Skip to content

Commit

Permalink
fix(meshloadbalancingstrategy): deprecate SourceIP and use Connection (
Browse files Browse the repository at this point in the history 
…#12111)

Signed-off-by: Lukasz Dziedziak <[email protected]>
Co-authored-by: Bart Smykla <[email protected]>
  • Loading branch information
@lukidzi @bartsmykla
lukidzi and bartsmykla authored Dec 2, 2024
1 parent 4fa5da8 commit 7a5db23
Show file tree
Hide file tree
Showing 22 changed files with 187 additions and 3 deletions.
9 changes: 9 additions & 0 deletions UPGRADE.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,15 @@ with `x.y.z` being the version you are planning to upgrade to.
If such a section does not exist, the upgrade you want to perform
does not have any particular instructions.

## Upgrade to `2.10.x`

### MeshLoadBalancingStrategy

#### Deprecation of `hashPolicies.type: SourceIP` and `maglev.type: SourceIP`

The documentation did not mention the `SourceIP` type, but it was possible to create a policy using it instead of `Connection`. Since `SourceIP`
is not a correct value, we have decided to deprecate it. If you are using `SourceIP` in your policy, please update it to use `Connection` instead.

## Upgrade to `2.9.x`

### MeshAccessLog
Expand Down
2 changes: 2 additions & 0 deletions app/kumactl/cmd/install/testdata/install-control-plane.defaults.golden.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3078,6 +3078,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down Expand Up @@ -3199,6 +3200,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down
2 changes: 2 additions & 0 deletions app/kumactl/cmd/install/testdata/install-control-plane.gateway-api-present.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3078,6 +3078,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down Expand Up @@ -3199,6 +3200,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down
2 changes: 2 additions & 0 deletions app/kumactl/cmd/install/testdata/install-control-plane.with-helm-set.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3098,6 +3098,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down Expand Up @@ -3219,6 +3220,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down
2 changes: 2 additions & 0 deletions app/kumactl/cmd/install/testdata/install-crds.all.golden.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4642,6 +4642,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down Expand Up @@ -4763,6 +4764,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down
2 changes: 2 additions & 0 deletions deployments/charts/kuma/crds/kuma.io_meshloadbalancingstrategies.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down Expand Up @@ -358,6 +359,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down
2 changes: 2 additions & 0 deletions docs/generated/openapi.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6609,6 +6609,7 @@ components:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down Expand Up @@ -6781,6 +6782,7 @@ components:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down
2 changes: 2 additions & 0 deletions docs/generated/raw/crds/kuma.io_meshloadbalancingstrategies.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down Expand Up @@ -358,6 +359,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down
37 changes: 36 additions & 1 deletion pkg/plugins/policies/meshloadbalancingstrategy/api/v1alpha1/deprecated.go
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,44 @@
package v1alpha1

import (
"fmt"

"github.com/kumahq/kuma/pkg/plugins/policies/core/jsonpatch/validators"
)

func (t *MeshLoadBalancingStrategyResource) Deprecations() []string {
return validators.TopLevelTargetRefDeprecations(t.Spec.TargetRef)
deprecations := validateHashPoliciesType(t.Spec.To)
deprecations = append(deprecations, validators.TopLevelTargetRefDeprecations(t.Spec.TargetRef)...)
return deprecations
}

func validateHashPoliciesType(confs []To) []string {
deprecations := []string{}
for ruleIdx, conf := range confs {
if conf.Default.LoadBalancer == nil {
continue
}

switch conf.Default.LoadBalancer.Type {
case RingHashType:
if conf.Default.LoadBalancer.RingHash == nil || conf.Default.LoadBalancer.RingHash.HashPolicies == nil {
continue
}
for lbIdx, lbConf := range *conf.Default.LoadBalancer.RingHash.HashPolicies {
if lbConf.Type == SourceIPType {
deprecations = append(deprecations, fmt.Sprintf("%s type for 'spec.to[%d].default.loadBalancer.ringHash.hashPolicies[%d].type' is deprecated, use %s instead", SourceIPType, ruleIdx, lbIdx, ConnectionType))
}
}
case MaglevType:
if conf.Default.LoadBalancer.Maglev == nil || conf.Default.LoadBalancer.Maglev.HashPolicies == nil {
continue
}
for lbIdx, lbConf := range *conf.Default.LoadBalancer.Maglev.HashPolicies {
if lbConf.Type == SourceIPType {
deprecations = append(deprecations, fmt.Sprintf("%s type for 'spec.to[%d].default.loadBalancer.maglev.hashPolicies[%d].type' is deprecated, use %s instead", SourceIPType, ruleIdx, lbIdx, ConnectionType))
}
}
}
}
return deprecations
}
3 changes: 2 additions & 1 deletion pkg/plugins/policies/meshloadbalancingstrategy/api/v1alpha1/meshloadbalancingstrategy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -197,13 +197,14 @@ type RingHash struct {
HashPolicies *[]HashPolicy `json:"hashPolicies,omitempty"`
}

// +kubebuilder:validation:Enum=Header;Cookie;SourceIP;QueryParameter;FilterState
// +kubebuilder:validation:Enum=Header;Cookie;Connection;SourceIP;QueryParameter;FilterState
type HashPolicyType string

const (
HeaderType HashPolicyType = "Header"
CookieType HashPolicyType = "Cookie"
ConnectionType HashPolicyType = "Connection"
SourceIPType HashPolicyType = "SourceIP"
QueryParameterType HashPolicyType = "QueryParameter"
FilterStateType HashPolicyType = "FilterState"
)
Expand Down
2 changes: 2 additions & 0 deletions pkg/plugins/policies/meshloadbalancingstrategy/api/v1alpha1/schema.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -199,6 +199,7 @@ properties:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down Expand Up @@ -314,6 +315,7 @@ properties:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down
2 changes: 1 addition & 1 deletion pkg/plugins/policies/meshloadbalancingstrategy/api/v1alpha1/validator.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -249,7 +249,7 @@ func validateHashPolicies(conf *[]HashPolicy) validators.ValidationError {
if policy.FilterState == nil {
verr.AddViolationAt(path.Field("filterState"), validators.MustBeDefined)
}
case ConnectionType:
case ConnectionType, SourceIPType:
if policy.Connection == nil {
verr.AddViolationAt(path.Field("connection"), validators.MustBeDefined)
}
Expand Down
4 changes: 4 additions & 0 deletions pkg/plugins/policies/meshloadbalancingstrategy/api/v1alpha1/validator_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,10 @@ to:
Field: "spec.to[0].default.loadBalancer.maglev.hashPolicies[1].cookie",
Message: "must be defined",
},
{
Field: "spec.to[0].default.loadBalancer.maglev.hashPolicies[2].connection",
Message: "must be defined",
},
{
Field: "spec.to[0].default.loadBalancer.maglev.hashPolicies[3].queryParameter",
Message: "must be defined",
Expand Down
2 changes: 2 additions & 0 deletions ...ugins/policies/meshloadbalancingstrategy/k8s/crd/kuma.io_meshloadbalancingstrategies.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down Expand Up @@ -358,6 +359,7 @@ spec:
enum:
- Header
- Cookie
- Connection
- SourceIP
- QueryParameter
- FilterState
Expand Down
15 changes: 15 additions & 0 deletions ...gins/runtime/k8s/webhooks/testdata/validation/cli-user_create_mtlbs.federated.golden.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
Patches: null
allowed: false
status:
code: 403
details:
causes:
- field: metadata.labels[kuma.io/origin]
message: cannot be empty
reason: FieldValueInvalid
message: Operation not allowed. Applying policies on Zone CP requires 'kuma.io/origin'
label to be set to 'zone'.
metadata: {}
reason: Forbidden
status: Failure
uid: "12345"
11 changes: 11 additions & 0 deletions ...plugins/runtime/k8s/webhooks/testdata/validation/cli-user_create_mtlbs.global.golden.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
Patches: null
allowed: true
status:
code: 200
metadata: {}
uid: "12345"
warnings:
- SourceIP type for 'spec.to[0].default.loadBalancer.ringHash.hashPolicies[0].type'
is deprecated, use Connection instead
- MeshService value for 'targetRef.kind' is deprecated, use MeshSubset with 'kuma.io/service'
tag instead
23 changes: 23 additions & 0 deletions pkg/plugins/runtime/k8s/webhooks/testdata/validation/cli-user_create_mtlbs.input.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# user=cli-user,operation=CREATE,namespace=kuma-system
apiVersion: kuma.io/v1alpha1
kind: MeshLoadBalancingStrategy
metadata:
name: mlbs-deprecated
labels:
kuma.io/mesh: default
spec:
targetRef:
kind: MeshService
name: frontend
to:
- targetRef:
kind: MeshService
name: backend
default:
loadBalancer:
type: RingHash
ringHash:
hashPolicies:
- type: SourceIP
connection:
sourceIP: true
11 changes: 11 additions & 0 deletions .../runtime/k8s/webhooks/testdata/validation/cli-user_create_mtlbs.non-federated.golden.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
Patches: null
allowed: true
status:
code: 200
metadata: {}
uid: "12345"
warnings:
- SourceIP type for 'spec.to[0].default.loadBalancer.ringHash.hashPolicies[0].type'
is deprecated, use Connection instead
- MeshService value for 'targetRef.kind' is deprecated, use MeshSubset with 'kuma.io/service'
tag instead
11 changes: 11 additions & 0 deletions ...lugins/runtime/k8s/webhooks/testdata/validation/cp-user_create_mlbs.federated.golden.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
Patches: null
allowed: true
status:
code: 200
metadata: {}
uid: "12345"
warnings:
- SourceIP type for 'spec.to[0].default.loadBalancer.ringHash.hashPolicies[0].type'
is deprecated, use Connection instead
- MeshService value for 'targetRef.kind' is deprecated, use MeshSubset with 'kuma.io/service'
tag instead
11 changes: 11 additions & 0 deletions pkg/plugins/runtime/k8s/webhooks/testdata/validation/cp-user_create_mlbs.global.golden.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
Patches: null
allowed: true
status:
code: 200
metadata: {}
uid: "12345"
warnings:
- SourceIP type for 'spec.to[0].default.loadBalancer.ringHash.hashPolicies[0].type'
is deprecated, use Connection instead
- MeshService value for 'targetRef.kind' is deprecated, use MeshSubset with 'kuma.io/service'
tag instead
24 changes: 24 additions & 0 deletions pkg/plugins/runtime/k8s/webhooks/testdata/validation/cp-user_create_mlbs.input.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
# user=system:serviceaccount:kuma-system:kuma-control-plane,operation=CREATE
kind: MeshLoadBalancingStrategy
apiVersion: kuma.io/v1alpha1
metadata:
name: ring-hash
namespace: kuma-system
labels:
kuma.io/mesh: default
spec:
targetRef:
kind: MeshService
name: frontend
to:
- targetRef:
kind: MeshService
name: backend
default:
loadBalancer:
type: RingHash
ringHash:
hashPolicies:
- type: SourceIP
connection:
sourceIP: true
11 changes: 11 additions & 0 deletions ...ns/runtime/k8s/webhooks/testdata/validation/cp-user_create_mlbs.non-federated.golden.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
Patches: null
allowed: true
status:
code: 200
metadata: {}
uid: "12345"
warnings:
- SourceIP type for 'spec.to[0].default.loadBalancer.ringHash.hashPolicies[0].type'
is deprecated, use Connection instead
- MeshService value for 'targetRef.kind' is deprecated, use MeshSubset with 'kuma.io/service'
tag instead

0 comments on commit 7a5db23

Please sign in to comment.