siderolabs
diff --git a/‎internal/app/machined/pkg/controllers/network/probe_config.go‎
Lines changed: 142 additions & 0 deletions b/‎internal/app/machined/pkg/controllers/network/probe_config.go‎
Lines changed: 142 additions & 0 deletions
diff --git a/‎internal/app/machined/pkg/controllers/network/probe_config_test.go‎
Lines changed: 146 additions & 0 deletions b/‎internal/app/machined/pkg/controllers/network/probe_config_test.go‎
Lines changed: 146 additions & 0 deletions
diff --git a/‎internal/app/machined/pkg/runtime/v1alpha2/v1alpha2_controller.go‎
Lines changed: 1 addition & 0 deletions b/‎internal/app/machined/pkg/runtime/v1alpha2/v1alpha2_controller.go‎
Lines changed: 1 addition & 0 deletions
@@ -0,0 +1,142 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+package network
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/cosi-project/runtime/pkg/controller"
+	"github.com/cosi-project/runtime/pkg/resource"
+	"github.com/cosi-project/runtime/pkg/safe"
+	"github.com/cosi-project/runtime/pkg/state"
+	"github.com/siderolabs/gen/optional"
+	"go.uber.org/zap"
+
+	configconfig "github.com/siderolabs/talos/pkg/machinery/config/config"
+	"github.com/siderolabs/talos/pkg/machinery/resources/config"
+	"github.com/siderolabs/talos/pkg/machinery/resources/network"
+)
+
+// ProbeConfigController manages network.ProbeSpec based on ProbeConfig documents in machine configuration.
+type ProbeConfigController struct{}
+
+// Name implements controller.Controller interface.
+func (ctrl *ProbeConfigController) Name() string {
+	return "network.ProbeConfigController"
+}
+
+// Inputs implements controller.Controller interface.
+func (ctrl *ProbeConfigController) Inputs() []controller.Input {
+	return []controller.Input{
+		{
+			Namespace: config.NamespaceName,
+			Type:      config.MachineConfigType,
+			ID:        optional.Some(config.ActiveID),
+			Kind:      controller.InputWeak,
+		},
+	}
+}
+
+// Outputs implements controller.Controller interface.
+func (ctrl *ProbeConfigController) Outputs() []controller.Output {
+	return []controller.Output{
+		{
+			Type: network.ProbeSpecType,
+			Kind: controller.OutputShared,
+		},
+	}
+}
+
+// Run implements controller.Controller interface.
+func (ctrl *ProbeConfigController) Run(ctx context.Context, r controller.Runtime, logger *zap.Logger) error {
+	for {
+		select {
+		case <-ctx.Done():
+			return nil
+		case <-r.EventCh():
+		}
+
+		r.StartTrackingOutputs()
+
+		cfg, err := safe.ReaderGetByID[*config.MachineConfig](ctx, r, config.ActiveID)
+		if err != nil {
+			if !state.IsNotFoundError(err) {
+				return fmt.Errorf("error getting config: %w", err)
+			}
+		}
+
+		var specs []network.ProbeSpecSpec
+
+		// parse machine configuration for probe config documents
+		if cfg != nil {
+			configSpecs := ctrl.parseMachineConfiguration(cfg)
+			specs = append(specs, configSpecs...)
+		}
+
+		if err = ctrl.apply(ctx, r, specs); err != nil {
+			return fmt.Errorf("error applying specs: %w", err)
+		}
+
+		if err = r.CleanupOutputs(ctx,
+			resource.NewMetadata(network.NamespaceName, network.ProbeSpecType, "", resource.VersionUndefined),
+		); err != nil {
+			return fmt.Errorf("error cleaning up outputs: %w", err)
+		}
+
+		r.ResetRestartBackoff()
+	}
+}
+
+func (ctrl *ProbeConfigController) apply(ctx context.Context, r controller.Runtime, specs []network.ProbeSpecSpec) error {
+	for _, spec := range specs {
+		id, err := spec.ID()
+		if err != nil {
+			return fmt.Errorf("error getting probe spec ID: %w", err)
+		}
+
+		if err := safe.WriterModify(
+			ctx,
+			r,
+			network.NewProbeSpec(network.NamespaceName, id),
+			func(r *network.ProbeSpec) error {
+				*r.TypedSpec() = spec
+
+				return nil
+			},
+		); err != nil {
+			return fmt.Errorf("error modifying probe spec: %w", err)
+		}
+	}
+
+	return nil
+}
+
+func (ctrl *ProbeConfigController) parseMachineConfiguration(cfg *config.MachineConfig) []network.ProbeSpecSpec {
+	probeConfigs := cfg.Config().NetworkProbeConfigs()
+	specs := make([]network.ProbeSpecSpec, 0, len(probeConfigs))
+
+	for _, probeConfig := range probeConfigs {
+		spec := network.ProbeSpecSpec{
+			Interval:         probeConfig.Interval(),
+			FailureThreshold: probeConfig.FailureThreshold(),
+			ConfigLayer:      network.ConfigMachineConfiguration,
+		}
+
+		switch probeConfig := probeConfig.(type) {
+		case configconfig.NetworkTCPProbeConfig:
+			spec.TCP = network.TCPProbeSpec{
+				Endpoint: probeConfig.Endpoint(),
+				Timeout:  probeConfig.Timeout(),
+			}
+		default:
+			panic(fmt.Sprintf("unsupported probe config type: %T", probeConfig))
+		}
+
+		specs = append(specs, spec)
+	}
+
+	return specs
+}
@@ -0,0 +1,146 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+package network_test
+
+import (
+	"testing"
+	"time"
+
+	"github.com/cosi-project/runtime/pkg/resource/rtestutils"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/suite"
+
+	"github.com/siderolabs/talos/internal/app/machined/pkg/controllers/ctest"
+	netctrl "github.com/siderolabs/talos/internal/app/machined/pkg/controllers/network"
+	"github.com/siderolabs/talos/pkg/machinery/config/container"
+	networkcfg "github.com/siderolabs/talos/pkg/machinery/config/types/network"
+	"github.com/siderolabs/talos/pkg/machinery/resources/config"
+	"github.com/siderolabs/talos/pkg/machinery/resources/network"
+)
+
+type ProbeConfigSuite struct {
+	ctest.DefaultSuite
+}
+
+func (suite *ProbeConfigSuite) TestNoConfig() {
+	// With no config, no ProbeSpec resources should be created
+	ctest.AssertNoResource[*network.ProbeSpec](suite, "tcp:proxy.example.com:3128", rtestutils.WithNamespace(network.NamespaceName))
+}
+
+func (suite *ProbeConfigSuite) TestSingleProbe() {
+	probeConfig := networkcfg.NewTCPProbeConfigV1Alpha1("proxy-check")
+	probeConfig.ProbeInterval = time.Second
+	probeConfig.ProbeFailureThreshold = 3
+	probeConfig.TCPEndpoint = "proxy.example.com:3128"
+	probeConfig.TCPTimeout = 10 * time.Second
+
+	ctr, err := container.New(probeConfig)
+	suite.Require().NoError(err)
+
+	cfg := config.NewMachineConfig(ctr)
+	suite.Create(cfg)
+
+	ctest.AssertResources(
+		suite,
+		[]string{
+			"tcp:proxy.example.com:3128",
+		}, func(r *network.ProbeSpec, asrt *assert.Assertions) {
+			asrt.Equal(time.Second, r.TypedSpec().Interval)
+			asrt.Equal(3, r.TypedSpec().FailureThreshold)
+			asrt.Equal("proxy.example.com:3128", r.TypedSpec().TCP.Endpoint)
+			asrt.Equal(10*time.Second, r.TypedSpec().TCP.Timeout)
+			asrt.Equal(network.ConfigMachineConfiguration, r.TypedSpec().ConfigLayer)
+		},
+		rtestutils.WithNamespace(network.NamespaceName),
+	)
+
+	// Update the probe config
+	ctest.UpdateWithConflicts(suite, cfg, func(r *config.MachineConfig) error {
+		docs := r.Container().Documents()
+		probeDoc := docs[0].(*networkcfg.TCPProbeConfigV1Alpha1)
+		probeDoc.ProbeFailureThreshold = 5
+
+		return nil
+	})
+
+	ctest.AssertResources(
+		suite,
+		[]string{
+			"tcp:proxy.example.com:3128",
+		}, func(r *network.ProbeSpec, asrt *assert.Assertions) {
+			asrt.Equal(5, r.TypedSpec().FailureThreshold)
+		},
+		rtestutils.WithNamespace(network.NamespaceName),
+	)
+
+	// Remove the config
+	suite.Destroy(cfg)
+
+	ctest.AssertNoResource[*network.ProbeSpec](suite, "tcp:proxy.example.com:3128", rtestutils.WithNamespace(network.NamespaceName))
+}
+
+func (suite *ProbeConfigSuite) TestMultipleProbes() {
+	// Create first probe
+	probeConfig1 := networkcfg.NewTCPProbeConfigV1Alpha1("proxy-check")
+	probeConfig1.ProbeInterval = time.Second
+	probeConfig1.ProbeFailureThreshold = 3
+	probeConfig1.TCPEndpoint = "proxy.example.com:3128"
+	probeConfig1.TCPTimeout = 10 * time.Second
+
+	// Create second probe
+	probeConfig2 := networkcfg.NewTCPProbeConfigV1Alpha1("dns-check")
+	probeConfig2.ProbeInterval = 5 * time.Second
+	probeConfig2.ProbeFailureThreshold = 2
+	probeConfig2.TCPEndpoint = "8.8.8.8:53"
+	probeConfig2.TCPTimeout = 5 * time.Second
+
+	ctr, err := container.New(probeConfig1, probeConfig2)
+	suite.Require().NoError(err)
+
+	cfg := config.NewMachineConfig(ctr)
+	suite.Create(cfg)
+
+	// Verify both probes are created
+	ctest.AssertResources(
+		suite,
+		[]string{
+			"tcp:proxy.example.com:3128",
+		}, func(r *network.ProbeSpec, asrt *assert.Assertions) {
+			asrt.Equal("proxy.example.com:3128", r.TypedSpec().TCP.Endpoint)
+			asrt.Equal(3, r.TypedSpec().FailureThreshold)
+		},
+		rtestutils.WithNamespace(network.NamespaceName),
+	)
+
+	ctest.AssertResources(
+		suite,
+		[]string{
+			"tcp:8.8.8.8:53",
+		}, func(r *network.ProbeSpec, asrt *assert.Assertions) {
+			asrt.Equal("8.8.8.8:53", r.TypedSpec().TCP.Endpoint)
+			asrt.Equal(2, r.TypedSpec().FailureThreshold)
+		},
+		rtestutils.WithNamespace(network.NamespaceName),
+	)
+
+	suite.Destroy(cfg)
+
+	// Verify both probes are removed
+	ctest.AssertNoResource[*network.ProbeSpec](suite, "tcp:proxy.example.com:3128", rtestutils.WithNamespace(network.NamespaceName))
+	ctest.AssertNoResource[*network.ProbeSpec](suite, "tcp:8.8.8.8:53", rtestutils.WithNamespace(network.NamespaceName))
+}
+
+func TestProbeConfigSuite(t *testing.T) {
+	t.Parallel()
+
+	suite.Run(t, &ProbeConfigSuite{
+		DefaultSuite: ctest.DefaultSuite{
+			Timeout: 10 * time.Second,
+			AfterSetup: func(suite *ctest.DefaultSuite) {
+				suite.Require().NoError(suite.Runtime().RegisterController(&netctrl.ProbeConfigController{}))
+			},
+		},
+	})
+}
@@ -369,6 +369,7 @@ func (ctrl *Controller) Run(ctx context.Context, drainer *runtime.Drainer) error
 		&network.StatusController{
 			V1Alpha1Mode: ctrl.v1alpha1Runtime.State().Platform().Mode(),
 		},
+		&network.ProbeConfigController{},
 		&network.TimeServerConfigController{
 			Cmdline: procfs.ProcCmdline(),
 		},