oslokommune · deifyed · Sep 12, 2022 · Sep 7, 2022 · Sep 7, 2022 · Sep 7, 2022
diff --git a/cmd/okctl/apply_cluster.go b/cmd/okctl/apply_cluster.go
@@ -6,6 +6,8 @@ import (
 	"io/ioutil"
 	"path"
 
+	"github.com/oslokommune/okctl/pkg/api/core"
+	"github.com/oslokommune/okctl/pkg/api/core/run"
 	"github.com/oslokommune/okctl/pkg/metrics"
 
 	"github.com/oslokommune/okctl/cmd/okctl/hooks"
@@ -118,6 +120,8 @@ func buildApplyClusterCommand(o *okctl.Okctl) *cobra.Command {
 				return fmt.Errorf("error getting services: %w", err)
 			}
 
+			kubeService := core.NewKubeService(run.NewKubeRun(o.CloudProvider, o.CredentialsProvider.Aws()))
+
 			schedulerOpts := common.SchedulerOpts{
 				Out:                             o.Out,
 				Spinner:                         spin,
@@ -143,7 +147,7 @@ func buildApplyClusterCommand(o *okctl.Okctl) *cobra.Command {
 				reconciliation.NewTempoReconciler(services.Monitoring),
 				reconciliation.NewKubePrometheusStackReconciler(services.Monitoring),
 				reconciliation.NewUsersReconciler(services.IdentityManager),
-				reconciliation.NewPostgresReconciler(services.Component),
+				reconciliation.NewPostgresReconciler(kubeService, services.Component),
 				reconciliation.NewCleanupSGReconciler(o.CloudProvider),
 			)
 

diff --git a/cmd/okctl/delete_cluster.go b/cmd/okctl/delete_cluster.go
@@ -7,6 +7,8 @@ import (
 
 	"github.com/AlecAivazis/survey/v2"
 	"github.com/oslokommune/okctl/cmd/okctl/hooks"
+	"github.com/oslokommune/okctl/pkg/api/core"
+	"github.com/oslokommune/okctl/pkg/api/core/run"
 	"github.com/oslokommune/okctl/pkg/controller/cluster/reconciliation"
 	common "github.com/oslokommune/okctl/pkg/controller/common/reconciliation"
 	"github.com/oslokommune/okctl/pkg/metrics"
@@ -60,6 +62,8 @@ func buildDeleteClusterCommand(o *okctl.Okctl) *cobra.Command {
 				return fmt.Errorf("error getting services: %w", err)
 			}
 
+			kubeService := core.NewKubeService(run.NewKubeRun(o.CloudProvider, o.CredentialsProvider.Aws()))
+
 			schedulerOpts := common.SchedulerOpts{
 				Out:                             o.Out,
 				Spinner:                         spin,
@@ -86,7 +90,7 @@ func buildDeleteClusterCommand(o *okctl.Okctl) *cobra.Command {
 				reconciliation.NewTempoReconciler(services.Monitoring),
 				reconciliation.NewKubePrometheusStackReconciler(services.Monitoring),
 				reconciliation.NewUsersReconciler(services.IdentityManager),
-				reconciliation.NewPostgresReconciler(services.Component),
+				reconciliation.NewPostgresReconciler(kubeService, services.Component),
 				reconciliation.NewCleanupSGReconciler(o.CloudProvider),
 			)
 

diff --git a/docs/release_notes/0.0.105.md b/docs/release_notes/0.0.105.md
@@ -6,5 +6,7 @@
 
 ## Changes
 
+#1035 👌 Move disable early TCP demux functionality to cluster reconciliation
+
 ## Other
 
diff --git a/pkg/api/kube_api.go b/pkg/api/kube_api.go
@@ -235,8 +235,14 @@ func (o ScaleDeploymentOpts) Validate() error {
 	)
 }
 
+// EarlyTCPDemuxDisabler defines functionality required to disable Early TCP demux in an EKS cluster
+type EarlyTCPDemuxDisabler interface {
+	DisableEarlyDEMUX(ctx context.Context, clusterID ID) error
+}
+
 // KubeService provides kube deployment service layer
 type KubeService interface {
+	EarlyTCPDemuxDisabler
 	CreateExternalDNSKubeDeployment(ctx context.Context, opts CreateExternalDNSKubeDeploymentOpts) (*ExternalDNSKube, error)
 	DeleteNamespace(ctx context.Context, opts DeleteNamespaceOpts) error
 	CreateStorageClass(ctx context.Context, opts CreateStorageClassOpts) (*StorageClassKube, error)
@@ -246,11 +252,11 @@ type KubeService interface {
 	DeleteConfigMap(ctx context.Context, opts DeleteConfigMapOpts) error
 	ScaleDeployment(ctx context.Context, opts ScaleDeploymentOpts) error
 	CreateNamespace(ctx context.Context, opts CreateNamespaceOpts) (*Namespace, error)
-	DisableEarlyDEMUX(ctx context.Context, clusterID ID) error
 }
 
 // KubeRun provides kube deployment run layer
 type KubeRun interface {
+	EarlyTCPDemuxDisabler
 	CreateExternalDNSKubeDeployment(opts CreateExternalDNSKubeDeploymentOpts) (*ExternalDNSKube, error)
 	DeleteNamespace(opts DeleteNamespaceOpts) error
 	CreateStorageClass(opts CreateStorageClassOpts) (*StorageClassKube, error)
@@ -260,5 +266,4 @@ type KubeRun interface {
 	DeleteConfigMap(opts DeleteConfigMapOpts) error
 	ScaleDeployment(opts ScaleDeploymentOpts) error
 	CreateNamespace(opts CreateNamespaceOpts) (*Namespace, error)
-	DisableEarlyDEMUX(ctx context.Context, clusterID ID) error
 }
diff --git a/pkg/client/application_postgres_client.go b/pkg/client/application_postgres_client.go
@@ -3,8 +3,6 @@ package client
 import (
 	"context"
 
-	"github.com/oslokommune/okctl/pkg/api"
-
 	"github.com/oslokommune/okctl/pkg/apis/okctl.io/v1alpha1"
 )
 
@@ -38,8 +36,3 @@ type ApplicationPostgresService interface {
 	RemovePostgresFromApplication(ctx context.Context, opts RemovePostgresFromApplicationOpts) error
 	HasPostgresIntegration(ctx context.Context, opts HasPostgresIntegrationOpts) (bool, error)
 }
-
-// ApplicationPostgresAPI defines the
-type ApplicationPostgresAPI interface {
-	DisableEarlyTCPDemux(context.Context, api.ID) error
-}
diff --git a/pkg/client/core/service_application_postgres_client.go b/pkg/client/core/service_application_postgres_client.go
@@ -75,11 +75,6 @@ func (a *applicationPostgresService) AddPostgresToApplication(ctx context.Contex
 		return fmt.Errorf("creating security group policy: %w", err)
 	}
 
-	err = a.disableEarlyTCPDemux(ctx, clusterID)
-	if err != nil {
-		return fmt.Errorf("disabling early demux: %w", err)
-	}
-
 	return nil
 }
 
@@ -276,11 +271,6 @@ func (a *applicationPostgresService) newSecurityGroupPatchOperations(
 	}
 }
 
-// ref: https://aws.amazon.com/blogs/containers/introducing-security-groups-for-pods/
-func (a *applicationPostgresService) disableEarlyTCPDemux(ctx context.Context, clusterID api.ID) error {
-	return a.kubeService.DisableEarlyDEMUX(ctx, clusterID)
-}
-
 func (a *applicationPostgresService) removeSecurityGroupPolicy(
 	ctx context.Context,
 	cluster v1alpha1.Cluster,

diff --git a/pkg/controller/cluster/reconciliation/postgres_reconciler.go b/pkg/controller/cluster/reconciliation/postgres_reconciler.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 
+	"github.com/oslokommune/okctl/pkg/api"
 	"github.com/oslokommune/okctl/pkg/apis/okctl.io/v1alpha1"
 
 	"github.com/oslokommune/okctl/pkg/controller/common/reconciliation"
@@ -18,7 +19,8 @@ import (
 const postgresReconcilerIdentifier = "Postgres"
 
 type postgresReconciler struct {
-	client client.ComponentService
+	client      client.ComponentService
+	kubeService api.EarlyTCPDemuxDisabler
 }
 
 type database struct {
@@ -52,6 +54,11 @@ func (z *postgresReconciler) Reconcile(ctx context.Context, meta reconciliation.
 	dbSubnetIDs := subnetsAsIDList(vpc.DatabaseSubnets)
 	dbSubnetCIDRs := subnetsAsCIDRList(vpc.DatabaseSubnets)
 
+	err = z.kubeService.DisableEarlyDEMUX(ctx, reconciliation.ClusterMetaAsID(meta.ClusterDeclaration.Metadata))
+	if err != nil {
+		return reconciliation.Result{}, fmt.Errorf("disabling early TCP demux: %w", err)
+	}
+
 	actionMap, err := z.determineActions(meta, state)
 	if err != nil {
 		return reconciliation.Result{}, fmt.Errorf("determining course of action: %w", err)
@@ -139,9 +146,10 @@ func (z *postgresReconciler) String() string {
 }
 
 // NewPostgresReconciler creates a new reconciler for the Postgres resource
-func NewPostgresReconciler(client client.ComponentService) reconciliation.Reconciler {
+func NewPostgresReconciler(kubeService api.EarlyTCPDemuxDisabler, client client.ComponentService) reconciliation.Reconciler {
 	return &postgresReconciler{
-		client: client,
+		kubeService: kubeService,
+		client:      client,
 	}
 }
 

diff --git a/pkg/controller/cluster/reconciliation/postgres_reconciler_test.go b/pkg/controller/cluster/reconciliation/postgres_reconciler_test.go
@@ -6,6 +6,7 @@ import (
 
 	"github.com/stretchr/testify/assert"
 
+	"github.com/oslokommune/okctl/pkg/api"
 	"github.com/oslokommune/okctl/pkg/apis/okctl.io/v1alpha1"
 	"github.com/oslokommune/okctl/pkg/client"
 	clientCore "github.com/oslokommune/okctl/pkg/client/core"
@@ -94,10 +95,10 @@ func TestPostgresReconciler(t *testing.T) {
 			creations := 0
 			deletions := 0
 
-			reconciler := NewPostgresReconciler(&mockPostgresService{
-				creationBump: func() { creations++ },
-				deletionBump: func() { deletions++ },
-			})
+			reconciler := NewPostgresReconciler(
+				mockEarlyTCPDemuxDisabler{},
+				&mockPostgresService{creationBump: func() { creations++ }, deletionBump: func() { deletions++ }},
+			)
 
 			meta := reconciliation.Metadata{
 				ClusterDeclaration: &v1alpha1.Cluster{
@@ -119,6 +120,12 @@ func TestPostgresReconciler(t *testing.T) {
 	}
 }
 
+type mockEarlyTCPDemuxDisabler struct{}
+
+func (mockEarlyTCPDemuxDisabler) DisableEarlyDEMUX(_ context.Context, _ api.ID) error {
+	return nil
+}
+
 type mockPostgresService struct {
 	creationBump func()
 	deletionBump func()
Original file line number	Diff line number	Diff line change
Expand Up		@@ -6,5 +6,7 @@

		## Changes

		#1035 👌 Move disable early TCP demux functionality to cluster reconciliation

		## Other