Adding CoreDNS rewrite #39
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -13,13 +13,11 @@ | |||||
| private readonly IDockerEngine _docker; | ||||||
| private readonly Func<string, IKubernetesClient> _client; | ||||||
| private readonly IConsole _console; | ||||||
|
|
||||||
| private static readonly string NginxConf = Path.Combine("vega.conf"); | ||||||
|
|
||||||
| private readonly IKindClient _kind; | ||||||
|
|
||||||
| // ReverseProxyHostPort is 443 by default, unless REVERSE_PROXY_HOST_PORT is set as an env var | ||||||
| private int ReverseProxyHostPort = GetEnvironmentVariableAsInt("REVERSE_PROXY_HOST_PORT", 443); | ||||||
|
|
||||||
|
|
@@ -62,7 +60,7 @@ | |||||
| if (tuple is { isVdk: true, master: not null } && tuple.master.HttpsHostPort.HasValue) | ||||||
| { | ||||||
| _console.WriteLine($" - Adding cluster {tuple.name} to reverse proxy configuration"); | ||||||
| UpsertCluster(tuple.name, tuple.master.HttpsHostPort.Value, tuple.master.HttpHostPort.Value, false); | ||||||
| } | ||||||
| }); | ||||||
| } | ||||||
|
|
@@ -105,7 +103,7 @@ | |||||
| return true; | ||||||
| } | ||||||
|
|
||||||
| return false; | ||||||
| } | ||||||
|
|
||||||
| private void InitConfFile(FileInfo conf) | ||||||
|
|
@@ -147,6 +145,15 @@ | |||||
| } | ||||||
|
|
||||||
| public void UpsertCluster(string clusterName, int targetPortHttps, int targetPortHttp, bool reload = true) | ||||||
| { | ||||||
| PatchNginxConfig(clusterName, targetPortHttps); | ||||||
| if (CreateTlsSecret(clusterName)) return; | ||||||
| PatchCoreDns(clusterName); | ||||||
| if (reload) | ||||||
| ReloadConfigs(); | ||||||
| } | ||||||
|
|
||||||
| private void PatchNginxConfig(string clusterName, int targetPortHttps) | ||||||
| { | ||||||
| // create a new server block in the nginx conf pointing to the target port listening on the https://clusterName.dev-k8s.cloud domain | ||||||
| // reload the nginx configuration | ||||||
|
|
@@ -179,7 +186,112 @@ | |||||
| _console.WriteWarning($"Error clearing cluster configuration ({NginxConf}): {e.Message}"); | ||||||
| _console.WriteWarning("Please check the configuration and try again."); | ||||||
| } | ||||||
| } | ||||||
|
|
||||||
| private bool PatchCoreDns(string clusterName) | ||||||
| { | ||||||
| // let's wait for and find the ingress controller service. | ||||||
| V1Service? ingressService = null; | ||||||
| var attempts = 0; | ||||||
| do | ||||||
| { | ||||||
| // check up to 10 times , waiting 5 seconds each time | ||||||
| ingressService = _client(clusterName).Get<V1Service>("ingress-nginx-controller", "ingress-nginx"); | ||||||
| if (ingressService == null) | ||||||
| { | ||||||
| _console.WriteLine("Waiting for ingress-nginx-controller service to be available..."); | ||||||
| Thread.Sleep(5000); | ||||||
|
There was a problem hiding this comment. Using Thread.Sleep will block the thread and can significantly slow down both production execution and unit tests. Consider injecting a delay provider or reducing/removing the sleep for better performance and testability.
Suggested change
|
||||||
| attempts++; | ||||||
| } | ||||||
| else | ||||||
| { | ||||||
| _console.WriteLine("Ingress-nginx-controller service found."); | ||||||
| break; | ||||||
| } | ||||||
| } | ||||||
| while (ingressService == null && attempts < 6); | ||||||
| if (ingressService == null) | ||||||
| { | ||||||
| _console.WriteError("Ingress-nginx-controller service not found. Please check the configuration and try again."); | ||||||
| return false; | ||||||
| } | ||||||
| var rewriteString = $" rewrite name {clusterName}.dev-k8s.cloud {ingressService.Name()}.{ingressService.Namespace()}.svc.cluster.local"; | ||||||
| // now read the CoreDNS configmap and add the clusterName.dev-k8s.cloud entry to it | ||||||
| var corednsConfigMap = _client(clusterName).Get<V1ConfigMap>("coredns", "kube-system"); | ||||||
| if (corednsConfigMap == null) | ||||||
| { | ||||||
| _console.WriteError("CoreDNS configmap not found. Please check the configuration and try again."); | ||||||
| return false; | ||||||
| } | ||||||
| _console.WriteLine("Patching CoreDNS configmap with new cluster entry."); | ||||||
| var corednsData = corednsConfigMap.Data; | ||||||
| if (corednsData == null) | ||||||
| { | ||||||
| corednsData = new Dictionary<string, string>(); | ||||||
| } | ||||||
| // extract the corefile from the configmap data | ||||||
| if (!corednsData.TryGetValue("Corefile", out var corefile)) | ||||||
| { | ||||||
| _console.WriteError("CoreDNS Corefile not found in configmap. Please check the configuration and try again."); | ||||||
| return false; | ||||||
| } | ||||||
| // add the clusterName.dev-k8s.cloud rewrite entry to the Corefile after the kubernetes block | ||||||
| // if the line already exists, do not add it again | ||||||
| if (corefile.Contains(rewriteString)) | ||||||
| { | ||||||
| _console.WriteLine("CoreDNS Corefile already contains the rewrite entry for the cluster. No changes made."); | ||||||
| return true; | ||||||
| } | ||||||
| var lines = corefile.Split([Environment.NewLine], StringSplitOptions.RemoveEmptyEntries).ToList(); | ||||||
|
|
||||||
| var kubernetesBlockIndex = lines.FindIndex(line => line.Trim().StartsWith("kubernetes")); | ||||||
|
|
||||||
| if (kubernetesBlockIndex == -1) | ||||||
| { | ||||||
| _console.WriteError("CoreDNS Corefile does not contain a kubernetes block. Please check the configuration and try again."); | ||||||
| return false; | ||||||
| } | ||||||
|
|
||||||
| // insert the new entry after the kubernetes block by searching for the closing brace then inserting it | ||||||
|
|
||||||
| var closingBraceIndex = lines.FindIndex(kubernetesBlockIndex, line => line.Trim() == "}"); | ||||||
| if (closingBraceIndex == -1) | ||||||
| { | ||||||
| _console.WriteError("CoreDNS Corefile does not contain a closing brace for the kubernetes block. Please check the configuration and try again."); | ||||||
| return false; | ||||||
| } | ||||||
| lines.Insert(closingBraceIndex, rewriteString); | ||||||
|
|
||||||
| // join the lines back into a single string | ||||||
| var updatedCorefile = string.Join(Environment.NewLine, lines); | ||||||
|
|
||||||
| // update the configmap data with the new Corefile | ||||||
| corednsData["Corefile"] = updatedCorefile; | ||||||
|
|
||||||
| // update the configmap | ||||||
| corednsConfigMap.Data = corednsData; | ||||||
| _client(clusterName).Update(corednsConfigMap); | ||||||
| _console.WriteLine("CoreDNS configmap updated successfully."); | ||||||
|
|
||||||
| // restart the coredns | ||||||
| _console.WriteLine("Restarting CoreDNS pods to apply changes."); | ||||||
| var corednsPods = _client(clusterName).List<V1Pod>("kube-system", labelSelector: "k8s-app=kube-dns"); | ||||||
| if (!corednsPods.Any()) | ||||||
| { | ||||||
| _console.WriteError("No CoreDNS pods found. Please check the configuration and try again."); | ||||||
| return false; | ||||||
| } | ||||||
| foreach (var pod in corednsPods) | ||||||
| { | ||||||
| _console.WriteLine($"Deleting CoreDNS pod {pod.Name()} to apply changes."); | ||||||
| _client(clusterName).Delete(pod); | ||||||
| } | ||||||
| _console.WriteLine("CoreDNS pods deleted successfully. They will be recreated automatically."); | ||||||
| return true; | ||||||
| } | ||||||
|
|
||||||
| private bool CreateTlsSecret(string clusterName) | ||||||
| { | ||||||
| // wait until the namespace vega exists before proceeding with the secrets creation | ||||||
| bool nsVegaExists = false; | ||||||
| int nTimesWaiting = 0; | ||||||
|
|
@@ -204,7 +316,7 @@ | |||||
| if (nTimesWaiting >= maxTimesWaiting) | ||||||
| { | ||||||
| _console.WriteError("Namespace 'vega-system' does not exist after waiting. Please check the configuration and try again."); | ||||||
| return true; | ||||||
| } | ||||||
|
|
||||||
| // write the cert secret to the cluster | ||||||
|
|
@@ -229,8 +341,7 @@ | |||||
| } | ||||||
| _console.WriteLine("Creating vega-system secret"); | ||||||
| _client(clusterName).Create(tls); | ||||||
| return false; | ||||||
| } | ||||||
|
|
||||||
| private void ReloadConfigs() | ||||||
|
|
@@ -306,7 +417,7 @@ | |||||
|
|
||||||
| private static int GetEnvironmentVariableAsInt(string variableName, int defaultValue = 0) | ||||||
| { | ||||||
| string strValue = Environment.GetEnvironmentVariable(variableName); | ||||||
| if (strValue != null && int.TryParse(strValue, out int intValue)) | ||||||
| { | ||||||
| return intValue; | ||||||
|
|
||||||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The parameter 'targetPortHttp' is not used within UpsertCluster. Consider removing it or adding logic to use it for HTTP traffic.