Fix issue with Envoy Deployment when optionally enabling route

Signed-off-by: Ricardo M. Oliveira <rmartine@redhat.com>
opendatahub-io · Aug 5, 2024 · 00ca6e3 · 00ca6e3
1 parent c8dfd9c
commit 00ca6e3
Show file tree

Hide file tree

Showing 16 changed files with 149 additions and 271 deletions.
diff --git a/.github/workflows/kind-integration.yml b/.github/workflows/kind-integration.yml
@@ -47,127 +47,4 @@ jobs:
       - name: Run test
         working-directory: ${{ github.workspace }}/.github/scripts/tests
         run: |
-          kubectl apply -f ${{ env.RESOURCES_DIR }}/crds
-          kubectl apply -f ${{ env.CONFIG_DIR }}/crd/external/route.openshift.io_routes.yaml
-
-      - name: Build image
-        env:
-          DSPO_IMAGE: ${{env.REGISTRY_ADDRESS}}/data-science-pipelines-operator
-        run: |
-          make podman-build -e IMG="${DSPO_IMAGE}"
-
-      - name: Create opendatahub namespace
-        run: |
-          kubectl create namespace opendatahub
-
-      - name: Deploy Argo Lite
-        working-directory: ${{ github.workspace }}/.github/resources/argo-lite
-        run: |
-          kustomize build . | kubectl apply -f -
-
-      - name: Deploy DSPO
-        env:
-          DSPO_IMAGE: ${{env.REGISTRY_ADDRESS}}/data-science-pipelines-operator
-        run: |
-          make podman-push -e IMG="${DSPO_IMAGE}"
-          make deploy-kind -e IMG="${DSPO_IMAGE}"
-
-      - name: Create Minio Namespace
-        run: |
-          kubectl create namespace ${{ env.MINIO_NAMESPACE }}
-
-      - name: Deploy Minio
-        working-directory: ${{ github.workspace }}/.github/resources/minio
-        run: |
-          kustomize build . |  oc -n ${{ env.MINIO_NAMESPACE }} apply -f -
-
-      - name: Create MariaDB Namespace
-        run: |
-          kubectl create namespace ${{ env.MARIADB_NAMESPACE }}
-
-      - name: Deploy MariaDB
-        working-directory: ${{ github.workspace }}/.github/resources/mariadb
-        run: |
-          kustomize build . |  oc -n ${{ env.MARIADB_NAMESPACE }} apply -f -
-
-      - name: Create Pypiserver Namespace
-        run: |
-          kubectl create namespace ${{ env.PYPISERVER_NAMESPACE }}
-
-      - name: Deploy pypi-server
-        working-directory: ${{ github.workspace }}/.github/resources/pypiserver/base
-        run: |
-          kustomize build . | oc -n ${{ env.PYPISERVER_NAMESPACE }} apply -f -
-
-      - name: Wait for Dependencies (DSPO, Minio, Mariadb, Pypi server)
-        run: |
-          kubectl wait -n opendatahub --timeout=60s --for=condition=Available=true deployment data-science-pipelines-operator-controller-manager
-          kubectl wait -n ${{ env.MARIADB_NAMESPACE }} --timeout=60s --for=condition=Available=true deployment mariadb
-          kubectl wait -n ${{ env.MINIO_NAMESPACE }} --timeout=60s --for=condition=Available=true deployment minio
-          kubectl wait -n ${{ env.PYPISERVER_NAMESPACE }} --timeout=60s --for=condition=Available=true deployment pypi-server
-
-      - name: Upload Python Packages to pypi-server
-        working-directory: ${{ github.workspace }}/.github/scripts/python_package_upload
-        run: |
-          sh package_upload.sh
-
-      - name: Create DSPA Namespace
-        run: |
-          kubectl create namespace ${{ env.DSPA_NAMESPACE }}
-
-      - name: Create Namespace for DSPA with External connections
-        run: |
-          kubectl create namespace ${{ env.DSPA_EXTERNAL_NAMESPACE }}
-
-      - name: Apply MariaDB and Minio Secrets and Configmaps in the External Namespace
-        working-directory: ${{ github.workspace }}/.github/resources/external-pre-reqs
-        run: |
-          kustomize build . |  oc -n ${{ env.DSPA_EXTERNAL_NAMESPACE }} apply -f -
-
-      - name: Apply PIP Server ConfigMap
-        env:
-          RESOURCES_DIR: ${{ github.workspace }}/.github/resources/pypiserver/base
-        run: |
-          kubectl apply -f $RESOURCES_DIR/nginx-tls-config.yaml -n ${{ env.DSPA_NAMESPACE }}
-
-      - name: Run tests
-        working-directory: ${{ github.workspace }}
-        env:
-          NAMESPACE: ${{ env.DSPA_NAMESPACE }}
-          DSPA_NAME: ${{ env.DSPA_NAME }}
-          DSPA_PATH: ${{ env.DSPA_PATH }}
-        run: |
-            make integrationtest K8SAPISERVERHOST=$(oc whoami --show-server) DSPANAMESPACE=${NAMESPACE} DSPAPATH=${DSPA_PATH}
-
-      - name: Run tests for DSPA with External Connections
-        working-directory: ${{ github.workspace }}
-        env:
-          NAMESPACE: ${{ env.DSPA_EXTERNAL_NAMESPACE }}
-          DSPA_NAME: ${{ env.DSPA_EXTERNAL_NAME }}
-          DSPA_EXTERNAL_PATH: ${{ env.DSPA_EXTERNAL_PATH }}
-        run: |
-            make integrationtest K8SAPISERVERHOST=$(oc whoami --show-server) DSPANAMESPACE=${NAMESPACE} DSPAPATH=${DSPA_EXTERNAL_PATH}
-
-      - name: Collect DSPO Logs if any tests failed
-        if: failure()
-        run: |
-          tmp_dir=$(mktemp -d)
-          DSPO=$(kubectl get pod -n opendatahub --no-headers -o custom-columns=NAME:.metadata.name)
-          echo "DSPO Pod: $DSPO"
-          kubectl logs -n opendatahub $DSPO > $tmp_dir/$DSPO.log
-          kubectl get -n $DSPA_NAMESPACE events > $tmp_dir/events.log
-          kubectl get -n $DSPA_NAMESPACE all > $tmp_dir/resources.log
-          kubectl get -n $DSPA_NAMESPACE sa > $tmp_dir/serviceaccounts.log
-          kubectl get -n $DSPA_NAMESPACE secret > $tmp_dir/secrets.log
-          kubectl describe -n $DSPA_NAMESPACE deployment ds-pipeline-metadata-envoy-$DSPA_NAME > $tmp_dir/envoy.log
-
-      - name: Collect test results
-        if: failure()
-        uses: actions/upload-artifact@v4
-        with:
-          name: integration-test-artifacts
-          path: /tmp/tmp.*/*
-
-      - name: Clean up
-        run: |
-          make undeploy-kind
+          sh kind-integration.sh
diff --git a/api/v1alpha1/dspipeline_types.go b/api/v1alpha1/dspipeline_types.go
@@ -401,7 +401,7 @@ type DSPAStatus struct {
 
 type ComponentStatus struct {
 	// +kubebuilder:validation:Optional
-	Envoy     ComponentDetailStatus `json:"envoy,omitempty"`
+	MLMDProxy ComponentDetailStatus `json:"mlmdProxy,omitempty"`
 	APIServer ComponentDetailStatus `json:"apiServer,omitempty"`
 }
 

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/...ses/datasciencepipelinesapplications.opendatahub.io_datasciencepipelinesapplications.yaml b/...ses/datasciencepipelinesapplications.opendatahub.io_datasciencepipelinesapplications.yaml
@@ -880,7 +880,7 @@ spec:
                       url:
                         type: string
                     type: object
-                  envoy:
+                  mlmdProxy:
                     properties:
                       externalUrl:
                         type: string

diff --git a/config/internal/ml-metadata/metadata-envoy.deployment.yaml.tmpl b/config/internal/ml-metadata/metadata-envoy.deployment.yaml.tmpl
@@ -71,6 +71,7 @@ spec:
             - mountPath: /etc/envoy.yaml
               name: envoy-config
               subPath: envoy.yaml
+        {{ if .MLMD.Envoy.DeployRoute }}
         - name: oauth-proxy
           args:
             - --https-address=:8443
@@ -118,6 +119,7 @@ spec:
           volumeMounts:
             - mountPath: /etc/tls/private
               name: proxy-tls
+      {{ end }}
       serviceAccountName: ds-pipeline-metadata-envoy-{{.Name}}
       volumes:
         - name: envoy-config

diff --git a/config/samples/v2/dspa-all-fields/dspa_all_fields.yaml b/config/samples/v2/dspa-all-fields/dspa_all_fields.yaml
@@ -184,12 +184,12 @@ spec:
 # example status fields
 status:
   components:
-    envoy:
-      url: http://envoy.svc.cluster.local
-      externalUrl: https://envoy-dspa.example.com
+    mlmdProxy:
+      url: http://mlmd-proxy.svc.cluster.local
+      externalUrl: https://mlmd-proxy-dspa.example.com
     apiServer:
-      url: http://envoy.svc.cluster.local
-      externalUrl: https://envoy-dspa.example.com
+      url: http://apiserver.svc.cluster.local
+      externalUrl: https://apiserver-dspa.example.com
   conditions:
     - lastTransitionTime: '2024-03-14T22:04:25Z'
       message: Database connectivity successfully verified
@@ -226,7 +226,7 @@ status:
       observedGeneration: 3
       reason: MinimumReplicasAvailable
       status: 'True'
-      type: EnvoyReady
+      type: MLMDProxyReady
     - lastTransitionTime: '2024-03-14T22:06:37Z'
       message: All components are ready.
       observedGeneration: 3

diff --git a/controllers/apiserver.go b/controllers/apiserver.go
@@ -17,7 +17,6 @@ package controllers
 
 import (
 	"context"
-	"fmt"
 
 	dspav1alpha1 "github.com/opendatahub-io/data-science-pipelines-operator/api/v1alpha1"
 	v1 "github.com/openshift/api/route/v1"
@@ -87,47 +86,3 @@ func (r *DSPAReconciler) ReconcileAPIServer(ctx context.Context, dsp *dspav1alph
 	log.Info("Finished applying APIServer Resources")
 	return nil
 }
-
-func (r *DSPAReconciler) GetAPIServerServiceHostname(ctx context.Context, dsp *dspav1alpha1.DataSciencePipelinesApplication) (string, error) {
-	service := &corev1.Service{}
-	namespacedNamed := types.NamespacedName{Name: "ds-pipeline-" + dsp.Name, Namespace: dsp.Namespace}
-	err := r.Get(ctx, namespacedNamed, service)
-	if err != nil {
-		return "", err
-	}
-
-	// Loop over all Service ports, if a secured port is found
-	// set port and scheme to its secured ones and skip the loop
-	serviceScheme := ""
-	servicePort := ""
-	for i := 0; i < len(service.Spec.Ports); i++ {
-		servicePort = fmt.Sprintf("%d", service.Spec.Ports[i].Port)
-		if servicePort == "8443" || servicePort == "443" {
-			// If a secured port is found, just set scheme to 'https://' and skip the loop
-			serviceScheme = "https://"
-			break
-		} else {
-			serviceScheme = "http://"
-		}
-	}
-
-	return serviceScheme + service.Name + "." + service.Namespace + ".svc.cluster.local:" + servicePort, nil
-}
-
-func (r *DSPAReconciler) GetAPIServerRouteHostname(ctx context.Context, dsp *dspav1alpha1.DataSciencePipelinesApplication) (string, error) {
-	route := &v1.Route{}
-	namespacedNamed := types.NamespacedName{Name: "ds-pipeline-" + dsp.Name, Namespace: dsp.Namespace}
-	err := r.Get(ctx, namespacedNamed, route)
-	if err != nil {
-		return "", err
-	}
-
-	serviceScheme := ""
-	if route.Spec.TLS != nil {
-		serviceScheme = "https://"
-	} else {
-		serviceScheme = "http://"
-	}
-
-	return serviceScheme + route.Spec.Host, nil
-}
diff --git a/controllers/config/defaults.go b/controllers/config/defaults.go
@@ -139,7 +139,7 @@ const (
 	APIServerReady         = "APIServerReady"
 	PersistenceAgentReady  = "PersistenceAgentReady"
 	ScheduledWorkflowReady = "ScheduledWorkflowReady"
-	EnvoyReady             = "EnvoyReady"
+	MLMDProxyReady         = "MLMDProxyReady"
 	CrReady                = "Ready"
 )
 

diff --git a/controllers/dspastatus/dspa_status.go b/controllers/dspastatus/dspa_status.go
@@ -21,7 +21,7 @@ type DSPAStatus interface {
 
 	SetScheduledWorkflowStatus(scheduledWorkflowReady metav1.Condition)
 
-	SetEnvoyStatus(envoyReady metav1.Condition)
+	SetMLMDProxyStatus(mlmdProxyReady metav1.Condition)
 
 	GetConditions() []metav1.Condition
 }
@@ -32,7 +32,7 @@ func NewDSPAStatus(dspa *dspav1alpha1.DataSciencePipelinesApplication) DSPAStatu
 	apiServerCondition := BuildUnknownCondition(config.APIServerReady)
 	persistenceAgentCondition := BuildUnknownCondition(config.PersistenceAgentReady)
 	scheduledWorkflowReadyCondition := BuildUnknownCondition(config.ScheduledWorkflowReady)
-	envoyReadyCondition := BuildUnknownCondition(config.EnvoyReady)
+	mlmdProxyReadyCondition := BuildUnknownCondition(config.MLMDProxyReady)
 
 	return &dspaStatus{
 		dspa:                   dspa,
@@ -41,7 +41,7 @@ func NewDSPAStatus(dspa *dspav1alpha1.DataSciencePipelinesApplication) DSPAStatu
 		apiServerReady:         &apiServerCondition,
 		persistenceAgentReady:  &persistenceAgentCondition,
 		scheduledWorkflowReady: &scheduledWorkflowReadyCondition,
-		envoyReady:             &envoyReadyCondition,
+		mlmdProxyReady:         &mlmdProxyReadyCondition,
 	}
 }
 
@@ -52,7 +52,7 @@ type dspaStatus struct {
 	apiServerReady         *metav1.Condition
 	persistenceAgentReady  *metav1.Condition
 	scheduledWorkflowReady *metav1.Condition
-	envoyReady             *metav1.Condition
+	mlmdProxyReady         *metav1.Condition
 }
 
 func (s *dspaStatus) SetDatabaseNotReady(err error, reason string) {
@@ -96,8 +96,8 @@ func (s *dspaStatus) SetScheduledWorkflowStatus(scheduledWorkflowReady metav1.Co
 	s.scheduledWorkflowReady = &scheduledWorkflowReady
 }
 
-func (s *dspaStatus) SetEnvoyStatus(envoyReady metav1.Condition) {
-	s.envoyReady = &envoyReady
+func (s *dspaStatus) SetMLMDProxyStatus(mlmdProxyReady metav1.Condition) {
+	s.mlmdProxyReady = &mlmdProxyReady
 }
 
 func (s *dspaStatus) GetConditions() []metav1.Condition {
@@ -107,7 +107,7 @@ func (s *dspaStatus) GetConditions() []metav1.Condition {
 		*s.getApiServerReadyCondition(),
 		*s.getPersistenceAgentReadyCondition(),
 		*s.getScheduledWorkflowReadyCondition(),
-		*s.getEnvoyReadyCondition(),
+		*s.getMLMDProxyReadyCondition(),
 	}
 
 	allReady := true
@@ -145,7 +145,7 @@ func (s *dspaStatus) GetConditions() []metav1.Condition {
 		*s.apiServerReady,
 		*s.persistenceAgentReady,
 		*s.scheduledWorkflowReady,
-		*s.envoyReady,
+		*s.mlmdProxyReady,
 		crReady,
 	}
 
@@ -179,8 +179,8 @@ func (s *dspaStatus) getScheduledWorkflowReadyCondition() *metav1.Condition {
 	return s.scheduledWorkflowReady
 }
 
-func (s *dspaStatus) getEnvoyReadyCondition() *metav1.Condition {
-	return s.envoyReady
+func (s *dspaStatus) getMLMDProxyReadyCondition() *metav1.Condition {
+	return s.mlmdProxyReady
 }
 
 func BuildTrueCondition(conditionType string, message string) metav1.Condition {