allow circuitrelay to be configured using a private swarm key

Signed-off-by: Oleg S <[email protected]>

Author: RobotSail

Dockerfile

@@ -1,6 +1,10 @@
 # Build the manager binary
 FROM golang:1.18 as builder
 
+# these are reasonable defaults which accommodate 90% of cases
+ARG arch=amd64
+ARG platform=linux
+
 WORKDIR /workspace
 # Copy the Go Modules manifests
 COPY go.mod go.mod
@@ -15,7 +19,7 @@ COPY api/ api/
 COPY controllers/ controllers/
 
 # Build
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o manager main.go
+RUN CGO_ENABLED=0 GOOS=${platform} GOARCH=${arch} go build -a -o manager main.go
 
 # Use distroless as minimal base image to package the manager binary
 # Refer to https://github.com/GoogleContainerTools/distroless for more details

Makefile

@@ -158,8 +158,9 @@ run: manifests generate fmt vet ## Run a controller from your host.
 	go run ./main.go
 
 .PHONY: docker-build
+# docker build -t ${IMG} . --build-arg arch=$(ARCH) --build-arg platform=$(OS)
 docker-build: ## Build docker image with the manager.
-	docker build -t ${IMG} .
+	docker build -t ${IMG} . 
 
 .PHONY: docker-push
 docker-push: ## Push docker image with the manager.

README.md

@@ -30,3 +30,13 @@ Once the values match your environment run the following.
 ```bash
 kubectl create -n default -f ifps.yaml
 ```
+
+### Running in KIND
+
+An easy way to test and modify changes to the operator is by running it in a local KIND cluster.
+To bootstrap a KIND cluster, you can run `hack/setup-kind-cluster.sh`, which will install all of the 
+required components to operate an IPFS cluster. 
+
+To deploy the operator in this repository into the cluster, you can run `hack/run-in-kind.sh` which
+will build the source code and inject it into the cluster.
+If you make subsequent changes, you will need to re-run `hack/run-in-kind.sh` in order to redeploy local changes. 

bundle/manifests/ipfs-operator.clusterserviceversion.yaml

@@ -22,7 +22,7 @@ metadata:
         }
       ]
     capabilities: Basic Install
-    createdAt: "2023-02-06T16:25:33Z"
+    createdAt: "2023-02-07T20:51:55Z"
     operators.operatorframework.io/builder: operator-sdk-v1.26.0
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
   name: ipfs-operator.v0.0.1

controllers/circuitrelay.go

@@ -0,0 +1,84 @@
+package controllers
+
+import (
+	"context"
+	"fmt"
+
+	clusterv1alpha1 "github.com/redhat-et/ipfs-operator/api/v1alpha1"
+	corev1 "k8s.io/api/core/v1"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+	ctrllog "sigs.k8s.io/controller-runtime/pkg/log"
+)
+
+func (r *IpfsClusterReconciler) EnsureCircuitRelay(ctx context.Context, m *clusterv1alpha1.IpfsCluster, secret *corev1.Secret) (err error) {
+	log := ctrllog.FromContext(ctx)
+	if err = r.createCircuitRelays(ctx, m, secret); err != nil {
+		return fmt.Errorf("cannot create circuit relays: %w", err)
+	}
+	// Check the status of circuit relays.
+	// wait for them to complte so we can determine announce addresses.
+	for _, relayName := range m.Status.CircuitRelays {
+		relay := clusterv1alpha1.CircuitRelay{}
+		relay.Name = relayName
+		relay.Namespace = m.Namespace
+		if err = r.Client.Get(ctx, client.ObjectKeyFromObject(&relay), &relay); err != nil {
+			return fmt.Errorf("could not lookup circuitRelay %q: %w", relayName, err)
+		}
+		if relay.Status.AddrInfo.ID == "" {
+			log.Info("relay is not ready yet. Will continue waiting.", "relay", relayName)
+			return fmt.Errorf("relay is not ready yet")
+		}
+	}
+	if err = r.Status().Update(ctx, m); err != nil {
+		return err
+	}
+	return nil
+}
+
+// createCircuitRelays Creates the necessary amount of circuit relays if any are missing.
+// FIXME: if we change the number of CircuitRelays, we should update
+// the IPFS config file as well.
+func (r *IpfsClusterReconciler) createCircuitRelays(
+	ctx context.Context,
+	instance *clusterv1alpha1.IpfsCluster,
+	secret *corev1.Secret,
+) error {
+	logger := log.FromContext(ctx, "context", "createCircuitRelays", "instance", instance)
+	// do nothing
+	if len(instance.Status.CircuitRelays) >= int(instance.Spec.Networking.CircuitRelays) {
+		logger.Info("we have enough circuitRelays, skipping creation")
+		// FIXME: handle scale-down of circuit relays
+		return nil
+	}
+	logger.Info("creating more circuitRelays")
+	// create the CircuitRelays
+	for i := 0; int32(i) < instance.Spec.Networking.CircuitRelays; i++ {
+		name := fmt.Sprintf("%s-%d", instance.Name, i)
+		relay := clusterv1alpha1.CircuitRelay{}
+		relay.Name = name
+		relay.Namespace = instance.Namespace
+		// include the private swarm key, if one is being provided
+		if secret != nil {
+			relay.Spec.SwarmKeyRef = &clusterv1alpha1.KeyRef{
+				KeyName:    KeySwarmKey,
+				SecretName: secret.Name,
+			}
+		}
+		if err := ctrl.SetControllerReference(instance, &relay, r.Scheme); err != nil {
+			return fmt.Errorf(
+				"cannot set controller reference for new circuitRelay: %w, circuitRelay: %s",
+				err, relay.Name,
+			)
+		}
+		if err := r.Create(ctx, &relay); err != nil {
+			return fmt.Errorf("cannot create new circuitRelay: %w", err)
+		}
+		instance.Status.CircuitRelays = append(instance.Status.CircuitRelays, relay.Name)
+	}
+	if err := r.Status().Update(ctx, instance); err != nil {
+		return err
+	}
+	return nil
+}

controllers/ipfscluster_controller.go

@@ -84,28 +84,6 @@ func (r *IpfsClusterReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 		return ctrl.Result{}, r.Update(ctx, instance)
 	}
 
-	if err = r.createCircuitRelays(ctx, instance); err != nil {
-		return ctrl.Result{}, fmt.Errorf("cannot create circuit relays: %w", err)
-	}
-
-	// Check the status of circuit relays.
-	// wait for them to complte so we can determine announce addresses.
-	for _, relayName := range instance.Status.CircuitRelays {
-		relay := clusterv1alpha1.CircuitRelay{}
-		relay.Name = relayName
-		relay.Namespace = instance.Namespace
-		if err = r.Client.Get(ctx, client.ObjectKeyFromObject(&relay), &relay); err != nil {
-			return ctrl.Result{Requeue: true}, fmt.Errorf("could not lookup circuitRelay %q: %w", relayName, err)
-		}
-		if relay.Status.AddrInfo.ID == "" {
-			log.Info("relay is not ready yet. Will continue waiting.", "relay", relayName)
-			return failResult, nil
-		}
-	}
-	if err = r.Status().Update(ctx, instance); err != nil {
-		return ctrl.Result{}, err
-	}
-
 	// Reconcile the tracked objects
 	err = r.createTrackedObjects(ctx, instance)
 	if err != nil {
@@ -137,6 +115,9 @@ func (r *IpfsClusterReconciler) createTrackedObjects(
 	if secret, err = r.EnsureSecretConfig(ctx, instance); err != nil {
 		return fmt.Errorf("failed to ensure secret config: %w", err)
 	}
+	if err = r.EnsureCircuitRelay(ctx, instance, secret); err != nil {
+		return fmt.Errorf("failed to ensure circuit relays: %w", err)
+	}
 	if relayPeers, relayStatic, err = r.EnsureRelayCircuitInfo(ctx, instance); err != nil {
 		return fmt.Errorf("could not retrieve information from the relay circuit: %w", err)
 	}
@@ -178,41 +159,6 @@ func (r *IpfsClusterReconciler) ensureIPFSCluster(
 	return nil, fmt.Errorf("failed to get Ipfs: %w", err)
 }
 
-// createCircuitRelays Creates the necessary amount of circuit relays if any are missing.
-// FIXME: if we change the number of CircuitRelays, we should update
-// the IPFS config file as well.
-func (r *IpfsClusterReconciler) createCircuitRelays(
-	ctx context.Context,
-	instance *clusterv1alpha1.IpfsCluster,
-) error {
-	// do nothing
-	if len(instance.Status.CircuitRelays) >= int(instance.Spec.Networking.CircuitRelays) {
-		// FIXME: handle scale-down of circuit relays
-		return nil
-	}
-	// create the CircuitRelays
-	for i := 0; int32(i) < instance.Spec.Networking.CircuitRelays; i++ {
-		name := fmt.Sprintf("%s-%d", instance.Name, i)
-		relay := clusterv1alpha1.CircuitRelay{}
-		relay.Name = name
-		relay.Namespace = instance.Namespace
-		if err := ctrl.SetControllerReference(instance, &relay, r.Scheme); err != nil {
-			return fmt.Errorf(
-				"cannot set controller reference for new circuitRelay: %w, circuitRelay: %s",
-				err, relay.Name,
-			)
-		}
-		if err := r.Create(ctx, &relay); err != nil {
-			return fmt.Errorf("cannot create new circuitRelay: %w", err)
-		}
-		instance.Status.CircuitRelays = append(instance.Status.CircuitRelays, relay.Name)
-	}
-	if err := r.Status().Update(ctx, instance); err != nil {
-		return err
-	}
-	return nil
-}
-
 // SetupWithManager sets up the controller with the Manager.
 func (r *IpfsClusterReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewControllerManagedBy(mgr).

controllers/scripts/config.go

@@ -4,14 +4,14 @@ import (
 	"bytes"
 	"encoding/json"
 	"fmt"
-	"log"
 	"math"
 	"strconv"
 	"text/template"
 
 	"github.com/alecthomas/units"
 	"github.com/ipfs/kubo/config"
 	"github.com/libp2p/go-libp2p/core/peer"
+	"sigs.k8s.io/controller-runtime/pkg/log"
 )
 
 type configureIpfsOpts struct {
@@ -175,10 +175,10 @@ func CreateConfigureScript(
 	}
 
 	if bootstrapAddrs != nil {
-		log.Printf("overriding bootstrap adders: %+v", bootstrapAddrs)
+		log.Log.Info("overriding bootstrap addresses", "bootstrapAddrs", bootstrapAddrs)
 		config.Bootstrap = bootstrapAddrs
 	} else {
-		log.Println("keeping bootstrap adders default")
+		log.Log.Info("keeping bootstrap adders default")
 	}
 
 	// convert config settings into json string

controllers/service.go

@@ -3,21 +3,22 @@ package controllers
 import (
 	"context"
 	"fmt"
-	"log"
 
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/intstr"
 	ctrl "sigs.k8s.io/controller-runtime"
 
 	clusterv1alpha1 "github.com/redhat-et/ipfs-operator/api/v1alpha1"
+	"sigs.k8s.io/controller-runtime/pkg/log"
 )
 
 // ensureServiceCluster Returns the existing IPFS cluster service object or an error.
 func (r *IpfsClusterReconciler) ensureServiceCluster(
 	ctx context.Context,
 	m *clusterv1alpha1.IpfsCluster,
 ) (*corev1.Service, error) {
+	logger := log.FromContext(ctx)
 	svcName := "ipfs-cluster-" + m.Name
 	svc := &corev1.Service{
 		ObjectMeta: metav1.ObjectMeta{
@@ -27,7 +28,7 @@ func (r *IpfsClusterReconciler) ensureServiceCluster(
 		},
 	}
 
-	log.Println("creating or updating svc")
+	logger.Info("creating or updating svc")
 	op, err := ctrl.CreateOrUpdate(ctx, r.Client, svc, func() error {
 		svc.Spec = corev1.ServiceSpec{}
 		svc.Spec.Ports = []corev1.ServicePort{
@@ -83,9 +84,9 @@ func (r *IpfsClusterReconciler) ensureServiceCluster(
 		return nil
 	})
 	if err != nil {
-		log.Printf("failed on operation %s\n", op)
+		logger.Error(err, "failed on operation", "operation", op)
 		return nil, fmt.Errorf("failed to create service: %w", err)
 	}
-	fmt.Printf("completed operation: %s\n", op)
+	logger.Info("completed operation", "operation", op)
 	return svc, nil
 }

controllers/serviceaccount.go

@@ -2,7 +2,8 @@ package controllers
 
 import (
 	"context"
-	"log"
+
+	"sigs.k8s.io/controller-runtime/pkg/log"
 
 	clusterv1alpha1 "github.com/redhat-et/ipfs-operator/api/v1alpha1"
 	corev1 "k8s.io/api/core/v1"
@@ -13,7 +14,8 @@ import (
 
 func (r *IpfsClusterReconciler) ensureSA(ctx context.Context, m *clusterv1alpha1.IpfsCluster) (*corev1.ServiceAccount,
 	error) {
-	log.Println("ensuring service account")
+	logger := log.FromContext(ctx)
+	logger.Info("ensuring service account")
 	// Define a new Service Account object
 	sa := &corev1.ServiceAccount{
 		ObjectMeta: metav1.ObjectMeta{
@@ -28,9 +30,9 @@ func (r *IpfsClusterReconciler) ensureSA(ctx context.Context, m *clusterv1alpha1
 		return nil
 	})
 	if err != nil {
-		log.Printf("could not create serviceOrUpdate service account: %s\n", err.Error())
+		logger.Error(err, "failed to create serviceaccount")
 		return nil, err
 	}
-	log.Println("completed operation:", res)
+	logger.Info("created serviceaccount", "result", res)
 	return sa, nil
 }