Merge pull request #748 from sjberman/cherrypick-747

Cherrypick 733, 747

Author: amudukutore

cmd/k8s-bigip-ctlr/main.go

@@ -292,6 +292,15 @@ func init() {
 	_init()
 }
 
+func hasCommonPartition(partitions []string) bool {
+	for _, x := range partitions {
+		if x == "Common" {
+			return true
+		}
+	}
+	return false
+}
+
 func verifyArgs() error {
 	*logLevel = strings.ToUpper(*logLevel)
 	logErr := initLogger(*logLevel)
@@ -305,6 +314,11 @@ func verifyArgs() error {
 
 	if len(*bigIPPartitions) == 0 {
 		return fmt.Errorf("missing a BIG-IP partition")
+	} else if len(*bigIPPartitions) > 0 {
+		err := hasCommonPartition(*bigIPPartitions)
+		if false != err {
+			return fmt.Errorf("Common cannot be one of the specified partitions.")
+		}
 	}
 
 	if (len(*bigIPURL) == 0 || len(*bigIPUsername) == 0 ||

cmd/k8s-bigip-ctlr/main_test.go

@@ -253,6 +253,38 @@ var _ = Describe("Main Tests", func() {
 			Expect(isNodePort).To(BeFalse())
 		})
 
+		It("verifies Common not in list of partitions", func() {
+			defer _init()
+			os.Args = []string{
+				"./bin/k8s-bigip-ctlr",
+				"--namespace=testing",
+				"--bigip-partition=velcro1",
+				"--bigip-partition=velcro2",
+				"--bigip-password=admin",
+				"--bigip-url=bigip.example.com",
+				"--bigip-username=admin",
+				"--vs-snat-pool-name=test-snat-pool"}
+			flags.Parse(os.Args)
+			argError := verifyArgs()
+			Expect(argError).To(BeNil())
+			hasCommon := hasCommonPartition(*bigIPPartitions)
+			Expect(hasCommon).To(BeFalse())
+
+			os.Args = []string{
+				"./bin/k8s-bigip-ctlr",
+				"--namespace=testing",
+				"--bigip-partition=velcro1",
+				"--bigip-partition=Common",
+				"--bigip-partition=velcro2",
+				"--bigip-password=admin",
+				"--bigip-url=bigip.example.com",
+				"--bigip-username=admin",
+				"--vs-snat-pool-name=test-snat-pool"}
+			flags.Parse(os.Args)
+			hasCommon = hasCommonPartition(*bigIPPartitions)
+			Expect(hasCommon).To(BeTrue())
+		})
+
 		It("verifies args labels", func() {
 			defer _init()
 			os.Args = []string{

docs/README.rst

@@ -740,6 +740,15 @@ Supported Route Annotations
 | virtual-server.f5.com/rewrite-target-url      | string      | Optional  | URL host, path, or host and path to be rewritten.                                 | N/A         |                                         |
 +-----------------------------------------------+-------------+-----------+-----------------------------------------------------------------------------------+-------------+-----------------------------------------+
 
+.. important::
+
+    For edge (client) termination, a Route **must** include **either** the certificate/key literal information
+    in the Route Spec, **or** the clientssl annotation. For re-encrypt (server) termination, a Route **must** include
+    **either** the destinationCaCertificate literal information in the Route Spec, **or** the serverssl annotation, 
+    in addition to the edge rules listed previously. If you want to use the configuration parameters 
+    `default-clientssl` or `default-serverssl` profiles for a Route, then specify those profile names in the
+    Route annotations in addition to the controller configuration.
+
 Please see the example configuration files for more details.
 
 .. _conf examples:

docs/RELEASE-NOTES.rst

@@ -6,7 +6,9 @@ v1.6.1
 
 Bug Fixes
 `````````
+* :issues:`486` - User cannot configure the controller to manage the Common partition.
 * :issues:`743` - Controller doesn't temporarily remove entire BIG-IP configs after deleting a single service.
+* :issues:`746` - Log messages and documentation added to ensure Route profile configuration is clear.
 
 v1.6.0
 ------

pkg/appmanager/profiles.go

@@ -127,6 +127,9 @@ func (appMgr *Manager) setClientSslProfile(
 			appMgr.customProfiles.profs[skey] = cp
 			profRef.Partition = cp.Partition
 			profRef.Name = cp.Name
+		} else {
+			log.Warningf("No profile information supplied for Route '%v'", route.ObjectMeta.Name)
+			return
 		}
 		if add := rsCfg.Virtual.AddOrUpdateProfile(profRef); add {
 			// Remove annotation profile if it exists