Skip to content

Add GAMMA support to Cilium Operator #32744

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jun 4, 2024
Merged

Add GAMMA support to Cilium Operator #32744

merged 4 commits into from
Jun 4, 2024

Conversation

youngnick
Copy link
Contributor

Adds a separate ingestion step for GAMMA objects, with predicates added to both the GAMMA ingestion and the standard Gateway API ingestion to ensure that each only sees relevant HTTPRoute updates.

GAMMA listeners use the existing Gateway API translator, some changes have been made there:

  • Add the HTTPRoute as a second source to each Listener in the model.Model, which allows the HTTPRoute to be set as the
    owner of the generated CiliumEnvoyConfig.
  • GAMMA conformance requires supporting the Port field in parentRef. This adds support for this for GAMMA only.
    This change also does groundwork necessary to support the Gateway API feature HTTPRouteListenerPortMatching
    for regular Gateway API objects, which allows HTTPRoutes to select Gateway parents using the Port field in parentRef.
    A followup PR will implement this feature.

As part of this GAMMA work, we now support the GatewayPort8080 Gateway API feature, which allows the use of ports other than 80 or 443 as well, so that is now added to the conformance test workflow.

The MeshConsumerRoute feature cannot be supported without significant changes to the model (it requires egress
CiliumEnvoyConfigs, which are still being worked on.)

Fixes: #22512

Cilium now supports the Gateway API GAMMA initiative, allowing configuration of east-west Layer 7 interception using simpler resources.

@youngnick youngnick requested review from a team as code owners May 28, 2024 03:33
@youngnick youngnick requested review from sayboras, a user and aanm May 28, 2024 03:33
@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label May 28, 2024
@youngnick youngnick force-pushed the smash-gamma branch 4 times, most recently from 8bbf9b9 to 82e074d Compare May 28, 2024 04:07
@youngnick youngnick added the release-note/major This PR introduces major new functionality to Cilium. label May 28, 2024
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label May 28, 2024
@youngnick youngnick added release-note/minor This PR changes functionality that users may find relevant to operating Cilium. and removed release-note/major This PR introduces major new functionality to Cilium. labels May 28, 2024
@youngnick
Copy link
Contributor Author

/test

@sayboras sayboras added release-note/major This PR introduces major new functionality to Cilium. and removed release-note/minor This PR changes functionality that users may find relevant to operating Cilium. labels May 28, 2024
@sayboras
Copy link
Member

Change this to release-note/major due to the huge interest from users.

aanm
aanm requested changes May 29, 2024
View reviewed changes
xtineskim
xtineskim reviewed May 29, 2024
View reviewed changes
@youngnick youngnick requested a review from aanm May 30, 2024 06:29
@youngnick
Copy link
Contributor Author

/test

aanm
aanm requested changes May 30, 2024
View reviewed changes
This was referenced May 31, 2024
Closed
Closed
@youngnick
Copy link
Contributor Author

/test

@youngnick youngnick requested a review from aanm June 3, 2024 11:56
sayboras
sayboras reviewed Jun 4, 2024
View reviewed changes
Copy link
Member

@sayboras sayboras left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Couple of comments as per below.

Not sure if we need to split the the commit 1a8d2fe and merge change into respective parent commit.

Also, the last commit 09ff2d4 can be merged into the one added getServicerWithPorts method.

youngnick added 3 commits June 4, 2024 18:03
@youngnick
Add GAMMA support to Cilium Operator
2bd9eb2 
This first commit adds support for reconciling GAMMA HTTPRoute
objects, updates the status.

Also adds GAMMA reconciler parent checks.

Signed-off-by: Nick Young <nick@isovalent.com>
@youngnick
Add support for GAMMA ingestion
64c030a 
GAMMA objects will now be correctly ingested,
with predicates added to both the GAMMA
ingestion and the standard Gateway API ingestion
to ensure that each only sees relevant HTTPRoute
updates.

Signed-off-by: Nick Young <nick@isovalent.com>
@youngnick
Initial working implementation, passes half of the conformance tests
5c166ae 
This also adds the HTTPRoute as a second source to each Listener
in the model.Model, which allows the HTTPRoute to be set as the
owner of the generated CiliumEnvoyConfig.

Signed-off-by: Nick Young <nick@isovalent.com>
ghost
ghost approved these changes Jun 4, 2024
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left one docs suggestion, but not blocking.

aanm
aanm approved these changes Jun 4, 2024
View reviewed changes
Copy link
Member

@aanm aanm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nothing is blocking.

@aanm
Copy link
Member

aanm commented Jun 4, 2024

/test

@youngnick
Completed GAMMA implementation, includes basic docs
b39cb9d 
Updates Gateway API conformance tests to include Mesh
tests.

GAMMA conformance requires supporting the Port field in
parentRef. This adds support for this for GAMMA only.
This change also does groundwork necessary
to support the Gateway API feature `HTTPRouteListenerPortMatching`
for regular Gateway API objects, which allows HTTPRoutes to select
Gateway parents using the Port field in parentRef.
A followup PR will implement this feature.

As part of the GAMMA work, we now support the GatewayPort8080
Gateway API feature as well, so that is now added to the
conformance test workflow.

The `MeshConsumerRoute` feature cannot be supported without
significant changes to the model (it requires _egress_
CiliumEnvoyConfigs, which are still being worked on.)

Mesh examples are left for a followup PR.

Dedicated Ingresses using a Nodeport need to _not_ have the
port set in their CiliumEnvoyConfig.

Added a test to verify this for the future.

Signed-off-by: Nick Young <nick@isovalent.com>
@youngnick
Copy link
Contributor Author

/test

@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Jun 4, 2024
sayboras
sayboras approved these changes Jun 4, 2024
View reviewed changes
Copy link
Member

@sayboras sayboras left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is awesome ✔️

@sayboras sayboras added this pull request to the merge queue Jun 4, 2024
Merged via the queue into cilium:main with commit 4121a2f Jun 4, 2024
@sayboras sayboras mentioned this pull request Jun 6, 2024
Closed
3 tasks
This was referenced Jun 7, 2024
Merged
Closed
@andjhop andjhop mentioned this pull request Sep 26, 2024
Closed
3 tasks
@youngnick youngnick mentioned this pull request Jun 2, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aanm aanm aanm approved these changes

@sayboras sayboras sayboras approved these changes

+2 more reviewers

@xtineskim xtineskim xtineskim left review comments

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/major This PR introduces major new functionality to Cilium.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

CFP: Implement Gateway API GAMMA constructs in Cilium Service Mesh
4 participants
@youngnick @sayboras @aanm @xtineskim