Commit Graph

271 Commits

Author SHA1 Message Date
leonnicolas
31ffaa0e71
pkg/: FEATURE: support allowed IPs outside a cluster
Users can specify IPs with the annotation "allowed-location-ips".
It makes no difference which node of a location is annotated.
The IP should be routable from the particular location, e.g. a printer in
the same LAN.
This way these IPs become routable from other location.

Signed-off-by: leonnicolas <leonloechner@gmx.de>

Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-15 22:17:35 +02:00
Lucas Servén Marín
6542c2ee94
Merge pull request #190 from squat/refactor_e2e
e2e: refactor the end to end tests
2021-06-15 16:58:37 +02:00
Lucas Servén Marín
9f088b87ee
e2e: refactor the end to end tests
This commit refactors the e2e tests in the following ways:
* bump the version of `bash_unit` to 1.7.2: the previous version was
from 2018;
* remove the unused `block` function;
* fix the order of `block_unitil_ready_by_name` and `check_ping`: we
should not attempt to interact with pods before they are considered
ready;
* extract the retry logic into a reusable function called `retry`; and
* retry the `check_adjacent` function for robustness.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-15 13:09:20 +02:00
Lucas Servén Marín
e513e6ca59
Merge pull request #187 from squat/support_mac_m1
Makefile: bump golang toolchain for M1 support
2021-06-14 13:42:49 +02:00
Lucas Servén Marín
6261f507a3
Merge pull request #186 from squat/crd_validation
Use apiextension v1
2021-06-14 13:42:32 +02:00
Lucas Servén Marín
0ab16e11b8
Makefile: bump golang toolchain for M1 support
This commit bumps the Golang toolchain version used to build Kilo to go
1.16 to support builing kgctl for the arm64 M1 macs.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-06-14 13:00:24 +02:00
leonnicolas
36643b77b4
Use apiextension v1
- upgrade from apiextension v1beta1 to v1
 - generate yaml manifest for crd intead of applying it at runtime
  - users will have to apply the manifest with kubectl
 - kg and kgctl log an error if the crd is not present
 - now validation should actually work

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-06-14 12:59:33 +02:00
leonnicolas
e272d725a5
docs/building.md: add docs for building Kilo and the website (#177)
* docs/building.md: add docs for building Kilo and the website

Signed-off-by: leonnicolas <leonloechner@gmx.de>

Update docs/building_kilo.md

Co-authored-by: Lucas Servén Marín <lserven@gmail.com>

* Apply suggestions from code review

Co-authored-by: Lucas Servén Marín <lserven@gmail.com>

Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
2021-05-28 13:01:17 +02:00
Lucas Servén Marín
a8f4143f53
Merge pull request #147 from JulienVdG/private-registry
Makefile: handle a private registry
2021-05-27 15:40:28 +02:00
Lucas Servén Marín
28d93fba90
Merge pull request #175 from squat/fix_markdown_link
Makefile: workaround to fix broken markdown link in website
2021-05-21 19:08:22 +02:00
leonnicolas
1ab8523d8a
Makefile: workaround to fix broken markdown link in website
Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-05-21 14:23:10 +02:00
Lucas Servén Marín
5614d9158b
Merge pull request #174 from squat/consistent_indentation
e2e/kind.sh: make indentation consistent
2021-05-21 13:09:27 +02:00
Lucas Servén Marín
305dc6ce91
e2e/kind.sh: make indentation consistent
This file uses tabs everywhere instead of spaces, so fix the lines that
I added in the last PR.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-05-21 11:09:14 +02:00
Lucas Servén Marín
cc7e94b07c
Merge pull request #173 from squat/lint_bash
e2e/kind.sh: lint bash script
2021-05-21 11:06:15 +02:00
Lucas Servén Marín
259959c0a5
e2e/kind.sh: lint bash script
This commit fixes lint warnings produced by shellcheck. This simplifies
some of the `if`s and protects against variables with spaces. We may
want to consider shellchecking all scripts in the repo.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-05-21 10:33:47 +02:00
leonnicolas
3422e8a40c
Merge pull request #171 from squat/e2e
Makefile, e2e/*: Add end to end tests
2021-05-20 19:40:36 +02:00
leonnicolas
d806fb9126
Makefile, e2e/*: Add end to end tests
Tests are using kind, adjacency and bash_unit.

A kind cluster is spun up and the previously build container image of
Kilo is loaded into it.
Adjacency and a curl container is started.

From the curl container a http request is send to the adjacency service.

The test fails if curl returns an unexpected result.

Two test are run. One with `mesh-granularity=full` and `location`.

The e2e test is only run for pull request because it is a bit flaky for
automatic nightly runs.

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-05-20 17:34:17 +02:00
Lucas Servén Marín
a25ab90e05
Merge pull request #172 from squat/docs_cleanup
docs,README.md: clean up documentation
2021-05-20 13:03:14 +02:00
Lucas Servén Marín
845df22a32
docs,README.md: clean up documentation
This commit cleans up some typos in the documentation, clarifies some
explanations, fixes a bash script that would not expand a variable, and
renames the API documentation generator command from gen-docs to
docs-gen to match the output binary name.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-05-20 12:45:02 +02:00
Lucas Servén Marín
9f37a93859
Merge pull request #169 from squat/generate_CRD
cmd/gen-docs/main.go: auto generate docs for CRD
2021-05-17 17:30:27 +02:00
leonnicolas
3b898042cd
Merge pull request #170 from squat/update_readme
README.md: add slack badge
2021-05-17 17:27:46 +02:00
leonnicolas
01ce79c453
README.md: add slack badge
Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-05-17 14:29:33 +02:00
leonnicolas
51f1ae94ef
cmd/gen-docs/main.go: auto generate docs for CRD
The new make command `make gen-docs` is introduced.
It will build a markdown file from the CRD introduced by Kilo.

The generation of the docs is a requirement for building the website.

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-05-17 13:54:56 +02:00
Lucas Servén Marín
5d33c94d04
Merge pull request #168 from squat/bump_dependecies
go.mod: bump client-go and api machinery
2021-05-15 12:34:15 +02:00
leonnicolas
a3bf13711c
go.mod: bump client-go and api machinerie
I had to run `make generate`.
Some API functions got additional parameters `Options` and `Context`.
I used empty options and `context.TODO()` for now.

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-05-15 12:12:50 +02:00
Lucas Servén Marín
f2c37b9de6
Merge pull request #167 from squat/bump_docusaurus
website/package.json: bump node_modules and update yarn.lock
2021-05-15 11:22:50 +02:00
leonnicolas
b59bc960f2
website/package.json: bump node_modules and update yarn.lock
bump react, react-dom, docusaurus, classnames and dependencies (yarn.lock)

Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-05-15 00:45:18 +02:00
leonnicolas
0263c985cf
Merge pull request #161 from squat/prometheus_podmonitor
manifests/*: add example podMonitor
2021-05-13 20:28:58 +02:00
leonnicolas
3f0404d9e3
manifests/*: add example podMonitor
Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-05-13 16:25:29 +02:00
Lucas Servén Marín
58721e0c20
Merge pull request #160 from squat/code_block
docs/peer-validation: fix code-block
2021-05-12 18:17:35 +02:00
Lucas Servén Marín
743fbb1da4
docs/peer-validation: fix code-block
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-05-12 14:35:16 +02:00
Lucas Servén Marín
24dd4b54bf
Merge pull request #154 from squat/docs_validating_hook
docs/peer-validation: add docs about peer validation
2021-05-12 14:16:44 +02:00
leonnicolas
60f0ccd8a2
docs/peer-validation: add docs about peer validation
Signed-off-by: leonnicolas <leonloechner@gmx.de>

Update docs/peer-validation.md

Co-authored-by: Lucas Servén Marín <lserven@gmail.com>
2021-05-12 14:11:10 +02:00
Lucas Servén Marín
2ba1376400
Merge pull request #159 from squat/update_install_docs
docs: note how to install precompiled kgctl
2021-05-11 18:25:55 +02:00
Julien Viard de Galbert
e51a8c92cf Drop intermediate REGISTRY_PREFIX variable and use FULLY_QUALIFIED_IMAGE more consistently
TODO: test this on docker hub
2021-05-11 16:17:25 +02:00
Julien Viard de Galbert
6301503095 Makefile: handle a private registry 2021-05-11 15:53:30 +02:00
Lucas Servén Marín
1d26921710
docs: clarify BoringTun
Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-05-11 15:11:36 +02:00
Lucas Servén Marín
e232af1073
docs: note how to install precompiled kgctl
This commit updates the instructions for installing Kilo. It also fixes
the title-casing of a section on the README and makes a visual change to
the userspace doc to try to make the note clearer.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-05-11 14:23:56 +02:00
Lucas Servén Marín
a504fe7195
Merge pull request #158 from squat/clarify_cross_network_communication
README.md: mention pod network connectivity behind NAT
2021-05-08 18:24:27 +02:00
leonnicolas
4dc407f600
README.md: mention pod network connectivity behind NAT
Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-05-08 18:08:53 +02:00
Lucas Servén Marín
bd7c4e04d4
Merge pull request #157 from squat/docker_pull_badge
README.md: add docker pulls badge
2021-05-07 13:02:14 +02:00
leonnicolas
4528e0c374
README.md: add docker pulls badges
Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-05-07 12:40:57 +02:00
Lucas Servén Marín
d233d93cbf
Merge pull request #155 from squat/declare_metrics_port
manifests: declare metrics port
2021-05-07 08:31:20 +02:00
Lucas Servén Marín
8fce69d373
manifests: declare metrics port
This commit ammends all of the Kilo manifests so that the DaemonSets
declare the port they expose.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-05-06 19:30:43 +02:00
Lucas Servén Marín
e843262064
Merge pull request #152 from squat/check_netlink_events
pkg/route: correct route error check
2021-05-02 20:08:06 +02:00
Lucas Servén Marín
298a772d68
Merge pull request #151 from squat/improve-public-key-validation
pkg/k8s/apis/kilo/v1alpha1/types.go: add public key validation
2021-04-30 22:08:38 +02:00
leonnicolas
64ea86436f
pkg/k8s/apis/kilo/v1alpha1/types.go: add public key validation
Signed-off-by: leonnicolas <leonloechner@gmx.de>
2021-04-30 22:03:34 +02:00
Lucas Servén Marín
19abddf1fe
pkg/route: correct route error check
Currently, when the route controller processes updates from netlink, it
checks if the routes in the table are nil or have no destination.
However, we control this and can guarantee that it's never the case.
Instead, we should check if the routes from netlink are valid.

Signed-off-by: Lucas Servén Marín <lserven@gmail.com>
2021-04-30 18:17:51 +02:00
Lucas Servén Marín
166094b5ad
Merge pull request #148 from JulienVdG/sync-not-ready
RFC: Remove syncNodes/syncPeers 'not Ready' special case
2021-04-21 19:49:12 +02:00
Julien Viard de Galbert
2ac000c68a
Nat to nat (#146)
* wireguard: export an Endpoint comparison method

* Record discovered endpoints in node

* Synchronize DiscoveredEndpoints in k8s backend

* Add discoveredEndpointsAreEqual

* Handle discovered Endpoints in topology to enable NAT 2 NAT

* Refactor to use Endpoint.Equal

Compare IP first by default and compare DNS name first when we know the Endpoint was resolved.

* Drop the shallow copies of nodes and peers

Now that updateNATEndpoints was updated to discoverNATEndpoints and that
the endpoints are overridden by topology instead of mutating the nodes and
peers object, we can safely drop this copy.
2021-04-21 19:47:29 +02:00