Skip to content

Commit

Permalink
Merge pull request #2142 from songrx1997/gke-ingress-checker
Browse files Browse the repository at this point in the history
Integrate checks for check-gke-ingress
  • Loading branch information
k8s-ci-robot authored May 25, 2023
2 parents 58a41f3 + 57847f2 commit 73b2602
Show file tree
Hide file tree
Showing 4 changed files with 521 additions and 103 deletions.
18 changes: 17 additions & 1 deletion cmd/check-gke-ingress/app/command/root.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@ import (
"os"

"github.com/spf13/cobra"
"k8s.io/ingress-gce/cmd/check-gke-ingress/app/ingress"
"k8s.io/ingress-gce/cmd/check-gke-ingress/app/kube"
"k8s.io/ingress-gce/cmd/check-gke-ingress/app/report"
)

var (
Expand All @@ -38,7 +41,20 @@ var rootCmd = &cobra.Command{
fmt.Fprintf(os.Stderr, "Error parsing flags: %v", err)
os.Exit(1)
}
fmt.Println("Starting check-gke-ingress")
client, err := kube.NewClientSet(kubecontext, kubeconfig)
beconfigClient, err := kube.NewBackendConfigClientSet(kubecontext, kubeconfig)
feConfigClient, err := kube.NewFrontendConfigClientSet(kubecontext, kubeconfig)
if err != nil {
fmt.Fprintf(os.Stderr, "Error connecting to Kubernetes: %v", err)
os.Exit(1)
}
output := ingress.CheckAllIngresses(namespace, client, beconfigClient, feConfigClient)
res, err := report.JsonReport(&output)
if err != nil {
fmt.Fprintf(os.Stderr, "Error processing results: %v", err)
os.Exit(1)
}
fmt.Print(res)
},
}

Expand Down
167 changes: 167 additions & 0 deletions cmd/check-gke-ingress/app/ingress/ingress.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,167 @@
/*
Copyright 2023 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package ingress

import (
"context"
"fmt"
"os"
"reflect"
"runtime"

metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"k8s.io/ingress-gce/cmd/check-gke-ingress/app/report"
beconfigclient "k8s.io/ingress-gce/pkg/backendconfig/client/clientset/versioned"
feconfigclient "k8s.io/ingress-gce/pkg/frontendconfig/client/clientset/versioned"
)

func CheckAllIngresses(namespace string, client kubernetes.Interface, beconfigClient beconfigclient.Interface, feConfigClient feconfigclient.Interface) report.Report {
output := report.Report{
Resources: []*report.Resource{},
}

ingressList, err := client.NetworkingV1().Ingresses(namespace).List(context.TODO(), metav1.ListOptions{})
if err != nil {
fmt.Fprintf(os.Stderr, "Error listing ingresses: %v", err)
os.Exit(1)
}

ingressChecks := []ingressCheckFunc{
CheckIngressRule,
CheckL7ILBFrontendConfig,
CheckRuleHostOverwrite,
}

serviceChecks := []serviceCheckFunc{
CheckServiceExistence,
CheckBackendConfigAnnotation,
CheckAppProtocolAnnotation,
CheckL7ILBNegAnnotation,
}

feconfigChecks := []frontendConfigCheckFunc{CheckFrontendConfigExistence}

beconfigChecks := []backendConfigCheckFunc{
CheckBackendConfigExistence,
CheckHealthCheckTimeout,
}

for _, ingress := range ingressList.Items {

// Ingress related checks
ingressRes := &report.Resource{
Kind: "Ingress",
Namespace: ingress.Namespace,
Name: ingress.Name,
Checks: []*report.Check{},
}
ingressChecker := &IngressChecker{
client: client,
ingress: &ingress,
}

for _, check := range ingressChecks {
checkName, res, msg := check(ingressChecker)
addCheckResult(ingressRes, checkName, msg, res)
}

// FrontendConfig related checks
feconfigChecker := &FrontendConfigChecker{
client: feConfigClient,
namespace: ingress.Namespace,
name: ingress.Name,
}

for _, check := range feconfigChecks {
checkName, res, msg := check(feconfigChecker)
addCheckResult(ingressRes, checkName, msg, res)
}

// Get the names of the services referenced by the ingress.
svcNames := []string{}
if ingress.Spec.DefaultBackend != nil {
svcNames = append(svcNames, ingress.Spec.DefaultBackend.Service.Name)
}
if ingress.Spec.Rules != nil {
for _, rule := range ingress.Spec.Rules {
if rule.HTTP != nil {
for _, path := range rule.HTTP.Paths {
if path.Backend.Service != nil {
svcNames = append(svcNames, path.Backend.Service.Name)
}
}
}
}
}

// Service related checks
for _, svcName := range svcNames {
serviceChecker := &ServiceChecker{
namespace: ingress.Namespace,
name: svcName,
isL7ILB: isL7ILB(&ingress),
client: client,
}

for _, check := range serviceChecks {
checkName, res, msg := check(serviceChecker)
addCheckResult(ingressRes, checkName, msg, res)
}

// Get all the BackendConfigs referenced by the service.
beconfigNames := []string{}
if serviceChecker.beConfigs != nil {
if serviceChecker.beConfigs.Default != "" {
beconfigNames = append(beconfigNames, serviceChecker.beConfigs.Default)
}
for _, beconfig := range serviceChecker.beConfigs.Ports {
beconfigNames = append(beconfigNames, beconfig)
}
}
// BackendConfig related rules
for _, beconfigName := range beconfigNames {
beconfigChecker := &BackendConfigChecker{
namespace: ingress.Namespace,
name: beconfigName,
client: beconfigClient,
serviceName: svcName,
}

for _, check := range beconfigChecks {
checkName, res, msg := check(beconfigChecker)
addCheckResult(ingressRes, checkName, msg, res)
}
}
}
output.Resources = append(output.Resources, ingressRes)
}

return output
}

func addCheckResult(ingressRes *report.Resource, checkName, msg, res string) {
ingressRes.Checks = append(ingressRes.Checks, &report.Check{
Name: checkName,
Message: msg,
Result: res,
})
}

func getCheckName(check func()) string {
return runtime.FuncForPC(reflect.ValueOf(check).Pointer()).Name()
}
Loading

0 comments on commit 73b2602

Please sign in to comment.