From 4511de6aae178419c1ac13498369289939c1eb64 Mon Sep 17 00:00:00 2001 From: dprotaso Date: Fri, 23 Jun 2023 20:08:20 -0400 Subject: [PATCH 01/19] Gateway::Status::Addresses has a new unique type []GatewayStatusAddress This allows the status type to evolve separately from the spec type --- apis/v1beta1/gateway_types.go | 17 ++++++++++++++- apis/v1beta1/zz_generated.deepcopy.go | 21 +++++++++++++++---- .../gateway.networking.k8s.io_gateways.yaml | 8 +++---- .../gateway.networking.k8s.io_gateways.yaml | 8 +++---- conformance/utils/kubernetes/helpers.go | 2 +- 5 files changed, 42 insertions(+), 14 deletions(-) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index 2c8548cfac..3a78e1a953 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -473,6 +473,21 @@ type GatewayAddress struct { Value string `json:"value"` } +// GatewayStatusAddress describes an address that is bound to a Gateway. +type GatewayStatusAddress struct { + // Type of the address. + Type AddressType `json:"type"` + + // Value of the address. The validity of the values will depend + // on the type and support by the controller. + // + // Examples: `1.2.3.4`, `128::1`, `my-ip-address`. + // + // +kubebuilder:validation:MinLength=1 + // +kubebuilder:validation:MaxLength=253 + Value string `json:"value"` +} + // GatewayStatus defines the observed state of Gateway. type GatewayStatus struct { // Addresses lists the IP addresses that have actually been @@ -482,7 +497,7 @@ type GatewayStatus struct { // // +optional // +kubebuilder:validation:MaxItems=16 - Addresses []GatewayAddress `json:"addresses,omitempty"` + Addresses []GatewayStatusAddress `json:"addresses,omitempty"` // Conditions describe the current conditions of the Gateway. // diff --git a/apis/v1beta1/zz_generated.deepcopy.go b/apis/v1beta1/zz_generated.deepcopy.go index afda0d4dd2..b83cb174a6 100644 --- a/apis/v1beta1/zz_generated.deepcopy.go +++ b/apis/v1beta1/zz_generated.deepcopy.go @@ -350,10 +350,8 @@ func (in *GatewayStatus) DeepCopyInto(out *GatewayStatus) { *out = *in if in.Addresses != nil { in, out := &in.Addresses, &out.Addresses - *out = make([]GatewayAddress, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } + *out = make([]GatewayStatusAddress, len(*in)) + copy(*out, *in) } if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions @@ -381,6 +379,21 @@ func (in *GatewayStatus) DeepCopy() *GatewayStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayStatusAddress) DeepCopyInto(out *GatewayStatusAddress) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayStatusAddress. +func (in *GatewayStatusAddress) DeepCopy() *GatewayStatusAddress { + if in == nil { + return nil + } + out := new(GatewayStatusAddress) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GatewayTLSConfig) DeepCopyInto(out *GatewayTLSConfig) { *out = *in diff --git a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml index ddd07e4be6..e717b74925 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml @@ -471,11 +471,10 @@ spec: in the Spec, e.g. if the Gateway automatically assigns an address from a reserved pool. items: - description: GatewayAddress describes an address that can be bound + description: GatewayStatusAddress describes an address that is bound to a Gateway. properties: type: - default: IPAddress description: Type of the address. maxLength: 253 minLength: 1 @@ -489,6 +488,7 @@ spec: minLength: 1 type: string required: + - type - value type: object maxItems: 16 @@ -1177,11 +1177,10 @@ spec: in the Spec, e.g. if the Gateway automatically assigns an address from a reserved pool. items: - description: GatewayAddress describes an address that can be bound + description: GatewayStatusAddress describes an address that is bound to a Gateway. properties: type: - default: IPAddress description: Type of the address. maxLength: 253 minLength: 1 @@ -1195,6 +1194,7 @@ spec: minLength: 1 type: string required: + - type - value type: object maxItems: 16 diff --git a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml index f810b69eb8..c5ff25b3f1 100644 --- a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml @@ -471,11 +471,10 @@ spec: in the Spec, e.g. if the Gateway automatically assigns an address from a reserved pool. items: - description: GatewayAddress describes an address that can be bound + description: GatewayStatusAddress describes an address that is bound to a Gateway. properties: type: - default: IPAddress description: Type of the address. maxLength: 253 minLength: 1 @@ -489,6 +488,7 @@ spec: minLength: 1 type: string required: + - type - value type: object maxItems: 16 @@ -1177,11 +1177,10 @@ spec: in the Spec, e.g. if the Gateway automatically assigns an address from a reserved pool. items: - description: GatewayAddress describes an address that can be bound + description: GatewayStatusAddress describes an address that is bound to a Gateway. properties: type: - default: IPAddress description: Type of the address. maxLength: 253 minLength: 1 @@ -1195,6 +1194,7 @@ spec: minLength: 1 type: string required: + - type - value type: object maxItems: 16 diff --git a/conformance/utils/kubernetes/helpers.go b/conformance/utils/kubernetes/helpers.go index 9388ea2fd8..a184588fa2 100644 --- a/conformance/utils/kubernetes/helpers.go +++ b/conformance/utils/kubernetes/helpers.go @@ -301,7 +301,7 @@ func WaitForGatewayAddress(t *testing.T, client client.Client, timeoutConfig con // TODO: Support more than IPAddress for _, address := range gw.Status.Addresses { - if address.Type != nil && *address.Type == v1beta1.IPAddressType { + if address.Type == v1beta1.IPAddressType { ipAddr = address.Value return true, nil } From 7ef97818d67a8acf1cfc3bcd58d780fc05a2d60a Mon Sep 17 00:00:00 2001 From: Dave Protasowski Date: Wed, 28 Jun 2023 14:52:46 -0400 Subject: [PATCH 02/19] preserve type default --- apis/v1beta1/gateway_types.go | 3 +++ .../crd/experimental/gateway.networking.k8s.io_gateways.yaml | 4 ++-- config/crd/standard/gateway.networking.k8s.io_gateways.yaml | 4 ++-- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index 3a78e1a953..b7025a6b95 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -476,6 +476,9 @@ type GatewayAddress struct { // GatewayStatusAddress describes an address that is bound to a Gateway. type GatewayStatusAddress struct { // Type of the address. + // + // +optional + // +kubebuilder:default=IPAddress Type AddressType `json:"type"` // Value of the address. The validity of the values will depend diff --git a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml index e717b74925..fa6b8112bd 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml @@ -475,6 +475,7 @@ spec: to a Gateway. properties: type: + default: IPAddress description: Type of the address. maxLength: 253 minLength: 1 @@ -488,7 +489,6 @@ spec: minLength: 1 type: string required: - - type - value type: object maxItems: 16 @@ -1181,6 +1181,7 @@ spec: to a Gateway. properties: type: + default: IPAddress description: Type of the address. maxLength: 253 minLength: 1 @@ -1194,7 +1195,6 @@ spec: minLength: 1 type: string required: - - type - value type: object maxItems: 16 diff --git a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml index c5ff25b3f1..89f2f688a8 100644 --- a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml @@ -475,6 +475,7 @@ spec: to a Gateway. properties: type: + default: IPAddress description: Type of the address. maxLength: 253 minLength: 1 @@ -488,7 +489,6 @@ spec: minLength: 1 type: string required: - - type - value type: object maxItems: 16 @@ -1181,6 +1181,7 @@ spec: to a Gateway. properties: type: + default: IPAddress description: Type of the address. maxLength: 253 minLength: 1 @@ -1194,7 +1195,6 @@ spec: minLength: 1 type: string required: - - type - value type: object maxItems: 16 From c0d7567c0cf8558a0fb20a8029881ab27db49a9a Mon Sep 17 00:00:00 2001 From: Dave Protasowski Date: Wed, 28 Jun 2023 15:39:52 -0400 Subject: [PATCH 03/19] have symmetry with the spec.GatewayAddress and status.GatewayAddress --- apis/v1beta1/gateway_types.go | 2 +- apis/v1beta1/zz_generated.deepcopy.go | 9 ++++++++- conformance/utils/kubernetes/helpers.go | 2 +- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index b7025a6b95..5cc377eefd 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -479,7 +479,7 @@ type GatewayStatusAddress struct { // // +optional // +kubebuilder:default=IPAddress - Type AddressType `json:"type"` + Type *AddressType `json:"type,omitempty"` // Value of the address. The validity of the values will depend // on the type and support by the controller. diff --git a/apis/v1beta1/zz_generated.deepcopy.go b/apis/v1beta1/zz_generated.deepcopy.go index b83cb174a6..699576a302 100644 --- a/apis/v1beta1/zz_generated.deepcopy.go +++ b/apis/v1beta1/zz_generated.deepcopy.go @@ -351,7 +351,9 @@ func (in *GatewayStatus) DeepCopyInto(out *GatewayStatus) { if in.Addresses != nil { in, out := &in.Addresses, &out.Addresses *out = make([]GatewayStatusAddress, len(*in)) - copy(*out, *in) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } } if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions @@ -382,6 +384,11 @@ func (in *GatewayStatus) DeepCopy() *GatewayStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GatewayStatusAddress) DeepCopyInto(out *GatewayStatusAddress) { *out = *in + if in.Type != nil { + in, out := &in.Type, &out.Type + *out = new(AddressType) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayStatusAddress. diff --git a/conformance/utils/kubernetes/helpers.go b/conformance/utils/kubernetes/helpers.go index a184588fa2..9388ea2fd8 100644 --- a/conformance/utils/kubernetes/helpers.go +++ b/conformance/utils/kubernetes/helpers.go @@ -301,7 +301,7 @@ func WaitForGatewayAddress(t *testing.T, client client.Client, timeoutConfig con // TODO: Support more than IPAddress for _, address := range gw.Status.Addresses { - if address.Type == v1beta1.IPAddressType { + if address.Type != nil && *address.Type == v1beta1.IPAddressType { ipAddr = address.Value return true, nil } From f9d4bbf175b5f6ba005b153b2c6035deb8448f02 Mon Sep 17 00:00:00 2001 From: Dave Protasowski Date: Wed, 28 Jun 2023 15:24:48 -0400 Subject: [PATCH 04/19] Update v1beta1 API based on GEP-1651 --- apis/v1alpha2/doc.go | 1 + apis/v1beta1/doc.go | 1 + apis/v1beta1/gateway_types.go | 91 +++++++++++++++++++ apis/v1beta1/gatewayclass_types.go | 14 +++ apis/v1beta1/zz_generated.deepcopy.go | 35 +++++++ ...eway.networking.k8s.io_gatewayclasses.yaml | 36 ++++++++ .../gateway.networking.k8s.io_gateways.yaml | 88 ++++++++++++++++-- ...eway.networking.k8s.io_gatewayclasses.yaml | 36 ++++++++ .../gateway.networking.k8s.io_gateways.yaml | 88 ++++++++++++++++-- geps/gep-1651.md | 2 +- mkdocs.yml | 2 +- 11 files changed, 380 insertions(+), 14 deletions(-) diff --git a/apis/v1alpha2/doc.go b/apis/v1alpha2/doc.go index 0fcba7318c..68e1659551 100644 --- a/apis/v1alpha2/doc.go +++ b/apis/v1alpha2/doc.go @@ -16,6 +16,7 @@ limitations under the License. // Package v1alpha2 contains API Schema definitions for the // gateway.networking.k8s.io API group. +// // +kubebuilder:object:generate=true // +groupName=gateway.networking.k8s.io package v1alpha2 diff --git a/apis/v1beta1/doc.go b/apis/v1beta1/doc.go index d29a3c14a2..328100aee8 100644 --- a/apis/v1beta1/doc.go +++ b/apis/v1beta1/doc.go @@ -16,6 +16,7 @@ limitations under the License. // Package v1beta1 contains API Schema definitions for the // gateway.networking.k8s.io API group. +// // +kubebuilder:object:generate=true // +groupName=gateway.networking.k8s.io package v1beta1 diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index 5cc377eefd..14a948cc7a 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -119,6 +119,11 @@ type GatewaySpec struct { // +kubebuilder:validation:MaxItems=64 Listeners []Listener `json:"listeners"` + // Infrastructure defines infrastructure level attributes about this Gateway instance. + // + // +optional + Infrastructure *GatewayInfrastructure `json:"infrastructure,omitempty"` + // Addresses requested for this Gateway. This is optional and behavior can // depend on the implementation. If a value is set in the spec and the // requested address is invalid or unavailable, the implementation MUST @@ -148,6 +153,68 @@ type GatewaySpec struct { Addresses []GatewayAddress `json:"addresses,omitempty"` } +// GatewayInfrastructure defines infrastructure level attributes about a Gateway +type GatewayInfrastructure struct { + // Routability allows the Gateway to specify the accessibility of it's addresses. Setting + // this property will override the default value defined by the [GatewayClass] + // + // If the desired Gateway routability is incompatible with the [GatewayClass] implementations + // MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. + // + // The default value of routability is implementation specific. + // It is RECOMMENDED that the default routability remains consistent for Gateways with the same + // gatewayClassName + // + // Implementations MAY leave this property unset and signal the default + // routability in the [GatewayStatus] + // + // Implementations MAY prevent end-users from updating the routability value of a Gateway. + // If updates are allowed the semantics and behaviour will depend on the underlying implementation. + // If a Gateway is mutated but does not support the desired routability it MUST set the conditions + // `Accepted`, `Programmed` to `False` with `Reason` set to `UnsupportedRoutability`. + // + // It is RECOMMENDED that in-cluster gateways SHOULD NOT support 'Private' routability. + // Kubernetes doesn't have a concept of 'Private' routability for Services. In the future this may + // change upstream. + // + // +optional + Routability *GatewayRoutability `json:"routability,omitempty"` +} + +// GatewayRoutablility represents the routability of a Gateway +// +// The pre-defined values listed in this package can be compared semantically. +// [GatewayRoutabilityPublic] has a larger scope than [GatewayRoutabilityPrivate], +// while [GatewayRoutabilityPrivate] has a larger scope than +// [GatewayRoutabilityCluster]. +// +// Implementations can define custom routability values by specifying a vendor +// prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`. +type GatewayRoutability string + +const ( + // GatewayRoutabilityPublic means the Gateway's address MUST + // be routable on the public internet + // + // Implementations MAY support this routability + GatewayRoutabilityPublic GatewayRoutability = "Public" + + // GatewayRoutabilityPrivate means the Gateway's address MUST + // be routable inside a private network larger than a single + // cluster (ie. VPC) and MAY include the RFC1918 address space + // + // Implementations MAY support this routability + GatewayRoutabilityPrivate GatewayRoutability = "Private" + + // GatewayRoutabilityCluster means the Gateway's address MUST + // be only be routable inside the [cluster's network] + // + // Implementations MAY support this routability + // + // [cluster's network]: https://kubernetes.io/docs/concepts/cluster-administration/networking/#how-to-implement-the-kubernetes-network-model + GatewayRoutabilityCluster GatewayRoutability = "Cluster" +) + // Listener embodies the concept of a logical endpoint where a Gateway accepts // network connections. type Listener struct { @@ -489,6 +556,15 @@ type GatewayStatusAddress struct { // +kubebuilder:validation:MinLength=1 // +kubebuilder:validation:MaxLength=253 Value string `json:"value"` + + // Routability specifies the routable bounds of this address + // Predefined values are: 'Private', 'Public', Cluster + // Other values MUST have a vendor prefix. + // + // Implementations that support Routability MUST populate this field + // + // +optional + Routability *GatewayRoutability `json:"routability,omitempty"` } // GatewayStatus defines the observed state of Gateway. @@ -498,6 +574,15 @@ type GatewayStatus struct { // addresses in the Spec, e.g. if the Gateway automatically // assigns an address from a reserved pool. // + // Implementations that support [GatewayRoutability] MUST include an address + // that has the same routable semantics as defined in the Gateway spec. + // + // Implementations MAY add additional addresses in status, but they MUST be + // semantically less than the scope of the requested scope. For example if a + // user requests a `Cluster` routable Gateway then the list of addresses + // MUST NOT have a routability of `Public` or `Private`. + // + // // +optional // +kubebuilder:validation:MaxItems=16 Addresses []GatewayStatusAddress `json:"addresses,omitempty"` @@ -540,6 +625,12 @@ type GatewayConditionType string // particular Gateway condition type has been raised. type GatewayConditionReason string +const ( + // This reason is used with "Programmed" and "Accepted" conditions when + // desired routability is not able to be fullfilled by the implementation + GatewayUnsupportedRoutability GatewayConditionReason = "UnsupportedRoutability" +) + const ( // This condition indicates whether a Gateway has generated some // configuration that is assumed to be ready soon in the underlying data diff --git a/apis/v1beta1/gatewayclass_types.go b/apis/v1beta1/gatewayclass_types.go index f20487bfa5..100408d132 100644 --- a/apis/v1beta1/gatewayclass_types.go +++ b/apis/v1beta1/gatewayclass_types.go @@ -183,6 +183,20 @@ const ( // GatewayClassStatus is the current status for the GatewayClass. type GatewayClassStatus struct { + // Routabilities specifies a list of supported routabilities offered by + // the GatewayClass. The first entry in this list will be the default + // routability used when Gateways of this class are created. + // + // Implemenations MAY provide a pre-defined set of GatewayClasses that + // limit the routability choices of a Gateway. + // + // Implementations that support routability MUST populate this list with + // a subset of the pre-defined [GatewayRoutability] values or vendored + // prefix values. + // + // +optional + Routabilities []GatewayRoutability `json:"routabilities,omitempty"` + // Conditions is the current status from the controller for // this GatewayClass. // diff --git a/apis/v1beta1/zz_generated.deepcopy.go b/apis/v1beta1/zz_generated.deepcopy.go index 699576a302..2f73ce9d1b 100644 --- a/apis/v1beta1/zz_generated.deepcopy.go +++ b/apis/v1beta1/zz_generated.deepcopy.go @@ -265,6 +265,11 @@ func (in *GatewayClassSpec) DeepCopy() *GatewayClassSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GatewayClassStatus) DeepCopyInto(out *GatewayClassStatus) { *out = *in + if in.Routabilities != nil { + in, out := &in.Routabilities, &out.Routabilities + *out = make([]GatewayRoutability, len(*in)) + copy(*out, *in) + } if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions *out = make([]v1.Condition, len(*in)) @@ -284,6 +289,26 @@ func (in *GatewayClassStatus) DeepCopy() *GatewayClassStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GatewayInfrastructure) DeepCopyInto(out *GatewayInfrastructure) { + *out = *in + if in.Routability != nil { + in, out := &in.Routability, &out.Routability + *out = new(GatewayRoutability) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayInfrastructure. +func (in *GatewayInfrastructure) DeepCopy() *GatewayInfrastructure { + if in == nil { + return nil + } + out := new(GatewayInfrastructure) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GatewayList) DeepCopyInto(out *GatewayList) { *out = *in @@ -326,6 +351,11 @@ func (in *GatewaySpec) DeepCopyInto(out *GatewaySpec) { (*in)[i].DeepCopyInto(&(*out)[i]) } } + if in.Infrastructure != nil { + in, out := &in.Infrastructure, &out.Infrastructure + *out = new(GatewayInfrastructure) + (*in).DeepCopyInto(*out) + } if in.Addresses != nil { in, out := &in.Addresses, &out.Addresses *out = make([]GatewayAddress, len(*in)) @@ -389,6 +419,11 @@ func (in *GatewayStatusAddress) DeepCopyInto(out *GatewayStatusAddress) { *out = new(AddressType) **out = **in } + if in.Routability != nil { + in, out := &in.Routability, &out.Routability + *out = new(GatewayRoutability) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GatewayStatusAddress. diff --git a/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml b/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml index 9f0c7d6d7c..5a956cd6c7 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml @@ -215,6 +215,24 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map + routabilities: + description: "Routabilities specifies a list of supported routabilities + offered by the GatewayClass. The first entry in this list will be + the default routability used when Gateways of this class are created. + \n Implemenations MAY provide a pre-defined set of GatewayClasses + that limit the routability choices of a Gateway. \n Implementations + that support routability MUST populate this list with a subset of + the pre-defined [GatewayRoutability] values or vendored prefix values." + items: + description: "GatewayRoutablility represents the routability of + a Gateway \n The pre-defined values listed in this package can + be compared semantically. [GatewayRoutabilityPublic] has a larger + scope than [GatewayRoutabilityPrivate], while [GatewayRoutabilityPrivate] + has a larger scope than [GatewayRoutabilityCluster]. \n Implementations + can define custom routability values by specifying a vendor prefix + followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." + type: string + type: array type: object required: - spec @@ -415,6 +433,24 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map + routabilities: + description: "Routabilities specifies a list of supported routabilities + offered by the GatewayClass. The first entry in this list will be + the default routability used when Gateways of this class are created. + \n Implemenations MAY provide a pre-defined set of GatewayClasses + that limit the routability choices of a Gateway. \n Implementations + that support routability MUST populate this list with a subset of + the pre-defined [GatewayRoutability] values or vendored prefix values." + items: + description: "GatewayRoutablility represents the routability of + a Gateway \n The pre-defined values listed in this package can + be compared semantically. [GatewayRoutabilityPublic] has a larger + scope than [GatewayRoutabilityPrivate], while [GatewayRoutabilityPrivate] + has a larger scope than [GatewayRoutabilityCluster]. \n Implementations + can define custom routability values by specifying a vendor prefix + followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." + type: string + type: array type: object required: - spec diff --git a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml index fa6b8112bd..0f5d6ee39a 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml @@ -103,6 +103,32 @@ spec: maxLength: 253 minLength: 1 type: string + infrastructure: + description: Infrastructure defines infrastructure level attributes + about this Gateway instance. + properties: + routability: + description: "Routability allows the Gateway to specify the accessibility + of it's addresses. Setting this property will override the default + value defined by the [GatewayClass] \n If the desired Gateway + routability is incompatible with the [GatewayClass] implementations + MUST set the condition `Accepted` to `False` with `Reason` set + to `UnsupportedRoutability`. \n The default value of routability + is implementation specific. It is RECOMMENDED that the default + routability remains consistent for Gateways with the same gatewayClassName + \n Implementations MAY leave this property unset and signal + the default routability in the [GatewayStatus] \n Implementations + MAY prevent end-users from updating the routability value of + a Gateway. If updates are allowed the semantics and behaviour + will depend on the underlying implementation. If a Gateway is + mutated but does not support the desired routability it MUST + set the conditions `Accepted`, `Programmed` to `False` with + `Reason` set to `UnsupportedRoutability`. \n It is RECOMMENDED + that in-cluster gateways SHOULD NOT support 'Private' routability. + Kubernetes doesn't have a concept of 'Private' routability for + Services. In the future this may change upstream." + type: string + type: object listeners: description: "Listeners associated with this Gateway. Listeners define logical endpoints that are bound on this Gateway's addresses. At @@ -466,14 +492,26 @@ spec: description: Status defines the current state of Gateway. properties: addresses: - description: Addresses lists the IP addresses that have actually been - bound to the Gateway. These addresses may differ from the addresses + description: "Addresses lists the IP addresses that have actually + been bound to the Gateway. These addresses may differ from the addresses in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. + from a reserved pool. \n Implementations that support [GatewayRoutability] + MUST include an address that has the same routable semantics as + defined in the Gateway spec. \n Implementations MAY add additional + addresses in status, but they MUST be semantically less than the + scope of the requested scope. For example if a user requests a `Cluster` + routable Gateway then the list of addresses MUST NOT have a routability + of `Public` or `Private`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. properties: + routability: + description: "Routability specifies the routable bounds of this + address Predefined values are: 'Private', 'Public', Cluster + Other values MUST have a vendor prefix. \n Implementations + that support Routability MUST populate this field" + type: string type: default: IPAddress description: Type of the address. @@ -809,6 +847,32 @@ spec: maxLength: 253 minLength: 1 type: string + infrastructure: + description: Infrastructure defines infrastructure level attributes + about this Gateway instance. + properties: + routability: + description: "Routability allows the Gateway to specify the accessibility + of it's addresses. Setting this property will override the default + value defined by the [GatewayClass] \n If the desired Gateway + routability is incompatible with the [GatewayClass] implementations + MUST set the condition `Accepted` to `False` with `Reason` set + to `UnsupportedRoutability`. \n The default value of routability + is implementation specific. It is RECOMMENDED that the default + routability remains consistent for Gateways with the same gatewayClassName + \n Implementations MAY leave this property unset and signal + the default routability in the [GatewayStatus] \n Implementations + MAY prevent end-users from updating the routability value of + a Gateway. If updates are allowed the semantics and behaviour + will depend on the underlying implementation. If a Gateway is + mutated but does not support the desired routability it MUST + set the conditions `Accepted`, `Programmed` to `False` with + `Reason` set to `UnsupportedRoutability`. \n It is RECOMMENDED + that in-cluster gateways SHOULD NOT support 'Private' routability. + Kubernetes doesn't have a concept of 'Private' routability for + Services. In the future this may change upstream." + type: string + type: object listeners: description: "Listeners associated with this Gateway. Listeners define logical endpoints that are bound on this Gateway's addresses. At @@ -1172,14 +1236,26 @@ spec: description: Status defines the current state of Gateway. properties: addresses: - description: Addresses lists the IP addresses that have actually been - bound to the Gateway. These addresses may differ from the addresses + description: "Addresses lists the IP addresses that have actually + been bound to the Gateway. These addresses may differ from the addresses in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. + from a reserved pool. \n Implementations that support [GatewayRoutability] + MUST include an address that has the same routable semantics as + defined in the Gateway spec. \n Implementations MAY add additional + addresses in status, but they MUST be semantically less than the + scope of the requested scope. For example if a user requests a `Cluster` + routable Gateway then the list of addresses MUST NOT have a routability + of `Public` or `Private`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. properties: + routability: + description: "Routability specifies the routable bounds of this + address Predefined values are: 'Private', 'Public', Cluster + Other values MUST have a vendor prefix. \n Implementations + that support Routability MUST populate this field" + type: string type: default: IPAddress description: Type of the address. diff --git a/config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml b/config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml index f0f252b6e7..3b75523247 100644 --- a/config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml +++ b/config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml @@ -215,6 +215,24 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map + routabilities: + description: "Routabilities specifies a list of supported routabilities + offered by the GatewayClass. The first entry in this list will be + the default routability used when Gateways of this class are created. + \n Implemenations MAY provide a pre-defined set of GatewayClasses + that limit the routability choices of a Gateway. \n Implementations + that support routability MUST populate this list with a subset of + the pre-defined [GatewayRoutability] values or vendored prefix values." + items: + description: "GatewayRoutablility represents the routability of + a Gateway \n The pre-defined values listed in this package can + be compared semantically. [GatewayRoutabilityPublic] has a larger + scope than [GatewayRoutabilityPrivate], while [GatewayRoutabilityPrivate] + has a larger scope than [GatewayRoutabilityCluster]. \n Implementations + can define custom routability values by specifying a vendor prefix + followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." + type: string + type: array type: object required: - spec @@ -415,6 +433,24 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map + routabilities: + description: "Routabilities specifies a list of supported routabilities + offered by the GatewayClass. The first entry in this list will be + the default routability used when Gateways of this class are created. + \n Implemenations MAY provide a pre-defined set of GatewayClasses + that limit the routability choices of a Gateway. \n Implementations + that support routability MUST populate this list with a subset of + the pre-defined [GatewayRoutability] values or vendored prefix values." + items: + description: "GatewayRoutablility represents the routability of + a Gateway \n The pre-defined values listed in this package can + be compared semantically. [GatewayRoutabilityPublic] has a larger + scope than [GatewayRoutabilityPrivate], while [GatewayRoutabilityPrivate] + has a larger scope than [GatewayRoutabilityCluster]. \n Implementations + can define custom routability values by specifying a vendor prefix + followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." + type: string + type: array type: object required: - spec diff --git a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml index 89f2f688a8..fecae30a01 100644 --- a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml @@ -103,6 +103,32 @@ spec: maxLength: 253 minLength: 1 type: string + infrastructure: + description: Infrastructure defines infrastructure level attributes + about this Gateway instance. + properties: + routability: + description: "Routability allows the Gateway to specify the accessibility + of it's addresses. Setting this property will override the default + value defined by the [GatewayClass] \n If the desired Gateway + routability is incompatible with the [GatewayClass] implementations + MUST set the condition `Accepted` to `False` with `Reason` set + to `UnsupportedRoutability`. \n The default value of routability + is implementation specific. It is RECOMMENDED that the default + routability remains consistent for Gateways with the same gatewayClassName + \n Implementations MAY leave this property unset and signal + the default routability in the [GatewayStatus] \n Implementations + MAY prevent end-users from updating the routability value of + a Gateway. If updates are allowed the semantics and behaviour + will depend on the underlying implementation. If a Gateway is + mutated but does not support the desired routability it MUST + set the conditions `Accepted`, `Programmed` to `False` with + `Reason` set to `UnsupportedRoutability`. \n It is RECOMMENDED + that in-cluster gateways SHOULD NOT support 'Private' routability. + Kubernetes doesn't have a concept of 'Private' routability for + Services. In the future this may change upstream." + type: string + type: object listeners: description: "Listeners associated with this Gateway. Listeners define logical endpoints that are bound on this Gateway's addresses. At @@ -466,14 +492,26 @@ spec: description: Status defines the current state of Gateway. properties: addresses: - description: Addresses lists the IP addresses that have actually been - bound to the Gateway. These addresses may differ from the addresses + description: "Addresses lists the IP addresses that have actually + been bound to the Gateway. These addresses may differ from the addresses in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. + from a reserved pool. \n Implementations that support [GatewayRoutability] + MUST include an address that has the same routable semantics as + defined in the Gateway spec. \n Implementations MAY add additional + addresses in status, but they MUST be semantically less than the + scope of the requested scope. For example if a user requests a `Cluster` + routable Gateway then the list of addresses MUST NOT have a routability + of `Public` or `Private`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. properties: + routability: + description: "Routability specifies the routable bounds of this + address Predefined values are: 'Private', 'Public', Cluster + Other values MUST have a vendor prefix. \n Implementations + that support Routability MUST populate this field" + type: string type: default: IPAddress description: Type of the address. @@ -809,6 +847,32 @@ spec: maxLength: 253 minLength: 1 type: string + infrastructure: + description: Infrastructure defines infrastructure level attributes + about this Gateway instance. + properties: + routability: + description: "Routability allows the Gateway to specify the accessibility + of it's addresses. Setting this property will override the default + value defined by the [GatewayClass] \n If the desired Gateway + routability is incompatible with the [GatewayClass] implementations + MUST set the condition `Accepted` to `False` with `Reason` set + to `UnsupportedRoutability`. \n The default value of routability + is implementation specific. It is RECOMMENDED that the default + routability remains consistent for Gateways with the same gatewayClassName + \n Implementations MAY leave this property unset and signal + the default routability in the [GatewayStatus] \n Implementations + MAY prevent end-users from updating the routability value of + a Gateway. If updates are allowed the semantics and behaviour + will depend on the underlying implementation. If a Gateway is + mutated but does not support the desired routability it MUST + set the conditions `Accepted`, `Programmed` to `False` with + `Reason` set to `UnsupportedRoutability`. \n It is RECOMMENDED + that in-cluster gateways SHOULD NOT support 'Private' routability. + Kubernetes doesn't have a concept of 'Private' routability for + Services. In the future this may change upstream." + type: string + type: object listeners: description: "Listeners associated with this Gateway. Listeners define logical endpoints that are bound on this Gateway's addresses. At @@ -1172,14 +1236,26 @@ spec: description: Status defines the current state of Gateway. properties: addresses: - description: Addresses lists the IP addresses that have actually been - bound to the Gateway. These addresses may differ from the addresses + description: "Addresses lists the IP addresses that have actually + been bound to the Gateway. These addresses may differ from the addresses in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. + from a reserved pool. \n Implementations that support [GatewayRoutability] + MUST include an address that has the same routable semantics as + defined in the Gateway spec. \n Implementations MAY add additional + addresses in status, but they MUST be semantically less than the + scope of the requested scope. For example if a user requests a `Cluster` + routable Gateway then the list of addresses MUST NOT have a routability + of `Public` or `Private`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. properties: + routability: + description: "Routability specifies the routable bounds of this + address Predefined values are: 'Private', 'Public', Cluster + Other values MUST have a vendor prefix. \n Implementations + that support Routability MUST populate this field" + type: string type: default: IPAddress description: Type of the address. diff --git a/geps/gep-1651.md b/geps/gep-1651.md index 87c85bb5f9..75e64d6da6 100644 --- a/geps/gep-1651.md +++ b/geps/gep-1651.md @@ -1,7 +1,7 @@ # GEP-1651: Gateway Routability * Issue: [#1651](https://github.com/kubernetes-sigs/gateway-api/issues/1651) -* Status: Provisional +* Status: Experimental (See status definitions [here](overview.md#status).) diff --git a/mkdocs.yml b/mkdocs.yml index 5e1412f547..4aad0124ea 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -86,7 +86,6 @@ nav: - Provisional: - geps/gep-1324.md - geps/gep-1619.md - - geps/gep-1651.md - geps/gep-1897.md - geps/gep-1867.md - Prototyping: @@ -96,6 +95,7 @@ nav: - geps/gep-1686.md - geps/gep-1426.md - Experimental: + - geps/gep-1651.md - geps/gep-1748.md - geps/gep-1016.md - geps/gep-957.md From 48def827ef3a2a07c510ee91981aa2054e6df0ad Mon Sep 17 00:00:00 2001 From: dprotaso Date: Wed, 28 Jun 2023 23:40:36 -0400 Subject: [PATCH 05/19] fix typos --- apis/v1beta1/gateway_types.go | 4 ++-- .../crd/experimental/gateway.networking.k8s.io_gateways.yaml | 4 ++-- config/crd/standard/gateway.networking.k8s.io_gateways.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index 14a948cc7a..de219e951e 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -169,7 +169,7 @@ type GatewayInfrastructure struct { // routability in the [GatewayStatus] // // Implementations MAY prevent end-users from updating the routability value of a Gateway. - // If updates are allowed the semantics and behaviour will depend on the underlying implementation. + // If updates are allowed the semantics and behavior will depend on the underlying implementation. // If a Gateway is mutated but does not support the desired routability it MUST set the conditions // `Accepted`, `Programmed` to `False` with `Reason` set to `UnsupportedRoutability`. // @@ -627,7 +627,7 @@ type GatewayConditionReason string const ( // This reason is used with "Programmed" and "Accepted" conditions when - // desired routability is not able to be fullfilled by the implementation + // desired routability is not able to be fulfilled by the implementation GatewayUnsupportedRoutability GatewayConditionReason = "UnsupportedRoutability" ) diff --git a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml index 0f5d6ee39a..def57bb029 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml @@ -119,7 +119,7 @@ spec: \n Implementations MAY leave this property unset and signal the default routability in the [GatewayStatus] \n Implementations MAY prevent end-users from updating the routability value of - a Gateway. If updates are allowed the semantics and behaviour + a Gateway. If updates are allowed the semantics and behavior will depend on the underlying implementation. If a Gateway is mutated but does not support the desired routability it MUST set the conditions `Accepted`, `Programmed` to `False` with @@ -863,7 +863,7 @@ spec: \n Implementations MAY leave this property unset and signal the default routability in the [GatewayStatus] \n Implementations MAY prevent end-users from updating the routability value of - a Gateway. If updates are allowed the semantics and behaviour + a Gateway. If updates are allowed the semantics and behavior will depend on the underlying implementation. If a Gateway is mutated but does not support the desired routability it MUST set the conditions `Accepted`, `Programmed` to `False` with diff --git a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml index fecae30a01..575f678168 100644 --- a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml @@ -119,7 +119,7 @@ spec: \n Implementations MAY leave this property unset and signal the default routability in the [GatewayStatus] \n Implementations MAY prevent end-users from updating the routability value of - a Gateway. If updates are allowed the semantics and behaviour + a Gateway. If updates are allowed the semantics and behavior will depend on the underlying implementation. If a Gateway is mutated but does not support the desired routability it MUST set the conditions `Accepted`, `Programmed` to `False` with @@ -863,7 +863,7 @@ spec: \n Implementations MAY leave this property unset and signal the default routability in the [GatewayStatus] \n Implementations MAY prevent end-users from updating the routability value of - a Gateway. If updates are allowed the semantics and behaviour + a Gateway. If updates are allowed the semantics and behavior will depend on the underlying implementation. If a Gateway is mutated but does not support the desired routability it MUST set the conditions `Accepted`, `Programmed` to `False` with From 21467d27cf6fa8af5339d1282169ea8ced64541d Mon Sep 17 00:00:00 2001 From: dprotaso Date: Thu, 29 Jun 2023 15:42:56 -0400 Subject: [PATCH 06/19] address feedback --- apis/v1beta1/gateway_types.go | 49 ++++++++++++++++-------------- apis/v1beta1/gatewayclass_types.go | 7 +++-- geps/gep-1651.md | 36 +++++++++++----------- 3 files changed, 48 insertions(+), 44 deletions(-) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index de219e951e..2dd53ce3d3 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -121,6 +121,7 @@ type GatewaySpec struct { // Infrastructure defines infrastructure level attributes about this Gateway instance. // + // // +optional Infrastructure *GatewayInfrastructure `json:"infrastructure,omitempty"` @@ -155,27 +156,23 @@ type GatewaySpec struct { // GatewayInfrastructure defines infrastructure level attributes about a Gateway type GatewayInfrastructure struct { - // Routability allows the Gateway to specify the accessibility of it's addresses. Setting - // this property will override the default value defined by the [GatewayClass] + // Routability allows the Gateway to specify the accessibility of its addresses. Setting + // this property will override the default value defined by the [GatewayClass]. // // If the desired Gateway routability is incompatible with the [GatewayClass] implementations // MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. // - // The default value of routability is implementation specific. - // It is RECOMMENDED that the default routability remains consistent for Gateways with the same - // gatewayClassName + // The default value of routability is implementation specific and MUST remain consistent for + // Gateways with the same gatewayClassName // - // Implementations MAY leave this property unset and signal the default - // routability in the [GatewayStatus] + // Implementations MAY leave this property unset. The routability MUST appear in the [GatewayStatusAddress]. // - // Implementations MAY prevent end-users from updating the routability value of a Gateway. - // If updates are allowed the semantics and behavior will depend on the underlying implementation. - // If a Gateway is mutated but does not support the desired routability it MUST set the conditions - // `Accepted`, `Programmed` to `False` with `Reason` set to `UnsupportedRoutability`. + // Implementations MUST clearly document if they support updates to this field. The default + // expectation should be that changes to this field are not supported unless an implementation + // specifies otherwise. // - // It is RECOMMENDED that in-cluster gateways SHOULD NOT support 'Private' routability. - // Kubernetes doesn't have a concept of 'Private' routability for Services. In the future this may - // change upstream. + // If a Gateway is mutated but does not support the desired routability it MUST set the `Accepted` + // and `Programmed` conditions to `False` with `Reason` set to `UnsupportedRoutability`. // // +optional Routability *GatewayRoutability `json:"routability,omitempty"` @@ -194,22 +191,27 @@ type GatewayRoutability string const ( // GatewayRoutabilityPublic means the Gateway's address MUST - // be routable on the public internet + // be routable on the public internet. // - // Implementations MAY support this routability + // Support: Extended GatewayRoutabilityPublic GatewayRoutability = "Public" // GatewayRoutabilityPrivate means the Gateway's address MUST - // be routable inside a private network larger than a single - // cluster (ie. VPC) and MAY include the RFC1918 address space + // only be routable inside a private network larger than a single + // cluster (ie. VPC) and MAY include the RFC1918 address space. // - // Implementations MAY support this routability + // It is RECOMMENDED that in-cluster gateways SHOULD NOT support 'Private' routability. + // Kubernetes doesn't have a concept of 'Private' routability for Services. In the future this may + // change upstream. + // + // + // Support: Extended GatewayRoutabilityPrivate GatewayRoutability = "Private" // GatewayRoutabilityCluster means the Gateway's address MUST - // be only be routable inside the [cluster's network] + // only be routable inside the [cluster's network]. // - // Implementations MAY support this routability + // Support: Extended // // [cluster's network]: https://kubernetes.io/docs/concepts/cluster-administration/networking/#how-to-implement-the-kubernetes-network-model GatewayRoutabilityCluster GatewayRoutability = "Cluster" @@ -564,6 +566,7 @@ type GatewayStatusAddress struct { // Implementations that support Routability MUST populate this field // // +optional + // Routability *GatewayRoutability `json:"routability,omitempty"` } @@ -579,8 +582,8 @@ type GatewayStatus struct { // // Implementations MAY add additional addresses in status, but they MUST be // semantically less than the scope of the requested scope. For example if a - // user requests a `Cluster` routable Gateway then the list of addresses - // MUST NOT have a routability of `Public` or `Private`. + // user requests a `Private` routable Gateway then an additional address MAY + // have a routability of `Cluster` but MUST NOT include `Private`. // // // +optional diff --git a/apis/v1beta1/gatewayclass_types.go b/apis/v1beta1/gatewayclass_types.go index 100408d132..4381ef037d 100644 --- a/apis/v1beta1/gatewayclass_types.go +++ b/apis/v1beta1/gatewayclass_types.go @@ -190,11 +190,12 @@ type GatewayClassStatus struct { // Implemenations MAY provide a pre-defined set of GatewayClasses that // limit the routability choices of a Gateway. // - // Implementations that support routability MUST populate this list with - // a subset of the pre-defined [GatewayRoutability] values or vendored - // prefix values. + // Implementations MUST populate this list with the [GatewayRoutability] values + // that are supported by this GatewayClass. // // +optional + // +kubebuilder:validation:MaxItems=8 + // Routabilities []GatewayRoutability `json:"routabilities,omitempty"` // Conditions is the current status from the controller for diff --git a/geps/gep-1651.md b/geps/gep-1651.md index 75e64d6da6..132d37fcd3 100644 --- a/geps/gep-1651.md +++ b/geps/gep-1651.md @@ -101,14 +101,14 @@ const ( GatewayRoutabilityPublic GatewayRoutability = "Public" // GatewayRoutabilityPrivate means the Gateway's address MUST - // be routable inside a private network larger than a single + // only be routable inside a private network larger than a single // cluster (ie. VPC) and MAY include the RFC1918 address space // // Implementations MAY support this routability GatewayRoutabilityPrivate GatewayRoutability = "Private" // GatewayRoutabilityCluster means the Gateway's address MUST - // be only be routable inside the [cluster's network] + // only be routable inside the [cluster's network] // // Implementations MAY support this routability // @@ -122,23 +122,21 @@ type GatewaySpec struct { // ... } type GatewayInfrastructure struct { - // Routability allows the Gateway to specify the accessibility of it's addresses. Setting - // this property will override the default value defined by the [GatewayClass] + // Routability allows the Gateway to specify the accessibility of its addresses. Setting + // this property will override the default value defined by the [GatewayClass]. // // If the desired Gateway routability is incompatible with the [GatewayClass] implementations // MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. - // The default value of routability is implementation specific. - // It is RECOMMENDED that the default routability remains consistent for Gateways with the same - // gatewayClassName + // The default value of routability is implementation specific and MUST remains consistent for + // Gateways with the same gatewayClassName // - // Implementations MAY leave this property unset and signal the default - // routability in the [GatewayStatus] + // Implementations MAY leave this property unset. The routability MUST appear in the [GatewayStatusAddress] // // Implementations MAY prevent end-users from updating the routability value of a Gateway. // If updates are allowed the semantics and behaviour will depend on the underlying implementation. - // If a Gateway is mutated but does not support the desired routability it MUST set the conditions - // `Accepted`, `Programmed` to `False` with `Reason` set to `UnsupportedRoutability`. + // If a Gateway is mutated but does not support the desired routability it MUST set `Accepted` + // and `Programmed` conditions to `False` with `Reason` set to `UnsupportedRoutability`. // // It is RECOMMENDED that in-cluster gateways SHOULD NOT support 'Private' routability. // Kubernetes doesn't have a concept of 'Private' routability for Services. In the future this may @@ -157,10 +155,10 @@ type GatewayStatus struct { // Implementations that support Gateway routability MUST include an address // that has the same routable semantics as defined in the Gateway spec. // - // Implementations MAY add additional addresses in status, but they MUST be - // semantically less than the scope of the requested scope. For example if a - // user requests a `Cluster` routable Gateway then the list of addresses - // MUST NOT have a routability of `Public` or `Private`. + // Implementations MAY add additional addresses in status, but they MUST be + // semantically less than the scope of the requested scope. For example if a + // user requests a `Private` routable Gateway then an additional address MAY + // have a routability of `Cluster` but MUST NOT include `Private`. // // +optional // +kubebuilder:validation:MaxItems=16 @@ -190,11 +188,13 @@ type GatewayClassStatus struct { // Implemenations MAY provide a pre-defined set of GatewayClasses that // limit the routability choices of a Gateway. // - // Implementations that support routability MUST populate this list with - // a subset of the pre-defined [GatewayRoutability] values or vendored - // prefix values. + // Implementations that support routability MUST populate this list with + // a subset of the pre-defined [GatewayRoutability] values or vendored + // prefix values. // // +optional + // +kubebuilder:validation:MaxItems=8 + // Routabilities []GatewayRoutability `json:"routabilities"` } ``` From df653831bb2e9d3a1f7368869521e693a58a612e Mon Sep 17 00:00:00 2001 From: Dave Protasowski Date: Fri, 30 Jun 2023 10:05:59 -0400 Subject: [PATCH 07/19] run codegen --- ...eway.networking.k8s.io_gatewayclasses.yaml | 10 ++- .../gateway.networking.k8s.io_gateways.yaml | 76 +++++++++---------- ...eway.networking.k8s.io_gatewayclasses.yaml | 36 --------- .../gateway.networking.k8s.io_gateways.yaml | 76 ++----------------- 4 files changed, 46 insertions(+), 152 deletions(-) diff --git a/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml b/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml index 5a956cd6c7..7040727813 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml @@ -221,8 +221,8 @@ spec: the default routability used when Gateways of this class are created. \n Implemenations MAY provide a pre-defined set of GatewayClasses that limit the routability choices of a Gateway. \n Implementations - that support routability MUST populate this list with a subset of - the pre-defined [GatewayRoutability] values or vendored prefix values." + MUST populate this list with the [GatewayRoutability] values that + are supported by this GatewayClass. \n " items: description: "GatewayRoutablility represents the routability of a Gateway \n The pre-defined values listed in this package can @@ -232,6 +232,7 @@ spec: can define custom routability values by specifying a vendor prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." type: string + maxItems: 8 type: array type: object required: @@ -439,8 +440,8 @@ spec: the default routability used when Gateways of this class are created. \n Implemenations MAY provide a pre-defined set of GatewayClasses that limit the routability choices of a Gateway. \n Implementations - that support routability MUST populate this list with a subset of - the pre-defined [GatewayRoutability] values or vendored prefix values." + MUST populate this list with the [GatewayRoutability] values that + are supported by this GatewayClass. \n " items: description: "GatewayRoutablility represents the routability of a Gateway \n The pre-defined values listed in this package can @@ -450,6 +451,7 @@ spec: can define custom routability values by specifying a vendor prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." type: string + maxItems: 8 type: array type: object required: diff --git a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml index def57bb029..4d24d68384 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml @@ -104,29 +104,25 @@ spec: minLength: 1 type: string infrastructure: - description: Infrastructure defines infrastructure level attributes - about this Gateway instance. + description: "Infrastructure defines infrastructure level attributes + about this Gateway instance. \n " properties: routability: description: "Routability allows the Gateway to specify the accessibility - of it's addresses. Setting this property will override the default - value defined by the [GatewayClass] \n If the desired Gateway + of its addresses. Setting this property will override the default + value defined by the [GatewayClass]. \n If the desired Gateway routability is incompatible with the [GatewayClass] implementations MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. \n The default value of routability - is implementation specific. It is RECOMMENDED that the default - routability remains consistent for Gateways with the same gatewayClassName - \n Implementations MAY leave this property unset and signal - the default routability in the [GatewayStatus] \n Implementations - MAY prevent end-users from updating the routability value of - a Gateway. If updates are allowed the semantics and behavior - will depend on the underlying implementation. If a Gateway is - mutated but does not support the desired routability it MUST - set the conditions `Accepted`, `Programmed` to `False` with - `Reason` set to `UnsupportedRoutability`. \n It is RECOMMENDED - that in-cluster gateways SHOULD NOT support 'Private' routability. - Kubernetes doesn't have a concept of 'Private' routability for - Services. In the future this may change upstream." + is implementation specific and MUST remain consistent for Gateways + with the same gatewayClassName \n Implementations MAY leave + this property unset. The routability MUST appear in the [GatewayStatusAddress]. + \n Implementations MUST clearly document if they support updates + to this field. The default expectation should be that changes + to this field are not supported unless an implementation specifies + otherwise. \n If a Gateway is mutated but does not support the + desired routability it MUST set the `Accepted` and `Programmed` + conditions to `False` with `Reason` set to `UnsupportedRoutability`." type: string type: object listeners: @@ -499,9 +495,9 @@ spec: MUST include an address that has the same routable semantics as defined in the Gateway spec. \n Implementations MAY add additional addresses in status, but they MUST be semantically less than the - scope of the requested scope. For example if a user requests a `Cluster` - routable Gateway then the list of addresses MUST NOT have a routability - of `Public` or `Private`." + scope of the requested scope. For example if a user requests a `Private` + routable Gateway then an additional address MAY have a routability + of `Cluster` but MUST NOT include `Private`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. @@ -510,7 +506,7 @@ spec: description: "Routability specifies the routable bounds of this address Predefined values are: 'Private', 'Public', Cluster Other values MUST have a vendor prefix. \n Implementations - that support Routability MUST populate this field" + that support Routability MUST populate this field \n " type: string type: default: IPAddress @@ -848,29 +844,25 @@ spec: minLength: 1 type: string infrastructure: - description: Infrastructure defines infrastructure level attributes - about this Gateway instance. + description: "Infrastructure defines infrastructure level attributes + about this Gateway instance. \n " properties: routability: description: "Routability allows the Gateway to specify the accessibility - of it's addresses. Setting this property will override the default - value defined by the [GatewayClass] \n If the desired Gateway + of its addresses. Setting this property will override the default + value defined by the [GatewayClass]. \n If the desired Gateway routability is incompatible with the [GatewayClass] implementations MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. \n The default value of routability - is implementation specific. It is RECOMMENDED that the default - routability remains consistent for Gateways with the same gatewayClassName - \n Implementations MAY leave this property unset and signal - the default routability in the [GatewayStatus] \n Implementations - MAY prevent end-users from updating the routability value of - a Gateway. If updates are allowed the semantics and behavior - will depend on the underlying implementation. If a Gateway is - mutated but does not support the desired routability it MUST - set the conditions `Accepted`, `Programmed` to `False` with - `Reason` set to `UnsupportedRoutability`. \n It is RECOMMENDED - that in-cluster gateways SHOULD NOT support 'Private' routability. - Kubernetes doesn't have a concept of 'Private' routability for - Services. In the future this may change upstream." + is implementation specific and MUST remain consistent for Gateways + with the same gatewayClassName \n Implementations MAY leave + this property unset. The routability MUST appear in the [GatewayStatusAddress]. + \n Implementations MUST clearly document if they support updates + to this field. The default expectation should be that changes + to this field are not supported unless an implementation specifies + otherwise. \n If a Gateway is mutated but does not support the + desired routability it MUST set the `Accepted` and `Programmed` + conditions to `False` with `Reason` set to `UnsupportedRoutability`." type: string type: object listeners: @@ -1243,9 +1235,9 @@ spec: MUST include an address that has the same routable semantics as defined in the Gateway spec. \n Implementations MAY add additional addresses in status, but they MUST be semantically less than the - scope of the requested scope. For example if a user requests a `Cluster` - routable Gateway then the list of addresses MUST NOT have a routability - of `Public` or `Private`." + scope of the requested scope. For example if a user requests a `Private` + routable Gateway then an additional address MAY have a routability + of `Cluster` but MUST NOT include `Private`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. @@ -1254,7 +1246,7 @@ spec: description: "Routability specifies the routable bounds of this address Predefined values are: 'Private', 'Public', Cluster Other values MUST have a vendor prefix. \n Implementations - that support Routability MUST populate this field" + that support Routability MUST populate this field \n " type: string type: default: IPAddress diff --git a/config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml b/config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml index 3b75523247..f0f252b6e7 100644 --- a/config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml +++ b/config/crd/standard/gateway.networking.k8s.io_gatewayclasses.yaml @@ -215,24 +215,6 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map - routabilities: - description: "Routabilities specifies a list of supported routabilities - offered by the GatewayClass. The first entry in this list will be - the default routability used when Gateways of this class are created. - \n Implemenations MAY provide a pre-defined set of GatewayClasses - that limit the routability choices of a Gateway. \n Implementations - that support routability MUST populate this list with a subset of - the pre-defined [GatewayRoutability] values or vendored prefix values." - items: - description: "GatewayRoutablility represents the routability of - a Gateway \n The pre-defined values listed in this package can - be compared semantically. [GatewayRoutabilityPublic] has a larger - scope than [GatewayRoutabilityPrivate], while [GatewayRoutabilityPrivate] - has a larger scope than [GatewayRoutabilityCluster]. \n Implementations - can define custom routability values by specifying a vendor prefix - followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." - type: string - type: array type: object required: - spec @@ -433,24 +415,6 @@ spec: x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map - routabilities: - description: "Routabilities specifies a list of supported routabilities - offered by the GatewayClass. The first entry in this list will be - the default routability used when Gateways of this class are created. - \n Implemenations MAY provide a pre-defined set of GatewayClasses - that limit the routability choices of a Gateway. \n Implementations - that support routability MUST populate this list with a subset of - the pre-defined [GatewayRoutability] values or vendored prefix values." - items: - description: "GatewayRoutablility represents the routability of - a Gateway \n The pre-defined values listed in this package can - be compared semantically. [GatewayRoutabilityPublic] has a larger - scope than [GatewayRoutabilityPrivate], while [GatewayRoutabilityPrivate] - has a larger scope than [GatewayRoutabilityCluster]. \n Implementations - can define custom routability values by specifying a vendor prefix - followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." - type: string - type: array type: object required: - spec diff --git a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml index 575f678168..34c57207f1 100644 --- a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml @@ -103,32 +103,6 @@ spec: maxLength: 253 minLength: 1 type: string - infrastructure: - description: Infrastructure defines infrastructure level attributes - about this Gateway instance. - properties: - routability: - description: "Routability allows the Gateway to specify the accessibility - of it's addresses. Setting this property will override the default - value defined by the [GatewayClass] \n If the desired Gateway - routability is incompatible with the [GatewayClass] implementations - MUST set the condition `Accepted` to `False` with `Reason` set - to `UnsupportedRoutability`. \n The default value of routability - is implementation specific. It is RECOMMENDED that the default - routability remains consistent for Gateways with the same gatewayClassName - \n Implementations MAY leave this property unset and signal - the default routability in the [GatewayStatus] \n Implementations - MAY prevent end-users from updating the routability value of - a Gateway. If updates are allowed the semantics and behavior - will depend on the underlying implementation. If a Gateway is - mutated but does not support the desired routability it MUST - set the conditions `Accepted`, `Programmed` to `False` with - `Reason` set to `UnsupportedRoutability`. \n It is RECOMMENDED - that in-cluster gateways SHOULD NOT support 'Private' routability. - Kubernetes doesn't have a concept of 'Private' routability for - Services. In the future this may change upstream." - type: string - type: object listeners: description: "Listeners associated with this Gateway. Listeners define logical endpoints that are bound on this Gateway's addresses. At @@ -499,19 +473,13 @@ spec: MUST include an address that has the same routable semantics as defined in the Gateway spec. \n Implementations MAY add additional addresses in status, but they MUST be semantically less than the - scope of the requested scope. For example if a user requests a `Cluster` - routable Gateway then the list of addresses MUST NOT have a routability - of `Public` or `Private`." + scope of the requested scope. For example if a user requests a `Private` + routable Gateway then an additional address MAY have a routability + of `Cluster` but MUST NOT include `Private`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. properties: - routability: - description: "Routability specifies the routable bounds of this - address Predefined values are: 'Private', 'Public', Cluster - Other values MUST have a vendor prefix. \n Implementations - that support Routability MUST populate this field" - type: string type: default: IPAddress description: Type of the address. @@ -847,32 +815,6 @@ spec: maxLength: 253 minLength: 1 type: string - infrastructure: - description: Infrastructure defines infrastructure level attributes - about this Gateway instance. - properties: - routability: - description: "Routability allows the Gateway to specify the accessibility - of it's addresses. Setting this property will override the default - value defined by the [GatewayClass] \n If the desired Gateway - routability is incompatible with the [GatewayClass] implementations - MUST set the condition `Accepted` to `False` with `Reason` set - to `UnsupportedRoutability`. \n The default value of routability - is implementation specific. It is RECOMMENDED that the default - routability remains consistent for Gateways with the same gatewayClassName - \n Implementations MAY leave this property unset and signal - the default routability in the [GatewayStatus] \n Implementations - MAY prevent end-users from updating the routability value of - a Gateway. If updates are allowed the semantics and behavior - will depend on the underlying implementation. If a Gateway is - mutated but does not support the desired routability it MUST - set the conditions `Accepted`, `Programmed` to `False` with - `Reason` set to `UnsupportedRoutability`. \n It is RECOMMENDED - that in-cluster gateways SHOULD NOT support 'Private' routability. - Kubernetes doesn't have a concept of 'Private' routability for - Services. In the future this may change upstream." - type: string - type: object listeners: description: "Listeners associated with this Gateway. Listeners define logical endpoints that are bound on this Gateway's addresses. At @@ -1243,19 +1185,13 @@ spec: MUST include an address that has the same routable semantics as defined in the Gateway spec. \n Implementations MAY add additional addresses in status, but they MUST be semantically less than the - scope of the requested scope. For example if a user requests a `Cluster` - routable Gateway then the list of addresses MUST NOT have a routability - of `Public` or `Private`." + scope of the requested scope. For example if a user requests a `Private` + routable Gateway then an additional address MAY have a routability + of `Cluster` but MUST NOT include `Private`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. properties: - routability: - description: "Routability specifies the routable bounds of this - address Predefined values are: 'Private', 'Public', Cluster - Other values MUST have a vendor prefix. \n Implementations - that support Routability MUST populate this field" - type: string type: default: IPAddress description: Type of the address. From b526e0b6782ff83fec88ecc84794e36e7e144470 Mon Sep 17 00:00:00 2001 From: Dave Protasowski Date: Fri, 30 Jun 2023 10:08:43 -0400 Subject: [PATCH 08/19] Add validation for GatewayRoutability --- apis/v1beta1/gateway_types.go | 4 ++++ .../gateway.networking.k8s.io_gatewayclasses.yaml | 6 ++++++ .../gateway.networking.k8s.io_gateways.yaml | 12 ++++++++++++ geps/gep-1651.md | 4 ++++ 4 files changed, 26 insertions(+) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index 2dd53ce3d3..2ab656239f 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -187,6 +187,10 @@ type GatewayInfrastructure struct { // // Implementations can define custom routability values by specifying a vendor // prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`. +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +// +kubebuilder:validation:Pattern=`^Public|Private|Cluster|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-_]+$` type GatewayRoutability string const ( diff --git a/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml b/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml index 7040727813..f00c4e0c2b 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml @@ -231,6 +231,9 @@ spec: has a larger scope than [GatewayRoutabilityCluster]. \n Implementations can define custom routability values by specifying a vendor prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." + maxLength: 253 + minLength: 1 + pattern: ^Public|Private|Cluster|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-_]+$ type: string maxItems: 8 type: array @@ -450,6 +453,9 @@ spec: has a larger scope than [GatewayRoutabilityCluster]. \n Implementations can define custom routability values by specifying a vendor prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." + maxLength: 253 + minLength: 1 + pattern: ^Public|Private|Cluster|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-_]+$ type: string maxItems: 8 type: array diff --git a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml index 4d24d68384..929c276fee 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml @@ -123,6 +123,9 @@ spec: otherwise. \n If a Gateway is mutated but does not support the desired routability it MUST set the `Accepted` and `Programmed` conditions to `False` with `Reason` set to `UnsupportedRoutability`." + maxLength: 253 + minLength: 1 + pattern: ^Public|Private|Cluster|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-_]+$ type: string type: object listeners: @@ -507,6 +510,9 @@ spec: address Predefined values are: 'Private', 'Public', Cluster Other values MUST have a vendor prefix. \n Implementations that support Routability MUST populate this field \n " + maxLength: 253 + minLength: 1 + pattern: ^Public|Private|Cluster|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-_]+$ type: string type: default: IPAddress @@ -863,6 +869,9 @@ spec: otherwise. \n If a Gateway is mutated but does not support the desired routability it MUST set the `Accepted` and `Programmed` conditions to `False` with `Reason` set to `UnsupportedRoutability`." + maxLength: 253 + minLength: 1 + pattern: ^Public|Private|Cluster|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-_]+$ type: string type: object listeners: @@ -1247,6 +1256,9 @@ spec: address Predefined values are: 'Private', 'Public', Cluster Other values MUST have a vendor prefix. \n Implementations that support Routability MUST populate this field \n " + maxLength: 253 + minLength: 1 + pattern: ^Public|Private|Cluster|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-_]+$ type: string type: default: IPAddress diff --git a/geps/gep-1651.md b/geps/gep-1651.md index 132d37fcd3..e4f4faebe7 100644 --- a/geps/gep-1651.md +++ b/geps/gep-1651.md @@ -91,6 +91,10 @@ MAY choose to leave the old Gateway running with the previous generation's confi // // Implementations can define custom routability values by specifying a vendor // prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`. +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=253 +// +kubebuilder:validation:Pattern=`^Public|Private|Cluster|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-_]+$` type GatewayRoutability string const ( From 0383cd583150503e6e22fa42e0cfa9a0e4042200 Mon Sep 17 00:00:00 2001 From: Dave Protasowski Date: Fri, 30 Jun 2023 10:31:21 -0400 Subject: [PATCH 09/19] drop godoc link where it's broken in the gateway api docs --- apis/v1beta1/gateway_types.go | 13 ++++++------- apis/v1beta1/gatewayclass_types.go | 2 +- ...gateway.networking.k8s.io_gatewayclasses.yaml | 14 ++++++-------- .../gateway.networking.k8s.io_gateways.yaml | 16 ++++++++-------- .../gateway.networking.k8s.io_gateways.yaml | 4 ++-- geps/gep-1651.md | 11 +++++------ 6 files changed, 28 insertions(+), 32 deletions(-) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index 2ab656239f..d9a6b7a273 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -157,15 +157,15 @@ type GatewaySpec struct { // GatewayInfrastructure defines infrastructure level attributes about a Gateway type GatewayInfrastructure struct { // Routability allows the Gateway to specify the accessibility of its addresses. Setting - // this property will override the default value defined by the [GatewayClass]. + // this property will override the default value defined by the GatewayClass. // - // If the desired Gateway routability is incompatible with the [GatewayClass] implementations + // If the desired Gateway routability is incompatible with the GatewayClass implementations // MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. // // The default value of routability is implementation specific and MUST remain consistent for // Gateways with the same gatewayClassName // - // Implementations MAY leave this property unset. The routability MUST appear in the [GatewayStatusAddress]. + // Implementations MAY leave this property unset. The routability MUST appear in the GatewayStatusAddress. // // Implementations MUST clearly document if they support updates to this field. The default // expectation should be that changes to this field are not supported unless an implementation @@ -181,9 +181,8 @@ type GatewayInfrastructure struct { // GatewayRoutablility represents the routability of a Gateway // // The pre-defined values listed in this package can be compared semantically. -// [GatewayRoutabilityPublic] has a larger scope than [GatewayRoutabilityPrivate], -// while [GatewayRoutabilityPrivate] has a larger scope than -// [GatewayRoutabilityCluster]. +// `Public` has a larger scope than `Private`, while `Private` has a larger scope than +// `Cluster`. // // Implementations can define custom routability values by specifying a vendor // prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`. @@ -581,7 +580,7 @@ type GatewayStatus struct { // addresses in the Spec, e.g. if the Gateway automatically // assigns an address from a reserved pool. // - // Implementations that support [GatewayRoutability] MUST include an address + // Implementations that support GatewayRoutability MUST include an address // that has the same routable semantics as defined in the Gateway spec. // // Implementations MAY add additional addresses in status, but they MUST be diff --git a/apis/v1beta1/gatewayclass_types.go b/apis/v1beta1/gatewayclass_types.go index 4381ef037d..475d060ca3 100644 --- a/apis/v1beta1/gatewayclass_types.go +++ b/apis/v1beta1/gatewayclass_types.go @@ -190,7 +190,7 @@ type GatewayClassStatus struct { // Implemenations MAY provide a pre-defined set of GatewayClasses that // limit the routability choices of a Gateway. // - // Implementations MUST populate this list with the [GatewayRoutability] values + // Implementations MUST populate this list with the GatewayRoutability values // that are supported by this GatewayClass. // // +optional diff --git a/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml b/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml index f00c4e0c2b..5694dfc2c3 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml @@ -221,14 +221,13 @@ spec: the default routability used when Gateways of this class are created. \n Implemenations MAY provide a pre-defined set of GatewayClasses that limit the routability choices of a Gateway. \n Implementations - MUST populate this list with the [GatewayRoutability] values that + MUST populate this list with the GatewayRoutability values that are supported by this GatewayClass. \n " items: description: "GatewayRoutablility represents the routability of a Gateway \n The pre-defined values listed in this package can - be compared semantically. [GatewayRoutabilityPublic] has a larger - scope than [GatewayRoutabilityPrivate], while [GatewayRoutabilityPrivate] - has a larger scope than [GatewayRoutabilityCluster]. \n Implementations + be compared semantically. `Public` has a larger scope than `Private`, + while `Private` has a larger scope than `Cluster`. \n Implementations can define custom routability values by specifying a vendor prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." maxLength: 253 @@ -443,14 +442,13 @@ spec: the default routability used when Gateways of this class are created. \n Implemenations MAY provide a pre-defined set of GatewayClasses that limit the routability choices of a Gateway. \n Implementations - MUST populate this list with the [GatewayRoutability] values that + MUST populate this list with the GatewayRoutability values that are supported by this GatewayClass. \n " items: description: "GatewayRoutablility represents the routability of a Gateway \n The pre-defined values listed in this package can - be compared semantically. [GatewayRoutabilityPublic] has a larger - scope than [GatewayRoutabilityPrivate], while [GatewayRoutabilityPrivate] - has a larger scope than [GatewayRoutabilityCluster]. \n Implementations + be compared semantically. `Public` has a larger scope than `Private`, + while `Private` has a larger scope than `Cluster`. \n Implementations can define custom routability values by specifying a vendor prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`." maxLength: 253 diff --git a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml index 929c276fee..95b781e765 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml @@ -110,13 +110,13 @@ spec: routability: description: "Routability allows the Gateway to specify the accessibility of its addresses. Setting this property will override the default - value defined by the [GatewayClass]. \n If the desired Gateway - routability is incompatible with the [GatewayClass] implementations + value defined by the GatewayClass. \n If the desired Gateway + routability is incompatible with the GatewayClass implementations MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. \n The default value of routability is implementation specific and MUST remain consistent for Gateways with the same gatewayClassName \n Implementations MAY leave - this property unset. The routability MUST appear in the [GatewayStatusAddress]. + this property unset. The routability MUST appear in the GatewayStatusAddress. \n Implementations MUST clearly document if they support updates to this field. The default expectation should be that changes to this field are not supported unless an implementation specifies @@ -494,7 +494,7 @@ spec: description: "Addresses lists the IP addresses that have actually been bound to the Gateway. These addresses may differ from the addresses in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. \n Implementations that support [GatewayRoutability] + from a reserved pool. \n Implementations that support GatewayRoutability MUST include an address that has the same routable semantics as defined in the Gateway spec. \n Implementations MAY add additional addresses in status, but they MUST be semantically less than the @@ -856,13 +856,13 @@ spec: routability: description: "Routability allows the Gateway to specify the accessibility of its addresses. Setting this property will override the default - value defined by the [GatewayClass]. \n If the desired Gateway - routability is incompatible with the [GatewayClass] implementations + value defined by the GatewayClass. \n If the desired Gateway + routability is incompatible with the GatewayClass implementations MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. \n The default value of routability is implementation specific and MUST remain consistent for Gateways with the same gatewayClassName \n Implementations MAY leave - this property unset. The routability MUST appear in the [GatewayStatusAddress]. + this property unset. The routability MUST appear in the GatewayStatusAddress. \n Implementations MUST clearly document if they support updates to this field. The default expectation should be that changes to this field are not supported unless an implementation specifies @@ -1240,7 +1240,7 @@ spec: description: "Addresses lists the IP addresses that have actually been bound to the Gateway. These addresses may differ from the addresses in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. \n Implementations that support [GatewayRoutability] + from a reserved pool. \n Implementations that support GatewayRoutability MUST include an address that has the same routable semantics as defined in the Gateway spec. \n Implementations MAY add additional addresses in status, but they MUST be semantically less than the diff --git a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml index 34c57207f1..dbe6d02bfe 100644 --- a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml @@ -469,7 +469,7 @@ spec: description: "Addresses lists the IP addresses that have actually been bound to the Gateway. These addresses may differ from the addresses in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. \n Implementations that support [GatewayRoutability] + from a reserved pool. \n Implementations that support GatewayRoutability MUST include an address that has the same routable semantics as defined in the Gateway spec. \n Implementations MAY add additional addresses in status, but they MUST be semantically less than the @@ -1181,7 +1181,7 @@ spec: description: "Addresses lists the IP addresses that have actually been bound to the Gateway. These addresses may differ from the addresses in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. \n Implementations that support [GatewayRoutability] + from a reserved pool. \n Implementations that support GatewayRoutability MUST include an address that has the same routable semantics as defined in the Gateway spec. \n Implementations MAY add additional addresses in status, but they MUST be semantically less than the diff --git a/geps/gep-1651.md b/geps/gep-1651.md index e4f4faebe7..5c3991b84e 100644 --- a/geps/gep-1651.md +++ b/geps/gep-1651.md @@ -85,9 +85,8 @@ MAY choose to leave the old Gateway running with the previous generation's confi // GatewayRoutablility represents the routability of a Gateway // // The pre-defined values listed in this package can be compared semantically. -// [GatewayRoutabilityPublic] has a larger scope than [GatewayRoutabilityPrivate], -// while [GatewayRoutabilityPrivate] has a larger scope than -// [GatewayRoutabilityCluster]. +// `Public` has a larger scope than `Private`, while `Private` has a larger scope than +// `Cluster`. // // Implementations can define custom routability values by specifying a vendor // prefix followed by a slash '/' and a custom name ie. `dev.example.com/my-routability`. @@ -127,15 +126,15 @@ type GatewaySpec struct { } type GatewayInfrastructure struct { // Routability allows the Gateway to specify the accessibility of its addresses. Setting - // this property will override the default value defined by the [GatewayClass]. + // this property will override the default value defined by the GatewayClass. // - // If the desired Gateway routability is incompatible with the [GatewayClass] implementations + // If the desired Gateway routability is incompatible with the GatewayClass implementations // MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. // The default value of routability is implementation specific and MUST remains consistent for // Gateways with the same gatewayClassName // - // Implementations MAY leave this property unset. The routability MUST appear in the [GatewayStatusAddress] + // Implementations MAY leave this property unset. The routability MUST appear in the GatewayStatusAddress // // Implementations MAY prevent end-users from updating the routability value of a Gateway. // If updates are allowed the semantics and behaviour will depend on the underlying implementation. From 41f5ffa88ba43c2b72986afb166f2c5314c8516d Mon Sep 17 00:00:00 2001 From: Dave Protasowski Date: Fri, 30 Jun 2023 10:31:35 -0400 Subject: [PATCH 10/19] fix indentation in the GEP --- geps/gep-1651.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/geps/gep-1651.md b/geps/gep-1651.md index 5c3991b84e..d96f90cf1b 100644 --- a/geps/gep-1651.md +++ b/geps/gep-1651.md @@ -158,10 +158,10 @@ type GatewayStatus struct { // Implementations that support Gateway routability MUST include an address // that has the same routable semantics as defined in the Gateway spec. // - // Implementations MAY add additional addresses in status, but they MUST be - // semantically less than the scope of the requested scope. For example if a - // user requests a `Private` routable Gateway then an additional address MAY - // have a routability of `Cluster` but MUST NOT include `Private`. + // Implementations MAY add additional addresses in status, but they MUST be + // semantically less than the scope of the requested scope. For example if a + // user requests a `Private` routable Gateway then an additional address MAY + // have a routability of `Cluster` but MUST NOT include `Private`. // // +optional // +kubebuilder:validation:MaxItems=16 @@ -191,13 +191,13 @@ type GatewayClassStatus struct { // Implemenations MAY provide a pre-defined set of GatewayClasses that // limit the routability choices of a Gateway. // - // Implementations that support routability MUST populate this list with - // a subset of the pre-defined [GatewayRoutability] values or vendored - // prefix values. + // Implementations that support routability MUST populate this list with + // a subset of the pre-defined GatewayRoutability values or vendored + // prefix values. // // +optional - // +kubebuilder:validation:MaxItems=8 - // + // +kubebuilder:validation:MaxItems=8 + // Routabilities []GatewayRoutability `json:"routabilities"` } ``` From 7630acf4b0cf655b7074515051036c5fb081d878 Mon Sep 17 00:00:00 2001 From: dprotaso Date: Fri, 30 Jun 2023 17:52:32 -0400 Subject: [PATCH 11/19] address nits --- apis/v1beta1/gateway_types.go | 3 +-- mkdocs.yml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index d9a6b7a273..cfc7401f6a 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -165,7 +165,7 @@ type GatewayInfrastructure struct { // The default value of routability is implementation specific and MUST remain consistent for // Gateways with the same gatewayClassName // - // Implementations MAY leave this property unset. The routability MUST appear in the GatewayStatusAddress. + // Implementations MAY leave this property unset. // // Implementations MUST clearly document if they support updates to this field. The default // expectation should be that changes to this field are not supported unless an implementation @@ -207,7 +207,6 @@ const ( // Kubernetes doesn't have a concept of 'Private' routability for Services. In the future this may // change upstream. // - // // Support: Extended GatewayRoutabilityPrivate GatewayRoutability = "Private" diff --git a/mkdocs.yml b/mkdocs.yml index 4aad0124ea..9c0bf0ad9c 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -95,8 +95,8 @@ nav: - geps/gep-1686.md - geps/gep-1426.md - Experimental: - - geps/gep-1651.md - geps/gep-1748.md + - geps/gep-1651.md - geps/gep-1016.md - geps/gep-957.md - geps/gep-713.md From 9beefeb710bec1d8bf0a4e14fc387f7e0ae8263d Mon Sep 17 00:00:00 2001 From: dprotaso Date: Fri, 30 Jun 2023 18:10:36 -0400 Subject: [PATCH 12/19] add invalid examples --- .../v1beta1/gateway/invalid-routability.yaml | 51 +++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 hack/invalid-examples/v1beta1/gateway/invalid-routability.yaml diff --git a/hack/invalid-examples/v1beta1/gateway/invalid-routability.yaml b/hack/invalid-examples/v1beta1/gateway/invalid-routability.yaml new file mode 100644 index 0000000000..ad99644dbc --- /dev/null +++ b/hack/invalid-examples/v1beta1/gateway/invalid-routability.yaml @@ -0,0 +1,51 @@ +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: Gateway +metadata: + name: routability-bad-constant +spec: + gatewayClassName: acme-lb + infrastructure: + routability: NotAValidValue + listeners: + - name: http + protocol: HTTP + port: 80 +--- +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: Gateway +metadata: + name: routability-missing-slash-and-suffix +spec: + gatewayClassName: acme-lb + infrastructure: + routability: invalid.prefix.requires.a.slash + listeners: + - name: http + protocol: HTTP + port: 80 +--- +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: Gateway +metadata: + name: routability-missing-suffix +spec: + gatewayClassName: acme-lb + infrastructure: + routability: invalid.prefix.requires.a.slash.and.text/ + listeners: + - name: http + protocol: HTTP + port: 80 +--- +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: Gateway +metadata: + name: routability-vendor-suffix-invalid-character +spec: + gatewayClassName: acme-lb + infrastructure: + routability: some.vendor.prefix/bad!! + listeners: + - name: http + protocol: HTTP + port: 80 From 343d6bd0b7d704bdcf0f3a7458c811a502fb1b59 Mon Sep 17 00:00:00 2001 From: dprotaso Date: Fri, 30 Jun 2023 18:11:44 -0400 Subject: [PATCH 13/19] bump kind to v0.20.0 --- hack/verify-examples-kind.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/verify-examples-kind.sh b/hack/verify-examples-kind.sh index e5d5e9c7c2..4a2eef2f0d 100755 --- a/hack/verify-examples-kind.sh +++ b/hack/verify-examples-kind.sh @@ -49,7 +49,7 @@ trap cleanup INT TERM res=0 # Install kind -(cd $GOPATH && go install sigs.k8s.io/kind@v0.17.0) || res=$? +(cd $GOPATH && go install sigs.k8s.io/kind@v0.20.0) || res=$? # Create cluster KIND_CREATE_ATTEMPTED=true From e22a87e247bf4eb2cd67790bb12d92e49af09ed2 Mon Sep 17 00:00:00 2001 From: dprotaso Date: Fri, 30 Jun 2023 18:14:55 -0400 Subject: [PATCH 14/19] add working examples --- .../experimental/routability/gateways.yaml | 38 +++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 examples/experimental/routability/gateways.yaml diff --git a/examples/experimental/routability/gateways.yaml b/examples/experimental/routability/gateways.yaml new file mode 100644 index 0000000000..8178015ea4 --- /dev/null +++ b/examples/experimental/routability/gateways.yaml @@ -0,0 +1,38 @@ +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: Gateway +metadata: + name: public-gateway +spec: + gatewayClassName: acme-lb + infrastructure: + routability: Public + listeners: + - name: http + protocol: HTTP + port: 80 +--- +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: Gateway +metadata: + name: private-gateway +spec: + gatewayClassName: acme-lb + infrastructure: + routability: Private + listeners: + - name: http + protocol: HTTP + port: 80 +--- +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: Gateway +metadata: + name: cluster-local-gateway +spec: + gatewayClassName: acme-lb + infrastructure: + routability: Cluster + listeners: + - name: http + protocol: HTTP + port: 80 From 8409a5490f3cffe8e1e0bebc774214f57587bc0b Mon Sep 17 00:00:00 2001 From: dprotaso Date: Fri, 30 Jun 2023 18:30:49 -0400 Subject: [PATCH 15/19] drop clause about implementations may default spec.infrastructure.routability --- apis/v1beta1/gateway_types.go | 3 -- .../gateway.networking.k8s.io_gateways.yaml | 30 +++++++++---------- geps/gep-1651.md | 5 +--- 3 files changed, 15 insertions(+), 23 deletions(-) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index cfc7401f6a..5ce4eb6065 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -165,8 +165,6 @@ type GatewayInfrastructure struct { // The default value of routability is implementation specific and MUST remain consistent for // Gateways with the same gatewayClassName // - // Implementations MAY leave this property unset. - // // Implementations MUST clearly document if they support updates to this field. The default // expectation should be that changes to this field are not supported unless an implementation // specifies otherwise. @@ -587,7 +585,6 @@ type GatewayStatus struct { // user requests a `Private` routable Gateway then an additional address MAY // have a routability of `Cluster` but MUST NOT include `Private`. // - // // +optional // +kubebuilder:validation:MaxItems=16 Addresses []GatewayStatusAddress `json:"addresses,omitempty"` diff --git a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml index 95b781e765..388ed0f393 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml @@ -115,14 +115,13 @@ spec: MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. \n The default value of routability is implementation specific and MUST remain consistent for Gateways - with the same gatewayClassName \n Implementations MAY leave - this property unset. The routability MUST appear in the GatewayStatusAddress. - \n Implementations MUST clearly document if they support updates - to this field. The default expectation should be that changes - to this field are not supported unless an implementation specifies - otherwise. \n If a Gateway is mutated but does not support the - desired routability it MUST set the `Accepted` and `Programmed` - conditions to `False` with `Reason` set to `UnsupportedRoutability`." + with the same gatewayClassName \n Implementations MUST clearly + document if they support updates to this field. The default + expectation should be that changes to this field are not supported + unless an implementation specifies otherwise. \n If a Gateway + is mutated but does not support the desired routability it MUST + set the `Accepted` and `Programmed` conditions to `False` with + `Reason` set to `UnsupportedRoutability`." maxLength: 253 minLength: 1 pattern: ^Public|Private|Cluster|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-_]+$ @@ -861,14 +860,13 @@ spec: MUST set the condition `Accepted` to `False` with `Reason` set to `UnsupportedRoutability`. \n The default value of routability is implementation specific and MUST remain consistent for Gateways - with the same gatewayClassName \n Implementations MAY leave - this property unset. The routability MUST appear in the GatewayStatusAddress. - \n Implementations MUST clearly document if they support updates - to this field. The default expectation should be that changes - to this field are not supported unless an implementation specifies - otherwise. \n If a Gateway is mutated but does not support the - desired routability it MUST set the `Accepted` and `Programmed` - conditions to `False` with `Reason` set to `UnsupportedRoutability`." + with the same gatewayClassName \n Implementations MUST clearly + document if they support updates to this field. The default + expectation should be that changes to this field are not supported + unless an implementation specifies otherwise. \n If a Gateway + is mutated but does not support the desired routability it MUST + set the `Accepted` and `Programmed` conditions to `False` with + `Reason` set to `UnsupportedRoutability`." maxLength: 253 minLength: 1 pattern: ^Public|Private|Cluster|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-_]+$ diff --git a/geps/gep-1651.md b/geps/gep-1651.md index d96f90cf1b..4944de7ecf 100644 --- a/geps/gep-1651.md +++ b/geps/gep-1651.md @@ -65,8 +65,7 @@ The default value of `routability` is implementation specific. It is RECOMMENDED the default `routability` remains consistent for Gateways with the same `gatewayClassName`. -Implementations MAY leave the `spec.infrastructure.routability` property unset and instead -signal the default routability using the Gateway's `status.addresses`. See 'Status Addresses` +Implementations MUST signal the default routability using the Gateway's `status.addresses`. See 'Status Addresses` for more details. ### Mutability @@ -134,8 +133,6 @@ type GatewayInfrastructure struct { // The default value of routability is implementation specific and MUST remains consistent for // Gateways with the same gatewayClassName // - // Implementations MAY leave this property unset. The routability MUST appear in the GatewayStatusAddress - // // Implementations MAY prevent end-users from updating the routability value of a Gateway. // If updates are allowed the semantics and behaviour will depend on the underlying implementation. // If a Gateway is mutated but does not support the desired routability it MUST set `Accepted` From a134e5680cd6ea328e0cb78498a6f9ccc601252e Mon Sep 17 00:00:00 2001 From: dprotaso Date: Tue, 11 Jul 2023 11:52:00 -0400 Subject: [PATCH 16/19] move UnsupportedReason to a different block --- apis/v1beta1/gateway_types.go | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index 5ce4eb6065..7e274a1ef8 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -627,12 +627,6 @@ type GatewayConditionType string // particular Gateway condition type has been raised. type GatewayConditionReason string -const ( - // This reason is used with "Programmed" and "Accepted" conditions when - // desired routability is not able to be fulfilled by the implementation - GatewayUnsupportedRoutability GatewayConditionReason = "UnsupportedRoutability" -) - const ( // This condition indicates whether a Gateway has generated some // configuration that is assumed to be ready soon in the underlying data @@ -683,6 +677,10 @@ const ( // express a range of circumstances, including (but not limited to) IPAM // address exhaustion, address not yet allocated, or a named address not being found. GatewayReasonAddressNotAssigned GatewayConditionReason = "AddressNotAssigned" + + // This reason is used with "Programmed" and "Accepted" conditions when + // desired routability is not able to be fulfilled by the implementation + GatewayUnsupportedRoutability GatewayConditionReason = "UnsupportedRoutability" ) const ( From aa38cae12fc9bd374b11931d62bb80e0c8e50776 Mon Sep 17 00:00:00 2001 From: dprotaso Date: Tue, 11 Jul 2023 11:52:16 -0400 Subject: [PATCH 17/19] fix typos --- apis/v1beta1/gatewayclass_types.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apis/v1beta1/gatewayclass_types.go b/apis/v1beta1/gatewayclass_types.go index 475d060ca3..7a5055a76c 100644 --- a/apis/v1beta1/gatewayclass_types.go +++ b/apis/v1beta1/gatewayclass_types.go @@ -187,7 +187,7 @@ type GatewayClassStatus struct { // the GatewayClass. The first entry in this list will be the default // routability used when Gateways of this class are created. // - // Implemenations MAY provide a pre-defined set of GatewayClasses that + // Implementations MAY provide a pre-defined set of GatewayClasses that // limit the routability choices of a Gateway. // // Implementations MUST populate this list with the GatewayRoutability values From 7e87970be489cdbfefb48fe5005e7ea7d9661adb Mon Sep 17 00:00:00 2001 From: dprotaso Date: Tue, 11 Jul 2023 11:55:29 -0400 Subject: [PATCH 18/19] fix example --- apis/v1beta1/gateway_types.go | 2 +- geps/gep-1651.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apis/v1beta1/gateway_types.go b/apis/v1beta1/gateway_types.go index 7e274a1ef8..ad0048e6eb 100644 --- a/apis/v1beta1/gateway_types.go +++ b/apis/v1beta1/gateway_types.go @@ -583,7 +583,7 @@ type GatewayStatus struct { // Implementations MAY add additional addresses in status, but they MUST be // semantically less than the scope of the requested scope. For example if a // user requests a `Private` routable Gateway then an additional address MAY - // have a routability of `Cluster` but MUST NOT include `Private`. + // have a routability of `Cluster` but MUST NOT include `Public`. // // +optional // +kubebuilder:validation:MaxItems=16 diff --git a/geps/gep-1651.md b/geps/gep-1651.md index 4944de7ecf..2d3f3dba7a 100644 --- a/geps/gep-1651.md +++ b/geps/gep-1651.md @@ -158,7 +158,7 @@ type GatewayStatus struct { // Implementations MAY add additional addresses in status, but they MUST be // semantically less than the scope of the requested scope. For example if a // user requests a `Private` routable Gateway then an additional address MAY - // have a routability of `Cluster` but MUST NOT include `Private`. + // have a routability of `Cluster` but MUST NOT include `Public`. // // +optional // +kubebuilder:validation:MaxItems=16 From 843e93832e8bf7783df04d26b693d65d037afde6 Mon Sep 17 00:00:00 2001 From: dprotaso Date: Tue, 11 Jul 2023 12:12:19 -0400 Subject: [PATCH 19/19] run codegen --- .../gateway.networking.k8s.io_gatewayclasses.yaml | 4 ++-- .../crd/experimental/gateway.networking.k8s.io_gateways.yaml | 4 ++-- config/crd/standard/gateway.networking.k8s.io_gateways.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml b/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml index 5694dfc2c3..720d5f648f 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gatewayclasses.yaml @@ -219,7 +219,7 @@ spec: description: "Routabilities specifies a list of supported routabilities offered by the GatewayClass. The first entry in this list will be the default routability used when Gateways of this class are created. - \n Implemenations MAY provide a pre-defined set of GatewayClasses + \n Implementations MAY provide a pre-defined set of GatewayClasses that limit the routability choices of a Gateway. \n Implementations MUST populate this list with the GatewayRoutability values that are supported by this GatewayClass. \n " @@ -440,7 +440,7 @@ spec: description: "Routabilities specifies a list of supported routabilities offered by the GatewayClass. The first entry in this list will be the default routability used when Gateways of this class are created. - \n Implemenations MAY provide a pre-defined set of GatewayClasses + \n Implementations MAY provide a pre-defined set of GatewayClasses that limit the routability choices of a Gateway. \n Implementations MUST populate this list with the GatewayRoutability values that are supported by this GatewayClass. \n " diff --git a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml index 388ed0f393..d57c67524c 100644 --- a/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/experimental/gateway.networking.k8s.io_gateways.yaml @@ -499,7 +499,7 @@ spec: addresses in status, but they MUST be semantically less than the scope of the requested scope. For example if a user requests a `Private` routable Gateway then an additional address MAY have a routability - of `Cluster` but MUST NOT include `Private`." + of `Cluster` but MUST NOT include `Public`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. @@ -1244,7 +1244,7 @@ spec: addresses in status, but they MUST be semantically less than the scope of the requested scope. For example if a user requests a `Private` routable Gateway then an additional address MAY have a routability - of `Cluster` but MUST NOT include `Private`." + of `Cluster` but MUST NOT include `Public`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. diff --git a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml index dbe6d02bfe..48df44fd62 100644 --- a/config/crd/standard/gateway.networking.k8s.io_gateways.yaml +++ b/config/crd/standard/gateway.networking.k8s.io_gateways.yaml @@ -475,7 +475,7 @@ spec: addresses in status, but they MUST be semantically less than the scope of the requested scope. For example if a user requests a `Private` routable Gateway then an additional address MAY have a routability - of `Cluster` but MUST NOT include `Private`." + of `Cluster` but MUST NOT include `Public`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway. @@ -1187,7 +1187,7 @@ spec: addresses in status, but they MUST be semantically less than the scope of the requested scope. For example if a user requests a `Private` routable Gateway then an additional address MAY have a routability - of `Cluster` but MUST NOT include `Private`." + of `Cluster` but MUST NOT include `Public`." items: description: GatewayStatusAddress describes an address that is bound to a Gateway.