ## Setup local development kind cluster, dependencies and optionally deploy the dns operator DEPLOY=false|true + @echo "local-setup: KIND_CLUSTER_NAME=${KIND_CLUSTER_NAME} DEPLOY=${DEPLOY} TEST_NAMESPACE=${TEST_NAMESPACE} " + @$(MAKE) -s kind-delete-cluster + @$(MAKE) -s kind-create-cluster + @$(MAKE) -s install + @$(KUBECTL) create namespace ${TEST_NAMESPACE} --dry-run=client -o yaml | $(KUBECTL) apply -f - + @$(MAKE) -s local-setup-managedzones TARGET_NAMESPACE=${TEST_NAMESPACE} + @if [ ${DEPLOY} = "true" ]; then\ + echo "local-setup: deploying operator to ${KIND_CLUSTER_NAME}";\ + $(MAKE) -s local-deploy;\ + echo "local-setup: waiting for dns operator deployments in namespace 'dns-operator-system'";\ + $(KUBECTL) -n dns-operator-system wait --timeout=60s --for=condition=Available deployments --all;\ + fi + @echo "local-setup: Check dns operator deployments" + $(KUBECTL) -n dns-operator-system get deployments + @echo "local-setup: Check managedzones" + $(KUBECTL) -n ${TEST_NAMESPACE} get managedzones + @echo "local-setup: Complete!!" .PHONY: local-deploy local-deploy: docker-build kind-load-image ## Deploy the dns operator into local kind cluster from the current code diff --git a/README.md b/README.md index 8d5f7b2..1e72d68 100644 --- a/README.md +++ b/README.md @@ -1,67 +1,70 @@ -# dns-operator -The DNS Operator is a kubernetes based controller responsible for reconciling DNS Record and Managed Zone custom resources. It interfaces with cloud DNS providers such as AWS and Google to bring the DNS zone into the state declared in these CRDs. +# DNS Operator + +The DNS Operator is a kubernetes based controller responsible for reconciling DNS Record and Managed Zone custom resources. It interfaces with cloud DNS providers such as AWS and Google to bring the DNS zone into the state declared in these CRDs. One of the key use cases the DNS operator solves, is allowing complex DNS routing strategies such as Geo and Weighted to be expressed allowing you to leverage DNS as the first layer of traffic management. In order to make these strategies valuable, it also works across multiple clusters allowing you to use a shared domain name balance traffic based on your requirements. ## Getting Started -You’ll need a Kubernetes cluster to run against. You can use [KIND](https://sigs.k8s.io/kind) to get a local cluster for testing, or run against a remote cluster. -**Note:** Your controller will automatically use the current context in your kubeconfig file (i.e. whatever cluster `kubectl cluster-info` shows). -### Running on the cluster -1. Install Instances of Custom Resources: +### Pre Setup -```sh -kubectl apply -f config/samples/ +#### Add DNS provider configuration + +**NOTE:** You can optionally skip this step but at least one ManagedZone will need to be configured and have valid credentials linked to use the DNS Operator. + +##### AWS Provider (Route53) +```bash +make local-setup-aws-mz-clean local-setup-aws-mz-generate AWS_ZONE_ROOT_DOMAIN= AWS_DNS_PUBLIC_ZONE_ID= AWS_ACCESS_KEY_ID= AWS_SECRET_ACCESS_KEY= ``` +More details about the AWS provider can be found [here](./docs/provider.md#aws-route-53-provider) -2. Build and push your image to the location specified by `IMG`: +##### GCP Provider -```sh -make docker-build docker-push IMG=/dns-operator:tag +```bash +make local-setup-gcp-mz-clean local-setup-gcp-mz-generate GCP_ZONE_NAME= GCP_ZONE_DNS_NAME= GCP_GOOGLE='' GCP_PROJECT_ID= ``` +More details about the GCP provider can be found [here](./docs/provider.md#google-cloud-dns-provider) -3. Deploy the controller to the cluster with the image specified by `IMG`: +### Running controller locally (default) +1. Create local environment(creates kind cluster) ```sh -make deploy IMG=/dns-operator:tag +make local-setup ``` -### Uninstall CRDs -To delete the CRDs from the cluster: +1. Run your controller (this will run in the foreground, so switch to a new terminal if you want to leave it running): ```sh -make uninstall +make run ``` -### Undeploy controller -UnDeploy the controller from the cluster: +### Running controller on the cluster +1. Create local environment(creates kind cluster) ```sh -make undeploy +make local-setup DEPLOY=true ``` -## Contributing -// TODO(user): Add detailed information on how you would like others to contribute to this project - -### How it works -This project aims to follow the Kubernetes [Operator pattern](https://kubernetes.io/docs/concepts/extend-kubernetes/operator/). +1. Verify controller deployment +```sh +kubectl logs -f deployments/dns-operator-controller-manager -n dns-operator-system +``` -It uses [Controllers](https://kubernetes.io/docs/concepts/architecture/controller/), -which provide a reconcile function responsible for synchronizing resources until the desired state is reached on the cluster. +### Running controller on existing cluster -### Test It Out -1. Install the CRDs into the cluster: +You’ll need a Kubernetes cluster to run against. You can use [KIND](https://sigs.k8s.io/kind) to get a local cluster for testing, or run against a remote cluster. +**Note:** Your controller will automatically use the current context in your kubeconfig file (i.e. whatever cluster `kubectl cluster-info` shows). +1. Apply Operator manifests ```sh -make install +kustomize build config/default | kubectl apply -f - ``` -2. Run your controller (this will run in the foreground, so switch to a new terminal if you want to leave it running): - +1. Verify controller deployment ```sh -make run +kubectl logs -f deployments/dns-operator-controller-manager -n dns-operator-system ``` -**NOTE:** You can also run this in one step by running: `make install run` +## Development ### Modifying the API definitions If you are editing the API definitions, generate the manifests such as CRs or CRDs using: @@ -89,4 +92,3 @@ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. - diff --git a/config/local-setup/managedzone/aws/aws-credentials.env.template b/config/local-setup/managedzone/aws/aws-credentials.env.template new file mode 100644 index 0000000..efc9f80 --- /dev/null +++ b/config/local-setup/managedzone/aws/aws-credentials.env.template @@ -0,0 +1,3 @@ +AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} +AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} +AWS_REGION=${AWS_REGION} diff --git a/config/local-setup/managedzone/aws/kustomization.yaml b/config/local-setup/managedzone/aws/kustomization.yaml index b69e4dd..daa87a1 100644 --- a/config/local-setup/managedzone/aws/kustomization.yaml +++ b/config/local-setup/managedzone/aws/kustomization.yaml @@ -31,7 +31,7 @@ replacements: kind: ConfigMap name: aws-managed-zone-config version: v1 - fieldPath: data.ZONE_ROOT_DOMAIN + fieldPath: data.AWS_ZONE_ROOT_DOMAIN targets: - select: kind: ManagedZone diff --git a/config/local-setup/managedzone/aws/managed-zone-config.env.template b/config/local-setup/managedzone/aws/managed-zone-config.env.template new file mode 100644 index 0000000..9e154b8 --- /dev/null +++ b/config/local-setup/managedzone/aws/managed-zone-config.env.template @@ -0,0 +1,2 @@ +AWS_DNS_PUBLIC_ZONE_ID=${AWS_DNS_PUBLIC_ZONE_ID} +AWS_ZONE_ROOT_DOMAIN=${AWS_ZONE_ROOT_DOMAIN} diff --git a/config/local-setup/managedzone/gcp/gcp-credentials.env.template b/config/local-setup/managedzone/gcp/gcp-credentials.env.template new file mode 100644 index 0000000..3a29ad7 --- /dev/null +++ b/config/local-setup/managedzone/gcp/gcp-credentials.env.template @@ -0,0 +1,2 @@ +GOOGLE=${GCP_GOOGLE} +PROJECT_ID=${GCP_PROJECT_ID} diff --git a/config/local-setup/managedzone/gcp/kustomization.yaml b/config/local-setup/managedzone/gcp/kustomization.yaml index a0e92cf..75671bf 100644 --- a/config/local-setup/managedzone/gcp/kustomization.yaml +++ b/config/local-setup/managedzone/gcp/kustomization.yaml @@ -20,7 +20,7 @@ replacements: kind: ConfigMap name: gcp-managed-zone-config version: v1 - fieldPath: data.ZONE_NAME + fieldPath: data.GCP_ZONE_NAME targets: - select: kind: ManagedZone @@ -31,7 +31,7 @@ replacements: kind: ConfigMap name: gcp-managed-zone-config version: v1 - fieldPath: data.ZONE_DNS_NAME + fieldPath: data.GCP_ZONE_DNS_NAME targets: - select: kind: ManagedZone diff --git a/config/local-setup/managedzone/gcp/managed-zone-config.env.template b/config/local-setup/managedzone/gcp/managed-zone-config.env.template new file mode 100644 index 0000000..63576e1 --- /dev/null +++ b/config/local-setup/managedzone/gcp/managed-zone-config.env.template @@ -0,0 +1,2 @@ +GCP_ZONE_NAME=${GCP_ZONE_NAME} +GCP_ZONE_DNS_NAME=${GCP_ZONE_DNS_NAME} diff --git a/make/managedzones.mk b/make/managedzones.mk new file mode 100644 index 0000000..0b08be4 --- /dev/null +++ b/make/managedzones.mk @@ -0,0 +1,73 @@ + +##@ ManagedZones + +## Targets to help configure ManagedZones for local-setup + +define patch-config + envsubst \ + < $1 \ + > $2 +endef + +ndef = $(if $(value $(1)),,$(error $(1) not set)) + +LOCAL_SETUP_AWS_MZ_CONFIG=config/local-setup/managedzone/aws/managed-zone-config.env +LOCAL_SETUP_AWS_MZ_CREDS=config/local-setup/managedzone/aws/aws-credentials.env +LOCAL_SETUP_GCP_MZ_CONFIG=config/local-setup/managedzone/gcp/managed-zone-config.env +LOCAL_SETUP_GCP_MZ_CREDS=config/local-setup/managedzone/gcp/gcp-credentials.env + +.PHONY: local-setup-aws-mz-generate +local-setup-aws-mz-generate: local-setup-aws-mz-config local-setup-aws-mz-credentials ## Generate AWS ManagedZone configuration and credentials for local-setup + +.PHONY: local-setup-aws-mz-clean +local-setup-aws-mz-clean: ## Remove AWS ManagedZone configuration and credentials + rm -f ${LOCAL_SETUP_AWS_MZ_CONFIG} + rm -f ${LOCAL_SETUP_AWS_MZ_CREDS} + +.PHONY: local-setup-aws-mz-config +local-setup-aws-mz-config: $(LOCAL_SETUP_AWS_MZ_CONFIG) +$(LOCAL_SETUP_AWS_MZ_CONFIG): + $(call ndef,AWS_DNS_PUBLIC_ZONE_ID) + $(call ndef,AWS_ZONE_ROOT_DOMAIN) + $(call patch-config,${LOCAL_SETUP_AWS_MZ_CONFIG}.template,${LOCAL_SETUP_AWS_MZ_CONFIG}) + +.PHONY: local-setup-aws-mz-credentials +local-setup-aws-mz-credentials: $(LOCAL_SETUP_AWS_MZ_CREDS) +$(LOCAL_SETUP_AWS_MZ_CREDS): + $(call ndef,AWS_ACCESS_KEY_ID) + $(call ndef,AWS_SECRET_ACCESS_KEY) + $(call patch-config,${LOCAL_SETUP_AWS_MZ_CREDS}.template,${LOCAL_SETUP_AWS_MZ_CREDS}) + +.PHONY: local-setup-gcp-mz-generate +local-setup-gcp-mz-generate: local-setup-gcp-mz-config local-setup-gcp-mz-credentials ## Generate GCP ManagedZone configuration and credentials for local-setup + +.PHONY: local-setup-gcp-mz-clean +local-setup-gcp-mz-clean: ## Remove GCP ManagedZone configuration and credentials + rm -f ${LOCAL_SETUP_GCP_MZ_CONFIG} + rm -f ${LOCAL_SETUP_GCP_MZ_CREDS} + +.PHONY: local-setup-gcp-mz-config +local-setup-gcp-mz-config: $(LOCAL_SETUP_GCP_MZ_CONFIG) +$(LOCAL_SETUP_GCP_MZ_CONFIG): + $(call ndef,GCP_ZONE_NAME) + $(call ndef,GCP_ZONE_DNS_NAME) + $(call patch-config,${LOCAL_SETUP_GCP_MZ_CONFIG}.template,${LOCAL_SETUP_GCP_MZ_CONFIG}) + +.PHONY: local-setup-gcp-mz-credentials +local-setup-gcp-mz-credentials: $(LOCAL_SETUP_GCP_MZ_CREDS) +$(LOCAL_SETUP_GCP_MZ_CREDS): + $(call ndef,GCP_GOOGLE) + $(call ndef,GCP_PROJECT_ID) + $(call patch-config,${LOCAL_SETUP_GCP_MZ_CREDS}.template,${LOCAL_SETUP_GCP_MZ_CREDS}) + +.PHONY: local-setup-managedzones +local-setup-managedzones: TARGET_NAMESPACE=dnstest +local-setup-managedzones: kustomize ## Create AWS and GCP managedzones in the 'TARGET_NAMESPACE' namespace + @if [[ -f "config/local-setup/managedzone/gcp/managed-zone-config.env" && -f "config/local-setup/managedzone/gcp/gcp-credentials.env" ]]; then\ + echo "local-setup: creating managedzone for gcp config and credentials in ${TARGET_NAMESPACE}";\ + ${KUSTOMIZE} build config/local-setup/managedzone/gcp | $(KUBECTL) -n ${TARGET_NAMESPACE} apply -f -;\ + fi + @if [[ -f "config/local-setup/managedzone/aws/managed-zone-config.env" && -f "config/local-setup/managedzone/aws/aws-credentials.env" ]]; then\ + echo "local-setup: creating managedzone for aws config and credentials in ${TARGET_NAMESPACE}";\ + ${KUSTOMIZE} build config/local-setup/managedzone/aws | $(KUBECTL) -n ${TARGET_NAMESPACE} apply -f -;\ + fi