Disclaimer: this is a proof of concept.
This service provisions pods for which traffic needs to be routed through a pod-gateway.
The provisioning is event-driven using CloudEvents.
The event must be of type io.podgateway.client.pending and its content must specify the fields:
gateway_name(string)
The value must reference a valid pod-gateway's setGateway label/annotation value, as configured in its gateway-admission-controller.
More on the admission controller configuration here.
┌───────────────────┐
│ │
│ gtw mutating │
│ admission │
└─────┬─┬─┬────┬─┬─┬┘
│ │ │ │ │ │
┌─▼─┴─┴──┐ │ │ │ ┌────────────┐
│client │ │ │ │ │ │
┌───►│ │ ▼ │ │ │ gateway │
┌──────┐ │ │gtw=foo ├───┴─┴───┤ foo │
│ │ │ │ │ tunnel │ ├────►
│events│ ┌────────────┐ │ └───┬─┬──┘ │ │ │ │
│ │ │ │ │ │ │ │ │ │ │
│ │ │ provisioner├───┘ ┌───▼─┴──┐ │ │ └────────────┘
│ ├─►│ │ │client │ │ │
│ │ │ ├───────►│ │ ▼ │ ┌────────────┐
│ │ │ │ │gtw=bar ├─────┴───┤ │
│ │ │ ├───┐ │ │ tunnel │ gateway │
│ │ │ │ │ └─────┬──┘ │ │ bar ├────►
│ │ └────────────┘ │ │ │ │ │
│ │ │ ┌─────▼──┐ ▼ │ │
└──────┘ │ │client ├─────────┤ │
└───►│ │ tunnel └────────────┘
│gtw=bar │
│ │
└────────┘
cloudevents-podgateway-client-provisioner [--client-namespace=<client namespace>] [--client-command=<command>] [--client-image=<client container image>]As the only supported event spec is CloudEvents, a quickstart setup can be configured with Knative.
All of that will run in a local Kubernetes cluster.
Deploy a KinD cluster with Knative Eventing and Service components locally:
kn quickstart kindDeploy pod-gateways (e.g. named foo and bar):
helm upgrade --install -n gateway-system --create-namespace pod-gateway-foo angelnu/pod-gateway -f $deploydir/pod-gateway-foo-values.yaml --version 6.1.0
helm upgrade --install -n gateway-system --create-namespace pod-gateway-bar angelnu/pod-gateway -f $deploydir/pod-gateway-bar-values.yaml --version 6.1.0Deploy a Knative Broker for the CloudEvents:
kubectl apply -f deploy/namespace.yaml
kubectl apply -f deploy/broker.yamlDeploy the provisioner as a Knative Service:
kubectl apply -f deploy/rbac.yaml
kubectl apply -f deploy/service.yaml(optional) Deploy a CloudEvents dashboard:
kubectl apply -f deploy/cloudevents-player.yamland open the browser at http://cloudevents-player.client-system.127.0.0.1.sslip.io.
You can now send events of Type io.podgateway.client.pending, and specify the gateway for the client in a field gateway_name.
The value must reference an installed pod-gateway.
Specifically, the value must match the pod-gateway admission controller's
setGatewayLabelValue/setGatewayAnnotationValueflag.
For example:
- ID: generated
- Type:
io.podgateway.client.pending - Source:
mySource - SpecVersion: 1.0
- Message:
{ "gateway_name": "foo" }
The event will trigger (see here) the provisioner Service that will create the client pod.
Finally, the provisioner will notify the success or failure of that operation, with a io.podgateway.client.scheduling.done or io.podgateway.client.scheduling.failed event.
On success, The io.podgateway.client.scheduling.done event will contain Data of the client Pod just created, such as:
pod_namenamespace
On failure, The io.podgateway.client.scheduling.failed event will contain the related error message.
make buildmake publish/local