refactor: liqo-controller-manager flags

Author: cheina97

cmd/liqo-controller-manager/main.go

@@ -24,6 +24,7 @@ import (
 
 	liqov1beta1 "github.com/liqotech/liqo/apis/core/v1beta1"
 	identitymanager "github.com/liqotech/liqo/pkg/identityManager"
+	liqocontrollermanager "github.com/liqotech/liqo/pkg/liqo-controller-manager"
 	"github.com/liqotech/liqo/pkg/liqo-controller-manager/authentication"
 	identitycontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/authentication/identity-controller"
 	identitycreatorcontroller "github.com/liqotech/liqo/pkg/liqo-controller-manager/authentication/identitycreator-controller"
@@ -49,6 +50,28 @@ type AuthOption struct {
 	SliceStatusOptions       *remoteresourceslicecontroller.SliceStatusOptions
 }
 
+// NewAuthOption creates a new AuthOption with the given parameters.
+func NewAuthOption(identityProvider identitymanager.IdentityProvider, namespaceManager tenantnamespace.Manager,
+	clusterID liqov1beta1.ClusterID, opts *liqocontrollermanager.Options) *AuthOption {
+	return &AuthOption{
+		IdentityProvider:         identityProvider,
+		NamespaceManager:         namespaceManager,
+		LocalClusterID:           clusterID,
+		LiqoNamespace:            opts.LiqoNamespace,
+		APIServerAddressOverride: opts.APIServerAddressOverride,
+		CAOverrideB64:            opts.CAOverride,
+		TrustedCA:                opts.TrustedCA,
+		SliceStatusOptions: &remoteresourceslicecontroller.SliceStatusOptions{
+			EnableStorage:             opts.EnableStorage,
+			LocalRealStorageClassName: opts.RealStorageClassName,
+			IngressClasses:            opts.IngressClasses,
+			LoadBalancerClasses:       opts.LoadBalancerClasses,
+			ClusterLabels:             opts.ClusterLabels.StringMap,
+			DefaultResourceQuantity:   opts.DefaultNodeResources.ToResourceList(),
+		},
+	}
+}
+
 // SetupAuthenticationModule setup the authentication module and initializes its controllers .
 func SetupAuthenticationModule(ctx context.Context, mgr manager.Manager, uncachedClient client.Client,
 	opts *AuthOption) error {

cmd/liqo-controller-manager/modules/authentication.go

@@ -26,6 +26,7 @@ import (
 
 	ipamv1alpha1 "github.com/liqotech/liqo/apis/ipam/v1alpha1"
 	"github.com/liqotech/liqo/pkg/ipam"
+	liqocontrollermanager "github.com/liqotech/liqo/pkg/liqo-controller-manager"
 	clientoperator "github.com/liqotech/liqo/pkg/liqo-controller-manager/networking/external-network/client-operator"
 	configuration "github.com/liqotech/liqo/pkg/liqo-controller-manager/networking/external-network/configuration"
 	"github.com/liqotech/liqo/pkg/liqo-controller-manager/networking/external-network/remapping"
@@ -65,6 +66,29 @@ type NetworkingOption struct {
 	GenevePort uint16
 }
 
+// NewNetworkingOption creates a new NetworkingOption with the provided parameters.
+func NewNetworkingOption(factory *dynamicutils.RunnableFactory, dynClient dynamic.Interface,
+	ipamClient ipam.IPAMClient, opts *liqocontrollermanager.Options) *NetworkingOption {
+	return &NetworkingOption{
+		DynClient: dynClient,
+		Factory:   factory,
+
+		LiqoNamespace: opts.LiqoNamespace,
+		IpamClient:    ipamClient,
+
+		GatewayServerResources:         opts.GatewayServerResources.StringList,
+		GatewayClientResources:         opts.GatewayClientResources.StringList,
+		WgGatewayServerClusterRoleName: opts.WgGatewayServerClusterRoleName,
+		WgGatewayClientClusterRoleName: opts.WgGatewayClientClusterRoleName,
+		NetworkWorkers:                 opts.NetworkWorkers,
+		IPWorkers:                      opts.IPWorkers,
+		FabricFullMasquerade:           opts.FabricFullMasqueradeEnabled,
+		GwmasqbypassEnabled:            opts.GwmasqbypassEnabled,
+
+		GenevePort: opts.GenevePort,
+	}
+}
+
 // SetupNetworkingModule setup the networking module and initializes its controllers .
 func SetupNetworkingModule(ctx context.Context, mgr manager.Manager, uncachedClient client.Client, opts *NetworkingOption) error {
 	// Initialize reserved networks

cmd/liqo-controller-manager/modules/networking.go

@@ -30,6 +30,7 @@ import (
 
 	liqov1beta1 "github.com/liqotech/liqo/apis/core/v1beta1"
 	"github.com/liqotech/liqo/pkg/consts"
+	liqocontrollermanager "github.com/liqotech/liqo/pkg/liqo-controller-manager"
 	mapsctrl "github.com/liqotech/liqo/pkg/liqo-controller-manager/offloading/namespacemap-controller"
 	nsoffctrl "github.com/liqotech/liqo/pkg/liqo-controller-manager/offloading/namespaceoffloading-controller"
 	nodefailurectrl "github.com/liqotech/liqo/pkg/liqo-controller-manager/offloading/nodefailure-controller"
@@ -57,6 +58,24 @@ type OffloadingOption struct {
 	ResyncPeriod                time.Duration
 }
 
+// NewOffloadingOption creates a new OffloadingOption with the given parameters.
+func NewOffloadingOption(clientset *kubernetes.Clientset, localClusterID liqov1beta1.ClusterID,
+	namespaceManager tenantnamespace.Manager, opts *liqocontrollermanager.Options) *OffloadingOption {
+	return &OffloadingOption{
+		Clientset:                   clientset,
+		LocalClusterID:              localClusterID,
+		NamespaceManager:            namespaceManager,
+		EnableStorage:               opts.EnableStorage,
+		VirtualStorageClassName:     opts.VirtualStorageClassName,
+		RealStorageClassName:        opts.RealStorageClassName,
+		StorageNamespace:            opts.StorageNamespace,
+		EnableNodeFailureController: opts.EnableNodeFailureController,
+		ShadowPodWorkers:            opts.ShadowPodWorkers,
+		ShadowEndpointSliceWorkers:  opts.ShadowEndpointSliceWorkers,
+		ResyncPeriod:                opts.ResyncPeriod,
+	}
+}
+
 // SetupOffloadingModule setup the offloading module and initializes its controllers.
 func SetupOffloadingModule(ctx context.Context, mgr manager.Manager, opts *OffloadingOption) error {
 	virtualNodeReconciler, err := virtualnodectrl.NewVirtualNodeReconciler(

cmd/liqo-controller-manager/modules/offloading.go

@@ -0,0 +1,110 @@
+// Copyright 2019-2025 The Liqo Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package liqocontrollermanager
+
+import (
+	"time"
+
+	"github.com/spf13/pflag"
+
+	"github.com/liqotech/liqo/pkg/consts"
+	"github.com/liqotech/liqo/pkg/utils/args"
+)
+
+// InitFlags adds all liqo-controller-manager flags to the given Options struct and parses them.
+func InitFlags(flagset *pflag.FlagSet, opts *Options) {
+	// Set up default values for pointer fields
+	opts.ClusterLabels = args.StringMap{}
+	opts.IngressClasses = args.ClassNameList{}
+	opts.LoadBalancerClasses = args.ClassNameList{}
+	opts.DefaultNodeResources = args.ResourceMap{}
+	opts.GatewayServerResources = args.StringList{}
+	opts.GatewayClientResources = args.StringList{}
+	opts.GlobalLabels = args.StringMap{}
+	opts.GlobalAnnotations = args.StringMap{}
+	opts.ClusterIDFlags = args.NewClusterIDFlags(true, nil)
+
+	// Cluster-wide modules enable/disable flags
+	flagset.BoolVar(&opts.NetworkingEnabled, "networking-enabled", true, "Enable/disable the networking module")
+	flagset.BoolVar(&opts.AuthenticationEnabled, "authentication-enabled", true, "Enable/disable the authentication module")
+	flagset.BoolVar(&opts.OffloadingEnabled, "offloading-enabled", true, "Enable/disable the offloading module")
+
+	// Manager flags
+	flagset.IntVar(&opts.WebhookPort, "webhook-port", 9443, "The port the webhook server binds to")
+	flagset.StringVar(&opts.MetricsAddr, "metrics-address", ":8082", "The address the metric endpoint binds to")
+	flagset.StringVar(&opts.ProbeAddr, "health-probe-address", ":8081", "The address the health probe endpoint binds to")
+	flagset.BoolVar(&opts.LeaderElection, "enable-leader-election", false, "Enable leader election for controller manager")
+
+	// Global parameters
+	flagset.DurationVar(&opts.ResyncPeriod, "resync-period", 10*time.Hour, "The resync period for the informers")
+	flagset.StringVar(&opts.LiqoNamespace, "liqo-namespace", consts.DefaultLiqoNamespace, "Name of the namespace where the liqo components are running")
+	flagset.IntVar(&opts.ForeignClusterWorkers, "foreign-cluster-workers", 1, "The number of workers used to reconcile ForeignCluster resources.")
+	flagset.DurationVar(&opts.ForeignClusterPingInterval, "foreign-cluster-ping-interval", 15*time.Second,
+		"The frequency of the ForeignCluster API server readiness check. Set 0 to disable the check")
+	flagset.DurationVar(&opts.ForeignClusterPingTimeout, "foreign-cluster-ping-timeout", 5*time.Second,
+		"The timeout of the ForeignCluster API server readiness check")
+	flagset.StringVar(&opts.DefaultLimitsEnforcement, "default-limits-enforcement", "none",
+		"Defines how strict is the enforcement of the quota offered by the remote cluster. Possible values are: none, soft, hard")
+
+	// Networking module
+	flagset.StringVar(&opts.IPAMServer, "ipam-server", "", "The address of the IPAM server (set to empty string to disable IPAM)")
+	flagset.Var(&opts.GatewayServerResources, "gateway-server-resources",
+		"The list of resource types that implements the gateway server. They must be in the form <group>/<version>/<resource>")
+	flagset.Var(&opts.GatewayClientResources, "gateway-client-resources",
+		"The list of resource types that implements the gateway client. They must be in the form <group>/<version>/<resource>")
+	flagset.StringVar(&opts.WgGatewayServerClusterRoleName, "wg-gateway-server-cluster-role-name", "liqo-gateway",
+		"The name of the cluster role used by the wireguard gateway servers")
+	flagset.StringVar(&opts.WgGatewayClientClusterRoleName, "wg-gateway-client-cluster-role-name", "liqo-gateway",
+		"The name of the cluster role used by the wireguard gateway clients")
+	flagset.BoolVar(&opts.FabricFullMasqueradeEnabled, "fabric-full-masquerade-enabled", false,
+		"Enable the full masquerade on the fabric network")
+	flagset.BoolVar(&opts.GwmasqbypassEnabled, "gateway-masquerade-bypass-enabled", false,
+		"Enable the gateway masquerade bypass")
+	flagset.IntVar(&opts.NetworkWorkers, "network-ctrl-workers", 1,
+		"The number of workers used to reconcile Network resources.")
+	flagset.IntVar(&opts.IPWorkers, "ip-ctrl-workers", 1,
+		"The number of workers used to reconcile IP resources.")
+	flagset.Uint16Var(&opts.GenevePort, "geneve-port", 6081, "The port used by the Geneve tunnel")
+
+	// Authentication module
+	flagset.StringVar(&opts.APIServerAddressOverride, "api-server-address-override", "",
+		"Override the API server address where the Kuberentes APIServer is exposed")
+	flagset.StringVar(&opts.CAOverride, "ca-override", "", "Override the CA certificate used by Kubernetes to sign certificates (base64 encoded)")
+	flagset.BoolVar(&opts.TrustedCA, "trusted-ca", false, "Whether the Kubernetes APIServer certificate is issue by a trusted CA")
+	flagset.StringVar(&opts.AWSConfig.AwsAccessKeyID, "aws-access-key-id", "", "AWS IAM AccessKeyID for the Liqo User")
+	flagset.StringVar(&opts.AWSConfig.AwsSecretAccessKey, "aws-secret-access-key", "", "AWS IAM SecretAccessKey for the Liqo User")
+	flagset.StringVar(&opts.AWSConfig.AwsRegion, "aws-region", "", "AWS region where the local cluster is running")
+	flagset.StringVar(&opts.AWSConfig.AwsClusterName, "aws-cluster-name", "", "Name of the local EKS cluster")
+	flagset.Var(&opts.ClusterLabels, consts.ClusterLabelsParameter,
+		"The set of labels which characterizes the local cluster when exposed remotely as a virtual node")
+	flagset.Var(&opts.IngressClasses, "ingress-classes", "List of ingress classes offered by the cluster. Example: \"nginx;default,traefik\"")
+	flagset.Var(&opts.LoadBalancerClasses, "load-balancer-classes", "List of load balancer classes offered by the cluster. Example:\"metallb;default\"")
+	flagset.Var(&opts.DefaultNodeResources, "default-node-resources", "Default resources assigned to the Virtual Node Pod")
+	flagset.Var(&opts.GlobalLabels, "global-labels", "The set of labels that will be added to all resources created by Liqo controllers")
+	flagset.Var(&opts.GlobalAnnotations, "global-annotations", "The set of annotations that will be added to all resources created by Liqo controllers")
+
+	// Offloading module
+	flagset.BoolVar(&opts.EnableStorage, "enable-storage", false, "enable the liqo virtual storage class")
+	flagset.StringVar(&opts.VirtualStorageClassName, "virtual-storage-class-name", "liqo", "Name of the virtual storage class")
+	flagset.StringVar(&opts.RealStorageClassName, "real-storage-class-name", "", "Name of the real storage class to use for the actual volumes")
+	flagset.StringVar(&opts.StorageNamespace, "storage-namespace", "liqo-storage", "Namespace where the liqo storage-related resources are stored")
+	flagset.BoolVar(&opts.EnableNodeFailureController, "enable-node-failure-controller", false, "Enable the node failure controller")
+	flagset.IntVar(&opts.ShadowPodWorkers, "shadow-pod-ctrl-workers", 10, "The number of workers used to reconcile ShadowPod resources.")
+	flagset.IntVar(&opts.ShadowEndpointSliceWorkers, "shadow-endpointslice-ctrl-workers", 10,
+		"The number of workers used to reconcile ShadowEndpointSlice resources.")
+
+	// Cross module
+	flagset.BoolVar(&opts.EnableAPIServerIPRemapping, "enable-api-server-ip-remapping", true, "Enable the API server IP remapping")
+}

pkg/liqo-controller-manager/flags.go

@@ -0,0 +1,88 @@
+// Copyright 2019-2025 The Liqo Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package liqocontrollermanager
+
+import (
+	"time"
+
+	identitymanager "github.com/liqotech/liqo/pkg/identityManager"
+	"github.com/liqotech/liqo/pkg/utils/args"
+)
+
+// Options holds all configuration flags for the liqo-controller-manager.
+type Options struct {
+	// Cluster-wide modules enable/disable flags
+	NetworkingEnabled     bool
+	AuthenticationEnabled bool
+	OffloadingEnabled     bool
+
+	// Manager flags
+	WebhookPort    int
+	MetricsAddr    string
+	ProbeAddr      string
+	LeaderElection bool
+
+	// Global parameters
+	ResyncPeriod               time.Duration
+	ClusterIDFlags             *args.ClusterIDFlags
+	LiqoNamespace              string
+	ForeignClusterWorkers      int
+	ForeignClusterPingInterval time.Duration
+	ForeignClusterPingTimeout  time.Duration
+	DefaultLimitsEnforcement   string
+
+	// Networking module
+	IPAMServer                     string
+	GatewayServerResources         args.StringList
+	GatewayClientResources         args.StringList
+	WgGatewayServerClusterRoleName string
+	WgGatewayClientClusterRoleName string
+	FabricFullMasqueradeEnabled    bool
+	GwmasqbypassEnabled            bool
+	NetworkWorkers                 int
+	IPWorkers                      int
+	GenevePort                     uint16
+
+	// Authentication module
+	APIServerAddressOverride string
+	CAOverride               string
+	TrustedCA                bool
+	AWSConfig                *identitymanager.LocalAwsConfig
+	ClusterLabels            args.StringMap
+	IngressClasses           args.ClassNameList
+	LoadBalancerClasses      args.ClassNameList
+	DefaultNodeResources     args.ResourceMap
+	GlobalLabels             args.StringMap
+	GlobalAnnotations        args.StringMap
+
+	// Offloading module
+	EnableStorage               bool
+	VirtualStorageClassName     string
+	RealStorageClassName        string
+	StorageNamespace            string
+	EnableNodeFailureController bool
+	ShadowPodWorkers            int
+	ShadowEndpointSliceWorkers  int
+
+	// Cross module
+	EnableAPIServerIPRemapping bool
+}
+
+// NewOptions creates a new Options struct with default values.
+func NewOptions() *Options {
+	return &Options{
+		AWSConfig: &identitymanager.LocalAwsConfig{},
+	}
+}

pkg/liqo-controller-manager/options.go

@@ -43,7 +43,7 @@ var _ flag.Value = &ClusterIDFlags{}
 //	fcFlags := NewClusterIDFlags(false, nil)
 //	flag.Parse()
 //	foreignClusterID := fcFlags.Read()
-func NewClusterIDFlags(local bool, flags *pflag.FlagSet) ClusterIDFlags {
+func NewClusterIDFlags(local bool, flags *pflag.FlagSet) *ClusterIDFlags {
 	var prefix, description string
 	if local {
 		prefix = "cluster" //nolint:goconst // No need to make the word "cluster" a const...
@@ -55,7 +55,7 @@ func NewClusterIDFlags(local bool, flags *pflag.FlagSet) ClusterIDFlags {
 	if flags == nil {
 		flags = pflag.CommandLine
 	}
-	return ClusterIDFlags{
+	return &ClusterIDFlags{
 		local:     local,
 		ClusterID: flags.String(fmt.Sprintf("%s-id", prefix), "", fmt.Sprintf(description, "ID")),
 	}