add additional role settings (#1685)

Closes #1683

Adds additional settings for the role:
`proxyProtocol` - the role will use the proxy protocol for any forwarded
traffic
`stickySessions` - the traffic will be forwarded to the same node based
on the hash of the source ip.


https://github.com/berops/claudie/blob/26a8dd8b83f2a3d7df822692f66c7884073b5350/services/ansibler/templates/conf.gotpl#L1-L25


The lb role will now have the following structure

```
  loadBalancers:
    roles:
      - name: example-role
        protocol: tcp
        port: 6443
        targetPort: 6443
        targetPools:
          - htz-kube-nodes
        # added
        settings:
          proxyProtocol: off (default will be on)
          stickySession: on. (default will be off)
```

---------

Co-authored-by: CI/CD pipeline <CI/CD-pipeline@users.noreply.github.com>

Author: Despire

docs/input-manifest/api-reference.md

@@ -49,7 +49,7 @@ needs to be defined.
   | `hetznerdns`   | [Hetzner](#hetznerdns) DNS provider type    |
   | `oci`          | [OCI](#oci) provider type                   |
   | `genesiscloud` | [GenesisCloud](#genesiscloud) provider type |
-  
+
 - `secretRef` [SecretRef](#secretref)
 
   Represents a Secret Reference. It has enough information to retrieve secret in any namespace.
@@ -59,7 +59,7 @@ Support for more cloud providers is in the [roadmap](https://github.com/berops/c
 !!! note "For static nodepools a provider is not needed, refer to the [static section](#static) for more detailed information."
 
 ## SecretRef
-  
+
   SecretReference represents a Kubernetes Secret Reference. It has enough information to retrieve secret in any namespace.
 
 - `name`
@@ -158,11 +158,11 @@ To find out how to configure OCI provider and service account, follow the instru
   Fingerprint of the user-supplied private key.
 
 - `tenancyocid`
-  
+
   OCID of the tenancy where `privateKey` is added as an API key
 
 - `userocid`
-  
+
   OCID of the user in the supplied tenancy
 
 - `compartmentocid`
@@ -202,15 +202,15 @@ To find out how to configure Azure provider and service account, follow the inst
   Subscription ID of your subscription in Azure.
 
 - `tenantid`
-  
+
   Tenant ID of your tenancy in Azure.
 
 - `clientid`
 
   Client ID of your client. The Claudie is design to use a service principal with appropriate permissions.
 
 - `clientsecret`
-  
+
   Client secret generated for your client.
 
 - `templates`
@@ -225,7 +225,7 @@ Collection of static and dynamic nodepool specification, to be referenced in the
 - `dynamic` [Dynamic](#dynamic)
 
   List of dynamically to-be-created nodepools of not yet existing machines, used for Kubernetes or loadbalancer clusters.
-  
+
   These are only blueprints, and will only be created per reference in `kubernetes` or `loadBalancer` clusters. E.g. if the nodepool isn't used, it won't even be created. Or if the same nodepool is used in two different clusters, it will be created twice.
 In OOP analogy, a dynamic nodepool would be a class that would get instantiated `N >= 0` times depending on which clusters reference it.
 
@@ -243,29 +243,29 @@ Dynamic nodepools are defined for cloud provider machines that Claudie is expect
 
 - `provideSpec` [Provider spec](#provider-spec)
 
-  Collection of provider data to be used while creating the nodepool.  
+  Collection of provider data to be used while creating the nodepool.
 
 - `count`
 
   Number of the nodes in the nodepool. Maximum value of 255.  Mutually exclusive with `autoscaler`.
 
 - `serverType`
-  
+
   Type of the machines in the nodepool.
-  
+
   Currently, only AMD64 machines are supported.
 
 - `machineSpec`
 
   Further describes the selected server type, if available by the cloud provider.
-  
+
   - `cpuCount`: specifies the number of cpu to be used by the `serverType`
   - `memory`: specifies the memory in GB to be used by the `serverType`
 
 - `image`
 
   OS image of the machine.
-  
+
   Currently, only Ubuntu 22.04 AMD64 images are supported.
 
 - `storageDiskSize`
@@ -277,13 +277,13 @@ Dynamic nodepools are defined for cloud provider machines that Claudie is expect
   The default value for this field is `50`, with a minimum value also set to `50`. This value is only applicable to compute nodes. If the disk size is set to `0`, no storage disk will be created for any nodes in the particular node pool.
 
 - `autoscaler` [Autoscaler Configuration](#autoscaler-configuration)
-  
+
   Autoscaler configuration for this nodepool. Mutually exclusive with `count`.
 
 - `labels`
 
   Map of user defined labels, which will be applied on every node in the node pool. This field is optional.
-  
+
   To see the default labels Claudie applies on each node, refer to [this section](#default-labels).
 
 - `annotations`
@@ -319,7 +319,7 @@ Provider spec is an additional specification built on top of the data from any o
 Autoscaler configuration on per nodepool basis. Defines the number of nodes, autoscaler will scale up or down specific nodepool.
 
 - `min`
-  
+
   Minimum number of nodes in nodepool.
 
 - `max`
@@ -343,7 +343,7 @@ Static nodepools are defined for static machines which Claudie will not manage.
 - `labels`
 
   Map of user defined labels, which will be applied on every node in the node pool. This field is optional.
-  
+
   To see the default labels Claudie applies on each node, refer to [this section](#default-labels).
 
 - `annotations`
@@ -376,7 +376,7 @@ Static node defines single static node from a static nodepool.
   Secret from which private key will be taken used to SSH into the machine (as root or as a user specificed in the username attribute).
 
   The field in the secret must be `privatekey`, i.e.
-  
+
   ```yaml
   apiVersion: v1
   type: Opaque
@@ -426,7 +426,7 @@ Collection of data used to define a Kubernetes cluster.
 Defines loadbalancer clusters.
 
 - `roles` [Role](#role)
-  
+
   List of roles loadbalancers use to forward the traffic. Single role can be used in multiple loadbalancer clusters.
 
 - `clusters` [Cluster-lb](#cluster-lb)
@@ -461,6 +461,17 @@ Role defines a concrete loadbalancer configuration. Single loadbalancer can have
 - `targetPools`
   Defines from which nodepools, nodes will be targeted by the Load Balancer
 
+- `settings`
+   Optional settings that can be configured for a role
+
+    - `proxyProtocol`: Default value: `true`
+
+        Specifies whether to enable the proxy protocol. The Proxy protocol forwards connection information from the client, such as the IP address, to the target pools. The application to which the traffic is forwarded must support the proxy protocol.
+
+    - `stickySessions`: Default value: `false`
+
+        Specifies whether incoming traffic should be sent to the same node each time, rather than load balancing between available nodes. A hash of the IP is used to determine which node the traffic is routed to. <br>
+
 ## Cluster-lb
 
 Collection of data used to define a loadbalancer cluster.
@@ -470,13 +481,13 @@ Collection of data used to define a loadbalancer cluster.
   Name of the loadbalancer. The name is limited by 28 characters.
 
 - `roles`
-  
+
   List of roles the loadbalancer uses.
 
 - `dns` [DNS](#dns)
-  
+
   Specification of the loadbalancer's DNS record.
-  
+
 - `targetedK8s`
 
   Name of the Kubernetes cluster targetted by this loadbalancer.
@@ -500,7 +511,7 @@ Collection of data Claudie uses to create a DNS record for the loadbalancer.
   Name of [provider](#providers) to be used for creating an A record entry in defined DNS zone.
 
 - `hostname`
-  
+
   Custom hostname for your A record. If left empty, the hostname will be a random hash.
 
 ### Default labels

docs/input-manifest/example.md

@@ -379,6 +379,9 @@ spec:
   #     port:         # Port, where traffic will be coming.
   #     targetPort:   # Port, where loadbalancer will forward traffic to.
   #     targetPools:  # Targeted nodes on kubernetes cluster. Specify a nodepool that is used in the targeted K8s cluster.
+  #     settings:     # Optional settings that further configures the role.
+  #       proxyProtocol:    # Turns on the proxy protocol, can be true, false. Default is true.
+  #       stickySessions:   # Turn on sticky sessions that will hash the source ip to always choose the same node to which the traffic will be forwarded to. Can be true, false. Default is false.
   #
   # Definition specification for loadbalancer:
   #
@@ -401,10 +404,19 @@ spec:
         targetPort: 6443
         targetPools:
             - control-htz # make sure that this nodepools is acutally used by the targeted `dev-cluster` cluster.
+      - name: https
+        protocol: tcp
+        port: 443
+        targetPort: 30143 # make sure there is a NodePort service.
+        targetPools:
+            - compute-htz # make sure that this nodepools is acutally used by the targeted `dev-cluster` cluster.
+        settings:
+          proxyProtocol: true
     clusters:
       - name: apiserver-lb-dev
         roles:
           - apiserver
+          - https
         dns:
           dnsZone: dns-zone
           provider: hetznerdns-1

go.mod

@@ -1,6 +1,6 @@
 module github.com/berops/claudie
 
-go 1.23
+go 1.23.0
 
 require (
 	cloud.google.com/go/compute v1.29.0
@@ -30,17 +30,17 @@ require (
 	github.com/tidwall/sjson v1.2.5
 	go.mongodb.org/mongo-driver v1.17.1
 	golang.org/x/crypto v0.32.0
-	golang.org/x/exp v0.0.0-20240404231335-c0f41cb1a7a0
+	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56
 	golang.org/x/net v0.34.0
 	golang.org/x/sync v0.10.0
 	google.golang.org/api v0.203.0
 	google.golang.org/grpc v1.67.1
 	google.golang.org/protobuf v1.36.1
 	gopkg.in/yaml.v3 v3.0.1
-	k8s.io/api v0.31.3
-	k8s.io/apimachinery v0.31.3
+	k8s.io/api v0.32.2
+	k8s.io/apimachinery v0.32.2
 	k8s.io/autoscaler/cluster-autoscaler v0.0.0-20230523093230-982c82176cde
-	k8s.io/client-go v0.31.0
+	k8s.io/client-go v0.32.1
 	sigs.k8s.io/controller-runtime v0.19.3
 )
 
@@ -84,9 +84,9 @@ require (
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
 	github.com/go-git/go-billy/v5 v5.5.0 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
-	github.com/go-openapi/jsonpointer v0.19.6 // indirect
+	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
-	github.com/go-openapi/swag v0.22.4 // indirect
+	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/gofrs/flock v0.8.1 // indirect
@@ -97,12 +97,10 @@ require (
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad // indirect
 	github.com/google/s2a-go v0.1.8 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
 	github.com/googleapis/gax-go/v2 v2.13.0 // indirect
 	github.com/gorilla/mux v1.8.1 // indirect
-	github.com/imdario/mergo v0.3.15 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
@@ -113,11 +111,13 @@ require (
 	github.com/leodido/go-urn v1.4.0 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/montanaflynn/stats v0.7.1 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/onsi/ginkgo/v2 v2.22.1 // indirect
+	github.com/onsi/gomega v1.36.2 // indirect
 	github.com/pjbgf/sha1cd v0.3.0 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	github.com/pkg/errors v0.9.1 // indirect
@@ -129,7 +129,7 @@ require (
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/skeema/knownhosts v1.2.2 // indirect
 	github.com/sony/gobreaker v0.5.0 // indirect
-	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/spf13/pflag v1.0.6 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.0 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
@@ -149,20 +149,20 @@ require (
 	golang.org/x/term v0.28.0 // indirect
 	golang.org/x/text v0.21.0 // indirect
 	golang.org/x/time v0.7.0 // indirect
-	golang.org/x/tools v0.28.0 // indirect
+	golang.org/x/tools v0.29.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/genproto v0.0.0-20241015192408-796eee8c2d53 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20241007155032-5fefd90f89a9 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53 // indirect
+	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
-	gopkg.in/yaml.v2 v2.4.0 // indirect
-	k8s.io/apiextensions-apiserver v0.31.0 // indirect
+	k8s.io/apiextensions-apiserver v0.32.1 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
-	k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect
-	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect
+	k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 // indirect
+	sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.2 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect
 )