From f539a521bef2c5952c29b2c0efabca46f65ab0ab Mon Sep 17 00:00:00 2001 From: Donal Byrne Date: Mon, 15 Jul 2024 15:09:43 +0200 Subject: [PATCH] Readme --- README.md | 56 +++++++++++++++++++++++++++++++++------ hack/test-deployment.yaml | 3 +-- manifests/coredns.yaml | 6 ++--- manifests/ingress.yaml | 28 ++++++++++++++++++++ src/skate.rs | 6 ++--- src/skatelet/cni.rs | 2 +- src/skatelet/skatelet.rs | 2 +- 7 files changed, 85 insertions(+), 18 deletions(-) create mode 100644 manifests/ingress.yaml diff --git a/README.md b/README.md index 0a1ab52..3f88a47 100644 --- a/README.md +++ b/README.md @@ -25,6 +25,54 @@ Supported architectures: amd64, arm64 Could be described as one-shot scheduling. +### Networking + +Static routes between hosts, maintained by a systemd unit file. +All containers attached to the default `podman` network which we modify. + +### DNS + +Dns is coredns with fanout between all nodes along with serving from file. + +Hosts are maintained via a CNI plugin that adds/removes the ip to the hosts file. + +Pods get a hostname of `..cluster.skate.` + +### Ingress + +Nginx container listening on port 80 and 443 + +Use an Ingress resource to enable. + + +```yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: foo-external +spec: + rules: + - host: foo.example.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: foo + port: + number: 80 +``` + +Service resources are ignored and it's implicit that a pod has a service with url: `..cluster.skate` + +Plan: +- Nginx container mounts /etc/skate/ingress.conf +- nginx reloads on file change +- skatelet updates the file on ingress resource change +- use letsencrypt and http verification + + ## Registering nodes ```shell @@ -91,11 +139,3 @@ sudo apt-get install -y gcc make libssl-dev pkg-config - [x] container dns - [ ] ingress - [ ] modded fanout to wait for all and round robin all - -### Networking - -Dns is coredns with fanout between all nodes along with serving from file. - -Hosts are maintained via a CNI plugin that adds/removes the ip to the hosts file. - -Good enough. diff --git a/hack/test-deployment.yaml b/hack/test-deployment.yaml index 10a3beb..efa40cd 100644 --- a/hack/test-deployment.yaml +++ b/hack/test-deployment.yaml @@ -7,8 +7,7 @@ metadata: labels: app: nginx spec: - replicas: 1 - + replicas: 3 selector: matchLabels: app: nginx diff --git a/manifests/coredns.yaml b/manifests/coredns.yaml index bec8d39..9d79c97 100644 --- a/manifests/coredns.yaml +++ b/manifests/coredns.yaml @@ -19,12 +19,12 @@ spec: volumes: - name: cni hostPath: - path: /var/lib/skatelet/cni/podman + path: /var/lib/skate/cni/podman containers: - name: coredns image: ghcr.io/skateco/coredns volumeMounts: - - mountPath: /var/lib/skatelet/cni/podman + - mountPath: /var/lib/skate/cni/podman name: cni env: - name: CORE_FILE @@ -33,7 +33,7 @@ spec: bind lo 0.0.0.0 - hosts /var/lib/skatelet/cni/podman/addnhosts + hosts /var/lib/skate/cni/podman/addnhosts } cluster.skate:53 { diff --git a/manifests/ingress.yaml b/manifests/ingress.yaml new file mode 100644 index 0000000..76c1392 --- /dev/null +++ b/manifests/ingress.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: nginx + namespace: skate + labels: + app: nginx +spec: + selector: + matchLabels: + app: nginx + template: + metadata: + labels: + app: nginx + spec: + hostNetwork: true + volumes: + - name: cni + hostPath: + path: /var/lib/skate/ingress + containers: + - name: coredns + image: ghcr.io/skateco/coredns + volumeMounts: + - mountPath: /var/lib/skate/ingress + name: ingress diff --git a/src/skate.rs b/src/skate.rs index 1f0f4fb..f703901 100644 --- a/src/skate.rs +++ b/src/skate.rs @@ -104,9 +104,9 @@ impl SupportedResources { // whether there's host network set pub fn host_network(&self) -> bool { match self { - SupportedResources::Pod(p) => p.clone().spec.unwrap().host_network.unwrap(), - SupportedResources::Deployment(d) => d.clone().spec.unwrap().template.spec.unwrap().host_network.unwrap(), - SupportedResources::DaemonSet(d) => d.clone().spec.unwrap().template.spec.unwrap().host_network.unwrap(), + SupportedResources::Pod(p) => p.clone().spec.unwrap_or_default().host_network.unwrap_or_default(), + SupportedResources::Deployment(d) => d.clone().spec.unwrap_or_default().template.spec.unwrap_or_default().host_network.unwrap_or_default(), + SupportedResources::DaemonSet(d) => d.clone().spec.unwrap_or_default().template.spec.unwrap_or_default().host_network.unwrap_or_default(), } } fn fixup_metadata(meta: ObjectMeta, extra_labels: Option>) -> Result> { diff --git a/src/skatelet/cni.rs b/src/skatelet/cni.rs index a81a84e..f247efb 100644 --- a/src/skatelet/cni.rs +++ b/src/skatelet/cni.rs @@ -18,7 +18,7 @@ use crate::skate::exec_cmd; fn conf_path_str() -> String { - "/var/lib/skatelet/cni".to_string() + "/var/lib/skate/cni".to_string() } fn lock(network_name: &str, cb: &dyn Fn() -> Result>) -> Result> { diff --git a/src/skatelet/skatelet.rs b/src/skatelet/skatelet.rs index d63bf2f..9c8fede 100644 --- a/src/skatelet/skatelet.rs +++ b/src/skatelet/skatelet.rs @@ -5,7 +5,7 @@ use crate::skatelet::apply::{ApplyArgs, remove, RemoveArgs}; use crate::skatelet::cni::cni; use crate::skatelet::system::{system, SystemArgs}; -pub const VAR_PATH: &str = "/var/lib/skatelet"; +pub const VAR_PATH: &str = "/var/lib/skate"; #[derive(Debug, Parser)] #[command(name = "skatelet")]