From 30bdeb3507a8b4b3c12ce14430ee0d98421a67b1 Mon Sep 17 00:00:00 2001 From: Saylor Berman Date: Tue, 8 Oct 2024 21:43:32 +0300 Subject: [PATCH] Add init container for setting up base config (#2649) Problem: We are starting to introduce configuration options that exist in the main context. However, that configuration won't be written until the control plane writes it to nginx, meaning it doesn't exist on nginx startup. Therefore nginx uses its default configuration for a brief time, which is incorrect. We want to be able to provide this configuration on startup. Solution: Using an init container, we can mount a ConfigMap containing the dynamic base config, and copy it to the proper location in the filesystem before nginx starts. We can't mount the ConfigMap directly to the proper location because it would be read-only, preventing our control plane from writing to it. This allows us to bootstrap the user config into nginx on startup, while also allowing our control plane to overwrite it if the user ever changes the config after the fact. Removed logic that cleared out nginx files on startup because it would erase this bootstrap config, and it wasn't really needed since we delete nginx files when we write config anyway. Also fixed an issue where the log level was not honored when no Gateway resources existed. --- .../templates/deployment.yaml | 30 ++++++++++ .../templates/include-configmap.yaml | 14 +++++ .../nginx-gateway-fabric/templates/scc.yaml | 1 + cmd/gateway/commands.go | 58 +++++++++++++++++++ cmd/gateway/commands_test.go | 45 ++++++++++++++ cmd/gateway/main.go | 1 + config/tests/static-deployment.yaml | 30 ++++++++++ deploy/aws-nlb/deploy.yaml | 43 ++++++++++++++ deploy/azure/deploy.yaml | 43 ++++++++++++++ deploy/default/deploy.yaml | 43 ++++++++++++++ deploy/experimental-nginx-plus/deploy.yaml | 43 ++++++++++++++ deploy/experimental/deploy.yaml | 43 ++++++++++++++ deploy/nginx-plus/deploy.yaml | 43 ++++++++++++++ deploy/nodeport/deploy.yaml | 43 ++++++++++++++ deploy/openshift/deploy.yaml | 44 ++++++++++++++ internal/mode/static/handler_test.go | 14 ++--- internal/mode/static/manager.go | 10 ---- .../static/state/dataplane/configuration.go | 6 +- 18 files changed, 534 insertions(+), 20 deletions(-) create mode 100644 charts/nginx-gateway-fabric/templates/include-configmap.yaml diff --git a/charts/nginx-gateway-fabric/templates/deployment.yaml b/charts/nginx-gateway-fabric/templates/deployment.yaml index 4b0cb431b6..84161ead54 100644 --- a/charts/nginx-gateway-fabric/templates/deployment.yaml +++ b/charts/nginx-gateway-fabric/templates/deployment.yaml @@ -29,6 +29,33 @@ spec: {{- end }} {{- end }} spec: + initContainers: + - name: copy-nginx-config + image: {{ .Values.nginxGateway.image.repository }}:{{ default .Chart.AppVersion .Values.nginxGateway.image.tag }} + imagePullPolicy: {{ .Values.nginxGateway.image.pullPolicy }} + command: + - /usr/bin/gateway + - copy + - --source + - /includes/main.conf + - --destination + - /etc/nginx/main-includes/main.conf + securityContext: + seccompProfile: + type: RuntimeDefault + capabilities: + add: + - KILL # Set because the binary has CAP_KILL for the main controller process. Not used by init. + drop: + - ALL + readOnlyRootFilesystem: true + runAsUser: 102 + runAsGroup: 1001 + volumeMounts: + - name: nginx-includes-configmap + mountPath: /includes + - name: nginx-main-includes + mountPath: /etc/nginx/main-includes containers: - args: - static-mode @@ -223,6 +250,9 @@ spec: emptyDir: {} - name: nginx-includes emptyDir: {} + - name: nginx-includes-configmap + configMap: + name: nginx-includes {{- with .Values.extraVolumes -}} {{ toYaml . | nindent 6 }} {{- end }} diff --git a/charts/nginx-gateway-fabric/templates/include-configmap.yaml b/charts/nginx-gateway-fabric/templates/include-configmap.yaml new file mode 100644 index 0000000000..9321861c2d --- /dev/null +++ b/charts/nginx-gateway-fabric/templates/include-configmap.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: nginx-includes + namespace: {{ .Release.Namespace }} + labels: + {{- include "nginx-gateway.labels" . | nindent 4 }} +data: + main.conf: | + {{- if and .Values.nginx.config .Values.nginx.config.logging .Values.nginx.config.logging.errorLevel }} + error_log stderr {{ .Values.nginx.config.logging.errorLevel }}; + {{ else }} + error_log stderr info; + {{- end }} diff --git a/charts/nginx-gateway-fabric/templates/scc.yaml b/charts/nginx-gateway-fabric/templates/scc.yaml index afeddcae19..b156ff2109 100644 --- a/charts/nginx-gateway-fabric/templates/scc.yaml +++ b/charts/nginx-gateway-fabric/templates/scc.yaml @@ -32,6 +32,7 @@ seccompProfiles: volumes: - emptyDir - secret +- configMap users: - {{ printf "system:serviceaccount:%s:%s" .Release.Namespace (include "nginx-gateway.serviceAccountName" .) }} allowedCapabilities: diff --git a/cmd/gateway/commands.go b/cmd/gateway/commands.go index 2526eb3c22..5aed4668c1 100644 --- a/cmd/gateway/commands.go +++ b/cmd/gateway/commands.go @@ -3,6 +3,7 @@ package main import ( "errors" "fmt" + "io" "os" "runtime/debug" "strconv" @@ -481,6 +482,63 @@ func createSleepCommand() *cobra.Command { return cmd } +func createCopyCommand() *cobra.Command { + // flag names + const srcFlag = "source" + const destFlag = "destination" + // flag values + var src, dest string + + cmd := &cobra.Command{ + Use: "copy", + Short: "Copy a file to a destination", + RunE: func(_ *cobra.Command, _ []string) error { + if len(src) == 0 { + return errors.New("source must not be empty") + } + if len(dest) == 0 { + return errors.New("destination must not be empty") + } + + srcFile, err := os.Open(src) + if err != nil { + return fmt.Errorf("error opening source file: %w", err) + } + defer srcFile.Close() + + destFile, err := os.Create(dest) + if err != nil { + return fmt.Errorf("error creating destination file: %w", err) + } + defer destFile.Close() + + if _, err := io.Copy(destFile, srcFile); err != nil { + return fmt.Errorf("error copying file contents: %w", err) + } + + return nil + }, + } + + cmd.Flags().StringVar( + &src, + srcFlag, + "", + "The source file to be copied", + ) + + cmd.Flags().StringVar( + &dest, + destFlag, + "", + "The destination for the source file to be copied to", + ) + + cmd.MarkFlagsRequiredTogether(srcFlag, destFlag) + + return cmd +} + func parseFlags(flags *pflag.FlagSet) ([]string, []string) { var flagKeys, flagValues []string diff --git a/cmd/gateway/commands_test.go b/cmd/gateway/commands_test.go index 03bc09e8be..63b85477d9 100644 --- a/cmd/gateway/commands_test.go +++ b/cmd/gateway/commands_test.go @@ -437,6 +437,51 @@ func TestSleepCmdFlagValidation(t *testing.T) { } } +func TestCopyCmdFlagValidation(t *testing.T) { + t.Parallel() + tests := []flagTestCase{ + { + name: "valid flags", + args: []string{ + "--source=/my/file", + "--destination=dest/file", + }, + wantErr: false, + }, + { + name: "omitted flags", + args: nil, + wantErr: false, + }, + { + name: "source set without destination", + args: []string{ + "--source=/my/file", + }, + wantErr: true, + expectedErrPrefix: "if any flags in the group [source destination] are set they must all be set; " + + "missing [destination]", + }, + { + name: "destination set without source", + args: []string{ + "--destination=/dest/file", + }, + wantErr: true, + expectedErrPrefix: "if any flags in the group [source destination] are set they must all be set; " + + "missing [source]", + }, + } + + for _, test := range tests { + t.Run(test.name, func(t *testing.T) { + t.Parallel() + cmd := createCopyCommand() + testFlag(t, cmd, test) + }) + } +} + func TestParseFlags(t *testing.T) { t.Parallel() g := NewWithT(t) diff --git a/cmd/gateway/main.go b/cmd/gateway/main.go index 5c70d6204a..104bed6673 100644 --- a/cmd/gateway/main.go +++ b/cmd/gateway/main.go @@ -23,6 +23,7 @@ func main() { rootCmd.AddCommand( createStaticModeCommand(), createProvisionerModeCommand(), + createCopyCommand(), createSleepCommand(), ) diff --git a/config/tests/static-deployment.yaml b/config/tests/static-deployment.yaml index 30f85a9081..8de0432701 100644 --- a/config/tests/static-deployment.yaml +++ b/config/tests/static-deployment.yaml @@ -21,6 +21,33 @@ spec: app.kubernetes.io/name: nginx-gateway app.kubernetes.io/instance: nginx-gateway spec: + initContainers: + - name: copy-nginx-config + image: ghcr.io/nginxinc/nginx-gateway-fabric:edge + imagePullPolicy: Always + command: + - /usr/bin/gateway + - copy + - --source + - /includes/main.conf + - --destination + - /etc/nginx/main-includes/main.conf + securityContext: + seccompProfile: + type: RuntimeDefault + capabilities: + add: + - KILL # Set because the binary has CAP_KILL for the main controller process. Not used by init. + drop: + - ALL + readOnlyRootFilesystem: true + runAsUser: 102 + runAsGroup: 1001 + volumeMounts: + - name: nginx-includes-configmap + mountPath: /includes + - name: nginx-main-includes + mountPath: /etc/nginx/main-includes containers: - args: - static-mode @@ -137,3 +164,6 @@ spec: emptyDir: {} - name: nginx-includes emptyDir: {} + - name: nginx-includes-configmap + configMap: + name: nginx-includes diff --git a/deploy/aws-nlb/deploy.yaml b/deploy/aws-nlb/deploy.yaml index e363b9066a..91ce6f5f06 100644 --- a/deploy/aws-nlb/deploy.yaml +++ b/deploy/aws-nlb/deploy.yaml @@ -143,6 +143,19 @@ subjects: namespace: nginx-gateway --- apiVersion: v1 +data: + main.conf: | + error_log stderr info; +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: nginx-gateway + app.kubernetes.io/name: nginx-gateway + app.kubernetes.io/version: edge + name: nginx-includes + namespace: nginx-gateway +--- +apiVersion: v1 kind: Service metadata: annotations: @@ -290,6 +303,33 @@ spec: name: nginx-cache - mountPath: /etc/nginx/includes name: nginx-includes + initContainers: + - command: + - /usr/bin/gateway + - copy + - --source + - /includes/main.conf + - --destination + - /etc/nginx/main-includes/main.conf + image: ghcr.io/nginxinc/nginx-gateway-fabric:edge + imagePullPolicy: Always + name: copy-nginx-config + securityContext: + capabilities: + add: + - KILL + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsUser: 102 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /includes + name: nginx-includes-configmap + - mountPath: /etc/nginx/main-includes + name: nginx-main-includes securityContext: fsGroup: 1001 runAsNonRoot: true @@ -311,6 +351,9 @@ spec: name: nginx-cache - emptyDir: {} name: nginx-includes + - configMap: + name: nginx-includes + name: nginx-includes-configmap --- apiVersion: gateway.networking.k8s.io/v1 kind: GatewayClass diff --git a/deploy/azure/deploy.yaml b/deploy/azure/deploy.yaml index faacc0332e..1b1c209eef 100644 --- a/deploy/azure/deploy.yaml +++ b/deploy/azure/deploy.yaml @@ -143,6 +143,19 @@ subjects: namespace: nginx-gateway --- apiVersion: v1 +data: + main.conf: | + error_log stderr info; +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: nginx-gateway + app.kubernetes.io/name: nginx-gateway + app.kubernetes.io/version: edge + name: nginx-includes + namespace: nginx-gateway +--- +apiVersion: v1 kind: Service metadata: labels: @@ -287,6 +300,33 @@ spec: name: nginx-cache - mountPath: /etc/nginx/includes name: nginx-includes + initContainers: + - command: + - /usr/bin/gateway + - copy + - --source + - /includes/main.conf + - --destination + - /etc/nginx/main-includes/main.conf + image: ghcr.io/nginxinc/nginx-gateway-fabric:edge + imagePullPolicy: Always + name: copy-nginx-config + securityContext: + capabilities: + add: + - KILL + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsUser: 102 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /includes + name: nginx-includes-configmap + - mountPath: /etc/nginx/main-includes + name: nginx-main-includes nodeSelector: kubernetes.io/os: linux securityContext: @@ -310,6 +350,9 @@ spec: name: nginx-cache - emptyDir: {} name: nginx-includes + - configMap: + name: nginx-includes + name: nginx-includes-configmap --- apiVersion: gateway.networking.k8s.io/v1 kind: GatewayClass diff --git a/deploy/default/deploy.yaml b/deploy/default/deploy.yaml index 97e03edb4c..0d19731785 100644 --- a/deploy/default/deploy.yaml +++ b/deploy/default/deploy.yaml @@ -143,6 +143,19 @@ subjects: namespace: nginx-gateway --- apiVersion: v1 +data: + main.conf: | + error_log stderr info; +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: nginx-gateway + app.kubernetes.io/name: nginx-gateway + app.kubernetes.io/version: edge + name: nginx-includes + namespace: nginx-gateway +--- +apiVersion: v1 kind: Service metadata: labels: @@ -287,6 +300,33 @@ spec: name: nginx-cache - mountPath: /etc/nginx/includes name: nginx-includes + initContainers: + - command: + - /usr/bin/gateway + - copy + - --source + - /includes/main.conf + - --destination + - /etc/nginx/main-includes/main.conf + image: ghcr.io/nginxinc/nginx-gateway-fabric:edge + imagePullPolicy: Always + name: copy-nginx-config + securityContext: + capabilities: + add: + - KILL + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsUser: 102 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /includes + name: nginx-includes-configmap + - mountPath: /etc/nginx/main-includes + name: nginx-main-includes securityContext: fsGroup: 1001 runAsNonRoot: true @@ -308,6 +348,9 @@ spec: name: nginx-cache - emptyDir: {} name: nginx-includes + - configMap: + name: nginx-includes + name: nginx-includes-configmap --- apiVersion: gateway.networking.k8s.io/v1 kind: GatewayClass diff --git a/deploy/experimental-nginx-plus/deploy.yaml b/deploy/experimental-nginx-plus/deploy.yaml index 002027468d..9e22545f68 100644 --- a/deploy/experimental-nginx-plus/deploy.yaml +++ b/deploy/experimental-nginx-plus/deploy.yaml @@ -156,6 +156,19 @@ subjects: namespace: nginx-gateway --- apiVersion: v1 +data: + main.conf: | + error_log stderr info; +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: nginx-gateway + app.kubernetes.io/name: nginx-gateway + app.kubernetes.io/version: edge + name: nginx-includes + namespace: nginx-gateway +--- +apiVersion: v1 kind: Service metadata: labels: @@ -302,6 +315,33 @@ spec: name: nginx-cache - mountPath: /etc/nginx/includes name: nginx-includes + initContainers: + - command: + - /usr/bin/gateway + - copy + - --source + - /includes/main.conf + - --destination + - /etc/nginx/main-includes/main.conf + image: ghcr.io/nginxinc/nginx-gateway-fabric:edge + imagePullPolicy: Always + name: copy-nginx-config + securityContext: + capabilities: + add: + - KILL + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsUser: 102 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /includes + name: nginx-includes-configmap + - mountPath: /etc/nginx/main-includes + name: nginx-main-includes securityContext: fsGroup: 1001 runAsNonRoot: true @@ -323,6 +363,9 @@ spec: name: nginx-cache - emptyDir: {} name: nginx-includes + - configMap: + name: nginx-includes + name: nginx-includes-configmap --- apiVersion: gateway.networking.k8s.io/v1 kind: GatewayClass diff --git a/deploy/experimental/deploy.yaml b/deploy/experimental/deploy.yaml index fbb09e917a..6642fe5c36 100644 --- a/deploy/experimental/deploy.yaml +++ b/deploy/experimental/deploy.yaml @@ -148,6 +148,19 @@ subjects: namespace: nginx-gateway --- apiVersion: v1 +data: + main.conf: | + error_log stderr info; +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: nginx-gateway + app.kubernetes.io/name: nginx-gateway + app.kubernetes.io/version: edge + name: nginx-includes + namespace: nginx-gateway +--- +apiVersion: v1 kind: Service metadata: labels: @@ -293,6 +306,33 @@ spec: name: nginx-cache - mountPath: /etc/nginx/includes name: nginx-includes + initContainers: + - command: + - /usr/bin/gateway + - copy + - --source + - /includes/main.conf + - --destination + - /etc/nginx/main-includes/main.conf + image: ghcr.io/nginxinc/nginx-gateway-fabric:edge + imagePullPolicy: Always + name: copy-nginx-config + securityContext: + capabilities: + add: + - KILL + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsUser: 102 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /includes + name: nginx-includes-configmap + - mountPath: /etc/nginx/main-includes + name: nginx-main-includes securityContext: fsGroup: 1001 runAsNonRoot: true @@ -314,6 +354,9 @@ spec: name: nginx-cache - emptyDir: {} name: nginx-includes + - configMap: + name: nginx-includes + name: nginx-includes-configmap --- apiVersion: gateway.networking.k8s.io/v1 kind: GatewayClass diff --git a/deploy/nginx-plus/deploy.yaml b/deploy/nginx-plus/deploy.yaml index 33043d74d5..9a9762c662 100644 --- a/deploy/nginx-plus/deploy.yaml +++ b/deploy/nginx-plus/deploy.yaml @@ -151,6 +151,19 @@ subjects: namespace: nginx-gateway --- apiVersion: v1 +data: + main.conf: | + error_log stderr info; +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: nginx-gateway + app.kubernetes.io/name: nginx-gateway + app.kubernetes.io/version: edge + name: nginx-includes + namespace: nginx-gateway +--- +apiVersion: v1 kind: Service metadata: labels: @@ -298,6 +311,33 @@ spec: name: nginx-cache - mountPath: /etc/nginx/includes name: nginx-includes + initContainers: + - command: + - /usr/bin/gateway + - copy + - --source + - /includes/main.conf + - --destination + - /etc/nginx/main-includes/main.conf + image: ghcr.io/nginxinc/nginx-gateway-fabric:edge + imagePullPolicy: Always + name: copy-nginx-config + securityContext: + capabilities: + add: + - KILL + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsUser: 102 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /includes + name: nginx-includes-configmap + - mountPath: /etc/nginx/main-includes + name: nginx-main-includes securityContext: fsGroup: 1001 runAsNonRoot: true @@ -319,6 +359,9 @@ spec: name: nginx-cache - emptyDir: {} name: nginx-includes + - configMap: + name: nginx-includes + name: nginx-includes-configmap --- apiVersion: gateway.networking.k8s.io/v1 kind: GatewayClass diff --git a/deploy/nodeport/deploy.yaml b/deploy/nodeport/deploy.yaml index d45f2c51c2..9c42cccd88 100644 --- a/deploy/nodeport/deploy.yaml +++ b/deploy/nodeport/deploy.yaml @@ -143,6 +143,19 @@ subjects: namespace: nginx-gateway --- apiVersion: v1 +data: + main.conf: | + error_log stderr info; +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: nginx-gateway + app.kubernetes.io/name: nginx-gateway + app.kubernetes.io/version: edge + name: nginx-includes + namespace: nginx-gateway +--- +apiVersion: v1 kind: Service metadata: labels: @@ -287,6 +300,33 @@ spec: name: nginx-cache - mountPath: /etc/nginx/includes name: nginx-includes + initContainers: + - command: + - /usr/bin/gateway + - copy + - --source + - /includes/main.conf + - --destination + - /etc/nginx/main-includes/main.conf + image: ghcr.io/nginxinc/nginx-gateway-fabric:edge + imagePullPolicy: Always + name: copy-nginx-config + securityContext: + capabilities: + add: + - KILL + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsUser: 102 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /includes + name: nginx-includes-configmap + - mountPath: /etc/nginx/main-includes + name: nginx-main-includes securityContext: fsGroup: 1001 runAsNonRoot: true @@ -308,6 +348,9 @@ spec: name: nginx-cache - emptyDir: {} name: nginx-includes + - configMap: + name: nginx-includes + name: nginx-includes-configmap --- apiVersion: gateway.networking.k8s.io/v1 kind: GatewayClass diff --git a/deploy/openshift/deploy.yaml b/deploy/openshift/deploy.yaml index 742441ad18..c17d5c2e98 100644 --- a/deploy/openshift/deploy.yaml +++ b/deploy/openshift/deploy.yaml @@ -151,6 +151,19 @@ subjects: namespace: nginx-gateway --- apiVersion: v1 +data: + main.conf: | + error_log stderr info; +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: nginx-gateway + app.kubernetes.io/name: nginx-gateway + app.kubernetes.io/version: edge + name: nginx-includes + namespace: nginx-gateway +--- +apiVersion: v1 kind: Service metadata: labels: @@ -295,6 +308,33 @@ spec: name: nginx-cache - mountPath: /etc/nginx/includes name: nginx-includes + initContainers: + - command: + - /usr/bin/gateway + - copy + - --source + - /includes/main.conf + - --destination + - /etc/nginx/main-includes/main.conf + image: ghcr.io/nginxinc/nginx-gateway-fabric:edge + imagePullPolicy: Always + name: copy-nginx-config + securityContext: + capabilities: + add: + - KILL + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsUser: 102 + seccompProfile: + type: RuntimeDefault + volumeMounts: + - mountPath: /includes + name: nginx-includes-configmap + - mountPath: /etc/nginx/main-includes + name: nginx-main-includes securityContext: fsGroup: 1001 runAsNonRoot: true @@ -316,6 +356,9 @@ spec: name: nginx-cache - emptyDir: {} name: nginx-includes + - configMap: + name: nginx-includes + name: nginx-includes-configmap --- apiVersion: gateway.networking.k8s.io/v1 kind: GatewayClass @@ -381,3 +424,4 @@ users: volumes: - emptyDir - secret +- configMap diff --git a/internal/mode/static/handler_test.go b/internal/mode/static/handler_test.go index 2b4ee9b537..a912168a2f 100644 --- a/internal/mode/static/handler_test.go +++ b/internal/mode/static/handler_test.go @@ -155,7 +155,7 @@ var _ = Describe("eventHandler", func() { handler.HandleEventBatch(context.Background(), ctlrZap.New(), batch) - dcfg := dataplane.GetDefaultConfiguration(1) + dcfg := dataplane.GetDefaultConfiguration(&graph.Graph{}, 1) checkUpsertEventExpectations(e) expectReconfig(dcfg, fakeCfgFiles) @@ -171,7 +171,7 @@ var _ = Describe("eventHandler", func() { handler.HandleEventBatch(context.Background(), ctlrZap.New(), batch) - dcfg := dataplane.GetDefaultConfiguration(1) + dcfg := dataplane.GetDefaultConfiguration(&graph.Graph{}, 1) checkDeleteEventExpectations(e) expectReconfig(dcfg, fakeCfgFiles) @@ -195,7 +195,7 @@ var _ = Describe("eventHandler", func() { handler.HandleEventBatch(context.Background(), ctlrZap.New(), batch) - dcfg := dataplane.GetDefaultConfiguration(2) + dcfg := dataplane.GetDefaultConfiguration(&graph.Graph{}, 2) Expect(helpers.Diff(handler.GetLatestConfiguration(), &dcfg)).To(BeEmpty()) }) }) @@ -520,7 +520,7 @@ var _ = Describe("eventHandler", func() { handler.HandleEventBatch(context.Background(), ctlrZap.New(), batch) - dcfg := dataplane.GetDefaultConfiguration(1) + dcfg := dataplane.GetDefaultConfiguration(&graph.Graph{}, 1) Expect(helpers.Diff(handler.GetLatestConfiguration(), &dcfg)).To(BeEmpty()) Expect(fakeGenerator.GenerateCallCount()).To(Equal(1)) @@ -533,7 +533,7 @@ var _ = Describe("eventHandler", func() { It("should not call the NGINX Plus API", func() { handler.HandleEventBatch(context.Background(), ctlrZap.New(), batch) - dcfg := dataplane.GetDefaultConfiguration(1) + dcfg := dataplane.GetDefaultConfiguration(&graph.Graph{}, 1) Expect(helpers.Diff(handler.GetLatestConfiguration(), &dcfg)).To(BeEmpty()) Expect(fakeGenerator.GenerateCallCount()).To(Equal(1)) @@ -629,7 +629,7 @@ var _ = Describe("eventHandler", func() { Expect(handler.cfg.nginxConfiguredOnStartChecker.readyCheck(nil)).ToNot(Succeed()) handler.HandleEventBatch(context.Background(), ctlrZap.New(), batch) - dcfg := dataplane.GetDefaultConfiguration(1) + dcfg := dataplane.GetDefaultConfiguration(&graph.Graph{}, 1) Expect(helpers.Diff(handler.GetLatestConfiguration(), &dcfg)).To(BeEmpty()) Expect(readyChannel).To(BeClosed()) @@ -677,7 +677,7 @@ var _ = Describe("eventHandler", func() { handler.HandleEventBatch(context.Background(), ctlrZap.New(), batch) - dcfg := dataplane.GetDefaultConfiguration(2) + dcfg := dataplane.GetDefaultConfiguration(&graph.Graph{}, 2) Expect(helpers.Diff(handler.GetLatestConfiguration(), &dcfg)).To(BeEmpty()) Expect(readyChannel).To(BeClosed()) diff --git a/internal/mode/static/manager.go b/internal/mode/static/manager.go index f246821853..98efd55065 100644 --- a/internal/mode/static/manager.go +++ b/internal/mode/static/manager.go @@ -137,16 +137,6 @@ func StartManager(cfg config.Config) error { ProtectedPorts: protectedPorts, }) - // Clear the configuration folders to ensure that no files are left over in case the control plane was restarted - // (this assumes the folders are in a shared volume). - removedPaths, err := file.ClearFolders(file.NewStdLibOSFileManager(), ngxcfg.ConfigFolders) - for _, path := range removedPaths { - cfg.Logger.Info("removed configuration file", "path", path) - } - if err != nil { - return fmt.Errorf("cannot clear NGINX configuration folders: %w", err) - } - processHandler := ngxruntime.NewProcessHandlerImpl(os.ReadFile, os.Stat) // Ensure NGINX is running before registering metrics & starting the manager. diff --git a/internal/mode/static/state/dataplane/configuration.go b/internal/mode/static/state/dataplane/configuration.go index 3a08e3841a..645d27ab07 100644 --- a/internal/mode/static/state/dataplane/configuration.go +++ b/internal/mode/static/state/dataplane/configuration.go @@ -34,7 +34,7 @@ func BuildConfiguration( configVersion int, ) Configuration { if g.GatewayClass == nil || !g.GatewayClass.Valid || g.Gateway == nil { - return GetDefaultConfiguration(configVersion) + return GetDefaultConfiguration(g, configVersion) } baseHTTPConfig := buildBaseHTTPConfig(g) @@ -907,9 +907,9 @@ func buildLogging(g *graph.Graph) Logging { return logSettings } -func GetDefaultConfiguration(configVersion int) Configuration { +func GetDefaultConfiguration(g *graph.Graph, configVersion int) Configuration { return Configuration{ Version: configVersion, - Logging: Logging{ErrorLevel: defaultErrorLogLevel}, + Logging: buildLogging(g), } }