From acc67bbaa162ed0de4584f87fbe71d7ed9430ffc Mon Sep 17 00:00:00 2001
From: Lior Noy <lnoy@redhat.com>
Date: Thu, 23 May 2024 15:51:16 +0300
Subject: [PATCH] Specify static entries namespaces

This commit fill the namespaces of some static custom entries, and
renames the variable name of cloudStaticEntries to be cloud generic
and not specific for AWS.

Adding DHCP port (67) as well.

Signed-off-by: Lior Noy <lnoy@redhat.com>
---
 README.md                          |   2 +-
 cmd/main.go                        |   6 +-
 commatrix/commatrix.go             |   8 +-
 commatrix/static-custom-entries.go | 118 ++++++++++++++++++-----------
 4 files changed, 83 insertions(+), 51 deletions(-)

diff --git a/README.md b/README.md
index 6f0c2a5..5304eb2 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ Use the `generate` Makefile target to create the matrix.
 The following environment variables are used to configure:
 ```
 FORMAT (csv/json/yaml)
-CLUSTER_ENV (baremetal/aws)
+CLUSTER_ENV (baremetal/cloud)
 DEST_DIR (path to the directory containing the artifacts)
 DEPLOYMENT (mno/sno)
 ```
diff --git a/cmd/main.go b/cmd/main.go
index 70ea6cf..d4300b8 100644
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -32,7 +32,7 @@ func main() {
 
 	flag.StringVar(&destDir, "destDir", "communication-matrix", "Output files dir")
 	flag.StringVar(&format, "format", "csv", "Desired format (json,yaml,csv)")
-	flag.StringVar(&envStr, "env", "baremetal", "Cluster environment (baremetal/aws)")
+	flag.StringVar(&envStr, "env", "baremetal", "Cluster environment (baremetal/cloud)")
 	flag.StringVar(&deploymentStr, "deployment", "mno", "Deployment type (mno/sno)")
 	flag.StringVar(&customEntriesPath, "customEntriesPath", "", "Add custom entries from a JSON file to the matrix")
 
@@ -58,8 +58,8 @@ func main() {
 	switch envStr {
 	case "baremetal":
 		env = commatrix.Baremetal
-	case "aws":
-		env = commatrix.AWS
+	case "cloud":
+		env = commatrix.Cloud
 	default:
 		panic(fmt.Sprintf("invalid cluster environment: %s", envStr))
 	}
diff --git a/commatrix/commatrix.go b/commatrix/commatrix.go
index fc9931a..6869d75 100644
--- a/commatrix/commatrix.go
+++ b/commatrix/commatrix.go
@@ -18,7 +18,7 @@ type Env int
 
 const (
 	Baremetal Env = iota
-	AWS
+	Cloud
 )
 
 type Deployment int
@@ -104,12 +104,12 @@ func getStaticEntries(e Env, d Deployment) ([]types.ComDetails, error) {
 			break
 		}
 		comDetails = append(comDetails, baremetalStaticEntriesWorker...)
-	case AWS:
-		comDetails = append(comDetails, awsCloudStaticEntriesMaster...)
+	case Cloud:
+		comDetails = append(comDetails, cloudStaticEntriesMaster...)
 		if d == SNO {
 			break
 		}
-		comDetails = append(comDetails, awsCloudStaticEntriesWorker...)
+		comDetails = append(comDetails, cloudStaticEntriesWorker...)
 	default:
 		return nil, fmt.Errorf("invalid value for cluster environment")
 	}
diff --git a/commatrix/static-custom-entries.go b/commatrix/static-custom-entries.go
index 47c7c2a..8bc27ea 100644
--- a/commatrix/static-custom-entries.go
+++ b/commatrix/static-custom-entries.go
@@ -9,7 +9,18 @@ var generalStaticEntriesWorker = []types.ComDetails{
 		Port:      22,
 		NodeRole:  "worker",
 		Service:   "sshd",
-		Namespace: "",
+		Namespace: "<RHCOS System>",
+		Pod:       "",
+		Container: "",
+		Optional:  true,
+	},
+	{
+		Direction: "ingress",
+		Protocol:  "TCP",
+		Port:      67,
+		NodeRole:  "worker",
+		Service:   "DHCP",
+		Namespace: "<RHCOS System>",
 		Pod:       "",
 		Container: "",
 		Optional:  true,
@@ -29,7 +40,7 @@ var generalStaticEntriesWorker = []types.ComDetails{
 		Port:      10250,
 		NodeRole:  "worker",
 		Service:   "kubelet",
-		Namespace: "",
+		Namespace: "<RHCOS System>",
 		Pod:       "",
 		Container: "",
 		Optional:  false,
@@ -49,7 +60,7 @@ var generalStaticEntriesWorker = []types.ComDetails{
 		Port:      111,
 		NodeRole:  "worker",
 		Service:   "rpcbind",
-		Namespace: "",
+		Namespace: "<RHCOS System>",
 		Pod:       "",
 		Container: "",
 		Optional:  true,
@@ -59,7 +70,7 @@ var generalStaticEntriesWorker = []types.ComDetails{
 		Port:      111,
 		NodeRole:  "worker",
 		Service:   "rpcbind",
-		Namespace: "",
+		Namespace: "<RHCOS System>",
 		Pod:       "",
 		Container: "",
 		Optional:  true,
@@ -69,7 +80,7 @@ var generalStaticEntriesWorker = []types.ComDetails{
 		Port:      10256,
 		NodeRole:  "worker",
 		Service:   "ovnkube",
-		Namespace: "openshift-sdn",
+		Namespace: "openshift-ovn-kubernetes",
 		Pod:       "ovnkube",
 		Container: "ovnkube-controller",
 		Optional:  true,
@@ -79,7 +90,7 @@ var generalStaticEntriesWorker = []types.ComDetails{
 		Port:      9537,
 		NodeRole:  "worker",
 		Service:   "crio-metrics",
-		Namespace: "",
+		Namespace: "<RHCOS System>",
 		Pod:       "",
 		Container: "",
 		Optional:  false,
@@ -90,6 +101,17 @@ var generalStaticEntriesMaster = []types.ComDetails{
 	{
 		Direction: "Ingress",
 		Protocol:  "TCP",
+		Port:      8080,
+		NodeRole:  "master",
+		Service:   "",
+		Namespace: "openshift-network-operator",
+		Pod:       "network-operator",
+		Container: "network-operator",
+		Optional:  false,
+	},
+	{
+		Direction: "ingress",
+		Protocol:  "TCP",
 		Port:      9637,
 		NodeRole:  "master",
 		Service:   "kube-rbac-proxy-crio",
@@ -102,10 +124,10 @@ var generalStaticEntriesMaster = []types.ComDetails{
 		Protocol:  "TCP",
 		Port:      10256,
 		NodeRole:  "master",
-		Service:   "openshift-sdn",
-		Namespace: "",
-		Pod:       "",
-		Container: "",
+		Service:   "ovnkube",
+		Namespace: "openshift-ovn-kubernetes",
+		Pod:       "ovnkube",
+		Container: "ovnkube-controller",
 		Optional:  false,
 	}, {
 		Direction: "Ingress",
@@ -123,7 +145,7 @@ var generalStaticEntriesMaster = []types.ComDetails{
 		Port:      10250,
 		NodeRole:  "master",
 		Service:   "kubelet",
-		Namespace: "",
+		Namespace: "<RHCOS System>",
 		Pod:       "",
 		Container: "",
 		Optional:  false,
@@ -143,7 +165,7 @@ var generalStaticEntriesMaster = []types.ComDetails{
 		Port:      111,
 		NodeRole:  "master",
 		Service:   "rpcbind",
-		Namespace: "",
+		Namespace: "<RHCOS System>",
 		Pod:       "",
 		Container: "",
 		Optional:  true,
@@ -153,7 +175,7 @@ var generalStaticEntriesMaster = []types.ComDetails{
 		Port:      111,
 		NodeRole:  "master",
 		Service:   "rpcbind",
-		Namespace: "",
+		Namespace: "<RHCOS System>",
 		Pod:       "",
 		Container: "",
 		Optional:  true,
@@ -163,7 +185,18 @@ var generalStaticEntriesMaster = []types.ComDetails{
 		Port:      22,
 		NodeRole:  "master",
 		Service:   "sshd",
-		Namespace: "",
+		Namespace: "<RHCOS System>",
+		Pod:       "",
+		Container: "",
+		Optional:  true,
+	},
+	{
+		Direction: "ingress",
+		Protocol:  "TCP",
+		Port:      67,
+		NodeRole:  "master",
+		Service:   "DHCP",
+		Namespace: "<RHCOS System>",
 		Pod:       "",
 		Container: "",
 		Optional:  true,
@@ -263,7 +296,7 @@ var generalStaticEntriesMaster = []types.ComDetails{
 		Port:      6080,
 		NodeRole:  "master",
 		Service:   "",
-		Namespace: "openshift-kube-apiserver-readyz",
+		Namespace: "openshift-kube-apiserver",
 		Pod:       "kube-apiserver",
 		Container: "kube-apiserver-insecure-readyz",
 		Optional:  false,
@@ -420,24 +453,24 @@ var baremetalStaticEntriesMaster = []types.ComDetails{
 		Protocol:  "TCP",
 		Port:      9447,
 		NodeRole:  "master",
-		Service:   "baremetal-operator-webhook-baremetal provisioning",
-		Namespace: "",
+		Service:   "crio",
+		Namespace: "<RHCOS System>",
 		Pod:       "",
 		Container: "",
 		Optional:  false,
 	},
 }
 
-var awsCloudStaticEntriesWorker = []types.ComDetails{
+var cloudStaticEntriesWorker = []types.ComDetails{
 	{
 		Direction: "Ingress",
 		Protocol:  "TCP",
 		Port:      10304,
 		NodeRole:  "worker",
-		Service:   "csi-node-driver",
-		Namespace: "",
-		Pod:       "",
-		Container: "",
+		Service:   "csi-node-driver-registrar",
+		Namespace: "openshift-cluster-csi-drivers",
+		Pod:       "csi-driver-node",
+		Container: "csi-node-driver-registrar",
 		Optional:  false,
 	}, {
 		Direction: "Ingress",
@@ -445,14 +478,14 @@ var awsCloudStaticEntriesWorker = []types.ComDetails{
 		Port:      10300,
 		NodeRole:  "worker",
 		Service:   "csi-livenessprobe",
-		Namespace: "",
-		Pod:       "",
-		Container: "",
+		Namespace: "openshift-cluster-csi-drivers",
+		Pod:       "csi-driver-node",
+		Container: "csi-driver",
 		Optional:  false,
 	},
 }
 
-var awsCloudStaticEntriesMaster = []types.ComDetails{
+var cloudStaticEntriesMaster = []types.ComDetails{
 	{
 		Direction: "Ingress",
 		Protocol:  "TCP",
@@ -468,40 +501,39 @@ var awsCloudStaticEntriesMaster = []types.ComDetails{
 		Protocol:  "TCP",
 		Port:      10260,
 		NodeRole:  "master",
-		Service:   "aws-cloud-controller",
-		Namespace: "",
-		Pod:       "",
-		Container: "",
+		Service:   "cloud-controller",
+		Namespace: "openshift-cloud-controller-manager-operator",
+		Pod:       "cloud-controller-manager",
+		Container: "cloud-controller-manager",
 		Optional:  false,
 	}, {
 		Direction: "Ingress",
 		Protocol:  "TCP",
 		Port:      10258,
 		NodeRole:  "master",
-		Service:   "aws-cloud-controller",
-		Namespace: "",
-		Pod:       "",
-		Container: "",
+		Service:   "cloud-controller",
+		Namespace: "openshift-cloud-controller-manager-operator",
+		Pod:       "cloud-controller-manager",
+		Container: "cloud-controller-manager",
 		Optional:  false,
 	}, {
 		Direction: "Ingress",
 		Protocol:  "TCP",
 		Port:      10304,
 		NodeRole:  "master",
-		Service:   "csi-node-driver",
-		Namespace: "",
-		Pod:       "",
-		Container: "",
-		Optional:  false,
+		Service:   "csi-node-driver-registrar",
+		Namespace: "openshift-cluster-csi-drivers",
+		Pod:       "csi-driver-node",
+		Container: "csi-node-driver-registrar",
 	}, {
 		Direction: "Ingress",
 		Protocol:  "TCP",
 		Port:      10300,
 		NodeRole:  "master",
-		Service:   "csi-livenessprobe",
-		Namespace: "",
-		Pod:       "",
-		Container: "",
+		Service:   "csi-drivers-livenessprobe",
+		Namespace: "openshift-cluster-csi-drivers",
+		Pod:       "csi-driver-node",
+		Container: "csi-driver",
 		Optional:  false,
 	},
 }