Merge pull request #888 from subbuv26/1.9-release

Merge branch 'feature.user-defined-as3' into master

Author: ssurenr

.approvals.json

@@ -818,6 +818,13 @@
    "category": 3,
    "status": "approved"
  },
+ {
+   "name": "xeipuuv/gojsonschema",
+   "version": "v1.1.0",
+   "license": "Apache 2.0",
+   "category": 3,
+   "status": "approved"
+ },
  {
    "name": "PuerkitoBio/purell",
    "version": "v1.0.0",

.f5license

@@ -530,6 +530,24 @@
     See the License for the specific language governing permissions and
     limitations under the License.
 
+# The xeipuuv/gojsonschema module contains a proper LICENSE file.
+- name: xeipuuv/gojsonschema
+  version: v1.1.0
+  attribution_text: |
+    Copyright 2015 xeipuuv
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+        http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
 # The yaml.v2 module is licensed under Apache except for the portions ported
 # from the libyaml project, which are licensed under MIT.
 - name: yaml

Godeps/Godeps.json

@@ -17,6 +17,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     && apt-get remove -y git
 
 COPY bigip-virtual-server_v*.json $APPPATH/vendor/src/f5/schemas/
+COPY as3-schema-3.10-cis.json $APPPATH/vendor/src/f5/schemas/
 COPY k8s-bigip-ctlr $APPPATH/bin
 COPY VERSION_BUILD.json $APPPATH/vendor/src/f5/
 

build-tools/Dockerfile.debian.runtime

@@ -43,6 +43,7 @@ RUN microdnf --enablerepo=rhel-7-server-rpms --enablerepo=rhel-7-server-optional
     microdnf clean all
 
 COPY bigip-virtual-server_v*.json $APPPATH/vendor/src/f5/schemas/
+COPY as3-schema-3.10-cis.json $APPPATH/vendor/src/f5/schemas/
 COPY k8s-bigip-ctlr $APPPATH/bin/k8s-bigip-ctlr.real
 COPY VERSION_BUILD.json $APPPATH/vendor/src/f5/
 

build-tools/Dockerfile.rhel7.runtime

@@ -22,6 +22,7 @@ VERSION_INFO=$(${CURDIR}/version-tool version)
 cp $CURDIR/../_docker_workspace/out/$RELEASE_PLATFORM/bin/* $WKDIR/
 cp requirements.txt $WKDIR/
 cp schemas/bigip-virtual-server_v*.json $WKDIR/
+cp schemas/as3-schema-3.10-cis.json $WKDIR/
 cp LICENSE $WKDIR/
 cp $CURDIR/help.md $WKDIR/help.md
 echo "{\"version\": \"${VERSION_INFO}\", \"build\": \"${BUILD_INFO}\"}" \

build-tools/build-release-images.sh

@@ -105,6 +105,8 @@ var (
 	bigIPPassword   *string
 	bigIPPartitions *[]string
 	credsDir        *string
+	as3Validation   *bool
+	sslInsecure     *bool
 
 	vxlanMode        string
 	openshiftSDNName *string
@@ -172,6 +174,10 @@ func _init() {
 	credsDir = bigIPFlags.String("credentials-directory", "",
 		"Optional, directory that contains the BIG-IP username, password, and/or "+
 			"url files. To be used instead of username, password, and/or url arguments.")
+	as3Validation = bigIPFlags.Bool("as3-validation", true,
+		"Optional, when set to false, disables as3 template validation on the controller.")
+	sslInsecure = bigIPFlags.Bool("insecure", false,
+		"Optional, when set to true, enable insecure SSL communication to BIGIP.")
 
 	bigIPFlags.Usage = func() {
 		fmt.Fprintf(os.Stderr, "  BigIP:\n%s\n", bigIPFlags.FlagUsagesWrapped(width))
@@ -604,6 +610,8 @@ func main() {
 		UseSecrets:        *useSecrets,
 		ManageConfigMaps:  *manageConfigMaps,
 		SchemaLocal:       *schemaLocal,
+		AS3Validation:     *as3Validation,
+		SSLInsecure:       *sslInsecure,
 	}
 
 	// If running with Flannel, create an event channel that the appManager
@@ -641,6 +649,10 @@ func main() {
 		BigIPPartitions: *bigIPPartitions,
 	}
 
+	appmanager.BigIPUsername = *bigIPUsername
+	appmanager.BigIPPassword = *bigIPPassword
+	appmanager.BigIPURL = *bigIPURL
+
 	subPidCh, err := startPythonDriver(configWriter, gs, bs, *pythonBaseDir)
 	if nil != err {
 		log.Fatalf("Could not initialize subprocess configuration: %v", err)

cmd/k8s-bigip-ctlr/main.go

@@ -4,6 +4,17 @@ Release Notes for BIG-IP Controller for Kubernetes
 next-release
 ------------
 
+Added Functionality
+```````````````````
+* Added support for `Application Services 3 Extension <https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/>_`.
+
+Limitations
+```````````
+* AS3 pool class declarations support only one load balancing pool.
+* The BIG-IP Contoller supports only one AS3 ConfigMap instance.
+* AS3 does not support moving BIG-IP nodes to new partitions.
+* Static ARP entries remain after deleting an AS3 ConfigMap.
+
 v1.8.1
 ------
 

docs/RELEASE-NOTES.rst

@@ -127,6 +127,9 @@ type Manager struct {
 	mergedRulesMap map[string]map[string]mergedRuleEntry
 	// Whether to watch ConfigMap resources or not
 	manageConfigMaps bool
+	as3Members       map[Member]struct{}
+	as3Validation    bool
+	sslInsecure      bool
 }
 
 // Struct to allow NewManager to receive all or only specific parameters.
@@ -149,6 +152,8 @@ type Params struct {
 	broadcasterFunc  NewBroadcasterFunc
 	SchemaLocal      string
 	ManageConfigMaps bool
+	AS3Validation    bool
+	SSLInsecure      bool
 }
 
 // Configuration options for Routes in OpenShift
@@ -196,6 +201,9 @@ func NewManager(params *Params) *Manager {
 		schemaLocal:       params.SchemaLocal,
 		mergedRulesMap:    make(map[string]map[string]mergedRuleEntry),
 		manageConfigMaps:  params.ManageConfigMaps,
+		as3Members:        make(map[Member]struct{}, 0),
+		as3Validation:     params.AS3Validation,
+		sslInsecure:       params.SSLInsecure,
 	}
 	if nil != manager.kubeClient && nil == manager.restClientv1 {
 		// This is the normal production case, but need the checks for unit tests.
@@ -771,6 +779,8 @@ func (appMgr *Manager) processNextVirtualServer() bool {
 		log.Debugf("[as3_log] Processing AS3 cfgMap (%s) with AS3 Manager.\n", k.As3Name)
 		log.Debugf("[as3_log] AS3 ConfigMap Data: %s\n", k.As3Data)
 		appMgr.vsQueue.Done(key)
+		appMgr.processUserDefinedAS3(k.As3Data)
+		appMgr.vsQueue.Forget(key)
 		return false
 	}
 	if !appMgr.initialState && appMgr.processedItems == 0 {
@@ -893,7 +903,7 @@ func (appMgr *Manager) syncVirtualServer(sKey serviceQueueKey) error {
 	appMgr.deleteUnusedProfiles(appInf, sKey.Namespace, &stats)
 
 	if stats.vsUpdated > 0 || stats.vsDeleted > 0 || stats.cpUpdated > 0 ||
-		stats.dgUpdated > 0 || stats.poolsUpdated > 0 {
+		stats.dgUpdated > 0 || stats.poolsUpdated > 0 || len(appMgr.as3Members) > 0 {
 		appMgr.outputConfig()
 	} else if !appMgr.initialState && appMgr.processedItems >= appMgr.queueLen {
 		appMgr.outputConfig()