Dynamic control plane configuration support (nginx#943)

Problem: We want to be able to change control plane settings dynamically, to avoid having to restart NKG and lose valuable state.

Solution: Introducing a new CRD that is initialized and created on startup, NginxGateway. This CRD can be updated by the user to dynamically change the state of the control plane. Right now we simply support changing the logging level. The controller will revert to using default values if the CRD is not detected.

Author: miledxz

.github/workflows/ci.yml

@@ -55,6 +55,9 @@ jobs:
       - name: Check if generated go files are up to date
         run: make generate && git diff --exit-code
 
+      - name: Check if generated CRDs and types are up to date
+        run: make generate-crds && git diff --exit-code
+
       - name: Check if generated manifests are up to date
         run: make generate-manifests && git diff --exit-code
 

Makefile

@@ -21,7 +21,7 @@ KIND_KUBE_CONFIG=$${HOME}/.kube/kind/config## The location of the kind kubeconfi
 OUT_DIR ?= $(shell pwd)/build/out## The folder where the binary will be stored
 ARCH ?= amd64## The architecture of the image and/or binary. For example: amd64 or arm64
 override HELM_TEMPLATE_COMMON_ARGS += --set creator=template --set nameOverride=nginx-gateway## The common options for the Helm template command.
-override HELM_TEMPLATE_EXTRA_ARGS_FOR_ALL_MANIFESTS_FILE += --set service.create=false## The options to be passed to the full Helm templating command only.
+override HELM_TEMPLATE_EXTRA_ARGS_FOR_ALL_MANIFESTS_FILE += --include-crds --set service.create=false## The options to be passed to the full Helm templating command only.
 override DOCKER_BUILD_OPTIONS += --build-arg VERSION=$(VERSION) --build-arg GIT_COMMIT=$(GIT_COMMIT) --build-arg DATE=$(DATE)## The options for the docker build command. For example, --pull
 override NGINX_DOCKER_BUILD_OPTIONS += --build-arg NJS_DIR=$(NJS_DIR) --build-arg NGINX_CONF_DIR=$(NGINX_CONF_DIR)
 .DEFAULT_GOAL := help
@@ -62,6 +62,11 @@ build-goreleaser: ## Build the binary using GoReleaser
 generate: ## Run go generate
 	go generate ./...
 
+.PHONY: generate-crds
+generate-crds: ## Generate CRDs and Go types using kubebuilder
+	go run sigs.k8s.io/controller-tools/cmd/controller-gen crd paths=./apis/... output:crd:dir=deploy/helm-chart/crds
+	go run sigs.k8s.io/controller-tools/cmd/controller-gen object paths=./apis/...
+
 .PHONY: clean
 clean: ## Clean the build
 	-rm -r $(OUT_DIR)

apis/doc.go

@@ -0,0 +1,2 @@
+// Package apis stores the API definitions for NGINX Kubernetes Gateway configuration.
+package apis

apis/v1alpha1/doc.go

@@ -0,0 +1,6 @@
+// Package v1alpha1 contains API Schema definitions for the
+// gateway.nginx.org API group.
+//
+// +kubebuilder:object:generate=true
+// +groupName=gateway.nginx.org
+package v1alpha1

apis/v1alpha1/nginxgateway_types.go

@@ -0,0 +1,90 @@
+package v1alpha1
+
+import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+// +kubebuilder:object:root=true
+// +kubebuilder:storageversion
+// +kubebuilder:subresource:status
+
+// NginxGateway represents the dynamic configuration for an NGINX Kubernetes Gateway control plane.
+type NginxGateway struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	// NginxGatewaySpec defines the desired state of the NginxGateway.
+	Spec NginxGatewaySpec `json:"spec"`
+
+	// NginxGatewayStatus defines the state of the NginxGateway.
+	Status NginxGatewayStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// NginxGatewayList contains a list of NginxGateways.
+type NginxGatewayList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []NginxGateway `json:"items"`
+}
+
+// NginxGatewaySpec defines the desired state of the NginxGateway.
+type NginxGatewaySpec struct {
+	// Logging defines logging related settings for the control plane.
+	//
+	// +optional
+	Logging *Logging `json:"logging,omitempty"`
+}
+
+// Logging defines logging related settings for the control plane.
+type Logging struct {
+	// Level defines the logging level.
+	//
+	// +optional
+	// +kubebuilder:default=info
+	Level *ControllerLogLevel `json:"level,omitempty"`
+}
+
+// ControllerLogLevel type defines the logging level for the control plane.
+//
+// +kubebuilder:validation:Enum=info;debug;error
+type ControllerLogLevel string
+
+const (
+	// ControllerLogLevelInfo is the info level for control plane logging.
+	ControllerLogLevelInfo ControllerLogLevel = "info"
+
+	// ControllerLogLevelDebug is the debug level for control plane logging.
+	ControllerLogLevelDebug ControllerLogLevel = "debug"
+
+	// ControllerLogLevelError is the error level for control plane logging.
+	ControllerLogLevelError ControllerLogLevel = "error"
+)
+
+// NginxGatewayStatus defines the state of the NginxGateway.
+type NginxGatewayStatus struct {
+	// +optional
+	// +listType=map
+	// +listMapKey=type
+	// +kubebuilder:validation:MaxItems=8
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
+}
+
+// NginxGatewayConditionType is a type of condition associated with an
+// NginxGateway. This type should be used with the NginxGatewayStatus.Conditions field.
+type NginxGatewayConditionType string
+
+// NginxGatewayConditionReason defines the set of reasons that explain why a
+// particular NginxGateway condition type has been raised.
+type NginxGatewayConditionReason string
+
+const (
+	// NginxGatewayConditionValid is a condition that is true when the NginxGateway
+	// configuration is syntactically and semantically valid.
+	NginxGatewayConditionValid NginxGatewayConditionType = "Valid"
+
+	// NginxGatewayReasonValid is a reason that is used with the "Valid" condition when the condition is True.
+	NginxGatewayReasonValid NginxGatewayConditionReason = "Valid"
+
+	// NginxGatewayReasonInvalid is a reason that is used with the "Valid" condition when the condition is False.
+	NginxGatewayReasonInvalid NginxGatewayConditionReason = "Invalid"
+)

apis/v1alpha1/register.go

@@ -0,0 +1,41 @@
+package v1alpha1
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName specifies the group name used to register the objects.
+const GroupName = "gateway.nginx.org"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
+
+// Resource takes an unqualified resource and returns a Group qualified GroupResource
+func Resource(resource string) schema.GroupResource {
+	return SchemeGroupVersion.WithResource(resource).GroupResource()
+}
+
+var (
+	// SchemeBuilder collects functions that add things to a scheme. It's to allow
+	// code to compile without explicitly referencing generated types. You should
+	// declare one in each package that will have generated deep copy or conversion
+	// functions.
+	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
+
+	// AddToScheme applies all the stored functions to the scheme. A non-nil error
+	// indicates that one function failed and the attempt was abandoned.
+	AddToScheme = SchemeBuilder.AddToScheme
+)
+
+// Adds the list of known types to Scheme.
+func addKnownTypes(scheme *runtime.Scheme) error {
+	scheme.AddKnownTypes(SchemeGroupVersion,
+		&NginxGateway{},
+		&NginxGatewayList{},
+	)
+	// AddToGroupVersion allows the serialization of client types like ListOptions.
+	metav1.AddToGroupVersion(scheme, SchemeGroupVersion)
+	return nil
+}