From e2d90a1bf8fa8dcb422db3d6b67cfd7880c9f640 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophile=20Diot?= Date: Mon, 25 Nov 2024 14:55:43 +0100 Subject: [PATCH] fix: enhance logging and fix ingress class filtering logic in IngressController --- src/autoconf/IngressController.py | 78 ++++++++++++++++++++----------- 1 file changed, 52 insertions(+), 26 deletions(-) diff --git a/src/autoconf/IngressController.py b/src/autoconf/IngressController.py index 7c3c11d72..ebaaddea9 100644 --- a/src/autoconf/IngressController.py +++ b/src/autoconf/IngressController.py @@ -24,11 +24,17 @@ class IngressController(Controller): Configuration._default.ssl_ca_cert = ssl_ca_cert self.__corev1 = client.CoreV1Api() self.__networkingv1 = client.NetworkingV1Api() + self.__use_fqdn = getenv("USE_KUBERNETES_FQDN", "yes").lower() == "yes" - self.__ingress_class = getenv("KUBERNETES_INGRESS_CLASS", "") - self.__domain_name = getenv("KUBERNETES_DOMAIN_NAME", "cluster.local") self._logger.info(f"Using Pod {'FQDN' if self.__use_fqdn else 'IP'} as hostname") + self.__ingress_class = getenv("KUBERNETES_INGRESS_CLASS", "") + if self.__ingress_class: + self._logger.info(f"Using Ingress class: {self.__ingress_class}") + + self.__domain_name = getenv("KUBERNETES_DOMAIN_NAME", "cluster.local") + self._logger.info(f"Using domain name: {self.__domain_name}") + def _get_controller_instances(self) -> list: instances = [] pods = self.__corev1.list_pod_for_all_namespaces(watch=False).items @@ -45,14 +51,28 @@ class IngressController(Controller): services = [] ingresses = self.__networkingv1.list_ingress_for_all_namespaces(watch=False).items for ingress in ingresses: - if ingress.metadata.namespace in self._namespaces if self._namespaces else True: - services.append(ingress) + # Skip if ingress class doesn't match (when specified) + if self.__ingress_class: + ingress_class_name = getattr(ingress.spec, "ingress_class_name", None) + if ingress_class_name != self.__ingress_class: + continue + + # Skip if the namespace is not in the allowed namespaces (when specified) + if self._namespaces and ingress.metadata.namespace not in self._namespaces: + continue + + # Add the ingress to services if it passes all checks + services.append(ingress) return services def _to_instances(self, controller_instance) -> List[dict]: instance = { "name": controller_instance.metadata.name, - "hostname": f"{controller_instance.status.pod_ip.replace(".", "-")}.{controller_instance.metadata.namespace}.pod.{self.__domain_name}" if self.__use_fqdn else controller_instance.status.pod_ip, + "hostname": ( + f"{controller_instance.status.pod_ip.replace('.','-')}.{controller_instance.metadata.namespace}.pod.{self.__domain_name}" + if self.__use_fqdn + else controller_instance.status.pod_ip + ), "health": False, "type": "pod", "env": {}, @@ -111,7 +131,7 @@ class IngressController(Controller): elif not path.backend.service.port: self._logger.warning("Ignoring unsupported ingress rule without backend service port.") continue - elif not path.backend.service.port.number and not path.backend.service.port.name : + elif not path.backend.service.port.number and not path.backend.service.port.name: self._logger.warning("Ignoring unsupported ingress rule without backend service port number or name.") continue @@ -136,7 +156,7 @@ class IngressController(Controller): reverse_proxy_host = f"http://{path.backend.service.name}.{namespace}.svc.{self.__domain_name}" if port != 80: - reverse_proxy_host += f":{str(port)}" + reverse_proxy_host += f":{port}" service.update( { @@ -222,30 +242,36 @@ class IngressController(Controller): def __process_event(self, event): obj = event["object"] - metadata = obj.metadata if obj else None - - if metadata and self._namespaces and metadata.namespace not in self._namespaces: - return False - - annotations = metadata.annotations if metadata else None - data = getattr(obj, "data", None) if obj else None if not obj: return False + + if obj.metadata and self._namespaces and obj.metadata.namespace not in self._namespaces: + return False + + annotations = obj.metadata.annotations if obj.metadata else None + data = getattr(obj, "data", None) + + ret = False if obj.kind == "Pod": - return annotations and "bunkerweb.io/INSTANCE" in annotations - if obj.kind == "Ingress": + ret = annotations and "bunkerweb.io/INSTANCE" in annotations + elif obj.kind == "Ingress": if self.__ingress_class: - ingress_class_name = getattr(obj.spec, "ingressClassName", None) + ingress_class_name = getattr(obj.spec, "ingress_class_name", None) if not ingress_class_name or ingress_class_name != self.__ingress_class: - return False - return True - if obj.kind == "ConfigMap": - return annotations and "bunkerweb.io/CONFIG_TYPE" in annotations - if obj.kind == "Service": - return True - if obj.kind == "Secret": - return data and "tls.crt" in data and "tls.key" in data - return False + ret = False + else: + ret = True + elif obj.kind == "ConfigMap": + ret = annotations and "bunkerweb.io/CONFIG_TYPE" in annotations + elif obj.kind == "Service": + ret = True + elif obj.kind == "Secret": + ret = data and "tls.crt" in data and "tls.key" in data + + if ret: + self._logger.debug(f"Processing event {event['type']} for {obj.kind} {obj.metadata.name if obj.metadata else 'unknown'}") + + return ret def __watch(self, watch_type): w = watch.Watch()