aws

package
v0.43.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 19, 2023 License: Apache-2.0 Imports: 47 Imported by: 1

Documentation

Overview

Cluster VPC and networking setup

This file contains functions used to setup additional private sub-networks in an OpenShift cluster VPC The reason this file is required is due to CRO provisioning multi-AZ resources for AWS, even though the cluster it's provisioning resources for could be single AZ

Problem statement:

  • A single-AZ OpenShift cluster exists in a VPC, in a single AZ, which contains a public and a private sub-network
  • A multi-AZ RDS instance for that OpenShift cluster exists in the same VPC, in at least 2 AZ's which must contain at least a private sub-network
  • By default, if we try to provision a multi-AZ RDS instance in the cluster VPC it will fail as there is only one private sub-network available in one AZ

To allow for this, we must create the missing private sub-networks in the AZ's that the cluster is not provisioned in, so that RDS can successfully provision

This file provides functions that help check if a private subnet already exists in an AZ, if it does not, it can create one. If an OpenShift cluster is already multi-AZ, there will be enough sub-networks for RDS and no additional private sub-networks should be created

postgres metric provider scrapes metrics for a single postgres (rds) instance

we are required to gather data from postgres (rds) instances which can be used in valuable alerts, to ensure and monitor performance of postgres (rds) instances

this providers does

  • scrape metric data from cloudwatch
  • build a generic cloud metric data type from cloudwatch data
  • return generic cloud metric data to metric controller to be exposed

this provider does not

  • expose the metrics, this is controller at a higher level (controller)

a helper utility for the cluster network provider. the network provider provisions subnets in two availability zones. to ensure a mapping between subnets and availability zones this sort utility, allows for deterministic sorting of availability zones based on the zone names

Index

Constants

View Source
const (
	DefaultConfigMapName = "cloud-resources-aws-strategies"

	DefaultFinalizer = "cloud-resources-operator.integreatly.org/finalizers"

	ResourceIdentifierAnnotation = "resourceIdentifier"
)
View Source
const (
	DetailsBlobStorageBucketName          = "bucketName"
	DetailsBlobStorageBucketRegion        = "bucketRegion"
	DetailsBlobStorageCredentialKeyID     = "credentialKeyID" // #nosec G101 -- false positive (ref: https://securego.io/docs/rules/g101.html)
	DetailsBlobStorageCredentialSecretKey = "credentialSecretKey"
)

provider name and default create options

Variables

View Source
var DefaultConfigMapNamespace, _ = k8sutil.GetWatchNamespace()

DefaultConfigMapNamespace is the default namespace that Configmaps will be created in

Functions

func BuildDefaultConfigMap

func BuildDefaultConfigMap(name, namespace string) *v1.ConfigMap

func BuildInfraName

func BuildInfraName(ctx context.Context, c client.Client, postfix string, n int) (string, error)

BuildInfraName builds and returns an id used for infra resources

func BuildInfraNameFromObject

func BuildInfraNameFromObject(ctx context.Context, c client.Client, om controllerruntime.ObjectMeta, n int) (string, error)

func BuildTimestampedInfraNameFromObjectCreation

func BuildTimestampedInfraNameFromObjectCreation(ctx context.Context, c client.Client, om controllerruntime.ObjectMeta, n int) (string, error)

func CreateSessionFromStrategy

func CreateSessionFromStrategy(ctx context.Context, c client.Client, credentials *Credentials, strategy *StrategyConfig) (*session.Session, error)

func GetCidr

func GetCidr(ctx context.Context, c client.Client, ec2Svc ec2iface.EC2API, logger *logrus.Entry) (string, string, error)

returns vpc id and cidr block for found vpc

func GetPrivateSubnetIDS

func GetPrivateSubnetIDS(ctx context.Context, c client.Client, ec2Svc ec2iface.EC2API, logger *logrus.Entry) ([]*string, error)

GetSubnetIDS returns a list of subnet ids associated with cluster vpc

func GetRegionFromStrategyOrDefault

func GetRegionFromStrategyOrDefault(ctx context.Context, c client.Client, strategy *StrategyConfig) (string, error)

func GetVPCSubnets

func GetVPCSubnets(ec2Svc ec2iface.EC2API, logger *logrus.Entry, vpc *ec2.Vpc) ([]*ec2.Subnet, error)

GetVPCSubnets returns a list of subnets associated with cluster VPC

Types

type BlobStorageDeploymentDetails

type BlobStorageDeploymentDetails struct {
	BucketName          string
	BucketRegion        string
	CredentialKeyID     string
	CredentialSecretKey string
}

BlobStorageDeploymentDetails Provider-specific details about the AWS S3 bucket created

func (*BlobStorageDeploymentDetails) Data

func (d *BlobStorageDeploymentDetails) Data() map[string][]byte

type BlobStorageProvider

type BlobStorageProvider struct {
	Client            client.Client
	Logger            *logrus.Entry
	CredentialManager CredentialManager
	ConfigManager     ConfigManager
}

BlobStorageProvider implementation for AWS S3

func NewAWSBlobStorageProvider

func NewAWSBlobStorageProvider(client client.Client, logger *logrus.Entry) (*BlobStorageProvider, error)

func (*BlobStorageProvider) CreateStorage

CreateStorage Create S3 bucket from strategy config and credentials to interact with it

func (*BlobStorageProvider) DeleteStorage

DeleteStorage Delete S3 bucket and credentials to add objects to it

func (*BlobStorageProvider) GetName

func (p *BlobStorageProvider) GetName() string

func (*BlobStorageProvider) GetReconcileTime

func (p *BlobStorageProvider) GetReconcileTime(bs *v1alpha1.BlobStorage) time.Duration

func (*BlobStorageProvider) SupportsStrategy

func (p *BlobStorageProvider) SupportsStrategy(d string) bool

func (*BlobStorageProvider) TagBlobStorage

func (p *BlobStorageProvider) TagBlobStorage(ctx context.Context, bucketName string, bs *v1alpha1.BlobStorage, stratCfgRegion string, s3svc s3iface.S3API) (croType.StatusMessage, error)

type ConfigManager

type ConfigManager interface {
	ReadStorageStrategy(ctx context.Context, rt providers.ResourceType, tier string) (*StrategyConfig, error)
}

type ConfigManagerMock

type ConfigManagerMock struct {
	// ReadStorageStrategyFunc mocks the ReadStorageStrategy method.
	ReadStorageStrategyFunc func(ctx context.Context, rt providers.ResourceType, tier string) (*StrategyConfig, error)
	// contains filtered or unexported fields
}

ConfigManagerMock is a mock implementation of ConfigManager.

func TestSomethingThatUsesConfigManager(t *testing.T) {

	// make and configure a mocked ConfigManager
	mockedConfigManager := &ConfigManagerMock{
		ReadStorageStrategyFunc: func(ctx context.Context, rt providers.ResourceType, tier string) (*StrategyConfig, error) {
			panic("mock out the ReadStorageStrategy method")
		},
	}

	// use mockedConfigManager in code that requires ConfigManager
	// and then make assertions.

}

func (*ConfigManagerMock) ReadStorageStrategy

func (mock *ConfigManagerMock) ReadStorageStrategy(ctx context.Context, rt providers.ResourceType, tier string) (*StrategyConfig, error)

ReadStorageStrategy calls ReadStorageStrategyFunc.

func (*ConfigManagerMock) ReadStorageStrategyCalls

func (mock *ConfigManagerMock) ReadStorageStrategyCalls() []struct {
	Ctx  context.Context
	Rt   providers.ResourceType
	Tier string
}

ReadStorageStrategyCalls gets all the calls that were made to ReadStorageStrategy. Check the length with:

len(mockedConfigManager.ReadStorageStrategyCalls())

type ConfigMapConfigManager

type ConfigMapConfigManager struct {
	// contains filtered or unexported fields
}

func NewConfigMapConfigManager

func NewConfigMapConfigManager(cm string, namespace string, client client.Client) *ConfigMapConfigManager

func NewDefaultConfigMapConfigManager

func NewDefaultConfigMapConfigManager(client client.Client) *ConfigMapConfigManager

func (*ConfigMapConfigManager) ReadStorageStrategy

func (m *ConfigMapConfigManager) ReadStorageStrategy(ctx context.Context, rt providers.ResourceType, tier string) (*StrategyConfig, error)

type ConnectionTestManager

type ConnectionTestManager struct{}

func NewConnectionTestManager

func NewConnectionTestManager() *ConnectionTestManager

func (*ConnectionTestManager) TCPConnection

func (m *ConnectionTestManager) TCPConnection(host string, port int) bool

TCPConnection trys to create a tcp connection, if none can be made it returns an error

type ConnectionTester

type ConnectionTester interface {
	TCPConnection(host string, port int) bool
}

type ConnectionTesterMock

type ConnectionTesterMock struct {
	// TCPConnectionFunc mocks the TCPConnection method.
	TCPConnectionFunc func(host string, port int) bool
	// contains filtered or unexported fields
}

ConnectionTesterMock is a mock implementation of ConnectionTester.

func TestSomethingThatUsesConnectionTester(t *testing.T) {

	// make and configure a mocked ConnectionTester
	mockedConnectionTester := &ConnectionTesterMock{
		TCPConnectionFunc: func(host string, port int) bool {
			panic("mock out the TCPConnection method")
		},
	}

	// use mockedConnectionTester in code that requires ConnectionTester
	// and then make assertions.

}

func (*ConnectionTesterMock) TCPConnection

func (mock *ConnectionTesterMock) TCPConnection(host string, port int) bool

TCPConnection calls TCPConnectionFunc.

func (*ConnectionTesterMock) TCPConnectionCalls

func (mock *ConnectionTesterMock) TCPConnectionCalls() []struct {
	Host string
	Port int
}

TCPConnectionCalls gets all the calls that were made to TCPConnection. Check the length with:

len(mockedConnectionTester.TCPConnectionCalls())

type CredentialManager

type CredentialManager interface {
	ReconcileProviderCredentials(ctx context.Context, ns string) (*Credentials, error)
	ReconcileBucketOwnerCredentials(ctx context.Context, name, ns, bucket string) (*Credentials, error)
}

func NewCredentialManager added in v0.39.0

func NewCredentialManager(client client.Client) (CredentialManager, error)

type CredentialManagerMock

type CredentialManagerMock struct {
	// ReconcileBucketOwnerCredentialsFunc mocks the ReconcileBucketOwnerCredentials method.
	ReconcileBucketOwnerCredentialsFunc func(ctx context.Context, name string, ns string, bucket string) (*Credentials, error)

	// ReconcileProviderCredentialsFunc mocks the ReconcileProviderCredentials method.
	ReconcileProviderCredentialsFunc func(ctx context.Context, ns string) (*Credentials, error)
	// contains filtered or unexported fields
}

CredentialManagerMock is a mock implementation of CredentialManager.

func TestSomethingThatUsesCredentialManager(t *testing.T) {

	// make and configure a mocked CredentialManager
	mockedCredentialManager := &CredentialManagerMock{
		ReconcileBucketOwnerCredentialsFunc: func(ctx context.Context, name string, ns string, bucket string) (*Credentials, error) {
			panic("mock out the ReconcileBucketOwnerCredentials method")
		},
		ReconcileProviderCredentialsFunc: func(ctx context.Context, ns string) (*Credentials, error) {
			panic("mock out the ReconcileProviderCredentials method")
		},
	}

	// use mockedCredentialManager in code that requires CredentialManager
	// and then make assertions.

}

func (*CredentialManagerMock) ReconcileBucketOwnerCredentials added in v0.39.0

func (mock *CredentialManagerMock) ReconcileBucketOwnerCredentials(ctx context.Context, name string, ns string, bucket string) (*Credentials, error)

ReconcileBucketOwnerCredentials calls ReconcileBucketOwnerCredentialsFunc.

func (*CredentialManagerMock) ReconcileBucketOwnerCredentialsCalls added in v0.39.0

func (mock *CredentialManagerMock) ReconcileBucketOwnerCredentialsCalls() []struct {
	Ctx    context.Context
	Name   string
	Ns     string
	Bucket string
}

ReconcileBucketOwnerCredentialsCalls gets all the calls that were made to ReconcileBucketOwnerCredentials. Check the length with:

len(mockedCredentialManager.ReconcileBucketOwnerCredentialsCalls())

func (*CredentialManagerMock) ReconcileProviderCredentials

func (mock *CredentialManagerMock) ReconcileProviderCredentials(ctx context.Context, ns string) (*Credentials, error)

ReconcileProviderCredentials calls ReconcileProviderCredentialsFunc.

func (*CredentialManagerMock) ReconcileProviderCredentialsCalls

func (mock *CredentialManagerMock) ReconcileProviderCredentialsCalls() []struct {
	Ctx context.Context
	Ns  string
}

ReconcileProviderCredentialsCalls gets all the calls that were made to ReconcileProviderCredentials. Check the length with:

len(mockedCredentialManager.ReconcileProviderCredentialsCalls())

type CredentialMinterCredentialManager

type CredentialMinterCredentialManager struct {
	ProviderCredentialName string
	Client                 client.Client
}

CredentialMinterCredentialManager Implementation of CredentialManager using the openshift cloud credential minter

func NewCredentialMinterCredentialManager

func NewCredentialMinterCredentialManager(client client.Client) *CredentialMinterCredentialManager

func (*CredentialMinterCredentialManager) ReconcileBucketOwnerCredentials added in v0.39.0

func (m *CredentialMinterCredentialManager) ReconcileBucketOwnerCredentials(ctx context.Context, name, ns, bucket string) (*Credentials, error)

func (*CredentialMinterCredentialManager) ReconcileProviderCredentials

func (m *CredentialMinterCredentialManager) ReconcileProviderCredentials(ctx context.Context, ns string) (*Credentials, error)

ReconcileProviderCredentials Ensure the credentials the AWS provider requires are available

type Credentials

type Credentials struct {
	Username        string
	PolicyName      string
	AccessKeyID     string
	SecretAccessKey string
	RoleArn         string
	TokenFilePath   string
}

type Network

type Network struct {
	Vpc     *ec2.Vpc
	Subnets []*ec2.Subnet
}

Network wrapper for ec2 vpcs, to allow for extensibility

type NetworkAZSubnet

type NetworkAZSubnet struct {
	IP net.IPNet
	AZ *ec2.AvailabilityZone
}

NetworkAZSubnet used to map expected ip addresses to availability zones

type NetworkConnection

type NetworkConnection struct {
	StandaloneSecurityGroup *ec2.SecurityGroup
}

type NetworkManager

type NetworkManager interface {
	CreateNetwork(context.Context, *net.IPNet) (*Network, error)
	DeleteNetwork(context.Context) error
	CreateNetworkConnection(context.Context, *Network) (*NetworkConnection, error)
	DeleteNetworkConnection(context.Context, *NetworkPeering) error
	CreateNetworkPeering(context.Context, *Network) (*NetworkPeering, error)
	GetClusterNetworkPeering(context.Context) (*NetworkPeering, error)
	DeleteNetworkPeering(*NetworkPeering) error
	IsEnabled(context.Context) (bool, error)
	DeleteBundledCloudResources(context.Context) error
}

type NetworkManagerMock

type NetworkManagerMock struct {
	// CreateNetworkFunc mocks the CreateNetwork method.
	CreateNetworkFunc func(contextMoqParam context.Context, iPNet *net.IPNet) (*Network, error)

	// CreateNetworkConnectionFunc mocks the CreateNetworkConnection method.
	CreateNetworkConnectionFunc func(contextMoqParam context.Context, network *Network) (*NetworkConnection, error)

	// CreateNetworkPeeringFunc mocks the CreateNetworkPeering method.
	CreateNetworkPeeringFunc func(contextMoqParam context.Context, network *Network) (*NetworkPeering, error)

	// DeleteBundledCloudResourcesFunc mocks the DeleteBundledCloudResources method.
	DeleteBundledCloudResourcesFunc func(contextMoqParam context.Context) error

	// DeleteNetworkFunc mocks the DeleteNetwork method.
	DeleteNetworkFunc func(contextMoqParam context.Context) error

	// DeleteNetworkConnectionFunc mocks the DeleteNetworkConnection method.
	DeleteNetworkConnectionFunc func(contextMoqParam context.Context, networkPeering *NetworkPeering) error

	// DeleteNetworkPeeringFunc mocks the DeleteNetworkPeering method.
	DeleteNetworkPeeringFunc func(networkPeering *NetworkPeering) error

	// GetClusterNetworkPeeringFunc mocks the GetClusterNetworkPeering method.
	GetClusterNetworkPeeringFunc func(contextMoqParam context.Context) (*NetworkPeering, error)

	// IsEnabledFunc mocks the IsEnabled method.
	IsEnabledFunc func(contextMoqParam context.Context) (bool, error)
	// contains filtered or unexported fields
}

NetworkManagerMock is a mock implementation of NetworkManager.

func TestSomethingThatUsesNetworkManager(t *testing.T) {

	// make and configure a mocked NetworkManager
	mockedNetworkManager := &NetworkManagerMock{
		CreateNetworkFunc: func(contextMoqParam context.Context, iPNet *net.IPNet) (*Network, error) {
			panic("mock out the CreateNetwork method")
		},
		CreateNetworkConnectionFunc: func(contextMoqParam context.Context, network *Network) (*NetworkConnection, error) {
			panic("mock out the CreateNetworkConnection method")
		},
		CreateNetworkPeeringFunc: func(contextMoqParam context.Context, network *Network) (*NetworkPeering, error) {
			panic("mock out the CreateNetworkPeering method")
		},
		DeleteBundledCloudResourcesFunc: func(contextMoqParam context.Context) error {
			panic("mock out the DeleteBundledCloudResources method")
		},
		DeleteNetworkFunc: func(contextMoqParam context.Context) error {
			panic("mock out the DeleteNetwork method")
		},
		DeleteNetworkConnectionFunc: func(contextMoqParam context.Context, networkPeering *NetworkPeering) error {
			panic("mock out the DeleteNetworkConnection method")
		},
		DeleteNetworkPeeringFunc: func(networkPeering *NetworkPeering) error {
			panic("mock out the DeleteNetworkPeering method")
		},
		GetClusterNetworkPeeringFunc: func(contextMoqParam context.Context) (*NetworkPeering, error) {
			panic("mock out the GetClusterNetworkPeering method")
		},
		IsEnabledFunc: func(contextMoqParam context.Context) (bool, error) {
			panic("mock out the IsEnabled method")
		},
	}

	// use mockedNetworkManager in code that requires NetworkManager
	// and then make assertions.

}

func (*NetworkManagerMock) CreateNetwork

func (mock *NetworkManagerMock) CreateNetwork(contextMoqParam context.Context, iPNet *net.IPNet) (*Network, error)

CreateNetwork calls CreateNetworkFunc.

func (*NetworkManagerMock) CreateNetworkCalls

func (mock *NetworkManagerMock) CreateNetworkCalls() []struct {
	ContextMoqParam context.Context
	IPNet           *net.IPNet
}

CreateNetworkCalls gets all the calls that were made to CreateNetwork. Check the length with:

len(mockedNetworkManager.CreateNetworkCalls())

func (*NetworkManagerMock) CreateNetworkConnection

func (mock *NetworkManagerMock) CreateNetworkConnection(contextMoqParam context.Context, network *Network) (*NetworkConnection, error)

CreateNetworkConnection calls CreateNetworkConnectionFunc.

func (*NetworkManagerMock) CreateNetworkConnectionCalls

func (mock *NetworkManagerMock) CreateNetworkConnectionCalls() []struct {
	ContextMoqParam context.Context
	Network         *Network
}

CreateNetworkConnectionCalls gets all the calls that were made to CreateNetworkConnection. Check the length with:

len(mockedNetworkManager.CreateNetworkConnectionCalls())

func (*NetworkManagerMock) CreateNetworkPeering

func (mock *NetworkManagerMock) CreateNetworkPeering(contextMoqParam context.Context, network *Network) (*NetworkPeering, error)

CreateNetworkPeering calls CreateNetworkPeeringFunc.

func (*NetworkManagerMock) CreateNetworkPeeringCalls

func (mock *NetworkManagerMock) CreateNetworkPeeringCalls() []struct {
	ContextMoqParam context.Context
	Network         *Network
}

CreateNetworkPeeringCalls gets all the calls that were made to CreateNetworkPeering. Check the length with:

len(mockedNetworkManager.CreateNetworkPeeringCalls())

func (*NetworkManagerMock) DeleteBundledCloudResources

func (mock *NetworkManagerMock) DeleteBundledCloudResources(contextMoqParam context.Context) error

DeleteBundledCloudResources calls DeleteBundledCloudResourcesFunc.

func (*NetworkManagerMock) DeleteBundledCloudResourcesCalls

func (mock *NetworkManagerMock) DeleteBundledCloudResourcesCalls() []struct {
	ContextMoqParam context.Context
}

DeleteBundledCloudResourcesCalls gets all the calls that were made to DeleteBundledCloudResources. Check the length with:

len(mockedNetworkManager.DeleteBundledCloudResourcesCalls())

func (*NetworkManagerMock) DeleteNetwork

func (mock *NetworkManagerMock) DeleteNetwork(contextMoqParam context.Context) error

DeleteNetwork calls DeleteNetworkFunc.

func (*NetworkManagerMock) DeleteNetworkCalls

func (mock *NetworkManagerMock) DeleteNetworkCalls() []struct {
	ContextMoqParam context.Context
}

DeleteNetworkCalls gets all the calls that were made to DeleteNetwork. Check the length with:

len(mockedNetworkManager.DeleteNetworkCalls())

func (*NetworkManagerMock) DeleteNetworkConnection

func (mock *NetworkManagerMock) DeleteNetworkConnection(contextMoqParam context.Context, networkPeering *NetworkPeering) error

DeleteNetworkConnection calls DeleteNetworkConnectionFunc.

func (*NetworkManagerMock) DeleteNetworkConnectionCalls

func (mock *NetworkManagerMock) DeleteNetworkConnectionCalls() []struct {
	ContextMoqParam context.Context
	NetworkPeering  *NetworkPeering
}

DeleteNetworkConnectionCalls gets all the calls that were made to DeleteNetworkConnection. Check the length with:

len(mockedNetworkManager.DeleteNetworkConnectionCalls())

func (*NetworkManagerMock) DeleteNetworkPeering

func (mock *NetworkManagerMock) DeleteNetworkPeering(networkPeering *NetworkPeering) error

DeleteNetworkPeering calls DeleteNetworkPeeringFunc.

func (*NetworkManagerMock) DeleteNetworkPeeringCalls

func (mock *NetworkManagerMock) DeleteNetworkPeeringCalls() []struct {
	NetworkPeering *NetworkPeering
}

DeleteNetworkPeeringCalls gets all the calls that were made to DeleteNetworkPeering. Check the length with:

len(mockedNetworkManager.DeleteNetworkPeeringCalls())

func (*NetworkManagerMock) GetClusterNetworkPeering

func (mock *NetworkManagerMock) GetClusterNetworkPeering(contextMoqParam context.Context) (*NetworkPeering, error)

GetClusterNetworkPeering calls GetClusterNetworkPeeringFunc.

func (*NetworkManagerMock) GetClusterNetworkPeeringCalls

func (mock *NetworkManagerMock) GetClusterNetworkPeeringCalls() []struct {
	ContextMoqParam context.Context
}

GetClusterNetworkPeeringCalls gets all the calls that were made to GetClusterNetworkPeering. Check the length with:

len(mockedNetworkManager.GetClusterNetworkPeeringCalls())

func (*NetworkManagerMock) IsEnabled

func (mock *NetworkManagerMock) IsEnabled(contextMoqParam context.Context) (bool, error)

IsEnabled calls IsEnabledFunc.

func (*NetworkManagerMock) IsEnabledCalls

func (mock *NetworkManagerMock) IsEnabledCalls() []struct {
	ContextMoqParam context.Context
}

IsEnabledCalls gets all the calls that were made to IsEnabled. Check the length with:

len(mockedNetworkManager.IsEnabledCalls())

type NetworkPeering

type NetworkPeering struct {
	PeeringConnection *ec2.VpcPeeringConnection
}

NetworkPeering wrapper for ec2 vpc peering connections, to allow for extensibility

func (*NetworkPeering) IsReady

func (np *NetworkPeering) IsReady() bool

type NetworkProvider

type NetworkProvider struct {
	Client         client.Client
	RdsApi         rdsiface.RDSAPI
	Ec2Api         ec2iface.EC2API
	ElasticacheApi elasticacheiface.ElastiCacheAPI
	Logger         *logrus.Entry
	IsSTSCluster   bool
}

func NewNetworkManager

func NewNetworkManager(session *session.Session, client client.Client, logger *logrus.Entry, isSTSCluster bool) *NetworkProvider

func (*NetworkProvider) CreateNetwork

func (n *NetworkProvider) CreateNetwork(ctx context.Context, vpcCidrBlock *net.IPNet) (*Network, error)

CreateNetwork returns a Network type or error

VPC's created by the cloud resource operator are identified by having a tag with the name `<organizationTag>/clusterID`. By default, `integreatly.org/clusterID`.

CreateNetwork does:

  • create a VPC with CIDR block and tag it, if a VPC does not exist,
  • reconcile on subnets and subnet groups

CreateNetwork does not:

  • reconcile the vpc if the VPC already exist (this is to avoid potential changes to the CIDR range and unwanted/unexpected behaviour)

func (*NetworkProvider) CreateNetworkConnection

func (n *NetworkProvider) CreateNetworkConnection(ctx context.Context, network *Network) (*NetworkConnection, error)

CreateNetworkConnection handles the creation of a connection from the vpc provisioned by cro to the cluster vpc here we handle :

  • the standalone security group
  • cro standalone vpc route table
  • cluster vpc route table

func (*NetworkProvider) CreateNetworkPeering

func (n *NetworkProvider) CreateNetworkPeering(ctx context.Context, network *Network) (*NetworkPeering, error)

CreateNetworkPeering creates a peering connection between a provided vpc and the openshift cluster vpc used to enable network connectivity between the vpcs, so services in the openshift cluster can reach databases in the provided vpc

func (*NetworkProvider) DeleteBundledCloudResources

func (n *NetworkProvider) DeleteBundledCloudResources(ctx context.Context) error

DeleteBundledCloudResources returns an error on any error deleting of the following resources * elasticache subnet group * rds subnet group * ec2 security group

it has been located under the cluster network provider as it requires 3 different aws sessions (elasticache, rds and ec2) to delete the required resources even though it deals with bundled resources. The majority of the functionality in this file relates to standalone aws vpc and it's resources.

func (*NetworkProvider) DeleteNetwork

func (n *NetworkProvider) DeleteNetwork(ctx context.Context) error

DeleteNetwork returns an error

VPCs are tagged with the name `<organizationTag>/clusterID`. By default, `integreatly.org/clusterID`.

This tag is used to find a standalone VPC If found DeleteNetwork will attempt to remove:

  • all vpc associated subnets
  • both subnet groups (rds and elasticache)
  • the vpc

func (*NetworkProvider) DeleteNetworkConnection

func (n *NetworkProvider) DeleteNetworkConnection(ctx context.Context, networkPeering *NetworkPeering) error

DeleteNetworkConnection removes the security group created by cro

func (*NetworkProvider) DeleteNetworkPeering

func (n *NetworkProvider) DeleteNetworkPeering(peering *NetworkPeering) error

DeleteNetworkPeering deletes a provided vpc peering connection this will remove network connectivity between the vpcs that are part of the provided peering connection

func (*NetworkProvider) GetClusterNetworkPeering

func (n *NetworkProvider) GetClusterNetworkPeering(ctx context.Context) (*NetworkPeering, error)

GetClusterNetworkPeering returns an active Net

func (*NetworkProvider) IsEnabled

func (n *NetworkProvider) IsEnabled(ctx context.Context) (bool, error)

IsEnabled returns true when no bundled subnets are found in the openshift cluster vpc.

All subnets created by the cloud resource operator are identified by having a tag with the name `<organizationTag>/clusterID`. By default, `integreatly.org/clusterID`.

this check allows us to maintain backwards compatibility with openshift clusters that used the cloud resource operator before this standalone vpc provider was added. If this function returns false, we should continue using the backwards compatible approach of bundling resources in with the openshift cluster vpc.

func (*NetworkProvider) ReconcileNetworkProviderConfig

func (n *NetworkProvider) ReconcileNetworkProviderConfig(ctx context.Context, configManager ConfigManager, tier string, logger *logrus.Entry) (*net.IPNet, error)

ReconcileNetworkProviderConfig return parsed ipNet cidr block a _network resource type strategy, is expected to have the same tier as either postgres or redis resource type i.e. for a postgres tier X there should be a corresponding _network tier X

the _network strategy config is unmarshalled into a ec2 create vpc input struct from the struct the cidr block is parsed to ensure validity if there is no entry for cidrblock in the _network block a sensible default which doesn't overlap with the cluster vpc if cro is unable to find a valid non-overlapping cidr block it will return an error

type PostgresMetricsProvider

type PostgresMetricsProvider struct {
	Client            client.Client
	Logger            *logrus.Entry
	CredentialManager CredentialManager
	ConfigManager     ConfigManager
}

func NewAWSPostgresMetricsProvider

func NewAWSPostgresMetricsProvider(client client.Client, logger *logrus.Entry) (*PostgresMetricsProvider, error)

func (PostgresMetricsProvider) ScrapePostgresMetrics

ScrapeMetrics returns scraped metrics to metric controller

func (*PostgresMetricsProvider) SupportsStrategy

func (p *PostgresMetricsProvider) SupportsStrategy(strategy string) bool

type PostgresProvider

type PostgresProvider struct {
	Client            client.Client
	Logger            *logrus.Entry
	CredentialManager CredentialManager
	ConfigManager     ConfigManager
	TCPPinger         ConnectionTester
}

func NewAWSPostgresProvider

func NewAWSPostgresProvider(client client.Client, logger *logrus.Entry) (*PostgresProvider, error)

func (*PostgresProvider) DeletePostgres

func (*PostgresProvider) GetName

func (p *PostgresProvider) GetName() string

func (*PostgresProvider) GetReconcileTime

func (p *PostgresProvider) GetReconcileTime(pg *v1alpha1.Postgres) time.Duration

func (*PostgresProvider) ReconcilePostgres added in v0.32.0

ReconcilePostgres creates an RDS Instance from strategy config

func (*PostgresProvider) SupportsStrategy

func (p *PostgresProvider) SupportsStrategy(d string) bool

func (*PostgresProvider) TagRDSPostgres

func (p *PostgresProvider) TagRDSPostgres(ctx context.Context, cr *v1alpha1.Postgres, rdsSvc rdsiface.RDSAPI, foundInstance *rds.DBInstance) (croType.StatusMessage, error)

type PostgresSnapshotProvider

type PostgresSnapshotProvider struct {
	CredentialManager CredentialManager
	ConfigManager     ConfigManager
	// contains filtered or unexported fields
}

func NewAWSPostgresSnapshotProvider

func NewAWSPostgresSnapshotProvider(client client.Client, logger *logrus.Entry) (*PostgresSnapshotProvider, error)

func (*PostgresSnapshotProvider) CreatePostgresSnapshot

func (*PostgresSnapshotProvider) DeletePostgresSnapshot

func (p *PostgresSnapshotProvider) DeletePostgresSnapshot(ctx context.Context, snapshot *v1alpha1.PostgresSnapshot, postgres *v1alpha1.Postgres) (croType.StatusMessage, error)

func (*PostgresSnapshotProvider) GetName

func (p *PostgresSnapshotProvider) GetName() string

func (*PostgresSnapshotProvider) GetReconcileTime

func (p *PostgresSnapshotProvider) GetReconcileTime(snapshot *v1alpha1.PostgresSnapshot) time.Duration

func (*PostgresSnapshotProvider) SupportsStrategy

func (p *PostgresSnapshotProvider) SupportsStrategy(s string) bool

type RedisMetricsProvider

type RedisMetricsProvider struct {
	Client            client.Client
	Logger            *logrus.Entry
	CredentialManager CredentialManager
	ConfigManager     ConfigManager
}

func NewAWSRedisMetricsProvider

func NewAWSRedisMetricsProvider(client client.Client, logger *logrus.Entry) (*RedisMetricsProvider, error)

func (*RedisMetricsProvider) ScrapeRedisMetrics

func (*RedisMetricsProvider) SupportsStrategy

func (r *RedisMetricsProvider) SupportsStrategy(strategy string) bool

type RedisProvider

type RedisProvider struct {
	Client            client.Client
	Logger            *logrus.Entry
	CredentialManager CredentialManager
	ConfigManager     ConfigManager
	CacheSvc          elasticacheiface.ElastiCacheAPI
	TCPPinger         ConnectionTester
}

RedisProvider implementation for AWS Elasticache

func NewAWSRedisProvider

func NewAWSRedisProvider(client client.Client, logger *logrus.Entry) (*RedisProvider, error)

func (*RedisProvider) CreateRedis

CreateRedis Create an Elasticache Replication Group from strategy config

func (*RedisProvider) DeleteRedis

DeleteRedis Delete elasticache replication group

func (*RedisProvider) GetName

func (p *RedisProvider) GetName() string

func (*RedisProvider) GetReconcileTime

func (p *RedisProvider) GetReconcileTime(r *v1alpha1.Redis) time.Duration

func (*RedisProvider) SupportsStrategy

func (p *RedisProvider) SupportsStrategy(d string) bool

func (*RedisProvider) TagElasticacheNode

TagElasticacheNode Add Tags to AWS Elasticache

type RedisSnapshotProvider

type RedisSnapshotProvider struct {
	CredentialManager CredentialManager
	ConfigManager     ConfigManager
	// contains filtered or unexported fields
}

func NewAWSRedisSnapshotProvider

func NewAWSRedisSnapshotProvider(client client.Client, logger *logrus.Entry) (*RedisSnapshotProvider, error)

func (*RedisSnapshotProvider) CreateRedisSnapshot

func (*RedisSnapshotProvider) DeleteRedisSnapshot

func (p *RedisSnapshotProvider) DeleteRedisSnapshot(ctx context.Context, snapshot *v1alpha1.RedisSnapshot, redis *v1alpha1.Redis) (croType.StatusMessage, error)

func (*RedisSnapshotProvider) GetName

func (p *RedisSnapshotProvider) GetName() string

func (*RedisSnapshotProvider) GetReconcileTime

func (p *RedisSnapshotProvider) GetReconcileTime(snapshot *v1alpha1.RedisSnapshot) time.Duration

func (*RedisSnapshotProvider) SupportsStrategy

func (p *RedisSnapshotProvider) SupportsStrategy(s string) bool

type S3DeleteStrat

type S3DeleteStrat struct {
	ForceBucketDeletion *bool `json:"forceBucketDeletion"`
	// contains filtered or unexported fields
}

S3DeleteStrat custom s3 delete strat

type STSCredentialManager added in v0.39.0

type STSCredentialManager struct {
	OperatorNamespace string
	Client            client.Client
}

STSCredentialManager Implementation of CredentialManager for OpenShift Clusters that use STS

func NewSTSCredentialManager added in v0.39.0

func NewSTSCredentialManager(client client.Client, ns string) *STSCredentialManager

func (*STSCredentialManager) ReconcileBucketOwnerCredentials added in v0.39.0

func (m *STSCredentialManager) ReconcileBucketOwnerCredentials(_ context.Context, _, _, _ string) (*Credentials, error)

func (*STSCredentialManager) ReconcileProviderCredentials added in v0.39.0

func (m *STSCredentialManager) ReconcileProviderCredentials(ctx context.Context, _ string) (*Credentials, error)

ReconcileProviderCredentials Ensure the credentials the AWS provider requires are available

type ServiceUpdate

type ServiceUpdate struct {
	// contains filtered or unexported fields
}

type StrategyConfig

type StrategyConfig struct {
	Region         string          `json:"region"`
	CreateStrategy json.RawMessage `json:"createStrategy"`
	DeleteStrategy json.RawMessage `json:"deleteStrategy"`
	ServiceUpdates json.RawMessage `json:"serviceUpdates"`
}

StrategyConfig provides the configuration necessary to create/modify/delete aws resources Region -> required to create aws sessions, if no region is provided we default to cluster infrastructure CreateStrategy -> maps to resource specific create parameters, uses as a source of truth to the state we expect the resource to be in DeleteStrategy -> maps to resource specific delete parameters

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL