BUG/MEDIUM: services: don't create frontend if corresponding default_backend is

not ready

Creating tcp frontend while default_backend is not available yet (for
example no matching service) will result in haproxy rejecting
configuration and aborting Controller transaction

Author: Mo3m3n

controller/handler-tcp.go

@@ -8,6 +8,7 @@ import (
 	"github.com/haproxytech/kubernetes-ingress/controller/haproxy/api"
 	ingressRoute "github.com/haproxytech/kubernetes-ingress/controller/ingress"
 	"github.com/haproxytech/kubernetes-ingress/controller/store"
+	"github.com/haproxytech/kubernetes-ingress/controller/utils"
 	"github.com/haproxytech/models/v2"
 )
 
@@ -18,12 +19,12 @@ func (t TCPHandler) Update(k store.K8s, cfg *Configuration, api api.HAProxyClien
 	if k.ConfigMaps[TCPServices] == nil {
 		return false, nil
 	}
-	for port, svc := range k.ConfigMaps[TCPServices].Annotations {
+	for port, tcpSvc := range k.ConfigMaps[TCPServices].Annotations {
 		// Get TCP service from ConfigMap
 		// parts[0]: Service Name
 		// parts[1]: Service Port
 		// parts[2]: SSL option
-		parts := strings.Split(svc.Value, ":")
+		parts := strings.Split(tcpSvc.Value, ":")
 		svcPort := parts[1]
 		var sslOption string
 		if len(parts) > 2 {
@@ -36,72 +37,30 @@ func (t TCPHandler) Update(k store.K8s, cfg *Configuration, api api.HAProxyClien
 		}
 		namespace := svcName[0]
 		service := svcName[1]
-
-		// Handle Frontend
-		var frontendName, backendName string
-		if svc.Status != EMPTY {
-			backendName = fmt.Sprintf("%s-%s-%s", svcName[0], svcName[1], svcPort)
-			frontendName = fmt.Sprintf("tcp-%s", port)
+		if _, ok := k.Namespaces[namespace]; !ok {
+			logger.Warningf("tcp-services: namespace of service '%s/%s' not found", namespace, service)
+			continue
+		}
+		svc, ok := k.Namespaces[namespace].Services[service]
+		if !ok {
+			logger.Warningf("tcp-services: service '%s/%s' not found", namespace, service)
+			continue
 		}
-		switch svc.Status {
-		case DELETED:
+		// Delete Frontend
+		frontendName := fmt.Sprintf("tcp-%s", port)
+		if tcpSvc.Status == DELETED || svc.Status == DELETED {
 			logger.Debugf("Deleting TCP frontend '%s'", frontendName)
 			err = api.FrontendDelete(frontendName)
-			logger.Panic(err)
-			reload = true
-			continue
-		case MODIFIED:
-			frontend, errFt := api.FrontendGet(frontendName)
 			if err != nil {
-				logger.Panic(errFt)
-				continue
-			}
-			frontend.DefaultBackend = backendName
-			if sslOption == "ssl" {
-				logger.Error(api.FrontendEnableSSLOffload(frontend.Name, HAProxyFtCertDir, false))
+				logger.Errorf("error deleting tcp frontend: %s", err)
 			} else {
-				logger.Error(api.FrontendDisableSSLOffload(frontend.Name))
-			}
-			logger.Debugf("Updating TCP frontend '%s'", frontendName)
-			if err = api.FrontendEdit(frontend); err != nil {
-				logger.Panic(err)
-				continue
-			}
-			reload = true
-		case ADDED:
-			frontend := models.Frontend{
-				Name:           frontendName,
-				Mode:           "tcp",
-				Tcplog:         true,
-				DefaultBackend: backendName,
-			}
-			logger.Debugf("Creating TCP frontend '%s'", frontendName)
-			err = api.FrontendCreate(frontend)
-			if err != nil {
-				logger.Panic(err)
+				reload = true
 			}
-			err = api.FrontendBindCreate(frontendName, models.Bind{
-				Address: "0.0.0.0:" + port,
-				Name:    "v4",
-			})
-			logger.Panic(err)
-			err = api.FrontendBindCreate(frontendName, models.Bind{
-				Address: ":::" + port,
-				Name:    "v6",
-				V4v6:    true,
-			})
-			if err != nil {
-				logger.Panic(err)
-			}
-			if sslOption == "ssl" {
-				logger.Error(api.FrontendEnableSSLOffload(frontend.Name, HAProxyFtCertDir, false))
-			}
-			reload = true
+			continue
 		}
-
-		// Handle Backend
-		var servicePort int64
-		if servicePort, err = strconv.ParseInt(svcPort, 10, 64); err != nil {
+		// Handle Route
+		var portNbr int64
+		if portNbr, err = strconv.ParseInt(svcPort, 10, 64); err != nil {
 			logger.Error(err)
 			continue
 		}
@@ -112,16 +71,67 @@ func (t TCPHandler) Update(k store.K8s, cfg *Configuration, api api.HAProxyClien
 		}
 		path := &store.IngressPath{
 			ServiceName:    service,
-			ServicePortInt: servicePort,
+			ServicePortInt: portNbr,
 			Status:         svc.Status,
 		}
-		nsmmp := k.GetNamespace(namespace)
-		logger.Error(cfg.IngressRoutes.AddRoute(&ingressRoute.Route{
-			Namespace:  nsmmp,
+		route := &ingressRoute.Route{
+			Namespace:  k.GetNamespace(namespace),
 			Ingress:    ingress,
 			Path:       path,
 			TCPService: true,
-		}))
+		}
+		err = route.SetBackendName()
+		if err != nil {
+			logger.Error(err)
+			continue
+		}
+		frontend, errGet := api.FrontendGet(frontendName)
+		if errGet != nil {
+			// Create Frontend
+			frontend = models.Frontend{
+				Name:           frontendName,
+				Mode:           "tcp",
+				Tcplog:         true,
+				DefaultBackend: route.BackendName,
+			}
+			var errors utils.Errors
+			logger.Debugf("Creating TCP frontend '%s'", frontendName)
+			errors.Add(api.FrontendCreate(frontend))
+			errors.Add(api.FrontendBindCreate(frontendName, models.Bind{
+				Address: "0.0.0.0:" + port,
+				Name:    "v4",
+			}))
+			errors.Add(api.FrontendBindCreate(frontendName, models.Bind{
+				Address: ":::" + port,
+				Name:    "v6",
+				V4v6:    true,
+			}))
+			if sslOption == "ssl" {
+				errors.Add(api.FrontendEnableSSLOffload(frontend.Name, HAProxyFtCertDir, false))
+			}
+			if errors.Result() != nil {
+				logger.Errorf("error configuring tcp frontend: %s", err)
+				continue
+			}
+			reload = true
+		} else if svc.Status != EMPTY {
+			// Update  Frontend
+			var errors utils.Errors
+			logger.Debugf("Updating TCP frontend '%s'", frontendName)
+			frontend.DefaultBackend = route.BackendName
+			if sslOption == "ssl" {
+				errors.Add(api.FrontendEnableSSLOffload(frontend.Name, HAProxyFtCertDir, false))
+			} else {
+				errors.Add(api.FrontendDisableSSLOffload(frontend.Name))
+			}
+			errors.Add(api.FrontendEdit(frontend))
+			if errors.Result() != nil {
+				logger.Errorf("error updating tcp frontend: %s", err)
+				continue
+			}
+			reload = true
+		}
+		logger.Error(cfg.IngressRoutes.AddRoute(route))
 	}
 	return reload, err
 }