Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for GCE ingress class/provider #87

Open
bokjo opened this issue Oct 26, 2023 · 9 comments · May be fixed by #164
Open

Add support for GCE ingress class/provider #87

bokjo opened this issue Oct 26, 2023 · 9 comments · May be fixed by #164
Assignees
@sawsa307
Labels
kind/feature Categorizes issue or PR as related to a new feature. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.

Comments

@bokjo
Copy link

bokjo commented Oct 26, 2023

What would you like to be added: support for the GCE ingress provider

Why this is needed: to convert existing GCE ingress to the new GW API

Error while executing

ingress2gateway print
I1026 10:58:24.119436   48466 request.go:682] Waited for 1.049636692s due to client-side throttling, not priority and fairness, request: GET:https://XX.XX.XX.XX/apis/elasticsearch.k8s.elastic.co/v1beta1?timeout=32s
Error:


# Encountered 2 errors # spec.rules[0].http.paths[0].pathType: Invalid value: "ImplementationSpecific": unsupported path match type: ImplementationSpecific # spec.rules[0].http.paths[0].pathType: Invalid value: "ImplementationSpecific": unsupported path match type: ImplementationSpecific
Usage:
  ingress2gateway print [flags]

Flags:
  -A, --all-namespaces      If present, list the requested object(s) across all namespaces. Namespace in current context is ignored even
                            if specified with --namespace.
  -h, --help                help for print
      --input_file string   Path to the manifest file. When set, the tool will read ingresses from the file instead of reading from the cluster. Supported files are yaml and json
  -n, --namespace string    If present, the namespace scope for this CLI request
  -o, --output string       Output format. One of: (json, yaml) (default "yaml")
      --providers strings   If present, the tool will try to convert only resources related to the specified providers, supported values are [ingress-nginx kong] (default [ingress-nginx,kong])

the current ingress has the following YAML (Redacted info)

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    ingress.gcp.kubernetes.io/pre-shared-cert: mcrt-XXX,mcrt-YYY,mcrt-ZZZ
    ingress.kubernetes.io/backends: '{"k8s1-XXX":"HEALTHY"}'
    ingress.kubernetes.io/forwarding-rule: k8s2-fr-XXX
    ingress.kubernetes.io/https-forwarding-rule: k8s2-fs-XXX
    ingress.kubernetes.io/https-target-proxy: k8s2-ts-XXX
    ingress.kubernetes.io/redirect-url-map: k8s2-rm-XXX
    ingress.kubernetes.io/ssl-cert: mcrt-XXX,mcrt-YYY,mcrt-ZZZ
    ingress.kubernetes.io/target-proxy: k8s2-tp-XXX
    ingress.kubernetes.io/url-map: k8s2-um-XXX
    kubernetes.io/ingress.allow-http: "true"
    kubernetes.io/ingress.class: gce
    kubernetes.io/ingress.global-static-ip-name: ingress-gw-public-XXX
    networking.gke.io/managed-certificates: XXX,YYY,ZZZ
    networking.gke.io/v1beta1.FrontendConfig: default-frontend-config-XXX
  labels:
    app.kubernetes.io/managed-by: pulumi
  name: gke-ingress-XXX
spec:
  defaultBackend:
    service:
      name: istio-XXX
      port:
        number: 443
  rules:
  - host: '*.example.com'
    http:
      paths:
      - backend:
          service:
            name: istio-XXX
            port:
              number: 443
        path: /*
        pathType: ImplementationSpecific
  tls:
  - hosts:
    - XXX.example.com
    secretName: secret-XXX
  - hosts:
    - YYY.example.com
    secretName: secret-YYY
  - hosts:
    - ZZZ.example.com
    secretName: secret-ZZZ
status:
  loadBalancer:
    ingress:
    - ip: XX.XX.XX.XX
@bokjo bokjo added the kind/feature Categorizes issue or PR as related to a new feature. label Oct 26, 2023
@LiorLieberman LiorLieberman added the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Oct 31, 2023
@LiorLieberman
Copy link
Member

@spencerhance & @robscott can you relate to this issue? What it takes to support this, maybe one of the members from the community can pick it up?

@spencerhance
Copy link

Some initial thoughts...

The following GCP-specific stuff can be implemented fairly easily (not an exhaustive list):

  • kubernetes.io/ingress.class -> Gateway Class
  • kubernetes.io/ingress.global-static-ip-name -> Gateway NamedAddress
  • kubernetes.io/ingress.global-static-ip-name -> Gateway NamedAddress
  • ingress.gcp.kubernetes.io/pre-shared-cert -> Gateway TLS option networking.gke.io/pre-shared-certs

The other features require converting the FrontendConfig and BackendConfig CRDs to ServicePolicies. FC/BC are located in Ingress-gce and can be imported here. The ServicePolicy YAMLs are exported in gateway-api/config/servicepolicies/crd but we would have to export the go types as well so we can use the controller runtime client here.

I can definitely assist here (especially with the ServicePolicies).

@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 15, 2024
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle rotten
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Mar 16, 2024
@sawsa307
Copy link
Contributor

Hi @LiorLieberman I've talked to Rob, and I would like to work on this.

/assign

@sawsa307
Copy link
Contributor

/remove-lifecycle rotten

@k8s-ci-robot k8s-ci-robot removed the lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. label Mar 17, 2024
@LiorLieberman
Copy link
Member

Hey @sawsa307, thats awesome! Let me know if I can help with anything!

@sawsa307 sawsa307 mentioned this issue Mar 30, 2024
Merged
@sawsa307 sawsa307 linked a pull request Jun 22, 2024 that will close this issue
Draft
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jun 25, 2024
@LiorLieberman
Copy link
Member

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jun 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sawsa307 sawsa307

Labels
kind/feature Categorizes issue or PR as related to a new feature. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Import GCE resources sawsa307/ingress2gateway
6 participants
@bokjo @spencerhance @k8s-ci-robot @sawsa307 @k8s-triage-robot @LiorLieberman