Merge pull request #4 from janeczku/dev

Merge Dev branch
janeczku · Oct 16, 2020 · 608c5ac · 608c5ac
2 parents cf61d7e + a1d1c2e
commit 608c5ac
Show file tree

Hide file tree

Showing 7 changed files with 48 additions and 42 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,24 +1,30 @@
 FROM alpine:3.12.0
 
-ENV ENTRYKIT_VERSION=0.4.0 \
-    ENTRYKIT_BASEURL=https://github.com/progrium/entrykit/releases/download \
-    KEEPALIVED_VERSION=2.0.20-r0
+ENV GOMPLATE_VERSION=v3.7.0 \
+    GOMPLATE_BASEURL=https://github.com/hairyhenderson/gomplate/releases/download \
+    DUMBINIT_VERSION=v1.2.2 \
+    DUMBINIT_BASEURL=https://github.com/Yelp/dumb-init/releases/download/ \
+    KEEPALIVED_VERSION=2.0.20-r0   
+ARG TARGETARCH
 
-RUN apk add --no-cache ca-certificates bash coreutils curl net-tools jq keepalived=${KEEPALIVED_VERSION} \
+# Install keepalived
+RUN apk add --no-cache file ca-certificates bash coreutils curl net-tools jq keepalived=${KEEPALIVED_VERSION} \
   && rm -f /etc/keepalived/keepalived.conf \
   && addgroup -S keepalived_script && adduser -D -S -G keepalived_script keepalived_script
 
-RUN curl -sL ${ENTRYKIT_BASEURL}/v${ENTRYKIT_VERSION}/entrykit_${ENTRYKIT_VERSION}_Linux_x86_64.tgz | tar zx \
-  && mv entrykit /bin/entrykit \
-  && chmod +x /bin/entrykit \
-  && entrykit --symlink
-
+# Install gomplate
+RUN curl -sL ${GOMPLATE_BASEURL}/${GOMPLATE_VERSION}/gomplate_linux-${TARGETARCH} --output /bin/gomplate \
+  && chmod +x /bin/gomplate
+
+# Install dumb-init
+RUN curl -sL ${DUMBINIT_BASEURL}/${DUMBINIT_VERSION}/dumb-init_1.2.2_${TARGETARCH} --output /bin/dumb-init \
+  && chmod +x /bin/dumb-init
+
 COPY keepalived.conf.tmpl /etc/keepalived/keepalived.conf.tmpl
 COPY vrrp_check.sh /opt/bin/vrrp_check.sh
 
-ENTRYPOINT [ \
-  "render", "/etc/keepalived/keepalived.conf", "--", \
-  "switch", \
-    "shell=/bin/sh", \
-    "debug=/usr/sbin/keepalived -l -D -n -f /etc/keepalived/keepalived.conf", "--", \
-  "/usr/sbin/keepalived", "-l", "-n", "-f", "/etc/keepalived/keepalived.conf" ]
+ENTRYPOINT ["/bin/dumb-init", "--", \
+            "/bin/gomplate", "-f", "/etc/keepalived/keepalived.conf.tmpl", "-o", "/etc/keepalived/keepalived.conf", "--" \
+]
+
+CMD [ "/usr/sbin/keepalived", "-l", "-n", "-f", "/etc/keepalived/keepalived.conf" ]
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
@@ -2,8 +2,8 @@ apiVersion: v1
 description: VRRP-based failover VIP for Kubernetes Ingress Controllers and API servers
 icon: https://raw.githubusercontent.com/janeczku/keepalived-ingress-vip/master/chart/icon.png
 name: keepalived-ingress-vip
-version: v0.1.5
-appVersion: v0.1.5
+version: v0.1.6
+appVersion: v0.1.6
 home: https://www.github.com/janeczku/keepalived-ingress-vip
 sources:
 - https://www.github.com/janeczku/keepalived-ingress-vip

diff --git a/chart/README.md b/chart/README.md
@@ -172,7 +172,7 @@ metadata:
   namespace: kube-system
 spec:
   chart: keepalived-ingress-vip
-  version: v0.1.5
+  version: v0.1.6
   repo: https://janeczku.github.io/helm-charts/
   targetNamespace: kube-system
   valuesContent: |-
@@ -217,7 +217,7 @@ The following table lists the configurable parameters of this chart and their de
 | `keepalived.checkKubeApiFailAfter`  | Number of failed K8s API health checks before reducing priority of the keepalived instance (VIP may then be moved to a higher priority instance) | `5` |
 | `kind`                              | The deployment resource to create for the Keepalived pods (one of 'Deployment' or 'Daemonset') | `Deployment`          |
 | `image.repository`                  | Image repository to pull from                                    | `janeczku/keepalived-ingress-vip`                   |
-| `image.tag`                         | Image tag to pull                                                | `v0.1.5`                                            |
+| `image.tag`                         | Image tag to pull                                                | `v0.1.6`                                            |
 | `image.pullPolicy`                  | Image pull policy                                                | `IfNotPresent`                                      |
 | `rbac.create`                       | Whether to create the required RBAC resources                    | `true`                                              |
 | `rbac.pspEnabled`                   | Whether to create the required PodSecurityPolicy                 | `false`                                             |

diff --git a/chart/templates/daemonset.yaml b/chart/templates/daemonset.yaml
@@ -41,7 +41,7 @@ spec:
         image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         {{- if .Values.keepalived.debug }}
-        args: ["debug"]
+        args: [ "/usr/sbin/keepalived", "-l", "-n", "-f", "/etc/keepalived/keepalived.conf", "-D" ]
         {{- end }}
         securityContext:
           capabilities:

diff --git a/chart/templates/deployment.yaml b/chart/templates/deployment.yaml
@@ -53,7 +53,7 @@ spec:
         image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         {{- if .Values.keepalived.debug }}
-        args: ["debug"]
+        args: [ "/usr/sbin/keepalived", "-l", "-n", "-f", "/etc/keepalived/keepalived.conf", "-D" ]
         {{- end }}
         securityContext:
           capabilities:

diff --git a/chart/values.yaml b/chart/values.yaml
@@ -1,6 +1,6 @@
 image:
   repository: janeczku/keepalived-ingress-vip
-  tag: v0.1.5
+  tag: v0.1.6
   pullPolicy: IfNotPresent
 
 keepalived:

diff --git a/keepalived.conf.tmpl b/keepalived.conf.tmpl
@@ -8,51 +8,51 @@ global_defs {
 vrrp_script chk_url{
   # Wrap in timeout as a workaround for https://github.com/acassen/keepalived/issues/1364
   # timeout must be lower than interval to prevent keepalived log spam (e.g. "process ... terminated with signal 15")
-  script "/bin/bash -c '/usr/bin/timeout $(echo {{ var "CHECK_SERVICE_INTERVAL" | default "2" }}*0.9|bc) /opt/bin/vrrp_check.sh URL_CHECK {{ var "CHECK_SERVICE_URL" | default "http://127.0.0.1:10254/healthz" }}'"
-  interval {{ var "CHECK_SERVICE_INTERVAL" | default "2" }}
-  fall {{ var "CHECK_SERVICE_FAILAFTER" | default "2" }}
+  script "/bin/bash -c '/usr/bin/timeout $(echo {{getenv "CHECK_SERVICE_INTERVAL" "2"}}*0.9|bc) /opt/bin/vrrp_check.sh URL_CHECK {{getenv "CHECK_SERVICE_URL" "http://127.0.0.1:10254/healthz"}}'"
+  interval {{env.Getenv "CHECK_SERVICE_INTERVAL" "2"}}
+  fall {{env.Getenv "CHECK_SERVICE_FAILAFTER" "2"}}
   rise 2
 }
 
 vrrp_script chk_kubelet {
-  script "/bin/bash -c '/usr/bin/timeout $(echo {{ var "CHECK_KUBELET_INTERVAL" | default "5" }}*0.9|bc) /opt/bin/vrrp_check.sh URL_CHECK {{ var "CHECK_KUBELET_URL" | default "http://127.0.0.1:10248/healthz" }}'"
-  interval {{ var "CHECK_KUBELET_INTERVAL" | default "5" }}
-  fall {{ var "CHECK_KUBELET_FAILAFTER" | default "5" }}
+  script "/bin/bash -c '/usr/bin/timeout $(echo {{getenv "CHECK_KUBELET_INTERVAL" "5"}}*0.9|bc) /opt/bin/vrrp_check.sh URL_CHECK {{getenv "CHECK_SERVICE_URL" "http://127.0.0.1:10248/healthz"}}'"
+  interval {{getenv "CHECK_KUBELET_INTERVAL" "5"}}
+  fall {{getenv "CHECK_KUBELET_FAILAFTER" "5"}}
   rise 2
 }
 
 vrrp_script chk_kubeapi {
-  script "/bin/bash -c '/usr/bin/timeout $(echo {{ var "CHECK_KUBEAPI_INTERVAL" | default "5" }}*0.9|bc) /opt/bin/vrrp_check.sh API_CHECK'"
-  interval {{ var "CHECK_KUBEAPI_INTERVAL" | default "5" }}
-  fall {{ var "CHECK_KUBEAPI_FAILAFTER" | default "5" }}
+  script "/bin/bash -c '/usr/bin/timeout $(echo {{getenv "CHECK_KUBEAPI_INTERVAL" "5"}}*0.9|bc) /opt/bin/vrrp_check.sh API_CHECK'"
+  interval {{getenv "CHECK_KUBEAPI_INTERVAL" "5"}}
+  fall {{getenv "CHECK_KUBEAPI_FAILAFTER" "5"}}
   rise 2
 }
 
 vrrp_instance CLUSTER_VIP {
-  interface {{ var "VRRP_IFACE" | default "eth0" }}
-  virtual_router_id {{ var "VIRTUAL_ROUTER_ID" | default "10" }}
+  interface {{getenv "VRRP_IFACE" "eth0"}}
+  virtual_router_id {{getenv "VIRTUAL_ROUTER_ID" "10"}}
   state BACKUP
-  {{ if eq (var "VRRP_NOPREEMPT" | lower) "true" }}
+  {{- if eq (getenv "VRRP_NOPREEMPT" | toLower) "true" }}
   nopreempt
-  {{else}}
+  {{- else }}
   preempt_delay 5
-  {{ end }}
+  {{- end }}
   priority 100
   advert_int 1
   virtual_ipaddress {
-    {{ var "VIP_ADDR_CIDR" }} dev {{ var "VIP_IFACE" | default "eth0" }}
+    {{ .Env.VIP_ADDR_CIDR }} dev {{getenv "VIP_IFACE" "eth0"}}
   }
   track_script {
     chk_url
-	{{ if eq (var "CHECK_KUBELET" | lower) "true" }}
+	{{- if eq (getenv "CHECK_KUBELET" "true" | toLower) "true" }}
     chk_kubelet
-	{{ end }}
-	{{ if eq (var "CHECK_KUBEAPI" | lower) "true" }}
+	{{- end }}
+	{{- if eq (getenv "CHECK_KUBEAPI" "true" | toLower) "true" }}
     chk_kubeapi weight -40
-	{{ end }}
+	{{- end }}
   }
   authentication {
     auth_type PASS
-    auth_pass {{ var "AUTH_PASSWORD" }}
+    auth_pass {{ .Env.AUTH_PASSWORD }}
   }
 }