OSASINFRA-4029: loadbalancer: add LoadBalancer controller

Add support for OpenStack Octavia Load Balancer resources. This includes:

- LoadBalancer CRD with support for VIP subnet/network/port references
- Controller with create, update, delete, and import capabilities
- Status reporting with provisioning and operating status
- Dependency resolution for Subnet, Network, Port, and Project references
- Kuttl tests for create, update, import, and dependency scenarios

Closes #619

Author: eshulman2

PROJECT

@@ -64,6 +64,14 @@ resources:
   kind: KeyPair
   path: github.com/k-orc/openstack-resource-controller/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  domain: k-orc.cloud
+  group: openstack
+  kind: LoadBalancer
+  path: github.com/k-orc/openstack-resource-controller/api/v1alpha1
+  version: v1alpha1
 - api:
     crdVersion: v1
     namespaced: true

api/v1alpha1/loadbalancer_types.go

@@ -16,7 +16,21 @@ limitations under the License.
 
 package v1alpha1
 
+// Octavia provisioning status values
+const (
+	LoadbalancerProvisioningStatusActive        = "ACTIVE"
+	LoadbalancerProvisioningStatusError         = "ERROR"
+	LoadbalancerProvisioningStatusPendingCreate = "PENDING_CREATE"
+	LoadbalancerProvisioningStatusPendingUpdate = "PENDING_UPDATE"
+	LoadbalancerProvisioningStatusPendingDelete = "PENDING_DELETE"
+)
+
+// +kubebuilder:validation:MinLength:=1
+// +kubebuilder:validation:MaxLength:=255
+type LoadBalancerTag string
+
 // LoadBalancerResourceSpec contains the desired state of the resource.
+// +kubebuilder:validation:XValidation:rule="has(self.vipSubnetRef) || has(self.vipNetworkRef) || has(self.vipPortRef)",message="at least one of vipSubnetRef, vipNetworkRef, or vipPortRef must be specified"
 type LoadBalancerResourceSpec struct {
 	// name will be the name of the created resource. If not specified, the
 	// name of the ORC object will be used.
@@ -29,20 +43,22 @@ type LoadBalancerResourceSpec struct {
 	// +optional
 	Description *string `json:"description,omitempty"`
 
-	// subnetRef is a reference to the ORC Subnet which this resource is associated with.
+	// vipSubnetRef is the subnet on which to allocate the load balancer's address.
 	// +optional
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="subnetRef is immutable"
-	SubnetRef *KubernetesNameRef `json:"subnetRef,omitempty"`
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="vipSubnetRef is immutable"
+	VIPSubnetRef *KubernetesNameRef `json:"vipSubnetRef,omitempty"`
 
-	// networkRef is a reference to the ORC Network which this resource is associated with.
+	// vipNetworkRef is the network on which to allocate the load balancer's address.
 	// +optional
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="networkRef is immutable"
-	NetworkRef *KubernetesNameRef `json:"networkRef,omitempty"`
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="vipNetworkRef is immutable"
+	VIPNetworkRef *KubernetesNameRef `json:"vipNetworkRef,omitempty"`
 
-	// portRef is a reference to the ORC Port which this resource is associated with.
+	// vipPortRef is a reference to a neutron port to use for the VIP. If the port
+	// has more than one subnet you must specify either vipSubnetRef or vipAddress
+	// to clarify which address should be used for the VIP.
 	// +optional
-	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="portRef is immutable"
-	PortRef *KubernetesNameRef `json:"portRef,omitempty"`
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="vipPortRef is immutable"
+	VIPPortRef *KubernetesNameRef `json:"vipPortRef,omitempty"`
 
 	// flavorRef is a reference to the ORC Flavor which this resource is associated with.
 	// +optional
@@ -54,13 +70,33 @@ type LoadBalancerResourceSpec struct {
 	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="projectRef is immutable"
 	ProjectRef *KubernetesNameRef `json:"projectRef,omitempty"`
 
-	// TODO(scaffolding): Add more types.
-	// To see what is supported, you can take inspiration from the CreateOpts structure from
-	// github.com/gophercloud/gophercloud/v2/openstack/loadbalancer/v2/loadbalancers
-	//
-	// Until you have implemented mutability for the field, you must add a CEL validation
-	// preventing the field being modified:
-	// `// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="<fieldname> is immutable"`
+	// adminStateUp is the administrative state of the load balancer, which is up (true) or down (false)
+	// +optional
+	AdminStateUp *bool `json:"adminStateUp,omitempty"`
+
+	// availabilityZone is the availability zone in which to create the load balancer.
+	// +kubebuilder:validation:MaxLength=255
+	// +optional
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="availabilityZone is immutable"
+	AvailabilityZone string `json:"availabilityZone,omitempty"`
+
+	// provider is the name of the load balancer provider.
+	// +kubebuilder:validation:MaxLength=255
+	// +optional
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="provider is immutable"
+	Provider string `json:"provider,omitempty"`
+
+	// vipAddress is the specific IP address to use for the VIP (optional).
+	// If not specified, one is allocated automatically from the subnet.
+	// +optional
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf",message="vipAddress is immutable"
+	VIPAddress *IPvAny `json:"vipAddress,omitempty"`
+
+	// tags is a list of tags which will be applied to the load balancer.
+	// +kubebuilder:validation:MaxItems:=64
+	// +listType=set
+	// +optional
+	Tags []LoadBalancerTag `json:"tags,omitempty"`
 }
 
 // LoadBalancerFilter defines an existing resource by its properties
@@ -76,25 +112,66 @@ type LoadBalancerFilter struct {
 	// +optional
 	Description *string `json:"description,omitempty"`
 
-	// vipNetworkRef is a reference to the ORC VipNetwork which this resource is associated with.
+	// projectRef is a reference to the ORC Project this resource is associated with.
+	// Typically, only used by admin.
+	// +optional
+	ProjectRef *KubernetesNameRef `json:"projectRef,omitempty"`
+
+	// vipSubnetRef filters by the subnet on which the load balancer's address is allocated.
 	// +optional
-	VipNetworkRef *KubernetesNameRef `json:"vipNetworkRef,omitempty"`
+	VIPSubnetRef *KubernetesNameRef `json:"vipSubnetRef,omitempty"`
 
-	// projectRef is a reference to the ORC Project which this resource is associated with.
+	// vipNetworkRef filters by the network on which the load balancer's address is allocated.
 	// +optional
-	ProjectRef *KubernetesNameRef `json:"projectRef,omitempty"`
+	VIPNetworkRef *KubernetesNameRef `json:"vipNetworkRef,omitempty"`
+
+	// vipPortRef filters by the neutron port used for the VIP.
+	// +optional
+	VIPPortRef *KubernetesNameRef `json:"vipPortRef,omitempty"`
 
-	// vipSubnetRef is a reference to the ORC VipSubnet which this resource is associated with.
+	// availabilityZone is the availability zone in which to create the load balancer.
+	// +kubebuilder:validation:MaxLength=255
 	// +optional
-	VipSubnetRef *KubernetesNameRef `json:"vipSubnetRef,omitempty"`
+	AvailabilityZone string `json:"availabilityZone,omitempty"`
 
-	// vipPortRef is a reference to the ORC VipPort which this resource is associated with.
+	// provider filters by the name of the load balancer provider.
+	// +kubebuilder:validation:MaxLength=255
 	// +optional
-	VipPortRef *KubernetesNameRef `json:"vipPortRef,omitempty"`
+	Provider string `json:"provider,omitempty"`
 
-	// TODO(scaffolding): Add more types.
-	// To see what is supported, you can take inspiration from the ListOpts structure from
-	// github.com/gophercloud/gophercloud/v2/openstack/loadbalancer/v2/loadbalancers
+	// vipAddress filters by the IP address of the load balancer's VIP.
+	// +kubebuilder:validation:MaxLength=64
+	// +optional
+	VIPAddress string `json:"vipAddress,omitempty"`
+
+	// tags is a list of tags to filter by. If specified, the resource must
+	// have all of the tags specified to be included in the result.
+	// +listType=set
+	// +optional
+	// +kubebuilder:validation:MaxItems:=64
+	Tags []LoadBalancerTag `json:"tags,omitempty"`
+
+	// tagsAny is a list of tags to filter by. If specified, the resource
+	// must have at least one of the tags specified to be included in the
+	// result.
+	// +listType=set
+	// +optional
+	// +kubebuilder:validation:MaxItems:=64
+	TagsAny []LoadBalancerTag `json:"tagsAny,omitempty"`
+
+	// notTags is a list of tags to filter by. If specified, resources which
+	// contain all of the given tags will be excluded from the result.
+	// +listType=set
+	// +optional
+	// +kubebuilder:validation:MaxItems:=64
+	NotTags []LoadBalancerTag `json:"notTags,omitempty"`
+
+	// notTagsAny is a list of tags to filter by. If specified, resources
+	// which contain any of the given tags will be excluded from the result.
+	// +listType=set
+	// +optional
+	// +kubebuilder:validation:MaxItems:=64
+	NotTagsAny []LoadBalancerTag `json:"notTagsAny,omitempty"`
 }
 
 // LoadBalancerResourceStatus represents the observed state of the resource.
@@ -109,20 +186,20 @@ type LoadBalancerResourceStatus struct {
 	// +optional
 	Description string `json:"description,omitempty"`
 
-	// subnetID is the ID of the Subnet to which the resource is associated.
+	// vipSubnetID is the ID of the Subnet to which the resource is associated.
 	// +kubebuilder:validation:MaxLength=1024
 	// +optional
-	SubnetID string `json:"subnetID,omitempty"`
+	VIPSubnetID string `json:"vipSubnetID,omitempty"`
 
-	// networkID is the ID of the Network to which the resource is associated.
+	// vipNetworkID is the ID of the Network to which the resource is associated.
 	// +kubebuilder:validation:MaxLength=1024
 	// +optional
-	NetworkID string `json:"networkID,omitempty"`
+	VIPNetworkID string `json:"vipNetworkID,omitempty"`
 
-	// portID is the ID of the Port to which the resource is associated.
+	// vipPortID is the ID of the Port to which the resource is associated.
 	// +kubebuilder:validation:MaxLength=1024
 	// +optional
-	PortID string `json:"portID,omitempty"`
+	VIPPortID string `json:"vipPortID,omitempty"`
 
 	// flavorID is the ID of the Flavor to which the resource is associated.
 	// +kubebuilder:validation:MaxLength=1024
@@ -134,7 +211,42 @@ type LoadBalancerResourceStatus struct {
 	// +optional
 	ProjectID string `json:"projectID,omitempty"`
 
-	// TODO(scaffolding): Add more types.
-	// To see what is supported, you can take inspiration from the LoadBalancer structure from
-	// github.com/gophercloud/gophercloud/v2/openstack/loadbalancer/v2/loadbalancers
+	// adminStateUp is the administrative state of the load balancer,
+	// which is up (true) or down (false).
+	// +optional
+	AdminStateUp *bool `json:"adminStateUp,omitempty"`
+
+	// tags is the list of tags on the resource.
+	// +listType=atomic
+	// +optional
+	// +kubebuilder:validation:MaxItems:=64
+	// +kubebuilder:validation:items:MaxLength=255
+	Tags []string `json:"tags,omitempty"`
+
+	// availabilityZone is the availability zone where the load balancer is located.
+	// +kubebuilder:validation:MaxLength=1024
+	// +optional
+	AvailabilityZone string `json:"availabilityZone,omitempty"`
+
+	// provisioningStatus is the provisioning status of the load balancer.
+	// This value is ACTIVE, PENDING_CREATE or ERROR.
+	// +kubebuilder:validation:MaxLength=1024
+	// +optional
+	ProvisioningStatus string `json:"provisioningStatus,omitempty"`
+
+	// operatingStatus is the operating status of the load balancer,
+	// such as ONLINE or OFFLINE.
+	// +kubebuilder:validation:MaxLength=1024
+	// +optional
+	OperatingStatus string `json:"operatingStatus,omitempty"`
+
+	// provider is the name of the load balancer provider.
+	// +kubebuilder:validation:MaxLength=1024
+	// +optional
+	Provider string `json:"provider,omitempty"`
+
+	// vipAddress is the IP address of the load balancer's VIP.
+	// +optional
+	// +kubebuilder:validation:MaxLength=64
+	VIPAddress string `json:"vipAddress,omitempty"`
 }