Validate pod IP at entry

cmd/gateway/main.go

@@ -33,28 +33,38 @@ var (
 	)
 
 	gatewayClassName = flag.String("gatewayclass", "", gatewayClassNameUsage)
+
+	// Environment variables
+	podIP = os.Getenv("POD_IP")
 )
 
 func main() {
 	flag.Parse()
 
+	MustValidateArguments(
+		flag.CommandLine,
+		GatewayControllerParam(domain),
+		GatewayClassParam(),
+	)
+
+	if err := ValidatePodIP(podIP); err != nil {
+		fmt.Println(err.Error())
+		os.Exit(1)
+	}
+
 	logger := zap.New()
 	conf := config.Config{
 		GatewayCtlrName:  *gatewayCtlrName,
 		Logger:           logger,
 		GatewayClassName: *gatewayClassName,
+		PodIP:            podIP,
 	}
 
-	MustValidateArguments(
-		flag.CommandLine,
-		GatewayControllerParam(domain),
-		GatewayClassParam(),
-	)
-
 	logger.Info("Starting NGINX Kubernetes Gateway",
 		"version", version,
 		"commit", commit,
-		"date", date)
+		"date", date,
+	)
 
 	err := manager.Start(conf)
 	if err != nil {

cmd/gateway/setup.go

@@ -3,6 +3,7 @@ package main
 import (
 	"errors"
 	"fmt"
+	"net"
 	"os"
 	"regexp"
 	"strings"
@@ -27,6 +28,12 @@ type (
 		V   Validator
 		Key string
 	}
+
+	EnvValidator        func(string) error
+	EnvValidatorContext struct {
+		V   EnvValidator
+		Key string
+	}
 )
 
 func GatewayControllerParam(domain string) ValidatorContext {
@@ -120,3 +127,13 @@ func MustValidateArguments(flagset *flag.FlagSet, validators ...ValidatorContext
 		os.Exit(1)
 	}
 }
+
+func ValidatePodIP(podIP string) error {
+	if podIP == "" {
+		return errors.New("POD_IP environment variable must be set")
+	} else if net.ParseIP(podIP) == nil {
+		return fmt.Errorf("POD_IP '%s' must be a valid IP address", podIP)
+	}
+
+	return nil
+}

cmd/gateway/setup_test.go

@@ -263,4 +263,17 @@ var _ = Describe("Main", func() {
 			}) // should fail with invalid name
 		}) // gatewayclass validation
 	}) // CLI argument validation
+
+	Describe("environment variable validaton", func() {
+		It("should validate the POD_IP env var", func() {
+			// var not set
+			err := ValidatePodIP("")
+			Expect(err.Error()).To(ContainSubstring("must be set"))
+			// var set to invalid value
+			err = ValidatePodIP("invalid")
+			Expect(err.Error()).To(ContainSubstring("must be a valid"))
+			// var set to valid value
+			Expect(ValidatePodIP("1.2.3.4")).To(Succeed())
+		})
+	}) // environment variable validation
 }) // end Main

internal/config/config.go

@@ -13,4 +13,6 @@ type Config struct {
 	GatewayNsName types.NamespacedName
 	// GatewayClassName is the name of the GatewayClass resource that the Gateway will use.
 	GatewayClassName string
+	// PodIP is the IP address of this Pod.
+	PodIP string
 }

internal/manager/manager.go

@@ -136,6 +136,7 @@ func Start(cfg config.Config) error {
 		GatewayCtlrName:  cfg.GatewayCtlrName,
 		GatewayClassName: cfg.GatewayClassName,
 		Client:           mgr.GetClient(),
+		PodIP:            cfg.PodIP,
 		// FIXME(pleshakov) Make sure each component:
 		// (1) Has a dedicated named logger.
 		// (2) Get it from the Manager (the WithName is done here for all components).

internal/status/gateway.go

@@ -1,7 +1,6 @@
 package status
 
 import (
-	"os"
 	"sort"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -24,7 +23,11 @@ const (
 // FIXME(pleshakov): Be compliant with in the Gateway API.
 // Currently, we only support simple valid/invalid status per each listener.
 // Extend support to cover more cases.
-func prepareGatewayStatus(gatewayStatus state.GatewayStatus, transitionTime metav1.Time) v1beta1.GatewayStatus {
+func prepareGatewayStatus(
+	gatewayStatus state.GatewayStatus,
+	podIP string,
+	transitionTime metav1.Time,
+) v1beta1.GatewayStatus {
 	listenerStatuses := make([]v1beta1.ListenerStatus, 0, len(gatewayStatus.ListenerStatuses))
 
 	// FIXME(pleshakov) Maintain the order from the Gateway resource
@@ -50,14 +53,14 @@ func prepareGatewayStatus(gatewayStatus state.GatewayStatus, transitionTime meta
 	}
 
 	ipAddrType := v1beta1.IPAddressType
-	podIP := v1beta1.GatewayAddress{
+	gwPodIP := v1beta1.GatewayAddress{
 		Type:  &ipAddrType,
-		Value: os.Getenv("POD_IP"),
+		Value: podIP,
 	}
 
 	return v1beta1.GatewayStatus{
 		Listeners:  listenerStatuses,
-		Addresses:  []v1beta1.GatewayAddress{podIP},
+		Addresses:  []v1beta1.GatewayAddress{gwPodIP},
 		Conditions: nil, // FIXME(pleshakov) Create conditions for the Gateway resource.
 	}
 }

internal/status/gateway_test.go

@@ -14,7 +14,6 @@ import (
 )
 
 func TestPrepareGatewayStatus(t *testing.T) {
-	t.Setenv("POD_IP", "1.2.3.4")
 	ipAddrType := v1beta1.IPAddressType
 	podIP := v1beta1.GatewayAddress{
 		Type:  &ipAddrType,
@@ -51,7 +50,7 @@ func TestPrepareGatewayStatus(t *testing.T) {
 
 	g := NewGomegaWithT(t)
 
-	result := prepareGatewayStatus(status, transitionTime)
+	result := prepareGatewayStatus(status, "1.2.3.4", transitionTime)
 	g.Expect(helpers.Diff(expected, result)).To(BeEmpty())
 }
 

internal/status/updater.go

@@ -32,6 +32,8 @@ type UpdaterConfig struct {
 	GatewayCtlrName string
 	// GatewayClassName is the name of the GatewayClass resource.
 	GatewayClassName string
+	// PodIP is the IP address of this Pod.
+	PodIP string
 }
 
 // updaterImpl updates statuses of the Gateway API resources.
@@ -101,7 +103,7 @@ func (upd *updaterImpl) Update(ctx context.Context, statuses state.Statuses) {
 	if statuses.GatewayStatus != nil {
 		upd.update(ctx, statuses.GatewayStatus.NsName, &v1beta1.Gateway{}, func(object client.Object) {
 			gw := object.(*v1beta1.Gateway)
-			gw.Status = prepareGatewayStatus(*statuses.GatewayStatus, upd.cfg.Clock.Now())
+			gw.Status = prepareGatewayStatus(*statuses.GatewayStatus, upd.cfg.PodIP, upd.cfg.Clock.Now())
 		})
 	}