Skip to content

Commit

Permalink
Integrate checks for check-gke-ingress
Browse files Browse the repository at this point in the history
  • Loading branch information
ruixiansong committed May 25, 2023
1 parent 7d9c4fc commit 82c3d43
Show file tree
Hide file tree
Showing 4 changed files with 521 additions and 103 deletions.
18 changes: 17 additions & 1 deletion cmd/check-gke-ingress/app/command/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@ import (
"os"

"github.com/spf13/cobra"
"k8s.io/ingress-gce/cmd/check-gke-ingress/app/ingress"
"k8s.io/ingress-gce/cmd/check-gke-ingress/app/kube"
"k8s.io/ingress-gce/cmd/check-gke-ingress/app/report"
)

var (
Expand All @@ -38,7 +41,20 @@ var rootCmd = &cobra.Command{
fmt.Fprintf(os.Stderr, "Error parsing flags: %v", err)
os.Exit(1)
}
fmt.Println("Starting check-gke-ingress")
client, err := kube.NewClientSet(kubecontext, kubeconfig)
beconfigClient, err := kube.NewBackendConfigClientSet(kubecontext, kubeconfig)
feConfigClient, err := kube.NewFrontendConfigClientSet(kubecontext, kubeconfig)
if err != nil {
fmt.Fprintf(os.Stderr, "Error connecting to Kubernetes: %v", err)
os.Exit(1)
}
output := ingress.CheckAllIngresses(namespace, client, beconfigClient, feConfigClient)
res, err := report.JsonReport(&output)
if err != nil {
fmt.Fprintf(os.Stderr, "Error processing results: %v", err)
os.Exit(1)
}
fmt.Print(res)
},
}

Expand Down
167 changes: 167 additions & 0 deletions cmd/check-gke-ingress/app/ingress/ingress.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,167 @@
/*
Copyright 2023 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package ingress

import (
"context"
"fmt"
"os"
"reflect"
"runtime"

metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"k8s.io/ingress-gce/cmd/check-gke-ingress/app/report"
beconfigclient "k8s.io/ingress-gce/pkg/backendconfig/client/clientset/versioned"
feconfigclient "k8s.io/ingress-gce/pkg/frontendconfig/client/clientset/versioned"
)

func CheckAllIngresses(namespace string, client kubernetes.Interface, beconfigClient beconfigclient.Interface, feConfigClient feconfigclient.Interface) report.Report {
output := report.Report{
Resources: []*report.Resource{},
}

ingressList, err := client.NetworkingV1().Ingresses(namespace).List(context.TODO(), metav1.ListOptions{})
if err != nil {
fmt.Fprintf(os.Stderr, "Error listing ingresses: %v", err)
os.Exit(1)
}

ingressChecks := []ingressCheckFunc{
CheckIngressRule,
CheckL7ILBFrontendConfig,
CheckRuleHostOverwrite,
}

serviceChecks := []serviceCheckFunc{
CheckServiceExistence,
CheckBackendConfigAnnotation,
CheckAppProtocolAnnotation,
CheckL7ILBNegAnnotation,
}

feconfigChecks := []frontendConfigCheckFunc{CheckFrontendConfigExistence}

beconfigChecks := []backendConfigCheckFunc{
CheckBackendConfigExistence,
CheckHealthCheckTimeout,
}

for _, ingress := range ingressList.Items {

// Ingress related checks
ingressRes := &report.Resource{
Kind: "Ingress",
Namespace: ingress.Namespace,
Name: ingress.Name,
Checks: []*report.Check{},
}
ingressChecker := &IngressChecker{
client: client,
ingress: &ingress,
}

for _, check := range ingressChecks {
checkName, res, msg := check(ingressChecker)
addCheckResult(ingressRes, checkName, msg, res)
}

// FrontendConfig related checks
feconfigChecker := &FrontendConfigChecker{
client: feConfigClient,
namespace: ingress.Namespace,
name: ingress.Name,
}

for _, check := range feconfigChecks {
checkName, res, msg := check(feconfigChecker)
addCheckResult(ingressRes, checkName, msg, res)
}

// Get the names of the services referenced by the ingress.
svcNames := []string{}
if ingress.Spec.DefaultBackend != nil {
svcNames = append(svcNames, ingress.Spec.DefaultBackend.Service.Name)
}
if ingress.Spec.Rules != nil {
for _, rule := range ingress.Spec.Rules {
if rule.HTTP != nil {
for _, path := range rule.HTTP.Paths {
if path.Backend.Service != nil {
svcNames = append(svcNames, path.Backend.Service.Name)
}
}
}
}
}

// Service related checks
for _, svcName := range svcNames {
serviceChecker := &ServiceChecker{
namespace: ingress.Namespace,
name: svcName,
isL7ILB: isL7ILB(&ingress),
client: client,
}

for _, check := range serviceChecks {
checkName, res, msg := check(serviceChecker)
addCheckResult(ingressRes, checkName, msg, res)
}

// Get all the BackendConfigs referenced by the service.
beconfigNames := []string{}
if serviceChecker.beConfigs != nil {
if serviceChecker.beConfigs.Default != "" {
beconfigNames = append(beconfigNames, serviceChecker.beConfigs.Default)
}
for _, beconfig := range serviceChecker.beConfigs.Ports {
beconfigNames = append(beconfigNames, beconfig)
}
}
// BackendConfig related rules
for _, beconfigName := range beconfigNames {
beconfigChecker := &BackendConfigChecker{
namespace: ingress.Namespace,
name: beconfigName,
client: beconfigClient,
serviceName: svcName,
}

for _, check := range beconfigChecks {
checkName, res, msg := check(beconfigChecker)
addCheckResult(ingressRes, checkName, msg, res)
}
}
}
output.Resources = append(output.Resources, ingressRes)
}

return output
}

func addCheckResult(ingressRes *report.Resource, checkName, msg, res string) {
ingressRes.Checks = append(ingressRes.Checks, &report.Check{
Name: checkName,
Message: msg,
Result: res,
})
}

func getCheckName(check func()) string {
return runtime.FuncForPC(reflect.ValueOf(check).Pointer()).Name()
}
Loading

0 comments on commit 82c3d43

Please sign in to comment.