Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pass through service spec values #271

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

willmostly
Copy link
Contributor

@willmostly willmostly commented Dec 3, 2024

Kubernetes supports several types of services. This change passes through arbitrary keys under service.spec, which allows specifying type-specific keys such as nodePort. The port and targetPort are autoconfigured to match the port specified in the gateway http-server configuration, and the selector is autoconfigured to match the deployment.

Suggested release note:

  • Set custom service attributes. Breaking change: the service node no longer uses type and port as a subfields. Define the service.spec instead.

@cla-bot cla-bot bot added the cla-signed label Dec 3, 2024
@willmostly willmostly force-pushed the will/arbitrary-service branch from 08aa1cd to aa770ff Compare December 3, 2024 21:42
@nineinchnick nineinchnick added the enhancement New feature or request label Dec 4, 2024
charts/gateway/values.yaml Outdated Show resolved Hide resolved
charts/gateway/templates/service.yaml Outdated Show resolved Hide resolved
charts/gateway/values.yaml Outdated Show resolved Hide resolved
charts/gateway/values.yaml Outdated Show resolved Hide resolved
@willmostly willmostly force-pushed the will/arbitrary-service branch 4 times, most recently from 10895a4 to 3ef3a48 Compare December 11, 2024 22:44
Copy link
Member

@nineinchnick nineinchnick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like adding these new test suites! Just a bunch of nitpicks remaining.

charts/gateway/values.yaml Outdated Show resolved Hide resolved
charts/gateway/values.yaml Outdated Show resolved Hide resolved
tests/gateway/test-https.yaml Show resolved Hide resolved
tests/gateway/test-nodeport.yaml Outdated Show resolved Hide resolved
tests/gateway/test-nodeport.yaml Outdated Show resolved Hide resolved
@willmostly willmostly force-pushed the will/arbitrary-service branch from 2019727 to f747b79 Compare December 13, 2024 21:12
charts/gateway/values.yaml Outdated Show resolved Hide resolved
charts/gateway/templates/tests/test-nodeport.yaml Outdated Show resolved Hide resolved
charts/gateway/templates/tests/test-connection.yaml Outdated Show resolved Hide resolved
charts/gateway/templates/deployment.yaml Outdated Show resolved Hide resolved
http-server.https.keystore.path: /etc/scratch/tls.pem

service:
spec:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're not reading any properties from this spec key, so if this test passes without these settings, it means it's not a good test. Should it be using different port numbers?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I outsmarted myself with this logic in charts/gateway/templates/test-nodeport.yaml:

        - |
          {{- if eq .Values.service.type "NodePort" }}
          [ "$(wget --no-check-certificate https://${NODE_IP}:{{ index .Values.service.ports 0 "nodePort"}}/entity/GATEWAY_BACKEND -O -)" = "[]" ] &&
          [ "$(wget http://${NODE_IP}:{{ index .Values.service.ports 1 "nodePort"}}/entity/GATEWAY_BACKEND -O -)" = "[]" ]
          {{- else }}
          echo non NodePort service type
          {{- end }}

the invalid key effectively disabled the test. I think this can be fixed by using serverConfig as the independent variable

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The values files using service.spec failed after the correction to connection-test.yaml to check if serverConfig.http-server.http[s].enabled = =true, so I think the test is now good

@willmostly willmostly force-pushed the will/arbitrary-service branch from f747b79 to 2020597 Compare December 17, 2024 22:08
Support  healthchecks for gateway configurations without http enabled.

Add tests for https and NodePort service with both https and http exposed.

Co-authored-by: Jan Waś <[email protected]>
@willmostly willmostly force-pushed the will/arbitrary-service branch from 2020597 to 36b728f Compare December 18, 2024 06:09
Copy link
Member

@nineinchnick nineinchnick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Almost there, just two nitpicks about testing.

- |
[ 1 = 1 ]
{{- if index .Values "config" "serverConfig" "http-server.https.enabled" -}}
&& [ "$(wget --no-check-certificate https://{{ include "trino-gateway.fullname" . }}:{{ index .Values "config" "serverConfig" "http-server.https.port"}}/entity/GATEWAY_BACKEND -O -)" = "[]" ]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The service name should be hardcoded here - it's ok, because it's a test. If we change anything in the chart and this test would start to fail, this verifies the test. Same for ports. What would happen if you'd set a service port different from http-server.https.port?

ports:
- protocol: TCP
name: request
nodePort: 30443
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that we don't verify if this node port is reachable. We could add an extra wget in the test-connection in a conditional block that'd only run if the service was of type NodePort.

@nineinchnick
Copy link
Member

@willmostly are you going to continue working on this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cla-signed enhancement New feature or request
Development

Successfully merging this pull request may close these issues.

2 participants