seg_yinzy
/
che-operator
mirror of https://github.com/eclipse-che/che-operator.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add attributes to set gateway container log level in Che CR (#1748) 

feat: set traefik and kube-rbac-proxy log level in CR

Signed-off-by: dkwon17 <dakwon@redhat.com>
Co-authored-by: Anatolii Bazko <abazko@redhat.com>
pull/1755/head
David Kwon 2023-09-13 15:43:42 -04:00 committed by GitHub
parent 6394fccea2
commit 328a2dff18
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 395 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
api/v2/checluster_types.go
View File

@ -535,6 +535,12 @@ type Gateway struct {
// +optional
// +kubebuilder:default:={app: che, component: che-gateway-config}
ConfigLabels map[string]string `json:"configLabels,omitempty"`
// Configuration for Traefik within the Che gateway pod.
// +optional
Traefik *Traefik `json:"traefik,omitempty"`
// Configuration for kube-rbac-proxy within the Che gateway pod.
// +optional
KubeRbacProxy *KubeRbacProxy `json:"kubeRbacProxy,omitempty"`
}
// Proxy server configuration.
@ -736,6 +742,24 @@ type ContainerBuildConfiguration struct {
OpenShiftSecurityContextConstraint string `json:"openShiftSecurityContextConstraint,omitempty"`
}
// Configuration for Traefik within the Che gateway pod.
type Traefik struct {
// The log level for the Traefik container within the gateway pod: `DEBUG`, `INFO`, `WARN`, `ERROR`, `FATAL`, or `PANIC`. The default value is `INFO`
// +optional
// +kubebuilder:default:="INFO"
// +kubebuilder:validation:Enum=DEBUG;INFO;WARN;ERROR;FATAL;PANIC
LogLevel string `json:"logLevel,omitempty"`
}
// Configuration for kube-rbac-proxy within the Che gateway pod.
type KubeRbacProxy struct {
// The glog log level for the kube-rbac-proxy container within the gateway pod. Larger values represent a higher verbosity. The default value is `0`.
// +optional
// +kubebuilder:default:=0
// +kubebuilder:validation:Minimum:=0
LogLevel *int32 `json:"logLevel,omitempty"`
}
// GatewayPhase describes the different phases of the Che gateway lifecycle.
type GatewayPhase string

45
api/v2/zz_generated.deepcopy.go
View File

@ -670,6 +670,16 @@ func (in *Gateway) DeepCopyInto(out *Gateway) {
(*out)[key] = val
}
}
if in.Traefik != nil {
in, out := &in.Traefik, &out.Traefik
*out = new(Traefik)
**out = **in
}
if in.KubeRbacProxy != nil {
in, out := &in.KubeRbacProxy, &out.KubeRbacProxy
*out = new(KubeRbacProxy)
(*in).DeepCopyInto(*out)
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Gateway.
@ -748,6 +758,26 @@ func (in *ImagePuller) DeepCopy() *ImagePuller {
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *KubeRbacProxy) DeepCopyInto(out *KubeRbacProxy) {
*out = *in
if in.LogLevel != nil {
in, out := &in.LogLevel, &out.LogLevel
*out = new(int32)
**out = **in
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeRbacProxy.
func (in *KubeRbacProxy) DeepCopy() *KubeRbacProxy {
if in == nil {
return nil
}
out := new(KubeRbacProxy)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PVC) DeepCopyInto(out *PVC) {
*out = *in
@ -923,6 +953,21 @@ func (in *ServerMetrics) DeepCopy() *ServerMetrics {
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Traefik) DeepCopyInto(out *Traefik) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Traefik.
func (in *Traefik) DeepCopy() *Traefik {
if in == nil {
return nil
}
out := new(Traefik)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *TrustedCerts) DeepCopyInto(out *TrustedCerts) {
*out = *in

4
bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml
View File

@ -77,7 +77,7 @@ metadata:
operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
repository: https://github.com/eclipse-che/che-operator
support: Eclipse Foundation
name: eclipse-che.v7.73.0-808.next
name: eclipse-che.v7.74.0-809.next
namespace: placeholder
spec:
apiservicedefinitions: {}
@ -1234,7 +1234,7 @@ spec:
minKubeVersion: 1.19.0
provider:
name: Eclipse Foundation
version: 7.73.0-808.next
version: 7.74.0-809.next
webhookdefinitions:
- admissionReviewVersions:
- v1

33
bundle/next/eclipse-che/manifests/org.eclipse.che_checlusters.yaml
View File

@ -8164,6 +8164,39 @@ spec:
type: integer
type: object
type: object
kubeRbacProxy:
description: Configuration for kube-rbac-proxy within
the Che gateway pod.
properties:
logLevel:
default: 0
description: The glog log level for the kube-rbac-proxy
container within the gateway pod. Larger values
represent a higher verbosity. The default value
is `0`.
format: int32
minimum: 0
type: integer
type: object
traefik:
description: Configuration for Traefik within the Che
gateway pod.
properties:
logLevel:
default: INFO
description: 'The log level for the Traefik container
within the gateway pod: `DEBUG`, `INFO`, `WARN`,
`ERROR`, `FATAL`, or `PANIC`. The default value
is `INFO`'
enum:
- DEBUG
- INFO
- WARN
- ERROR
- FATAL
- PANIC
type: string
type: object
type: object
identityProviderURL:
description: Public URL of the Identity Provider server.

33
config/crd/bases/org.eclipse.che_checlusters.yaml
View File

@ -7947,6 +7947,39 @@ spec:
type: integer
type: object
type: object
kubeRbacProxy:
description: Configuration for kube-rbac-proxy within
the Che gateway pod.
properties:
logLevel:
default: 0
description: The glog log level for the kube-rbac-proxy
container within the gateway pod. Larger values
represent a higher verbosity. The default value
is `0`.
format: int32
minimum: 0
type: integer
type: object
traefik:
description: Configuration for Traefik within the Che
gateway pod.
properties:
logLevel:
default: INFO
description: 'The log level for the Traefik container
within the gateway pod: `DEBUG`, `INFO`, `WARN`,
`ERROR`, `FATAL`, or `PANIC`. The default value
is `INFO`'
enum:
- DEBUG
- INFO
- WARN
- ERROR
- FATAL
- PANIC
type: string
type: object
type: object
identityProviderURL:
description: Public URL of the Identity Provider server.

33
deploy/deployment/kubernetes/combined.yaml
View File

@ -7966,6 +7966,39 @@ spec:
type: integer
type: object
type: object
kubeRbacProxy:
description: Configuration for kube-rbac-proxy within
the Che gateway pod.
properties:
logLevel:
default: 0
description: The glog log level for the kube-rbac-proxy
container within the gateway pod. Larger values
represent a higher verbosity. The default value
is `0`.
format: int32
minimum: 0
type: integer
type: object
traefik:
description: Configuration for Traefik within the Che
gateway pod.
properties:
logLevel:
default: INFO
description: 'The log level for the Traefik container
within the gateway pod: `DEBUG`, `INFO`, `WARN`,
`ERROR`, `FATAL`, or `PANIC`. The default value
is `INFO`'
enum:
- DEBUG
- INFO
- WARN
- ERROR
- FATAL
- PANIC
type: string
type: object
type: object
identityProviderURL:
description: Public URL of the Identity Provider server.

33
deploy/deployment/kubernetes/objects/checlusters.org.eclipse.che.CustomResourceDefinition.yaml
View File

@ -7961,6 +7961,39 @@ spec:
type: integer
type: object
type: object
kubeRbacProxy:
description: Configuration for kube-rbac-proxy within
the Che gateway pod.
properties:
logLevel:
default: 0
description: The glog log level for the kube-rbac-proxy
container within the gateway pod. Larger values
represent a higher verbosity. The default value
is `0`.
format: int32
minimum: 0
type: integer
type: object
traefik:
description: Configuration for Traefik within the Che
gateway pod.
properties:
logLevel:
default: INFO
description: 'The log level for the Traefik container
within the gateway pod: `DEBUG`, `INFO`, `WARN`,
`ERROR`, `FATAL`, or `PANIC`. The default value
is `INFO`'
enum:
- DEBUG
- INFO
- WARN
- ERROR
- FATAL
- PANIC
type: string
type: object
type: object
identityProviderURL:
description: Public URL of the Identity Provider server.

33
deploy/deployment/openshift/combined.yaml
View File

@ -7966,6 +7966,39 @@ spec:
type: integer
type: object
type: object
kubeRbacProxy:
description: Configuration for kube-rbac-proxy within
the Che gateway pod.
properties:
logLevel:
default: 0
description: The glog log level for the kube-rbac-proxy
container within the gateway pod. Larger values
represent a higher verbosity. The default value
is `0`.
format: int32
minimum: 0
type: integer
type: object
traefik:
description: Configuration for Traefik within the Che
gateway pod.
properties:
logLevel:
default: INFO
description: 'The log level for the Traefik container
within the gateway pod: `DEBUG`, `INFO`, `WARN`,
`ERROR`, `FATAL`, or `PANIC`. The default value
is `INFO`'
enum:
- DEBUG
- INFO
- WARN
- ERROR
- FATAL
- PANIC
type: string
type: object
type: object
identityProviderURL:
description: Public URL of the Identity Provider server.

33
deploy/deployment/openshift/objects/checlusters.org.eclipse.che.CustomResourceDefinition.yaml
View File

@ -7961,6 +7961,39 @@ spec:
type: integer
type: object
type: object
kubeRbacProxy:
description: Configuration for kube-rbac-proxy within
the Che gateway pod.
properties:
logLevel:
default: 0
description: The glog log level for the kube-rbac-proxy
container within the gateway pod. Larger values
represent a higher verbosity. The default value
is `0`.
format: int32
minimum: 0
type: integer
type: object
traefik:
description: Configuration for Traefik within the Che
gateway pod.
properties:
logLevel:
default: INFO
description: 'The log level for the Traefik container
within the gateway pod: `DEBUG`, `INFO`, `WARN`,
`ERROR`, `FATAL`, or `PANIC`. The default value
is `INFO`'
enum:
- DEBUG
- INFO
- WARN
- ERROR
- FATAL
- PANIC
type: string
type: object
type: object
identityProviderURL:
description: Public URL of the Identity Provider server.

33
helmcharts/next/crds/checlusters.org.eclipse.che.CustomResourceDefinition.yaml
View File

@ -7961,6 +7961,39 @@ spec:
type: integer
type: object
type: object
kubeRbacProxy:
description: Configuration for kube-rbac-proxy within
the Che gateway pod.
properties:
logLevel:
default: 0
description: The glog log level for the kube-rbac-proxy
container within the gateway pod. Larger values
represent a higher verbosity. The default value
is `0`.
format: int32
minimum: 0
type: integer
type: object
traefik:
description: Configuration for Traefik within the Che
gateway pod.
properties:
logLevel:
default: INFO
description: 'The log level for the Traefik container
within the gateway pod: `DEBUG`, `INFO`, `WARN`,
`ERROR`, `FATAL`, or `PANIC`. The default value
is `INFO`'
enum:
- DEBUG
- INFO
- WARN
- ERROR
- FATAL
- PANIC
type: string
type: object
type: object
identityProviderURL:
description: Public URL of the Identity Provider server.

10
pkg/common/constants/constants.go
View File

@ -20,10 +20,12 @@ const (
DefaultDashboardCpuRequest = "100m"
// Gateway
DefaultGatewayMemoryLimit = "256Mi"
DefaultGatewayMemoryRequest = "64Mi"
DefaultGatewayCpuLimit = "500m"
DefaultGatewayCpuRequest = "50m"
DefaultGatewayMemoryLimit = "256Mi"
DefaultGatewayMemoryRequest = "64Mi"
DefaultGatewayCpuLimit = "500m"
DefaultGatewayCpuRequest = "50m"
DefaultTraefikLogLevel = "INFO"
DefaultKubeRbacProxyLogLevel = int32(0)
// PluginRegistry
DefaultPluginRegistryMemoryLimit = "256Mi"

6
pkg/deploy/gateway/gateway.go
View File

@ -383,6 +383,10 @@ func getGatewayHeaderRewritePluginConfigSpec(instance *chev2.CheCluster) (*corev
func getGatewayTraefikConfigSpec(instance *chev2.CheCluster) corev1.ConfigMap {
traefikPort := 8081
logLevel := constants.DefaultTraefikLogLevel
if instance.Spec.Networking.Auth.Gateway.Traefik != nil {
logLevel = utils.GetValue(instance.Spec.Networking.Auth.Gateway.Traefik.LogLevel, logLevel)
}
data := fmt.Sprintf(`
entrypoints:
http:
@ -401,7 +405,7 @@ providers:
directory: "/dynamic-config"
watch: true
log:
level: "INFO"`, traefikPort)
level: "%s"`, traefikPort, logLevel)
if instance.IsAccessTokenConfigured() {
data += `

73
pkg/deploy/gateway/gateway_test.go
View File

@ -361,3 +361,76 @@ func TestCustomizeGatewayDeploymentSingleImage(t *testing.T) {
assert.Equal(t, constants.GatewayAuthorizationContainerName, containers[3].Name)
assert.Equal(t, defaults.GetGatewayAuthorizationSidecarImage(checluster), containers[3].Image)
}
func TestTraefikLogLevel(t *testing.T) {
checluster := &chev2.CheCluster{
Spec: chev2.CheClusterSpec{
Networking: chev2.CheClusterSpecNetworking{
Auth: chev2.Auth{
Gateway: chev2.Gateway{
Traefik: &chev2.Traefik{
LogLevel: "DEBUG",
},
},
},
},
},
}
configmap := getGatewayTraefikConfigSpec(checluster)
config := configmap.Data["traefik.yml"]
if !strings.Contains(config, "level: \"DEBUG\"") {
t.Error("log.level within traefik config should be \"DEBUG\"", config)
}
}
func TestTraefikLogLevelDefault(t *testing.T) {
configmap := getGatewayTraefikConfigSpec(&chev2.CheCluster{
Spec: chev2.CheClusterSpec{},
})
config := configmap.Data["traefik.yml"]
if !strings.Contains(config, "level: \"INFO\"") {
t.Error("log.level within traefik config should be \"INFO\"", config)
}
}
func TestKubeRbacProxyLogLevel(t *testing.T) {
logLevel := int32(10)
checluster := &chev2.CheCluster{
ObjectMeta: metav1.ObjectMeta{
Name: "eclipse-che",
Namespace: "eclipse-che",
},
Spec: chev2.CheClusterSpec{
Networking: chev2.CheClusterSpecNetworking{
Auth: chev2.Auth{
Gateway: chev2.Gateway{
KubeRbacProxy: &chev2.KubeRbacProxy{
LogLevel: &logLevel,
},
},
},
},
},
}
ctx := test.GetDeployContext(checluster, []runtime.Object{})
deployment, err := getGatewayDeploymentSpec(ctx)
assert.NoError(t, err)
containers := deployment.Spec.Template.Spec.Containers
assert.Equal(t, constants.GatewayAuthorizationContainerName, containers[3].Name)
assert.Equal(t, "--v=10", containers[3].Args[4])
}
func TestKubeRbacProxyLogLevelDefault(t *testing.T) {
ctx := test.GetDeployContext(&chev2.CheCluster{
Spec: chev2.CheClusterSpec{},
}, []runtime.Object{})
deployment, err := getGatewayDeploymentSpec(ctx)
assert.NoError(t, err)
containers := deployment.Spec.Template.Spec.Containers
assert.Equal(t, constants.GatewayAuthorizationContainerName, containers[3].Name)
assert.Equal(t, "--v=0", containers[3].Args[4])
}

9
pkg/deploy/gateway/kube_rbac_proxy.go
View File

@ -13,7 +13,10 @@
package gateway
import (
"strconv"
chev2 "github.com/eclipse-che/che-operator/api/v2"
"github.com/eclipse-che/che-operator/pkg/common/constants"
defaults "github.com/eclipse-che/che-operator/pkg/common/operator-defaults"
"github.com/eclipse-che/che-operator/pkg/deploy"
corev1 "k8s.io/api/core/v1"
@ -48,6 +51,11 @@ authorization:
}
func getKubeRbacProxyContainerSpec(instance *chev2.CheCluster) corev1.Container {
logLevel := constants.DefaultKubeRbacProxyLogLevel
if instance.Spec.Networking.Auth.Gateway.KubeRbacProxy != nil && instance.Spec.Networking.Auth.Gateway.KubeRbacProxy.LogLevel != nil {
logLevel = *instance.Spec.Networking.Auth.Gateway.KubeRbacProxy.LogLevel
}
return corev1.Container{
Name: "kube-rbac-proxy",
Image: defaults.GetGatewayAuthorizationSidecarImage(instance),
@ -57,6 +65,7 @@ func getKubeRbacProxyContainerSpec(instance *chev2.CheCluster) corev1.Container
"--upstream=http://127.0.0.1:8090/ping",
"--logtostderr=true",
"--config-file=/etc/kube-rbac-proxy/authorization-config.yaml",
"--v=" + strconv.FormatInt(int64(logLevel), 10),
},
VolumeMounts: []corev1.VolumeMount{
{