NE-2512: operator/ingress: Add configurationManagement option

operator/v1/tests/ingresscontrollers.operator.openshift.io/IngressControllerDynamicConfigurationManager.yaml

@@ -0,0 +1,197 @@
+apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this
+name: IngressController
+crdName: ingresscontrollers.operator.openshift.io
+featureGates:
+- IngressControllerDynamicConfigurationManager
+tests:
+  onCreate:
+    - name: Should be able to enable the Dynamic Configuration Manager
+      initial: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          tuningOptions:
+            configurationManagement: Dynamic
+      expected: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+          tuningOptions:
+            configurationManagement: Dynamic
+    - name: Should be able to disable the Dynamic Configuration Manager
+      initial: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          tuningOptions:
+            configurationManagement: ForkAndReload
+      expected: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+          tuningOptions:
+            configurationManagement: ForkAndReload
+    - name: Should not be able to specify a garbage value for DCM
+      initial: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          tuningOptions:
+            configurationManagement: garbage
+      expectedError: 'Unsupported value: "garbage": supported values: "Dynamic", "ForkAndReload"'
+  onUpdate:
+    - name: Should be able to enable DCM when currently no preference is specified
+      initial: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+      updated: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+          tuningOptions:
+            configurationManagement: Dynamic
+      expected: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+          tuningOptions:
+            configurationManagement: Dynamic
+    - name: Should be able to turn DCM off when it is enabled
+      initial: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+          tuningOptions:
+            configurationManagement: Dynamic
+      updated: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+      expected: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+    - name: Should be able to set no preference when DCM is enabled
+      initial: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+          tuningOptions:
+            configurationManagement: Dynamic
+      updated: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+      expected: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+    - name: Should be able to set no preference when DCM is disabled
+      initial: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+          tuningOptions:
+            configurationManagement: ForkAndReload
+      updated: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue
+      expected: |
+        apiVersion: operator.openshift.io/v1
+        kind: IngressController
+        metadata:
+          name: default
+          namespace: openshift-ingress-operator
+        spec:
+          httpEmptyRequestsPolicy: Respond
+          idleConnectionTerminationPolicy: Immediate
+          closedClientConnectionPolicy: Continue

operator/v1/types_ingress.go

@@ -2068,8 +2068,51 @@ type IngressControllerTuningOptions struct {
 	// +kubebuilder:validation:Type:=string
 	// +optional
 	ReloadInterval metav1.Duration `json:"reloadInterval,omitempty"`
+
+	// configurationManagement specifies how OpenShift router should update
+	// the HAProxy configuration.  The following values are valid for this
+	// field:
+	//
+	// * "ForkAndReload".
+	// * "Dynamic".
+	//
+	// Omitting this field means that the user has no opinion and the
+	// platform may choose a reasonable default. This default is subject to
+	// change over time.  The current default is "ForkAndReload".
+	//
+	// "ForkAndReload" means that OpenShift router should rewrite the
+	// HAProxy configuration file and instruct HAProxy to fork and reload.
+	// This is OpenShift router's traditional approach.
+	//
+	// "Dynamic" means that OpenShift router may use HAProxy's control
+	// socket for some configuration updates and fall back to fork and
+	// reload for other configuration updates.  This is a newer approach,
+	// which may be less mature than ForkAndReload.  This setting can
+	// improve load-balancing fairness and metrics accuracy and reduce CPU
+	// and memory usage if HAProxy has frequent configuration updates for
+	// route and endpoints updates.
+	//
+	// Note: The "Dynamic" option is currently experimental and should not
+	// be enabled on production clusters.
+	//
+	// +openshift:enable:FeatureGate=IngressControllerDynamicConfigurationManager
+	// +optional
+	ConfigurationManagement IngressControllerConfigurationManagement `json:"configurationManagement,omitempty"`
 }
 
+// IngressControllerConfigurationManagement specifies whether always to use
+// fork-and-reload to update the HAProxy configuration or whether to use
+// HAProxy's control socket for some configuration updates.
+//
+// +enum
+// +kubebuilder:validation:Enum=Dynamic;ForkAndReload
+type IngressControllerConfigurationManagement string
+
+const (
+	IngressControllerConfigurationManagementDynamic       IngressControllerConfigurationManagement = "Dynamic"
+	IngressControllerConfigurationManagementForkAndReload IngressControllerConfigurationManagement = "ForkAndReload"
+)
+
 // HTTPEmptyRequestsPolicy indicates how HTTP connections for which no request
 // is received should be handled.
 // +kubebuilder:validation:Enum=Respond;Ignore