From 6f0c4a48bde37ab21e62f75a70bd83738d2f2685 Mon Sep 17 00:00:00 2001 From: Idan Shamam Date: Fri, 15 Nov 2024 12:15:47 +0200 Subject: [PATCH] chore: added ingress and backendconfig --- deployments/sequencer/main.py | 50 ++++++++++++-- deployments/sequencer/services/objects.py | 47 ++++++++++--- deployments/sequencer/services/service.py | 84 +++++++++++++++++++++-- 3 files changed, 159 insertions(+), 22 deletions(-) diff --git a/deployments/sequencer/main.py b/deployments/sequencer/main.py index f9cd1c93017..488ccaba7d5 100644 --- a/deployments/sequencer/main.py +++ b/deployments/sequencer/main.py @@ -8,9 +8,7 @@ from services.service import Service from config.sequencer import Config, SequencerDevConfig -from services.objects import ( - HealthCheck, ServiceType, Probe, PersistentVolumeClaim, PortMappings -) +from services.objects import * from services import defaults @@ -42,9 +40,9 @@ def __init__( image="us.gcr.io/starkware-dev/sequencer-node-test:0.0.1-dev.1", args=["--config_file", "/app/config/sequencer/config.json"], port_mappings=[ - PortMappings(name="http", port=80, container_port=8080), - PortMappings(name="rpc", port=8081, container_port=8081), - PortMappings(name="monitoring", port=8082, container_port=8082) + PortMapping(name="http", port=80, container_port=8080), + PortMapping(name="rpc", port=8081, container_port=8081), + PortMapping(name="monitoring", port=8082, container_port=8082) ], service_type=ServiceType.CLUSTER_IP, replicas=1, @@ -61,6 +59,40 @@ def __init__( storage="256Gi", mount_path="/data", read_only=False + ), + ingress=Ingress( + None, + "premium-rwo", + rules=[ + IngressRule( + host="test", + paths=[ + IngressRuleHttpPath( + path="/", + path_type="http", + backend_service_name="test", + backend_service_port_name="blabla", + backend_service_port_number=80, + ), + IngressRuleHttpPath( + path="/rule", + path_type="http2", + backend_service_name="test", + backend_service_port_name="blabla", + backend_service_port_number=80, + ), + ] + ) + ], + tls=[ + IngressTls( + hosts=[ + "test", + "test2" + ], + secret_name="test" + ) + ] ) ) @@ -88,7 +120,9 @@ def __init__( self, "batcher", image="ghost", - port_mappings=[{"port": 80, "container_port": 2368}], + port_mappings=[ + PortMapping(name="http", port=80, container_port=2368) + ], health_check=defaults.health_check ) @@ -96,12 +130,14 @@ def __init__( app = App( yaml_output_type=YamlOutputType.FOLDER_PER_CHART_FILE_PER_RESOURCE ) + sequencer_node = SequencerNode( scope=app, name="sequencer-node", namespace="sequencer-node-test", config=None ) + a = SequencerSystem( scope=app, name="sequencer-system", diff --git a/deployments/sequencer/services/objects.py b/deployments/sequencer/services/objects.py index cbc9876c870..6485c1edebb 100644 --- a/deployments/sequencer/services/objects.py +++ b/deployments/sequencer/services/objects.py @@ -1,6 +1,6 @@ import dataclasses -from typing import Optional, Dict, Any, TypedDict +from typing import Optional, Dict, Any, Mapping, Sequence from enum import Enum @@ -33,12 +33,12 @@ class ServiceType(Enum): @dataclasses.dataclass class PersistentVolumeClaim: - storage_class_name: str | None = None - access_modes: list[str] | None = None - volume_mode: str | None = None - storage: str | None = None - read_only: bool = True - mount_path: str | None = None + storage_class_name: str | None + access_modes: list[str] | None + volume_mode: str | None + storage: str | None + read_only: bool | None + mount_path: str | None @dataclasses.dataclass @@ -55,7 +55,36 @@ def validate(self): @dataclasses.dataclass -class PortMappings(TypedDict): +class PortMapping: name: str port: int - container_port: int \ No newline at end of file + container_port: int + + +@dataclasses.dataclass +class IngressRuleHttpPath: + path: Optional[str] + path_type: str + backend_service_name: str + backend_service_port_number: int + backend_service_port_name: Optional[str] + + +@dataclasses.dataclass +class IngressRule: + host: str + paths: Sequence[IngressRuleHttpPath] + + +@dataclasses.dataclass +class IngressTls: + hosts: Sequence[str] | None + secret_name: str | None + + +@dataclasses.dataclass +class Ingress: + annotations: Mapping[str, str] | None + class_name: str | None + rules: Sequence[IngressRule] | None + tls: Sequence[IngressTls] | None diff --git a/deployments/sequencer/services/service.py b/deployments/sequencer/services/service.py index c5f479c8e90..5f5a3afeb0e 100644 --- a/deployments/sequencer/services/service.py +++ b/deployments/sequencer/services/service.py @@ -2,8 +2,9 @@ from typing import Optional, List from constructs import Construct -from cdk8s import Names +from cdk8s import Names, ApiObjectMetadata from imports import k8s +from imports.com.google import cloud as google from services.objects import * @@ -17,10 +18,11 @@ def __init__( image: str, replicas: int = 1, service_type: Optional[ServiceType] = None, - port_mappings: Optional[List[PortMappings]] = None, + port_mappings: Optional[Sequence[PortMapping]] = None, config: Optional[Config] = None, health_check: Optional[HealthCheck] = None, pvc: Optional[PersistentVolumeClaim] = None, + ingress: Optional[Ingress] = None, args: Optional[List[str]] = None ): super().__init__(scope, id) @@ -35,9 +37,9 @@ def __init__( type=service_type.value if service_type is not None else None, ports=[ k8s.ServicePort( - name=port_map.get("name"), - port=port_map.get("port"), - target_port=k8s.IntOrString.from_number(port_map.get("container_port")), + name=port_map.name, + port=port_map.port, + target_port=k8s.IntOrString.from_number(port_map.container_port), ) for port_map in port_mappings ], selector=label @@ -65,7 +67,7 @@ def __init__( name="sequencer", image=image, args=args or [], - ports=[k8s.ContainerPort(container_port=port_map.get("container_port")) for port_map in port_mappings or []], + ports=[k8s.ContainerPort(container_port=port_map.container_port) for port_map in port_mappings or []], startup_probe=k8s.Probe( http_get=k8s.HttpGetAction( path=health_check.startup_probe.path, @@ -137,6 +139,76 @@ def __init__( ), ) + google.BackendConfig( + self, + "backendconfig", + metadata=ApiObjectMetadata( + name=f"{self.node.id}-backendconfig", + labels=label + ), + spec=google.BackendConfigSpec( + health_check=google.BackendConfigSpecHealthCheck( + check_interval_sec=5, + healthy_threshold=10, + unhealthy_threshold=5, + timeout_sec=5, + request_path="/", + type="http" + ), + iap=google.BackendConfigSpecIap( + enabled=True, + oauthclient_credentials=google.BackendConfigSpecIapOauthclientCredentials( + secret_name="" + ) + ) + ) + ) + + if ingress is not None: + k8s.KubeIngress( + self, + "ingress", + metadata=k8s.ObjectMeta( + name=f"{self.node.id}-ingress", + labels=label, + annotations={} + ), + spec=k8s.IngressSpec( + ingress_class_name=ingress.class_name, + tls=[ + k8s.IngressTls( + hosts=tls.hosts, + secret_name=tls.secret_name + ) + for tls in ingress.tls or [] + ], + rules=[ + k8s.IngressRule( + host=rule.host, + http=k8s.HttpIngressRuleValue( + paths=[ + k8s.HttpIngressPath( + path=path.path, + path_type=path.path_type, + backend=k8s.IngressBackend( + service=k8s.IngressServiceBackend( + name=path.backend_service_name, + port=k8s.ServiceBackendPort( + name=path.backend_service_port_name, + number=path.backend_service_port_number + ) + ) + ) + ) + for path in rule.paths or [] + ] + ) + ) + for rule in ingress.rules or [] + ] + ) + ) + if pvc is not None: k8s.KubePersistentVolumeClaim( self,