Add support for ingressLink

docs/cis-3.x/rbac/clusterrole.yaml

@@ -12,7 +12,7 @@ rules:
     resources: ["events", "services/status"]
     verbs: ["get", "list", "watch", "update", "create", "patch"]
   - apiGroups: ["cis.f5.com"]
-    resources: ["transportservers", "transportservers/status", "deployconfigs", "policies"]
+    resources: ["transportservers", "transportservers/status", "deployconfigs", "policies", "ingresslinks", "ingresslinks/status"]
     verbs: ["get", "list", "watch", "update", "patch"]
   - apiGroups: ["fic.f5.com"]
     resources: ["ipams", "ipams/status"]

docs/config_examples/customResource/IngressLink/ingressLink-with-iRule-reference-from-cm/ingresslink-with-iRule-reference-from-cm.yaml

@@ -0,0 +1,16 @@
+# Example of iRule reference from Central Manager
+# In order to reference an iRule created on Central Manager, provide the iRule in the following format
+# <iRule-name>:<version>, for example: proxyProtocolIrule:v1
+apiVersion: "cis.f5.com/v1"
+kind: IngressLink
+metadata:
+  name: nginx-ingress
+  namespace: nginx-ingress
+spec:
+  virtualServerAddress: "192.168.10.5"
+  host: cafe.example.com
+  iRules:
+    - "proxyProtocolIrule:v1"
+  selector:
+    matchLabels:
+      app: ingresslink

docs/config_examples/customResourceDefinitions/incubator/customresourcedefinitions.yml

@@ -870,7 +870,7 @@ spec:
                   type: array
                   items:
                     type: string
-                    pattern: '^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$'
+                    pattern: '(^\/[a-zA-Z]+([A-z0-9-_+]+\/)+([-A-z0-9_.:]+\/?)*$)|(^[a-zA-Z]+([A-z0-9-_+])*:[a-zA-Z]+([A-z0-9-_+])*$)'
                 selector:
                   properties:
                     matchLabels:

pkg/controller/as3PostManager.go

@@ -201,9 +201,13 @@ func createPoolDecl(cfg *ResourceConfig, app as3Application, shareNodes bool, te
 				log.Warningf("[AS3] virtualServer: %v, pool: %v, monitor: %v, bigIp reference feature is not supported with BIG-IP Next", cfg.Virtual.Name, v.Name, val.Name)
 			} else {
 				use := strings.Split(val.Name, "/")
-				monitor.Use = fmt.Sprintf("/%s/%s/%s",
-					tenant,
-					cfg.Virtual.Name,
+				// Full path is not supported with BIG-IP Next
+				//monitor.Use = fmt.Sprintf("/%s/%s/%s",
+				//	tenant,
+				//	cfg.Virtual.Name,
+				//	use[len(use)-1],
+				//)
+				monitor.Use = fmt.Sprintf("%s",
 					use[len(use)-1],
 				)
 				pool.Monitors = append(pool.Monitors, monitor)
@@ -246,8 +250,13 @@ func processIrulesForCRD(cfg *ResourceConfig, svc *as3Service) {
 			strings.HasSuffix(iRuleNoPort, HttpRedirectNoHostIRuleName) ||
 			strings.HasSuffix(iRuleName, TLSIRuleName) ||
 			strings.HasSuffix(iRuleName, ABPathIRuleName) {
-
 			IRules = append(IRules, iRuleName)
+		} else if len(strings.Split(v, ":")) == 2 {
+			cmIRule := strings.Split(v, ":")
+			iRule := &as3ResourcePointer{
+				CM: fmt.Sprintf("%s::%s", cmIRule[0], cmIRule[1]),
+			}
+			IRules = append(IRules, iRule)
 		} else {
 			irule := &as3ResourcePointer{
 				BigIP: v,

pkg/controller/controller.go

@@ -66,6 +66,7 @@ func NewController(params Params) *Controller {
 		managedResources: ManagedResources{
 			ManageCustomResources: true,
 			ManageTransportServer: true,
+			ManageIL:              true,
 		},
 		bigIpMap:   make(BigIpMap),
 		PostParams: PostParams{},

pkg/controller/types.go

@@ -947,6 +947,7 @@ type (
 	as3ResourcePointer struct {
 		BigIP string `json:"bigip,omitempty"`
 		Use   string `json:"use,omitempty"`
+		CM    string `json:"cm,omitempty"`
 	}
 
 	// as3Service maps to the following in AS3 Resources

pkg/controller/worker.go

@@ -3365,17 +3365,18 @@ func (ctlr *Controller) processIngressLink(
 			}
 		}
 		for _, rsName := range delRes {
-			var hostnames []string
-			if rsMap[rsName] != nil {
-				rsCfg, err := ctlr.resources.getResourceConfig(partition, rsName, BigIPLabel)
-				if err == nil {
-					hostnames = rsCfg.MetaData.hosts
-				}
-			}
+			// TODO: Uncomment the below code when ENDS is supported with 3.x
+			//var hostnames []string
+			//if rsMap[rsName] != nil {
+			//	rsCfg, err := ctlr.resources.getResourceConfig(partition, rsName, BigIPLabel)
+			//	if err == nil {
+			//		hostnames = rsCfg.MetaData.hosts
+			//	}
+			//}
 			ctlr.deleteVirtualServer(partition, rsName, bigipConfig)
-			if len(hostnames) > 0 {
-				ctlr.ProcessAssociatedExternalDNS(hostnames)
-			}
+			//if len(hostnames) > 0 {
+			//	ctlr.ProcessAssociatedExternalDNS(hostnames)
+			//}
 		}
 		ctlr.TeemData.Lock()
 		ctlr.TeemData.ResourceType.IngressLink[ingLink.Namespace]--
@@ -3463,21 +3464,23 @@ func (ctlr *Controller) processIngressLink(
 		if len(pool.Members) > 0 {
 			rsCfg.MetaData.Active = true
 		}
-		monitorName := fmt.Sprintf("%s_monitor", pool.Name)
-		rsCfg.Monitors = append(
-			rsCfg.Monitors,
-			Monitor{Name: monitorName, Partition: rsCfg.Virtual.Partition, Interval: 20,
-				Type: "http", Send: "GET /nginx-ready HTTP/1.1\r\n", Recv: "", Timeout: 10, TargetPort: targetPort})
-		pool.MonitorNames = append(pool.MonitorNames, MonitorName{Name: monitorName})
+		// TODO: Commented below monitor definition since TargetPort isn't supported yet with Bigip-Next
+		//monitorName := fmt.Sprintf("%s_monitor", pool.Name)
+		//rsCfg.Monitors = append(
+		//	rsCfg.Monitors,
+		//	Monitor{Name: monitorName, Partition: rsCfg.Virtual.Partition, Interval: 20,
+		//		Type: "http", Send: "GET /nginx-ready HTTP/1.1\r\n", Recv: "", Timeout: 10, TargetPort: targetPort})
+		//pool.MonitorNames = append(pool.MonitorNames, MonitorName{Name: monitorName})
 		rsCfg.Virtual.PoolName = pool.Name
 		rsCfg.Pools = append(rsCfg.Pools, pool)
 		// Update rsMap with ResourceConfigs created for the current ingresslink virtuals
 		rsMap[rsName] = rsCfg
-		var hostnames []string
-		hostnames = rsCfg.MetaData.hosts
-		if len(hostnames) > 0 {
-			ctlr.ProcessAssociatedExternalDNS(hostnames)
-		}
+		// TODO: Uncomment the following lines once CIS 3.x starts supporting EDNS
+		//var hostnames []string
+		//hostnames = rsCfg.MetaData.hosts
+		//if len(hostnames) > 0 {
+		//	ctlr.ProcessAssociatedExternalDNS(hostnames)
+		//}
 	}
 
 	return nil