Namespaced Group membership API

Currently Antrea supports ClusterGroup and namespaced Group
CRD, but only provides API for ClusterGroup membership.

This solution adds membership API for namespaced Group at
namespacedgroupmembers.controlplane.antrea.io. The group
association API is still available for both ClusterGroup and
namespaced Group.

Fixes antrea-io#5269

Signed-off-by: Qiyue Yao <yaoq@vmware.com>

hack/update-codegen-dockerized.sh

@@ -102,6 +102,7 @@ function generate_antrea_client_code {
     --plural-exceptions "AntreaNetworkPolicyStats:AntreaNetworkPolicyStats" \
     --plural-exceptions "AntreaClusterNetworkPolicyStats:AntreaClusterNetworkPolicyStats" \
     --plural-exceptions "ClusterGroupMembers:ClusterGroupMembers" \
+    --plural-exceptions "NamespacedGroupMembers:NamespacedGroupMembers" \
     --go-header-file hack/boilerplate/license_header.go.txt
 
   # Generate listers with K8s codegen tools.

pkg/apis/controlplane/register.go

@@ -56,6 +56,7 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 		&NetworkPolicyStatus{},
 		&NodeStatsSummary{},
 		&ClusterGroupMembers{},
+		&NamespacedGroupMembers{},
 		&PaginationGetOptions{},
 		&GroupAssociation{},
 		&IPGroupAssociation{},

pkg/apis/controlplane/types.go

@@ -106,6 +106,19 @@ type ClusterGroupMembers struct {
 	CurrentPage       int64
 }
 
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// NamespacedGroupMembers is a list of GroupMember objects or ipBlocks that are currently selected by a Group.
+type NamespacedGroupMembers struct {
+	metav1.TypeMeta
+	metav1.ObjectMeta
+	EffectiveMembers  []GroupMember
+	EffectiveIPBlocks []IPNet
+	TotalMembers      int64
+	TotalPages        int64
+	CurrentPage       int64
+}
+
 // +k8s:conversion-gen:explicit-from=net/url.Values
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 

pkg/apis/controlplane/v1beta2/register.go

@@ -71,6 +71,7 @@ func addKnownTypes(scheme *runtime.Scheme) error {
 		&NetworkPolicyStatus{},
 		&NodeStatsSummary{},
 		&ClusterGroupMembers{},
+		&NamespacedGroupMembers{},
 		&PaginationGetOptions{},
 		&GroupAssociation{},
 		&IPGroupAssociation{},

pkg/apis/controlplane/v1beta2/types.go

@@ -109,6 +109,21 @@ type ClusterGroupMembers struct {
 	CurrentPage       int64         `json:"currentPage" protobuf:"varint,6,opt,name=currentPage"`
 }
 
+// +genclient
+// +genclient:onlyVerbs=get
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// NamespacedGroupMembers is a list of GroupMember objects or ipBlocks that are currently selected by a Group.
+type NamespacedGroupMembers struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
+	EffectiveMembers  []GroupMember `json:"effectiveMembers" protobuf:"bytes,2,rep,name=effectiveMembers"`
+	EffectiveIPBlocks []IPNet       `json:"effectiveIPBlocks" protobuf:"bytes,3,rep,name=effectiveIPBlocks"`
+	TotalMembers      int64         `json:"totalMembers" protobuf:"varint,4,opt,name=totalMembers"`
+	TotalPages        int64         `json:"totalPages" protobuf:"varint,5,opt,name=totalPages"`
+	CurrentPage       int64         `json:"currentPage" protobuf:"varint,6,opt,name=currentPage"`
+}
+
 // +k8s:conversion-gen:explicit-from=net/url.Values
 // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
 

pkg/apiserver/apiserver.go

@@ -45,6 +45,7 @@ import (
 	"antrea.io/antrea/pkg/apiserver/registry/controlplane/egressgroup"
 	"antrea.io/antrea/pkg/apiserver/registry/controlplane/nodestatssummary"
 	"antrea.io/antrea/pkg/apiserver/registry/controlplane/supportbundlecollection"
+	"antrea.io/antrea/pkg/apiserver/registry/namespacedgroupmember"
 	"antrea.io/antrea/pkg/apiserver/registry/networkpolicy/addressgroup"
 	"antrea.io/antrea/pkg/apiserver/registry/networkpolicy/appliedtogroup"
 	"antrea.io/antrea/pkg/apiserver/registry/networkpolicy/clustergroupmember"
@@ -192,6 +193,7 @@ func installAPIGroup(s *APIServer, c completedConfig) error {
 	networkPolicyStorage := networkpolicy.NewREST(c.extraConfig.networkPolicyStore)
 	networkPolicyStatusStorage := networkpolicy.NewStatusREST(c.extraConfig.networkPolicyStatusController)
 	clusterGroupMembershipStorage := clustergroupmember.NewREST(c.extraConfig.networkPolicyController)
+	namespacedGroupMembershipStorage := namespacedgroupmember.NewREST(c.extraConfig.networkPolicyController)
 	groupAssociationStorage := groupassociation.NewREST(c.extraConfig.networkPolicyController)
 	ipGroupAssociationStorage := ipgroupassociation.NewREST(c.extraConfig.podInformer, c.extraConfig.eeInformer, c.extraConfig.networkPolicyController, c.extraConfig.networkPolicyController)
 	nodeStatsSummaryStorage := nodestatssummary.NewREST(c.extraConfig.statsAggregator)
@@ -208,6 +210,7 @@ func installAPIGroup(s *APIServer, c completedConfig) error {
 	cpv1beta2Storage["groupassociations"] = groupAssociationStorage
 	cpv1beta2Storage["ipgroupassociations"] = ipGroupAssociationStorage
 	cpv1beta2Storage["clustergroupmembers"] = clusterGroupMembershipStorage
+	cpv1beta2Storage["namespacedgroupmembers"] = namespacedGroupMembershipStorage
 	cpv1beta2Storage["egressgroups"] = egressGroupStorage
 	cpv1beta2Storage["supportbundlecollections"] = bundleCollectionStorage
 	cpv1beta2Storage["supportbundlecollections/status"] = bundleCollectionStatusStorage