search

Kuadrant / multicluster-gateway-controller

multi-cluster gateway controller, manages multi-cluster gateways based on gateway api and policy attachment
Apache License 2.0
10 stars 23 forks source link

DNSHealthCheckProbe is not created in single cluster context #727

Closed pehala closed 8 months ago

pehala commented 8 months ago

Using quay.io/kuadrant/policy-controller:main deployed in single cluster setup with the rest of Service Protection, the DNSHealthCheckProbes are not created for health check enabled DNSPolicy. Gateway does not have wildcard domain

Gateway: 

apiVersion: gateway.networking.k8s.io/v1
kind: Gateway
metadata:
  annotations:
    gateway.istio.io/controller-version: '5'
    kuadrant.io/dnspolicies: '[{"Namespace":"kuadrant","Name":"dns-phala-kudrnt-te-vddq"}]'
    kuadrant.io/dnspolicy: kuadrant/dns-phala-kudrnt-te-vddq
    kuadrant.io/namespace: kuadrant-system
  name: mgc-gate-phala-kudrnt-te-vxve
  namespace: kuadrant
  labels:
    app: testrun-phala-kudrnt-te-vu0f-qp8mz9i
    cluster.open-cluster-management.io/placement: http-gateway
spec:
  gatewayClassName: istio
  listeners:
    - allowedRoutes:
        namespaces:
          from: All
      hostname: hostname-phala-kudrnt-te-fhbp.aws.kua.3scale.app-services-dev.net
      name: api
      port: 80
      protocol: HTTP
status:
  addresses:
    - type: IPAddress
      value: 10.0.189.114
  conditions:
    - lastTransitionTime: '2023-12-13T11:22:32Z'
      message: Resource accepted
      observedGeneration: 1
      reason: Accepted
      status: 'True'
      type: Accepted
    - lastTransitionTime: '2023-12-13T11:23:50Z'
      message: >-
        Resource programmed, assigned to service(s)
        mgc-gate-phala-kudrnt-te-vxve-istio.kuadrant.svc.cluster.local:80
      observedGeneration: 1
      reason: Programmed
      status: 'True'
      type: Programmed
    - lastTransitionTime: '2023-12-13T11:24:03Z'
      message: >-
        policy success. Object affected by policy kuadrant.io/v1alpha1,
        Kind=DNSPolicy in namespace kuadrant with name dns-phala-kudrnt-te-vddq 
      observedGeneration: 1
      reason: Accepted
      status: 'True'
      type: kuadrant.io/DNSPolicyAffected
  listeners:
    - attachedRoutes: 1
      conditions:
        - lastTransitionTime: '2023-12-13T11:22:32Z'
          message: No errors found
          observedGeneration: 1
          reason: Accepted
          status: 'True'
          type: Accepted
        - lastTransitionTime: '2023-12-13T11:22:32Z'
          message: No errors found
          observedGeneration: 1
          reason: NoConflicts
          status: 'False'
          type: Conflicted
        - lastTransitionTime: '2023-12-13T11:22:32Z'
          message: No errors found
          observedGeneration: 1
          reason: Programmed
          status: 'True'
          type: Programmed
        - lastTransitionTime: '2023-12-13T11:22:32Z'
          message: No errors found
          observedGeneration: 1
          reason: ResolvedRefs
          status: 'True'
          type: ResolvedRefs
      name: api
      supportedKinds:
        - group: gateway.networking.k8s.io
          kind: HTTPRoute
        - group: gateway.networking.k8s.io
          kind: GRPCRoute

DNSPolicy:

apiVersion: kuadrant.io/v1alpha1
kind: DNSPolicy
metadata:
  name: dns-phala-kudrnt-te-vddq
  namespace: kuadrant
  finalizers:
    - kuadrant.io/dns-policy
  labels:
    app: testrun-phala-kudrnt-te-vu0f-qp8mz9i
spec:
  health check:
    allowInsecureCertificates: true
    endpoint: /get
    interval: 5s
    port: 80
    protocol: http
  routingStrategy: loadbalanced
  targetRef:
    group: gateway.networking.k8s.io
    kind: Gateway
    name: mgc-gate-phala-kudrnt-te-vxve
    namespace: kuadrant
status:
  conditions:
    - lastTransitionTime: '2023-12-13T11:24:04Z'
      message: Gateway is DNS Enabled
      reason: GatewayDNSEnabled
      status: 'True'
      type: Ready
  observedGeneration: 1

policy-controller logs: kuadrant-operator-policy-controller-5df786c4c6-pxglh-policy-controller.log