Add F5 VirtualServer source

Signed-off-by: Mikael Johansson <[email protected]>

docs/tutorials/f5-virtualserver.md

@@ -0,0 +1,33 @@
+# Configuring ExternalDNS to use the F5 Networks VirtualServer Source
+This tutorial describes how to configure ExternalDNS to use the F5 Networks VirtualServer Source. It is meant to supplement the other provider-specific setup tutorials.
+
+The F5 Networks VirtualServer CRD is part of [this](https://github.com/F5Networks/k8s-bigip-ctlr) project. See more in-depth info regarding the VirtualServer CRD [here](https://github.com/F5Networks/k8s-bigip-ctlr/blob/master/docs/config_examples/customResource/CustomResource.md#virtualserver).
+
+## Start with ExternalDNS with the F5 Networks VirtualServer source
+
+1. Make sure that you have the `k8s-bigip-ctlr` installed in your cluster. The needed CRDs are bundled within the controller.
+
+2. In your Helm `values.yaml` add:
+```
+sources:
+  - ...
+  - f5-virtualserver
+  - ...
+```
+or add it in your `Deployment` if you aren't installing `external-dns` via Helm:
+```
+args:
+- --source=f5-virtualserver
+```
+
+Note that, in case you're not installing via Helm, you'll need the following in the `ClusterRole` bound to the service account of `external-dns`:
+```
+- apiGroups:
+  - cis.f5.com
+  resources:
+  - virtualservers
+  verbs:
+  - get
+  - list
+  - watch
+```

go.mod

@@ -8,6 +8,7 @@ require (
 	github.com/Azure/go-autorest/autorest v0.11.28
 	github.com/Azure/go-autorest/autorest/adal v0.9.21
 	github.com/Azure/go-autorest/autorest/to v0.4.0
+	github.com/F5Networks/k8s-bigip-ctlr/v2 v2.10.2-0.20221219081505-fb0cc5f842ba
 	github.com/IBM-Cloud/ibm-cloud-cli-sdk v1.0.0
 	github.com/IBM/go-sdk-core/v5 v5.8.0
 	github.com/IBM/networking-go-sdk v0.32.0
@@ -40,8 +41,8 @@ require (
 	github.com/nesv/go-dynect v0.6.0
 	github.com/nic-at/rc0go v1.1.1
 	github.com/onsi/ginkgo v1.16.5
-	github.com/openshift/api v0.0.0-20200605231317-fb2a6ca106ae
-	github.com/openshift/client-go v0.0.0-20200608144219-584632b8fc73
+	github.com/openshift/api v0.0.0-20210315202829-4b79815405ec
+	github.com/openshift/client-go v0.0.0-20210112165513-ebc401615f47
 	github.com/oracle/oci-go-sdk v24.3.0+incompatible
 	github.com/ovh/go-ovh v0.0.0-20181109152953-ba5adb4cf014
 	github.com/pkg/errors v0.9.1

pkg/apis/externaldns/types.go

@@ -402,7 +402,7 @@ func (cfg *Config) ParseFlags(args []string) error {
 	app.Flag("skipper-routegroup-groupversion", "The resource version for skipper routegroup").Default(source.DefaultRoutegroupVersion).StringVar(&cfg.SkipperRouteGroupVersion)
 
 	// Flags related to processing source
-	app.Flag("source", "The resource types that are queried for endpoints; specify multiple times for multiple sources (required, options: service, ingress, node, fake, connector, gateway-httproute, gateway-tlsroute, gateway-tcproute, gateway-udproute, istio-gateway, istio-virtualservice, cloudfoundry, contour-ingressroute, contour-httpproxy, gloo-proxy, crd, empty, skipper-routegroup, openshift-route, ambassador-host, kong-tcpingress)").Required().PlaceHolder("source").EnumsVar(&cfg.Sources, "service", "ingress", "node", "pod", "gateway-httproute", "gateway-tlsroute", "gateway-tcproute", "gateway-udproute", "istio-gateway", "istio-virtualservice", "cloudfoundry", "contour-ingressroute", "contour-httpproxy", "gloo-proxy", "fake", "connector", "crd", "empty", "skipper-routegroup", "openshift-route", "ambassador-host", "kong-tcpingress")
+	app.Flag("source", "The resource types that are queried for endpoints; specify multiple times for multiple sources (required, options: service, ingress, node, fake, connector, gateway-httproute, gateway-tlsroute, gateway-tcproute, gateway-udproute, istio-gateway, istio-virtualservice, cloudfoundry, contour-ingressroute, contour-httpproxy, gloo-proxy, crd, empty, skipper-routegroup, openshift-route, ambassador-host, kong-tcpingress, f5-virtualserver)").Required().PlaceHolder("source").EnumsVar(&cfg.Sources, "service", "ingress", "node", "pod", "gateway-httproute", "gateway-tlsroute", "gateway-tcproute", "gateway-udproute", "istio-gateway", "istio-virtualservice", "cloudfoundry", "contour-ingressroute", "contour-httpproxy", "gloo-proxy", "fake", "connector", "crd", "empty", "skipper-routegroup", "openshift-route", "ambassador-host", "kong-tcpingress", "f5-virtualserver")
 	app.Flag("openshift-router-name", "if source is openshift-route then you can pass the ingress controller name. Based on this name external-dns will select the respective router from the route status and map that routerCanonicalHostname to the route host while creating a CNAME record.").StringVar(&cfg.OCPRouterName)
 	app.Flag("namespace", "Limit sources of endpoints to a specific namespace (default: all namespaces)").Default(defaultConfig.Namespace).StringVar(&cfg.Namespace)
 	app.Flag("annotation-filter", "Filter sources managed by external-dns via annotation using label selector semantics (default: all sources)").Default(defaultConfig.AnnotationFilter).StringVar(&cfg.AnnotationFilter)

source/f5_virtualserver.go

@@ -0,0 +1,240 @@
+/*
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package source
+
+import (
+	"context"
+	"fmt"
+	"sort"
+
+	"github.com/pkg/errors"
+	log "github.com/sirupsen/logrus"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/client-go/dynamic"
+	"k8s.io/client-go/dynamic/dynamicinformer"
+	"k8s.io/client-go/informers"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/kubernetes/scheme"
+	"k8s.io/client-go/tools/cache"
+
+	f5 "github.com/F5Networks/k8s-bigip-ctlr/v2/config/apis/cis/v1"
+
+	"sigs.k8s.io/external-dns/endpoint"
+)
+
+var f5VirtualServerGVR = schema.GroupVersionResource{
+	Group:    "cis.f5.com",
+	Version:  "v1",
+	Resource: "virtualservers",
+}
+
+// virtualServerSource is an implementation of Source for F5 VirtualServer objects.
+type f5VirtualServerSource struct {
+	dynamicKubeClient     dynamic.Interface
+	virtualServerInformer informers.GenericInformer
+	kubeClient            kubernetes.Interface
+	annotationFilter      string
+	namespace             string
+	unstructuredConverter *unstructuredConverter
+}
+
+func NewF5VirtualServerSource(
+	ctx context.Context,
+	dynamicKubeClient dynamic.Interface,
+	kubeClient kubernetes.Interface,
+	namespace string,
+	annotationFilter string,
+) (Source, error) {
+	informerFactory := dynamicinformer.NewFilteredDynamicSharedInformerFactory(dynamicKubeClient, 0, namespace, nil)
+	virtualServerInformer := informerFactory.ForResource(f5VirtualServerGVR)
+
+	virtualServerInformer.Informer().AddEventHandler(
+		cache.ResourceEventHandlerFuncs{
+			AddFunc: func(obj interface{}) {
+			},
+		},
+	)
+
+	informerFactory.Start(ctx.Done())
+
+	// wait for the local cache to be populated.
+	if err := waitForDynamicCacheSync(context.Background(), informerFactory); err != nil {
+		return nil, err
+	}
+
+	uc, err := newVSUnstructuredConverter()
+	if err != nil {
+		return nil, errors.Wrapf(err, "failed to setup unstructured converter")
+	}
+
+	return &f5VirtualServerSource{
+		dynamicKubeClient:     dynamicKubeClient,
+		virtualServerInformer: virtualServerInformer,
+		kubeClient:            kubeClient,
+		namespace:             namespace,
+		annotationFilter:      annotationFilter,
+		unstructuredConverter: uc,
+	}, nil
+}
+
+// Endpoints returns endpoint objects for each host-target combination that should be processed.
+// Retrieves all VirtualServers in the source's namespace(s).
+func (vs *f5VirtualServerSource) Endpoints(ctx context.Context) ([]*endpoint.Endpoint, error) {
+	virtualServerObjects, err := vs.virtualServerInformer.Lister().ByNamespace(vs.namespace).List(labels.Everything())
+	if err != nil {
+		return nil, err
+	}
+
+	var virtualServers []*f5.VirtualServer
+	for _, vsObj := range virtualServerObjects {
+		unstructuredHost, ok := vsObj.(*unstructured.Unstructured)
+		if !ok {
+			return nil, errors.New("could not convert")
+		}
+
+		virtualServer := &f5.VirtualServer{}
+		err := vs.unstructuredConverter.scheme.Convert(unstructuredHost, virtualServer, nil)
+		if err != nil {
+			return nil, err
+		}
+		virtualServers = append(virtualServers, virtualServer)
+	}
+
+	virtualServers, err = vs.filterByAnnotations(virtualServers)
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to filter VirtualServers")
+	}
+
+	endpoints, err := vs.endpointsFromVirtualServers(virtualServers)
+	if err != nil {
+		return nil, err
+	}
+
+	// Sort endpoints
+	for _, ep := range endpoints {
+		sort.Sort(ep.Targets)
+	}
+
+	return endpoints, nil
+}
+
+func (vs *f5VirtualServerSource) AddEventHandler(ctx context.Context, handler func()) {
+	log.Debug("Adding event handler for VirtualServer")
+
+	vs.virtualServerInformer.Informer().AddEventHandler(eventHandlerFunc(handler))
+}
+
+// endpointsFromVirtualServers extracts the endpoints from a slice of VirtualServers
+func (vs *f5VirtualServerSource) endpointsFromVirtualServers(virtualServers []*f5.VirtualServer) ([]*endpoint.Endpoint, error) {
+	var endpoints []*endpoint.Endpoint
+
+	for _, virtualServer := range virtualServers {
+		ttl, err := getTTLFromAnnotations(virtualServer.Annotations)
+		if err != nil {
+			return nil, err
+		}
+
+		if virtualServer.Spec.VirtualServerAddress != "" {
+			ep := &endpoint.Endpoint{
+				Targets: endpoint.Targets{
+					virtualServer.Spec.VirtualServerAddress,
+				},
+				RecordType: "A",
+				DNSName:    virtualServer.Spec.Host,
+				Labels:     endpoint.NewLabels(),
+				RecordTTL:  ttl,
+			}
+
+			vs.setResourceLabel(virtualServer, ep)
+			endpoints = append(endpoints, ep)
+			continue
+		}
+
+		if virtualServer.Status.VSAddress != "" {
+			ep := &endpoint.Endpoint{
+				Targets: endpoint.Targets{
+					virtualServer.Status.VSAddress,
+				},
+				RecordType: "A",
+				DNSName:    virtualServer.Spec.Host,
+				Labels:     endpoint.NewLabels(),
+				RecordTTL:  ttl,
+			}
+
+			vs.setResourceLabel(virtualServer, ep)
+			endpoints = append(endpoints, ep)
+			continue
+		}
+	}
+
+	return endpoints, nil
+}
+
+// newUnstructuredConverter returns a new unstructuredConverter initialized
+func newVSUnstructuredConverter() (*unstructuredConverter, error) {
+	uc := &unstructuredConverter{
+		scheme: runtime.NewScheme(),
+	}
+
+	// Add the core types we need
+	uc.scheme.AddKnownTypes(f5VirtualServerGVR.GroupVersion(), &f5.VirtualServer{}, &f5.VirtualServerList{})
+	if err := scheme.AddToScheme(uc.scheme); err != nil {
+		return nil, err
+	}
+
+	return uc, nil
+}
+
+// filterByAnnotations filters a list of VirtualServers by a given annotation selector.
+func (vs *f5VirtualServerSource) filterByAnnotations(virtualServers []*f5.VirtualServer) ([]*f5.VirtualServer, error) {
+	labelSelector, err := metav1.ParseToLabelSelector(vs.annotationFilter)
+	if err != nil {
+		return nil, err
+	}
+
+	selector, err := metav1.LabelSelectorAsSelector(labelSelector)
+	if err != nil {
+		return nil, err
+	}
+
+	// empty filter returns original list
+	if selector.Empty() {
+		return virtualServers, nil
+	}
+
+	filteredList := []*f5.VirtualServer{}
+
+	for _, vs := range virtualServers {
+		// convert the VirtualServer's annotations to an equivalent label selector
+		annotations := labels.Set(vs.Annotations)
+
+		// include VirtualServer if its annotations match the selector
+		if selector.Matches(annotations) {
+			filteredList = append(filteredList, vs)
+		}
+	}
+
+	return filteredList, nil
+}
+
+func (vs *f5VirtualServerSource) setResourceLabel(virtualServer *f5.VirtualServer, ep *endpoint.Endpoint) {
+	ep.Labels[endpoint.ResourceLabelKey] = fmt.Sprintf("f5-virtualserver/%s/%s", virtualServer.Namespace, virtualServer.Name)
+}