Enhancements for CRDs and Svc type LB

azure-pipelines.yaml

@@ -32,6 +32,7 @@ variables:
   operatorImageName: 'f5networks/f5-cis-operator-devel'
   operatorBundleImageName: 'f5networks/f5-cis-operator-bundle-devel'
   operatorIndexImage: 'f5networks/f5-cis-operator-index-devel'
+  goVersion: 1.22.7
 
 stages:
 - stage: PreCheck

build-tools/Dockerfile.debian

@@ -1,4 +1,4 @@
-FROM golang:1.21 as builder
+FROM golang:1.22 as builder
 
 ARG REPOPATH=$GOPATH/src/github.com/F5Networks/k8s-bigip-ctlr
 ARG RUN_TESTS

build-tools/Dockerfile.debug

@@ -1,4 +1,4 @@
-FROM golang:1.21 as builder
+FROM golang:1.22 as builder
 
 ARG REPOPATH=$GOPATH/src/github.com/F5Networks/k8s-bigip-ctlr
 ARG RUN_TESTS

build-tools/Dockerfile.ubi

@@ -1,4 +1,4 @@
-FROM golang:1.21 as builder
+FROM golang:1.22 as builder
 
 ARG REPOPATH=$GOPATH/src/github.com/F5Networks/k8s-bigip-ctlr
 ARG RUN_TESTS

build-tools/rel-build.sh

@@ -16,7 +16,7 @@ RUN_TESTS=${RUN_TESTS:-1}
 if [ $RUN_TESTS -eq 1 ]; then
     go install github.com/onsi/ginkgo/v2/ginkgo
     go install github.com/onsi/gomega
-	  GO111MODULE=off
+	  GO111MODULE=on
 	  go get github.com/wadey/gocovmerge
 	  go get github.com/mattn/goveralls
     echo "Gathering unit test code coverage for 'release' build..."

config/apis/cis/v1/types.go

@@ -21,8 +21,10 @@ type VirtualServer struct {
 
 // VirtualServerStatus is the status of the VirtualServer resource.
 type VirtualServerStatus struct {
-	VSAddress string `json:"vsAddress,omitempty"`
-	StatusOk  string `json:"status,omitempty"`
+	VSAddress   string      `json:"vsAddress,omitempty"`
+	Status      string      `json:"status,omitempty"`
+	LastUpdated metav1.Time `json:"lastUpdated,omitempty"`
+	Error       string      `json:"error,omitempty"`
 }
 
 // VirtualServerSpec is the spec of the VirtualServer resource.
@@ -257,7 +259,10 @@ type IngressLink struct {
 
 // IngressLinkStatus is the status of the ingressLink resource.
 type IngressLinkStatus struct {
-	VSAddress string `json:"vsAddress,omitempty"`
+	VSAddress   string      `json:"vsAddress,omitempty"`
+	LastUpdated metav1.Time `json:"lastUpdated,omitempty"`
+	Error       string      `json:"error,omitempty"`
+	Status      string      `json:"status,omitempty"`
 }
 
 // IngressLinkSpec is Spec for IngressLink
@@ -297,8 +302,10 @@ type TransportServer struct {
 
 // TransportServerStatus is the status of the VirtualServer resource.
 type TransportServerStatus struct {
-	VSAddress string `json:"vsAddress,omitempty"`
-	StatusOk  string `json:"status,omitempty"`
+	VSAddress   string      `json:"vsAddress,omitempty"`
+	Status      string      `json:"status,omitempty"`
+	LastUpdated metav1.Time `json:"lastUpdated,omitempty"`
+	Error       string      `json:"error,omitempty"`
 }
 
 // TransportServerSpec is the spec of the VirtualServer resource.

docs/RELEASE-NOTES.rst

@@ -8,6 +8,9 @@ Added Functionality
 ```````````````````
 **What's new:**
     * CRD
+        * `Issue 3536 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3536>`_: Support CRD status for VS, TS and IngressLink
+        * Support for custom partition and Pool settings for ServiceTypeLB service. `Examples <https://github.com/F5Networks/k8s-bigip-ctlr/tree/2.x-master/docs/config_examples/customResource/serviceTypeLB>`_
+
 
 Bug Fixes
 ````````````
@@ -18,6 +21,8 @@ Bug Fixes
 * `Issue 3501 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3501>`_: CIS with oneconnect and TLS breaks some connections
 * Remove pool members of GTM when host removed or updated on transport server, ingresslink, and, service type lb
 * `Issue 3535 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3535>`_: CIS with namespace-label is not working correctly in multicluster mode
+* `Issue 3508 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3508>`_: Fix to disable default uid in F5 BIG-IP Controller Operator
+* Fix for handling resource deletion in case of multiple VS/TS sharing the service
 
 Upgrade notes
 ``````````````
@@ -50,8 +55,6 @@ Bug Fixes
 * `Issue 3396 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3396>`_: Fix adding pool members from external clusters in nodeportLocal mc mode
 * `Issue 3351 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3351>`_: improve message handling when getting HTTP/401 from AS3
 * Fix pool members not getting updated for VS/TS on re-deployment of application with different servicePort and targetPort.
-* `Issue 3508 <https://github.com/F5Networks/k8s-bigip-ctlr/issues/3508>`_: Fix to disable default uid in F5 BIG-IP Controller Operator
-
 
 Upgrade notes
 ``````````````

docs/config_examples/customResource/serviceTypeLB/README.md

@@ -42,6 +42,7 @@ Annotation supported for service type LoadBalancer:
 | cis.f5.com/policyName | Optional  | Name of Policy CR to attach profiles/policies defined in it.                                              | service-type-lb-with-policyname.yaml  |
 | cis.f5.com/ip         | Mandatory | Specify the ip address for the ltm virtual server.                                                        | example-service-type-lb-staic-ip.yaml |
 | cis.f5.com/host       | Optional  | Specify the hostname for configuring the WideIP pools on the GTM server, It works along with the EDNS CR. | service-type-lb-with-hostname.yaml    |
+| cis.f5.com/partition  | Optional  | The BIG-IP partition in which the Controller should create/update/delete objects for this ServiceTypeLB.  | service-type-lb-with-custom-partition.yaml    |
 
 Note:-
 

docs/config_examples/customResource/serviceTypeLB/ServiceTypeLBWithPoolSettings/policy-with-pool-settings.yaml

@@ -0,0 +1,18 @@
+apiVersion: cis.f5.com/v1
+kind: Policy
+metadata:
+  labels:
+    f5cr: "true"
+  name: test-policy
+  namespace: default
+spec:
+  poolSettings:
+    # reselectTries specifies the maximum number of attempts to find a responsive member for a connection
+    # Supported values: [0, 65535]
+    reselectTries: 1
+    # serviceDownAction specifies connection handling when member is non-responsive
+    # Supported values: “drop”, “none”, “reselect”, “reset”
+    serviceDownAction: reselect
+    # BIG-IP AS3 sets the connection rate to a newly-active member slowly during this interval (seconds)
+    # Supported values: [0, 900]
+    slowRampTime: 20

docs/config_examples/customResource/serviceTypeLB/ServiceTypeLBWithPoolSettings/service-type-lb-with-poolsettings-in-policycr.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    cis.f5.com/ip: 10.1.1.1
+    cis.f5.com/policyName: test-policy
+  labels:
+    app: svc-lb1
+  name: svc-lb1
+  namespace: default
+spec:
+  ports:
+    - name: svc-lb1-80
+      port: 80
+      protocol: TCP
+      targetPort: 80
+  selector:
+    app: svc-lb1
+  type: LoadBalancer

docs/config_examples/customResource/serviceTypeLB/service-type-lb-with-custom-partition.yaml

@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    cis.f5.com/ip: 10.10.1.66
+    cis.f5.com/partition: newPartition
+  labels:
+    app: svc-lb1
+  name: svc-lb1
+  namespace: default
+spec:
+  ports:
+    - name: svc-lb1-80
+      port: 80
+      protocol: TCP
+      targetPort: 80
+  selector:
+    app: svc-lb1
+  type: LoadBalancer

docs/config_examples/customResourceDefinitions/incubator/customresourcedefinitions.yml

@@ -425,6 +425,10 @@ spec:
                 status:
                   type: string
                   default: Pending
+                lastUpdated:
+                  type: string
+                error:
+                  type: string
       additionalPrinterColumns:
         - name: host
           type: string
@@ -806,6 +810,10 @@ spec:
                 status:
                   type: string
                   default: Pending
+                lastUpdated:
+                  type: string
+                error:
+                  type: string
       additionalPrinterColumns:
       - name: virtualServerAddress
         type: string
@@ -1027,6 +1035,13 @@ spec:
               properties:
                 vsAddress:
                   type: string
+                status:
+                  type: string
+                  default: pending
+                lastUpdated:
+                  type: string
+                error:
+                  type: string
       additionalPrinterColumns:
         - name: IPAMVSAddress
           type: string

go.mod

@@ -1,6 +1,6 @@
 module github.com/F5Networks/k8s-bigip-ctlr/v2
 
-go 1.21.12
+go 1.22.7
 
 require (
 	github.com/F5Networks/f5-ipam-controller v0.1.8

pkg/controller/backend.go

@@ -258,6 +258,8 @@ func (agent *Agent) agentWorker() {
 
 		if len(agent.incomingTenantDeclMap) == 0 {
 			log.Infof("%v[AS3] No tenants found in request", getRequestPrefix(rsConfig.reqId))
+			// notify resourceStatusUpdate response handler for resourcestatus update
+			agent.notifyRscStatusHandler(rsConfig.reqId, false)
 			agent.declUpdate.Unlock()
 			continue
 		}
@@ -357,10 +359,10 @@ func (agent *Agent) notifyRscStatusHandler(id int, overwriteCfg bool) {
 
 	rscUpdateMeta := resourceStatusMeta{
 		id,
-		make(map[string]struct{}),
+		make(map[string]tenantResponse),
 	}
 	for tenant := range agent.retryTenantDeclMap {
-		rscUpdateMeta.failedTenants[tenant] = struct{}{}
+		rscUpdateMeta.failedTenants[tenant] = agent.retryTenantDeclMap[tenant].tenantResponse
 	}
 	// If triggerred from retry block, process the previous successful request completely
 	if !overwriteCfg {

pkg/controller/controller.go

@@ -116,6 +116,7 @@ const (
 	LBServiceIPAMLabelAnnotation       = "cis.f5.com/ipamLabel"
 	LBServiceIPAnnotation              = "cis.f5.com/ip"
 	LBServiceHostAnnotation            = "cis.f5.com/host"
+	LBServicePartitionAnnotation       = "cis.f5.com/partition"
 	HealthMonitorAnnotation            = "cis.f5.com/health"
 	LBServicePolicyNameAnnotation      = "cis.f5.com/policyName"
 	LegacyHealthMonitorAnnotation      = "virtual-server.f5.com/health"

pkg/controller/informers.go

@@ -1127,11 +1127,21 @@ func (ctlr *Controller) enqueueUpdatedService(obj, cur interface{}, clusterName
 		}
 	}
 
+	// Check partition update for LoadBalancer service
+	partitionUpdate := false
+	if svc.Spec.Type == corev1.ServiceTypeLoadBalancer {
+		oldPartition, _ := svc.Annotations[LBServicePartitionAnnotation]
+		newPartition, _ := curSvc.Annotations[LBServicePartitionAnnotation]
+		if oldPartition != newPartition {
+			partitionUpdate = true
+		}
+	}
+
 	if (svc.Spec.Type != curSvc.Spec.Type && svc.Spec.Type == corev1.ServiceTypeLoadBalancer) ||
 		(svc.Spec.Type == corev1.ServiceTypeLoadBalancer && (svc.Annotations[LBServiceIPAnnotation] != curSvc.Annotations[LBServiceIPAnnotation] || svc.Annotations[LBServiceHostAnnotation] != curSvc.Annotations[LBServiceHostAnnotation])) ||
 		(svc.Annotations[LBServiceIPAMLabelAnnotation] != curSvc.Annotations[LBServiceIPAMLabelAnnotation]) ||
 		!reflect.DeepEqual(svc.Labels, curSvc.Labels) || !reflect.DeepEqual(svc.Spec.Ports, curSvc.Spec.Ports) ||
-		!reflect.DeepEqual(svc.Spec.Selector, curSvc.Spec.Selector) {
+		!reflect.DeepEqual(svc.Spec.Selector, curSvc.Spec.Selector) || partitionUpdate {
 		log.Debugf("Enqueueing Old Service: %v %v", svc, getClusterLog(clusterName))
 		key := &rqKey{
 			namespace:   svc.ObjectMeta.Namespace,

pkg/controller/informers_test.go

@@ -174,7 +174,7 @@ var _ = Describe("Informers Tests", func() {
 					VirtualServerAddress: "5.6.7.8",
 					SNAT:                 "none",
 				})
-			updatedStatusVS.Status.StatusOk = "OK"
+			updatedStatusVS.Status.Status = StatusOk
 			mockCtlr.enqueueUpdatedVirtualServer(updatedVS2, updatedStatusVS)
 			Expect(mockCtlr.resourceQueue.Len()).To(Equal(0), "VS status update should be skipped")
 
@@ -259,7 +259,7 @@ var _ = Describe("Informers Tests", func() {
 			// Verify TS status update event is not queued for processing
 			queueLen := mockCtlr.resourceQueue.Len()
 			updatedStatusTS := tsWithPartition.DeepCopy()
-			updatedStatusTS.Status.StatusOk = "Ok"
+			updatedStatusTS.Status.Status = StatusOk
 			mockCtlr.enqueueUpdatedTransportServer(tsWithPartition, updatedStatusTS)
 			Expect(mockCtlr.resourceQueue.Len()).To(Equal(queueLen), "TS status update should be skipped")
 

pkg/controller/multiClusterInformers.go

@@ -284,6 +284,13 @@ func (ctlr *Controller) setupAndStartHAClusterInformers(clusterName string) erro
 // updateMultiClusterInformers starts/stops the informers for the given namespace for external clusters including HA peer cluster
 func (ctlr *Controller) updateMultiClusterInformers(namespace string, startInformer bool) error {
 	for clusterName, config := range ctlr.multiClusterConfigs.ClusterConfigs {
+		// For local cluster maintain some placeholder value, as the informers are already maintained in the controller object
+		if clusterName == "" {
+			if ctlr.multiClusterPoolInformers[""] == nil {
+				ctlr.multiClusterPoolInformers[""] = make(map[string]*MultiClusterPoolInformer)
+			}
+			return nil
+		}
 		restClient := config.KubeClient.CoreV1().RESTClient()
 		// Setup informer with the namespace
 		if err := ctlr.addMultiClusterNamespacedInformers(clusterName, namespace, restClient, startInformer); err != nil {