feat(gatewayapi): add gatewayAPIChannel for Gateway API CRD channel selection#4981
Draft
electricjesus wants to merge 2 commits into
Draft
feat(gatewayapi): add gatewayAPIChannel for Gateway API CRD channel selection#4981electricjesus wants to merge 2 commits into
electricjesus wants to merge 2 commits into
Conversation
…election The operator installed a fixed, experimental set of Gateway API CRDs. This adds GatewayAPI.spec.gatewayAPIChannel (Standard | Experimental, default Experimental) to choose which upstream Gateway API CRD channel the operator installs. The packaged gateway-helm chart ships only a static experimental CRD set, so the operator now also embeds gateway-crds-helm and renders it for the chosen channel (crds.gatewayAPI.enabled + channel, crds.envoyGateway.enabled) to install the Gateway API and Envoy CRDs. gateway-helm still provides the controller resources and the safe-upgrades ValidatingAdmissionPolicy. The default stays Experimental because Envoy Gateway uses the experimental-only TCPRoute and UDPRoute types; the Standard channel omits those. The channel is independent of crdManagement, which governs whether the CRDs are created or overwritten. - api/v1: GatewayAPIChannel enum + field; regenerated CRD schema and deepcopy - pkg/render/gatewayapi: embed gateway-crds-helm.tgz, channel-aware CRD render with a per-channel cache and a ResolveChannel helper - controllers: gatewayapi reads the CR channel; istio passes Experimental to keep its existing CRD set - Makefile: pull gateway-crds-helm.tgz at ENVOY_GATEWAY_VERSION - docs/common_tasks.md: note the second chart in the Envoy Gateway update steps
Two FV specs in the GatewayAPI suite create a GatewayAPI with crdManagement Reconcile and assert the operator installs the matching Gateway API CRD channel, checked via the gateway.networking.k8s.io/channel annotation on the gateways CRD: - default (no channel) installs the experimental channel, and the experimental-only TCPRoute CRD is present - gatewayAPIChannel Standard reconciles the gateways CRD onto the standard channel
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Today the operator installs a fixed, experimental set of Gateway API CRDs. This PR adds a
GatewayAPI.spec.gatewayAPIChannelfield so you can pick the channel:StandardorExperimental(the default).Why a second chart: the packaged
gateway-helmchart ships only a static experimental CRD set and has no channel switch. That switch lives in the separategateway-crds-helmchart. So the operator now also embedsgateway-crds-helmand renders it for the chosen channel to install the Gateway API and Envoy CRDs.gateway-helmstill provides the controller resources and thesafe-upgradesValidatingAdmissionPolicy.The default stays
Experimentalbecause Envoy Gateway uses the experimental-onlyTCPRouteandUDPRoutetypes;Standarddrops those. This field is independent ofcrdManagement, which decides whether the operator creates or overwrites the CRDs.Testing:
make gen-filesis clean.pkg/render/gatewayapirender the real charts and check the CRD set per channel:ExperimentalincludesTCPRoute/UDPRoute;Standarddoes not; the GAListenerSetand the Envoy CRDs are present in both.test/gatewayapi_test.gorun the GatewayAPI controller against a kind cluster and assert the operator installs the matching channel, checked via thegateway.networking.k8s.io/channelannotation on thegatewaysCRD: the default installs the experimental channel (withTCPRoutepresent), andStandardreconcilesgatewaysonto the standard channel. Verified locally (Ran 2 of 2 Specs ... 2 Passed).pkg/controller/gatewayapiandpkg/controller/istiounit tests pass.Release Note
For PR author
make gen-filesmake gen-versions(not applicable)