Feat/flexible topology config

.gitignore

@@ -32,4 +32,5 @@ work
 
 cover.out
 coverage.out
-.vscode
+.vscode
+

apis/controller/v1alpha1/sliceconfig_types.go

@@ -74,6 +74,8 @@ type SliceConfigSpec struct {
 	// RenewBefore is used for renew now!
 	RenewBefore *metav1.Time      `json:"renewBefore,omitempty"`
 	VPNConfig   *VPNConfiguration `json:"vpnConfig,omitempty"`
+	// TopologyConfig defines cluster connectivity patterns
+	TopologyConfig *TopologyConfig `json:"topologyConfig,omitempty"`
 }
 
 // ExternalGatewayConfig is the configuration for external gateways like 'istio', etc/
@@ -174,6 +176,37 @@ type VPNConfiguration struct {
 	Cipher string `json:"cipher"`
 }
 
+// +kubebuilder:validation:Enum:=restricted;full-mesh;custom
+type TopologyType string
+
+const (
+	TopologyRestricted TopologyType = "restricted"
+	TopologyFullMesh   TopologyType = "full-mesh"
+	TopologyCustom     TopologyType = "custom"
+)
+
+type TopologyConfig struct {
+	//+kubebuilder:default:=full-mesh
+	TopologyType       TopologyType        `json:"topologyType,omitempty"`
+	ConnectivityMatrix []ConnectivityEntry `json:"connectivityMatrix,omitempty"`
+	ForbiddenEdges     []ForbiddenEdge     `json:"forbiddenEdges,omitempty"`
+}
+
+type ConnectivityEntry struct {
+	//+kubebuilder:validation:Required
+	SourceCluster string `json:"sourceCluster"`
+	//+kubebuilder:validation:Required
+	TargetClusters []string `json:"targetClusters"`
+}
+
+type ForbiddenEdge struct {
+	//+kubebuilder:validation:Required
+	SourceCluster string `json:"sourceCluster"`
+	//+kubebuilder:validation:Required
+	TargetClusters []string `json:"targetClusters"`
+}
+
+
 type KubesliceEvent struct {
 	// Type of the event. Can be one of Error, Success or InProgress
 	Type string `json:"type,omitempty"`

apis/worker/v1alpha1/workersliceconfig_types.go

@@ -53,6 +53,8 @@ type WorkerSliceConfigSpec struct {
 	ExternalGatewayConfig     ExternalGatewayConfig     `json:"externalGatewayConfig,omitempty"`
 	//+kubebuilder:default:=single-network
 	OverlayNetworkDeploymentMode controllerv1alpha1.NetworkType `json:"overlayNetworkDeploymentMode,omitempty"`
+	// Topology configuration for flexible topology support
+	TopologyConfig *controllerv1alpha1.TopologyConfig `json:"topologyConfig,omitempty"`
 }
 
 // WorkerSliceGatewayProvider defines the configuration for slicegateway

config/crd/bases/controller.kubeslice.io_sliceconfigs.yaml

@@ -227,6 +227,46 @@ spec:
                 type: string
               standardQosProfileName:
                 type: string
+              topologyConfig:
+                description: TopologyConfig defines cluster connectivity patterns
+                properties:
+                  connectivityMatrix:
+                    items:
+                      properties:
+                        sourceCluster:
+                          type: string
+                        targetClusters:
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - sourceCluster
+                      - targetClusters
+                      type: object
+                    type: array
+                  forbiddenEdges:
+                    items:
+                      properties:
+                        sourceCluster:
+                          type: string
+                        targetClusters:
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - sourceCluster
+                      - targetClusters
+                      type: object
+                    type: array
+                  topologyType:
+                    default: full-mesh
+                    enum:
+                    - restricted
+                    - full-mesh
+                    - custom
+                    type: string
+                type: object
+
               vpnConfig:
                 description: VPNConfiguration defines the additional (optional) VPN
                   Configuration to customise

config/crd/bases/worker.kubeslice.io_workersliceconfigs.yaml

@@ -168,6 +168,45 @@ spec:
               sliceType:
                 default: Application
                 type: string
+              topologyConfig:
+                description: Topology configuration for flexible topology support
+                properties:
+                  connectivityMatrix:
+                    items:
+                      properties:
+                        sourceCluster:
+                          type: string
+                        targetClusters:
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - sourceCluster
+                      - targetClusters
+                      type: object
+                    type: array
+                  forbiddenEdges:
+                    items:
+                      properties:
+                        sourceCluster:
+                          type: string
+                        targetClusters:
+                          items:
+                            type: string
+                          type: array
+                      required:
+                      - sourceCluster
+                      - targetClusters
+                      type: object
+                    type: array
+                  topologyType:
+                    default: full-mesh
+                    enum:
+                    - restricted
+                    - full-mesh
+                    - custom
+                    type: string
+                type: object
             type: object
           status:
             description: WorkerSliceConfigStatus defines the observed state of Slice

config/samples/topology-custom-matrix.yaml

@@ -0,0 +1,17 @@
+apiVersion: controller.kubeslice.io/v1alpha1
+kind: SliceConfig
+metadata:
+  name: demo-custom-matrix
+  namespace: kubeslice-avesha
+spec:
+  sliceSubnet: "10.3.0.0/16"
+  clusters: ["dmz", "gateway", "internal", "database"]
+  topologyConfig:
+    topologyType: custom
+    connectivityMatrix:
+      - sourceCluster: dmz
+        targetClusters: ["gateway"]
+      - sourceCluster: gateway
+        targetClusters: ["internal", "dmz"]
+      - sourceCluster: internal
+        targetClusters: ["database", "gateway"]

config/samples/topology-full-mesh.yaml

@@ -0,0 +1,18 @@
+apiVersion: controller.kubeslice.io/v1alpha1
+kind: SliceConfig
+metadata:
+  name: demo-full-mesh
+  namespace: kubeslice-avesha
+spec:
+  sliceSubnet: "10.1.0.0/16"
+  clusters: ["cluster-1", "cluster-2", "cluster-3", "cluster-4"]
+  topologyConfig:
+    topologyType: full-mesh
+  # Full-mesh creates all possible connections between clusters
+  # For 4 clusters: 6 gateway pairs (n*(n-1)/2)
+  # cluster-1 <-> cluster-2
+  # cluster-1 <-> cluster-3
+  # cluster-1 <-> cluster-4
+  # cluster-2 <-> cluster-3
+  # cluster-2 <-> cluster-4
+  # cluster-3 <-> cluster-4

config/samples/topology-restricted-secure.yaml

@@ -0,0 +1,13 @@
+apiVersion: controller.kubeslice.io/v1alpha1
+kind: SliceConfig
+metadata:
+  name: demo-restricted-secure
+  namespace: kubeslice-avesha
+spec:
+  sliceSubnet: "10.2.0.0/16"
+  clusters: ["dmz", "gateway", "internal", "analytics"]
+  topologyConfig:
+    topologyType: restricted
+    forbiddenEdges:
+      - sourceCluster: gateway
+        targetClusters: ["dmz", "analytics"]