Skip to content

Commit e6297cc

Browse files
authored
Support gRPC ServiceExport (#756)
* Initial changes and unit tests * Added GRPC ServiceExport integration test * Increase suite timeout to 90 minutes * Increase suite timeout to 90 minutes * Update comments * Commit auto-generated * Install latest custom CRDs on E2E tests * Install latest custom CRDs on E2E tests after Gateway API CRDs
1 parent 84fcfae commit e6297cc

17 files changed

+699
-15
lines changed

.github/workflows/validate-merge-queue-e2e-test.yaml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,16 @@ jobs:
7575
- name: Install Gateway API v1.2 CRDs
7676
run: |
7777
kubectl kustomize "github.com/kubernetes-sigs/gateway-api/config/crd?ref=v1.2.0" | kubectl apply -f -
78+
- name: Install latest custom CRDs
79+
run: |
80+
kubectl apply -f config/crds/bases/externaldns.k8s.io_dnsendpoints.yaml
81+
kubectl apply -f config/crds/bases/gateway.networking.k8s.io_tlsroutes.yaml
82+
kubectl apply -f config/crds/bases/application-networking.k8s.aws_serviceexports.yaml
83+
kubectl apply -f config/crds/bases/application-networking.k8s.aws_serviceimports.yaml
84+
kubectl apply -f config/crds/bases/application-networking.k8s.aws_targetgrouppolicies.yaml
85+
kubectl apply -f config/crds/bases/application-networking.k8s.aws_vpcassociationpolicies.yaml
86+
kubectl apply -f config/crds/bases/application-networking.k8s.aws_accesslogpolicies.yaml
87+
kubectl apply -f config/crds/bases/application-networking.k8s.aws_iamauthpolicies.yaml
7888
- name: Create Lattice GatewayClass
7989
run: |
8090
kubectl apply -f files/controller-installation/gatewayclass.yaml

Makefile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -125,6 +125,7 @@ e2e-test: ## Run e2e tests against cluster pointed to by ~/.kube/config
125125
./suites/integration/... \
126126
--ginkgo.focus="${FOCUS}" \
127127
--ginkgo.skip="${SKIP}" \
128+
--ginkgo.timeout=90m \
128129
--ginkgo.v
129130

130131
.SILENT:

config/crds/bases/application-networking.k8s.aws_serviceexports.yaml

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,37 @@ spec:
3838
type: string
3939
metadata:
4040
type: object
41+
spec:
42+
description: spec defines the desired state of ServiceExport
43+
properties:
44+
exportedPorts:
45+
description: |-
46+
exportedPorts defines which ports of the service should be exported and what route types they should be used with.
47+
If not specified, the controller will use the port from the annotation "application-networking.k8s.aws/port"
48+
and create HTTP target groups for backward compatibility.
49+
items:
50+
description: ExportedPort defines a port to be exported and the
51+
route type it should be used with
52+
properties:
53+
port:
54+
description: port is the port number to export
55+
format: int32
56+
type: integer
57+
routeType:
58+
description: |-
59+
routeType is the type of route this port should be used with
60+
Valid values are "HTTP", "GRPC", "TLS"
61+
enum:
62+
- HTTP
63+
- GRPC
64+
- TLS
65+
type: string
66+
required:
67+
- port
68+
- routeType
69+
type: object
70+
type: array
71+
type: object
4172
status:
4273
description: |-
4374
status describes the current state of an exported service.

docs/api-types/service-export.md

Lines changed: 42 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -12,21 +12,34 @@ for example, using target groups in the VPC Lattice setup outside Kubernetes.
1212
Note that ServiceExport is not the implementation of Kubernetes [Multicluster Service APIs](https://multicluster.sigs.k8s.io/concepts/multicluster-services-api/);
1313
instead AWS Gateway API Controller uses its own version of the resource for the purpose of Gateway API integration.
1414

15-
16-
### Limitations
17-
* The exported Service can only be used in HTTPRoutes. GRPCRoute is currently not supported.
18-
* Limited to one ServiceExport per Service. If you need multiple exports representing each port,
19-
you should create multiple Service-ServiceExport pairs.
20-
21-
### Annotations
15+
### Annotations (Legacy Method)
2216

2317
* `application-networking.k8s.aws/port`
2418
Represents which port of the exported Service will be used.
2519
When a comma-separated list of ports is provided, the traffic will be distributed to all ports in the list.
20+
21+
**Note:** This annotation is supported for backward compatibility. For new deployments, it's recommended to use the `spec.exportedPorts` field instead.
22+
23+
## Spec Fields
24+
25+
### exportedPorts
26+
27+
The `exportedPorts` field allows you to explicitly define which ports of the service should be exported and what route types they should be used with. This is useful when you have a service with multiple ports serving different protocols.
2628

27-
## Example Configuration
29+
Each exported port has the following fields:
30+
* `port`: The port number to export
31+
* `routeType`: The type of route this port should be used with. Valid values are:
32+
* `HTTP`: For HTTP traffic
33+
* `GRPC`: For gRPC traffic
34+
* `TLS`: For TLS traffic
2835

29-
The following yaml will create a ServiceExport for a Service named `service-1`:
36+
If `exportedPorts` is not specified, the controller will use the port from the annotation "application-networking.k8s.aws/port" and create HTTP target groups for backward compatibility.
37+
38+
## Example Configurations
39+
40+
### Legacy Configuration (Using Annotations)
41+
42+
The following yaml will create a ServiceExport for a Service named `service-1` using the legacy annotation method:
3043
```yaml
3144
apiVersion: application-networking.k8s.aws/v1alpha1
3245
kind: ServiceExport
@@ -36,3 +49,23 @@ metadata:
3649
application-networking.k8s.aws/port: "9200"
3750
spec: {}
3851
```
52+
53+
### Using exportedPorts
54+
55+
The following yaml will create a ServiceExport for a Service named `service-1` with multiple ports for different route types:
56+
```yaml
57+
apiVersion: application-networking.k8s.aws/v1alpha1
58+
kind: ServiceExport
59+
metadata:
60+
name: service-1
61+
spec:
62+
exportedPorts:
63+
- port: 80
64+
routeType: HTTP
65+
- port: 8081
66+
routeType: GRPC
67+
```
68+
69+
This configuration will:
70+
1. Export port 80 to be used with HTTP routes
71+
2. Export port 8081 to be used with gRPC routes

files/examples/inventory-ver2-export.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,3 +4,7 @@ metadata:
44
name: inventory-ver2
55
annotations:
66
application-networking.k8s.aws/federation: "amazon-vpc-lattice"
7+
spec:
8+
exportedPorts:
9+
- port: 80
10+
routeType: HTTP
Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
apiVersion: application-networking.k8s.aws/v1alpha1
2+
kind: ServiceExport
3+
metadata:
4+
name: multi-protocol-service
5+
annotations:
6+
application-networking.k8s.aws/federation: "amazon-vpc-lattice"
7+
spec:
8+
exportedPorts:
9+
- port: 80
10+
routeType: HTTP
11+
- port: 8081
12+
routeType: GRPC
13+
- port: 443
14+
routeType: TLS

files/examples/service-1-export.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,3 +4,7 @@ metadata:
44
name: service-1
55
annotations:
66
application-networking.k8s.aws/federation: "amazon-vpc-lattice"
7+
spec:
8+
exportedPorts:
9+
- port: 80
10+
routeType: HTTP

files/examples/service-2-export.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,3 +4,7 @@ metadata:
44
name: service-2
55
annotations:
66
application-networking.k8s.aws/federation: "amazon-vpc-lattice"
7+
spec:
8+
exportedPorts:
9+
- port: 80
10+
routeType: HTTP

files/examples/tls-rate2-export.yaml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,4 +3,8 @@ kind: ServiceExport
33
metadata:
44
name: tls-rate2
55
annotations:
6-
application-networking.k8s.aws/federation: "amazon-vpc-lattice"
6+
application-networking.k8s.aws/federation: "amazon-vpc-lattice"
7+
spec:
8+
exportedPorts:
9+
- port: 443
10+
routeType: TLS

helm/crds/application-networking.k8s.aws_serviceexports.yaml

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,37 @@ spec:
3838
type: string
3939
metadata:
4040
type: object
41+
spec:
42+
description: spec defines the desired state of ServiceExport
43+
properties:
44+
exportedPorts:
45+
description: |-
46+
exportedPorts defines which ports of the service should be exported and what route types they should be used with.
47+
If not specified, the controller will use the port from the annotation "application-networking.k8s.aws/port"
48+
and create HTTP target groups for backward compatibility.
49+
items:
50+
description: ExportedPort defines a port to be exported and the
51+
route type it should be used with
52+
properties:
53+
port:
54+
description: port is the port number to export
55+
format: int32
56+
type: integer
57+
routeType:
58+
description: |-
59+
routeType is the type of route this port should be used with
60+
Valid values are "HTTP", "GRPC", "TLS"
61+
enum:
62+
- HTTP
63+
- GRPC
64+
- TLS
65+
type: string
66+
required:
67+
- port
68+
- routeType
69+
type: object
70+
type: array
71+
type: object
4172
status:
4273
description: |-
4374
status describes the current state of an exported service.

pkg/apis/applicationnetworking/v1alpha1/serviceexport_types.go

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,9 @@ type ServiceExport struct {
3030
apimachineryv1.TypeMeta `json:",inline"`
3131
// +optional
3232
apimachineryv1.ObjectMeta `json:"metadata,omitempty"`
33+
// spec defines the desired state of ServiceExport
34+
// +optional
35+
Spec ServiceExportSpec `json:"spec,omitempty"`
3336
// status describes the current state of an exported service.
3437
// Service configuration comes from the Service that had the same
3538
// name and namespace as this ServiceExport.
@@ -38,6 +41,25 @@ type ServiceExport struct {
3841
Status ServiceExportStatus `json:"status,omitempty"`
3942
}
4043

44+
// ServiceExportSpec defines the desired state of ServiceExport
45+
type ServiceExportSpec struct {
46+
// exportedPorts defines which ports of the service should be exported and what route types they should be used with.
47+
// If not specified, the controller will use the port from the annotation "application-networking.k8s.aws/port"
48+
// and create HTTP target groups for backward compatibility.
49+
// +optional
50+
ExportedPorts []ExportedPort `json:"exportedPorts,omitempty"`
51+
}
52+
53+
// ExportedPort defines a port to be exported and the route type it should be used with
54+
type ExportedPort struct {
55+
// port is the port number to export
56+
Port int32 `json:"port"`
57+
// routeType is the type of route this port should be used with
58+
// Valid values are "HTTP", "GRPC", "TLS"
59+
// +kubebuilder:validation:Enum=HTTP;GRPC;TLS
60+
RouteType string `json:"routeType"`
61+
}
62+
4163
// ServiceExportStatus contains the current status of an export.
4264
type ServiceExportStatus struct {
4365
// +optional

pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go

Lines changed: 36 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pkg/controllers/suite_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ var _ = BeforeSuite(func() {
6767
Expect(err).NotTo(HaveOccurred())
6868
Expect(k8sClient).NotTo(BeNil())
6969

70-
}, 60)
70+
}, 5400)
7171

7272
var _ = AfterSuite(func() {
7373
By("tearing down the test environment")

0 commit comments

Comments
 (0)