Readme

README.md

@@ -25,6 +25,54 @@ Supported architectures: amd64, arm64
 
 Could be described as one-shot scheduling.
 
+### Networking
+
+Static routes between hosts, maintained by a systemd unit file.
+All containers attached to the default `podman` network which we modify.
+
+### DNS
+
+Dns is coredns with fanout between all nodes along with serving from file.
+
+Hosts are maintained via a CNI plugin that adds/removes the ip to the hosts file.
+
+Pods get a hostname of `<labels.app>.<metadata.namespace>.cluster.skate.`
+
+### Ingress
+
+Nginx container listening on port 80 and 443
+
+Use an Ingress resource to enable.
+
+
+```yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: foo-external
+spec:
+  rules:
+    - host: foo.example.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: foo
+                port:
+                  number: 80
+```
+
+Service resources are ignored and it's implicit that a pod has a service with url: `<labels.name>.<metadata.namespace>.cluster.skate`
+
+Plan:
+- Nginx container mounts /etc/skate/ingress.conf
+- nginx reloads on file change
+- skatelet updates the file on ingress resource change
+- use letsencrypt and http verification
+
+
 ## Registering nodes
 
 ```shell
@@ -91,11 +139,3 @@ sudo apt-get install -y gcc make libssl-dev pkg-config
     - [x] container dns
     - [ ] ingress
     - [ ] modded fanout to wait for all and round robin all
-
-### Networking
-
-Dns is coredns with fanout between all nodes along with serving from file.
-
-Hosts are maintained via a CNI plugin that adds/removes the ip to the hosts file.
-
-Good enough.

hack/test-deployment.yaml

@@ -7,8 +7,7 @@ metadata:
   labels:
     app: nginx
 spec:
-  replicas: 1
-
+  replicas: 3
   selector:
     matchLabels:
       app: nginx

manifests/coredns.yaml

@@ -19,12 +19,12 @@ spec:
       volumes:
       - name: cni
         hostPath:
-          path: /var/lib/skatelet/cni/podman
+          path: /var/lib/skate/cni/podman
       containers:
       - name: coredns
         image: ghcr.io/skateco/coredns
         volumeMounts:
-        - mountPath: /var/lib/skatelet/cni/podman
+        - mountPath: /var/lib/skate/cni/podman
           name: cni
         env:
         - name: CORE_FILE
@@ -33,7 +33,7 @@ spec:
             
                 bind lo 0.0.0.0
             
-                hosts /var/lib/skatelet/cni/podman/addnhosts
+                hosts /var/lib/skate/cni/podman/addnhosts
             }
             
             cluster.skate:53 {

manifests/ingress.yaml

@@ -0,0 +1,28 @@
+---
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: nginx
+  namespace: skate
+  labels:
+    app: nginx
+spec:
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      hostNetwork: true
+      volumes:
+      - name: cni
+        hostPath:
+          path: /var/lib/skate/ingress
+      containers:
+      - name: coredns
+        image: ghcr.io/skateco/coredns
+        volumeMounts:
+        - mountPath: /var/lib/skate/ingress
+          name: ingress

src/skate.rs

@@ -104,9 +104,9 @@ impl SupportedResources {
     // whether there's host network set
     pub fn host_network(&self) -> bool {
         match self {
-            SupportedResources::Pod(p) => p.clone().spec.unwrap().host_network.unwrap(),
-            SupportedResources::Deployment(d) => d.clone().spec.unwrap().template.spec.unwrap().host_network.unwrap(),
-            SupportedResources::DaemonSet(d) => d.clone().spec.unwrap().template.spec.unwrap().host_network.unwrap(),
+            SupportedResources::Pod(p) => p.clone().spec.unwrap_or_default().host_network.unwrap_or_default(),
+            SupportedResources::Deployment(d) => d.clone().spec.unwrap_or_default().template.spec.unwrap_or_default().host_network.unwrap_or_default(),
+            SupportedResources::DaemonSet(d) => d.clone().spec.unwrap_or_default().template.spec.unwrap_or_default().host_network.unwrap_or_default(),
         }
     }
     fn fixup_metadata(meta: ObjectMeta, extra_labels: Option<HashMap<String, String>>) -> Result<ObjectMeta, Box<dyn Error>> {

src/skatelet/cni.rs

@@ -18,7 +18,7 @@ use crate::skate::exec_cmd;
 
 
 fn conf_path_str() -> String {
-    "/var/lib/skatelet/cni".to_string()
+    "/var/lib/skate/cni".to_string()
 }
 
 fn lock<T>(network_name: &str, cb: &dyn Fn() -> Result<T, Box<dyn Error>>) -> Result<T, Box<dyn Error>> {

src/skatelet/skatelet.rs

@@ -5,7 +5,7 @@ use crate::skatelet::apply::{ApplyArgs, remove, RemoveArgs};
 use crate::skatelet::cni::cni;
 use crate::skatelet::system::{system, SystemArgs};
 
-pub const VAR_PATH: &str = "/var/lib/skatelet";
+pub const VAR_PATH: &str = "/var/lib/skate";
 
 #[derive(Debug, Parser)]
 #[command(name = "skatelet")]