Initial support for public IP scanning

Author: aalexand

charts/cluster-registry-client/crds/registry.ethos.adobe.com_clusters.yaml

@@ -239,6 +239,11 @@ spec:
                 - Running
                 - Upgrading
                 type: string
+              publicIPs:
+                description: PublicIPs cluster public IPs
+                items:
+                  type: string
+                type: array
               region:
                 description: Cluster internal region name
                 type: string

cmd/client/client.go

@@ -18,16 +18,19 @@ import (
 	"fmt"
 	registryv1alpha1 "github.com/adobe/cluster-registry/pkg/api/registry/v1alpha1"
 	"github.com/adobe/cluster-registry/pkg/client/controllers"
+	"github.com/adobe/cluster-registry/pkg/client/publicip"
 	"github.com/adobe/cluster-registry/pkg/config"
 	monitoring "github.com/adobe/cluster-registry/pkg/monitoring/client"
 	"github.com/adobe/cluster-registry/pkg/sqs"
+	"github.com/go-co-op/gocron/v2"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/client-go/discovery"
 	"k8s.io/client-go/tools/leaderelection/resourcelock"
 	"net/http"
 	"os"
 	"sigs.k8s.io/controller-runtime/pkg/metrics/server"
+	"time"
 
 	configv1 "github.com/adobe/cluster-registry/pkg/api/config/v1"
 	registryv1 "github.com/adobe/cluster-registry/pkg/api/registry/v1"
@@ -199,6 +202,46 @@ func main() {
 			os.Exit(1)
 		}
 	}()
+	go func() {
+		scanInterval := 60 * time.Second
+
+		setupLog.Info("starting public IP scanner",
+			"interval", fmt.Sprintf("%s", scanInterval))
+		scheduler, err := gocron.NewScheduler(gocron.WithLocation(time.UTC))
+		defer func() { _ = scheduler.Shutdown() }()
+
+		if err != nil {
+			setupLog.Error(err, "failed to create scheduler")
+			os.Exit(1)
+		}
+
+		scanner, err := publicip.NewScanner(func(o *publicip.Options) {
+			o.Client = mgr.GetClient()
+			o.Logger = ctrl.Log.WithName("publicip-scanner")
+			o.Namespace = clientConfig.Namespace
+		})
+
+		if err != nil {
+			setupLog.Error(err, "failed to create public IP scanner")
+			os.Exit(1)
+		}
+
+		job, err := scheduler.NewJob(
+			gocron.DurationJob(scanInterval),
+			gocron.NewTask(scanner.Run, ctx),
+		)
+
+		if err != nil {
+			setupLog.Error(err, "failed to schedule public IP scanner job")
+			os.Exit(1)
+		}
+
+		scheduler.Start()
+		setupLog.Info("started public IP scanner job",
+			"id", job.ID(),
+			"interval", fmt.Sprintf("%s", scanInterval))
+		select {}
+	}()
 
 	setupLog.Info("starting cluster-registry-client")
 	if err := mgr.Start(ctx); err != nil {

config/crd/bases/registry.ethos.adobe.com_clusters.yaml

@@ -239,6 +239,11 @@ spec:
                 - Running
                 - Upgrading
                 type: string
+              publicIPs:
+                description: PublicIPs cluster public IPs
+                items:
+                  type: string
+                type: array
               region:
                 description: Cluster internal region name
                 type: string

go.mod

@@ -37,7 +37,7 @@ require (
 	k8s.io/client-go v0.31.2
 	k8s.io/component-base v0.31.2
 	k8s.io/utils v0.0.0-20240921022957-49e7df575cb6
-	sigs.k8s.io/controller-runtime v0.19.1
+	sigs.k8s.io/controller-runtime v0.19.2
 	sigs.k8s.io/yaml v1.4.0
 )
 
@@ -72,6 +72,7 @@ require (
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
 	github.com/ghodss/yaml v1.0.0 // indirect
+	github.com/go-co-op/gocron/v2 v2.12.4 // indirect
 	github.com/go-jose/go-jose/v4 v4.0.4 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-logr/zapr v1.3.0 // indirect
@@ -93,6 +94,7 @@ require (
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/imdario/mergo v0.3.6 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
+	github.com/jonboulle/clockwork v0.4.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/klauspost/compress v1.17.9 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
@@ -123,6 +125,7 @@ require (
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.55.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
+	github.com/robfig/cron/v3 v3.0.1 // indirect
 	github.com/shirou/gopsutil/v3 v3.23.12 // indirect
 	github.com/shoenig/go-m1cpu v0.1.6 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect

go.sum

@@ -98,6 +98,8 @@ github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv
 github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ=
 github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
+github.com/go-co-op/gocron/v2 v2.12.4 h1:h1HWApo3T+61UrZqEY2qG1LUpDnB7tkYITxf6YIK354=
+github.com/go-co-op/gocron/v2 v2.12.4/go.mod h1:xY7bJxGazKam1cz04EebrlP4S9q4iWdiAylMGP3jY9w=
 github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k=
 github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ=
 github.com/go-jose/go-jose/v4 v4.0.4 h1:VsjPI33J0SB9vQM6PLmNjoHqMQNGPiZ0rHL7Ni7Q6/E=
@@ -190,6 +192,8 @@ github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9Y
 github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
 github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
 github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
+github.com/jonboulle/clockwork v0.4.0 h1:p4Cf1aMWXnXAUh8lVfewRBx1zaTSYKrKMF2g3ST4RZ4=
+github.com/jonboulle/clockwork v0.4.0/go.mod h1:xgRqUGwRcjKCO1vbZUEtSLrqKoPSsUpK7fnezOII0kc=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
@@ -293,6 +297,8 @@ github.com/redis/go-redis/v9 v9.6.1 h1:HHDteefn6ZkTtY5fGUE8tj8uy85AHk6zP7CpzIAM0
 github.com/redis/go-redis/v9 v9.6.1/go.mod h1:0C0c6ycQsdpVNQpxb1njEQIqkx5UcsM8FJCQLgE9+RA=
 github.com/redis/go-redis/v9 v9.7.0 h1:HhLSs+B6O021gwzl+locl0zEDnyNkxMtf/Z3NNBMa9E=
 github.com/redis/go-redis/v9 v9.7.0/go.mod h1:f6zhXITC7JUJIlPEiBOTXxJgPLdZcA93GewI7inzyWw=
+github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
+github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
 github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
 github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
 github.com/shirou/gopsutil/v3 v3.23.12 h1:z90NtUkp3bMtmICZKpC4+WaknU1eXtp5vtbQ11DgpE4=
@@ -579,6 +585,8 @@ sigs.k8s.io/controller-runtime v0.19.0 h1:nWVM7aq+Il2ABxwiCizrVDSlmDcshi9llbaFbC
 sigs.k8s.io/controller-runtime v0.19.0/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4=
 sigs.k8s.io/controller-runtime v0.19.1 h1:Son+Q40+Be3QWb+niBXAg2vFiYWolDjjRfO8hn/cxOk=
 sigs.k8s.io/controller-runtime v0.19.1/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4=
+sigs.k8s.io/controller-runtime v0.19.2 h1:3sPrF58XQEPzbE8T81TN6selQIMGbtYwuaJ6eDssDF8=
+sigs.k8s.io/controller-runtime v0.19.2/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4=
 sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
 sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
 sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=

pkg/api/registry/v1/cluster_types.go

@@ -132,6 +132,9 @@ type ClusterSpec struct {
 
 	// AvailabilityZones cluster availability zones
 	AvailabilityZones []AvailabilityZone `json:"availabilityZones,omitempty"`
+
+	// PublicIPs cluster public IPs
+	PublicIPs []string `json:"publicIPs,omitempty"`
 }
 
 // Offering the cluster is meant for

pkg/api/registry/v1/zz_generated.deepcopy.go

@@ -0,0 +1,45 @@
+package publicip
+
+import (
+	"context"
+	registryv1 "github.com/adobe/cluster-registry/pkg/api/registry/v1"
+	"github.com/go-logr/logr"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+type scanner struct {
+	client    client.Client
+	logger    logr.Logger
+	namespace string
+}
+
+func (s *scanner) GetClient() client.Client {
+	return s.client
+}
+
+func (s *scanner) Run(ctx context.Context) error {
+	clusterList := &registryv1.ClusterList{}
+	err := s.client.List(context.TODO(), clusterList, &client.ListOptions{Namespace: s.namespace})
+	if err != nil {
+		return err
+	}
+
+	for _, cluster := range clusterList.Items {
+		switch cluster.Spec.CloudType {
+		case "aws", "eks":
+			s.logger.Info("Querying AWS cloud provider API", "cluster", cluster.Name)
+
+		case "azure", "aks":
+			s.logger.Info("Querying Azure cloud provider API", "cluster", cluster.Name)
+
+		case "datacenter":
+			// not yet implemented
+			s.logger.Info("Skipping datacenter cluster", "cluster", cluster.Name)
+
+		default:
+			s.logger.Info("Unknown cloud provider", "cluster", cluster.Name)
+		}
+	}
+
+	return nil
+}

pkg/client/publicip/internal.go

@@ -0,0 +1,47 @@
+package publicip
+
+import (
+	"context"
+	"github.com/go-logr/logr"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+)
+
+type Scanner interface {
+	GetClient() client.Client
+	Run(ctx context.Context) error
+}
+
+func NewScanner(opts ...Option) (Scanner, error) {
+	options := Options{}
+	for _, o := range opts {
+		o(&options)
+	}
+	options, err := setDefaultOptions(options)
+	if err != nil {
+		options.Logger.Error(err, "failed to set defaults")
+		return nil, err
+	}
+
+	return &scanner{
+		client:    options.Client,
+		logger:    options.Logger,
+		namespace: options.Namespace,
+	}, nil
+}
+
+type Options struct {
+	Logger    logr.Logger
+	Client    client.Client
+	Namespace string
+}
+
+type Option func(*Options)
+
+func setDefaultOptions(options Options) (Options, error) {
+	if options.Logger.GetSink() == nil {
+		options.Logger = log.Log.WithName("publicip-scanner")
+	}
+
+	return options, nil
+}