[liqoctl] set gateway server Service location in peer command

cmd/liqoctl/cmd/peer.go

@@ -22,6 +22,7 @@ import (
 	"github.com/spf13/cobra"
 	"k8s.io/apimachinery/pkg/util/runtime"
 
+	liqov1beta1 "github.com/liqotech/liqo/apis/core/v1beta1"
 	nwforge "github.com/liqotech/liqo/pkg/liqo-controller-manager/networking/forge"
 	"github.com/liqotech/liqo/pkg/liqoctl/completion"
 	"github.com/liqotech/liqo/pkg/liqoctl/factory"
@@ -90,8 +91,11 @@ func newPeerCommand(ctx context.Context, f *factory.Factory) *cobra.Command {
 
 	// Networking flags
 	cmd.Flags().BoolVar(&options.NetworkingDisabled, "networking-disabled", false, "Disable networking between the two clusters")
+	cmd.Flags().Var(options.ServerServiceLocation, "server-service-location",
+		fmt.Sprintf("Location of the service to expose the Gateway Server (%q or %q). Default: %q",
+			liqov1beta1.ConsumerRole, liqov1beta1.ProviderRole, nwforge.DefaultGwServerLocation))
 	cmd.Flags().Var(options.ServerServiceType, "server-service-type",
-		fmt.Sprintf("Service type of the Gateway Server service. Default: %s."+
+		fmt.Sprintf("Service type of the Gateway Server service. Default: %q."+
 			" Note: use ClusterIP only if you know what you are doing and you have a proper network configuration",
 			nwforge.DefaultGwServerServiceType))
 	cmd.Flags().Int32Var(&options.ServerServicePort, "server-service-port", nwforge.DefaultGwServerPort,
@@ -111,6 +115,7 @@ func newPeerCommand(ctx context.Context, f *factory.Factory) *cobra.Command {
 	cmd.Flags().IntVar(&options.MTU, "mtu", nwforge.DefaultMTU,
 		fmt.Sprintf("MTU of the Gateway server and client. Default: %d", nwforge.DefaultMTU))
 
+	runtime.Must(cmd.RegisterFlagCompletionFunc("server-service-location", completion.Enumeration(options.ServerServiceLocation.Allowed)))
 	runtime.Must(cmd.RegisterFlagCompletionFunc("server-service-type", completion.Enumeration(options.ServerServiceType.Allowed)))
 
 	// Authentication flags

docs/advanced/manual-peering.md

@@ -3,7 +3,6 @@
 In the [peer two clusters](../usage/peer.md) section of this documentation, we used the `liqoctl peer`, which automatically configure each single module of Liqo to create a peering between two clusters. However, in some cases where:
 
 - you want to configure Liqo peerings via a [declarative approach](./peering/peering-via-cr.md) via CRs.
-- it is required to configure the WireGuard gateway server on the cluster consumer (e.g. the nodes of the cluster provider are [behind a NAT or a physical load balancer](./nat.md))
 - The consumer needs to create multiple requests for resources (ResourceSlice) or you want to customize the way resources are distributed on virtual nodes
 
 you might need to configure each single module separatly, or to interact with a specific module to obtain the desired result.

docs/advanced/nat.md

@@ -9,12 +9,15 @@ This page describes how to configure Liqo in the above scenarios.
 
 ![The provider is behind a NAT](../_static/images/advanced/nat/provider-nat.svg)
 
-The `liqoctl peer` command configures the gateway server on the provider cluster.
+The `liqoctl peer` command by default configures the gateway server on the provider cluster.
 However, there may be cases where the provider cluster's nodes are not directly reachable, such as when they are behind a NAT, while the consumer cluster is directly accessible.
 For instance, in the image above, cluster 2 is behind a NAT and is therefore not directly reachable.
 
 This problem can be solved by swapping the roles of the gateways, hence configuring the client on the cluster provider and the server on the consumer.
-To do so, you need to use [manual peering](./manual-peering.md), setting the inter-cluster network up separately.
+To do so, you have two options:
+
+- run the `liqoctl peer` command with the `--server-service-location=Consumer` flag
+- perform a [manual peering](./manual-peering.md), setting the inter-cluster network up separately
 
 ![The gateway server has been on the consumer side](../_static/images/advanced/nat/consumer-nat.svg)
 

docs/usage/peer.md

@@ -36,7 +36,8 @@ To perform a peering without having access to both clusters, you need to manuall
 The peering command enables all 3 liqo modules and performs the following steps:
 
 1. **enables networking**.
-Exchanges network configurations and creates the two **gateways** (server in the provider, client in the consumer) to let the two clusters communicate over a secure tunnel.
+Exchanges network configurations and creates the two **gateways** (one server in a cluster and one client in the other) to let the two clusters communicate over a secure tunnel.
+By default the gateway server in placed in the provider, while the gateway client in the consumer, but you can configure it with the `--server-service-location` flag.
 2. **enables authentication**.
 Authenticates the consumer with the provider.
 In this step, the consumer obtains an `Identity` (*kubeconfig*) to replicate resources to the provider cluster.

pkg/liqo-controller-manager/networking/forge/gatewayserver.go

@@ -30,6 +30,7 @@ import (
 const (
 	DefaultGwServerType         = "networking.liqo.io/v1beta1/wggatewayservertemplates"
 	DefaultGwServerTemplateName = "wireguard-server"
+	DefaultGwServerLocation     = liqov1beta1.ProviderRole
 	DefaultGwServerServiceType  = corev1.ServiceTypeLoadBalancer
 	DefaultGwServerPort         = 51840
 	DefaultKeysDir              = "/etc/wireguard/keys"

pkg/liqoctl/peer/handler.go

@@ -20,6 +20,7 @@ import (
 
 	corev1 "k8s.io/api/core/v1"
 
+	liqov1beta1 "github.com/liqotech/liqo/apis/core/v1beta1"
 	nwforge "github.com/liqotech/liqo/pkg/liqo-controller-manager/networking/forge"
 	"github.com/liqotech/liqo/pkg/liqoctl/authenticate"
 	"github.com/liqotech/liqo/pkg/liqoctl/factory"
@@ -40,6 +41,7 @@ type Options struct {
 
 	// Networking options
 	NetworkingDisabled          bool
+	ServerServiceLocation       *argsutils.StringEnum
 	ServerServiceType           *argsutils.StringEnum
 	ServerServicePort           int32
 	ServerServiceNodePort       int32
@@ -65,6 +67,9 @@ type Options struct {
 func NewOptions(localFactory *factory.Factory) *Options {
 	return &Options{
 		LocalFactory: localFactory,
+		ServerServiceLocation: argsutils.NewEnum(
+			[]string{string(liqov1beta1.ConsumerRole), string(liqov1beta1.ProviderRole)},
+			string(nwforge.DefaultGwServerLocation)),
 		ServerServiceType: argsutils.NewEnum(
 			[]string{string(corev1.ServiceTypeLoadBalancer), string(corev1.ServiceTypeNodePort), string(corev1.ServiceTypeClusterIP)},
 			string(nwforge.DefaultGwServerServiceType)),
@@ -109,25 +114,34 @@ func (o *Options) RunPeer(ctx context.Context) error {
 }
 
 func ensureNetworking(ctx context.Context, o *Options) error {
+	localFactory := o.LocalFactory
+	remoteFactory := o.RemoteFactory
+
+	// Invert the local and remote factories if the server service position is Consumer.
+	if o.ServerServiceLocation.Value == string(liqov1beta1.ConsumerRole) {
+		localFactory = o.RemoteFactory
+		remoteFactory = o.LocalFactory
+	}
+
 	networkOptions := network.Options{
-		LocalFactory:  o.LocalFactory,
-		RemoteFactory: o.RemoteFactory,
+		LocalFactory:  localFactory,
+		RemoteFactory: remoteFactory,
 
 		Timeout:        o.Timeout,
 		Wait:           true,
 		SkipValidation: o.SkipValidation,
 
 		ServerGatewayType:           nwforge.DefaultGwServerType,
 		ServerTemplateName:          nwforge.DefaultGwServerTemplateName,
-		ServerTemplateNamespace:     o.RemoteFactory.LiqoNamespace,
+		ServerTemplateNamespace:     remoteFactory.LiqoNamespace,
 		ServerServiceType:           o.ServerServiceType,
 		ServerServicePort:           o.ServerServicePort,
 		ServerServiceNodePort:       o.ServerServiceNodePort,
 		ServerServiceLoadBalancerIP: o.ServerServiceLoadBalancerIP,
 
 		ClientGatewayType:       nwforge.DefaultGwClientType,
 		ClientTemplateName:      nwforge.DefaultGwClientTemplateName,
-		ClientTemplateNamespace: o.LocalFactory.LiqoNamespace,
+		ClientTemplateNamespace: localFactory.LiqoNamespace,
 		ClientConnectAddress:    o.ClientConnectAddress,
 		ClientConnectPort:       o.ClientConnectPort,