From 1ada39a71d5c810f71032bfb06131e4dbca9a9fc Mon Sep 17 00:00:00 2001 From: John Howard Date: Tue, 26 May 2026 11:44:35 -0700 Subject: [PATCH 1/8] router: add pluggable networking providers --- .../internal/app/router/agentgateway.go | 141 ++++++++++ cmd/atenet/internal/app/router/controller.go | 25 +- cmd/atenet/internal/app/router/dashboard.html | 16 +- cmd/atenet/internal/app/router/envoy.go | 118 ++++++++ cmd/atenet/internal/app/router/envoyrunner.go | 258 ------------------ cmd/atenet/internal/app/router/health.go | 74 ++--- cmd/atenet/internal/app/router/provider.go | 102 +++++++ cmd/atenet/internal/app/router/proxyrunner.go | 183 +++++++++++++ cmd/atenet/internal/app/router/router.go | 80 +++--- cmd/atenet/internal/app/router/status.go | 2 + hack/install-ate.sh | 72 ++++- .../atenet-router-agentgateway.yaml | 197 +++++++++++++ manifests/ate-install/atenet-router.yaml | 4 +- .../base-agentgateway/kustomization.yaml | 25 ++ manifests/ate-install/base/kustomization.yaml | 25 ++ .../kind-agentgateway/kustomization.yaml | 43 +++ 16 files changed, 1008 insertions(+), 357 deletions(-) create mode 100644 cmd/atenet/internal/app/router/agentgateway.go create mode 100644 cmd/atenet/internal/app/router/envoy.go delete mode 100644 cmd/atenet/internal/app/router/envoyrunner.go create mode 100644 cmd/atenet/internal/app/router/provider.go create mode 100644 cmd/atenet/internal/app/router/proxyrunner.go create mode 100644 manifests/ate-install/atenet-router-agentgateway.yaml create mode 100644 manifests/ate-install/base-agentgateway/kustomization.yaml create mode 100644 manifests/ate-install/base/kustomization.yaml create mode 100644 manifests/ate-install/kind-agentgateway/kustomization.yaml diff --git a/cmd/atenet/internal/app/router/agentgateway.go b/cmd/atenet/internal/app/router/agentgateway.go new file mode 100644 index 00000000..04c3b09d --- /dev/null +++ b/cmd/atenet/internal/app/router/agentgateway.go @@ -0,0 +1,141 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package router + +import ( + "context" + "fmt" + "strings" + + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/intstr" +) + +type agentgatewayProvider struct { + cfg RouterConfig +} + +func (p agentgatewayProvider) Name() string { + return NetworkingModeAgentgateway +} + +func (p agentgatewayProvider) RequiresXDS() bool { + return false +} + +func (p agentgatewayProvider) ConfigMapData() map[string]string { + return map[string]string{"config.yaml": p.localConfig()} +} + +func (p agentgatewayProvider) Container() corev1.Container { + ports := []corev1.ContainerPort{ + {Name: "http", ContainerPort: int32(p.cfg.HttpPort)}, + {Name: "readiness", ContainerPort: 15021}, + {Name: "metrics", ContainerPort: 15020}, + } + if p.cfg.HttpsPort > 0 && tlsCertPath(p.cfg) != "" { + ports = append(ports, corev1.ContainerPort{Name: "https", ContainerPort: int32(p.cfg.HttpsPort)}) + } + + return corev1.Container{ + Name: "agentgateway", + Image: p.cfg.AgentgatewayImage, + Args: []string{"-f", "/etc/agentgateway/config.yaml"}, + Ports: ports, + VolumeMounts: []corev1.VolumeMount{ + {Name: "proxy-config", MountPath: "/etc/agentgateway"}, + }, + ReadinessProbe: &corev1.Probe{ + ProbeHandler: corev1.ProbeHandler{ + HTTPGet: &corev1.HTTPGetAction{ + Path: "/healthz/ready", + Port: intstr.FromInt32(15021), + }, + }, + PeriodSeconds: 10, + }, + } +} + +func (p agentgatewayProvider) ServicePorts() []corev1.ServicePort { + ports := []corev1.ServicePort{ + {Name: "http", Port: int32(p.cfg.HttpPort), TargetPort: intstr.FromString("http")}, + } + if p.cfg.HttpsPort > 0 && tlsCertPath(p.cfg) != "" { + ports = append(ports, corev1.ServicePort{Name: "https", Port: int32(p.cfg.HttpsPort), TargetPort: intstr.FromString("https")}) + } + return ports +} + +func (p agentgatewayProvider) CheckReady(ctx context.Context) (bool, string) { + return checkHTTPReady(ctx, "http://127.0.0.1:15021/healthz/ready", "") +} + +func (p agentgatewayProvider) localConfig() string { + httpRoute := p.routeBlock("substrate-http") + config := fmt.Sprintf(`# yaml-language-server: $schema=https://agentgateway.dev/schema/config +config: + adminAddr: "127.0.0.1:15000" + readinessAddr: "0.0.0.0:15021" + statsAddr: "0.0.0.0:15020" +binds: +- port: %d + listeners: + - name: http + protocol: HTTP + routes: +%s`, p.cfg.HttpPort, indent(httpRoute, 4)) + + if p.cfg.HttpsPort > 0 && tlsCertPath(p.cfg) != "" { + cert := tlsCertPath(p.cfg) + key := tlsKeyPath(p.cfg) + config += fmt.Sprintf(`- port: %d + listeners: + - name: https + protocol: HTTPS + tls: + cert: %q + key: %q + routes: +%s`, p.cfg.HttpsPort, cert, key, indent(p.routeBlock("substrate-https"), 4)) + } + + return config +} + +func (p agentgatewayProvider) routeBlock(name string) string { + return fmt.Sprintf(`- name: %s + matches: + - path: + pathPrefix: / + policies: + extProc: + host: %q + failureMode: failClosed + backends: + - dynamic: {} +`, name, fmt.Sprintf("%s:%d", p.cfg.ExtprocAddr, p.cfg.ExtprocPort)) +} + +func indent(s string, spaces int) string { + prefix := strings.Repeat(" ", spaces) + lines := strings.Split(s, "\n") + for i, line := range lines { + if line != "" { + lines[i] = prefix + line + } + } + return strings.Join(lines, "\n") +} diff --git a/cmd/atenet/internal/app/router/controller.go b/cmd/atenet/internal/app/router/controller.go index 055751fb..5701666b 100644 --- a/cmd/atenet/internal/app/router/controller.go +++ b/cmd/atenet/internal/app/router/controller.go @@ -31,9 +31,10 @@ type Controller struct { cfg RouterConfig xdsSrv *XdsServer extprocSrv *ExtProcServer + provider proxyProvider atStore atStore - envoyRunner *envoyrunner + proxyRunner *proxyrunner } func NewController( @@ -42,8 +43,11 @@ func NewController( cfg RouterConfig, xdsSrv *XdsServer, extprocSrv *ExtProcServer, + provider proxyProvider, ) *Controller { - xdsSrv.SetConfig(cfg.HttpPort, cfg.ExtprocPort, cfg.ExtprocAddr) + if xdsSrv != nil { + xdsSrv.SetConfig(cfg.HttpPort, cfg.ExtprocPort, cfg.ExtprocAddr) + } var store atStore if cfg.TemplatesFile != "" { @@ -58,9 +62,10 @@ func NewController( cfg: cfg, xdsSrv: xdsSrv, extprocSrv: extprocSrv, + provider: provider, atStore: store, - envoyRunner: newEnvoyRunner(k8sClient, cfg), + proxyRunner: newProxyRunner(k8sClient, cfg, provider), } } @@ -92,16 +97,18 @@ func (c *Controller) reconcile(ctx context.Context) error { return err } - if err := c.xdsSrv.UpdateSnapshot(); err != nil { - slog.ErrorContext(ctx, "xDS Configuration generation problem", slog.String("err", err.Error())) - return err + if c.provider.RequiresXDS() { + if err := c.xdsSrv.UpdateSnapshot(); err != nil { + slog.ErrorContext(ctx, "xDS Configuration generation problem", slog.String("err", err.Error())) + return err + } } if !c.cfg.Standalone && c.cfg.TemplatesFile == "" { - // Reconcile Envoy router Deployment and Kubernetes cluster entities - err := c.envoyRunner.reconcile(ctx) + // Reconcile router proxy Deployment and Kubernetes cluster entities. + err := c.proxyRunner.reconcile(ctx) if err != nil { - slog.ErrorContext(ctx, "Error during Envoy router reconciliation", slog.String("err", err.Error())) + slog.ErrorContext(ctx, "Error during router proxy reconciliation", slog.String("err", err.Error())) return err } } diff --git a/cmd/atenet/internal/app/router/dashboard.html b/cmd/atenet/internal/app/router/dashboard.html index 083d0d01..50d00ef1 100644 --- a/cmd/atenet/internal/app/router/dashboard.html +++ b/cmd/atenet/internal/app/router/dashboard.html @@ -252,12 +252,16 @@

atenet Router Status

Namespace Context {{ .Namespace }} +
+ Networking Mode + {{ .NetworkingMode }} +
Component Network Allocation
- Workload Port (Http Envoy) + Workload HTTP Port {{ .HttpPort }}
@@ -278,8 +282,8 @@

atenet Router Status

System Component Health Checks
- Envoy Health - {{ if .Health.Envoy.Healthy }} + Proxy Health ({{ .Health.Provider }}) + {{ if .Health.Proxy.Healthy }} Healthy {{ else }} Degraded @@ -287,11 +291,11 @@

atenet Router Status

Message / Err: - {{ .Health.Envoy.Message }} + {{ .Health.Proxy.Message }}
- Ok: {{ .Health.Envoy.SuccessCount }} | Err: {{ .Health.Envoy.FailureCount }} - LKG: {{ if not .Health.Envoy.LastSuccess.IsZero }}{{ .Health.Envoy.LastSuccess.Format "15:04:05" }}{{ else }}N/A{{ end }} + Ok: {{ .Health.Proxy.SuccessCount }} | Err: {{ .Health.Proxy.FailureCount }} + LKG: {{ if not .Health.Proxy.LastSuccess.IsZero }}{{ .Health.Proxy.LastSuccess.Format "15:04:05" }}{{ else }}N/A{{ end }}
diff --git a/cmd/atenet/internal/app/router/envoy.go b/cmd/atenet/internal/app/router/envoy.go new file mode 100644 index 00000000..88ec9536 --- /dev/null +++ b/cmd/atenet/internal/app/router/envoy.go @@ -0,0 +1,118 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package router + +import ( + "context" + "fmt" + + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/intstr" +) + +type envoyProvider struct { + cfg RouterConfig +} + +func (p envoyProvider) Name() string { + return NetworkingModeEnvoy +} + +func (p envoyProvider) RequiresXDS() bool { + return true +} + +func (p envoyProvider) ConfigMapData() map[string]string { + envoyYaml := fmt.Sprintf(`admin: + address: + socket_address: + address: 0.0.0.0 + port_value: 9901 + +node: + id: %s + cluster: substrate-router-cluster + +dynamic_resources: + lds_config: + resource_api_version: V3 + ads: {} + cds_config: + resource_api_version: V3 + ads: {} + ads_config: + api_type: GRPC + transport_api_version: V3 + grpc_services: + - envoy_grpc: + cluster_name: xds_cluster + +static_resources: + clusters: + - name: xds_cluster + connect_timeout: 0.25s + type: STRICT_DNS + lb_policy: ROUND_ROBIN + typed_extension_protocol_options: + envoy.extensions.upstreams.http.v3.HttpProtocolOptions: + "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions + explicit_http_config: + http2_protocol_options: {} + load_assignment: + cluster_name: xds_cluster + endpoints: + - lb_endpoints: + - endpoint: + address: + socket_address: + address: atenet-router + port_value: %d +`, NodeID, p.cfg.XdsPort) + + return map[string]string{"envoy.yaml": envoyYaml} +} + +func (p envoyProvider) Container() corev1.Container { + return corev1.Container{ + Name: "envoy", + Image: p.cfg.EnvoyImage, + Command: []string{ + "/usr/local/bin/envoy", + "-c", + "/etc/envoy/envoy.yaml", + "--component-log-level", + "upstream:debug,router:debug,ext_proc:debug", + }, + Ports: []corev1.ContainerPort{ + {Name: "http", ContainerPort: int32(p.cfg.HttpPort)}, + {Name: "https", ContainerPort: int32(p.cfg.HttpsPort)}, + {Name: "admin", ContainerPort: 9901}, + }, + VolumeMounts: []corev1.VolumeMount{ + {Name: "proxy-config", MountPath: "/etc/envoy"}, + }, + } +} + +func (p envoyProvider) ServicePorts() []corev1.ServicePort { + return []corev1.ServicePort{ + {Name: "http", Port: int32(p.cfg.HttpPort), TargetPort: intstr.FromString("http")}, + {Name: "https", Port: int32(p.cfg.HttpsPort), TargetPort: intstr.FromString("https")}, + } +} + +func (p envoyProvider) CheckReady(ctx context.Context) (bool, string) { + return checkHTTPReady(ctx, "http://127.0.0.1:9901/ready", "LIVE") +} diff --git a/cmd/atenet/internal/app/router/envoyrunner.go b/cmd/atenet/internal/app/router/envoyrunner.go deleted file mode 100644 index 8d38be29..00000000 --- a/cmd/atenet/internal/app/router/envoyrunner.go +++ /dev/null @@ -1,258 +0,0 @@ -// Copyright 2026 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package router - -import ( - "context" - "fmt" - "log/slog" - - appsv1 "k8s.io/api/apps/v1" - corev1 "k8s.io/api/core/v1" - k8serrors "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/util/intstr" - "sigs.k8s.io/controller-runtime/pkg/client" -) - -const ( - EnvoyDeploymentName = "atenet-router-envoy" - EnvoyServiceName = "atenet-router-envoy" - EnvoyConfigMapName = "atenet-router-envoy-config" -) - -// envoyrunner manages the dynamic deployment and lifecycle of the underlying -// Envoy proxy instance running inside Kubernetes. -type envoyrunner struct { - k8sClient client.Client - cfg RouterConfig -} - -func newEnvoyRunner(k8sClient client.Client, cfg RouterConfig) *envoyrunner { - return &envoyrunner{ - k8sClient: k8sClient, - cfg: cfg, - } -} - -func (r *envoyrunner) reconcile(ctx context.Context) error { - if err := r.reconcileEnvoyConfigMap(ctx); err != nil { - return fmt.Errorf("failed configmap reconciliation: %w", err) - } - - if err := r.reconcileEnvoyDeployment(ctx); err != nil { - return fmt.Errorf("failed deployment reconciliation: %w", err) - } - - if err := r.reconcileEnvoyService(ctx); err != nil { - return fmt.Errorf("failed service reconciliation: %w", err) - } - - return nil -} - -func (r *envoyrunner) reconcileEnvoyConfigMap(ctx context.Context) error { - envoyYaml := fmt.Sprintf(`admin: - address: - socket_address: - address: 0.0.0.0 - port_value: 9901 - -node: - id: %s - cluster: substrate-router-cluster - -dynamic_resources: - lds_config: - resource_api_version: V3 - ads: {} - cds_config: - resource_api_version: V3 - ads: {} - ads_config: - api_type: GRPC - transport_api_version: V3 - grpc_services: - - envoy_grpc: - cluster_name: xds_cluster - -static_resources: - clusters: - - name: xds_cluster - connect_timeout: 0.25s - type: STRICT_DNS - lb_policy: ROUND_ROBIN - typed_extension_protocol_options: - envoy.extensions.upstreams.http.v3.HttpProtocolOptions: - "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions - explicit_http_config: - http2_protocol_options: {} - load_assignment: - cluster_name: xds_cluster - endpoints: - - lb_endpoints: - - endpoint: - address: - socket_address: - address: atenet-router - port_value: %d -`, NodeID, r.cfg.XdsPort) - - cm := &corev1.ConfigMap{ - ObjectMeta: metav1.ObjectMeta{ - Name: EnvoyConfigMapName, - Namespace: r.cfg.Namespace, - }, - Data: map[string]string{ - "envoy.yaml": envoyYaml, - }, - } - - var existing corev1.ConfigMap - err := r.k8sClient.Get(ctx, client.ObjectKey{Namespace: r.cfg.Namespace, Name: EnvoyConfigMapName}, &existing) - if err != nil { - if k8serrors.IsNotFound(err) { - slog.InfoContext(ctx, "Creating Envoy bootstrap ConfigMap", - slog.String("namespace", r.cfg.Namespace), - slog.String("name", EnvoyConfigMapName)) - return r.k8sClient.Create(ctx, cm) - } - return err - } - - existing.Data = cm.Data - return r.k8sClient.Update(ctx, &existing) -} - -func (r *envoyrunner) reconcileEnvoyDeployment(ctx context.Context) error { - replicas := int32(1) - - dep := &appsv1.Deployment{ - ObjectMeta: metav1.ObjectMeta{ - Name: EnvoyDeploymentName, - Namespace: r.cfg.Namespace, - Labels: map[string]string{ - "app": "atenet-router-envoy", - }, - }, - Spec: appsv1.DeploymentSpec{ - Replicas: &replicas, - Selector: &metav1.LabelSelector{ - MatchLabels: map[string]string{ - "app": "atenet-router-envoy", - }, - }, - Template: corev1.PodTemplateSpec{ - ObjectMeta: metav1.ObjectMeta{ - Labels: map[string]string{ - "app": "atenet-router-envoy", - }, - }, - Spec: corev1.PodSpec{ - Containers: []corev1.Container{ - { - Name: "envoy", - Image: r.cfg.EnvoyImage, - Command: []string{ - "/usr/local/bin/envoy", - "-c", - "/etc/envoy/envoy.yaml", - "--component-log-level", - "upstream:debug,router:debug,ext_proc:debug", - }, - Ports: []corev1.ContainerPort{ - { - Name: "http", - ContainerPort: int32(r.cfg.HttpPort), - }, - { - Name: "admin", - ContainerPort: 9901, - }, - }, - VolumeMounts: []corev1.VolumeMount{ - { - Name: "envoy-config", - MountPath: "/etc/envoy", - }, - }, - }, - }, - Volumes: []corev1.Volume{ - { - Name: "envoy-config", - VolumeSource: corev1.VolumeSource{ - ConfigMap: &corev1.ConfigMapVolumeSource{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: EnvoyConfigMapName, - }, - }, - }, - }, - }, - }, - }, - }, - } - - var existing appsv1.Deployment - err := r.k8sClient.Get(ctx, client.ObjectKey{Namespace: r.cfg.Namespace, Name: EnvoyDeploymentName}, &existing) - if err != nil { - if k8serrors.IsNotFound(err) { - slog.InfoContext(ctx, "Creating managed Envoy router Deployment", slog.String("namespace", r.cfg.Namespace)) - return r.k8sClient.Create(ctx, dep) - } - return err - } - - existing.Spec = dep.Spec - return r.k8sClient.Update(ctx, &existing) -} - -func (r *envoyrunner) reconcileEnvoyService(ctx context.Context) error { - svc := &corev1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Name: EnvoyServiceName, - Namespace: r.cfg.Namespace, - }, - Spec: corev1.ServiceSpec{ - Type: corev1.ServiceTypeClusterIP, - Selector: map[string]string{ - "app": "atenet-router-envoy", - }, - Ports: []corev1.ServicePort{ - { - Name: "http", - Port: int32(r.cfg.HttpPort), - TargetPort: intstr.FromString("http"), - }, - }, - }, - } - - var existing corev1.Service - err := r.k8sClient.Get(ctx, client.ObjectKey{Namespace: r.cfg.Namespace, Name: EnvoyServiceName}, &existing) - if err != nil { - if k8serrors.IsNotFound(err) { - slog.InfoContext(ctx, "Creating managed Envoy router ClusterIP service", slog.String("namespace", r.cfg.Namespace)) - return r.k8sClient.Create(ctx, svc) - } - return err - } - - existing.Spec.Ports = svc.Spec.Ports - existing.Spec.Selector = svc.Spec.Selector - return r.k8sClient.Update(ctx, &existing) -} diff --git a/cmd/atenet/internal/app/router/health.go b/cmd/atenet/internal/app/router/health.go index 5d8d9449..e743cd06 100644 --- a/cmd/atenet/internal/app/router/health.go +++ b/cmd/atenet/internal/app/router/health.go @@ -17,10 +17,7 @@ package router import ( "context" "fmt" - "io" "log/slog" - "net/http" - "strings" "sync" "time" @@ -38,9 +35,10 @@ type ComponentHealth struct { } type RouterHealthReport struct { - Envoy ComponentHealth `json:"envoy"` - K8sAPI ComponentHealth `json:"k8s_api"` - AteAPI ComponentHealth `json:"ate_api"` + Proxy ComponentHealth `json:"proxy"` + Provider string `json:"provider"` + K8sAPI ComponentHealth `json:"k8s_api"` + AteAPI ComponentHealth `json:"ate_api"` } // routerHealth periodically checks the dependent services of router to track health @@ -54,9 +52,10 @@ type routerHealth struct { clientset kubernetes.Interface apiClient ateapipb.ControlClient cfg RouterConfig + provider proxyProvider } -func newRouterHealth(interval time.Duration, clientset kubernetes.Interface, apiClient ateapipb.ControlClient, cfg RouterConfig) *routerHealth { +func newRouterHealth(interval time.Duration, clientset kubernetes.Interface, apiClient ateapipb.ControlClient, cfg RouterConfig, provider proxyProvider) *routerHealth { if interval <= 0 { interval = time.Second } @@ -65,6 +64,7 @@ func newRouterHealth(interval time.Duration, clientset kubernetes.Interface, api clientset: clientset, apiClient: apiClient, cfg: cfg, + provider: provider, } } @@ -91,20 +91,25 @@ func (rh *routerHealth) check(ctx context.Context) { slog.InfoContext(ctx, "Checking health") - // 1. Check Envoy + // 1. Check configured proxy { - healthy, msg := rh.checkEnvoy(ctx) + providerName := "" + if rh.provider != nil { + providerName = rh.provider.Name() + rh.report.Provider = providerName + } + healthy, msg := rh.checkProxy(ctx) if healthy { - rh.report.Envoy.Healthy = true - rh.report.Envoy.Message = msg - rh.report.Envoy.LastSuccess = time.Now() - rh.report.Envoy.SuccessCount++ + rh.report.Proxy.Healthy = true + rh.report.Proxy.Message = msg + rh.report.Proxy.LastSuccess = time.Now() + rh.report.Proxy.SuccessCount++ } else { - rh.report.Envoy.Healthy = false - rh.report.Envoy.Message = msg - rh.report.Envoy.LastFailure = time.Now() - rh.report.Envoy.FailureCount++ - slog.ErrorContext(ctx, "Envoy health check failed", slog.String("msg", msg)) + rh.report.Proxy.Healthy = false + rh.report.Proxy.Message = msg + rh.report.Proxy.LastFailure = time.Now() + rh.report.Proxy.FailureCount++ + slog.ErrorContext(ctx, "Proxy health check failed", slog.String("provider", providerName), slog.String("msg", msg)) } } @@ -143,36 +148,11 @@ func (rh *routerHealth) check(ctx context.Context) { } } -func (rh *routerHealth) checkEnvoy(ctx context.Context) (bool, string) { - timeoutCtx, cancel := context.WithTimeout(ctx, 500*time.Millisecond) - defer cancel() - - req, err := http.NewRequestWithContext(timeoutCtx, "GET", "http://127.0.0.1:9901/ready", nil) - if err != nil { - return false, err.Error() - } - - resp, err := http.DefaultClient.Do(req) - if err != nil { - return false, err.Error() +func (rh *routerHealth) checkProxy(ctx context.Context) (bool, string) { + if rh.provider == nil { + return false, "No proxy provider" } - defer resp.Body.Close() - - if resp.StatusCode != http.StatusOK { - return false, fmt.Sprintf("unexpected status code %d", resp.StatusCode) - } - - bodyBytes, err := io.ReadAll(resp.Body) - if err != nil { - return false, err.Error() - } - - bodyStr := strings.TrimSpace(string(bodyBytes)) - if bodyStr != "LIVE" { - return false, fmt.Sprintf("expected LIVE but got %q", bodyStr) - } - - return true, "LIVE" + return rh.provider.CheckReady(ctx) } func (rh *routerHealth) checkK8s() (bool, string) { diff --git a/cmd/atenet/internal/app/router/provider.go b/cmd/atenet/internal/app/router/provider.go new file mode 100644 index 00000000..ccd68cf7 --- /dev/null +++ b/cmd/atenet/internal/app/router/provider.go @@ -0,0 +1,102 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package router + +import ( + "context" + "fmt" + "io" + "net/http" + "strings" + "time" + + corev1 "k8s.io/api/core/v1" +) + +const ( + NetworkingModeEnvoy = "envoy" + NetworkingModeAgentgateway = "agentgateway" +) + +// proxyProvider owns proxy-specific configuration and runtime details. The +// Substrate router keeps actor lookup and ext_proc behavior shared above this +// provider boundary. +type proxyProvider interface { + Name() string + RequiresXDS() bool + ConfigMapData() map[string]string + Container() corev1.Container + ServicePorts() []corev1.ServicePort + CheckReady(ctx context.Context) (bool, string) +} + +func newProxyProvider(cfg RouterConfig) (proxyProvider, error) { + switch strings.ToLower(cfg.NetworkingMode) { + case "", NetworkingModeEnvoy: + return envoyProvider{cfg: cfg}, nil + case NetworkingModeAgentgateway: + return agentgatewayProvider{cfg: cfg}, nil + default: + return nil, fmt.Errorf("unsupported networking mode %q", cfg.NetworkingMode) + } +} + +func tlsCertPath(cfg RouterConfig) string { + return cfg.TLSCertPath +} + +func tlsKeyPath(cfg RouterConfig) string { + if cfg.TLSKeyPath != "" { + return cfg.TLSKeyPath + } + if cfg.TLSCertPath != "" { + return cfg.TLSCertPath + } + return "" +} + +func checkHTTPReady(ctx context.Context, url string, expectedBody string) (bool, string) { + timeoutCtx, cancel := context.WithTimeout(ctx, 500*time.Millisecond) + defer cancel() + + req, err := http.NewRequestWithContext(timeoutCtx, "GET", url, nil) + if err != nil { + return false, err.Error() + } + + resp, err := http.DefaultClient.Do(req) + if err != nil { + return false, err.Error() + } + defer resp.Body.Close() + + if resp.StatusCode != http.StatusOK { + return false, fmt.Sprintf("unexpected status code %d", resp.StatusCode) + } + + bodyBytes, err := io.ReadAll(resp.Body) + if err != nil { + return false, err.Error() + } + + bodyStr := strings.TrimSpace(string(bodyBytes)) + if expectedBody != "" && bodyStr != expectedBody { + return false, fmt.Sprintf("expected %s but got %q", expectedBody, bodyStr) + } + if bodyStr == "" { + return true, "ready" + } + return true, bodyStr +} diff --git a/cmd/atenet/internal/app/router/proxyrunner.go b/cmd/atenet/internal/app/router/proxyrunner.go new file mode 100644 index 00000000..d55913f1 --- /dev/null +++ b/cmd/atenet/internal/app/router/proxyrunner.go @@ -0,0 +1,183 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package router + +import ( + "context" + "fmt" + "log/slog" + + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +const ( + ProxyDeploymentName = "atenet-router-proxy" + ProxyServiceName = "atenet-router-proxy" + ProxyConfigMapName = "atenet-router-proxy-config" +) + +// proxyrunner manages the dynamic deployment and lifecycle of the configured +// networking proxy instance running inside Kubernetes. +type proxyrunner struct { + k8sClient client.Client + cfg RouterConfig + provider proxyProvider +} + +func newProxyRunner(k8sClient client.Client, cfg RouterConfig, provider proxyProvider) *proxyrunner { + return &proxyrunner{ + k8sClient: k8sClient, + cfg: cfg, + provider: provider, + } +} + +func (r *proxyrunner) reconcile(ctx context.Context) error { + if err := r.reconcileProxyConfigMap(ctx); err != nil { + return fmt.Errorf("failed configmap reconciliation: %w", err) + } + + if err := r.reconcileProxyDeployment(ctx); err != nil { + return fmt.Errorf("failed deployment reconciliation: %w", err) + } + + if err := r.reconcileProxyService(ctx); err != nil { + return fmt.Errorf("failed service reconciliation: %w", err) + } + + return nil +} + +func (r *proxyrunner) reconcileProxyConfigMap(ctx context.Context) error { + cm := &corev1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: ProxyConfigMapName, + Namespace: r.cfg.Namespace, + }, + Data: r.provider.ConfigMapData(), + } + + var existing corev1.ConfigMap + err := r.k8sClient.Get(ctx, client.ObjectKey{Namespace: r.cfg.Namespace, Name: ProxyConfigMapName}, &existing) + if err != nil { + if k8serrors.IsNotFound(err) { + slog.InfoContext(ctx, "Creating proxy ConfigMap", + slog.String("namespace", r.cfg.Namespace), + slog.String("name", ProxyConfigMapName), + slog.String("provider", r.provider.Name())) + return r.k8sClient.Create(ctx, cm) + } + return err + } + + existing.Data = cm.Data + return r.k8sClient.Update(ctx, &existing) +} + +func (r *proxyrunner) reconcileProxyDeployment(ctx context.Context) error { + replicas := int32(1) + labels := map[string]string{ + "app": "atenet-router-proxy", + "substrate.ate.dev/proxy": r.provider.Name(), + "substrate.ate.dev/router": "atenet-router", + } + + dep := &appsv1.Deployment{ + ObjectMeta: metav1.ObjectMeta{ + Name: ProxyDeploymentName, + Namespace: r.cfg.Namespace, + Labels: labels, + }, + Spec: appsv1.DeploymentSpec{ + Replicas: &replicas, + Selector: &metav1.LabelSelector{ + MatchLabels: labels, + }, + Template: corev1.PodTemplateSpec{ + ObjectMeta: metav1.ObjectMeta{ + Labels: labels, + }, + Spec: corev1.PodSpec{ + Containers: []corev1.Container{r.provider.Container()}, + Volumes: []corev1.Volume{ + { + Name: "proxy-config", + VolumeSource: corev1.VolumeSource{ + ConfigMap: &corev1.ConfigMapVolumeSource{ + LocalObjectReference: corev1.LocalObjectReference{ + Name: ProxyConfigMapName, + }, + }, + }, + }, + }, + }, + }, + }, + } + + var existing appsv1.Deployment + err := r.k8sClient.Get(ctx, client.ObjectKey{Namespace: r.cfg.Namespace, Name: ProxyDeploymentName}, &existing) + if err != nil { + if k8serrors.IsNotFound(err) { + slog.InfoContext(ctx, "Creating managed router proxy Deployment", + slog.String("namespace", r.cfg.Namespace), + slog.String("provider", r.provider.Name())) + return r.k8sClient.Create(ctx, dep) + } + return err + } + + existing.Spec = dep.Spec + return r.k8sClient.Update(ctx, &existing) +} + +func (r *proxyrunner) reconcileProxyService(ctx context.Context) error { + svc := &corev1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Name: ProxyServiceName, + Namespace: r.cfg.Namespace, + }, + Spec: corev1.ServiceSpec{ + Type: corev1.ServiceTypeClusterIP, + Selector: map[string]string{ + "app": "atenet-router-proxy", + "substrate.ate.dev/proxy": r.provider.Name(), + "substrate.ate.dev/router": "atenet-router", + }, + Ports: r.provider.ServicePorts(), + }, + } + + var existing corev1.Service + err := r.k8sClient.Get(ctx, client.ObjectKey{Namespace: r.cfg.Namespace, Name: ProxyServiceName}, &existing) + if err != nil { + if k8serrors.IsNotFound(err) { + slog.InfoContext(ctx, "Creating managed router proxy ClusterIP service", + slog.String("namespace", r.cfg.Namespace), + slog.String("provider", r.provider.Name())) + return r.k8sClient.Create(ctx, svc) + } + return err + } + + existing.Spec.Ports = svc.Spec.Ports + existing.Spec.Selector = svc.Spec.Selector + return r.k8sClient.Update(ctx, &existing) +} diff --git a/cmd/atenet/internal/app/router/router.go b/cmd/atenet/internal/app/router/router.go index c85fe469..1c39e20b 100644 --- a/cmd/atenet/internal/app/router/router.go +++ b/cmd/atenet/internal/app/router/router.go @@ -61,21 +61,24 @@ func init() { // RouterConfig holds deployment setup and endpoint options for the router node instance. type RouterConfig struct { - Standalone bool - Namespace string - Kubeconfig string - AteapiAddr string - HttpPort int - XdsPort int - ExtprocPort int - ExtprocAddr string - EnvoyImage string - TemplatesFile string - StatusPort int - HealthInterval time.Duration - HttpsPort int - EnvoyCertPath string - LogLevel string + Standalone bool + Namespace string + Kubeconfig string + AteapiAddr string + HttpPort int + XdsPort int + ExtprocPort int + ExtprocAddr string + NetworkingMode string + EnvoyImage string + AgentgatewayImage string + TemplatesFile string + StatusPort int + HealthInterval time.Duration + HttpsPort int + TLSCertPath string + TLSKeyPath string + LogLevel string } // RouterServer instantiates and coordinates runtime threads executing system modules. @@ -140,17 +143,24 @@ func NewCmd() *cobra.Command { cmd.Flags().IntVar(&cfg.XdsPort, "port-xds", 18000, "TCP port listening for the xDS dynamic Envoy connections") cmd.Flags().IntVar(&cfg.ExtprocPort, "port-extproc", 50051, "Listen port for the Envoy dynamic External Processing (ext_proc) server") cmd.Flags().StringVar(&cfg.ExtprocAddr, "extproc-address", "127.0.0.1", "Host IP or address of the Envoy External Processing (ext_proc) server") + cmd.Flags().StringVar(&cfg.NetworkingMode, "networking-mode", NetworkingModeEnvoy, "Networking proxy mode: envoy or agentgateway") cmd.Flags().StringVar(&cfg.EnvoyImage, "envoy-image", "envoyproxy/envoy:v1.30-latest", "Image URI used for dynamically launched router instances") + cmd.Flags().StringVar(&cfg.AgentgatewayImage, "agentgateway-image", "cr.agentgateway.dev/agentgateway:v1.3.0-alpha.1", "Image URI used for Agentgateway router instances") cmd.Flags().StringVar(&cfg.TemplatesFile, "actor-templates-file", "", "Path to offline YAML configuration file listing ActorTemplates") cmd.Flags().IntVar(&cfg.StatusPort, "status-port", 4040, "Port to serve /statusz on (set <= 0 to disable serving status)") cmd.Flags().DurationVar(&cfg.HealthInterval, "health-interval", 1*time.Second, "Interval for checking health of dependent services") cmd.Flags().IntVar(&cfg.HttpsPort, "port-https", 8443, "TCP port for HTTPS workload traffic entering through the Envoy Router") - cmd.Flags().StringVar(&cfg.EnvoyCertPath, "envoy-cert-path", "", "Path to the Envoy certificate file (if empty, a self-signed cert will be generated for testing)") + cmd.Flags().StringVar(&cfg.TLSCertPath, "tls-cert-path", "", "Path to the proxy TLS certificate file") + cmd.Flags().StringVar(&cfg.TLSKeyPath, "tls-key-path", "", "Path to the proxy TLS private key file") return cmd } func NewRouterServer(cfg RouterConfig) (*RouterServer, error) { + if cfg.NetworkingMode == "" { + cfg.NetworkingMode = NetworkingModeEnvoy + } + var k8sClient client.Client var clientset kubernetes.Interface var err error @@ -211,26 +221,30 @@ func (s *RouterServer) Run(ctx context.Context) error { g, ctx := errgroup.WithContext(ctx) + provider, err := newProxyProvider(s.cfg) + if err != nil { + return err + } + xdsSrv := NewXdsServer(s.cfg.XdsPort) xdsSrv.SetConfig(s.cfg.HttpPort, s.cfg.ExtprocPort, s.cfg.ExtprocAddr) var certContent, keyContent string - if s.cfg.EnvoyCertPath == "" { - slog.InfoContext(ctx, "No Envoy certificate path provided, generating self-signed certificate for testing") - var err error + if provider.RequiresXDS() && tlsCertPath(s.cfg) == "" { + slog.InfoContext(ctx, "No proxy TLS certificate path provided, generating self-signed certificate for testing") certContent, keyContent, err = generateSelfSignedCert() if err != nil { return fmt.Errorf("failed to generate self-signed cert: %w", err) } } - xdsSrv.SetTlsConfig(s.cfg.HttpsPort, s.cfg.EnvoyCertPath, certContent, keyContent) + xdsSrv.SetTlsConfig(s.cfg.HttpsPort, tlsCertPath(s.cfg), certContent, keyContent) if s.extprocSrv == nil { s.extprocSrv = NewExtProcServer(s.cfg.ExtprocPort, s.apiClient) } - ctrl := NewController(s.k8sClient, s.clientset, s.cfg, xdsSrv, s.extprocSrv) + ctrl := NewController(s.k8sClient, s.clientset, s.cfg, xdsSrv, s.extprocSrv, provider) - s.health = newRouterHealth(s.cfg.HealthInterval, s.clientset, s.apiClient, s.cfg) + s.health = newRouterHealth(s.cfg.HealthInterval, s.clientset, s.apiClient, s.cfg, provider) // Start Controller / Watcher g.Go(func() error { @@ -245,17 +259,19 @@ func (s *RouterServer) Run(ctx context.Context) error { return nil }) - // Start xDS Server - g.Go(func() error { - slog.InfoContext(ctx, "Starting Envoy xDS Server", slog.Int("port", s.cfg.XdsPort)) - lis, err := net.Listen("tcp", fmt.Sprintf(":%d", s.cfg.XdsPort)) - if err != nil { - return fmt.Errorf("failed to listen on port %d: %w", s.cfg.XdsPort, err) - } - defer lis.Close() + if provider.RequiresXDS() { + // Start xDS Server + g.Go(func() error { + slog.InfoContext(ctx, "Starting xDS Server", slog.Int("port", s.cfg.XdsPort), slog.String("provider", provider.Name())) + lis, err := net.Listen("tcp", fmt.Sprintf(":%d", s.cfg.XdsPort)) + if err != nil { + return fmt.Errorf("failed to listen on port %d: %w", s.cfg.XdsPort, err) + } + defer lis.Close() - return xdsSrv.Serve(ctx, lis) - }) + return xdsSrv.Serve(ctx, lis) + }) + } // Start ExtProc Server g.Go(func() error { diff --git a/cmd/atenet/internal/app/router/status.go b/cmd/atenet/internal/app/router/status.go index c8e8be55..da642f56 100644 --- a/cmd/atenet/internal/app/router/status.go +++ b/cmd/atenet/internal/app/router/status.go @@ -131,6 +131,7 @@ type DashboardContext struct { BuildTag string `json:"build_tag"` RouterClusterIP string `json:"router_cluster_ip"` Namespace string `json:"namespace"` + NetworkingMode string `json:"networking_mode"` HttpPort int `json:"port_http"` XdsPort int `json:"port_xds"` ExtprocPort int `json:"port_extproc"` @@ -238,6 +239,7 @@ func (s *RouterServer) handleStatusz(w http.ResponseWriter, req *http.Request) { BuildTag: buildInfo, RouterClusterIP: routerIP, Namespace: s.cfg.Namespace, + NetworkingMode: s.cfg.NetworkingMode, HttpPort: s.cfg.HttpPort, XdsPort: s.cfg.XdsPort, ExtprocPort: s.cfg.ExtprocPort, diff --git a/hack/install-ate.sh b/hack/install-ate.sh index 8e043e85..9f26dd71 100755 --- a/hack/install-ate.sh +++ b/hack/install-ate.sh @@ -39,6 +39,8 @@ fi # ATE_DEMOS is an array that registers the prefix name of the demo functions. ATE_DEMOS=() +ATE_INSTALL_ATENET_ROUTER="${ATE_INSTALL_ATENET_ROUTER:-envoy}" + # Include demos. source "${ROOT}"/hack/install-demo-counter.sh source "${ROOT}"/hack/install-demo-sandbox.sh @@ -61,6 +63,7 @@ function usage() { echo "Overall infrastructure (all infrastructure components):" echo "" echo " --deploy-ate-system Deploy core system (CRDs, atelet, apiserver)" + echo " --router=envoy|agentgateway Select atenet-router implementation (default: envoy)" echo " --delete-ate-system Delete core system" echo " --delete-all Delete core system and all registered demos" echo "" @@ -108,6 +111,63 @@ run_ko() { -- ${KUBECTL_CONTEXT:+--context=${KUBECTL_CONTEXT}} } +set_atenet_router() { + case "$1" in + envoy|agentgateway) + ATE_INSTALL_ATENET_ROUTER="$1" + ;; + *) + echo "unsupported atenet router mode: $1" >&2 + exit 1 + ;; + esac +} + +atenet_router_manifest() { + case "${ATE_INSTALL_ATENET_ROUTER}" in + envoy) + echo "manifests/ate-install/atenet-router.yaml" + ;; + agentgateway) + echo "manifests/ate-install/atenet-router-agentgateway.yaml" + ;; + *) + echo "unsupported atenet router mode: ${ATE_INSTALL_ATENET_ROUTER}" >&2 + exit 1 + ;; + esac +} + +ate_install_kustomize_base_dir() { + case "${ATE_INSTALL_ATENET_ROUTER}" in + envoy) + echo "manifests/ate-install/base" + ;; + agentgateway) + echo "manifests/ate-install/base-agentgateway" + ;; + *) + echo "unsupported atenet router mode: ${ATE_INSTALL_ATENET_ROUTER}" >&2 + exit 1 + ;; + esac +} + +ate_install_kustomize_dir() { + case "${ATE_INSTALL_ATENET_ROUTER}" in + envoy) + echo "manifests/ate-install/kind" + ;; + agentgateway) + echo "manifests/ate-install/kind-agentgateway" + ;; + *) + echo "unsupported atenet router mode: ${ATE_INSTALL_ATENET_ROUTER}" >&2 + exit 1 + ;; + esac +} + create_valkey_ca_certs_secret() { log_step "create_valkey_ca_certs_secret" local ca_certs="" @@ -232,10 +292,10 @@ deploy_ate_system() { local manifests="" if [[ "${ATE_INSTALL_KIND:-false}" == "true" ]]; then # Build everything resolved with Kustomize for Kind - manifests=$(kubectl kustomize manifests/ate-install/kind --load-restrictor LoadRestrictionsNone | run_ko resolve -f -) + manifests=$(kubectl kustomize "$(ate_install_kustomize_dir)" --load-restrictor LoadRestrictionsNone | run_ko resolve -f -) else # Build everything resolved with base manifests for GKE - manifests=$(run_ko resolve -f manifests/ate-install) + manifests=$(kubectl kustomize "$(ate_install_kustomize_base_dir)" --load-restrictor LoadRestrictionsNone | run_ko resolve -f -) fi echo "${manifests}" | run_kubectl apply -f - @@ -305,7 +365,7 @@ deploy_atenet() { run_kubectl apply -f manifests/ate-install/ate-system-namespace.yaml \ && run_kubectl wait --for=jsonpath='{.status.phase}'=Active namespace/ate-system --timeout=60s - run_ko apply -f manifests/ate-install/atenet-router.yaml + run_ko apply -f "$(atenet_router_manifest)" run_ko apply -f manifests/ate-install/atenet-dns.yaml run_kubectl rollout status deployment/atenet-router -n ate-system --timeout=120s run_kubectl rollout status deployment/atenet-dns -n ate-system --timeout=120s @@ -324,7 +384,7 @@ delete_ate_system() { delete_atenet() { log_step "delete_atenet" - run_kubectl delete --ignore-not-found -f manifests/ate-install/atenet-router.yaml + run_kubectl delete --ignore-not-found -f "$(atenet_router_manifest)" } delete_all() { @@ -349,6 +409,9 @@ for arg in "$@"; do usage exit 0 ;; + --router=*) + set_atenet_router "${arg#--router=}" + ;; esac done @@ -367,6 +430,7 @@ while [[ "$#" -gt 0 ]]; do case $1 in --deploy-ate-system) deploy_ate_system ;; + --router=*) ;; --delete-ate-system) delete_ate_system ;; --delete-all) delete_all ;; diff --git a/manifests/ate-install/atenet-router-agentgateway.yaml b/manifests/ate-install/atenet-router-agentgateway.yaml new file mode 100644 index 00000000..d3997290 --- /dev/null +++ b/manifests/ate-install/atenet-router-agentgateway.yaml @@ -0,0 +1,197 @@ +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: atenet-router + namespace: ate-system + labels: + app: atenet-router +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: atenet-router +rules: +- apiGroups: + - "ate.dev" + resources: + - actortemplates + verbs: + - get + - watch + - list +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: atenet-router +subjects: +- kind: ServiceAccount + name: atenet-router + namespace: ate-system +roleRef: + kind: ClusterRole + name: atenet-router + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: atenet-router-agentgateway-config + namespace: ate-system +data: + config.yaml: | + binds: + - port: 8080 + listeners: + - name: http + protocol: HTTP + routes: + - name: substrate-http + matches: + - path: + pathPrefix: / + policies: + extProc: + host: "127.0.0.1:50051" + processingOptions: + requestBodyMode: none + responseBodyMode: none + requestHeaderMode: send + responseHeaderMode: skip + requestTrailerMode: skip + responseTrailerMode: skip + backends: + - dynamic: {} + - port: 8443 + listeners: + - name: https + protocol: HTTPS + tls: + cert: "/run/servicedns.podcert.ate.dev/cert.pem" + key: "/run/servicedns.podcert.ate.dev/key.pem" + routes: + - name: substrate-https + matches: + - path: + pathPrefix: / + policies: + extProc: + host: "127.0.0.1:50051" + processingOptions: + requestBodyMode: none + responseBodyMode: none + requestHeaderMode: send + responseHeaderMode: skip + requestTrailerMode: skip + responseTrailerMode: skip + backends: + - dynamic: {} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: atenet-router + namespace: ate-system + labels: + app: atenet-router +spec: + replicas: 1 + selector: + matchLabels: + app: atenet-router + template: + metadata: + labels: + app: atenet-router + spec: + serviceAccountName: atenet-router + containers: + - name: atenet-router + image: ko://github.com/agent-substrate/substrate/cmd/atenet + args: + - "router" + - "--networking-mode=agentgateway" + - "--standalone" + - "--namespace=ate-system" + - "--port-http=8080" + - "--port-extproc=50051" + - "--extproc-address=127.0.0.1" + - "--ateapi-address=api.ate-system.svc:443" + - "--status-port=4040" + - "--port-https=8443" + - "--tls-cert-path=/run/servicedns.podcert.ate.dev/cert.pem" + - "--tls-key-path=/run/servicedns.podcert.ate.dev/key.pem" + ports: + - name: extproc + containerPort: 50051 + - name: status + containerPort: 4040 + - name: agentgateway + image: cr.agentgateway.dev/agentgateway:v1.3.0-alpha.1 + args: + - "-f" + - "/etc/agentgateway/config.yaml" + ports: + - name: http + containerPort: 8080 + - name: https + containerPort: 8443 + - name: readiness + containerPort: 15021 + - name: metrics + containerPort: 15020 + readinessProbe: + httpGet: + path: /healthz/ready + port: 15021 + periodSeconds: 10 + volumeMounts: + - name: agentgateway-config + mountPath: /etc/agentgateway + - name: "servicedns" + mountPath: "/run/servicedns.podcert.ate.dev" + volumes: + - name: agentgateway-config + configMap: + name: atenet-router-agentgateway-config + - name: "servicedns" + projected: + sources: + - podCertificate: + signerName: servicedns.podcert.ate.dev/identity + keyType: ECDSAP256 + certificateChainPath: cert.pem + keyPath: key.pem +--- +apiVersion: v1 +kind: Service +metadata: + name: atenet-router + namespace: ate-system +spec: + type: ClusterIP + selector: + app: atenet-router + ports: + - name: http + port: 80 + targetPort: 8080 + protocol: TCP + - name: https + port: 443 + targetPort: 8443 + protocol: TCP diff --git a/manifests/ate-install/atenet-router.yaml b/manifests/ate-install/atenet-router.yaml index d4269a59..6bc84bb6 100644 --- a/manifests/ate-install/atenet-router.yaml +++ b/manifests/ate-install/atenet-router.yaml @@ -122,6 +122,7 @@ spec: image: ko://github.com/agent-substrate/substrate/cmd/atenet args: - "router" + - "--networking-mode=envoy" - "--standalone" - "--namespace=ate-system" - "--port-http=8080" @@ -131,7 +132,8 @@ spec: - "--ateapi-address=api.ate-system.svc:443" - "--status-port=4040" - "--port-https=8443" - - "--envoy-cert-path=/run/servicedns.podcert.ate.dev/credential-bundle.pem" + - "--tls-cert-path=/run/servicedns.podcert.ate.dev/credential-bundle.pem" + - "--tls-key-path=/run/servicedns.podcert.ate.dev/credential-bundle.pem" ports: - name: xds containerPort: 18000 diff --git a/manifests/ate-install/base-agentgateway/kustomization.yaml b/manifests/ate-install/base-agentgateway/kustomization.yaml new file mode 100644 index 00000000..d5883ba7 --- /dev/null +++ b/manifests/ate-install/base-agentgateway/kustomization.yaml @@ -0,0 +1,25 @@ +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../ate-api-server.yaml + - ../ate-controller.yaml + - ../atelet.yaml + - ../atenet-dns.yaml + - ../atenet-router-agentgateway.yaml + - ../valkey.yaml + - ../pod-certificate-controller.yaml diff --git a/manifests/ate-install/base/kustomization.yaml b/manifests/ate-install/base/kustomization.yaml new file mode 100644 index 00000000..61cde5ac --- /dev/null +++ b/manifests/ate-install/base/kustomization.yaml @@ -0,0 +1,25 @@ +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../ate-api-server.yaml + - ../ate-controller.yaml + - ../atelet.yaml + - ../atenet-dns.yaml + - ../atenet-router.yaml + - ../valkey.yaml + - ../pod-certificate-controller.yaml diff --git a/manifests/ate-install/kind-agentgateway/kustomization.yaml b/manifests/ate-install/kind-agentgateway/kustomization.yaml new file mode 100644 index 00000000..d9c9192b --- /dev/null +++ b/manifests/ate-install/kind-agentgateway/kustomization.yaml @@ -0,0 +1,43 @@ +# Copyright 2026 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../ate-api-server.yaml + - ../ate-controller.yaml + - ../kind/atelet + - ../atenet-dns.yaml + - ../atenet-router-agentgateway.yaml + - ../valkey.yaml + - ../pod-certificate-controller.yaml + - ../kind/rustfs.yaml + - ../kind/otel-collector.yaml + +patches: + - patch: |- + apiVersion: apps/v1 + kind: Deployment + metadata: + name: ate-api-server-deployment + namespace: ate-system + spec: + template: + spec: + containers: + - name: ate-api-server + env: + - name: OTEL_EXPORTER_OTLP_ENDPOINT + value: http://opentelemetry-collector.otel-system.svc:4317 From 2e8c8fd078595b2560f4f08a419e87805cab49f0 Mon Sep 17 00:00:00 2001 From: Eitan Yarmush Date: Fri, 29 May 2026 13:59:12 +0000 Subject: [PATCH 2/8] Replace actor eth0 move with veth networking --- cmd/ateom-gvisor/main.go | 671 +++++++++++++++++++----------- go.mod | 3 + go.sum | 6 + internal/serverboot/serverboot.go | 20 +- 4 files changed, 433 insertions(+), 267 deletions(-) diff --git a/cmd/ateom-gvisor/main.go b/cmd/ateom-gvisor/main.go index ce468df8..d7dee892 100644 --- a/cmd/ateom-gvisor/main.go +++ b/cmd/ateom-gvisor/main.go @@ -24,7 +24,6 @@ import ( "net" "os" "runtime" - "sort" "sync" "cloud.google.com/go/compute/metadata" @@ -34,11 +33,15 @@ import ( "github.com/agent-substrate/substrate/internal/contextlogging" "github.com/agent-substrate/substrate/internal/proto/ateompb" "github.com/agent-substrate/substrate/internal/serverboot" + "github.com/google/nftables" + "github.com/google/nftables/binaryutil" + "github.com/google/nftables/expr" "github.com/hashicorp/go-reap" "github.com/vishvananda/netlink" "github.com/vishvananda/netns" "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc" sdktrace "go.opentelemetry.io/otel/sdk/trace" + "golang.org/x/sys/unix" "google.golang.org/grpc" "google.golang.org/grpc/reflection" ) @@ -50,6 +53,18 @@ var ( reapLock sync.RWMutex ) +const ( + hostVethName = "ateom0" + actorVethName = "eth0" + actorVethTempName = "ateom1" + hostVethCIDR = "10.200.0.1/30" + actorVethCIDR = "10.200.0.2/30" + actorVethGateway = "10.200.0.1" + actorVethIP = "10.200.0.2" + defaultActorPort = "80" + actorNftTableName = "ateom_actor" +) + func main() { flag.Parse() ctx := context.Background() @@ -73,8 +88,6 @@ func do(ctx context.Context) error { tp, err := serverboot.InitTracing(ctx, serverboot.TracingOptions{ ServiceName: "ateom-gvisor", Sampler: sdktrace.ParentBased(sdktrace.NeverSample()), - // ateom has no network connectivity once eth0 moves into the gvisor netns. - NoExporter: true, }) if err != nil { serverboot.Fatal(ctx, "Failed to initialize tracing", err) @@ -111,21 +124,6 @@ func do(ctx context.Context) error { return fmt.Errorf("while opening unix socket: %w", err) } - // On first start, scrape from eth0 interface. - // - // TODO(ateom): Save to boltdb database or file under ateom folder, so that - // if ateom process restarts, we still have it. - eth0Link, err := netlink.LinkByName("eth0") - if err != nil { - return fmt.Errorf("while getting netlink link for eth0: %w", err) - } - - eth0LinkInfo, err := scrapeLink(eth0Link) - if err != nil { - return fmt.Errorf("while scraping info from eth0: %w", err) - } - slog.InfoContext(ctx, "Eth0 link info", slog.Any("eth0", eth0LinkInfo)) - // Create a new network namespace that we will pass to gVisor. gVisor will // read the addresses and routes off of every link in the namespace, then // remove all the addresses and handle injecting packets into the interfaces @@ -136,7 +134,7 @@ func do(ctx context.Context) error { } actorLogger := ateom.NewActorLogger(syncedWriter, metadata.OnGCE()) - ateomService := NewService(interiorNetNS, eth0LinkInfo, actorLogger) + ateomService := NewService(interiorNetNS, actorLogger) svr := grpc.NewServer( grpc.StatsHandler(otelgrpc.NewServerHandler()), @@ -162,51 +160,20 @@ type AteomService struct { lock sync.Mutex interiorNetNS netns.NsHandle - eth0LinkInfo *SaveLinkInfo actorLogger *ateom.ActorLogger } var _ ateompb.AteomServer = (*AteomService)(nil) // NewService creates a new AteomService. -func NewService(interiorNetNS netns.NsHandle, eth0LinkInfo *SaveLinkInfo, actorLogger *ateom.ActorLogger) *AteomService { +func NewService(interiorNetNS netns.NsHandle, actorLogger *ateom.ActorLogger) *AteomService { svc := &AteomService{ interiorNetNS: interiorNetNS, - eth0LinkInfo: eth0LinkInfo, actorLogger: actorLogger, } return svc } -// ensureEth0InPodNetns moves eth0 back to the pod netns if a prior -// Run/Restore left it stuck in the interior netns. Idempotent: returns -// nil if eth0 is already in the pod netns or absent from both. -func ensureEth0InPodNetns(ctx context.Context, s *AteomService) error { - if _, err := netlink.LinkByName("eth0"); err == nil { - return nil - } - podNetNS, err := netns.Get() - if err != nil { - return fmt.Errorf("while getting pod netns: %w", err) - } - var moved bool - err = netNSDo(ctx, s.interiorNetNS, func(_ context.Context) error { - link, lookupErr := netlink.LinkByName("eth0") - if lookupErr != nil { - return nil - } - if mvErr := netlink.LinkSetNsFd(link, int(podNetNS)); mvErr != nil { - return fmt.Errorf("while moving eth0 to pod netns: %w", mvErr) - } - moved = true - return nil - }) - if moved { - slog.WarnContext(ctx, "Recovered eth0 from interior netns to pod netns") - } - return err -} - func (s *AteomService) RunWorkload(ctx context.Context, req *ateompb.RunWorkloadRequest) (resp *ateompb.RunWorkloadResponse, retErr error) { s.lock.Lock() defer s.lock.Unlock() @@ -218,57 +185,17 @@ func (s *AteomService) RunWorkload(ctx context.Context, req *ateompb.RunWorkload // * Correct runsc version is downloaded and placed on disk. // * All OCI bundles are set up, including for "pause" container. - if err := ensureEth0InPodNetns(ctx, s); err != nil { - return nil, fmt.Errorf("while recovering eth0 from prior failure: %w", err) + if err := s.setupActorNetwork(ctx); err != nil { + return nil, fmt.Errorf("while setting up actor network: %w", err) } - - // Move pod eth0 into interior netns - eth0Link, err := netlink.LinkByName("eth0") - if err != nil { - return nil, fmt.Errorf("while getting netlink link for eth0: %w", err) - } - if err := netlink.LinkSetNsFd(eth0Link, int(s.interiorNetNS)); err != nil { - return nil, fmt.Errorf("while moving eth0 into interior network namespace: %w", err) - } - // Roll eth0 back to the pod netns if any subsequent step errors, - // otherwise the worker pod is bricked for the next actor. defer func() { if retErr != nil { - if cleanupErr := ensureEth0InPodNetns(ctx, s); cleanupErr != nil { - slog.WarnContext(ctx, "Failed to roll back eth0 after Run failure", "err", cleanupErr) + if cleanupErr := s.cleanupActorNetwork(ctx); cleanupErr != nil { + slog.WarnContext(ctx, "Failed to clean up actor network after Run failure", "err", cleanupErr) } } }() - slog.InfoContext(ctx, "Restoring eth0 routes/addresses in interior netns") - err = netNSDo(ctx, s.interiorNetNS, func(ctx context.Context) error { - loLink, err := netlink.LinkByName("lo") - if err != nil { - return fmt.Errorf("while acquiring lo in interior netns: %w", err) - } - if err := netlink.LinkSetUp(loLink); err != nil { - return fmt.Errorf("while bringing up lo in interior netns: %w", err) - } - - eth0Link, err := netlink.LinkByName("eth0") - if err != nil { - return fmt.Errorf("while acquiring eth0 in interior netns: %w", err) - } - if err := netlink.LinkSetUp(eth0Link); err != nil { - return fmt.Errorf("while bringing up eth0 in interior netns: %w", err) - } - if err := restoreLink(ctx, eth0Link, s.eth0LinkInfo); err != nil { - return fmt.Errorf("while restoring eth0 routes and addresses in interior netns: %w", err) - } - if err := dumpNetInfo(ctx, "Interior NetNS "); err != nil { - return fmt.Errorf("while dumping links of interior netns: %w", err) - } - return nil - }) - if err != nil { - return nil, fmt.Errorf("while restoring eth0 in interior netns: %w", err) - } - rcmd := &runsc{ path: req.GetRunscPath(), actorTemplateNamespace: req.GetActorTemplateNamespace(), @@ -357,23 +284,8 @@ func (s *AteomService) CheckpointWorkload(ctx context.Context, req *ateompb.Chec return nil, fmt.Errorf("while deleting pause container: %w", err) } - // Yoink eth0 back to the pod netns. - podNetNS, err := netns.Get() - if err != nil { - return nil, fmt.Errorf("while getting pod netns: %w", err) - } - err = netNSDo(ctx, s.interiorNetNS, func(ctx context.Context) error { - eth0Link, err := netlink.LinkByName("eth0") - if err != nil { - return fmt.Errorf("while acquiring eth0 in interior netns: %w", err) - } - if err := netlink.LinkSetNsFd(eth0Link, int(podNetNS)); err != nil { - return fmt.Errorf("while sending eth0 back to pod netns: %w", err) - } - return nil - }) - if err != nil { - return nil, fmt.Errorf("while restoring eth0 in interior netns: %w", err) + if err := s.cleanupActorNetwork(ctx); err != nil { + return nil, fmt.Errorf("while cleaning up actor network: %w", err) } s.actorLogger.EmitLifecycleLog("Actor checkpointed", req.GetActorId(), req.GetActorTemplateName(), req.GetActorTemplateNamespace()) @@ -393,60 +305,17 @@ func (s *AteomService) RestoreWorkload(ctx context.Context, req *ateompb.Restore // * All OCI bundles are set up, including for "pause" container. // * Checkpoint downloaded and placed on disk - if err := ensureEth0InPodNetns(ctx, s); err != nil { - return nil, fmt.Errorf("while recovering eth0 from prior failure: %w", err) - } - - // Move pod eth0 into interior netns - eth0Link, err := netlink.LinkByName("eth0") - if err != nil { - return nil, fmt.Errorf("while getting netlink link for eth0: %w", err) + if err := s.setupActorNetwork(ctx); err != nil { + return nil, fmt.Errorf("while setting up actor network: %w", err) } - if err := netlink.LinkSetNsFd(eth0Link, int(s.interiorNetNS)); err != nil { - return nil, fmt.Errorf("while moving eth0 into interior network namespace: %w", err) - } - // Roll eth0 back to the pod netns if any subsequent step errors, - // otherwise the worker pod is bricked for the next actor. defer func() { if retErr != nil { - if cleanupErr := ensureEth0InPodNetns(ctx, s); cleanupErr != nil { - slog.WarnContext(ctx, "Failed to roll back eth0 after Restore failure", "err", cleanupErr) + if cleanupErr := s.cleanupActorNetwork(ctx); cleanupErr != nil { + slog.WarnContext(ctx, "Failed to clean up actor network after Restore failure", "err", cleanupErr) } } }() - // Restore route and IP information from save onto eth0. - slog.InfoContext(ctx, "Restoring eth0 routes/addresses in interior netns") - err = netNSDo(ctx, s.interiorNetNS, func(ctx context.Context) error { - loLink, err := netlink.LinkByName("lo") - if err != nil { - return fmt.Errorf("while acquiring lo in interior netns: %w", err) - } - if err := netlink.LinkSetUp(loLink); err != nil { - return fmt.Errorf("while bringing up lo in interior netns: %w", err) - } - - eth0Link, err := netlink.LinkByName("eth0") - if err != nil { - return fmt.Errorf("while acquiring eth0 in interior netns: %w", err) - } - if err := netlink.LinkSetUp(eth0Link); err != nil { - return fmt.Errorf("while bringing up eth0 in interior netns: %w", err) - } - if err := restoreLink(ctx, eth0Link, s.eth0LinkInfo); err != nil { - return fmt.Errorf("while restoring eth0 routes and addresses in interior netns: %w", err) - } - - if err := dumpNetInfo(ctx, "Interior NetNS "); err != nil { - return fmt.Errorf("while dumping links of interior netns: %w", err) - } - - return nil - }) - if err != nil { - return nil, fmt.Errorf("while restoring eth0 in interior netns: %w", err) - } - rcmd := &runsc{ path: req.GetRunscPath(), actorTemplateNamespace: req.GetActorTemplateNamespace(), @@ -485,6 +354,395 @@ func (s *AteomService) RestoreWorkload(ctx context.Context, req *ateompb.Restore return &ateompb.RestoreWorkloadResponse{}, nil } +func (s *AteomService) setupActorNetwork(ctx context.Context) (retErr error) { + // Build a fresh point-to-point network between the worker pod netns and the + // gVisor interior netns. The worker side keeps the pod's real eth0, creates + // ateom0 as the gateway, and moves only the veth peer into the actor netns. + // The actor side renames that peer to eth0 and installs a default route via + // the worker-side veth address. This replaces the old behavior of moving the + // Kubernetes-provided eth0 out of the worker pod. + // + // The nftables rules installed here are a compatibility bridge for the + // current router assumptions: actor egress is masqueraded behind the worker + // pod IP, and inbound traffic to the worker pod's HTTP port is DNAT'd to the + // actor veth IP. Later transparent egress capture will replace the broad + // egress NAT with AgentGateway-bound capture rules. + // + // Clean up stale state from a failed prior activation before creating the + // next actor-side network. The worker currently runs one actor at a time. + if err := s.cleanupActorNetwork(ctx); err != nil { + return fmt.Errorf("while removing stale actor network: %w", err) + } + defer func() { + if retErr != nil { + if cleanupErr := s.cleanupActorNetwork(ctx); cleanupErr != nil { + slog.WarnContext(ctx, "Failed to clean up partially configured actor network", "err", cleanupErr) + } + } + }() + + podIP, err := podIPv4() + if err != nil { + return fmt.Errorf("while resolving pod IPv4 address: %w", err) + } + + hostAddr, err := parseAddr(hostVethCIDR) + if err != nil { + return err + } + + veth := &netlink.Veth{ + LinkAttrs: netlink.LinkAttrs{ + Name: hostVethName, + }, + PeerName: actorVethTempName, + } + if err := netlink.LinkAdd(veth); err != nil { + return fmt.Errorf("while creating actor veth pair: %w", err) + } + + hostLink, err := netlink.LinkByName(hostVethName) + if err != nil { + return fmt.Errorf("while getting host veth: %w", err) + } + if err := netlink.AddrReplace(hostLink, hostAddr); err != nil { + return fmt.Errorf("while assigning host veth address: %w", err) + } + if err := netlink.LinkSetUp(hostLink); err != nil { + return fmt.Errorf("while bringing up host veth: %w", err) + } + + actorLink, err := netlink.LinkByName(actorVethTempName) + if err != nil { + return fmt.Errorf("while getting actor veth peer: %w", err) + } + if err := netlink.LinkSetNsFd(actorLink, int(s.interiorNetNS)); err != nil { + return fmt.Errorf("while moving actor veth peer into interior netns: %w", err) + } + + if err := netNSDo(ctx, s.interiorNetNS, configureActorVeth); err != nil { + return fmt.Errorf("while configuring actor veth in interior netns: %w", err) + } + + if err := enableIPv4Forwarding(); err != nil { + return err + } + if err := installActorNftablesRules(podIP); err != nil { + return err + } + + if err := dumpNetInfo(ctx, "Pod NetNS "); err != nil { + return fmt.Errorf("while dumping pod netns links: %w", err) + } + if err := netNSDo(ctx, s.interiorNetNS, func(ctx context.Context) error { + return dumpNetInfo(ctx, "Interior NetNS ") + }); err != nil { + return fmt.Errorf("while dumping interior netns links: %w", err) + } + + return nil +} + +func configureActorVeth(ctx context.Context) error { + // Run inside the gVisor interior netns after setupActorNetwork moves the + // veth peer there. gVisor reads link names, addresses, and routes from this + // namespace when the workload starts, so the peer is deliberately renamed to + // eth0 and configured like a normal container interface: + // + // * lo is brought up for localhost behavior. + // * the temporary veth peer is renamed to eth0. + // * eth0 receives the actor-side /30 address. + // * the default route points to the worker-side veth gateway. + loLink, err := netlink.LinkByName("lo") + if err != nil { + return fmt.Errorf("while acquiring lo in interior netns: %w", err) + } + if err := netlink.LinkSetUp(loLink); err != nil { + return fmt.Errorf("while bringing up lo in interior netns: %w", err) + } + + actorLink, err := netlink.LinkByName(actorVethTempName) + if err != nil { + return fmt.Errorf("while acquiring actor veth in interior netns: %w", err) + } + if err := netlink.LinkSetName(actorLink, actorVethName); err != nil { + return fmt.Errorf("while renaming actor veth to %q: %w", actorVethName, err) + } + actorLink, err = netlink.LinkByName(actorVethName) + if err != nil { + return fmt.Errorf("while reacquiring actor veth in interior netns: %w", err) + } + + actorAddr, err := parseAddr(actorVethCIDR) + if err != nil { + return err + } + if err := netlink.AddrReplace(actorLink, actorAddr); err != nil { + return fmt.Errorf("while assigning actor veth address: %w", err) + } + if err := netlink.LinkSetUp(actorLink); err != nil { + return fmt.Errorf("while bringing up actor veth: %w", err) + } + + gw := net.ParseIP(actorVethGateway).To4() + if gw == nil { + return fmt.Errorf("invalid actor veth gateway %q", actorVethGateway) + } + if err := netlink.RouteReplace(&netlink.Route{ + LinkIndex: actorLink.Attrs().Index, + Gw: gw, + }); err != nil { + return fmt.Errorf("while installing actor default route: %w", err) + } + + return nil +} + +func (s *AteomService) cleanupActorNetwork(ctx context.Context) error { + // Remove all per-activation network state owned by ateom. Deleting the + // worker-side veth also deletes its peer when the pair is still connected, + // but failed setup can leave the peer already moved into the actor netns. + // For that reason cleanup also enters the interior netns and deletes either + // the final actor interface name or the temporary peer name if present. + // + // This function is intentionally idempotent so it can run before setup, after + // checkpoint, and from setup failure cleanup without requiring the caller to + // know how far network initialization progressed. + if err := removeActorNftablesRules(); err != nil { + return err + } + + if link, err := netlink.LinkByName(hostVethName); err == nil { + if err := netlink.LinkDel(link); err != nil { + return fmt.Errorf("while deleting host veth: %w", err) + } + } else if _, ok := err.(netlink.LinkNotFoundError); !ok { + return fmt.Errorf("while looking up host veth: %w", err) + } + + if err := netNSDo(ctx, s.interiorNetNS, func(_ context.Context) error { + for _, name := range []string{actorVethName, actorVethTempName} { + link, err := netlink.LinkByName(name) + if err == nil { + if err := netlink.LinkDel(link); err != nil { + return fmt.Errorf("while deleting interior veth %q: %w", name, err) + } + continue + } + if _, ok := err.(netlink.LinkNotFoundError); !ok { + return fmt.Errorf("while looking up interior veth %q: %w", name, err) + } + } + return nil + }); err != nil { + return fmt.Errorf("while cleaning interior netns links: %w", err) + } + + return nil +} + +func podIPv4() (net.IP, error) { + // Resolve the worker pod IPv4 address from the pod namespace's real eth0. + // Because eth0 now stays in the pod namespace, this IP remains available for + // both normal worker connectivity and the temporary inbound DNAT rule. + eth0Link, err := netlink.LinkByName("eth0") + if err != nil { + return nil, fmt.Errorf("while getting pod eth0: %w", err) + } + addrs, err := netlink.AddrList(eth0Link, netlink.FAMILY_V4) + if err != nil { + return nil, fmt.Errorf("while listing pod eth0 addresses: %w", err) + } + for _, addr := range addrs { + if addr.IP == nil { + continue + } + if ip := addr.IP.To4(); ip != nil { + return ip, nil + } + } + return nil, fmt.Errorf("pod eth0 has no IPv4 address") +} + +func parseAddr(cidr string) (*netlink.Addr, error) { + addr, err := netlink.ParseAddr(cidr) + if err != nil { + return nil, fmt.Errorf("while parsing address %q: %w", cidr, err) + } + return addr, nil +} + +func enableIPv4Forwarding() error { + // Forwarding is required because actor packets now enter the worker pod via + // the host-side veth and then leave through the pod's eth0. Without this, the + // kernel would not route traffic between those interfaces even though both + // live in the worker pod network namespace. + if err := os.WriteFile("/proc/sys/net/ipv4/ip_forward", []byte("1\n"), 0o644); err != nil { + return fmt.Errorf("while enabling IPv4 forwarding in worker pod netns: %w", err) + } + return nil +} + +func installActorNftablesRules(podIP net.IP) error { + // Install a dedicated nftables table for the active actor. Keeping all + // rules in an ateom-owned table makes cleanup simple and avoids mutating + // Kubernetes or CNI-managed chains directly. + // + // The temporary compatibility rules do three things: + // + // * postrouting: masquerade actor egress from 10.200.0.2 behind the worker + // pod IP so replies route back to the pod. + // * prerouting: DNAT traffic sent to the worker pod IP on TCP/80 to the + // actor veth IP on TCP/80, preserving existing inbound behavior. + // * forward: accept forwarded packets between the actor veth and pod eth0. + // + // This is not the final egress policy path. The later AgentGateway phase + // should replace the broad masquerade path with transparent TCP capture and + // default-deny rules. + if err := removeActorNftablesRules(); err != nil { + return err + } + + c := &nftables.Conn{} + table := &nftables.Table{ + Family: nftables.TableFamilyIPv4, + Name: actorNftTableName, + } + c.AddTable(table) + + prerouting := c.AddChain(&nftables.Chain{ + Name: "prerouting", + Table: table, + Type: nftables.ChainTypeNAT, + Hooknum: nftables.ChainHookPrerouting, + Priority: nftables.ChainPriorityNATDest, + }) + postrouting := c.AddChain(&nftables.Chain{ + Name: "postrouting", + Table: table, + Type: nftables.ChainTypeNAT, + Hooknum: nftables.ChainHookPostrouting, + Priority: nftables.ChainPriorityNATSource, + }) + acceptPolicy := nftables.ChainPolicyAccept + forward := c.AddChain(&nftables.Chain{ + Name: "forward", + Table: table, + Type: nftables.ChainTypeFilter, + Hooknum: nftables.ChainHookForward, + Priority: nftables.ChainPriorityFilter, + Policy: &acceptPolicy, + }) + + c.AddRule(&nftables.Rule{ + Table: table, + Chain: postrouting, + Exprs: append(ipSourceEqual(actorVethIP), &expr.Masq{}), + }) + preroutingExprs := append(ipDestinationEqual(podIP.String()), tcpDestinationPortEqual(80)...) + preroutingExprs = append(preroutingExprs, + &expr.Immediate{ + Register: 1, + Data: net.ParseIP(actorVethIP).To4(), + }, + &expr.Immediate{ + Register: 2, + Data: binaryutil.BigEndian.PutUint16(80), + }, + &expr.NAT{ + Type: expr.NATTypeDestNAT, + Family: unix.NFPROTO_IPV4, + RegAddrMin: 1, + RegProtoMin: 2, + }, + ) + c.AddRule(&nftables.Rule{ + Table: table, + Chain: prerouting, + Exprs: preroutingExprs, + }) + c.AddRule(&nftables.Rule{ + Table: table, + Chain: forward, + Exprs: []expr.Any{ + &expr.Verdict{Kind: expr.VerdictAccept}, + }, + }) + + if err := c.Flush(); err != nil { + return fmt.Errorf("while installing actor nftables rules: %w", err) + } + return nil +} + +func removeActorNftablesRules() error { + // Delete the whole ateom nftables table if it exists. The table is + // per-worker and currently per-active-actor because this worker path runs at + // most one actor at a time. Missing tables are treated as already clean. + c := &nftables.Conn{} + tables, err := c.ListTablesOfFamily(nftables.TableFamilyIPv4) + if err != nil { + return fmt.Errorf("while listing nftables tables: %w", err) + } + for _, table := range tables { + if table.Name != actorNftTableName { + continue + } + c.DelTable(table) + if err := c.Flush(); err != nil { + return fmt.Errorf("while deleting actor nftables table: %w", err) + } + return nil + } + return nil +} + +func ipSourceEqual(ip string) []expr.Any { + return ipPayloadEqual(12, ip) +} + +func ipDestinationEqual(ip string) []expr.Any { + return ipPayloadEqual(16, ip) +} + +func ipPayloadEqual(offset uint32, ip string) []expr.Any { + return []expr.Any{ + &expr.Payload{ + DestRegister: 1, + Base: expr.PayloadBaseNetworkHeader, + Offset: offset, + Len: 4, + }, + &expr.Cmp{ + Op: expr.CmpOpEq, + Register: 1, + Data: net.ParseIP(ip).To4(), + }, + } +} + +func tcpDestinationPortEqual(port uint16) []expr.Any { + return []expr.Any{ + &expr.Meta{Key: expr.MetaKeyL4PROTO, Register: 1}, + &expr.Cmp{ + Op: expr.CmpOpEq, + Register: 1, + Data: []byte{unix.IPPROTO_TCP}, + }, + &expr.Payload{ + DestRegister: 1, + Base: expr.PayloadBaseTransportHeader, + Offset: 2, + Len: 2, + }, + &expr.Cmp{ + Op: expr.CmpOpEq, + Register: 1, + Data: binaryutil.BigEndian.PutUint16(port), + }, + } +} + func createNetNSWithoutSwitching(ctx context.Context, name string) (netns.NsHandle, error) { runtime.LockOSThread() defer runtime.UnlockOSThread() @@ -538,101 +796,6 @@ func netNSDo(ctx context.Context, targetNS netns.NsHandle, do func(context.Conte return nil } -type SaveLinkInfo struct { - Addresses []SaveAddr - Routes []SaveRoute -} - -type SaveAddr struct { - Addr net.IPNet - Scope int - Broadcast net.IP -} - -type SaveRoute struct { - Scope uint8 - Dst net.IPNet - Src net.IP - Gateway net.IP - Protocol int - Type int -} - -func scrapeLink(link netlink.Link) (*SaveLinkInfo, error) { - rawAddrs, err := netlink.AddrList(link, netlink.FAMILY_ALL) - if err != nil { - return nil, fmt.Errorf("while scraping addresses: %w", err) - } - - var addrs []SaveAddr - for _, rawAddr := range rawAddrs { - addr := SaveAddr{ - Addr: *rawAddr.IPNet, - Scope: rawAddr.Scope, - Broadcast: rawAddr.Broadcast, - } - addrs = append(addrs, addr) - } - - rawRoutes, err := netlink.RouteList(link, netlink.FAMILY_ALL) - if err != nil { - return nil, fmt.Errorf("while scraping routes: %w", err) - } - - var routes []SaveRoute - for _, rawRoute := range rawRoutes { - route := SaveRoute{ - Scope: uint8(rawRoute.Scope), - Dst: *rawRoute.Dst, - Src: rawRoute.Src, - Gateway: rawRoute.Gw, - Protocol: int(rawRoute.Protocol), - Type: rawRoute.Type, - } - routes = append(routes, route) - } - - return &SaveLinkInfo{ - Addresses: addrs, - Routes: routes, - }, nil -} - -func restoreLink(ctx context.Context, link netlink.Link, info *SaveLinkInfo) error { - for i, saveAddr := range info.Addresses { - addr := &netlink.Addr{ - IPNet: &saveAddr.Addr, - Scope: saveAddr.Scope, - Broadcast: saveAddr.Broadcast, - } - if err := netlink.AddrReplace(link, addr); err != nil { - return fmt.Errorf("while restoring addr %d onto link: %w", i, err) - } - } - // Link-scope routes must be installed before gateway routes so the - // kernel can resolve each gateway's nexthop (fib_check_nh_v4_gw). - routes := append([]SaveRoute(nil), info.Routes...) - sort.SliceStable(routes, func(i, j int) bool { - return routes[i].Gateway == nil && routes[j].Gateway != nil - }) - for i, saveRoute := range routes { - route := &netlink.Route{ - LinkIndex: link.Attrs().Index, - Scope: netlink.Scope(saveRoute.Scope), - Dst: &saveRoute.Dst, - Src: saveRoute.Src, - Gw: saveRoute.Gateway, - Protocol: netlink.RouteProtocol(saveRoute.Protocol), - Type: saveRoute.Type, - } - slog.InfoContext(ctx, "Restoring route", slog.String("dst", saveRoute.Dst.String()), slog.String("src", saveRoute.Src.String()), slog.String("gateway", saveRoute.Gateway.String())) - if err := netlink.RouteReplace(route); err != nil { - return fmt.Errorf("while restoring route %d: %w", i, err) - } - } - return nil -} - func dumpNetInfo(ctx context.Context, prefix string) error { links, err := netlink.LinkList() if err != nil { diff --git a/go.mod b/go.mod index 901317de..82603ecc 100644 --- a/go.mod +++ b/go.mod @@ -17,6 +17,7 @@ require ( github.com/envoyproxy/go-control-plane/envoy v1.37.0 github.com/google/go-cmp v0.7.0 github.com/google/go-containerregistry v0.21.5 + github.com/google/nftables v0.3.0 github.com/google/uuid v1.6.0 github.com/hashicorp/go-reap v0.0.0-20260220095743-4e27870b4f51 github.com/klauspost/compress v1.18.5 @@ -118,6 +119,8 @@ require ( github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/json-iterator/go v1.1.12 // indirect + github.com/mdlayher/netlink v1.7.3-0.20250113171957-fbb4dce95f42 // indirect + github.com/mdlayher/socket v0.5.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/moby/spdystream v0.5.1 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect diff --git a/go.sum b/go.sum index cbfa6fb2..1b7e6096 100644 --- a/go.sum +++ b/go.sum @@ -179,6 +179,8 @@ github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian/v3 v3.3.3 h1:DIhPTQrbPkgs2yJYdXU/eNACCG5DVQjySNRNlflZ9Fc= github.com/google/martian/v3 v3.3.3/go.mod h1:iEPrYcgCF7jA9OtScMFQyAlZZ4YXTKEtJ1E6RWzmBA0= +github.com/google/nftables v0.3.0 h1:bkyZ0cbpVeMHXOrtlFc8ISmfVqq5gPJukoYieyVmITg= +github.com/google/nftables v0.3.0/go.mod h1:BCp9FsrbF1Fn/Yu6CLUc9GGZFw/+hsxfluNXXmxBfRM= github.com/google/pprof v0.0.0-20250602020802-c6617b811d0e h1:FJta/0WsADCe1r9vQjdHbd3KuiLPu7Y9WlyLGwMUNyE= github.com/google/pprof v0.0.0-20250602020802-c6617b811d0e/go.mod h1:5hDyRhoBCxViHszMt12TnOpEI4VVi+U8Gm9iphldiMA= github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0= @@ -209,6 +211,10 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/mdlayher/netlink v1.7.3-0.20250113171957-fbb4dce95f42 h1:A1Cq6Ysb0GM0tpKMbdCXCIfBclan4oHk1Jb+Hrejirg= +github.com/mdlayher/netlink v1.7.3-0.20250113171957-fbb4dce95f42/go.mod h1:BB4YCPDOzfy7FniQ/lxuYQ3dgmM2cZumHbK8RpTjN2o= +github.com/mdlayher/socket v0.5.0 h1:ilICZmJcQz70vrWVes1MFera4jGiWNocSkykwwoy3XI= +github.com/mdlayher/socket v0.5.0/go.mod h1:WkcBFfvyG8QENs5+hfQPl1X6Jpd2yeLIYgrGFmJiJxI= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/moby/spdystream v0.5.1 h1:9sNYeYZUcci9R6/w7KDaFWEWeV4LStVG78Mpyq/Zm/Y= diff --git a/internal/serverboot/serverboot.go b/internal/serverboot/serverboot.go index 275e4747..e43e8158 100644 --- a/internal/serverboot/serverboot.go +++ b/internal/serverboot/serverboot.go @@ -51,10 +51,6 @@ type TracingOptions struct { // Sampler is required. ateapi typically uses ParentBased(AlwaysSample); // atelet/ateom-gvisor use ParentBased(NeverSample). Sampler sdktrace.Sampler - // NoExporter skips the OTLP exporter. Used by binaries with no - // network egress (ateom-gvisor, after eth0 moves into the gvisor - // netns). - NoExporter bool } // InitTracing registers a global TracerProvider with the given options @@ -74,16 +70,14 @@ func InitTracing(ctx context.Context, opts TracingOptions) (*sdktrace.TracerProv sdktrace.WithResource(res), sdktrace.WithSampler(opts.Sampler), } - if !opts.NoExporter { - exporter, err := otlptracegrpc.New(ctx, - // GKE managed traces doesn't support validating the TLS certs of the collector. - otlptracegrpc.WithInsecure(), - ) - if err != nil { - return nil, fmt.Errorf("create OTLP exporter: %w", err) - } - tpOpts = append(tpOpts, sdktrace.WithBatcher(exporter)) + exporter, err := otlptracegrpc.New(ctx, + // GKE managed traces doesn't support validating the TLS certs of the collector. + otlptracegrpc.WithInsecure(), + ) + if err != nil { + return nil, fmt.Errorf("create OTLP exporter: %w", err) } + tpOpts = append(tpOpts, sdktrace.WithBatcher(exporter)) tp := sdktrace.NewTracerProvider(tpOpts...) otel.SetTracerProvider(tp) From b6774893654d472441fa9ff6cf6daf8a9f82d24d Mon Sep 17 00:00:00 2001 From: Eitan Yarmush Date: Fri, 29 May 2026 19:07:08 +0000 Subject: [PATCH 3/8] Group nftables rules with chain definitions --- cmd/ateom-gvisor/main.go | 45 ++++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 22 deletions(-) diff --git a/cmd/ateom-gvisor/main.go b/cmd/ateom-gvisor/main.go index d7dee892..f6952a5c 100644 --- a/cmd/ateom-gvisor/main.go +++ b/cmd/ateom-gvisor/main.go @@ -617,28 +617,6 @@ func installActorNftablesRules(podIP net.IP) error { Hooknum: nftables.ChainHookPrerouting, Priority: nftables.ChainPriorityNATDest, }) - postrouting := c.AddChain(&nftables.Chain{ - Name: "postrouting", - Table: table, - Type: nftables.ChainTypeNAT, - Hooknum: nftables.ChainHookPostrouting, - Priority: nftables.ChainPriorityNATSource, - }) - acceptPolicy := nftables.ChainPolicyAccept - forward := c.AddChain(&nftables.Chain{ - Name: "forward", - Table: table, - Type: nftables.ChainTypeFilter, - Hooknum: nftables.ChainHookForward, - Priority: nftables.ChainPriorityFilter, - Policy: &acceptPolicy, - }) - - c.AddRule(&nftables.Rule{ - Table: table, - Chain: postrouting, - Exprs: append(ipSourceEqual(actorVethIP), &expr.Masq{}), - }) preroutingExprs := append(ipDestinationEqual(podIP.String()), tcpDestinationPortEqual(80)...) preroutingExprs = append(preroutingExprs, &expr.Immediate{ @@ -661,6 +639,29 @@ func installActorNftablesRules(podIP net.IP) error { Chain: prerouting, Exprs: preroutingExprs, }) + + postrouting := c.AddChain(&nftables.Chain{ + Name: "postrouting", + Table: table, + Type: nftables.ChainTypeNAT, + Hooknum: nftables.ChainHookPostrouting, + Priority: nftables.ChainPriorityNATSource, + }) + c.AddRule(&nftables.Rule{ + Table: table, + Chain: postrouting, + Exprs: append(ipSourceEqual(actorVethIP), &expr.Masq{}), + }) + + acceptPolicy := nftables.ChainPolicyAccept + forward := c.AddChain(&nftables.Chain{ + Name: "forward", + Table: table, + Type: nftables.ChainTypeFilter, + Hooknum: nftables.ChainHookForward, + Priority: nftables.ChainPriorityFilter, + Policy: &acceptPolicy, + }) c.AddRule(&nftables.Rule{ Table: table, Chain: forward, From 76c84dbcf905bda065724dd0d34b9c74a762bc1d Mon Sep 17 00:00:00 2001 From: Eitan Yarmush Date: Fri, 29 May 2026 19:08:45 +0000 Subject: [PATCH 4/8] Address actor inbound networking TODOs --- cmd/ateom-gvisor/main.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cmd/ateom-gvisor/main.go b/cmd/ateom-gvisor/main.go index f6952a5c..62580737 100644 --- a/cmd/ateom-gvisor/main.go +++ b/cmd/ateom-gvisor/main.go @@ -61,7 +61,6 @@ const ( actorVethCIDR = "10.200.0.2/30" actorVethGateway = "10.200.0.1" actorVethIP = "10.200.0.2" - defaultActorPort = "80" actorNftTableName = "ateom_actor" ) @@ -617,6 +616,10 @@ func installActorNftablesRules(podIP net.IP) error { Hooknum: nftables.ChainHookPrerouting, Priority: nftables.ChainPriorityNATDest, }) + // TODO: Support inbound UDP DNAT for actors that expose UDP protocols such + // as QUIC. + // TODO: Replace the hard-coded HTTP port with the actor's configured + // inbound ports, either by adding one rule per port or by matching a set. preroutingExprs := append(ipDestinationEqual(podIP.String()), tcpDestinationPortEqual(80)...) preroutingExprs = append(preroutingExprs, &expr.Immediate{ From 0de8d7ebbea57e307356b1c54ada3ae14fc609c6 Mon Sep 17 00:00:00 2001 From: Eitan Yarmush Date: Fri, 29 May 2026 19:10:41 +0000 Subject: [PATCH 5/8] Trim actor networking comment --- cmd/ateom-gvisor/main.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cmd/ateom-gvisor/main.go b/cmd/ateom-gvisor/main.go index 62580737..e71e4a50 100644 --- a/cmd/ateom-gvisor/main.go +++ b/cmd/ateom-gvisor/main.go @@ -364,8 +364,7 @@ func (s *AteomService) setupActorNetwork(ctx context.Context) (retErr error) { // The nftables rules installed here are a compatibility bridge for the // current router assumptions: actor egress is masqueraded behind the worker // pod IP, and inbound traffic to the worker pod's HTTP port is DNAT'd to the - // actor veth IP. Later transparent egress capture will replace the broad - // egress NAT with AgentGateway-bound capture rules. + // actor veth IP. // // Clean up stale state from a failed prior activation before creating the // next actor-side network. The worker currently runs one actor at a time. From a069e0e90b2d34901c50488461753a5dbcf760c3 Mon Sep 17 00:00:00 2001 From: Eitan Yarmush Date: Fri, 29 May 2026 21:29:43 +0000 Subject: [PATCH 6/8] Update licenses for nftables dependency --- LICENSES/github.com/google/nftables/LICENSE | 202 ++++++++++++++++++ .../github.com/mdlayher/netlink/LICENSE.md | 9 + .../github.com/mdlayher/socket/LICENSE.md | 9 + 3 files changed, 220 insertions(+) create mode 100644 LICENSES/github.com/google/nftables/LICENSE create mode 100644 LICENSES/github.com/mdlayher/netlink/LICENSE.md create mode 100644 LICENSES/github.com/mdlayher/socket/LICENSE.md diff --git a/LICENSES/github.com/google/nftables/LICENSE b/LICENSES/github.com/google/nftables/LICENSE new file mode 100644 index 00000000..d6456956 --- /dev/null +++ b/LICENSES/github.com/google/nftables/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/LICENSES/github.com/mdlayher/netlink/LICENSE.md b/LICENSES/github.com/mdlayher/netlink/LICENSE.md new file mode 100644 index 00000000..12f71058 --- /dev/null +++ b/LICENSES/github.com/mdlayher/netlink/LICENSE.md @@ -0,0 +1,9 @@ +# MIT License + +Copyright (C) 2016-2022 Matt Layher + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/LICENSES/github.com/mdlayher/socket/LICENSE.md b/LICENSES/github.com/mdlayher/socket/LICENSE.md new file mode 100644 index 00000000..3ccdb75b --- /dev/null +++ b/LICENSES/github.com/mdlayher/socket/LICENSE.md @@ -0,0 +1,9 @@ +# MIT License + +Copyright (C) 2021 Matt Layher + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. From 7766774b5008a1839acddcb84cefbe75aac34d0b Mon Sep 17 00:00:00 2001 From: npolshakova Date: Wed, 3 Jun 2026 14:07:24 -0700 Subject: [PATCH 7/8] wip Signed-off-by: npolshakova --- .../internal/controlapi/workflow_resume.go | 19 +- .../internal/controlapi/workflow_suspend.go | 21 +- .../internal/controlapi/workload_spec.go | 75 ++++ .../internal/controlapi/workload_spec_test.go | 65 ++++ cmd/atelet/main.go | 36 +- cmd/atelet/main_test.go | 50 +++ cmd/ateom-gvisor/main.go | 194 +++++++++- demos/counter/counter.go | 37 ++ demos/counter/counter.yaml.tmpl | 22 ++ internal/proto/ateletpb/atelet.pb.go | 330 +++++++++++++++--- internal/proto/ateletpb/atelet.proto | 26 +- internal/proto/ateompb/ateom.pb.go | 328 ++++++++++++++--- internal/proto/ateompb/ateom.proto | 24 +- .../generated/ate.dev_actortemplates.yaml | 279 +++++++++++++++ pkg/api/v1alpha1/actortemplate_types.go | 161 +++++++++ pkg/api/v1alpha1/actortemplate_types_test.go | 43 +++ pkg/api/v1alpha1/zz_generated.deepcopy.go | 219 ++++++++++++ 17 files changed, 1792 insertions(+), 137 deletions(-) create mode 100644 cmd/ateapi/internal/controlapi/workload_spec.go create mode 100644 cmd/ateapi/internal/controlapi/workload_spec_test.go create mode 100644 cmd/atelet/main_test.go diff --git a/cmd/ateapi/internal/controlapi/workflow_resume.go b/cmd/ateapi/internal/controlapi/workflow_resume.go index 1401461c..7552578e 100644 --- a/cmd/ateapi/internal/controlapi/workflow_resume.go +++ b/cmd/ateapi/internal/controlapi/workflow_resume.go @@ -171,24 +171,7 @@ func (s *CallAteletRestoreStep) Execute(ctx context.Context, input *ResumeInput, } client := ateletpb.NewAteomHerderClient(ateletConn) - workloadSpec := &ateletpb.WorkloadSpec{ - PauseImage: state.ActorTemplate.Spec.PauseImage, - } - for _, ctr := range state.ActorTemplate.Spec.Containers { - ateletCtr := &ateletpb.Container{ - Name: ctr.Name, - Image: ctr.Image, - Command: ctr.Command, - } - for _, env := range ctr.Env { - ateletEnv := &ateletpb.EnvEntry{ - Name: env.Name, - Value: env.Value, - } - ateletCtr.Env = append(ateletCtr.Env, ateletEnv) - } - workloadSpec.Containers = append(workloadSpec.Containers, ateletCtr) - } + workloadSpec := buildAteletWorkloadSpec(state.ActorTemplate) runscCfg := &ateletpb.RunscConfig{} if state.ActorTemplate.Spec.Runsc.AMD64 != nil { diff --git a/cmd/ateapi/internal/controlapi/workflow_suspend.go b/cmd/ateapi/internal/controlapi/workflow_suspend.go index 9c55652f..ce05f504 100644 --- a/cmd/ateapi/internal/controlapi/workflow_suspend.go +++ b/cmd/ateapi/internal/controlapi/workflow_suspend.go @@ -142,25 +142,8 @@ func (s *CallAteletSuspendStep) Execute(ctx context.Context, input *SuspendInput ActorTemplateName: state.Actor.GetActorTemplateName(), ActorId: state.Actor.GetActorId(), Runsc: runscCfg, - Spec: &ateletpb.WorkloadSpec{ - PauseImage: state.ActorTemplate.Spec.PauseImage, - }, - SnapshotUriPrefix: state.Actor.GetInProgressSnapshot(), - } - for _, ctr := range state.ActorTemplate.Spec.Containers { - ateletCtr := &ateletpb.Container{ - Name: ctr.Name, - Image: ctr.Image, - Command: ctr.Command, - } - for _, env := range ctr.Env { - ateletEnv := &ateletpb.EnvEntry{ - Name: env.Name, - Value: env.Value, - } - ateletCtr.Env = append(ateletCtr.Env, ateletEnv) - } - req.Spec.Containers = append(req.Spec.Containers, ateletCtr) + Spec: buildAteletWorkloadSpec(state.ActorTemplate), + SnapshotUriPrefix: state.Actor.GetInProgressSnapshot(), } _, err = client.Checkpoint(ctx, req) if err != nil { diff --git a/cmd/ateapi/internal/controlapi/workload_spec.go b/cmd/ateapi/internal/controlapi/workload_spec.go new file mode 100644 index 00000000..9c61707a --- /dev/null +++ b/cmd/ateapi/internal/controlapi/workload_spec.go @@ -0,0 +1,75 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package controlapi + +import ( + "github.com/agent-substrate/substrate/internal/proto/ateletpb" + atev1alpha1 "github.com/agent-substrate/substrate/pkg/api/v1alpha1" +) + +func buildAteletWorkloadSpec(actorTemplate *atev1alpha1.ActorTemplate) *ateletpb.WorkloadSpec { + workloadSpec := &ateletpb.WorkloadSpec{ + PauseImage: actorTemplate.Spec.PauseImage, + EgressPolicy: buildAteletEgressPolicy(actorTemplate.Spec.EgressPolicy), + } + for _, ctr := range actorTemplate.Spec.Containers { + ateletCtr := &ateletpb.Container{ + Name: ctr.Name, + Image: ctr.Image, + Command: ctr.Command, + } + for _, env := range ctr.Env { + ateletCtr.Env = append(ateletCtr.Env, &ateletpb.EnvEntry{ + Name: env.Name, + Value: env.Value, + }) + } + workloadSpec.Containers = append(workloadSpec.Containers, ateletCtr) + } + return workloadSpec +} + +func buildAteletEgressPolicy(policy *atev1alpha1.EgressPolicy) *ateletpb.EgressPolicy { + if policy == nil { + return nil + } + return &ateletpb.EgressPolicy{ + DefaultAction: string(policy.DefaultAction), + Allow: buildAteletEgressPolicyRules(policy.Allow), + Deny: buildAteletEgressPolicyRules(policy.Deny), + } +} + +func buildAteletEgressPolicyRules(rules []atev1alpha1.EgressPolicyRule) []*ateletpb.EgressPolicyRule { + out := make([]*ateletpb.EgressPolicyRule, 0, len(rules)) + for _, rule := range rules { + outRule := &ateletpb.EgressPolicyRule{} + for _, dest := range rule.To { + outDest := &ateletpb.EgressPolicyDestination{Host: dest.Host} + if dest.IPBlock != nil { + outDest.Cidr = dest.IPBlock.CIDR + } + outRule.To = append(outRule.To, outDest) + } + for _, port := range rule.Ports { + outRule.Ports = append(outRule.Ports, &ateletpb.EgressPort{ + Port: uint32(port.Port), + Protocol: string(port.Protocol), + }) + } + out = append(out, outRule) + } + return out +} diff --git a/cmd/ateapi/internal/controlapi/workload_spec_test.go b/cmd/ateapi/internal/controlapi/workload_spec_test.go new file mode 100644 index 00000000..4f659e9e --- /dev/null +++ b/cmd/ateapi/internal/controlapi/workload_spec_test.go @@ -0,0 +1,65 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package controlapi + +import ( + "testing" + + corev1 "k8s.io/api/core/v1" + + atev1alpha1 "github.com/agent-substrate/substrate/pkg/api/v1alpha1" +) + +func TestBuildAteletWorkloadSpecIncludesEgressPolicy(t *testing.T) { + spec := buildAteletWorkloadSpec(&atev1alpha1.ActorTemplate{ + Spec: atev1alpha1.ActorTemplateSpec{ + PauseImage: "pause", + Containers: []atev1alpha1.Container{ + {Name: "app", Image: "example/app"}, + }, + EgressPolicy: &atev1alpha1.EgressPolicy{ + DefaultAction: atev1alpha1.EgressPolicyActionDeny, + Allow: []atev1alpha1.EgressPolicyRule{ + { + To: []atev1alpha1.EgressPolicyDestination{ + {Host: "example.com"}, + {IPBlock: &atev1alpha1.EgressIPBlock{CIDR: "10.96.0.10/32"}}, + }, + Ports: []atev1alpha1.EgressPort{ + {Port: 443, Protocol: corev1.ProtocolTCP}, + }, + }, + }, + }, + }, + }) + + if got, want := spec.GetEgressPolicy().GetDefaultAction(), "Deny"; got != want { + t.Fatalf("default action = %q, want %q", got, want) + } + allow := spec.GetEgressPolicy().GetAllow() + if len(allow) != 1 { + t.Fatalf("allow rule count = %d, want 1", len(allow)) + } + if got, want := allow[0].GetTo()[0].GetHost(), "example.com"; got != want { + t.Fatalf("host = %q, want %q", got, want) + } + if got, want := allow[0].GetTo()[1].GetCidr(), "10.96.0.10/32"; got != want { + t.Fatalf("cidr = %q, want %q", got, want) + } + if got, want := allow[0].GetPorts()[0].GetProtocol(), "TCP"; got != want { + t.Fatalf("protocol = %q, want %q", got, want) + } +} diff --git a/cmd/atelet/main.go b/cmd/atelet/main.go index 76fec71e..c5a61c52 100644 --- a/cmd/atelet/main.go +++ b/cmd/atelet/main.go @@ -514,13 +514,47 @@ func (s *AteomHerder) dialAteom(ctx context.Context, namespace, name string) (at // buildAteomWorkloadSpec projects the atelet-facing workload spec onto // the ateom-facing one — currently just the container names. func buildAteomWorkloadSpec(spec *ateletpb.WorkloadSpec) *ateompb.WorkloadSpec { - out := &ateompb.WorkloadSpec{} + out := &ateompb.WorkloadSpec{ + EgressPolicy: buildAteomEgressPolicy(spec.GetEgressPolicy()), + } for _, ctr := range spec.GetContainers() { out.Containers = append(out.Containers, &ateompb.Container{Name: ctr.GetName()}) } return out } +func buildAteomEgressPolicy(policy *ateletpb.EgressPolicy) *ateompb.EgressPolicy { + if policy == nil { + return nil + } + return &ateompb.EgressPolicy{ + DefaultAction: policy.GetDefaultAction(), + Allow: buildAteomEgressPolicyRules(policy.GetAllow()), + Deny: buildAteomEgressPolicyRules(policy.GetDeny()), + } +} + +func buildAteomEgressPolicyRules(rules []*ateletpb.EgressPolicyRule) []*ateompb.EgressPolicyRule { + out := make([]*ateompb.EgressPolicyRule, 0, len(rules)) + for _, rule := range rules { + outRule := &ateompb.EgressPolicyRule{} + for _, dest := range rule.GetTo() { + outRule.To = append(outRule.To, &ateompb.EgressPolicyDestination{ + Host: dest.GetHost(), + Cidr: dest.GetCidr(), + }) + } + for _, port := range rule.GetPorts() { + outRule.Ports = append(outRule.Ports, &ateompb.EgressPort{ + Port: port.GetPort(), + Protocol: port.GetProtocol(), + }) + } + out = append(out, outRule) + } + return out +} + // uploadIfExists uploads a local file to GCS (zstd-compressed) only if // the file is present. Missing files are silently skipped — used for // optional checkpoint side-files (pages.img, pages_meta.img). diff --git a/cmd/atelet/main_test.go b/cmd/atelet/main_test.go new file mode 100644 index 00000000..72c43d36 --- /dev/null +++ b/cmd/atelet/main_test.go @@ -0,0 +1,50 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "testing" + + "github.com/agent-substrate/substrate/internal/proto/ateletpb" +) + +func TestBuildAteomWorkloadSpecIncludesEgressPolicy(t *testing.T) { + spec := buildAteomWorkloadSpec(&ateletpb.WorkloadSpec{ + Containers: []*ateletpb.Container{{Name: "app"}}, + EgressPolicy: &ateletpb.EgressPolicy{ + DefaultAction: "Deny", + Allow: []*ateletpb.EgressPolicyRule{ + { + To: []*ateletpb.EgressPolicyDestination{ + {Host: "example.com"}, + }, + Ports: []*ateletpb.EgressPort{ + {Port: 443, Protocol: "TCP"}, + }, + }, + }, + }, + }) + + if got, want := spec.GetEgressPolicy().GetDefaultAction(), "Deny"; got != want { + t.Fatalf("default action = %q, want %q", got, want) + } + if got, want := spec.GetEgressPolicy().GetAllow()[0].GetTo()[0].GetHost(), "example.com"; got != want { + t.Fatalf("host = %q, want %q", got, want) + } + if got, want := spec.GetEgressPolicy().GetAllow()[0].GetPorts()[0].GetPort(), uint32(443); got != want { + t.Fatalf("port = %d, want %d", got, want) + } +} diff --git a/cmd/ateom-gvisor/main.go b/cmd/ateom-gvisor/main.go index e71e4a50..1f9fa894 100644 --- a/cmd/ateom-gvisor/main.go +++ b/cmd/ateom-gvisor/main.go @@ -184,7 +184,7 @@ func (s *AteomService) RunWorkload(ctx context.Context, req *ateompb.RunWorkload // * Correct runsc version is downloaded and placed on disk. // * All OCI bundles are set up, including for "pause" container. - if err := s.setupActorNetwork(ctx); err != nil { + if err := s.setupActorNetwork(ctx, req.GetSpec().GetEgressPolicy()); err != nil { return nil, fmt.Errorf("while setting up actor network: %w", err) } defer func() { @@ -304,7 +304,7 @@ func (s *AteomService) RestoreWorkload(ctx context.Context, req *ateompb.Restore // * All OCI bundles are set up, including for "pause" container. // * Checkpoint downloaded and placed on disk - if err := s.setupActorNetwork(ctx); err != nil { + if err := s.setupActorNetwork(ctx, req.GetSpec().GetEgressPolicy()); err != nil { return nil, fmt.Errorf("while setting up actor network: %w", err) } defer func() { @@ -353,7 +353,7 @@ func (s *AteomService) RestoreWorkload(ctx context.Context, req *ateompb.Restore return &ateompb.RestoreWorkloadResponse{}, nil } -func (s *AteomService) setupActorNetwork(ctx context.Context) (retErr error) { +func (s *AteomService) setupActorNetwork(ctx context.Context, egressPolicy *ateompb.EgressPolicy) (retErr error) { // Build a fresh point-to-point network between the worker pod netns and the // gVisor interior netns. The worker side keeps the pod's real eth0, creates // ateom0 as the gateway, and moves only the veth peer into the actor netns. @@ -425,7 +425,7 @@ func (s *AteomService) setupActorNetwork(ctx context.Context) (retErr error) { if err := enableIPv4Forwarding(); err != nil { return err } - if err := installActorNftablesRules(podIP); err != nil { + if err := installActorNftablesRules(ctx, podIP, egressPolicy); err != nil { return err } @@ -581,7 +581,7 @@ func enableIPv4Forwarding() error { return nil } -func installActorNftablesRules(podIP net.IP) error { +func installActorNftablesRules(ctx context.Context, podIP net.IP, egressPolicy *ateompb.EgressPolicy) error { // Install a dedicated nftables table for the active actor. Keeping all // rules in an ateom-owned table makes cleanup simple and avoids mutating // Kubernetes or CNI-managed chains directly. @@ -655,22 +655,31 @@ func installActorNftablesRules(podIP net.IP) error { Exprs: append(ipSourceEqual(actorVethIP), &expr.Masq{}), }) - acceptPolicy := nftables.ChainPolicyAccept + forwardPolicy := nftables.ChainPolicyAccept + if egressPolicy.GetDefaultAction() == "Deny" { + forwardPolicy = nftables.ChainPolicyDrop + } forward := c.AddChain(&nftables.Chain{ Name: "forward", Table: table, Type: nftables.ChainTypeFilter, Hooknum: nftables.ChainHookForward, Priority: nftables.ChainPriorityFilter, - Policy: &acceptPolicy, - }) - c.AddRule(&nftables.Rule{ - Table: table, - Chain: forward, - Exprs: []expr.Any{ - &expr.Verdict{Kind: expr.VerdictAccept}, - }, + Policy: &forwardPolicy, }) + addBaseForwardRules(c, table, forward) + if err := addEgressPolicyRules(ctx, c, table, forward, egressPolicy); err != nil { + return err + } + if egressPolicy.GetDefaultAction() != "Deny" { + c.AddRule(&nftables.Rule{ + Table: table, + Chain: forward, + Exprs: []expr.Any{ + &expr.Verdict{Kind: expr.VerdictAccept}, + }, + }) + } if err := c.Flush(); err != nil { return fmt.Errorf("while installing actor nftables rules: %w", err) @@ -700,6 +709,121 @@ func removeActorNftablesRules() error { return nil } +func addBaseForwardRules(c *nftables.Conn, table *nftables.Table, forward *nftables.Chain) { + c.AddRule(&nftables.Rule{ + Table: table, + Chain: forward, + Exprs: append(establishedOrRelated(), &expr.Verdict{Kind: expr.VerdictAccept}), + }) + + inboundExprs := append(ipDestinationEqual(actorVethIP), tcpDestinationPortEqual(80)...) + inboundExprs = append(inboundExprs, &expr.Verdict{Kind: expr.VerdictAccept}) + c.AddRule(&nftables.Rule{ + Table: table, + Chain: forward, + Exprs: inboundExprs, + }) +} + +func addEgressPolicyRules(ctx context.Context, c *nftables.Conn, table *nftables.Table, forward *nftables.Chain, policy *ateompb.EgressPolicy) error { + if policy == nil { + return nil + } + + for _, rule := range policy.GetDeny() { + if err := addEgressPolicyRule(ctx, c, table, forward, rule, expr.VerdictDrop); err != nil { + return err + } + } + for _, rule := range policy.GetAllow() { + if err := addEgressPolicyRule(ctx, c, table, forward, rule, expr.VerdictAccept); err != nil { + return err + } + } + return nil +} + +func addEgressPolicyRule(ctx context.Context, c *nftables.Conn, table *nftables.Table, forward *nftables.Chain, rule *ateompb.EgressPolicyRule, verdict expr.VerdictKind) error { + destinations, err := resolveEgressDestinations(ctx, rule.GetTo()) + if err != nil { + return err + } + ports := rule.GetPorts() + if len(ports) == 0 { + ports = []*ateompb.EgressPort{{Protocol: "TCP"}} + } + + for _, dst := range destinations { + for _, port := range ports { + exprs := append(ipSourceEqual(actorVethIP), dst...) + if port.GetPort() != 0 { + exprs = append(exprs, destinationPortEqual(port.GetProtocol(), uint16(port.GetPort()))...) + } + exprs = append(exprs, &expr.Verdict{Kind: verdict}) + c.AddRule(&nftables.Rule{ + Table: table, + Chain: forward, + Exprs: exprs, + }) + } + } + return nil +} + +func resolveEgressDestinations(ctx context.Context, destinations []*ateompb.EgressPolicyDestination) ([][]expr.Any, error) { + if len(destinations) == 0 { + return [][]expr.Any{{}}, nil + } + + var out [][]expr.Any + for _, dest := range destinations { + if dest.GetCidr() != "" { + exprs, err := ipDestinationCIDREqual(dest.GetCidr()) + if err != nil { + return nil, err + } + out = append(out, exprs) + } + if dest.GetHost() == "" { + continue + } + ips, err := net.DefaultResolver.LookupIPAddr(ctx, dest.GetHost()) + if err != nil { + return nil, fmt.Errorf("while resolving egress policy host %q: %w", dest.GetHost(), err) + } + for _, ipAddr := range ips { + ip := ipAddr.IP.To4() + if ip == nil { + continue + } + slog.InfoContext(ctx, "Resolved egress policy host", slog.String("host", dest.GetHost()), slog.String("ip", ip.String())) + out = append(out, ipDestinationEqual(ip.String())) + } + } + if len(out) == 0 { + return nil, fmt.Errorf("egress policy rule has no IPv4 destinations") + } + return out, nil +} + +func establishedOrRelated() []expr.Any { + return []expr.Any{ + &expr.Ct{Register: 1, Key: expr.CtKeySTATE}, + &expr.Bitwise{ + SourceRegister: 1, + DestRegister: 1, + Len: 4, + Mask: binaryutil.NativeEndian.PutUint32(expr.CtStateBitESTABLISHED | expr.CtStateBitRELATED), + Xor: binaryutil.NativeEndian.PutUint32(0), + }, + &expr.Cmp{ + Op: expr.CmpOpNeq, + Register: 1, + Data: binaryutil.NativeEndian.PutUint32(0), + }, + } +} + func ipSourceEqual(ip string) []expr.Any { return ipPayloadEqual(12, ip) } @@ -708,6 +832,38 @@ func ipDestinationEqual(ip string) []expr.Any { return ipPayloadEqual(16, ip) } +func ipDestinationCIDREqual(cidr string) ([]expr.Any, error) { + ip, ipNet, err := net.ParseCIDR(cidr) + if err != nil { + return nil, fmt.Errorf("invalid egress policy CIDR %q: %w", cidr, err) + } + ip = ip.To4() + if ip == nil { + return nil, fmt.Errorf("egress policy CIDR %q is not IPv4", cidr) + } + mask := ipNet.Mask + return []expr.Any{ + &expr.Payload{ + DestRegister: 1, + Base: expr.PayloadBaseNetworkHeader, + Offset: 16, + Len: 4, + }, + &expr.Bitwise{ + SourceRegister: 1, + DestRegister: 1, + Len: 4, + Mask: []byte(mask), + Xor: []byte{0, 0, 0, 0}, + }, + &expr.Cmp{ + Op: expr.CmpOpEq, + Register: 1, + Data: ip.Mask(mask), + }, + }, nil +} + func ipPayloadEqual(offset uint32, ip string) []expr.Any { return []expr.Any{ &expr.Payload{ @@ -725,12 +881,20 @@ func ipPayloadEqual(offset uint32, ip string) []expr.Any { } func tcpDestinationPortEqual(port uint16) []expr.Any { + return destinationPortEqual("TCP", port) +} + +func destinationPortEqual(protocol string, port uint16) []expr.Any { + proto := byte(unix.IPPROTO_TCP) + if protocol == "UDP" { + proto = unix.IPPROTO_UDP + } return []expr.Any{ &expr.Meta{Key: expr.MetaKeyL4PROTO, Register: 1}, &expr.Cmp{ Op: expr.CmpOpEq, Register: 1, - Data: []byte{unix.IPPROTO_TCP}, + Data: []byte{proto}, }, &expr.Payload{ DestRegister: 1, diff --git a/demos/counter/counter.go b/demos/counter/counter.go index 295965f7..874429e2 100644 --- a/demos/counter/counter.go +++ b/demos/counter/counter.go @@ -50,6 +50,43 @@ func main() { w.WriteHeader(http.StatusOK) w.Write([]byte(response)) }) + defaultMux.HandleFunc("/egress", func(w http.ResponseWriter, r *http.Request) { + ctx := r.Context() + targetURL := r.URL.Query().Get("url") + if targetURL == "" { + targetURL = "http://example.com/" + } + + req, err := http.NewRequestWithContext(ctx, http.MethodGet, targetURL, nil) + if err != nil { + http.Error(w, err.Error(), http.StatusBadRequest) + return + } + + client := &http.Client{} + + resp, err := client.Do(req) + if err != nil { + slog.ErrorContext(ctx, "Egress request failed", + slog.String("url", targetURL), + slog.Any("err", err)) + http.Error(w, err.Error(), http.StatusBadGateway) + return + } + defer resp.Body.Close() + + body, err := io.ReadAll(io.LimitReader(resp.Body, 512)) + if err != nil { + http.Error(w, err.Error(), http.StatusBadGateway) + return + } + + slog.InfoContext(ctx, "Egress request completed", + slog.String("url", targetURL), + slog.Int("status", resp.StatusCode)) + w.WriteHeader(http.StatusOK) + fmt.Fprintf(w, "egress url: %s\nstatus: %d\nbody_prefix:\n%s\n", targetURL, resp.StatusCode, string(body)) + }) go func() { //time.Sleep(60 * time.Second) diff --git a/demos/counter/counter.yaml.tmpl b/demos/counter/counter.yaml.tmpl index b1316505..eebc000c 100644 --- a/demos/counter/counter.yaml.tmpl +++ b/demos/counter/counter.yaml.tmpl @@ -53,3 +53,25 @@ spec: name: counter snapshotsConfig: location: gs://${BUCKET_NAME}/ate-demo-counter/ + egressPolicy: + defaultAction: Deny + allow: + - name: kube-dns + to: + - ipBlock: + cidr: 10.96.0.10/32 + ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + - name: example + to: + - host: example.com + ports: + - port: 80 + protocol: TCP + - port: 443 + protocol: TCP + audit: + logs: true diff --git a/internal/proto/ateletpb/atelet.pb.go b/internal/proto/ateletpb/atelet.pb.go index 404aa0df..725c3ee7 100644 --- a/internal/proto/ateletpb/atelet.pb.go +++ b/internal/proto/ateletpb/atelet.pb.go @@ -336,6 +336,7 @@ type WorkloadSpec struct { state protoimpl.MessageState `protogen:"open.v1"` Containers []*Container `protobuf:"bytes,1,rep,name=containers,proto3" json:"containers,omitempty"` PauseImage string `protobuf:"bytes,2,opt,name=pause_image,json=pauseImage,proto3" json:"pause_image,omitempty"` + EgressPolicy *EgressPolicy `protobuf:"bytes,3,opt,name=egress_policy,json=egressPolicy,proto3" json:"egress_policy,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -384,6 +385,13 @@ func (x *WorkloadSpec) GetPauseImage() string { return "" } +func (x *WorkloadSpec) GetEgressPolicy() *EgressPolicy { + if x != nil { + return x.EgressPolicy + } + return nil +} + type Container struct { state protoimpl.MessageState `protogen:"open.v1"` Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` @@ -504,6 +512,222 @@ func (x *EnvEntry) GetValue() string { return "" } +type EgressPolicy struct { + state protoimpl.MessageState `protogen:"open.v1"` + DefaultAction string `protobuf:"bytes,1,opt,name=default_action,json=defaultAction,proto3" json:"default_action,omitempty"` + Allow []*EgressPolicyRule `protobuf:"bytes,2,rep,name=allow,proto3" json:"allow,omitempty"` + Deny []*EgressPolicyRule `protobuf:"bytes,3,rep,name=deny,proto3" json:"deny,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressPolicy) Reset() { + *x = EgressPolicy{} + mi := &file_atelet_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressPolicy) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressPolicy) ProtoMessage() {} + +func (x *EgressPolicy) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[8] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressPolicy.ProtoReflect.Descriptor instead. +func (*EgressPolicy) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{8} +} + +func (x *EgressPolicy) GetDefaultAction() string { + if x != nil { + return x.DefaultAction + } + return "" +} + +func (x *EgressPolicy) GetAllow() []*EgressPolicyRule { + if x != nil { + return x.Allow + } + return nil +} + +func (x *EgressPolicy) GetDeny() []*EgressPolicyRule { + if x != nil { + return x.Deny + } + return nil +} + +type EgressPolicyRule struct { + state protoimpl.MessageState `protogen:"open.v1"` + To []*EgressPolicyDestination `protobuf:"bytes,1,rep,name=to,proto3" json:"to,omitempty"` + Ports []*EgressPort `protobuf:"bytes,2,rep,name=ports,proto3" json:"ports,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressPolicyRule) Reset() { + *x = EgressPolicyRule{} + mi := &file_atelet_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressPolicyRule) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressPolicyRule) ProtoMessage() {} + +func (x *EgressPolicyRule) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[9] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressPolicyRule.ProtoReflect.Descriptor instead. +func (*EgressPolicyRule) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{9} +} + +func (x *EgressPolicyRule) GetTo() []*EgressPolicyDestination { + if x != nil { + return x.To + } + return nil +} + +func (x *EgressPolicyRule) GetPorts() []*EgressPort { + if x != nil { + return x.Ports + } + return nil +} + +type EgressPolicyDestination struct { + state protoimpl.MessageState `protogen:"open.v1"` + Host string `protobuf:"bytes,1,opt,name=host,proto3" json:"host,omitempty"` + Cidr string `protobuf:"bytes,2,opt,name=cidr,proto3" json:"cidr,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressPolicyDestination) Reset() { + *x = EgressPolicyDestination{} + mi := &file_atelet_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressPolicyDestination) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressPolicyDestination) ProtoMessage() {} + +func (x *EgressPolicyDestination) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[10] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressPolicyDestination.ProtoReflect.Descriptor instead. +func (*EgressPolicyDestination) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{10} +} + +func (x *EgressPolicyDestination) GetHost() string { + if x != nil { + return x.Host + } + return "" +} + +func (x *EgressPolicyDestination) GetCidr() string { + if x != nil { + return x.Cidr + } + return "" +} + +type EgressPort struct { + state protoimpl.MessageState `protogen:"open.v1"` + Port uint32 `protobuf:"varint,1,opt,name=port,proto3" json:"port,omitempty"` + Protocol string `protobuf:"bytes,2,opt,name=protocol,proto3" json:"protocol,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressPort) Reset() { + *x = EgressPort{} + mi := &file_atelet_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressPort) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressPort) ProtoMessage() {} + +func (x *EgressPort) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[11] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressPort.ProtoReflect.Descriptor instead. +func (*EgressPort) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{11} +} + +func (x *EgressPort) GetPort() uint32 { + if x != nil { + return x.Port + } + return 0 +} + +func (x *EgressPort) GetProtocol() string { + if x != nil { + return x.Protocol + } + return "" +} + type RunResponse struct { state protoimpl.MessageState `protogen:"open.v1"` unknownFields protoimpl.UnknownFields @@ -512,7 +736,7 @@ type RunResponse struct { func (x *RunResponse) Reset() { *x = RunResponse{} - mi := &file_atelet_proto_msgTypes[8] + mi := &file_atelet_proto_msgTypes[12] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -524,7 +748,7 @@ func (x *RunResponse) String() string { func (*RunResponse) ProtoMessage() {} func (x *RunResponse) ProtoReflect() protoreflect.Message { - mi := &file_atelet_proto_msgTypes[8] + mi := &file_atelet_proto_msgTypes[12] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -537,7 +761,7 @@ func (x *RunResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RunResponse.ProtoReflect.Descriptor instead. func (*RunResponse) Descriptor() ([]byte, []int) { - return file_atelet_proto_rawDescGZIP(), []int{8} + return file_atelet_proto_rawDescGZIP(), []int{12} } type CheckpointRequest struct { @@ -566,7 +790,7 @@ type CheckpointRequest struct { func (x *CheckpointRequest) Reset() { *x = CheckpointRequest{} - mi := &file_atelet_proto_msgTypes[9] + mi := &file_atelet_proto_msgTypes[13] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -578,7 +802,7 @@ func (x *CheckpointRequest) String() string { func (*CheckpointRequest) ProtoMessage() {} func (x *CheckpointRequest) ProtoReflect() protoreflect.Message { - mi := &file_atelet_proto_msgTypes[9] + mi := &file_atelet_proto_msgTypes[13] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -591,7 +815,7 @@ func (x *CheckpointRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use CheckpointRequest.ProtoReflect.Descriptor instead. func (*CheckpointRequest) Descriptor() ([]byte, []int) { - return file_atelet_proto_rawDescGZIP(), []int{9} + return file_atelet_proto_rawDescGZIP(), []int{13} } func (x *CheckpointRequest) GetTargetAteomNamespace() string { @@ -658,7 +882,7 @@ type CheckpointResponse struct { func (x *CheckpointResponse) Reset() { *x = CheckpointResponse{} - mi := &file_atelet_proto_msgTypes[10] + mi := &file_atelet_proto_msgTypes[14] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -670,7 +894,7 @@ func (x *CheckpointResponse) String() string { func (*CheckpointResponse) ProtoMessage() {} func (x *CheckpointResponse) ProtoReflect() protoreflect.Message { - mi := &file_atelet_proto_msgTypes[10] + mi := &file_atelet_proto_msgTypes[14] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -683,7 +907,7 @@ func (x *CheckpointResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use CheckpointResponse.ProtoReflect.Descriptor instead. func (*CheckpointResponse) Descriptor() ([]byte, []int) { - return file_atelet_proto_rawDescGZIP(), []int{10} + return file_atelet_proto_rawDescGZIP(), []int{14} } type RestoreRequest struct { @@ -703,7 +927,7 @@ type RestoreRequest struct { func (x *RestoreRequest) Reset() { *x = RestoreRequest{} - mi := &file_atelet_proto_msgTypes[11] + mi := &file_atelet_proto_msgTypes[15] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -715,7 +939,7 @@ func (x *RestoreRequest) String() string { func (*RestoreRequest) ProtoMessage() {} func (x *RestoreRequest) ProtoReflect() protoreflect.Message { - mi := &file_atelet_proto_msgTypes[11] + mi := &file_atelet_proto_msgTypes[15] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -728,7 +952,7 @@ func (x *RestoreRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use RestoreRequest.ProtoReflect.Descriptor instead. func (*RestoreRequest) Descriptor() ([]byte, []int) { - return file_atelet_proto_rawDescGZIP(), []int{11} + return file_atelet_proto_rawDescGZIP(), []int{15} } func (x *RestoreRequest) GetTargetAteomNamespace() string { @@ -795,7 +1019,7 @@ type RestoreResponse struct { func (x *RestoreResponse) Reset() { *x = RestoreResponse{} - mi := &file_atelet_proto_msgTypes[12] + mi := &file_atelet_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -807,7 +1031,7 @@ func (x *RestoreResponse) String() string { func (*RestoreResponse) ProtoMessage() {} func (x *RestoreResponse) ProtoReflect() protoreflect.Message { - mi := &file_atelet_proto_msgTypes[12] + mi := &file_atelet_proto_msgTypes[16] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -820,7 +1044,7 @@ func (x *RestoreResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RestoreResponse.ProtoReflect.Descriptor instead. func (*RestoreResponse) Descriptor() ([]byte, []int) { - return file_atelet_proto_rawDescGZIP(), []int{12} + return file_atelet_proto_rawDescGZIP(), []int{16} } var File_atelet_proto protoreflect.FileDescriptor @@ -848,13 +1072,14 @@ const file_atelet_proto_rawDesc = "" + "\vRunscConfig\x121\n" + "\x05amd64\x18\x01 \x01(\v2\x1b.atelet.RunscPlatformConfigR\x05amd64\x121\n" + "\x05arm64\x18\x02 \x01(\v2\x1b.atelet.RunscPlatformConfigR\x05arm64\x12D\n" + - "\x0eauthentication\x18\x03 \x01(\v2\x1c.atelet.AuthenticationConfigR\x0eauthentication\"b\n" + + "\x0eauthentication\x18\x03 \x01(\v2\x1c.atelet.AuthenticationConfigR\x0eauthentication\"\x9d\x01\n" + "\fWorkloadSpec\x121\n" + "\n" + "containers\x18\x01 \x03(\v2\x11.atelet.ContainerR\n" + "containers\x12\x1f\n" + "\vpause_image\x18\x02 \x01(\tR\n" + - "pauseImage\"s\n" + + "pauseImage\x129\n" + + "\regress_policy\x18\x03 \x01(\v2\x14.atelet.EgressPolicyR\fegressPolicy\"s\n" + "\tContainer\x12\x12\n" + "\x04name\x18\x01 \x01(\tR\x04name\x12\x14\n" + "\x05image\x18\x02 \x01(\tR\x05image\x12\x18\n" + @@ -862,7 +1087,21 @@ const file_atelet_proto_rawDesc = "" + "\x03env\x18\x04 \x03(\v2\x10.atelet.EnvEntryR\x03env\"4\n" + "\bEnvEntry\x12\x12\n" + "\x04name\x18\x01 \x01(\tR\x04name\x12\x14\n" + - "\x05value\x18\x02 \x01(\tR\x05value\"\r\n" + + "\x05value\x18\x02 \x01(\tR\x05value\"\x93\x01\n" + + "\fEgressPolicy\x12%\n" + + "\x0edefault_action\x18\x01 \x01(\tR\rdefaultAction\x12.\n" + + "\x05allow\x18\x02 \x03(\v2\x18.atelet.EgressPolicyRuleR\x05allow\x12,\n" + + "\x04deny\x18\x03 \x03(\v2\x18.atelet.EgressPolicyRuleR\x04deny\"m\n" + + "\x10EgressPolicyRule\x12/\n" + + "\x02to\x18\x01 \x03(\v2\x1f.atelet.EgressPolicyDestinationR\x02to\x12(\n" + + "\x05ports\x18\x02 \x03(\v2\x12.atelet.EgressPortR\x05ports\"A\n" + + "\x17EgressPolicyDestination\x12\x12\n" + + "\x04host\x18\x01 \x01(\tR\x04host\x12\x12\n" + + "\x04cidr\x18\x02 \x01(\tR\x04cidr\"<\n" + + "\n" + + "EgressPort\x12\x12\n" + + "\x04port\x18\x01 \x01(\rR\x04port\x12\x1a\n" + + "\bprotocol\x18\x02 \x01(\tR\bprotocol\"\r\n" + "\vRunResponse\"\xff\x02\n" + "\x11CheckpointRequest\x124\n" + "\x16target_ateom_namespace\x18\x01 \x01(\tR\x14targetAteomNamespace\x12*\n" + @@ -902,7 +1141,7 @@ func file_atelet_proto_rawDescGZIP() []byte { return file_atelet_proto_rawDescData } -var file_atelet_proto_msgTypes = make([]protoimpl.MessageInfo, 13) +var file_atelet_proto_msgTypes = make([]protoimpl.MessageInfo, 17) var file_atelet_proto_goTypes = []any{ (*RunRequest)(nil), // 0: atelet.RunRequest (*GCPAuthenticationConfig)(nil), // 1: atelet.GCPAuthenticationConfig @@ -912,11 +1151,15 @@ var file_atelet_proto_goTypes = []any{ (*WorkloadSpec)(nil), // 5: atelet.WorkloadSpec (*Container)(nil), // 6: atelet.Container (*EnvEntry)(nil), // 7: atelet.EnvEntry - (*RunResponse)(nil), // 8: atelet.RunResponse - (*CheckpointRequest)(nil), // 9: atelet.CheckpointRequest - (*CheckpointResponse)(nil), // 10: atelet.CheckpointResponse - (*RestoreRequest)(nil), // 11: atelet.RestoreRequest - (*RestoreResponse)(nil), // 12: atelet.RestoreResponse + (*EgressPolicy)(nil), // 8: atelet.EgressPolicy + (*EgressPolicyRule)(nil), // 9: atelet.EgressPolicyRule + (*EgressPolicyDestination)(nil), // 10: atelet.EgressPolicyDestination + (*EgressPort)(nil), // 11: atelet.EgressPort + (*RunResponse)(nil), // 12: atelet.RunResponse + (*CheckpointRequest)(nil), // 13: atelet.CheckpointRequest + (*CheckpointResponse)(nil), // 14: atelet.CheckpointResponse + (*RestoreRequest)(nil), // 15: atelet.RestoreRequest + (*RestoreResponse)(nil), // 16: atelet.RestoreResponse } var file_atelet_proto_depIdxs = []int32{ 4, // 0: atelet.RunRequest.runsc:type_name -> atelet.RunscConfig @@ -926,22 +1169,27 @@ var file_atelet_proto_depIdxs = []int32{ 3, // 4: atelet.RunscConfig.arm64:type_name -> atelet.RunscPlatformConfig 2, // 5: atelet.RunscConfig.authentication:type_name -> atelet.AuthenticationConfig 6, // 6: atelet.WorkloadSpec.containers:type_name -> atelet.Container - 7, // 7: atelet.Container.env:type_name -> atelet.EnvEntry - 4, // 8: atelet.CheckpointRequest.runsc:type_name -> atelet.RunscConfig - 5, // 9: atelet.CheckpointRequest.spec:type_name -> atelet.WorkloadSpec - 4, // 10: atelet.RestoreRequest.runsc:type_name -> atelet.RunscConfig - 5, // 11: atelet.RestoreRequest.spec:type_name -> atelet.WorkloadSpec - 0, // 12: atelet.AteomHerder.Run:input_type -> atelet.RunRequest - 9, // 13: atelet.AteomHerder.Checkpoint:input_type -> atelet.CheckpointRequest - 11, // 14: atelet.AteomHerder.Restore:input_type -> atelet.RestoreRequest - 8, // 15: atelet.AteomHerder.Run:output_type -> atelet.RunResponse - 10, // 16: atelet.AteomHerder.Checkpoint:output_type -> atelet.CheckpointResponse - 12, // 17: atelet.AteomHerder.Restore:output_type -> atelet.RestoreResponse - 15, // [15:18] is the sub-list for method output_type - 12, // [12:15] is the sub-list for method input_type - 12, // [12:12] is the sub-list for extension type_name - 12, // [12:12] is the sub-list for extension extendee - 0, // [0:12] is the sub-list for field type_name + 8, // 7: atelet.WorkloadSpec.egress_policy:type_name -> atelet.EgressPolicy + 7, // 8: atelet.Container.env:type_name -> atelet.EnvEntry + 9, // 9: atelet.EgressPolicy.allow:type_name -> atelet.EgressPolicyRule + 9, // 10: atelet.EgressPolicy.deny:type_name -> atelet.EgressPolicyRule + 10, // 11: atelet.EgressPolicyRule.to:type_name -> atelet.EgressPolicyDestination + 11, // 12: atelet.EgressPolicyRule.ports:type_name -> atelet.EgressPort + 4, // 13: atelet.CheckpointRequest.runsc:type_name -> atelet.RunscConfig + 5, // 14: atelet.CheckpointRequest.spec:type_name -> atelet.WorkloadSpec + 4, // 15: atelet.RestoreRequest.runsc:type_name -> atelet.RunscConfig + 5, // 16: atelet.RestoreRequest.spec:type_name -> atelet.WorkloadSpec + 0, // 17: atelet.AteomHerder.Run:input_type -> atelet.RunRequest + 13, // 18: atelet.AteomHerder.Checkpoint:input_type -> atelet.CheckpointRequest + 15, // 19: atelet.AteomHerder.Restore:input_type -> atelet.RestoreRequest + 12, // 20: atelet.AteomHerder.Run:output_type -> atelet.RunResponse + 14, // 21: atelet.AteomHerder.Checkpoint:output_type -> atelet.CheckpointResponse + 16, // 22: atelet.AteomHerder.Restore:output_type -> atelet.RestoreResponse + 20, // [20:23] is the sub-list for method output_type + 17, // [17:20] is the sub-list for method input_type + 17, // [17:17] is the sub-list for extension type_name + 17, // [17:17] is the sub-list for extension extendee + 0, // [0:17] is the sub-list for field type_name } func init() { file_atelet_proto_init() } @@ -955,7 +1203,7 @@ func file_atelet_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_atelet_proto_rawDesc), len(file_atelet_proto_rawDesc)), NumEnums: 0, - NumMessages: 13, + NumMessages: 17, NumExtensions: 0, NumServices: 1, }, diff --git a/internal/proto/ateletpb/atelet.proto b/internal/proto/ateletpb/atelet.proto index 8a356dbf..f6b38b6a 100644 --- a/internal/proto/ateletpb/atelet.proto +++ b/internal/proto/ateletpb/atelet.proto @@ -72,8 +72,9 @@ message RunscConfig { // WorkloadSpec parallels Pod, but with far fewer configurable fields. message WorkloadSpec { - repeated Container containers = 1; - string pause_image = 2; + repeated Container containers = 1; + string pause_image = 2; + EgressPolicy egress_policy = 3; } message Container { @@ -88,6 +89,27 @@ message EnvEntry { string value = 2; } +message EgressPolicy { + string default_action = 1; + repeated EgressPolicyRule allow = 2; + repeated EgressPolicyRule deny = 3; +} + +message EgressPolicyRule { + repeated EgressPolicyDestination to = 1; + repeated EgressPort ports = 2; +} + +message EgressPolicyDestination { + string host = 1; + string cidr = 2; +} + +message EgressPort { + uint32 port = 1; + string protocol = 2; +} + message RunResponse { } diff --git a/internal/proto/ateompb/ateom.pb.go b/internal/proto/ateompb/ateom.pb.go index 2faced0c..1e683a98 100644 --- a/internal/proto/ateompb/ateom.pb.go +++ b/internal/proto/ateompb/ateom.pb.go @@ -115,6 +115,7 @@ func (x *RunWorkloadRequest) GetSpec() *WorkloadSpec { type WorkloadSpec struct { state protoimpl.MessageState `protogen:"open.v1"` Containers []*Container `protobuf:"bytes,1,rep,name=containers,proto3" json:"containers,omitempty"` + EgressPolicy *EgressPolicy `protobuf:"bytes,2,opt,name=egress_policy,json=egressPolicy,proto3" json:"egress_policy,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -156,6 +157,13 @@ func (x *WorkloadSpec) GetContainers() []*Container { return nil } +func (x *WorkloadSpec) GetEgressPolicy() *EgressPolicy { + if x != nil { + return x.EgressPolicy + } + return nil +} + type Container struct { state protoimpl.MessageState `protogen:"open.v1"` Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` @@ -200,6 +208,222 @@ func (x *Container) GetName() string { return "" } +type EgressPolicy struct { + state protoimpl.MessageState `protogen:"open.v1"` + DefaultAction string `protobuf:"bytes,1,opt,name=default_action,json=defaultAction,proto3" json:"default_action,omitempty"` + Allow []*EgressPolicyRule `protobuf:"bytes,2,rep,name=allow,proto3" json:"allow,omitempty"` + Deny []*EgressPolicyRule `protobuf:"bytes,3,rep,name=deny,proto3" json:"deny,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressPolicy) Reset() { + *x = EgressPolicy{} + mi := &file_ateom_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressPolicy) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressPolicy) ProtoMessage() {} + +func (x *EgressPolicy) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[3] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressPolicy.ProtoReflect.Descriptor instead. +func (*EgressPolicy) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{3} +} + +func (x *EgressPolicy) GetDefaultAction() string { + if x != nil { + return x.DefaultAction + } + return "" +} + +func (x *EgressPolicy) GetAllow() []*EgressPolicyRule { + if x != nil { + return x.Allow + } + return nil +} + +func (x *EgressPolicy) GetDeny() []*EgressPolicyRule { + if x != nil { + return x.Deny + } + return nil +} + +type EgressPolicyRule struct { + state protoimpl.MessageState `protogen:"open.v1"` + To []*EgressPolicyDestination `protobuf:"bytes,1,rep,name=to,proto3" json:"to,omitempty"` + Ports []*EgressPort `protobuf:"bytes,2,rep,name=ports,proto3" json:"ports,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressPolicyRule) Reset() { + *x = EgressPolicyRule{} + mi := &file_ateom_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressPolicyRule) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressPolicyRule) ProtoMessage() {} + +func (x *EgressPolicyRule) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[4] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressPolicyRule.ProtoReflect.Descriptor instead. +func (*EgressPolicyRule) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{4} +} + +func (x *EgressPolicyRule) GetTo() []*EgressPolicyDestination { + if x != nil { + return x.To + } + return nil +} + +func (x *EgressPolicyRule) GetPorts() []*EgressPort { + if x != nil { + return x.Ports + } + return nil +} + +type EgressPolicyDestination struct { + state protoimpl.MessageState `protogen:"open.v1"` + Host string `protobuf:"bytes,1,opt,name=host,proto3" json:"host,omitempty"` + Cidr string `protobuf:"bytes,2,opt,name=cidr,proto3" json:"cidr,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressPolicyDestination) Reset() { + *x = EgressPolicyDestination{} + mi := &file_ateom_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressPolicyDestination) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressPolicyDestination) ProtoMessage() {} + +func (x *EgressPolicyDestination) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[5] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressPolicyDestination.ProtoReflect.Descriptor instead. +func (*EgressPolicyDestination) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{5} +} + +func (x *EgressPolicyDestination) GetHost() string { + if x != nil { + return x.Host + } + return "" +} + +func (x *EgressPolicyDestination) GetCidr() string { + if x != nil { + return x.Cidr + } + return "" +} + +type EgressPort struct { + state protoimpl.MessageState `protogen:"open.v1"` + Port uint32 `protobuf:"varint,1,opt,name=port,proto3" json:"port,omitempty"` + Protocol string `protobuf:"bytes,2,opt,name=protocol,proto3" json:"protocol,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressPort) Reset() { + *x = EgressPort{} + mi := &file_ateom_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressPort) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressPort) ProtoMessage() {} + +func (x *EgressPort) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[6] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressPort.ProtoReflect.Descriptor instead. +func (*EgressPort) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{6} +} + +func (x *EgressPort) GetPort() uint32 { + if x != nil { + return x.Port + } + return 0 +} + +func (x *EgressPort) GetProtocol() string { + if x != nil { + return x.Protocol + } + return "" +} + type RunWorkloadResponse struct { state protoimpl.MessageState `protogen:"open.v1"` unknownFields protoimpl.UnknownFields @@ -208,7 +432,7 @@ type RunWorkloadResponse struct { func (x *RunWorkloadResponse) Reset() { *x = RunWorkloadResponse{} - mi := &file_ateom_proto_msgTypes[3] + mi := &file_ateom_proto_msgTypes[7] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -220,7 +444,7 @@ func (x *RunWorkloadResponse) String() string { func (*RunWorkloadResponse) ProtoMessage() {} func (x *RunWorkloadResponse) ProtoReflect() protoreflect.Message { - mi := &file_ateom_proto_msgTypes[3] + mi := &file_ateom_proto_msgTypes[7] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -233,7 +457,7 @@ func (x *RunWorkloadResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RunWorkloadResponse.ProtoReflect.Descriptor instead. func (*RunWorkloadResponse) Descriptor() ([]byte, []int) { - return file_ateom_proto_rawDescGZIP(), []int{3} + return file_ateom_proto_rawDescGZIP(), []int{7} } type CheckpointWorkloadRequest struct { @@ -258,7 +482,7 @@ type CheckpointWorkloadRequest struct { func (x *CheckpointWorkloadRequest) Reset() { *x = CheckpointWorkloadRequest{} - mi := &file_ateom_proto_msgTypes[4] + mi := &file_ateom_proto_msgTypes[8] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -270,7 +494,7 @@ func (x *CheckpointWorkloadRequest) String() string { func (*CheckpointWorkloadRequest) ProtoMessage() {} func (x *CheckpointWorkloadRequest) ProtoReflect() protoreflect.Message { - mi := &file_ateom_proto_msgTypes[4] + mi := &file_ateom_proto_msgTypes[8] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -283,7 +507,7 @@ func (x *CheckpointWorkloadRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use CheckpointWorkloadRequest.ProtoReflect.Descriptor instead. func (*CheckpointWorkloadRequest) Descriptor() ([]byte, []int) { - return file_ateom_proto_rawDescGZIP(), []int{4} + return file_ateom_proto_rawDescGZIP(), []int{8} } func (x *CheckpointWorkloadRequest) GetActorTemplateNamespace() string { @@ -336,7 +560,7 @@ type CheckpointWorkloadResponse struct { func (x *CheckpointWorkloadResponse) Reset() { *x = CheckpointWorkloadResponse{} - mi := &file_ateom_proto_msgTypes[5] + mi := &file_ateom_proto_msgTypes[9] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -348,7 +572,7 @@ func (x *CheckpointWorkloadResponse) String() string { func (*CheckpointWorkloadResponse) ProtoMessage() {} func (x *CheckpointWorkloadResponse) ProtoReflect() protoreflect.Message { - mi := &file_ateom_proto_msgTypes[5] + mi := &file_ateom_proto_msgTypes[9] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -361,7 +585,7 @@ func (x *CheckpointWorkloadResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use CheckpointWorkloadResponse.ProtoReflect.Descriptor instead. func (*CheckpointWorkloadResponse) Descriptor() ([]byte, []int) { - return file_ateom_proto_rawDescGZIP(), []int{5} + return file_ateom_proto_rawDescGZIP(), []int{9} } type RestoreWorkloadRequest struct { @@ -379,7 +603,7 @@ type RestoreWorkloadRequest struct { func (x *RestoreWorkloadRequest) Reset() { *x = RestoreWorkloadRequest{} - mi := &file_ateom_proto_msgTypes[6] + mi := &file_ateom_proto_msgTypes[10] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -391,7 +615,7 @@ func (x *RestoreWorkloadRequest) String() string { func (*RestoreWorkloadRequest) ProtoMessage() {} func (x *RestoreWorkloadRequest) ProtoReflect() protoreflect.Message { - mi := &file_ateom_proto_msgTypes[6] + mi := &file_ateom_proto_msgTypes[10] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -404,7 +628,7 @@ func (x *RestoreWorkloadRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use RestoreWorkloadRequest.ProtoReflect.Descriptor instead. func (*RestoreWorkloadRequest) Descriptor() ([]byte, []int) { - return file_ateom_proto_rawDescGZIP(), []int{6} + return file_ateom_proto_rawDescGZIP(), []int{10} } func (x *RestoreWorkloadRequest) GetActorTemplateNamespace() string { @@ -457,7 +681,7 @@ type RestoreWorkloadResponse struct { func (x *RestoreWorkloadResponse) Reset() { *x = RestoreWorkloadResponse{} - mi := &file_ateom_proto_msgTypes[7] + mi := &file_ateom_proto_msgTypes[11] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -469,7 +693,7 @@ func (x *RestoreWorkloadResponse) String() string { func (*RestoreWorkloadResponse) ProtoMessage() {} func (x *RestoreWorkloadResponse) ProtoReflect() protoreflect.Message { - mi := &file_ateom_proto_msgTypes[7] + mi := &file_ateom_proto_msgTypes[11] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -482,7 +706,7 @@ func (x *RestoreWorkloadResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RestoreWorkloadResponse.ProtoReflect.Descriptor instead. func (*RestoreWorkloadResponse) Descriptor() ([]byte, []int) { - return file_ateom_proto_rawDescGZIP(), []int{7} + return file_ateom_proto_rawDescGZIP(), []int{11} } var File_ateom_proto protoreflect.FileDescriptor @@ -496,13 +720,28 @@ const file_ateom_proto_rawDesc = "" + "\bactor_id\x18\x03 \x01(\tR\aactorId\x12\x1d\n" + "\n" + "runsc_path\x18\x04 \x01(\tR\trunscPath\x12'\n" + - "\x04spec\x18\x05 \x01(\v2\x13.ateom.WorkloadSpecR\x04spec\"@\n" + + "\x04spec\x18\x05 \x01(\v2\x13.ateom.WorkloadSpecR\x04spec\"z\n" + "\fWorkloadSpec\x120\n" + "\n" + "containers\x18\x01 \x03(\v2\x10.ateom.ContainerR\n" + - "containers\"\x1f\n" + + "containers\x128\n" + + "\regress_policy\x18\x02 \x01(\v2\x13.ateom.EgressPolicyR\fegressPolicy\"\x1f\n" + "\tContainer\x12\x12\n" + - "\x04name\x18\x01 \x01(\tR\x04name\"\x15\n" + + "\x04name\x18\x01 \x01(\tR\x04name\"\x91\x01\n" + + "\fEgressPolicy\x12%\n" + + "\x0edefault_action\x18\x01 \x01(\tR\rdefaultAction\x12-\n" + + "\x05allow\x18\x02 \x03(\v2\x17.ateom.EgressPolicyRuleR\x05allow\x12+\n" + + "\x04deny\x18\x03 \x03(\v2\x17.ateom.EgressPolicyRuleR\x04deny\"k\n" + + "\x10EgressPolicyRule\x12.\n" + + "\x02to\x18\x01 \x03(\v2\x1e.ateom.EgressPolicyDestinationR\x02to\x12'\n" + + "\x05ports\x18\x02 \x03(\v2\x11.ateom.EgressPortR\x05ports\"A\n" + + "\x17EgressPolicyDestination\x12\x12\n" + + "\x04host\x18\x01 \x01(\tR\x04host\x12\x12\n" + + "\x04cidr\x18\x02 \x01(\tR\x04cidr\"<\n" + + "\n" + + "EgressPort\x12\x12\n" + + "\x04port\x18\x01 \x01(\rR\x04port\x12\x1a\n" + + "\bprotocol\x18\x02 \x01(\tR\bprotocol\"\x15\n" + "\x13RunWorkloadResponse\"\x98\x02\n" + "\x19CheckpointWorkloadRequest\x128\n" + "\x18actor_template_namespace\x18\x01 \x01(\tR\x16actorTemplateNamespace\x12.\n" + @@ -539,33 +778,42 @@ func file_ateom_proto_rawDescGZIP() []byte { return file_ateom_proto_rawDescData } -var file_ateom_proto_msgTypes = make([]protoimpl.MessageInfo, 8) +var file_ateom_proto_msgTypes = make([]protoimpl.MessageInfo, 12) var file_ateom_proto_goTypes = []any{ (*RunWorkloadRequest)(nil), // 0: ateom.RunWorkloadRequest (*WorkloadSpec)(nil), // 1: ateom.WorkloadSpec (*Container)(nil), // 2: ateom.Container - (*RunWorkloadResponse)(nil), // 3: ateom.RunWorkloadResponse - (*CheckpointWorkloadRequest)(nil), // 4: ateom.CheckpointWorkloadRequest - (*CheckpointWorkloadResponse)(nil), // 5: ateom.CheckpointWorkloadResponse - (*RestoreWorkloadRequest)(nil), // 6: ateom.RestoreWorkloadRequest - (*RestoreWorkloadResponse)(nil), // 7: ateom.RestoreWorkloadResponse + (*EgressPolicy)(nil), // 3: ateom.EgressPolicy + (*EgressPolicyRule)(nil), // 4: ateom.EgressPolicyRule + (*EgressPolicyDestination)(nil), // 5: ateom.EgressPolicyDestination + (*EgressPort)(nil), // 6: ateom.EgressPort + (*RunWorkloadResponse)(nil), // 7: ateom.RunWorkloadResponse + (*CheckpointWorkloadRequest)(nil), // 8: ateom.CheckpointWorkloadRequest + (*CheckpointWorkloadResponse)(nil), // 9: ateom.CheckpointWorkloadResponse + (*RestoreWorkloadRequest)(nil), // 10: ateom.RestoreWorkloadRequest + (*RestoreWorkloadResponse)(nil), // 11: ateom.RestoreWorkloadResponse } var file_ateom_proto_depIdxs = []int32{ - 1, // 0: ateom.RunWorkloadRequest.spec:type_name -> ateom.WorkloadSpec - 2, // 1: ateom.WorkloadSpec.containers:type_name -> ateom.Container - 1, // 2: ateom.CheckpointWorkloadRequest.spec:type_name -> ateom.WorkloadSpec - 1, // 3: ateom.RestoreWorkloadRequest.spec:type_name -> ateom.WorkloadSpec - 0, // 4: ateom.Ateom.RunWorkload:input_type -> ateom.RunWorkloadRequest - 4, // 5: ateom.Ateom.CheckpointWorkload:input_type -> ateom.CheckpointWorkloadRequest - 6, // 6: ateom.Ateom.RestoreWorkload:input_type -> ateom.RestoreWorkloadRequest - 3, // 7: ateom.Ateom.RunWorkload:output_type -> ateom.RunWorkloadResponse - 5, // 8: ateom.Ateom.CheckpointWorkload:output_type -> ateom.CheckpointWorkloadResponse - 7, // 9: ateom.Ateom.RestoreWorkload:output_type -> ateom.RestoreWorkloadResponse - 7, // [7:10] is the sub-list for method output_type - 4, // [4:7] is the sub-list for method input_type - 4, // [4:4] is the sub-list for extension type_name - 4, // [4:4] is the sub-list for extension extendee - 0, // [0:4] is the sub-list for field type_name + 1, // 0: ateom.RunWorkloadRequest.spec:type_name -> ateom.WorkloadSpec + 2, // 1: ateom.WorkloadSpec.containers:type_name -> ateom.Container + 3, // 2: ateom.WorkloadSpec.egress_policy:type_name -> ateom.EgressPolicy + 4, // 3: ateom.EgressPolicy.allow:type_name -> ateom.EgressPolicyRule + 4, // 4: ateom.EgressPolicy.deny:type_name -> ateom.EgressPolicyRule + 5, // 5: ateom.EgressPolicyRule.to:type_name -> ateom.EgressPolicyDestination + 6, // 6: ateom.EgressPolicyRule.ports:type_name -> ateom.EgressPort + 1, // 7: ateom.CheckpointWorkloadRequest.spec:type_name -> ateom.WorkloadSpec + 1, // 8: ateom.RestoreWorkloadRequest.spec:type_name -> ateom.WorkloadSpec + 0, // 9: ateom.Ateom.RunWorkload:input_type -> ateom.RunWorkloadRequest + 8, // 10: ateom.Ateom.CheckpointWorkload:input_type -> ateom.CheckpointWorkloadRequest + 10, // 11: ateom.Ateom.RestoreWorkload:input_type -> ateom.RestoreWorkloadRequest + 7, // 12: ateom.Ateom.RunWorkload:output_type -> ateom.RunWorkloadResponse + 9, // 13: ateom.Ateom.CheckpointWorkload:output_type -> ateom.CheckpointWorkloadResponse + 11, // 14: ateom.Ateom.RestoreWorkload:output_type -> ateom.RestoreWorkloadResponse + 12, // [12:15] is the sub-list for method output_type + 9, // [9:12] is the sub-list for method input_type + 9, // [9:9] is the sub-list for extension type_name + 9, // [9:9] is the sub-list for extension extendee + 0, // [0:9] is the sub-list for field type_name } func init() { file_ateom_proto_init() } @@ -579,7 +827,7 @@ func file_ateom_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_ateom_proto_rawDesc), len(file_ateom_proto_rawDesc)), NumEnums: 0, - NumMessages: 8, + NumMessages: 12, NumExtensions: 0, NumServices: 1, }, diff --git a/internal/proto/ateompb/ateom.proto b/internal/proto/ateompb/ateom.proto index 629c4ca1..6dbdcaa8 100644 --- a/internal/proto/ateompb/ateom.proto +++ b/internal/proto/ateompb/ateom.proto @@ -59,13 +59,35 @@ message RunWorkloadRequest { // WorkloadSpec parallels Pod, but with far fewer configurable fields. message WorkloadSpec { - repeated Container containers = 1; + repeated Container containers = 1; + EgressPolicy egress_policy = 2; } message Container { string name = 1; } +message EgressPolicy { + string default_action = 1; + repeated EgressPolicyRule allow = 2; + repeated EgressPolicyRule deny = 3; +} + +message EgressPolicyRule { + repeated EgressPolicyDestination to = 1; + repeated EgressPort ports = 2; +} + +message EgressPolicyDestination { + string host = 1; + string cidr = 2; +} + +message EgressPort { + uint32 port = 1; + string protocol = 2; +} + message RunWorkloadResponse { } diff --git a/manifests/ate-install/generated/ate.dev_actortemplates.yaml b/manifests/ate-install/generated/ate.dev_actortemplates.yaml index a1ff5d3a..f8547e65 100644 --- a/manifests/ate-install/generated/ate.dev_actortemplates.yaml +++ b/manifests/ate-install/generated/ate.dev_actortemplates.yaml @@ -278,6 +278,285 @@ spec: type: object maxItems: 10 type: array + egressPolicy: + description: |- + EgressPolicy defines the default outbound network policy for actors + created from this template. + properties: + allow: + description: Allow contains destination rules actors created from + this template may reach. + items: + properties: + headers: + description: Headers defines logging and trace handling + for headers on matching traffic. + properties: + redact: + description: Redact is the list of headers that must + be redacted from egress logs and traces. + items: + type: string + type: array + type: object + name: + description: Name is an optional human-readable identifier + for this rule. + type: string + pathPrefixes: + description: PathPrefixes is the list of HTTP path prefixes + matched by this rule. + items: + type: string + type: array + paths: + description: Paths is the list of exact HTTP paths matched + by this rule. + items: + type: string + type: array + ports: + description: |- + Ports is the list of destination ports matched by this rule. + If empty, the rule applies to all destination ports. + items: + properties: + port: + description: Port is the destination port number. + format: int32 + type: integer + protocol: + description: Protocol is the transport protocol for + this port. + type: string + required: + - port + type: object + type: array + rateLimit: + description: RateLimit defines request or token rate limits + for matching traffic. + items: + properties: + dimensions: + description: |- + Dimensions selects the bucket keys used by the enforcement layer, such as + actor, template, or namespace. + items: + type: string + type: array + max: + description: Max is the maximum number of requests + or tokens allowed during Window. + format: int64 + type: integer + type: + description: Type selects request-based or LLM token-based + rate limiting. + enum: + - Requests + - Tokens + type: string + window: + description: Window is the time window for this limit, + such as 1m or 1h. + type: string + required: + - max + - type + - window + type: object + type: array + tls: + description: TLS defines transport security requirements + for this destination. + properties: + mode: + description: Mode controls how TLS is handled for matching + egress traffic. + enum: + - Require + - Originate + - Disable + type: string + required: + description: Required controls whether matching egress + traffic must use TLS. + type: boolean + type: object + to: + description: To lists the destinations matched by this rule. + items: + properties: + host: + description: Host is the DNS name to match for egress + traffic. + type: string + ipBlock: + description: IPBlock is the IP range to match for + egress traffic. + properties: + cidr: + description: CIDR is an IP address range in CIDR + notation. + type: string + required: + - cidr + type: object + type: object + type: array + type: object + type: array + audit: + description: Audit configures egress logging and tracing for actors + created from this template. + properties: + logs: + description: Logs enables egress access logs for actors created + from this template. + type: boolean + redactHeaders: + description: RedactHeaders is the list of headers that must + be redacted from audit output. + items: + type: string + type: array + traces: + description: Traces enables egress tracing for actors created + from this template. + type: boolean + type: object + defaultAction: + description: DefaultAction is applied when no allow rule matches. + enum: + - Allow + - Deny + type: string + deny: + description: Deny contains destination rules actors created from + this template may not reach. + items: + properties: + headers: + description: Headers defines logging and trace handling + for headers on matching traffic. + properties: + redact: + description: Redact is the list of headers that must + be redacted from egress logs and traces. + items: + type: string + type: array + type: object + name: + description: Name is an optional human-readable identifier + for this rule. + type: string + pathPrefixes: + description: PathPrefixes is the list of HTTP path prefixes + matched by this rule. + items: + type: string + type: array + paths: + description: Paths is the list of exact HTTP paths matched + by this rule. + items: + type: string + type: array + ports: + description: |- + Ports is the list of destination ports matched by this rule. + If empty, the rule applies to all destination ports. + items: + properties: + port: + description: Port is the destination port number. + format: int32 + type: integer + protocol: + description: Protocol is the transport protocol for + this port. + type: string + required: + - port + type: object + type: array + rateLimit: + description: RateLimit defines request or token rate limits + for matching traffic. + items: + properties: + dimensions: + description: |- + Dimensions selects the bucket keys used by the enforcement layer, such as + actor, template, or namespace. + items: + type: string + type: array + max: + description: Max is the maximum number of requests + or tokens allowed during Window. + format: int64 + type: integer + type: + description: Type selects request-based or LLM token-based + rate limiting. + enum: + - Requests + - Tokens + type: string + window: + description: Window is the time window for this limit, + such as 1m or 1h. + type: string + required: + - max + - type + - window + type: object + type: array + tls: + description: TLS defines transport security requirements + for this destination. + properties: + mode: + description: Mode controls how TLS is handled for matching + egress traffic. + enum: + - Require + - Originate + - Disable + type: string + required: + description: Required controls whether matching egress + traffic must use TLS. + type: boolean + type: object + to: + description: To lists the destinations matched by this rule. + items: + properties: + host: + description: Host is the DNS name to match for egress + traffic. + type: string + ipBlock: + description: IPBlock is the IP range to match for + egress traffic. + properties: + cidr: + description: CIDR is an IP address range in CIDR + notation. + type: string + required: + - cidr + type: object + type: object + type: array + type: object + type: array + type: object pauseImage: description: |- PauseImage is the container to use as the root sandbox container. diff --git a/pkg/api/v1alpha1/actortemplate_types.go b/pkg/api/v1alpha1/actortemplate_types.go index bd07725e..321dff30 100644 --- a/pkg/api/v1alpha1/actortemplate_types.go +++ b/pkg/api/v1alpha1/actortemplate_types.go @@ -59,6 +59,162 @@ type SnapshotsConfig struct { Location string `json:"location"` } +type EgressPolicyAction string + +const ( + EgressPolicyActionAllow EgressPolicyAction = "Allow" + EgressPolicyActionDeny EgressPolicyAction = "Deny" +) + +type EgressTLSMode string + +const ( + EgressTLSModeRequire EgressTLSMode = "Require" + EgressTLSModeOriginate EgressTLSMode = "Originate" + EgressTLSModeDisable EgressTLSMode = "Disable" +) + +type EgressRateLimitType string + +const ( + EgressRateLimitTypeRequests EgressRateLimitType = "Requests" + EgressRateLimitTypeTokens EgressRateLimitType = "Tokens" +) + +type EgressTLSPolicy struct { + // Mode controls how TLS is handled for matching egress traffic. + // + // +kubebuilder:validation:Enum=Require;Originate;Disable + // +optional + Mode EgressTLSMode `json:"mode,omitempty"` + + // Required controls whether matching egress traffic must use TLS. + // +optional + Required bool `json:"required,omitempty"` +} + +type EgressIPBlock struct { + // CIDR is an IP address range in CIDR notation. + // +required + CIDR string `json:"cidr"` +} + +type EgressPolicyDestination struct { + // Host is the DNS name to match for egress traffic. + // +optional + Host string `json:"host,omitempty"` + + // IPBlock is the IP range to match for egress traffic. + // +optional + IPBlock *EgressIPBlock `json:"ipBlock,omitempty"` +} + +type EgressPort struct { + // Port is the destination port number. + // +required + Port int32 `json:"port"` + + // Protocol is the transport protocol for this port. + // +optional + Protocol corev1.Protocol `json:"protocol,omitempty"` +} + +type EgressRateLimit struct { + // Type selects request-based or LLM token-based rate limiting. + // + // +kubebuilder:validation:Enum=Requests;Tokens + // +required + Type EgressRateLimitType `json:"type"` + + // Max is the maximum number of requests or tokens allowed during Window. + // +required + Max int64 `json:"max"` + + // Window is the time window for this limit, such as 1m or 1h. + // +required + Window metav1.Duration `json:"window"` + + // Dimensions selects the bucket keys used by the enforcement layer, such as + // actor, template, or namespace. + // +optional + Dimensions []string `json:"dimensions,omitempty"` +} + +type EgressHeaderPolicy struct { + // Redact is the list of headers that must be redacted from egress logs and traces. + // +optional + Redact []string `json:"redact,omitempty"` +} + +type EgressPolicyRule struct { + // Name is an optional human-readable identifier for this rule. + // +optional + Name string `json:"name,omitempty"` + + // To lists the destinations matched by this rule. + // +optional + To []EgressPolicyDestination `json:"to,omitempty"` + + // Ports is the list of destination ports matched by this rule. + // If empty, the rule applies to all destination ports. + // +optional + Ports []EgressPort `json:"ports,omitempty"` + + // Paths is the list of exact HTTP paths matched by this rule. + // +optional + Paths []string `json:"paths,omitempty"` + + // PathPrefixes is the list of HTTP path prefixes matched by this rule. + // +optional + PathPrefixes []string `json:"pathPrefixes,omitempty"` + + // TLS defines transport security requirements for this destination. + // +optional + TLS *EgressTLSPolicy `json:"tls,omitempty"` + + // RateLimit defines request or token rate limits for matching traffic. + // +optional + RateLimit []EgressRateLimit `json:"rateLimit,omitempty"` + + // Headers defines logging and trace handling for headers on matching traffic. + // +optional + Headers *EgressHeaderPolicy `json:"headers,omitempty"` +} + +type EgressAuditPolicy struct { + // Logs enables egress access logs for actors created from this template. + // +optional + Logs bool `json:"logs,omitempty"` + + // Traces enables egress tracing for actors created from this template. + // +optional + Traces bool `json:"traces,omitempty"` + + // RedactHeaders is the list of headers that must be redacted from audit output. + // +optional + RedactHeaders []string `json:"redactHeaders,omitempty"` +} + +type EgressPolicy struct { + // DefaultAction is applied when no allow rule matches. + // + // +kubebuilder:validation:Enum=Allow;Deny + // +optional + DefaultAction EgressPolicyAction `json:"defaultAction,omitempty"` + + // Allow contains destination rules actors created from this template may reach. + // +optional + Allow []EgressPolicyRule `json:"allow,omitempty"` + + // Deny contains destination rules actors created from this template may not reach. + // +optional + Deny []EgressPolicyRule `json:"deny,omitempty"` + + // Audit configures egress logging and tracing for actors created from this template. + // +optional + Audit *EgressAuditPolicy `json:"audit,omitempty"` +} + // ActorTemplateSpec defined desired spec of an actor. type ActorTemplateSpec struct { // PauseImage is the container to use as the root sandbox container. @@ -90,6 +246,11 @@ type ActorTemplateSpec struct { // // +required Runsc RunscConfig `json:"runsc,omitempty"` + + // EgressPolicy defines the default outbound network policy for actors + // created from this template. + // +optional + EgressPolicy *EgressPolicy `json:"egressPolicy,omitempty"` } type GCPAuthenticationConfig struct { diff --git a/pkg/api/v1alpha1/actortemplate_types_test.go b/pkg/api/v1alpha1/actortemplate_types_test.go index 217f0103..d726aa46 100644 --- a/pkg/api/v1alpha1/actortemplate_types_test.go +++ b/pkg/api/v1alpha1/actortemplate_types_test.go @@ -16,6 +16,7 @@ package v1alpha1 import ( "testing" + "time" "github.com/google/go-cmp/cmp" corev1 "k8s.io/api/core/v1" @@ -36,6 +37,48 @@ func TestActorTemplateDeepCopy(t *testing.T) { SnapshotsConfig: SnapshotsConfig{ Location: "gs://test-bucket/test-folder", }, + EgressPolicy: &EgressPolicy{ + DefaultAction: EgressPolicyActionDeny, + Allow: []EgressPolicyRule{ + { + Name: "openai", + To: []EgressPolicyDestination{ + {Host: "api.openai.com"}, + }, + Ports: []EgressPort{ + {Port: 443, Protocol: corev1.ProtocolTCP}, + }, + TLS: &EgressTLSPolicy{ + Mode: EgressTLSModeRequire, + Required: true, + }, + RateLimit: []EgressRateLimit{ + { + Type: EgressRateLimitTypeTokens, + Max: 60000, + Window: metav1.Duration{Duration: time.Minute}, + }, + }, + Headers: &EgressHeaderPolicy{ + Redact: []string{"authorization", "x-api-key"}, + }, + }, + }, + Deny: []EgressPolicyRule{ + { + Name: "metadata", + To: []EgressPolicyDestination{ + {Host: "metadata.google.internal"}, + {IPBlock: &EgressIPBlock{CIDR: "169.254.169.254/32"}}, + }, + }, + }, + Audit: &EgressAuditPolicy{ + Logs: true, + Traces: true, + RedactHeaders: []string{"authorization"}, + }, + }, }, Status: ActorTemplateStatus{ Phase: PhaseReady, diff --git a/pkg/api/v1alpha1/zz_generated.deepcopy.go b/pkg/api/v1alpha1/zz_generated.deepcopy.go index a66bb6a6..ba4556ce 100644 --- a/pkg/api/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/api/v1alpha1/zz_generated.deepcopy.go @@ -96,6 +96,11 @@ func (in *ActorTemplateSpec) DeepCopyInto(out *ActorTemplateSpec) { out.SnapshotsConfig = in.SnapshotsConfig out.WorkerPoolRef = in.WorkerPoolRef in.Runsc.DeepCopyInto(&out.Runsc) + if in.EgressPolicy != nil { + in, out := &in.EgressPolicy, &out.EgressPolicy + *out = new(EgressPolicy) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ActorTemplateSpec. @@ -183,6 +188,220 @@ func (in *Container) DeepCopy() *Container { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressAuditPolicy) DeepCopyInto(out *EgressAuditPolicy) { + *out = *in + if in.RedactHeaders != nil { + in, out := &in.RedactHeaders, &out.RedactHeaders + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressAuditPolicy. +func (in *EgressAuditPolicy) DeepCopy() *EgressAuditPolicy { + if in == nil { + return nil + } + out := new(EgressAuditPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressHeaderPolicy) DeepCopyInto(out *EgressHeaderPolicy) { + *out = *in + if in.Redact != nil { + in, out := &in.Redact, &out.Redact + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressHeaderPolicy. +func (in *EgressHeaderPolicy) DeepCopy() *EgressHeaderPolicy { + if in == nil { + return nil + } + out := new(EgressHeaderPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressIPBlock) DeepCopyInto(out *EgressIPBlock) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressIPBlock. +func (in *EgressIPBlock) DeepCopy() *EgressIPBlock { + if in == nil { + return nil + } + out := new(EgressIPBlock) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressPolicy) DeepCopyInto(out *EgressPolicy) { + *out = *in + if in.Allow != nil { + in, out := &in.Allow, &out.Allow + *out = make([]EgressPolicyRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Deny != nil { + in, out := &in.Deny, &out.Deny + *out = make([]EgressPolicyRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Audit != nil { + in, out := &in.Audit, &out.Audit + *out = new(EgressAuditPolicy) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressPolicy. +func (in *EgressPolicy) DeepCopy() *EgressPolicy { + if in == nil { + return nil + } + out := new(EgressPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressPolicyDestination) DeepCopyInto(out *EgressPolicyDestination) { + *out = *in + if in.IPBlock != nil { + in, out := &in.IPBlock, &out.IPBlock + *out = new(EgressIPBlock) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressPolicyDestination. +func (in *EgressPolicyDestination) DeepCopy() *EgressPolicyDestination { + if in == nil { + return nil + } + out := new(EgressPolicyDestination) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressPolicyRule) DeepCopyInto(out *EgressPolicyRule) { + *out = *in + if in.To != nil { + in, out := &in.To, &out.To + *out = make([]EgressPolicyDestination, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]EgressPort, len(*in)) + copy(*out, *in) + } + if in.Paths != nil { + in, out := &in.Paths, &out.Paths + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.PathPrefixes != nil { + in, out := &in.PathPrefixes, &out.PathPrefixes + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(EgressTLSPolicy) + **out = **in + } + if in.RateLimit != nil { + in, out := &in.RateLimit, &out.RateLimit + *out = make([]EgressRateLimit, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = new(EgressHeaderPolicy) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressPolicyRule. +func (in *EgressPolicyRule) DeepCopy() *EgressPolicyRule { + if in == nil { + return nil + } + out := new(EgressPolicyRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressPort) DeepCopyInto(out *EgressPort) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressPort. +func (in *EgressPort) DeepCopy() *EgressPort { + if in == nil { + return nil + } + out := new(EgressPort) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressRateLimit) DeepCopyInto(out *EgressRateLimit) { + *out = *in + out.Window = in.Window + if in.Dimensions != nil { + in, out := &in.Dimensions, &out.Dimensions + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressRateLimit. +func (in *EgressRateLimit) DeepCopy() *EgressRateLimit { + if in == nil { + return nil + } + out := new(EgressRateLimit) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressTLSPolicy) DeepCopyInto(out *EgressTLSPolicy) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressTLSPolicy. +func (in *EgressTLSPolicy) DeepCopy() *EgressTLSPolicy { + if in == nil { + return nil + } + out := new(EgressTLSPolicy) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GCPAuthenticationConfig) DeepCopyInto(out *GCPAuthenticationConfig) { *out = *in From 6f2ecc346089f6a70b950151e0bfbf09c63ef64d Mon Sep 17 00:00:00 2001 From: npolshakova Date: Thu, 4 Jun 2026 11:58:27 -0700 Subject: [PATCH 8/8] wip Signed-off-by: npolshakova --- .ko.yaml | 1 + .../internal/controlapi/workload_spec.go | 46 ++ .../internal/controlapi/workload_spec_test.go | 35 ++ cmd/atelet/main.go | 46 ++ cmd/atelet/main_test.go | 30 + cmd/ateom-gvisor/egress_agentgateway.go | 576 ++++++++++++++++++ cmd/ateom-gvisor/egress_agentgateway_test.go | 186 ++++++ cmd/ateom-gvisor/main.go | 194 ++---- demos/counter/counter.go | 4 +- demos/counter/counter.yaml.tmpl | 9 +- hack/install-demo-counter.sh | 0 internal/ateompath/ateompath.go | 15 + internal/proto/ateletpb/atelet.pb.go | 513 ++++++++++++++-- internal/proto/ateletpb/atelet.proto | 36 ++ internal/proto/ateompb/ateom.pb.go | 485 +++++++++++++-- internal/proto/ateompb/ateom.proto | 36 ++ .../generated/ate.dev_actortemplates.yaml | 162 +++++ pkg/api/v1alpha1/actortemplate_types.go | 50 +- pkg/api/v1alpha1/zz_generated.deepcopy.go | 90 ++- 19 files changed, 2290 insertions(+), 224 deletions(-) create mode 100644 cmd/ateom-gvisor/egress_agentgateway.go create mode 100644 cmd/ateom-gvisor/egress_agentgateway_test.go mode change 100644 => 100755 hack/install-demo-counter.sh diff --git a/.ko.yaml b/.ko.yaml index a34e4fd3..693ab967 100644 --- a/.ko.yaml +++ b/.ko.yaml @@ -19,5 +19,6 @@ defaultPlatforms: - linux/arm64 baseImageOverrides: + github.com/agent-substrate/substrate/cmd/ateom-gvisor: cr.agentgateway.dev/agentgateway:v1.3.0-alpha.1 github.com/agent-substrate/substrate/demos/sandbox: alpine github.com/agent-substrate/substrate/demos/agent-secret: alpine diff --git a/cmd/ateapi/internal/controlapi/workload_spec.go b/cmd/ateapi/internal/controlapi/workload_spec.go index 9c61707a..c25e1ac9 100644 --- a/cmd/ateapi/internal/controlapi/workload_spec.go +++ b/cmd/ateapi/internal/controlapi/workload_spec.go @@ -69,7 +69,53 @@ func buildAteletEgressPolicyRules(rules []atev1alpha1.EgressPolicyRule) []*atele Protocol: string(port.Protocol), }) } + outRule.Tls = buildAteletEgressTLSPolicy(rule.TLS) + outRule.Credentials = buildAteletEgressCredentialPolicy(rule.Credentials) out = append(out, outRule) } return out } + +func buildAteletEgressTLSPolicy(policy *atev1alpha1.EgressTLSPolicy) *ateletpb.EgressTLSPolicy { + if policy == nil { + return nil + } + out := &ateletpb.EgressTLSPolicy{ + Mode: string(policy.Mode), + Required: policy.Required, + } + if policy.Intercept != nil { + out.Intercept = &ateletpb.EgressTLSInterceptPolicy{ + ValidateUpstream: policy.Intercept.ValidateUpstream, + } + if policy.Intercept.IssuerSecretRef != nil { + out.Intercept.IssuerSecretRef = &ateletpb.SecretReference{ + Name: policy.Intercept.IssuerSecretRef.Name, + Namespace: policy.Intercept.IssuerSecretRef.Namespace, + } + } + } + return out +} + +func buildAteletEgressCredentialPolicy(policy *atev1alpha1.EgressCredentialPolicy) *ateletpb.EgressCredentialPolicy { + if policy == nil { + return nil + } + out := &ateletpb.EgressCredentialPolicy{} + for _, injection := range policy.Inject { + outInjection := &ateletpb.EgressCredentialInjection{ + Header: injection.Header, + } + if injection.ValueFrom.SecretKeyRef != nil { + outInjection.ValueFrom = &ateletpb.EgressCredentialValueFrom{ + SecretKeyRef: &ateletpb.SecretKeySelector{ + Name: injection.ValueFrom.SecretKeyRef.Name, + Key: injection.ValueFrom.SecretKeyRef.Key, + }, + } + } + out.Inject = append(out.Inject, outInjection) + } + return out +} diff --git a/cmd/ateapi/internal/controlapi/workload_spec_test.go b/cmd/ateapi/internal/controlapi/workload_spec_test.go index 4f659e9e..0a002db9 100644 --- a/cmd/ateapi/internal/controlapi/workload_spec_test.go +++ b/cmd/ateapi/internal/controlapi/workload_spec_test.go @@ -40,6 +40,32 @@ func TestBuildAteletWorkloadSpecIncludesEgressPolicy(t *testing.T) { Ports: []atev1alpha1.EgressPort{ {Port: 443, Protocol: corev1.ProtocolTCP}, }, + TLS: &atev1alpha1.EgressTLSPolicy{ + Mode: atev1alpha1.EgressTLSModeIntercept, + Required: true, + Intercept: &atev1alpha1.EgressTLSInterceptPolicy{ + IssuerSecretRef: &corev1.SecretReference{ + Name: "egress-ca", + Namespace: "ate-system", + }, + ValidateUpstream: true, + }, + }, + Credentials: &atev1alpha1.EgressCredentialPolicy{ + Inject: []atev1alpha1.EgressCredentialInjection{ + { + Header: "Authorization", + ValueFrom: atev1alpha1.EgressCredentialValueFrom{ + SecretKeyRef: &corev1.SecretKeySelector{ + Key: "token", + LocalObjectReference: corev1.LocalObjectReference{ + Name: "github-token", + }, + }, + }, + }, + }, + }, }, }, }, @@ -62,4 +88,13 @@ func TestBuildAteletWorkloadSpecIncludesEgressPolicy(t *testing.T) { if got, want := allow[0].GetPorts()[0].GetProtocol(), "TCP"; got != want { t.Fatalf("protocol = %q, want %q", got, want) } + if got, want := allow[0].GetTls().GetMode(), "Intercept"; got != want { + t.Fatalf("tls mode = %q, want %q", got, want) + } + if got, want := allow[0].GetTls().GetIntercept().GetIssuerSecretRef().GetName(), "egress-ca"; got != want { + t.Fatalf("issuer secret = %q, want %q", got, want) + } + if got, want := allow[0].GetCredentials().GetInject()[0].GetValueFrom().GetSecretKeyRef().GetName(), "github-token"; got != want { + t.Fatalf("credential secret = %q, want %q", got, want) + } } diff --git a/cmd/atelet/main.go b/cmd/atelet/main.go index c5a61c52..d7a34428 100644 --- a/cmd/atelet/main.go +++ b/cmd/atelet/main.go @@ -550,11 +550,57 @@ func buildAteomEgressPolicyRules(rules []*ateletpb.EgressPolicyRule) []*ateompb. Protocol: port.GetProtocol(), }) } + outRule.Tls = buildAteomEgressTLSPolicy(rule.GetTls()) + outRule.Credentials = buildAteomEgressCredentialPolicy(rule.GetCredentials()) out = append(out, outRule) } return out } +func buildAteomEgressTLSPolicy(policy *ateletpb.EgressTLSPolicy) *ateompb.EgressTLSPolicy { + if policy == nil { + return nil + } + out := &ateompb.EgressTLSPolicy{ + Mode: policy.GetMode(), + Required: policy.GetRequired(), + } + if policy.GetIntercept() != nil { + out.Intercept = &ateompb.EgressTLSInterceptPolicy{ + ValidateUpstream: policy.GetIntercept().GetValidateUpstream(), + } + if policy.GetIntercept().GetIssuerSecretRef() != nil { + out.Intercept.IssuerSecretRef = &ateompb.SecretReference{ + Name: policy.GetIntercept().GetIssuerSecretRef().GetName(), + Namespace: policy.GetIntercept().GetIssuerSecretRef().GetNamespace(), + } + } + } + return out +} + +func buildAteomEgressCredentialPolicy(policy *ateletpb.EgressCredentialPolicy) *ateompb.EgressCredentialPolicy { + if policy == nil { + return nil + } + out := &ateompb.EgressCredentialPolicy{} + for _, injection := range policy.GetInject() { + outInjection := &ateompb.EgressCredentialInjection{ + Header: injection.GetHeader(), + } + if injection.GetValueFrom().GetSecretKeyRef() != nil { + outInjection.ValueFrom = &ateompb.EgressCredentialValueFrom{ + SecretKeyRef: &ateompb.SecretKeySelector{ + Name: injection.GetValueFrom().GetSecretKeyRef().GetName(), + Key: injection.GetValueFrom().GetSecretKeyRef().GetKey(), + }, + } + } + out.Inject = append(out.Inject, outInjection) + } + return out +} + // uploadIfExists uploads a local file to GCS (zstd-compressed) only if // the file is present. Missing files are silently skipped — used for // optional checkpoint side-files (pages.img, pages_meta.img). diff --git a/cmd/atelet/main_test.go b/cmd/atelet/main_test.go index 72c43d36..5932ac4c 100644 --- a/cmd/atelet/main_test.go +++ b/cmd/atelet/main_test.go @@ -33,6 +33,30 @@ func TestBuildAteomWorkloadSpecIncludesEgressPolicy(t *testing.T) { Ports: []*ateletpb.EgressPort{ {Port: 443, Protocol: "TCP"}, }, + Tls: &ateletpb.EgressTLSPolicy{ + Mode: "Intercept", + Required: true, + Intercept: &ateletpb.EgressTLSInterceptPolicy{ + IssuerSecretRef: &ateletpb.SecretReference{ + Name: "egress-ca", + Namespace: "ate-system", + }, + ValidateUpstream: true, + }, + }, + Credentials: &ateletpb.EgressCredentialPolicy{ + Inject: []*ateletpb.EgressCredentialInjection{ + { + Header: "Authorization", + ValueFrom: &ateletpb.EgressCredentialValueFrom{ + SecretKeyRef: &ateletpb.SecretKeySelector{ + Name: "github-token", + Key: "token", + }, + }, + }, + }, + }, }, }, }, @@ -47,4 +71,10 @@ func TestBuildAteomWorkloadSpecIncludesEgressPolicy(t *testing.T) { if got, want := spec.GetEgressPolicy().GetAllow()[0].GetPorts()[0].GetPort(), uint32(443); got != want { t.Fatalf("port = %d, want %d", got, want) } + if got, want := spec.GetEgressPolicy().GetAllow()[0].GetTls().GetMode(), "Intercept"; got != want { + t.Fatalf("tls mode = %q, want %q", got, want) + } + if got, want := spec.GetEgressPolicy().GetAllow()[0].GetCredentials().GetInject()[0].GetHeader(), "Authorization"; got != want { + t.Fatalf("credential header = %q, want %q", got, want) + } } diff --git a/cmd/ateom-gvisor/egress_agentgateway.go b/cmd/ateom-gvisor/egress_agentgateway.go new file mode 100644 index 00000000..c4c43979 --- /dev/null +++ b/cmd/ateom-gvisor/egress_agentgateway.go @@ -0,0 +1,576 @@ +//go:build linux + +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "context" + "fmt" + "log/slog" + "os" + "os/exec" + "path/filepath" + "strings" + "sync" + + "github.com/agent-substrate/substrate/internal/ateompath" + "github.com/agent-substrate/substrate/internal/proto/ateompb" + corev1 "k8s.io/api/core/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/client-go/kubernetes" + "k8s.io/client-go/rest" + "sigs.k8s.io/yaml" +) + +const ( + egressAgentgatewayHTTPPort = 15001 + egressAgentgatewayHTTPSPort = 15002 +) + +type egressAgentgatewayManager struct { + lock sync.Mutex + binaryPath string + namespace string + podName string + configPath string + tlsDir string + secret egressSecretResolver + cmd *exec.Cmd +} + +type egressSecretResolver interface { + SecretValue(ctx context.Context, namespace, name, key string) (string, error) + TLSSecret(ctx context.Context, namespace, name string) ([]byte, []byte, error) +} + +func newEgressAgentgatewayManager(ctx context.Context, binaryPath, namespace, podName string) (*egressAgentgatewayManager, error) { + manager := &egressAgentgatewayManager{ + binaryPath: binaryPath, + namespace: namespace, + podName: podName, + configPath: ateompath.EgressAgentgatewayConfigPath(namespace, podName), + tlsDir: ateompath.EgressAgentgatewayTLSDir(namespace, podName), + } + secret, err := newKubernetesEgressSecretResolver() + if err != nil { + slog.InfoContext(ctx, "Kubernetes secret resolver unavailable for egress agentgateway", slog.Any("err", err)) + } else { + manager.secret = secret + } + if err := manager.writeConfig(ctx, nil); err != nil { + return nil, err + } + return manager, nil +} + +func (m *egressAgentgatewayManager) ApplyPolicy(ctx context.Context, policy *ateompb.EgressPolicy) error { + if m == nil { + return nil + } + m.lock.Lock() + defer m.lock.Unlock() + + if err := m.writeConfig(ctx, policy); err != nil { + return err + } + if !egressPolicyNeedsAgentgateway(policy) { + return m.stopLocked(ctx) + } + if m.cmd != nil && m.cmd.Process != nil { + return nil + } + + reapLock.RLock() + cmd := exec.Command(m.binaryPath, "-f", m.configPath) + cmd.Stdout = os.Stdout + cmd.Stderr = os.Stderr + if err := cmd.Start(); err != nil { + reapLock.RUnlock() + return fmt.Errorf("while starting egress agentgateway %q: %w", m.binaryPath, err) + } + reapLock.RUnlock() + + m.cmd = cmd + go func() { + err := cmd.Wait() + m.lock.Lock() + if m.cmd == cmd { + m.cmd = nil + } + m.lock.Unlock() + if err != nil { + slog.WarnContext(ctx, "Egress agentgateway exited", slog.Any("err", err)) + } + }() + slog.InfoContext(ctx, "Started egress agentgateway", slog.String("config", m.configPath)) + return nil +} + +func (m *egressAgentgatewayManager) Stop(ctx context.Context) { + m.lock.Lock() + defer m.lock.Unlock() + if err := m.stopLocked(ctx); err != nil { + slog.WarnContext(ctx, "Failed to stop egress agentgateway", slog.Any("err", err)) + } +} + +func (m *egressAgentgatewayManager) stopLocked(ctx context.Context) error { + if m.cmd == nil || m.cmd.Process == nil { + return nil + } + slog.InfoContext(ctx, "Stopping egress agentgateway") + if err := m.cmd.Process.Kill(); err != nil { + return fmt.Errorf("while killing egress agentgateway: %w", err) + } + m.cmd = nil + return nil +} + +func (m *egressAgentgatewayManager) writeConfig(ctx context.Context, policy *ateompb.EgressPolicy) error { + if err := os.MkdirAll(filepath.Dir(m.configPath), 0o700); err != nil { + return fmt.Errorf("while creating egress agentgateway config directory: %w", err) + } + if err := os.MkdirAll(m.tlsDir, 0o700); err != nil { + return fmt.Errorf("while creating egress agentgateway tls directory: %w", err) + } + cfg, err := renderEgressAgentgatewayConfig(ctx, m.secret, m.namespace, m.tlsDir, policy) + if err != nil { + return err + } + if err := os.WriteFile(m.configPath, cfg, 0o600); err != nil { + return fmt.Errorf("while writing egress agentgateway config: %w", err) + } + return nil +} + +func egressPolicyNeedsAgentgateway(policy *ateompb.EgressPolicy) bool { + if policy == nil { + return false + } + for _, rule := range policy.GetAllow() { + if egressRuleHasTransparentHTTPRoute(rule) { + return true + } + if len(rule.GetCredentials().GetInject()) > 0 { + return true + } + switch rule.GetTls().GetMode() { + case "Require", "Originate", "Intercept": + return true + } + if rule.GetTls().GetRequired() { + return true + } + } + return false +} + +func egressRuleHasTransparentHTTPRoute(rule *ateompb.EgressPolicyRule) bool { + hasHost := false + for _, dest := range rule.GetTo() { + if dest.GetHost() != "" { + hasHost = true + break + } + } + if !hasHost || egressRuleRequiresBackendTLS(rule) { + return false + } + ports := rule.GetPorts() + if len(ports) == 0 { + return true + } + for _, port := range ports { + if isTCPEgressPort(port) && effectiveEgressPort(port) == 80 { + return true + } + } + return false +} + +type localAgentgatewayConfig struct { + Schema string `json:"# yaml-language-server,omitempty"` + Config localAgentgatewaySettings `json:"config"` + Binds []localAgentgatewayBind `json:"binds"` +} + +type localAgentgatewaySettings struct { + AdminAddr string `json:"adminAddr"` + ReadinessAddr string `json:"readinessAddr"` + StatsAddr string `json:"statsAddr"` +} + +type localAgentgatewayBind struct { + Port int `json:"port"` + Listeners []localAgentgatewayListener `json:"listeners"` +} + +type localAgentgatewayListener struct { + Name string `json:"name"` + Protocol string `json:"protocol"` + TLS *localAgentgatewayFrontendTLS `json:"tls,omitempty"` + Routes []localAgentgatewayRoute `json:"routes,omitempty"` + TCPRoutes []localAgentgatewayTCPRoute `json:"tcpRoutes,omitempty"` +} + +type localAgentgatewayFrontendTLS struct { + Cert string `json:"cert"` + Key string `json:"key"` +} + +type localAgentgatewayRoute struct { + Name string `json:"name"` + Matches []localAgentgatewayMatch `json:"matches,omitempty"` + Policies *localAgentgatewayRoutePolicy `json:"policies,omitempty"` + Backends []localAgentgatewayRouteBackend `json:"backends,omitempty"` +} + +type localAgentgatewayMatch struct { + Headers []localAgentgatewayHeaderMatch `json:"headers,omitempty"` +} + +type localAgentgatewayHeaderMatch struct { + Name string `json:"name"` + Value localAgentgatewayStringMatchValue `json:"value"` +} + +type localAgentgatewayStringMatchValue struct { + Exact string `json:"exact"` +} + +type localAgentgatewayRoutePolicy struct { + RequestHeaderModifier *localAgentgatewayHeaderModifier `json:"requestHeaderModifier,omitempty"` + DirectResponse *localAgentgatewayDirectResponse `json:"directResponse,omitempty"` +} + +type localAgentgatewayHeaderModifier struct { + Set map[string]string `json:"set,omitempty"` +} + +type localAgentgatewayDirectResponse struct { + Status int `json:"status"` + Body string `json:"body"` +} + +type localAgentgatewayRouteBackend struct { + Host string `json:"host"` + Policies *localAgentgatewayBackendPolicies `json:"policies,omitempty"` +} + +type localAgentgatewayTCPRoute struct { + Name string `json:"name"` + Hostnames []string `json:"hostnames,omitempty"` + Backends []localAgentgatewayRouteBackend `json:"backends,omitempty"` +} + +type localAgentgatewayBackendPolicies struct { + BackendTLS map[string]any `json:"backendTLS,omitempty"` +} + +func renderEgressAgentgatewayConfig(ctx context.Context, secrets egressSecretResolver, defaultNamespace, tlsDir string, policy *ateompb.EgressPolicy) ([]byte, error) { + cfg := localAgentgatewayConfig{ + Config: localAgentgatewaySettings{ + AdminAddr: "127.0.0.1:15000", + ReadinessAddr: "127.0.0.1:15021", + StatsAddr: "127.0.0.1:15020", + }, + Binds: []localAgentgatewayBind{ + { + Port: egressAgentgatewayHTTPPort, + Listeners: []localAgentgatewayListener{{ + Name: "egress-http", + Protocol: "HTTP", + Routes: []localAgentgatewayRoute{denyEgressRoute()}, + }}, + }, + }, + } + + httpsListener := localAgentgatewayListener{ + Name: "egress-https", + Protocol: "TLS", + } + for _, rule := range policy.GetAllow() { + routes, err := routesForEgressRule(ctx, secrets, defaultNamespace, tlsDir, rule) + if err != nil { + return nil, err + } + for _, route := range routes { + if rule.GetTls().GetMode() == "Intercept" { + httpsListener.Protocol = "HTTPS" + if httpsListener.TLS == nil { + tls, err := frontendTLSForInterceptRule(ctx, secrets, defaultNamespace, tlsDir, rule) + if err != nil { + return nil, err + } + httpsListener.TLS = tls + } + httpsListener.Routes = append([]localAgentgatewayRoute{route}, httpsListener.Routes...) + continue + } + if egressRuleRequiresBackendTLS(rule) { + continue + } + cfg.Binds[0].Listeners[0].Routes = append([]localAgentgatewayRoute{route}, cfg.Binds[0].Listeners[0].Routes...) + } + if httpsListener.Protocol == "TLS" && egressRuleRequiresBackendTLS(rule) { + httpsListener.TCPRoutes = append(httpsListener.TCPRoutes, tcpRoutesForEgressRule(rule)...) + } + } + if httpsListener.TLS != nil || len(httpsListener.TCPRoutes) > 0 { + if httpsListener.TLS != nil && len(httpsListener.Routes) == 0 { + httpsListener.Routes = []localAgentgatewayRoute{denyEgressRoute()} + } + cfg.Binds = append(cfg.Binds, localAgentgatewayBind{ + Port: egressAgentgatewayHTTPSPort, + Listeners: []localAgentgatewayListener{httpsListener}, + }) + } + + out, err := yaml.Marshal(cfg) + if err != nil { + return nil, fmt.Errorf("while rendering egress agentgateway config: %w", err) + } + return append([]byte("# yaml-language-server: $schema=https://agentgateway.dev/schema/config\n"), out...), nil +} + +func routesForEgressRule(ctx context.Context, secrets egressSecretResolver, defaultNamespace, _ string, rule *ateompb.EgressPolicyRule) ([]localAgentgatewayRoute, error) { + var routes []localAgentgatewayRoute + for _, dest := range rule.GetTo() { + host := dest.GetHost() + if host == "" { + continue + } + ports := rule.GetPorts() + if len(ports) == 0 { + ports = []*ateompb.EgressPort{{Port: 443, Protocol: "TCP"}} + } + for _, port := range ports { + if !isTCPEgressPort(port) { + continue + } + backend := localAgentgatewayRouteBackend{Host: fmt.Sprintf("%s:%d", host, effectiveEgressPort(port))} + if egressRuleRequiresBackendTLS(rule) { + backend.Policies = &localAgentgatewayBackendPolicies{BackendTLS: map[string]any{}} + } + route := localAgentgatewayRoute{ + Name: localRouteName(host, port), + Matches: egressAuthorityMatches(host, effectiveEgressPort(port)), + Backends: []localAgentgatewayRouteBackend{backend}, + } + headers, err := egressInjectedHeaders(ctx, secrets, defaultNamespace, rule.GetCredentials()) + if err != nil { + return nil, err + } + if len(headers) > 0 { + route.Policies = &localAgentgatewayRoutePolicy{ + RequestHeaderModifier: &localAgentgatewayHeaderModifier{Set: headers}, + } + } + routes = append(routes, route) + } + } + return routes, nil +} + +func tcpRoutesForEgressRule(rule *ateompb.EgressPolicyRule) []localAgentgatewayTCPRoute { + var routes []localAgentgatewayTCPRoute + for _, dest := range rule.GetTo() { + host := dest.GetHost() + if host == "" { + continue + } + ports := rule.GetPorts() + if len(ports) == 0 { + ports = []*ateompb.EgressPort{{Port: 443, Protocol: "TCP"}} + } + for _, port := range ports { + if !isTCPEgressPort(port) || effectiveEgressPort(port) != 443 { + continue + } + routes = append(routes, localAgentgatewayTCPRoute{ + Name: localRouteName(host, port), + Hostnames: []string{host}, + Backends: []localAgentgatewayRouteBackend{{ + Host: fmt.Sprintf("%s:%d", host, effectiveEgressPort(port)), + }}, + }) + } + } + return routes +} + +func egressAuthorityMatches(host string, port uint32) []localAgentgatewayMatch { + matches := []localAgentgatewayMatch{ + {Headers: []localAgentgatewayHeaderMatch{{ + Name: ":authority", + Value: localAgentgatewayStringMatchValue{Exact: host}, + }}}, + } + hostWithPort := fmt.Sprintf("%s:%d", host, port) + if hostWithPort != host { + matches = append(matches, localAgentgatewayMatch{Headers: []localAgentgatewayHeaderMatch{{ + Name: ":authority", + Value: localAgentgatewayStringMatchValue{Exact: hostWithPort}, + }}}) + } + return matches +} + +func egressInjectedHeaders(ctx context.Context, secrets egressSecretResolver, defaultNamespace string, policy *ateompb.EgressCredentialPolicy) (map[string]string, error) { + if policy == nil || len(policy.GetInject()) == 0 { + return nil, nil + } + if secrets == nil { + return nil, fmt.Errorf("egress credential injection requires Kubernetes secret access") + } + headers := map[string]string{} + for _, injection := range policy.GetInject() { + header := strings.TrimSpace(injection.GetHeader()) + if header == "" { + return nil, fmt.Errorf("egress credential injection header is required") + } + ref := injection.GetValueFrom().GetSecretKeyRef() + if ref == nil { + return nil, fmt.Errorf("egress credential injection for header %q requires valueFrom.secretKeyRef", header) + } + value, err := secrets.SecretValue(ctx, defaultNamespace, ref.GetName(), ref.GetKey()) + if err != nil { + return nil, err + } + headers[header] = value + } + return headers, nil +} + +func frontendTLSForInterceptRule(ctx context.Context, secrets egressSecretResolver, defaultNamespace, tlsDir string, rule *ateompb.EgressPolicyRule) (*localAgentgatewayFrontendTLS, error) { + if secrets == nil { + return nil, fmt.Errorf("egress TLS intercept requires Kubernetes secret access") + } + ref := rule.GetTls().GetIntercept().GetIssuerSecretRef() + if ref == nil { + return nil, fmt.Errorf("egress TLS intercept requires tls.intercept.issuerSecretRef") + } + namespace := ref.GetNamespace() + if namespace == "" { + namespace = defaultNamespace + } + cert, key, err := secrets.TLSSecret(ctx, namespace, ref.GetName()) + if err != nil { + return nil, err + } + certPath := filepath.Join(tlsDir, "intercept.crt") + keyPath := filepath.Join(tlsDir, "intercept.key") + if err := os.WriteFile(certPath, cert, 0o600); err != nil { + return nil, fmt.Errorf("while writing egress intercept cert: %w", err) + } + if err := os.WriteFile(keyPath, key, 0o600); err != nil { + return nil, fmt.Errorf("while writing egress intercept key: %w", err) + } + return &localAgentgatewayFrontendTLS{Cert: certPath, Key: keyPath}, nil +} + +func denyEgressRoute() localAgentgatewayRoute { + return localAgentgatewayRoute{ + Name: "default-deny", + Policies: &localAgentgatewayRoutePolicy{ + DirectResponse: &localAgentgatewayDirectResponse{ + Status: 403, + Body: "egress denied", + }, + }, + } +} + +func egressRuleRequiresBackendTLS(rule *ateompb.EgressPolicyRule) bool { + tls := rule.GetTls() + return tls.GetRequired() || tls.GetMode() == "Require" || tls.GetMode() == "Originate" || tls.GetMode() == "Intercept" +} + +func isTCPEgressPort(port *ateompb.EgressPort) bool { + return port.GetProtocol() == "" || strings.EqualFold(port.GetProtocol(), "TCP") +} + +func effectiveEgressPort(port *ateompb.EgressPort) uint32 { + if port.GetPort() == 0 { + return 443 + } + return port.GetPort() +} + +func localRouteName(host string, port *ateompb.EgressPort) string { + base := host + base = strings.NewReplacer(".", "-", "_", "-", ":", "-").Replace(base) + return fmt.Sprintf("allow-%s-%d", base, effectiveEgressPort(port)) +} + +type kubernetesEgressSecretResolver struct { + client kubernetes.Interface +} + +func newKubernetesEgressSecretResolver() (*kubernetesEgressSecretResolver, error) { + cfg, err := rest.InClusterConfig() + if err != nil { + return nil, err + } + client, err := kubernetes.NewForConfig(cfg) + if err != nil { + return nil, err + } + return &kubernetesEgressSecretResolver{client: client}, nil +} + +func (r *kubernetesEgressSecretResolver) SecretValue(ctx context.Context, defaultNamespace, name, key string) (string, error) { + if name == "" || key == "" { + return "", fmt.Errorf("egress credential secret name and key are required") + } + secret, err := r.client.CoreV1().Secrets(defaultNamespace).Get(ctx, name, metav1.GetOptions{}) + if err != nil { + return "", secretGetError(defaultNamespace, name, err) + } + value, ok := secret.Data[key] + if !ok { + return "", fmt.Errorf("secret %s/%s does not contain key %q", defaultNamespace, name, key) + } + return string(value), nil +} + +func (r *kubernetesEgressSecretResolver) TLSSecret(ctx context.Context, namespace, name string) ([]byte, []byte, error) { + if namespace == "" { + return nil, nil, fmt.Errorf("egress TLS intercept secret namespace is required") + } + if name == "" { + return nil, nil, fmt.Errorf("egress TLS intercept secret name is required") + } + secret, err := r.client.CoreV1().Secrets(namespace).Get(ctx, name, metav1.GetOptions{}) + if err != nil { + return nil, nil, secretGetError(namespace, name, err) + } + cert := secret.Data[corev1.TLSCertKey] + key := secret.Data[corev1.TLSPrivateKeyKey] + if len(cert) == 0 || len(key) == 0 { + return nil, nil, fmt.Errorf("secret %s/%s must contain %q and %q for egress TLS intercept", namespace, name, corev1.TLSCertKey, corev1.TLSPrivateKeyKey) + } + return cert, key, nil +} + +func secretGetError(namespace, name string, err error) error { + if apierrors.IsForbidden(err) { + return fmt.Errorf("ateom service account cannot read secret %s/%s for egress agentgateway config: %w", namespace, name, err) + } + return fmt.Errorf("while reading secret %s/%s for egress agentgateway config: %w", namespace, name, err) +} diff --git a/cmd/ateom-gvisor/egress_agentgateway_test.go b/cmd/ateom-gvisor/egress_agentgateway_test.go new file mode 100644 index 00000000..5b6fe450 --- /dev/null +++ b/cmd/ateom-gvisor/egress_agentgateway_test.go @@ -0,0 +1,186 @@ +//go:build linux + +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "context" + "strings" + "testing" + + "github.com/agent-substrate/substrate/internal/proto/ateompb" +) + +func TestRenderEgressAgentgatewayConfigAddsHTTPRouteAndHeaders(t *testing.T) { + secrets := fakeEgressSecretResolver{ + values: map[string]string{ + "dev-agents/openai-token/token": "Bearer test-token", + }, + } + policy := egressPolicyForTest() + policy.Allow[0].Ports[0].Port = 80 + policy.Allow[0].Tls = nil + cfg, err := renderEgressAgentgatewayConfig(context.Background(), secrets, "dev-agents", t.TempDir(), policy) + if err != nil { + t.Fatalf("renderEgressAgentgatewayConfig() error = %v", err) + } + got := string(cfg) + for _, want := range []string{ + "port: 15001", + "name: allow-api-openai-com-80", + "name: ':authority'", + "exact: api.openai.com", + "exact: api.openai.com:80", + "host: api.openai.com:80", + "Authorization: Bearer test-token", + "directResponse:", + "status: 403", + } { + if !strings.Contains(got, want) { + t.Fatalf("rendered config missing %q:\n%s", want, got) + } + } +} + +func TestRenderEgressAgentgatewayConfigDoesNotAddTLSRulesToHTTPListener(t *testing.T) { + policy := egressPolicyForTest() + policy.Allow[0].Credentials = nil + cfg, err := renderEgressAgentgatewayConfig(context.Background(), nil, "dev-agents", t.TempDir(), policy) + if err != nil { + t.Fatalf("renderEgressAgentgatewayConfig() error = %v", err) + } + got := string(cfg) + for _, notWant := range []string{ + "backendTLS: {}", + } { + if strings.Contains(got, notWant) { + t.Fatalf("rendered HTTP listener config should not contain TLS route %q:\n%s", notWant, got) + } + } +} + +func TestRenderEgressAgentgatewayConfigAddsTLSPassthroughTCPRoute(t *testing.T) { + policy := egressPolicyForTest() + policy.Allow[0].Credentials = nil + cfg, err := renderEgressAgentgatewayConfig(context.Background(), nil, "dev-agents", t.TempDir(), policy) + if err != nil { + t.Fatalf("renderEgressAgentgatewayConfig() error = %v", err) + } + got := string(cfg) + for _, want := range []string{ + "port: 15002", + "protocol: TLS", + "tcpRoutes:", + "name: allow-api-openai-com-443", + "hostnames:", + "- api.openai.com", + "host: api.openai.com:443", + } { + if !strings.Contains(got, want) { + t.Fatalf("rendered config missing %q:\n%s", want, got) + } + } +} + +func TestRenderEgressAgentgatewayConfigAddsInterceptHTTPSBind(t *testing.T) { + secrets := fakeEgressSecretResolver{ + certs: map[string]fakeTLSSecret{ + "dev-agents/egress-ca": { + cert: []byte("cert"), + key: []byte("key"), + }, + }, + } + policy := egressPolicyForTest() + policy.Allow[0].Tls.Mode = "Intercept" + policy.Allow[0].Tls.Intercept = &ateompb.EgressTLSInterceptPolicy{ + IssuerSecretRef: &ateompb.SecretReference{ + Name: "egress-ca", + Namespace: "dev-agents", + }, + ValidateUpstream: true, + } + cfg, err := renderEgressAgentgatewayConfig(context.Background(), secrets, "dev-agents", t.TempDir(), policy) + if err != nil { + t.Fatalf("renderEgressAgentgatewayConfig() error = %v", err) + } + got := string(cfg) + for _, want := range []string{ + "port: 15002", + "protocol: HTTPS", + "tls:", + "cert:", + "key:", + "host: api.openai.com:443", + "backendTLS: {}", + } { + if !strings.Contains(got, want) { + t.Fatalf("rendered config missing %q:\n%s", want, got) + } + } +} + +func egressPolicyForTest() *ateompb.EgressPolicy { + return &ateompb.EgressPolicy{ + DefaultAction: "Deny", + Allow: []*ateompb.EgressPolicyRule{ + { + To: []*ateompb.EgressPolicyDestination{ + {Host: "api.openai.com"}, + }, + Ports: []*ateompb.EgressPort{ + {Port: 443, Protocol: "TCP"}, + }, + Tls: &ateompb.EgressTLSPolicy{ + Mode: "Require", + Required: true, + }, + Credentials: &ateompb.EgressCredentialPolicy{ + Inject: []*ateompb.EgressCredentialInjection{ + { + Header: "Authorization", + ValueFrom: &ateompb.EgressCredentialValueFrom{ + SecretKeyRef: &ateompb.SecretKeySelector{ + Name: "openai-token", + Key: "token", + }, + }, + }, + }, + }, + }, + }, + } +} + +type fakeEgressSecretResolver struct { + values map[string]string + certs map[string]fakeTLSSecret +} + +type fakeTLSSecret struct { + cert []byte + key []byte +} + +func (r fakeEgressSecretResolver) SecretValue(_ context.Context, namespace, name, key string) (string, error) { + return r.values[namespace+"/"+name+"/"+key], nil +} + +func (r fakeEgressSecretResolver) TLSSecret(_ context.Context, namespace, name string) ([]byte, []byte, error) { + secret := r.certs[namespace+"/"+name] + return secret.cert, secret.key, nil +} diff --git a/cmd/ateom-gvisor/main.go b/cmd/ateom-gvisor/main.go index 1f9fa894..901e8086 100644 --- a/cmd/ateom-gvisor/main.go +++ b/cmd/ateom-gvisor/main.go @@ -47,8 +47,9 @@ import ( ) var ( - podNamespace = flag.String("pod-namespace", "", "The namespace of the current pod") - podName = flag.String("pod-name", "", "The name of the current pod") + podNamespace = flag.String("pod-namespace", "", "The namespace of the current pod") + podName = flag.String("pod-name", "", "The name of the current pod") + egressAgentgatewayBinary = flag.String("egress-agentgateway-binary", "/app/agentgateway", "Path to the agentgateway binary used for local egress policy enforcement.") reapLock sync.RWMutex ) @@ -133,7 +134,12 @@ func do(ctx context.Context) error { } actorLogger := ateom.NewActorLogger(syncedWriter, metadata.OnGCE()) - ateomService := NewService(interiorNetNS, actorLogger) + egressGateway, err := newEgressAgentgatewayManager(ctx, *egressAgentgatewayBinary, *podNamespace, *podName) + if err != nil { + return fmt.Errorf("while initializing egress agentgateway manager: %w", err) + } + defer egressGateway.Stop(ctx) + ateomService := NewService(interiorNetNS, actorLogger, egressGateway) svr := grpc.NewServer( grpc.StatsHandler(otelgrpc.NewServerHandler()), @@ -160,15 +166,17 @@ type AteomService struct { interiorNetNS netns.NsHandle actorLogger *ateom.ActorLogger + egressGateway *egressAgentgatewayManager } var _ ateompb.AteomServer = (*AteomService)(nil) // NewService creates a new AteomService. -func NewService(interiorNetNS netns.NsHandle, actorLogger *ateom.ActorLogger) *AteomService { +func NewService(interiorNetNS netns.NsHandle, actorLogger *ateom.ActorLogger, egressGateway *egressAgentgatewayManager) *AteomService { svc := &AteomService{ interiorNetNS: interiorNetNS, actorLogger: actorLogger, + egressGateway: egressGateway, } return svc } @@ -184,6 +192,9 @@ func (s *AteomService) RunWorkload(ctx context.Context, req *ateompb.RunWorkload // * Correct runsc version is downloaded and placed on disk. // * All OCI bundles are set up, including for "pause" container. + if err := s.egressGateway.ApplyPolicy(ctx, req.GetSpec().GetEgressPolicy()); err != nil { + return nil, fmt.Errorf("while configuring egress agentgateway: %w", err) + } if err := s.setupActorNetwork(ctx, req.GetSpec().GetEgressPolicy()); err != nil { return nil, fmt.Errorf("while setting up actor network: %w", err) } @@ -286,6 +297,9 @@ func (s *AteomService) CheckpointWorkload(ctx context.Context, req *ateompb.Chec if err := s.cleanupActorNetwork(ctx); err != nil { return nil, fmt.Errorf("while cleaning up actor network: %w", err) } + if err := s.egressGateway.ApplyPolicy(ctx, nil); err != nil { + return nil, fmt.Errorf("while clearing egress agentgateway config: %w", err) + } s.actorLogger.EmitLifecycleLog("Actor checkpointed", req.GetActorId(), req.GetActorTemplateName(), req.GetActorTemplateNamespace()) @@ -304,6 +318,9 @@ func (s *AteomService) RestoreWorkload(ctx context.Context, req *ateompb.Restore // * All OCI bundles are set up, including for "pause" container. // * Checkpoint downloaded and placed on disk + if err := s.egressGateway.ApplyPolicy(ctx, req.GetSpec().GetEgressPolicy()); err != nil { + return nil, fmt.Errorf("while configuring egress agentgateway: %w", err) + } if err := s.setupActorNetwork(ctx, req.GetSpec().GetEgressPolicy()); err != nil { return nil, fmt.Errorf("while setting up actor network: %w", err) } @@ -425,7 +442,7 @@ func (s *AteomService) setupActorNetwork(ctx context.Context, egressPolicy *ateo if err := enableIPv4Forwarding(); err != nil { return err } - if err := installActorNftablesRules(ctx, podIP, egressPolicy); err != nil { + if err := installActorNftablesRules(ctx, podIP); err != nil { return err } @@ -581,7 +598,7 @@ func enableIPv4Forwarding() error { return nil } -func installActorNftablesRules(ctx context.Context, podIP net.IP, egressPolicy *ateompb.EgressPolicy) error { +func installActorNftablesRules(ctx context.Context, podIP net.IP) error { // Install a dedicated nftables table for the active actor. Keeping all // rules in an ateom-owned table makes cleanup simple and avoids mutating // Kubernetes or CNI-managed chains directly. @@ -594,9 +611,8 @@ func installActorNftablesRules(ctx context.Context, podIP net.IP, egressPolicy * // actor veth IP on TCP/80, preserving existing inbound behavior. // * forward: accept forwarded packets between the actor veth and pod eth0. // - // This is not the final egress policy path. The later AgentGateway phase - // should replace the broad masquerade path with transparent TCP capture and - // default-deny rules. + // Egress policy is enforced by the local agentgateway instance. These + // nftables rules only provide transparent capture and forwarding plumbing. if err := removeActorNftablesRules(); err != nil { return err } @@ -615,6 +631,8 @@ func installActorNftablesRules(ctx context.Context, podIP net.IP, egressPolicy * Hooknum: nftables.ChainHookPrerouting, Priority: nftables.ChainPriorityNATDest, }) + addTransparentHTTPEgressRedirect(c, table, prerouting) + // TODO: Support inbound UDP DNAT for actors that expose UDP protocols such // as QUIC. // TODO: Replace the hard-coded HTTP port with the actor's configured @@ -656,9 +674,6 @@ func installActorNftablesRules(ctx context.Context, podIP net.IP, egressPolicy * }) forwardPolicy := nftables.ChainPolicyAccept - if egressPolicy.GetDefaultAction() == "Deny" { - forwardPolicy = nftables.ChainPolicyDrop - } forward := c.AddChain(&nftables.Chain{ Name: "forward", Table: table, @@ -668,18 +683,7 @@ func installActorNftablesRules(ctx context.Context, podIP net.IP, egressPolicy * Policy: &forwardPolicy, }) addBaseForwardRules(c, table, forward) - if err := addEgressPolicyRules(ctx, c, table, forward, egressPolicy); err != nil { - return err - } - if egressPolicy.GetDefaultAction() != "Deny" { - c.AddRule(&nftables.Rule{ - Table: table, - Chain: forward, - Exprs: []expr.Any{ - &expr.Verdict{Kind: expr.VerdictAccept}, - }, - }) - } + addEgressAgentgatewayForwardRules(c, table, forward) if err := c.Flush(); err != nil { return fmt.Errorf("while installing actor nftables rules: %w", err) @@ -725,85 +729,47 @@ func addBaseForwardRules(c *nftables.Conn, table *nftables.Table, forward *nftab }) } -func addEgressPolicyRules(ctx context.Context, c *nftables.Conn, table *nftables.Table, forward *nftables.Chain, policy *ateompb.EgressPolicy) error { - if policy == nil { - return nil - } - - for _, rule := range policy.GetDeny() { - if err := addEgressPolicyRule(ctx, c, table, forward, rule, expr.VerdictDrop); err != nil { - return err - } - } - for _, rule := range policy.GetAllow() { - if err := addEgressPolicyRule(ctx, c, table, forward, rule, expr.VerdictAccept); err != nil { - return err - } - } - return nil +func addTransparentHTTPEgressRedirect(c *nftables.Conn, table *nftables.Table, prerouting *nftables.Chain) { + addTransparentEgressRedirect(c, table, prerouting, 80, egressAgentgatewayHTTPPort) + addTransparentEgressRedirect(c, table, prerouting, 443, egressAgentgatewayHTTPSPort) } -func addEgressPolicyRule(ctx context.Context, c *nftables.Conn, table *nftables.Table, forward *nftables.Chain, rule *ateompb.EgressPolicyRule, verdict expr.VerdictKind) error { - destinations, err := resolveEgressDestinations(ctx, rule.GetTo()) - if err != nil { - return err - } - ports := rule.GetPorts() - if len(ports) == 0 { - ports = []*ateompb.EgressPort{{Protocol: "TCP"}} - } - - for _, dst := range destinations { - for _, port := range ports { - exprs := append(ipSourceEqual(actorVethIP), dst...) - if port.GetPort() != 0 { - exprs = append(exprs, destinationPortEqual(port.GetProtocol(), uint16(port.GetPort()))...) - } - exprs = append(exprs, &expr.Verdict{Kind: verdict}) - c.AddRule(&nftables.Rule{ - Table: table, - Chain: forward, - Exprs: exprs, - }) - } - } - return nil +func addTransparentEgressRedirect(c *nftables.Conn, table *nftables.Table, prerouting *nftables.Chain, originalPort uint16, proxyPort uint16) { + exprs := append(ipSourceEqual(actorVethIP), tcpDestinationPortEqual(originalPort)...) + exprs = append(exprs, + &expr.Immediate{ + Register: 1, + Data: net.ParseIP(actorVethGateway).To4(), + }, + &expr.Immediate{ + Register: 2, + Data: binaryutil.BigEndian.PutUint16(proxyPort), + }, + &expr.NAT{ + Type: expr.NATTypeDestNAT, + Family: unix.NFPROTO_IPV4, + RegAddrMin: 1, + RegProtoMin: 2, + }, + ) + c.AddRule(&nftables.Rule{ + Table: table, + Chain: prerouting, + Exprs: exprs, + }) } -func resolveEgressDestinations(ctx context.Context, destinations []*ateompb.EgressPolicyDestination) ([][]expr.Any, error) { - if len(destinations) == 0 { - return [][]expr.Any{{}}, nil - } - - var out [][]expr.Any - for _, dest := range destinations { - if dest.GetCidr() != "" { - exprs, err := ipDestinationCIDREqual(dest.GetCidr()) - if err != nil { - return nil, err - } - out = append(out, exprs) - } - if dest.GetHost() == "" { - continue - } - ips, err := net.DefaultResolver.LookupIPAddr(ctx, dest.GetHost()) - if err != nil { - return nil, fmt.Errorf("while resolving egress policy host %q: %w", dest.GetHost(), err) - } - for _, ipAddr := range ips { - ip := ipAddr.IP.To4() - if ip == nil { - continue - } - slog.InfoContext(ctx, "Resolved egress policy host", slog.String("host", dest.GetHost()), slog.String("ip", ip.String())) - out = append(out, ipDestinationEqual(ip.String())) - } - } - if len(out) == 0 { - return nil, fmt.Errorf("egress policy rule has no IPv4 destinations") +func addEgressAgentgatewayForwardRules(c *nftables.Conn, table *nftables.Table, forward *nftables.Chain) { + for _, port := range []uint16{egressAgentgatewayHTTPPort, egressAgentgatewayHTTPSPort} { + exprs := append(ipSourceEqual(actorVethIP), ipDestinationEqual(actorVethGateway)...) + exprs = append(exprs, tcpDestinationPortEqual(port)...) + exprs = append(exprs, &expr.Verdict{Kind: expr.VerdictAccept}) + c.AddRule(&nftables.Rule{ + Table: table, + Chain: forward, + Exprs: exprs, + }) } - return out, nil } func establishedOrRelated() []expr.Any { @@ -832,38 +798,6 @@ func ipDestinationEqual(ip string) []expr.Any { return ipPayloadEqual(16, ip) } -func ipDestinationCIDREqual(cidr string) ([]expr.Any, error) { - ip, ipNet, err := net.ParseCIDR(cidr) - if err != nil { - return nil, fmt.Errorf("invalid egress policy CIDR %q: %w", cidr, err) - } - ip = ip.To4() - if ip == nil { - return nil, fmt.Errorf("egress policy CIDR %q is not IPv4", cidr) - } - mask := ipNet.Mask - return []expr.Any{ - &expr.Payload{ - DestRegister: 1, - Base: expr.PayloadBaseNetworkHeader, - Offset: 16, - Len: 4, - }, - &expr.Bitwise{ - SourceRegister: 1, - DestRegister: 1, - Len: 4, - Mask: []byte(mask), - Xor: []byte{0, 0, 0, 0}, - }, - &expr.Cmp{ - Op: expr.CmpOpEq, - Register: 1, - Data: ip.Mask(mask), - }, - }, nil -} - func ipPayloadEqual(offset uint32, ip string) []expr.Any { return []expr.Any{ &expr.Payload{ diff --git a/demos/counter/counter.go b/demos/counter/counter.go index 874429e2..956f6533 100644 --- a/demos/counter/counter.go +++ b/demos/counter/counter.go @@ -63,7 +63,9 @@ func main() { return } - client := &http.Client{} + transport := http.DefaultTransport.(*http.Transport).Clone() + transport.Proxy = nil + client := &http.Client{Transport: transport} resp, err := client.Do(req) if err != nil { diff --git a/demos/counter/counter.yaml.tmpl b/demos/counter/counter.yaml.tmpl index eebc000c..92fda969 100644 --- a/demos/counter/counter.yaml.tmpl +++ b/demos/counter/counter.yaml.tmpl @@ -65,13 +65,20 @@ spec: protocol: UDP - port: 53 protocol: TCP - - name: example + - name: example-http to: - host: example.com ports: - port: 80 protocol: TCP + - name: example-https + to: + - host: example.com + ports: - port: 443 protocol: TCP + tls: + mode: Require + required: true audit: logs: true diff --git a/hack/install-demo-counter.sh b/hack/install-demo-counter.sh old mode 100644 new mode 100755 diff --git a/internal/ateompath/ateompath.go b/internal/ateompath/ateompath.go index 3fae5722..b91c7207 100644 --- a/internal/ateompath/ateompath.go +++ b/internal/ateompath/ateompath.go @@ -48,6 +48,21 @@ func AteomPath(ateomNamespace, ateomName string) string { ) } +func EgressAgentgatewayDir(ateomNamespace, ateomName string) string { + return filepath.Join( + AteomPath(ateomNamespace, ateomName), + "egress-agentgateway", + ) +} + +func EgressAgentgatewayConfigPath(ateomNamespace, ateomName string) string { + return filepath.Join(EgressAgentgatewayDir(ateomNamespace, ateomName), "config.yaml") +} + +func EgressAgentgatewayTLSDir(ateomNamespace, ateomName string) string { + return filepath.Join(EgressAgentgatewayDir(ateomNamespace, ateomName), "tls") +} + func AteomSocketPath(ateomNamespace, ateomName string) string { return filepath.Join( AteomPath(ateomNamespace, ateomName), diff --git a/internal/proto/ateletpb/atelet.pb.go b/internal/proto/ateletpb/atelet.pb.go index 725c3ee7..54f6bdb7 100644 --- a/internal/proto/ateletpb/atelet.pb.go +++ b/internal/proto/ateletpb/atelet.pb.go @@ -576,6 +576,8 @@ type EgressPolicyRule struct { state protoimpl.MessageState `protogen:"open.v1"` To []*EgressPolicyDestination `protobuf:"bytes,1,rep,name=to,proto3" json:"to,omitempty"` Ports []*EgressPort `protobuf:"bytes,2,rep,name=ports,proto3" json:"ports,omitempty"` + Tls *EgressTLSPolicy `protobuf:"bytes,3,opt,name=tls,proto3" json:"tls,omitempty"` + Credentials *EgressCredentialPolicy `protobuf:"bytes,4,opt,name=credentials,proto3" json:"credentials,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -624,6 +626,20 @@ func (x *EgressPolicyRule) GetPorts() []*EgressPort { return nil } +func (x *EgressPolicyRule) GetTls() *EgressTLSPolicy { + if x != nil { + return x.Tls + } + return nil +} + +func (x *EgressPolicyRule) GetCredentials() *EgressCredentialPolicy { + if x != nil { + return x.Credentials + } + return nil +} + type EgressPolicyDestination struct { state protoimpl.MessageState `protogen:"open.v1"` Host string `protobuf:"bytes,1,opt,name=host,proto3" json:"host,omitempty"` @@ -728,6 +744,362 @@ func (x *EgressPort) GetProtocol() string { return "" } +type EgressTLSPolicy struct { + state protoimpl.MessageState `protogen:"open.v1"` + Mode string `protobuf:"bytes,1,opt,name=mode,proto3" json:"mode,omitempty"` + Required bool `protobuf:"varint,2,opt,name=required,proto3" json:"required,omitempty"` + Intercept *EgressTLSInterceptPolicy `protobuf:"bytes,3,opt,name=intercept,proto3" json:"intercept,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressTLSPolicy) Reset() { + *x = EgressTLSPolicy{} + mi := &file_atelet_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressTLSPolicy) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressTLSPolicy) ProtoMessage() {} + +func (x *EgressTLSPolicy) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[12] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressTLSPolicy.ProtoReflect.Descriptor instead. +func (*EgressTLSPolicy) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{12} +} + +func (x *EgressTLSPolicy) GetMode() string { + if x != nil { + return x.Mode + } + return "" +} + +func (x *EgressTLSPolicy) GetRequired() bool { + if x != nil { + return x.Required + } + return false +} + +func (x *EgressTLSPolicy) GetIntercept() *EgressTLSInterceptPolicy { + if x != nil { + return x.Intercept + } + return nil +} + +type EgressTLSInterceptPolicy struct { + state protoimpl.MessageState `protogen:"open.v1"` + IssuerSecretRef *SecretReference `protobuf:"bytes,1,opt,name=issuer_secret_ref,json=issuerSecretRef,proto3" json:"issuer_secret_ref,omitempty"` + ValidateUpstream bool `protobuf:"varint,2,opt,name=validate_upstream,json=validateUpstream,proto3" json:"validate_upstream,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressTLSInterceptPolicy) Reset() { + *x = EgressTLSInterceptPolicy{} + mi := &file_atelet_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressTLSInterceptPolicy) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressTLSInterceptPolicy) ProtoMessage() {} + +func (x *EgressTLSInterceptPolicy) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[13] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressTLSInterceptPolicy.ProtoReflect.Descriptor instead. +func (*EgressTLSInterceptPolicy) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{13} +} + +func (x *EgressTLSInterceptPolicy) GetIssuerSecretRef() *SecretReference { + if x != nil { + return x.IssuerSecretRef + } + return nil +} + +func (x *EgressTLSInterceptPolicy) GetValidateUpstream() bool { + if x != nil { + return x.ValidateUpstream + } + return false +} + +type EgressCredentialPolicy struct { + state protoimpl.MessageState `protogen:"open.v1"` + Inject []*EgressCredentialInjection `protobuf:"bytes,1,rep,name=inject,proto3" json:"inject,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressCredentialPolicy) Reset() { + *x = EgressCredentialPolicy{} + mi := &file_atelet_proto_msgTypes[14] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressCredentialPolicy) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressCredentialPolicy) ProtoMessage() {} + +func (x *EgressCredentialPolicy) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[14] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressCredentialPolicy.ProtoReflect.Descriptor instead. +func (*EgressCredentialPolicy) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{14} +} + +func (x *EgressCredentialPolicy) GetInject() []*EgressCredentialInjection { + if x != nil { + return x.Inject + } + return nil +} + +type EgressCredentialInjection struct { + state protoimpl.MessageState `protogen:"open.v1"` + Header string `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"` + ValueFrom *EgressCredentialValueFrom `protobuf:"bytes,2,opt,name=value_from,json=valueFrom,proto3" json:"value_from,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressCredentialInjection) Reset() { + *x = EgressCredentialInjection{} + mi := &file_atelet_proto_msgTypes[15] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressCredentialInjection) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressCredentialInjection) ProtoMessage() {} + +func (x *EgressCredentialInjection) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[15] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressCredentialInjection.ProtoReflect.Descriptor instead. +func (*EgressCredentialInjection) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{15} +} + +func (x *EgressCredentialInjection) GetHeader() string { + if x != nil { + return x.Header + } + return "" +} + +func (x *EgressCredentialInjection) GetValueFrom() *EgressCredentialValueFrom { + if x != nil { + return x.ValueFrom + } + return nil +} + +type EgressCredentialValueFrom struct { + state protoimpl.MessageState `protogen:"open.v1"` + SecretKeyRef *SecretKeySelector `protobuf:"bytes,1,opt,name=secret_key_ref,json=secretKeyRef,proto3" json:"secret_key_ref,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressCredentialValueFrom) Reset() { + *x = EgressCredentialValueFrom{} + mi := &file_atelet_proto_msgTypes[16] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressCredentialValueFrom) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressCredentialValueFrom) ProtoMessage() {} + +func (x *EgressCredentialValueFrom) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[16] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressCredentialValueFrom.ProtoReflect.Descriptor instead. +func (*EgressCredentialValueFrom) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{16} +} + +func (x *EgressCredentialValueFrom) GetSecretKeyRef() *SecretKeySelector { + if x != nil { + return x.SecretKeyRef + } + return nil +} + +type SecretReference struct { + state protoimpl.MessageState `protogen:"open.v1"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Namespace string `protobuf:"bytes,2,opt,name=namespace,proto3" json:"namespace,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *SecretReference) Reset() { + *x = SecretReference{} + mi := &file_atelet_proto_msgTypes[17] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *SecretReference) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SecretReference) ProtoMessage() {} + +func (x *SecretReference) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[17] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SecretReference.ProtoReflect.Descriptor instead. +func (*SecretReference) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{17} +} + +func (x *SecretReference) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *SecretReference) GetNamespace() string { + if x != nil { + return x.Namespace + } + return "" +} + +type SecretKeySelector struct { + state protoimpl.MessageState `protogen:"open.v1"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Key string `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *SecretKeySelector) Reset() { + *x = SecretKeySelector{} + mi := &file_atelet_proto_msgTypes[18] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *SecretKeySelector) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SecretKeySelector) ProtoMessage() {} + +func (x *SecretKeySelector) ProtoReflect() protoreflect.Message { + mi := &file_atelet_proto_msgTypes[18] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SecretKeySelector.ProtoReflect.Descriptor instead. +func (*SecretKeySelector) Descriptor() ([]byte, []int) { + return file_atelet_proto_rawDescGZIP(), []int{18} +} + +func (x *SecretKeySelector) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *SecretKeySelector) GetKey() string { + if x != nil { + return x.Key + } + return "" +} + type RunResponse struct { state protoimpl.MessageState `protogen:"open.v1"` unknownFields protoimpl.UnknownFields @@ -736,7 +1108,7 @@ type RunResponse struct { func (x *RunResponse) Reset() { *x = RunResponse{} - mi := &file_atelet_proto_msgTypes[12] + mi := &file_atelet_proto_msgTypes[19] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -748,7 +1120,7 @@ func (x *RunResponse) String() string { func (*RunResponse) ProtoMessage() {} func (x *RunResponse) ProtoReflect() protoreflect.Message { - mi := &file_atelet_proto_msgTypes[12] + mi := &file_atelet_proto_msgTypes[19] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -761,7 +1133,7 @@ func (x *RunResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RunResponse.ProtoReflect.Descriptor instead. func (*RunResponse) Descriptor() ([]byte, []int) { - return file_atelet_proto_rawDescGZIP(), []int{12} + return file_atelet_proto_rawDescGZIP(), []int{19} } type CheckpointRequest struct { @@ -790,7 +1162,7 @@ type CheckpointRequest struct { func (x *CheckpointRequest) Reset() { *x = CheckpointRequest{} - mi := &file_atelet_proto_msgTypes[13] + mi := &file_atelet_proto_msgTypes[20] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -802,7 +1174,7 @@ func (x *CheckpointRequest) String() string { func (*CheckpointRequest) ProtoMessage() {} func (x *CheckpointRequest) ProtoReflect() protoreflect.Message { - mi := &file_atelet_proto_msgTypes[13] + mi := &file_atelet_proto_msgTypes[20] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -815,7 +1187,7 @@ func (x *CheckpointRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use CheckpointRequest.ProtoReflect.Descriptor instead. func (*CheckpointRequest) Descriptor() ([]byte, []int) { - return file_atelet_proto_rawDescGZIP(), []int{13} + return file_atelet_proto_rawDescGZIP(), []int{20} } func (x *CheckpointRequest) GetTargetAteomNamespace() string { @@ -882,7 +1254,7 @@ type CheckpointResponse struct { func (x *CheckpointResponse) Reset() { *x = CheckpointResponse{} - mi := &file_atelet_proto_msgTypes[14] + mi := &file_atelet_proto_msgTypes[21] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -894,7 +1266,7 @@ func (x *CheckpointResponse) String() string { func (*CheckpointResponse) ProtoMessage() {} func (x *CheckpointResponse) ProtoReflect() protoreflect.Message { - mi := &file_atelet_proto_msgTypes[14] + mi := &file_atelet_proto_msgTypes[21] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -907,7 +1279,7 @@ func (x *CheckpointResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use CheckpointResponse.ProtoReflect.Descriptor instead. func (*CheckpointResponse) Descriptor() ([]byte, []int) { - return file_atelet_proto_rawDescGZIP(), []int{14} + return file_atelet_proto_rawDescGZIP(), []int{21} } type RestoreRequest struct { @@ -927,7 +1299,7 @@ type RestoreRequest struct { func (x *RestoreRequest) Reset() { *x = RestoreRequest{} - mi := &file_atelet_proto_msgTypes[15] + mi := &file_atelet_proto_msgTypes[22] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -939,7 +1311,7 @@ func (x *RestoreRequest) String() string { func (*RestoreRequest) ProtoMessage() {} func (x *RestoreRequest) ProtoReflect() protoreflect.Message { - mi := &file_atelet_proto_msgTypes[15] + mi := &file_atelet_proto_msgTypes[22] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -952,7 +1324,7 @@ func (x *RestoreRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use RestoreRequest.ProtoReflect.Descriptor instead. func (*RestoreRequest) Descriptor() ([]byte, []int) { - return file_atelet_proto_rawDescGZIP(), []int{15} + return file_atelet_proto_rawDescGZIP(), []int{22} } func (x *RestoreRequest) GetTargetAteomNamespace() string { @@ -1019,7 +1391,7 @@ type RestoreResponse struct { func (x *RestoreResponse) Reset() { *x = RestoreResponse{} - mi := &file_atelet_proto_msgTypes[16] + mi := &file_atelet_proto_msgTypes[23] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -1031,7 +1403,7 @@ func (x *RestoreResponse) String() string { func (*RestoreResponse) ProtoMessage() {} func (x *RestoreResponse) ProtoReflect() protoreflect.Message { - mi := &file_atelet_proto_msgTypes[16] + mi := &file_atelet_proto_msgTypes[23] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -1044,7 +1416,7 @@ func (x *RestoreResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RestoreResponse.ProtoReflect.Descriptor instead. func (*RestoreResponse) Descriptor() ([]byte, []int) { - return file_atelet_proto_rawDescGZIP(), []int{16} + return file_atelet_proto_rawDescGZIP(), []int{23} } var File_atelet_proto protoreflect.FileDescriptor @@ -1091,17 +1463,40 @@ const file_atelet_proto_rawDesc = "" + "\fEgressPolicy\x12%\n" + "\x0edefault_action\x18\x01 \x01(\tR\rdefaultAction\x12.\n" + "\x05allow\x18\x02 \x03(\v2\x18.atelet.EgressPolicyRuleR\x05allow\x12,\n" + - "\x04deny\x18\x03 \x03(\v2\x18.atelet.EgressPolicyRuleR\x04deny\"m\n" + + "\x04deny\x18\x03 \x03(\v2\x18.atelet.EgressPolicyRuleR\x04deny\"\xda\x01\n" + "\x10EgressPolicyRule\x12/\n" + "\x02to\x18\x01 \x03(\v2\x1f.atelet.EgressPolicyDestinationR\x02to\x12(\n" + - "\x05ports\x18\x02 \x03(\v2\x12.atelet.EgressPortR\x05ports\"A\n" + + "\x05ports\x18\x02 \x03(\v2\x12.atelet.EgressPortR\x05ports\x12)\n" + + "\x03tls\x18\x03 \x01(\v2\x17.atelet.EgressTLSPolicyR\x03tls\x12@\n" + + "\vcredentials\x18\x04 \x01(\v2\x1e.atelet.EgressCredentialPolicyR\vcredentials\"A\n" + "\x17EgressPolicyDestination\x12\x12\n" + "\x04host\x18\x01 \x01(\tR\x04host\x12\x12\n" + "\x04cidr\x18\x02 \x01(\tR\x04cidr\"<\n" + "\n" + "EgressPort\x12\x12\n" + "\x04port\x18\x01 \x01(\rR\x04port\x12\x1a\n" + - "\bprotocol\x18\x02 \x01(\tR\bprotocol\"\r\n" + + "\bprotocol\x18\x02 \x01(\tR\bprotocol\"\x81\x01\n" + + "\x0fEgressTLSPolicy\x12\x12\n" + + "\x04mode\x18\x01 \x01(\tR\x04mode\x12\x1a\n" + + "\brequired\x18\x02 \x01(\bR\brequired\x12>\n" + + "\tintercept\x18\x03 \x01(\v2 .atelet.EgressTLSInterceptPolicyR\tintercept\"\x8c\x01\n" + + "\x18EgressTLSInterceptPolicy\x12C\n" + + "\x11issuer_secret_ref\x18\x01 \x01(\v2\x17.atelet.SecretReferenceR\x0fissuerSecretRef\x12+\n" + + "\x11validate_upstream\x18\x02 \x01(\bR\x10validateUpstream\"S\n" + + "\x16EgressCredentialPolicy\x129\n" + + "\x06inject\x18\x01 \x03(\v2!.atelet.EgressCredentialInjectionR\x06inject\"u\n" + + "\x19EgressCredentialInjection\x12\x16\n" + + "\x06header\x18\x01 \x01(\tR\x06header\x12@\n" + + "\n" + + "value_from\x18\x02 \x01(\v2!.atelet.EgressCredentialValueFromR\tvalueFrom\"\\\n" + + "\x19EgressCredentialValueFrom\x12?\n" + + "\x0esecret_key_ref\x18\x01 \x01(\v2\x19.atelet.SecretKeySelectorR\fsecretKeyRef\"C\n" + + "\x0fSecretReference\x12\x12\n" + + "\x04name\x18\x01 \x01(\tR\x04name\x12\x1c\n" + + "\tnamespace\x18\x02 \x01(\tR\tnamespace\"9\n" + + "\x11SecretKeySelector\x12\x12\n" + + "\x04name\x18\x01 \x01(\tR\x04name\x12\x10\n" + + "\x03key\x18\x02 \x01(\tR\x03key\"\r\n" + "\vRunResponse\"\xff\x02\n" + "\x11CheckpointRequest\x124\n" + "\x16target_ateom_namespace\x18\x01 \x01(\tR\x14targetAteomNamespace\x12*\n" + @@ -1141,25 +1536,32 @@ func file_atelet_proto_rawDescGZIP() []byte { return file_atelet_proto_rawDescData } -var file_atelet_proto_msgTypes = make([]protoimpl.MessageInfo, 17) +var file_atelet_proto_msgTypes = make([]protoimpl.MessageInfo, 24) var file_atelet_proto_goTypes = []any{ - (*RunRequest)(nil), // 0: atelet.RunRequest - (*GCPAuthenticationConfig)(nil), // 1: atelet.GCPAuthenticationConfig - (*AuthenticationConfig)(nil), // 2: atelet.AuthenticationConfig - (*RunscPlatformConfig)(nil), // 3: atelet.RunscPlatformConfig - (*RunscConfig)(nil), // 4: atelet.RunscConfig - (*WorkloadSpec)(nil), // 5: atelet.WorkloadSpec - (*Container)(nil), // 6: atelet.Container - (*EnvEntry)(nil), // 7: atelet.EnvEntry - (*EgressPolicy)(nil), // 8: atelet.EgressPolicy - (*EgressPolicyRule)(nil), // 9: atelet.EgressPolicyRule - (*EgressPolicyDestination)(nil), // 10: atelet.EgressPolicyDestination - (*EgressPort)(nil), // 11: atelet.EgressPort - (*RunResponse)(nil), // 12: atelet.RunResponse - (*CheckpointRequest)(nil), // 13: atelet.CheckpointRequest - (*CheckpointResponse)(nil), // 14: atelet.CheckpointResponse - (*RestoreRequest)(nil), // 15: atelet.RestoreRequest - (*RestoreResponse)(nil), // 16: atelet.RestoreResponse + (*RunRequest)(nil), // 0: atelet.RunRequest + (*GCPAuthenticationConfig)(nil), // 1: atelet.GCPAuthenticationConfig + (*AuthenticationConfig)(nil), // 2: atelet.AuthenticationConfig + (*RunscPlatformConfig)(nil), // 3: atelet.RunscPlatformConfig + (*RunscConfig)(nil), // 4: atelet.RunscConfig + (*WorkloadSpec)(nil), // 5: atelet.WorkloadSpec + (*Container)(nil), // 6: atelet.Container + (*EnvEntry)(nil), // 7: atelet.EnvEntry + (*EgressPolicy)(nil), // 8: atelet.EgressPolicy + (*EgressPolicyRule)(nil), // 9: atelet.EgressPolicyRule + (*EgressPolicyDestination)(nil), // 10: atelet.EgressPolicyDestination + (*EgressPort)(nil), // 11: atelet.EgressPort + (*EgressTLSPolicy)(nil), // 12: atelet.EgressTLSPolicy + (*EgressTLSInterceptPolicy)(nil), // 13: atelet.EgressTLSInterceptPolicy + (*EgressCredentialPolicy)(nil), // 14: atelet.EgressCredentialPolicy + (*EgressCredentialInjection)(nil), // 15: atelet.EgressCredentialInjection + (*EgressCredentialValueFrom)(nil), // 16: atelet.EgressCredentialValueFrom + (*SecretReference)(nil), // 17: atelet.SecretReference + (*SecretKeySelector)(nil), // 18: atelet.SecretKeySelector + (*RunResponse)(nil), // 19: atelet.RunResponse + (*CheckpointRequest)(nil), // 20: atelet.CheckpointRequest + (*CheckpointResponse)(nil), // 21: atelet.CheckpointResponse + (*RestoreRequest)(nil), // 22: atelet.RestoreRequest + (*RestoreResponse)(nil), // 23: atelet.RestoreResponse } var file_atelet_proto_depIdxs = []int32{ 4, // 0: atelet.RunRequest.runsc:type_name -> atelet.RunscConfig @@ -1175,21 +1577,28 @@ var file_atelet_proto_depIdxs = []int32{ 9, // 10: atelet.EgressPolicy.deny:type_name -> atelet.EgressPolicyRule 10, // 11: atelet.EgressPolicyRule.to:type_name -> atelet.EgressPolicyDestination 11, // 12: atelet.EgressPolicyRule.ports:type_name -> atelet.EgressPort - 4, // 13: atelet.CheckpointRequest.runsc:type_name -> atelet.RunscConfig - 5, // 14: atelet.CheckpointRequest.spec:type_name -> atelet.WorkloadSpec - 4, // 15: atelet.RestoreRequest.runsc:type_name -> atelet.RunscConfig - 5, // 16: atelet.RestoreRequest.spec:type_name -> atelet.WorkloadSpec - 0, // 17: atelet.AteomHerder.Run:input_type -> atelet.RunRequest - 13, // 18: atelet.AteomHerder.Checkpoint:input_type -> atelet.CheckpointRequest - 15, // 19: atelet.AteomHerder.Restore:input_type -> atelet.RestoreRequest - 12, // 20: atelet.AteomHerder.Run:output_type -> atelet.RunResponse - 14, // 21: atelet.AteomHerder.Checkpoint:output_type -> atelet.CheckpointResponse - 16, // 22: atelet.AteomHerder.Restore:output_type -> atelet.RestoreResponse - 20, // [20:23] is the sub-list for method output_type - 17, // [17:20] is the sub-list for method input_type - 17, // [17:17] is the sub-list for extension type_name - 17, // [17:17] is the sub-list for extension extendee - 0, // [0:17] is the sub-list for field type_name + 12, // 13: atelet.EgressPolicyRule.tls:type_name -> atelet.EgressTLSPolicy + 14, // 14: atelet.EgressPolicyRule.credentials:type_name -> atelet.EgressCredentialPolicy + 13, // 15: atelet.EgressTLSPolicy.intercept:type_name -> atelet.EgressTLSInterceptPolicy + 17, // 16: atelet.EgressTLSInterceptPolicy.issuer_secret_ref:type_name -> atelet.SecretReference + 15, // 17: atelet.EgressCredentialPolicy.inject:type_name -> atelet.EgressCredentialInjection + 16, // 18: atelet.EgressCredentialInjection.value_from:type_name -> atelet.EgressCredentialValueFrom + 18, // 19: atelet.EgressCredentialValueFrom.secret_key_ref:type_name -> atelet.SecretKeySelector + 4, // 20: atelet.CheckpointRequest.runsc:type_name -> atelet.RunscConfig + 5, // 21: atelet.CheckpointRequest.spec:type_name -> atelet.WorkloadSpec + 4, // 22: atelet.RestoreRequest.runsc:type_name -> atelet.RunscConfig + 5, // 23: atelet.RestoreRequest.spec:type_name -> atelet.WorkloadSpec + 0, // 24: atelet.AteomHerder.Run:input_type -> atelet.RunRequest + 20, // 25: atelet.AteomHerder.Checkpoint:input_type -> atelet.CheckpointRequest + 22, // 26: atelet.AteomHerder.Restore:input_type -> atelet.RestoreRequest + 19, // 27: atelet.AteomHerder.Run:output_type -> atelet.RunResponse + 21, // 28: atelet.AteomHerder.Checkpoint:output_type -> atelet.CheckpointResponse + 23, // 29: atelet.AteomHerder.Restore:output_type -> atelet.RestoreResponse + 27, // [27:30] is the sub-list for method output_type + 24, // [24:27] is the sub-list for method input_type + 24, // [24:24] is the sub-list for extension type_name + 24, // [24:24] is the sub-list for extension extendee + 0, // [0:24] is the sub-list for field type_name } func init() { file_atelet_proto_init() } @@ -1203,7 +1612,7 @@ func file_atelet_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_atelet_proto_rawDesc), len(file_atelet_proto_rawDesc)), NumEnums: 0, - NumMessages: 17, + NumMessages: 24, NumExtensions: 0, NumServices: 1, }, diff --git a/internal/proto/ateletpb/atelet.proto b/internal/proto/ateletpb/atelet.proto index f6b38b6a..71f9ef45 100644 --- a/internal/proto/ateletpb/atelet.proto +++ b/internal/proto/ateletpb/atelet.proto @@ -98,6 +98,8 @@ message EgressPolicy { message EgressPolicyRule { repeated EgressPolicyDestination to = 1; repeated EgressPort ports = 2; + EgressTLSPolicy tls = 3; + EgressCredentialPolicy credentials = 4; } message EgressPolicyDestination { @@ -110,6 +112,40 @@ message EgressPort { string protocol = 2; } +message EgressTLSPolicy { + string mode = 1; + bool required = 2; + EgressTLSInterceptPolicy intercept = 3; +} + +message EgressTLSInterceptPolicy { + SecretReference issuer_secret_ref = 1; + bool validate_upstream = 2; +} + +message EgressCredentialPolicy { + repeated EgressCredentialInjection inject = 1; +} + +message EgressCredentialInjection { + string header = 1; + EgressCredentialValueFrom value_from = 2; +} + +message EgressCredentialValueFrom { + SecretKeySelector secret_key_ref = 1; +} + +message SecretReference { + string name = 1; + string namespace = 2; +} + +message SecretKeySelector { + string name = 1; + string key = 2; +} + message RunResponse { } diff --git a/internal/proto/ateompb/ateom.pb.go b/internal/proto/ateompb/ateom.pb.go index 1e683a98..65c2c348 100644 --- a/internal/proto/ateompb/ateom.pb.go +++ b/internal/proto/ateompb/ateom.pb.go @@ -272,6 +272,8 @@ type EgressPolicyRule struct { state protoimpl.MessageState `protogen:"open.v1"` To []*EgressPolicyDestination `protobuf:"bytes,1,rep,name=to,proto3" json:"to,omitempty"` Ports []*EgressPort `protobuf:"bytes,2,rep,name=ports,proto3" json:"ports,omitempty"` + Tls *EgressTLSPolicy `protobuf:"bytes,3,opt,name=tls,proto3" json:"tls,omitempty"` + Credentials *EgressCredentialPolicy `protobuf:"bytes,4,opt,name=credentials,proto3" json:"credentials,omitempty"` unknownFields protoimpl.UnknownFields sizeCache protoimpl.SizeCache } @@ -320,6 +322,20 @@ func (x *EgressPolicyRule) GetPorts() []*EgressPort { return nil } +func (x *EgressPolicyRule) GetTls() *EgressTLSPolicy { + if x != nil { + return x.Tls + } + return nil +} + +func (x *EgressPolicyRule) GetCredentials() *EgressCredentialPolicy { + if x != nil { + return x.Credentials + } + return nil +} + type EgressPolicyDestination struct { state protoimpl.MessageState `protogen:"open.v1"` Host string `protobuf:"bytes,1,opt,name=host,proto3" json:"host,omitempty"` @@ -424,6 +440,362 @@ func (x *EgressPort) GetProtocol() string { return "" } +type EgressTLSPolicy struct { + state protoimpl.MessageState `protogen:"open.v1"` + Mode string `protobuf:"bytes,1,opt,name=mode,proto3" json:"mode,omitempty"` + Required bool `protobuf:"varint,2,opt,name=required,proto3" json:"required,omitempty"` + Intercept *EgressTLSInterceptPolicy `protobuf:"bytes,3,opt,name=intercept,proto3" json:"intercept,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressTLSPolicy) Reset() { + *x = EgressTLSPolicy{} + mi := &file_ateom_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressTLSPolicy) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressTLSPolicy) ProtoMessage() {} + +func (x *EgressTLSPolicy) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[7] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressTLSPolicy.ProtoReflect.Descriptor instead. +func (*EgressTLSPolicy) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{7} +} + +func (x *EgressTLSPolicy) GetMode() string { + if x != nil { + return x.Mode + } + return "" +} + +func (x *EgressTLSPolicy) GetRequired() bool { + if x != nil { + return x.Required + } + return false +} + +func (x *EgressTLSPolicy) GetIntercept() *EgressTLSInterceptPolicy { + if x != nil { + return x.Intercept + } + return nil +} + +type EgressTLSInterceptPolicy struct { + state protoimpl.MessageState `protogen:"open.v1"` + IssuerSecretRef *SecretReference `protobuf:"bytes,1,opt,name=issuer_secret_ref,json=issuerSecretRef,proto3" json:"issuer_secret_ref,omitempty"` + ValidateUpstream bool `protobuf:"varint,2,opt,name=validate_upstream,json=validateUpstream,proto3" json:"validate_upstream,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressTLSInterceptPolicy) Reset() { + *x = EgressTLSInterceptPolicy{} + mi := &file_ateom_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressTLSInterceptPolicy) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressTLSInterceptPolicy) ProtoMessage() {} + +func (x *EgressTLSInterceptPolicy) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[8] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressTLSInterceptPolicy.ProtoReflect.Descriptor instead. +func (*EgressTLSInterceptPolicy) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{8} +} + +func (x *EgressTLSInterceptPolicy) GetIssuerSecretRef() *SecretReference { + if x != nil { + return x.IssuerSecretRef + } + return nil +} + +func (x *EgressTLSInterceptPolicy) GetValidateUpstream() bool { + if x != nil { + return x.ValidateUpstream + } + return false +} + +type EgressCredentialPolicy struct { + state protoimpl.MessageState `protogen:"open.v1"` + Inject []*EgressCredentialInjection `protobuf:"bytes,1,rep,name=inject,proto3" json:"inject,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressCredentialPolicy) Reset() { + *x = EgressCredentialPolicy{} + mi := &file_ateom_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressCredentialPolicy) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressCredentialPolicy) ProtoMessage() {} + +func (x *EgressCredentialPolicy) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[9] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressCredentialPolicy.ProtoReflect.Descriptor instead. +func (*EgressCredentialPolicy) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{9} +} + +func (x *EgressCredentialPolicy) GetInject() []*EgressCredentialInjection { + if x != nil { + return x.Inject + } + return nil +} + +type EgressCredentialInjection struct { + state protoimpl.MessageState `protogen:"open.v1"` + Header string `protobuf:"bytes,1,opt,name=header,proto3" json:"header,omitempty"` + ValueFrom *EgressCredentialValueFrom `protobuf:"bytes,2,opt,name=value_from,json=valueFrom,proto3" json:"value_from,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressCredentialInjection) Reset() { + *x = EgressCredentialInjection{} + mi := &file_ateom_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressCredentialInjection) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressCredentialInjection) ProtoMessage() {} + +func (x *EgressCredentialInjection) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[10] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressCredentialInjection.ProtoReflect.Descriptor instead. +func (*EgressCredentialInjection) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{10} +} + +func (x *EgressCredentialInjection) GetHeader() string { + if x != nil { + return x.Header + } + return "" +} + +func (x *EgressCredentialInjection) GetValueFrom() *EgressCredentialValueFrom { + if x != nil { + return x.ValueFrom + } + return nil +} + +type EgressCredentialValueFrom struct { + state protoimpl.MessageState `protogen:"open.v1"` + SecretKeyRef *SecretKeySelector `protobuf:"bytes,1,opt,name=secret_key_ref,json=secretKeyRef,proto3" json:"secret_key_ref,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *EgressCredentialValueFrom) Reset() { + *x = EgressCredentialValueFrom{} + mi := &file_ateom_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *EgressCredentialValueFrom) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*EgressCredentialValueFrom) ProtoMessage() {} + +func (x *EgressCredentialValueFrom) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[11] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use EgressCredentialValueFrom.ProtoReflect.Descriptor instead. +func (*EgressCredentialValueFrom) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{11} +} + +func (x *EgressCredentialValueFrom) GetSecretKeyRef() *SecretKeySelector { + if x != nil { + return x.SecretKeyRef + } + return nil +} + +type SecretReference struct { + state protoimpl.MessageState `protogen:"open.v1"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Namespace string `protobuf:"bytes,2,opt,name=namespace,proto3" json:"namespace,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *SecretReference) Reset() { + *x = SecretReference{} + mi := &file_ateom_proto_msgTypes[12] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *SecretReference) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SecretReference) ProtoMessage() {} + +func (x *SecretReference) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[12] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SecretReference.ProtoReflect.Descriptor instead. +func (*SecretReference) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{12} +} + +func (x *SecretReference) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *SecretReference) GetNamespace() string { + if x != nil { + return x.Namespace + } + return "" +} + +type SecretKeySelector struct { + state protoimpl.MessageState `protogen:"open.v1"` + Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"` + Key string `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty"` + unknownFields protoimpl.UnknownFields + sizeCache protoimpl.SizeCache +} + +func (x *SecretKeySelector) Reset() { + *x = SecretKeySelector{} + mi := &file_ateom_proto_msgTypes[13] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) +} + +func (x *SecretKeySelector) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*SecretKeySelector) ProtoMessage() {} + +func (x *SecretKeySelector) ProtoReflect() protoreflect.Message { + mi := &file_ateom_proto_msgTypes[13] + if x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use SecretKeySelector.ProtoReflect.Descriptor instead. +func (*SecretKeySelector) Descriptor() ([]byte, []int) { + return file_ateom_proto_rawDescGZIP(), []int{13} +} + +func (x *SecretKeySelector) GetName() string { + if x != nil { + return x.Name + } + return "" +} + +func (x *SecretKeySelector) GetKey() string { + if x != nil { + return x.Key + } + return "" +} + type RunWorkloadResponse struct { state protoimpl.MessageState `protogen:"open.v1"` unknownFields protoimpl.UnknownFields @@ -432,7 +804,7 @@ type RunWorkloadResponse struct { func (x *RunWorkloadResponse) Reset() { *x = RunWorkloadResponse{} - mi := &file_ateom_proto_msgTypes[7] + mi := &file_ateom_proto_msgTypes[14] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -444,7 +816,7 @@ func (x *RunWorkloadResponse) String() string { func (*RunWorkloadResponse) ProtoMessage() {} func (x *RunWorkloadResponse) ProtoReflect() protoreflect.Message { - mi := &file_ateom_proto_msgTypes[7] + mi := &file_ateom_proto_msgTypes[14] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -457,7 +829,7 @@ func (x *RunWorkloadResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RunWorkloadResponse.ProtoReflect.Descriptor instead. func (*RunWorkloadResponse) Descriptor() ([]byte, []int) { - return file_ateom_proto_rawDescGZIP(), []int{7} + return file_ateom_proto_rawDescGZIP(), []int{14} } type CheckpointWorkloadRequest struct { @@ -482,7 +854,7 @@ type CheckpointWorkloadRequest struct { func (x *CheckpointWorkloadRequest) Reset() { *x = CheckpointWorkloadRequest{} - mi := &file_ateom_proto_msgTypes[8] + mi := &file_ateom_proto_msgTypes[15] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -494,7 +866,7 @@ func (x *CheckpointWorkloadRequest) String() string { func (*CheckpointWorkloadRequest) ProtoMessage() {} func (x *CheckpointWorkloadRequest) ProtoReflect() protoreflect.Message { - mi := &file_ateom_proto_msgTypes[8] + mi := &file_ateom_proto_msgTypes[15] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -507,7 +879,7 @@ func (x *CheckpointWorkloadRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use CheckpointWorkloadRequest.ProtoReflect.Descriptor instead. func (*CheckpointWorkloadRequest) Descriptor() ([]byte, []int) { - return file_ateom_proto_rawDescGZIP(), []int{8} + return file_ateom_proto_rawDescGZIP(), []int{15} } func (x *CheckpointWorkloadRequest) GetActorTemplateNamespace() string { @@ -560,7 +932,7 @@ type CheckpointWorkloadResponse struct { func (x *CheckpointWorkloadResponse) Reset() { *x = CheckpointWorkloadResponse{} - mi := &file_ateom_proto_msgTypes[9] + mi := &file_ateom_proto_msgTypes[16] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -572,7 +944,7 @@ func (x *CheckpointWorkloadResponse) String() string { func (*CheckpointWorkloadResponse) ProtoMessage() {} func (x *CheckpointWorkloadResponse) ProtoReflect() protoreflect.Message { - mi := &file_ateom_proto_msgTypes[9] + mi := &file_ateom_proto_msgTypes[16] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -585,7 +957,7 @@ func (x *CheckpointWorkloadResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use CheckpointWorkloadResponse.ProtoReflect.Descriptor instead. func (*CheckpointWorkloadResponse) Descriptor() ([]byte, []int) { - return file_ateom_proto_rawDescGZIP(), []int{9} + return file_ateom_proto_rawDescGZIP(), []int{16} } type RestoreWorkloadRequest struct { @@ -603,7 +975,7 @@ type RestoreWorkloadRequest struct { func (x *RestoreWorkloadRequest) Reset() { *x = RestoreWorkloadRequest{} - mi := &file_ateom_proto_msgTypes[10] + mi := &file_ateom_proto_msgTypes[17] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -615,7 +987,7 @@ func (x *RestoreWorkloadRequest) String() string { func (*RestoreWorkloadRequest) ProtoMessage() {} func (x *RestoreWorkloadRequest) ProtoReflect() protoreflect.Message { - mi := &file_ateom_proto_msgTypes[10] + mi := &file_ateom_proto_msgTypes[17] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -628,7 +1000,7 @@ func (x *RestoreWorkloadRequest) ProtoReflect() protoreflect.Message { // Deprecated: Use RestoreWorkloadRequest.ProtoReflect.Descriptor instead. func (*RestoreWorkloadRequest) Descriptor() ([]byte, []int) { - return file_ateom_proto_rawDescGZIP(), []int{10} + return file_ateom_proto_rawDescGZIP(), []int{17} } func (x *RestoreWorkloadRequest) GetActorTemplateNamespace() string { @@ -681,7 +1053,7 @@ type RestoreWorkloadResponse struct { func (x *RestoreWorkloadResponse) Reset() { *x = RestoreWorkloadResponse{} - mi := &file_ateom_proto_msgTypes[11] + mi := &file_ateom_proto_msgTypes[18] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -693,7 +1065,7 @@ func (x *RestoreWorkloadResponse) String() string { func (*RestoreWorkloadResponse) ProtoMessage() {} func (x *RestoreWorkloadResponse) ProtoReflect() protoreflect.Message { - mi := &file_ateom_proto_msgTypes[11] + mi := &file_ateom_proto_msgTypes[18] if x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -706,7 +1078,7 @@ func (x *RestoreWorkloadResponse) ProtoReflect() protoreflect.Message { // Deprecated: Use RestoreWorkloadResponse.ProtoReflect.Descriptor instead. func (*RestoreWorkloadResponse) Descriptor() ([]byte, []int) { - return file_ateom_proto_rawDescGZIP(), []int{11} + return file_ateom_proto_rawDescGZIP(), []int{18} } var File_ateom_proto protoreflect.FileDescriptor @@ -731,17 +1103,40 @@ const file_ateom_proto_rawDesc = "" + "\fEgressPolicy\x12%\n" + "\x0edefault_action\x18\x01 \x01(\tR\rdefaultAction\x12-\n" + "\x05allow\x18\x02 \x03(\v2\x17.ateom.EgressPolicyRuleR\x05allow\x12+\n" + - "\x04deny\x18\x03 \x03(\v2\x17.ateom.EgressPolicyRuleR\x04deny\"k\n" + + "\x04deny\x18\x03 \x03(\v2\x17.ateom.EgressPolicyRuleR\x04deny\"\xd6\x01\n" + "\x10EgressPolicyRule\x12.\n" + "\x02to\x18\x01 \x03(\v2\x1e.ateom.EgressPolicyDestinationR\x02to\x12'\n" + - "\x05ports\x18\x02 \x03(\v2\x11.ateom.EgressPortR\x05ports\"A\n" + + "\x05ports\x18\x02 \x03(\v2\x11.ateom.EgressPortR\x05ports\x12(\n" + + "\x03tls\x18\x03 \x01(\v2\x16.ateom.EgressTLSPolicyR\x03tls\x12?\n" + + "\vcredentials\x18\x04 \x01(\v2\x1d.ateom.EgressCredentialPolicyR\vcredentials\"A\n" + "\x17EgressPolicyDestination\x12\x12\n" + "\x04host\x18\x01 \x01(\tR\x04host\x12\x12\n" + "\x04cidr\x18\x02 \x01(\tR\x04cidr\"<\n" + "\n" + "EgressPort\x12\x12\n" + "\x04port\x18\x01 \x01(\rR\x04port\x12\x1a\n" + - "\bprotocol\x18\x02 \x01(\tR\bprotocol\"\x15\n" + + "\bprotocol\x18\x02 \x01(\tR\bprotocol\"\x80\x01\n" + + "\x0fEgressTLSPolicy\x12\x12\n" + + "\x04mode\x18\x01 \x01(\tR\x04mode\x12\x1a\n" + + "\brequired\x18\x02 \x01(\bR\brequired\x12=\n" + + "\tintercept\x18\x03 \x01(\v2\x1f.ateom.EgressTLSInterceptPolicyR\tintercept\"\x8b\x01\n" + + "\x18EgressTLSInterceptPolicy\x12B\n" + + "\x11issuer_secret_ref\x18\x01 \x01(\v2\x16.ateom.SecretReferenceR\x0fissuerSecretRef\x12+\n" + + "\x11validate_upstream\x18\x02 \x01(\bR\x10validateUpstream\"R\n" + + "\x16EgressCredentialPolicy\x128\n" + + "\x06inject\x18\x01 \x03(\v2 .ateom.EgressCredentialInjectionR\x06inject\"t\n" + + "\x19EgressCredentialInjection\x12\x16\n" + + "\x06header\x18\x01 \x01(\tR\x06header\x12?\n" + + "\n" + + "value_from\x18\x02 \x01(\v2 .ateom.EgressCredentialValueFromR\tvalueFrom\"[\n" + + "\x19EgressCredentialValueFrom\x12>\n" + + "\x0esecret_key_ref\x18\x01 \x01(\v2\x18.ateom.SecretKeySelectorR\fsecretKeyRef\"C\n" + + "\x0fSecretReference\x12\x12\n" + + "\x04name\x18\x01 \x01(\tR\x04name\x12\x1c\n" + + "\tnamespace\x18\x02 \x01(\tR\tnamespace\"9\n" + + "\x11SecretKeySelector\x12\x12\n" + + "\x04name\x18\x01 \x01(\tR\x04name\x12\x10\n" + + "\x03key\x18\x02 \x01(\tR\x03key\"\x15\n" + "\x13RunWorkloadResponse\"\x98\x02\n" + "\x19CheckpointWorkloadRequest\x128\n" + "\x18actor_template_namespace\x18\x01 \x01(\tR\x16actorTemplateNamespace\x12.\n" + @@ -778,7 +1173,7 @@ func file_ateom_proto_rawDescGZIP() []byte { return file_ateom_proto_rawDescData } -var file_ateom_proto_msgTypes = make([]protoimpl.MessageInfo, 12) +var file_ateom_proto_msgTypes = make([]protoimpl.MessageInfo, 19) var file_ateom_proto_goTypes = []any{ (*RunWorkloadRequest)(nil), // 0: ateom.RunWorkloadRequest (*WorkloadSpec)(nil), // 1: ateom.WorkloadSpec @@ -787,11 +1182,18 @@ var file_ateom_proto_goTypes = []any{ (*EgressPolicyRule)(nil), // 4: ateom.EgressPolicyRule (*EgressPolicyDestination)(nil), // 5: ateom.EgressPolicyDestination (*EgressPort)(nil), // 6: ateom.EgressPort - (*RunWorkloadResponse)(nil), // 7: ateom.RunWorkloadResponse - (*CheckpointWorkloadRequest)(nil), // 8: ateom.CheckpointWorkloadRequest - (*CheckpointWorkloadResponse)(nil), // 9: ateom.CheckpointWorkloadResponse - (*RestoreWorkloadRequest)(nil), // 10: ateom.RestoreWorkloadRequest - (*RestoreWorkloadResponse)(nil), // 11: ateom.RestoreWorkloadResponse + (*EgressTLSPolicy)(nil), // 7: ateom.EgressTLSPolicy + (*EgressTLSInterceptPolicy)(nil), // 8: ateom.EgressTLSInterceptPolicy + (*EgressCredentialPolicy)(nil), // 9: ateom.EgressCredentialPolicy + (*EgressCredentialInjection)(nil), // 10: ateom.EgressCredentialInjection + (*EgressCredentialValueFrom)(nil), // 11: ateom.EgressCredentialValueFrom + (*SecretReference)(nil), // 12: ateom.SecretReference + (*SecretKeySelector)(nil), // 13: ateom.SecretKeySelector + (*RunWorkloadResponse)(nil), // 14: ateom.RunWorkloadResponse + (*CheckpointWorkloadRequest)(nil), // 15: ateom.CheckpointWorkloadRequest + (*CheckpointWorkloadResponse)(nil), // 16: ateom.CheckpointWorkloadResponse + (*RestoreWorkloadRequest)(nil), // 17: ateom.RestoreWorkloadRequest + (*RestoreWorkloadResponse)(nil), // 18: ateom.RestoreWorkloadResponse } var file_ateom_proto_depIdxs = []int32{ 1, // 0: ateom.RunWorkloadRequest.spec:type_name -> ateom.WorkloadSpec @@ -801,19 +1203,26 @@ var file_ateom_proto_depIdxs = []int32{ 4, // 4: ateom.EgressPolicy.deny:type_name -> ateom.EgressPolicyRule 5, // 5: ateom.EgressPolicyRule.to:type_name -> ateom.EgressPolicyDestination 6, // 6: ateom.EgressPolicyRule.ports:type_name -> ateom.EgressPort - 1, // 7: ateom.CheckpointWorkloadRequest.spec:type_name -> ateom.WorkloadSpec - 1, // 8: ateom.RestoreWorkloadRequest.spec:type_name -> ateom.WorkloadSpec - 0, // 9: ateom.Ateom.RunWorkload:input_type -> ateom.RunWorkloadRequest - 8, // 10: ateom.Ateom.CheckpointWorkload:input_type -> ateom.CheckpointWorkloadRequest - 10, // 11: ateom.Ateom.RestoreWorkload:input_type -> ateom.RestoreWorkloadRequest - 7, // 12: ateom.Ateom.RunWorkload:output_type -> ateom.RunWorkloadResponse - 9, // 13: ateom.Ateom.CheckpointWorkload:output_type -> ateom.CheckpointWorkloadResponse - 11, // 14: ateom.Ateom.RestoreWorkload:output_type -> ateom.RestoreWorkloadResponse - 12, // [12:15] is the sub-list for method output_type - 9, // [9:12] is the sub-list for method input_type - 9, // [9:9] is the sub-list for extension type_name - 9, // [9:9] is the sub-list for extension extendee - 0, // [0:9] is the sub-list for field type_name + 7, // 7: ateom.EgressPolicyRule.tls:type_name -> ateom.EgressTLSPolicy + 9, // 8: ateom.EgressPolicyRule.credentials:type_name -> ateom.EgressCredentialPolicy + 8, // 9: ateom.EgressTLSPolicy.intercept:type_name -> ateom.EgressTLSInterceptPolicy + 12, // 10: ateom.EgressTLSInterceptPolicy.issuer_secret_ref:type_name -> ateom.SecretReference + 10, // 11: ateom.EgressCredentialPolicy.inject:type_name -> ateom.EgressCredentialInjection + 11, // 12: ateom.EgressCredentialInjection.value_from:type_name -> ateom.EgressCredentialValueFrom + 13, // 13: ateom.EgressCredentialValueFrom.secret_key_ref:type_name -> ateom.SecretKeySelector + 1, // 14: ateom.CheckpointWorkloadRequest.spec:type_name -> ateom.WorkloadSpec + 1, // 15: ateom.RestoreWorkloadRequest.spec:type_name -> ateom.WorkloadSpec + 0, // 16: ateom.Ateom.RunWorkload:input_type -> ateom.RunWorkloadRequest + 15, // 17: ateom.Ateom.CheckpointWorkload:input_type -> ateom.CheckpointWorkloadRequest + 17, // 18: ateom.Ateom.RestoreWorkload:input_type -> ateom.RestoreWorkloadRequest + 14, // 19: ateom.Ateom.RunWorkload:output_type -> ateom.RunWorkloadResponse + 16, // 20: ateom.Ateom.CheckpointWorkload:output_type -> ateom.CheckpointWorkloadResponse + 18, // 21: ateom.Ateom.RestoreWorkload:output_type -> ateom.RestoreWorkloadResponse + 19, // [19:22] is the sub-list for method output_type + 16, // [16:19] is the sub-list for method input_type + 16, // [16:16] is the sub-list for extension type_name + 16, // [16:16] is the sub-list for extension extendee + 0, // [0:16] is the sub-list for field type_name } func init() { file_ateom_proto_init() } @@ -827,7 +1236,7 @@ func file_ateom_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: unsafe.Slice(unsafe.StringData(file_ateom_proto_rawDesc), len(file_ateom_proto_rawDesc)), NumEnums: 0, - NumMessages: 12, + NumMessages: 19, NumExtensions: 0, NumServices: 1, }, diff --git a/internal/proto/ateompb/ateom.proto b/internal/proto/ateompb/ateom.proto index 6dbdcaa8..d4c3ba78 100644 --- a/internal/proto/ateompb/ateom.proto +++ b/internal/proto/ateompb/ateom.proto @@ -76,6 +76,8 @@ message EgressPolicy { message EgressPolicyRule { repeated EgressPolicyDestination to = 1; repeated EgressPort ports = 2; + EgressTLSPolicy tls = 3; + EgressCredentialPolicy credentials = 4; } message EgressPolicyDestination { @@ -88,6 +90,40 @@ message EgressPort { string protocol = 2; } +message EgressTLSPolicy { + string mode = 1; + bool required = 2; + EgressTLSInterceptPolicy intercept = 3; +} + +message EgressTLSInterceptPolicy { + SecretReference issuer_secret_ref = 1; + bool validate_upstream = 2; +} + +message EgressCredentialPolicy { + repeated EgressCredentialInjection inject = 1; +} + +message EgressCredentialInjection { + string header = 1; + EgressCredentialValueFrom value_from = 2; +} + +message EgressCredentialValueFrom { + SecretKeySelector secret_key_ref = 1; +} + +message SecretReference { + string name = 1; + string namespace = 2; +} + +message SecretKeySelector { + string name = 1; + string key = 2; +} + message RunWorkloadResponse { } diff --git a/manifests/ate-install/generated/ate.dev_actortemplates.yaml b/manifests/ate-install/generated/ate.dev_actortemplates.yaml index f8547e65..22e52adc 100644 --- a/manifests/ate-install/generated/ate.dev_actortemplates.yaml +++ b/manifests/ate-install/generated/ate.dev_actortemplates.yaml @@ -288,6 +288,59 @@ spec: this template may reach. items: properties: + credentials: + description: |- + Credentials configures explicit egress gateway credential injection for + matching outbound requests. + properties: + inject: + description: |- + Inject configures credentials that the egress gateway injects into + matching outbound requests. Values are referenced from Kubernetes Secrets; + the policy does not contain credential material. + items: + properties: + header: + description: Header is the outbound HTTP header + name to set. + type: string + valueFrom: + description: ValueFrom selects the source of the + injected credential value. + properties: + secretKeyRef: + description: SecretKeyRef selects a key in + a Kubernetes Secret. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - header + - valueFrom + type: object + type: array + type: object headers: description: Headers defines logging and trace handling for headers on matching traffic. @@ -371,12 +424,40 @@ spec: description: TLS defines transport security requirements for this destination. properties: + intercept: + description: |- + Intercept configures explicit TLS interception for matching egress traffic. + This requires an L7 egress gateway; network-layer enforcement cannot + perform TLS interception. + properties: + issuerSecretRef: + description: |- + IssuerSecretRef references the CA material used by the egress gateway to + issue certificates for intercepted TLS traffic. + properties: + name: + description: name is unique within a namespace + to reference a secret resource. + type: string + namespace: + description: namespace defines the space within + which the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + validateUpstream: + description: |- + ValidateUpstream controls whether the egress gateway validates the + upstream service certificate before proxying intercepted traffic. + type: boolean + type: object mode: description: Mode controls how TLS is handled for matching egress traffic. enum: - Require - Originate + - Intercept - Disable type: string required: @@ -437,6 +518,59 @@ spec: this template may not reach. items: properties: + credentials: + description: |- + Credentials configures explicit egress gateway credential injection for + matching outbound requests. + properties: + inject: + description: |- + Inject configures credentials that the egress gateway injects into + matching outbound requests. Values are referenced from Kubernetes Secrets; + the policy does not contain credential material. + items: + properties: + header: + description: Header is the outbound HTTP header + name to set. + type: string + valueFrom: + description: ValueFrom selects the source of the + injected credential value. + properties: + secretKeyRef: + description: SecretKeyRef selects a key in + a Kubernetes Secret. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + default: "" + description: |- + Name of the referent. + This field is effectively required, but due to backwards compatibility is + allowed to be empty. Instances of this type with an empty value here are + almost certainly wrong. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - header + - valueFrom + type: object + type: array + type: object headers: description: Headers defines logging and trace handling for headers on matching traffic. @@ -520,12 +654,40 @@ spec: description: TLS defines transport security requirements for this destination. properties: + intercept: + description: |- + Intercept configures explicit TLS interception for matching egress traffic. + This requires an L7 egress gateway; network-layer enforcement cannot + perform TLS interception. + properties: + issuerSecretRef: + description: |- + IssuerSecretRef references the CA material used by the egress gateway to + issue certificates for intercepted TLS traffic. + properties: + name: + description: name is unique within a namespace + to reference a secret resource. + type: string + namespace: + description: namespace defines the space within + which the secret name must be unique. + type: string + type: object + x-kubernetes-map-type: atomic + validateUpstream: + description: |- + ValidateUpstream controls whether the egress gateway validates the + upstream service certificate before proxying intercepted traffic. + type: boolean + type: object mode: description: Mode controls how TLS is handled for matching egress traffic. enum: - Require - Originate + - Intercept - Disable type: string required: diff --git a/pkg/api/v1alpha1/actortemplate_types.go b/pkg/api/v1alpha1/actortemplate_types.go index 321dff30..d3538de5 100644 --- a/pkg/api/v1alpha1/actortemplate_types.go +++ b/pkg/api/v1alpha1/actortemplate_types.go @@ -71,6 +71,7 @@ type EgressTLSMode string const ( EgressTLSModeRequire EgressTLSMode = "Require" EgressTLSModeOriginate EgressTLSMode = "Originate" + EgressTLSModeIntercept EgressTLSMode = "Intercept" EgressTLSModeDisable EgressTLSMode = "Disable" ) @@ -84,13 +85,31 @@ const ( type EgressTLSPolicy struct { // Mode controls how TLS is handled for matching egress traffic. // - // +kubebuilder:validation:Enum=Require;Originate;Disable + // +kubebuilder:validation:Enum=Require;Originate;Intercept;Disable // +optional Mode EgressTLSMode `json:"mode,omitempty"` // Required controls whether matching egress traffic must use TLS. // +optional Required bool `json:"required,omitempty"` + + // Intercept configures explicit TLS interception for matching egress traffic. + // This requires an L7 egress gateway; network-layer enforcement cannot + // perform TLS interception. + // +optional + Intercept *EgressTLSInterceptPolicy `json:"intercept,omitempty"` +} + +type EgressTLSInterceptPolicy struct { + // IssuerSecretRef references the CA material used by the egress gateway to + // issue certificates for intercepted TLS traffic. + // +optional + IssuerSecretRef *corev1.SecretReference `json:"issuerSecretRef,omitempty"` + + // ValidateUpstream controls whether the egress gateway validates the + // upstream service certificate before proxying intercepted traffic. + // +optional + ValidateUpstream bool `json:"validateUpstream,omitempty"` } type EgressIPBlock struct { @@ -146,6 +165,30 @@ type EgressHeaderPolicy struct { Redact []string `json:"redact,omitempty"` } +type EgressCredentialPolicy struct { + // Inject configures credentials that the egress gateway injects into + // matching outbound requests. Values are referenced from Kubernetes Secrets; + // the policy does not contain credential material. + // +optional + Inject []EgressCredentialInjection `json:"inject,omitempty"` +} + +type EgressCredentialInjection struct { + // Header is the outbound HTTP header name to set. + // +required + Header string `json:"header"` + + // ValueFrom selects the source of the injected credential value. + // +required + ValueFrom EgressCredentialValueFrom `json:"valueFrom"` +} + +type EgressCredentialValueFrom struct { + // SecretKeyRef selects a key in a Kubernetes Secret. + // +optional + SecretKeyRef *corev1.SecretKeySelector `json:"secretKeyRef,omitempty"` +} + type EgressPolicyRule struct { // Name is an optional human-readable identifier for this rule. // +optional @@ -179,6 +222,11 @@ type EgressPolicyRule struct { // Headers defines logging and trace handling for headers on matching traffic. // +optional Headers *EgressHeaderPolicy `json:"headers,omitempty"` + + // Credentials configures explicit egress gateway credential injection for + // matching outbound requests. + // +optional + Credentials *EgressCredentialPolicy `json:"credentials,omitempty"` } type EgressAuditPolicy struct { diff --git a/pkg/api/v1alpha1/zz_generated.deepcopy.go b/pkg/api/v1alpha1/zz_generated.deepcopy.go index ba4556ce..714316fe 100644 --- a/pkg/api/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/api/v1alpha1/zz_generated.deepcopy.go @@ -208,6 +208,64 @@ func (in *EgressAuditPolicy) DeepCopy() *EgressAuditPolicy { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressCredentialInjection) DeepCopyInto(out *EgressCredentialInjection) { + *out = *in + in.ValueFrom.DeepCopyInto(&out.ValueFrom) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressCredentialInjection. +func (in *EgressCredentialInjection) DeepCopy() *EgressCredentialInjection { + if in == nil { + return nil + } + out := new(EgressCredentialInjection) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressCredentialPolicy) DeepCopyInto(out *EgressCredentialPolicy) { + *out = *in + if in.Inject != nil { + in, out := &in.Inject, &out.Inject + *out = make([]EgressCredentialInjection, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressCredentialPolicy. +func (in *EgressCredentialPolicy) DeepCopy() *EgressCredentialPolicy { + if in == nil { + return nil + } + out := new(EgressCredentialPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressCredentialValueFrom) DeepCopyInto(out *EgressCredentialValueFrom) { + *out = *in + if in.SecretKeyRef != nil { + in, out := &in.SecretKeyRef, &out.SecretKeyRef + *out = new(v1.SecretKeySelector) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressCredentialValueFrom. +func (in *EgressCredentialValueFrom) DeepCopy() *EgressCredentialValueFrom { + if in == nil { + return nil + } + out := new(EgressCredentialValueFrom) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *EgressHeaderPolicy) DeepCopyInto(out *EgressHeaderPolicy) { *out = *in @@ -325,7 +383,7 @@ func (in *EgressPolicyRule) DeepCopyInto(out *EgressPolicyRule) { if in.TLS != nil { in, out := &in.TLS, &out.TLS *out = new(EgressTLSPolicy) - **out = **in + (*in).DeepCopyInto(*out) } if in.RateLimit != nil { in, out := &in.RateLimit, &out.RateLimit @@ -339,6 +397,11 @@ func (in *EgressPolicyRule) DeepCopyInto(out *EgressPolicyRule) { *out = new(EgressHeaderPolicy) (*in).DeepCopyInto(*out) } + if in.Credentials != nil { + in, out := &in.Credentials, &out.Credentials + *out = new(EgressCredentialPolicy) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressPolicyRule. @@ -387,9 +450,34 @@ func (in *EgressRateLimit) DeepCopy() *EgressRateLimit { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *EgressTLSInterceptPolicy) DeepCopyInto(out *EgressTLSInterceptPolicy) { + *out = *in + if in.IssuerSecretRef != nil { + in, out := &in.IssuerSecretRef, &out.IssuerSecretRef + *out = new(v1.SecretReference) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressTLSInterceptPolicy. +func (in *EgressTLSInterceptPolicy) DeepCopy() *EgressTLSInterceptPolicy { + if in == nil { + return nil + } + out := new(EgressTLSInterceptPolicy) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *EgressTLSPolicy) DeepCopyInto(out *EgressTLSPolicy) { *out = *in + if in.Intercept != nil { + in, out := &in.Intercept, &out.Intercept + *out = new(EgressTLSInterceptPolicy) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EgressTLSPolicy.