From 3e554b1d2c634e6e415e61c4dcc89bfc38aedd67 Mon Sep 17 00:00:00 2001 From: Lior Noy Date: Thu, 23 May 2024 15:51:16 +0300 Subject: [PATCH] Specify static entries namespaces This commit fill the namespaces of some static custom entries, and renames the variable name of cloudStaticEntries to be cloud generic and not specific for AWS. Adding DHCP port (67) as well. Signed-off-by: Lior Noy --- README.md | 2 +- cmd/main.go | 6 +- commatrix/commatrix.go | 8 +- commatrix/static-custom-entries.go | 139 ++++++++++++++++++----------- 4 files changed, 94 insertions(+), 61 deletions(-) diff --git a/README.md b/README.md index 6f0c2a5..5304eb2 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ Use the `generate` Makefile target to create the matrix. The following environment variables are used to configure: ``` FORMAT (csv/json/yaml) -CLUSTER_ENV (baremetal/aws) +CLUSTER_ENV (baremetal/cloud) DEST_DIR (path to the directory containing the artifacts) DEPLOYMENT (mno/sno) ``` diff --git a/cmd/main.go b/cmd/main.go index 2785987..16728fc 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -32,7 +32,7 @@ func main() { flag.StringVar(&destDir, "destDir", "communication-matrix", "Output files dir") flag.StringVar(&format, "format", "csv", "Desired format (json,yaml,csv)") - flag.StringVar(&envStr, "env", "baremetal", "Cluster environment (baremetal/aws)") + flag.StringVar(&envStr, "env", "baremetal", "Cluster environment (baremetal/cloud)") flag.StringVar(&deploymentStr, "deployment", "mno", "Deployment type (mno/sno)") flag.StringVar(&customEntriesPath, "customEntriesPath", "", "Add custom entries from a JSON file to the matrix") @@ -58,8 +58,8 @@ func main() { switch envStr { case "baremetal": env = commatrix.Baremetal - case "aws": - env = commatrix.AWS + case "cloud": + env = commatrix.Cloud default: panic(fmt.Sprintf("invalid cluster environment: %s", envStr)) } diff --git a/commatrix/commatrix.go b/commatrix/commatrix.go index e0866fd..c44edb0 100644 --- a/commatrix/commatrix.go +++ b/commatrix/commatrix.go @@ -18,7 +18,7 @@ type Env int const ( Baremetal Env = iota - AWS + Cloud ) type Deployment int @@ -104,12 +104,12 @@ func getStaticEntries(e Env, d Deployment) ([]types.ComDetails, error) { break } comDetails = append(comDetails, baremetalStaticEntriesWorker...) - case AWS: - comDetails = append(comDetails, awsCloudStaticEntriesMaster...) + case Cloud: + comDetails = append(comDetails, cloudStaticEntriesMaster...) if d == SNO { break } - comDetails = append(comDetails, awsCloudStaticEntriesWorker...) + comDetails = append(comDetails, cloudStaticEntriesWorker...) default: return nil, fmt.Errorf("invalid value for cluster environment") } diff --git a/commatrix/static-custom-entries.go b/commatrix/static-custom-entries.go index 129bbb4..b4689fc 100644 --- a/commatrix/static-custom-entries.go +++ b/commatrix/static-custom-entries.go @@ -3,13 +3,35 @@ package commatrix import "github.com/openshift-kni/commatrix/types" var generalStaticEntriesWorker = []types.ComDetails{ + { + Direction: "ingress", + Protocol: "TCP", + Port: "8080", + NodeRole: "worker", + Service: "network-check-target", + Namespace: "openshift-network-diagnostics", + Pod: "network-check-target", + Container: "network-check-target-container", + Optional: false, + }, { Direction: "ingress", Protocol: "TCP", Port: "22", NodeRole: "worker", Service: "sshd", - Namespace: "", + Namespace: "", + Pod: "", + Container: "", + Optional: true, + }, + { + Direction: "ingress", + Protocol: "TCP", + Port: "67", + NodeRole: "worker", + Service: "DHCP", + Namespace: "", Pod: "", Container: "", Optional: true, @@ -29,7 +51,7 @@ var generalStaticEntriesWorker = []types.ComDetails{ Port: "10250", NodeRole: "worker", Service: "kubelet", - Namespace: "", + Namespace: "", Pod: "", Container: "", Optional: false, @@ -49,7 +71,7 @@ var generalStaticEntriesWorker = []types.ComDetails{ Port: "111", NodeRole: "worker", Service: "rpcbind", - Namespace: "", + Namespace: "", Pod: "", Container: "", Optional: true, @@ -59,7 +81,7 @@ var generalStaticEntriesWorker = []types.ComDetails{ Port: "111", NodeRole: "worker", Service: "rpcbind", - Namespace: "", + Namespace: "", Pod: "", Container: "", Optional: true, @@ -69,7 +91,7 @@ var generalStaticEntriesWorker = []types.ComDetails{ Port: "10256", NodeRole: "worker", Service: "ovnkube", - Namespace: "openshift-sdn", + Namespace: "openshift-ovn-kubernetes", Pod: "ovnkube", Container: "ovnkube-controller", Optional: true, @@ -79,7 +101,7 @@ var generalStaticEntriesWorker = []types.ComDetails{ Port: "9537", NodeRole: "worker", Service: "crio-metrics", - Namespace: "", + Namespace: "", Pod: "", Container: "", Optional: false, @@ -87,6 +109,17 @@ var generalStaticEntriesWorker = []types.ComDetails{ } var generalStaticEntriesMaster = []types.ComDetails{ + { + Direction: "ingress", + Protocol: "TCP", + Port: "8080", + NodeRole: "master", + Service: "network-check-target", + Namespace: "openshift-network-diagnostics", + Pod: "network-check-target", + Container: "network-check-target-container", + Optional: false, + }, { Direction: "ingress", Protocol: "TCP", @@ -102,10 +135,10 @@ var generalStaticEntriesMaster = []types.ComDetails{ Protocol: "TCP", Port: "10256", NodeRole: "master", - Service: "openshift-sdn", - Namespace: "", - Pod: "", - Container: "", + Service: "ovnkube", + Namespace: "openshift-ovn-kubernetes", + Pod: "ovnkube", + Container: "ovnkube-controller", Optional: false, }, { Direction: "ingress", @@ -123,7 +156,7 @@ var generalStaticEntriesMaster = []types.ComDetails{ Port: "10250", NodeRole: "master", Service: "kubelet", - Namespace: "", + Namespace: "", Pod: "", Container: "", Optional: false, @@ -143,7 +176,7 @@ var generalStaticEntriesMaster = []types.ComDetails{ Port: "111", NodeRole: "master", Service: "rpcbind", - Namespace: "", + Namespace: "", Pod: "", Container: "", Optional: true, @@ -153,7 +186,7 @@ var generalStaticEntriesMaster = []types.ComDetails{ Port: "111", NodeRole: "master", Service: "rpcbind", - Namespace: "", + Namespace: "", Pod: "", Container: "", Optional: true, @@ -163,7 +196,18 @@ var generalStaticEntriesMaster = []types.ComDetails{ Port: "22", NodeRole: "master", Service: "sshd", - Namespace: "", + Namespace: "", + Pod: "", + Container: "", + Optional: true, + }, + { + Direction: "ingress", + Protocol: "TCP", + Port: "67", + NodeRole: "master", + Service: "DHCP", + Namespace: "", Pod: "", Container: "", Optional: true, @@ -263,7 +307,7 @@ var generalStaticEntriesMaster = []types.ComDetails{ Port: "6080", NodeRole: "master", Service: "", - Namespace: "openshift-kube-apiserver-readyz", + Namespace: "openshift-kube-apiserver", Pod: "kube-apiserver", Container: "kube-apiserver-insecure-readyz", Optional: false, @@ -420,24 +464,24 @@ var baremetalStaticEntriesMaster = []types.ComDetails{ Protocol: "TCP", Port: "9447", NodeRole: "master", - Service: "baremetal-operator-webhook-baremetal provisioning", - Namespace: "", + Service: "crio", + Namespace: "", Pod: "", Container: "", Optional: false, }, } -var awsCloudStaticEntriesWorker = []types.ComDetails{ +var cloudStaticEntriesWorker = []types.ComDetails{ { Direction: "ingress", Protocol: "TCP", Port: "10304", NodeRole: "worker", - Service: "csi-node-driver", - Namespace: "", - Pod: "", - Container: "", + Service: "csi-node-driver-registrar", + Namespace: "openshift-cluster-csi-drivers", + Pod: "csi-driver-node", + Container: "csi-node-driver-registrar", Optional: false, }, { Direction: "ingress", @@ -445,63 +489,52 @@ var awsCloudStaticEntriesWorker = []types.ComDetails{ Port: "10300", NodeRole: "worker", Service: "csi-livenessprobe", - Namespace: "", - Pod: "", - Container: "", + Namespace: "openshift-cluster-csi-drivers", + Pod: "csi-driver-node", + Container: "csi-driver", Optional: false, }, } -var awsCloudStaticEntriesMaster = []types.ComDetails{ +var cloudStaticEntriesMaster = []types.ComDetails{ { - Direction: "ingress", - Protocol: "TCP", - Port: "8080", - NodeRole: "master", - Service: "cluster-network", - Namespace: "", - Pod: "", - Container: "", - Optional: false, - }, { Direction: "ingress", Protocol: "TCP", Port: "10260", NodeRole: "master", - Service: "aws-cloud-controller", - Namespace: "", - Pod: "", - Container: "", + Service: "cloud-controller", + Namespace: "openshift-cloud-controller-manager-operator", + Pod: "cloud-controller-manager", + Container: "cloud-controller-manager", Optional: false, }, { Direction: "ingress", Protocol: "TCP", Port: "10258", NodeRole: "master", - Service: "aws-cloud-controller", - Namespace: "", - Pod: "", - Container: "", + Service: "cloud-controller", + Namespace: "openshift-cloud-controller-manager-operator", + Pod: "cloud-controller-manager", + Container: "cloud-controller-manager", Optional: false, }, { Direction: "ingress", Protocol: "TCP", Port: "10304", NodeRole: "master", - Service: "csi-node-driver", - Namespace: "", - Pod: "", - Container: "", - Optional: false, + Service: "csi-node-driver-registrar", + Namespace: "openshift-cluster-csi-drivers", + Pod: "csi-driver-node", + Container: "csi-node-driver-registrar", }, { Direction: "ingress", Protocol: "TCP", Port: "10300", NodeRole: "master", - Service: "csi-livenessprobe", - Namespace: "", - Pod: "", - Container: "", + Service: "csi-drivers-livenessprobe", + Namespace: "openshift-cluster-csi-drivers", + Pod: "csi-driver-node", + Container: "csi-driver", Optional: false, }, }