130 lines
2.8 KiB
Smarty
130 lines
2.8 KiB
Smarty
#!/bin/sh
|
|
|
|
{{- $envAll := . }}
|
|
|
|
set -x
|
|
|
|
export MANIFEST_PATH=/host{{ .Values.anchor.kubelet.manifest_path }}/{{ .Values.service.name }}.yaml
|
|
export ETC_PATH=/host{{ .Values.coredns.host_etc_path }}
|
|
TOKEN_PATH=/var/run/secrets/kubernetes.io/serviceaccount/token
|
|
CA_CERT_PATH=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
|
|
|
copy_etc_files() {
|
|
mkdir -p $ETC_PATH/zones
|
|
cp /configmap/* /secret/* $ETC_PATH
|
|
create_corefile
|
|
}
|
|
|
|
create_corefile() {
|
|
cat <<EOCOREFILE > $ETC_PATH/Corefile
|
|
promenade {
|
|
file /etc/coredns/zones/promenade
|
|
loadbalance
|
|
errors stdout
|
|
log stdout
|
|
}
|
|
|
|
{{ .Values.coredns.cluster_domain }} {
|
|
kubernetes {
|
|
endpoint https://{{ .Values.network.kubernetes_netloc }}
|
|
tls /etc/coredns/coredns.pem /etc/coredns/coredns-key.pem /etc/coredns/cluster-ca.pem
|
|
}
|
|
loadbalance
|
|
cache {{ .Values.coredns.cache.ttl }}
|
|
errors stdout
|
|
log stdout
|
|
}
|
|
|
|
. {
|
|
{{- if .Values.coredns.upstream_nameservers }}
|
|
proxy . {{- range .Values.coredns.upstream_nameservers }} {{ . -}}{{- end }}
|
|
{{- end }}
|
|
errors stdout
|
|
log stdout
|
|
}
|
|
EOCOREFILE
|
|
}
|
|
|
|
create_manifest() {
|
|
mkdir -p $(dirname $MANIFEST_PATH)
|
|
# XXX liveness/readiness probes
|
|
cat <<EODOC > $MANIFEST_PATH
|
|
---
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: {{ .Values.service.name }}
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
{{ .Values.service.name }}-service: enabled
|
|
anchor-managed: enabled
|
|
spec:
|
|
hostNetwork: true
|
|
containers:
|
|
- name: coredns
|
|
image: {{ .Values.images.coredns }}
|
|
command:
|
|
- /coredns
|
|
- -conf
|
|
- /etc/coredns/Corefile
|
|
volumeMounts:
|
|
- name: etc
|
|
mountPath: /etc/coredns
|
|
volumes:
|
|
- name: etc
|
|
hostPath:
|
|
path: {{ .Values.coredns.host_etc_path }}
|
|
EODOC
|
|
}
|
|
|
|
update_managed_zones() {
|
|
{{- range .Values.coredns.zones }}
|
|
|
|
FILENAME="$ETC_PATH/zones/{{ .name }}"
|
|
NEXT_FILENAME="${FILENAME}-next"
|
|
SUCCESS=1
|
|
NOW=$(date +%s)
|
|
|
|
# Add Header
|
|
cat <<EOBIND > $NEXT_FILENAME
|
|
\$ORIGIN {{ .name }}.
|
|
{{ .name }}. IN SOA @ root $NOW 3h 15m 1w 1d
|
|
|
|
EOBIND
|
|
{{ range .services }}
|
|
# Don't accidentally log service account token
|
|
set +x
|
|
SERVICE_IPS=$(kubectl \
|
|
--server https://{{ $envAll.Values.network.kubernetes_netloc }} \
|
|
--certificate-authority $CA_CERT_PATH \
|
|
--token $(cat $TOKEN_PATH) \
|
|
-n {{ .service.namespace }} \
|
|
get ep {{ .service.name }} \
|
|
-o 'jsonpath={.subsets[*].addresses[*].ip}')
|
|
set -x
|
|
if [ "x$SERVICE_IPS" != "x" ]; then
|
|
for IP in $SERVICE_IPS; do
|
|
echo {{ .bind_name }} IN A $IP >> $NEXT_FILENAME
|
|
done
|
|
else
|
|
echo Failed to upate zone file for {{ .name }}
|
|
SUCCESS=0
|
|
fi
|
|
{{- end }}
|
|
|
|
if [ $SUCCESS = 1 ]; then
|
|
echo Replacing zone file $FILENAME
|
|
mv $NEXT_FILENAME $FILENAME
|
|
fi
|
|
{{- end }}
|
|
}
|
|
|
|
copy_etc_files
|
|
create_manifest
|
|
|
|
while true; do
|
|
update_managed_zones
|
|
|
|
sleep {{ .Values.anchor.period }}
|
|
done
|