console: add ConfigMap for nginx configurations

mco-console uses nginx for serving the UI assests. Add its configuration from the operator instead of build time. Signed-off-by: SanjalKatiyar <[email protected]>
red-hat-storage · Apr 26, 2023 · 5e39faa · 5e39faa
1 parent 72dfdab
commit 5e39faa
Show file tree

Hide file tree

Showing 3 changed files with 97 additions and 2 deletions.
diff --git a/config/console/console_init.yaml b/config/console/console_init.yaml
@@ -22,7 +22,13 @@ spec:
             - name: odf-multicluster-console-serving-cert
               mountPath: /var/serving-cert
               readOnly: true
+            - name: odf-multicluster-console-nginx-conf
+              mountPath: /etc/nginx/nginx.conf
+              subPath: nginx.conf
       volumes:
         - name: odf-multicluster-console-serving-cert
           secret:
             secretName: odf-multicluster-console-serving-cert
+        - name: odf-multicluster-console-nginx-conf
+          configMap:
+            name: odf-multicluster-console-nginx-conf
diff --git a/console/console.go b/console/console.go
@@ -20,6 +20,7 @@ import (
 	consolev1alpha1 "github.com/openshift/api/console/v1alpha1"
 	appsv1 "k8s.io/api/apps/v1"
 	apiv1 "k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/types"
@@ -29,8 +30,9 @@ import (
 )
 
 var (
-	odfMulticlusterPluginName = "odf-multicluster-console"
-	pluginBasePath            = "/"
+	odfMulticlusterPluginName         = "odf-multicluster-console"
+	odfMulticlusterNginxConfigMapName = "odf-multicluster-console-nginx-conf"
+	pluginBasePath                    = "/"
 
 	proxyAlias            = "acm-thanos-querier"
 	proxyServiceName      = "rbac-query-proxy"
@@ -43,6 +45,18 @@ var (
 	serviceLabelKey         = "app.kubernetes.io/name"
 )
 
+func getNginxConfConfigMap(namespace string) corev1.ConfigMap {
+	return apiv1.ConfigMap{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      odfMulticlusterNginxConfigMapName,
+			Namespace: namespace,
+		},
+		Data: map[string]string{
+			"nginx.conf": NginxConf,
+		},
+	}
+}
+
 func getService(serviceName string, port int, deploymentNamespace string) apiv1.Service {
 	return apiv1.Service{
 		ObjectMeta: metav1.ObjectMeta{
@@ -109,6 +123,15 @@ func InitConsole(ctx context.Context, client client.Client, scheme *runtime.Sche
 		return err
 	}
 
+	// Create core ODF multicluster console ConfigMap (nginx configuration)
+	mcoConsoleConfigMap := getNginxConfConfigMap(deploymentNamespace)
+	if _, err := controllerutil.CreateOrUpdate(ctx, client, &mcoConsoleConfigMap, func() error {
+		// Deployment deletion should delete corresponding ConfigMap as well
+		return controllerutil.SetControllerReference(&mcoConsoleDeployment, &mcoConsoleConfigMap, scheme)
+	}); err != nil {
+		return err
+	}
+
 	// Create core ODF multicluster console service
 	mcoConsoleService := getService(odfMulticlusterPluginName, odfPort, deploymentNamespace)
 	if _, err := controllerutil.CreateOrUpdate(ctx, client, &mcoConsoleService, func() error {

diff --git a/console/nginx_conf.go b/console/nginx_conf.go
@@ -0,0 +1,66 @@
+/*
+Copyright 2021 Red Hat OpenShift Data Foundation.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package console
+
+// Update it with correct configuration
+var NginxConf = `
+# Do not comment/un-comment without any reference.
+worker_processes auto;
+error_log /var/log/nginx/error.log;
+pid /run/nginx.pid;
+# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
+include /usr/share/nginx/modules/*.conf;
+events {
+    worker_connections 1024;
+}
+http {
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+    access_log  /var/log/nginx/access.log  main;
+    sendfile            on;
+    tcp_nopush          on;
+    tcp_nodelay         on;
+    keepalive_timeout   65;
+    types_hash_max_size 4096;
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+    # Load modular configuration files from the /etc/nginx/conf.d directory.
+    # See http://nginx.org/en/docs/ngx_core_module.html#include
+    # for more information.
+    include /opt/app-root/etc/nginx.d/*.conf;
+    server {
+        listen       9001 ssl;
+        listen       [::]:9001 ssl;
+        ssl_certificate /var/serving-cert/tls.crt;
+        ssl_certificate_key /var/serving-cert/tls.key;
+        location / {
+            root   /opt/app-root/src;
+        }
+        location /compatibility/ {
+            root   /opt/app-root/src;
+        }
+        error_page   500 502 503 504  /50x.html;
+        location = /50x.html {
+            root   /usr/share/nginx/html;
+        }
+        ssi on;
+        add_header Last-Modified $date_gmt;
+        add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
+        if_modified_since off;
+        expires off;
+        etag off;
+    }
+}
+`