Merge pull request #2910 from erikwilson/traefik-v2

Traefik v2 integration
pull/3018/head
Erik Wilson 2021-03-01 15:18:46 -07:00 committed by GitHub
commit 669d0c0e31
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 195 additions and 42 deletions

View File

@ -32,6 +32,9 @@ RUN if [ "$(go env GOARCH)" = "amd64" ]; then \
curl -sL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.30.0; \ curl -sL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.30.0; \
fi fi
ENV YQ_URL=https://github.com/mikefarah/yq/releases/download/3.4.1/yq_linux
RUN wget -O - ${YQ_URL}_$(go env GOARCH) > /usr/bin/yq && chmod +x /usr/bin/yq
ARG SELINUX=true ARG SELINUX=true
ENV SELINUX $SELINUX ENV SELINUX $SELINUX

View File

@ -1,29 +1,41 @@
apiVersion: helm.cattle.io/v1 apiVersion: helm.cattle.io/v1
kind: HelmChart kind: HelmChart
metadata:
name: traefik-crd
namespace: kube-system
spec:
chart: https://%{KUBERNETES_API}%/static/charts/traefik-crd-9.14.2.tgz
---
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata: metadata:
name: traefik name: traefik
namespace: kube-system namespace: kube-system
spec: spec:
chart: https://%{KUBERNETES_API}%/static/charts/traefik-1.81.0.tgz chart: https://%{KUBERNETES_API}%/static/charts/traefik-9.14.2.tgz
valuesContent: |- valuesContent: |-
rbac: rbac:
enabled: true enabled: true
ssl: ports:
enabled: true websecure:
metrics: tls:
prometheus: enabled: true
enabled: true podAnnotations:
kubernetes: prometheus.io/port: "8082"
ingressEndpoint: prometheus.io/scrape: "true"
useDefaultPublishedService: true providers:
kubernetesIngress:
publishedService:
enabled: true
priorityClassName: "system-cluster-critical" priorityClassName: "system-cluster-critical"
image: "rancher/library-traefik" image:
name: "rancher/library-traefik"
tolerations: tolerations:
- key: "CriticalAddonsOnly" - key: "CriticalAddonsOnly"
operator: "Exists" operator: "Exists"
- key: "node-role.kubernetes.io/control-plane" - key: "node-role.kubernetes.io/control-plane"
operator: "Exists" operator: "Exists"
effect: "NoSchedule" effect: "NoSchedule"
- key: "node-role.kubernetes.io/master" - key: "node-role.kubernetes.io/master"
operator: "Exists" operator: "Exists"
effect: "NoSchedule" effect: "NoSchedule"

View File

@ -310,7 +310,7 @@ func rolebindingsYaml() (*asset, error) {
return a, nil return a, nil
} }
var _traefikYaml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x9c\x92\xcf\x8a\xdb\x4c\x10\xc4\xef\x7a\x8a\x46\xb0\x47\x49\x9f\x6f\x1f\x73\xdb\x38\x86\x84\x80\xb3\xc4\x49\xae\xa1\x35\x2a\x5b\x83\x47\x33\xa2\xbb\x65\xa2\xfc\x79\xf7\x20\xad\xe3\x0d\x21\x81\x25\xba\xa9\xe7\x57\xd5\x35\xc5\xf0\x18\x3e\x42\x34\xe4\xe4\xa8\x47\x1c\x6a\xcf\x66\x11\x75\xc8\xcd\x65\x53\x9c\x43\xea\x1c\xbd\x42\x1c\xb6\x3d\x8b\x15\x03\x8c\x3b\x36\x76\x05\x51\xe2\x01\x8e\x4c\x18\xc7\x70\xbe\xfe\xeb\xc8\x1e\x8e\xce\x53\x8b\x4a\x67\x35\x0c\x85\x8e\xf0\x0b\xee\x17\x03\x47\xbd\xd9\xa8\xae\x69\xee\xbe\xbe\xf9\xf0\x62\xf7\x6e\xbf\x7b\xbf\x3b\x7c\xba\x7f\x78\xfd\xfd\xae\x51\x63\x0b\xbe\x59\x41\x6d\xae\xc6\xd5\xa6\xfe\x7f\x53\xff\x57\xdb\xe9\x4b\x41\x74\xe1\x38\x41\xb7\x39\x19\x92\x39\xfa\x56\x15\x44\x44\xd2\xf2\xba\x62\xf9\x90\xb8\x8d\xe8\x96\x60\x13\xd6\x99\x6a\xfc\xfb\xe1\x00\x93\xe0\xf5\x27\x30\x4a\x1e\x60\x3d\xa6\xdb\xe4\x4f\xa2\xe5\x7a\x92\x60\xb8\x51\x21\x9d\x04\xaa\xbb\xd4\x8d\x39\x24\x7b\x12\x4f\x8a\x97\x38\xf2\x14\xed\x61\x6a\x63\xd0\x1e\xdd\x01\x72\x09\x1e\xbf\xf8\x8d\x12\xb2\x04\x9b\xb7\x91\x55\xf7\x6b\xad\xe5\x63\x7b\x95\x8f\x93\x1a\xa4\xf2\x12\x2c\x78\x8e\xe5\x2a\x08\x03\x9f\x16\x48\x38\xf9\x1e\xd2\xc4\xd0\x0a\xcb\x5c\x5d\x3b\x7b\x84\x2c\x47\x08\x5b\xc8\xe9\x16\xb3\xa2\x33\x66\x47\xe5\xf6\xea\x76\xdf\x75\x39\xe9\xdb\x14\xe7\xf2\x96\x38\x8f\x8b\x2a\x8b\xa3\x72\xf7\x39\xa8\x69\xf9\x9b\x38\xe5\x0e\x95\xe4\x88\xfa\xa9\x87\xe5\xb9\xf8\x9c\x4c\x72\xac\xc6\xc8\x09\xcf\xf0\x23\xc2\xf1\x08\x6f\x8e\xca\x7d\x3e\xf8\x1e\xdd\x14\xf1\xdc\x65\x03\x2f\xb5\xfc\xfb\x96\x1f\x01\x00\x00\xff\xff\x8e\x38\x58\x4b\xf7\x02\x00\x00") var _traefikYaml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xb4\x91\x5d\x8b\xdb\x3c\x10\x85\xef\xfd\x2b\x06\xc3\x5e\xca\x7e\x77\x79\x2f\xb6\xba\x4b\x43\xa0\x4b\x21\x2d\x4d\xdb\xdb\x32\x96\x27\xb1\x88\x2c\x89\x99\x71\xda\xf4\xe3\xbf\x17\xe5\x6b\x53\x58\xd8\x52\x5a\xdf\x79\x34\xe7\x99\xc3\x39\x98\xfd\x47\x62\xf1\x29\x5a\x18\x28\x8c\x8d\x43\xd5\x40\x8d\x4f\xed\xee\xb6\xda\xfa\xd8\x5b\x78\x45\x61\x9c\x0f\xc8\x5a\x8d\xa4\xd8\xa3\xa2\xad\x00\x22\x8e\x64\x41\x19\x69\xed\xb7\xc6\x71\x7f\x9a\x49\x46\x47\x16\xb6\x53\x47\x46\xf6\xa2\x34\x56\x92\xc9\x15\x89\x2b\x10\x0b\x83\x6a\x16\xdb\xb6\x37\xdf\x5e\x7f\x78\xb9\x78\xb7\x5c\xbc\x5f\xac\x3e\xcd\xde\x3e\xfc\xb8\x69\x45\x51\xbd\x6b\x0f\x8b\xd2\x5e\xc1\xcd\x8b\xe6\xf6\xff\xe6\xae\xd1\xcd\xd7\xca\x18\x53\xfd\x25\xdf\xff\xce\xf3\x95\x5f\x80\x1d\x86\x89\x64\x9e\xa2\x52\x54\x0b\xdf\x4d\x05\x00\xc0\x1d\x1e\x4e\x94\x8f\x22\x76\x81\xfa\x62\x6c\xa2\xc3\x2c\x27\x56\x39\x3f\x7f\xa6\x4e\xc8\x4d\x4c\xe7\x01\x80\x06\x79\xfc\x79\x1a\xd0\xcf\x62\x4c\xc5\x5d\x8a\x97\xdd\xcc\x69\x24\x1d\x68\x92\x92\x55\x39\x62\xa1\xbe\xff\xef\xfe\xae\x7e\x72\x41\x1c\x63\x26\x0b\x75\xc1\x1e\x57\x32\xa7\x9d\xef\x89\x2f\xc8\x12\x1b\x47\x52\x92\x87\xb8\x61\x92\x2b\x5f\x79\xea\x82\x97\x81\xfa\x15\xf1\xce\x3b\x7a\xc6\x31\xfb\xc4\x5e\xf7\xf3\x80\x22\xcb\x43\x4f\xf5\xb1\x0e\xe3\xc2\x24\x4a\x6c\x1c\x7b\xf5\x0e\xc3\xd1\x8a\x1f\x71\x73\x61\x1e\x8b\xad\x19\xa3\x1b\x88\xdb\xe0\x3b\x46\xde\x9b\x53\x21\x47\x81\xa6\x40\x7c\x1d\x88\x81\x2d\xed\x2d\xd4\xf3\x13\x77\xd6\xf7\x29\xca\x9b\x18\xf6\xe7\x3c\x52\x2e\x8a\xc4\x16\xea\xc5\x17\x2f\x2a\xf5\x2f\xc2\x98\x7a\x32\x9c\x02\x35\x8f\x31\x94\xe0\x5c\x8a\xca\x29\x98\x1c\x30\xd2\x33\x2c\x00\x5a\xaf\xc9\x95\x26\x96\x69\xe5\x06\xea\xa7\x40\xbf\x77\x66\xc4\x12\xcb\x9f\xf1\x7f\x06\x00\x00\xff\xff\xd5\xb5\xd7\x89\xfc\x03\x00\x00")
func traefikYamlBytes() ([]byte, error) { func traefikYamlBytes() ([]byte, error) {
return bindataRead( return bindataRead(

View File

@ -8,6 +8,7 @@ import (
"io/ioutil" "io/ioutil"
net2 "net" net2 "net"
"os" "os"
"path"
"path/filepath" "path/filepath"
"strconv" "strconv"
"strings" "strings"
@ -206,7 +207,6 @@ func stageFiles(ctx context.Context, sc *Context, controlConfig *config.Control)
if err := static.Stage(dataDir); err != nil { if err := static.Stage(dataDir); err != nil {
return err return err
} }
dataDir = filepath.Join(controlConfig.DataDir, "manifests") dataDir = filepath.Join(controlConfig.DataDir, "manifests")
templateVars := map[string]string{ templateVars := map[string]string{
"%{CLUSTER_DNS}%": controlConfig.ClusterDNS.String(), "%{CLUSTER_DNS}%": controlConfig.ClusterDNS.String(),
@ -214,13 +214,35 @@ func stageFiles(ctx context.Context, sc *Context, controlConfig *config.Control)
"%{DEFAULT_LOCAL_STORAGE_PATH}%": controlConfig.DefaultLocalStoragePath, "%{DEFAULT_LOCAL_STORAGE_PATH}%": controlConfig.DefaultLocalStoragePath,
} }
if err := deploy.Stage(dataDir, templateVars, controlConfig.Skips); err != nil { skip := controlConfig.Skips
if !skip["traefik"] && isHelmChartTraefikV1(sc) {
logrus.Warn("Skipping Traefik v2 deployment due to existing Traefik v1 installation")
skip["traefik"] = true
}
if err := deploy.Stage(dataDir, templateVars, skip); err != nil {
return err return err
} }
return deploy.WatchFiles(ctx, sc.Apply, sc.K3s.K3s().V1().Addon(), controlConfig.Disables, dataDir) return deploy.WatchFiles(ctx, sc.Apply, sc.K3s.K3s().V1().Addon(), controlConfig.Disables, dataDir)
} }
// isHelmChartTraefikV1 checks for an existing HelmChart resource with spec.chart containing traefik-1,
// as deployed by the legacy chart (https://%{KUBERNETES_API}%/static/charts/traefik-1.81.0.tgz)
func isHelmChartTraefikV1(sc *Context) bool {
prefix := "traefik-1."
helmChart, err := sc.Helm.Helm().V1().HelmChart().Get(metav1.NamespaceSystem, "traefik", metav1.GetOptions{})
if err != nil {
logrus.WithError(err).Info("Failed to get existing traefik HelmChart")
return false
}
chart := path.Base(helmChart.Spec.Chart)
if strings.HasPrefix(chart, prefix) {
logrus.WithField("chart", chart).Info("Found existing traefik v1 HelmChart")
return true
}
return false
}
func HomeKubeConfig(write, rootless bool) (string, error) { func HomeKubeConfig(write, rootless bool) (string, error) {
if write { if write {
if os.Getuid() == 0 && !rootless { if os.Getuid() == 0 && !rootless {

File diff suppressed because one or more lines are too long

View File

@ -2,7 +2,7 @@ docker.io/rancher/coredns-coredns:1.8.0
docker.io/rancher/klipper-helm:v0.4.3 docker.io/rancher/klipper-helm:v0.4.3
docker.io/rancher/klipper-lb:v0.1.2 docker.io/rancher/klipper-lb:v0.1.2
docker.io/rancher/library-busybox:1.32.1 docker.io/rancher/library-busybox:1.32.1
docker.io/rancher/library-traefik:1.7.19 docker.io/rancher/library-traefik:2.4.2
docker.io/rancher/local-path-provisioner:v0.0.19 docker.io/rancher/local-path-provisioner:v0.0.19
docker.io/rancher/metrics-server:v0.3.6 docker.io/rancher/metrics-server:v0.3.6
docker.io/rancher/pause:3.1 docker.io/rancher/pause:3.1

View File

@ -0,0 +1,7 @@
apiVersion: ${api_version}
version: ${chart_version}
description: Installs the CRDs for ${name}.
name: ${name}-crd
type: application
annotations:
catalog.cattle.io/hidden: "true"

View File

@ -0,0 +1,2 @@
# ${name}-crd
A Rancher chart that installs the CRDs used by [${name}](https://github.com/rancher/dev-charts/tree/master/packages/${name}).

View File

@ -0,0 +1,14 @@
#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
# {{- \$found := dict -}}
${set_found_crd}
# {{- range .Capabilities.APIVersions -}}
# {{- if hasKey \$found (toString .) -}}
# {{- set \$found (toString .) true -}}
# {{- end -}}
# {{- end -}}
# {{- range \$_, \$exists := \$found -}}
# {{- if (eq \$exists false) -}}
# {{- required "Required CRDs are missing. Please install the ${name}-crd chart before installing this chart." "" -}}
# {{- end -}}
# {{- end -}}
#{{- end -}}

View File

@ -5,23 +5,93 @@ cd $(dirname $0)/..
. ./scripts/version.sh . ./scripts/version.sh
ROOT_VERSION=v0.8.1 ROOT_VERSION=v0.8.1
TRAEFIK_VERSION=1.81.0 TRAEFIK_VERSION=9.14.2 # appVersion: 2.4.2
CHARTS_DIR=build/static/charts CHARTS_DIR=build/static/charts
mkdir -p ${CHARTS_DIR} mkdir -p ${CHARTS_DIR}
curl --compressed -sfL https://github.com/k3s-io/k3s-root/releases/download/${ROOT_VERSION}/k3s-root-${ARCH}.tar | tar xf - curl --compressed -sfL https://github.com/k3s-io/k3s-root/releases/download/${ROOT_VERSION}/k3s-root-${ARCH}.tar | tar xf -
setup_tmp() {
TMP_DIR=$(mktemp -d --tmpdir=${CHARTS_DIR})
cleanup() {
code=$?
set +e
trap - EXIT
rm -rf ${TMP_DIR}
exit $code
}
trap cleanup INT EXIT
}
download_and_package_traefik () {
echo "Downloading Traefik Helm chart from ${TRAEFIK_URL}"
curl -sfL ${TRAEFIK_URL} -o ${TMP_DIR}/${TRAEFIK_FILE}
code=$?
if [ $code -ne 0 ]; then
echo "Error: Failed to download Traefik Helm chart!"
exit $code
fi
echo "Uncompress ${TMP_DIR}/${TRAEFIK_FILE}"
tar xf ${TMP_DIR}/${TRAEFIK_FILE} -C ${TMP_DIR}
echo "Prepare traefik CRD"
TRAEFIK_TMP_CHART=${TMP_DIR}/traefik
TRAEFIK_TMP_CRD=${TRAEFIK_TMP_CHART}-crd
# Collect information on chart
name=$(cat ${TRAEFIK_TMP_CHART}/Chart.yaml | yq r - 'name')
api_version=$(cat ${TRAEFIK_TMP_CHART}/Chart.yaml | yq r - 'apiVersion')
chart_version=$(cat ${TRAEFIK_TMP_CHART}/Chart.yaml | yq r - 'version')
# Collect information on CRDs
crd_apis=()
for crd_yaml in ${TRAEFIK_TMP_CHART}/crds/*; do
crd_group=$(yq r ${crd_yaml} 'spec.group')
crd_kind=$(yq r ${crd_yaml} 'spec.names.kind')
crd_version=$(yq r ${crd_yaml} 'spec.version')
if [[ -z "$crd_version" ]]; then
crd_version=$(yq r ${crd_yaml} 'spec.versions[0].name')
fi
crd_apis+=("${crd_group}/${crd_version}/${crd_kind}")
done
set_found_crd=$(
for crd in ${crd_apis[@]}; do
echo "# {{- set \$found \"${crd}\" false -}}"
done
)
# Copy base template and apply variables to the template
mkdir -p ${TRAEFIK_TMP_CRD}
cp -R ./scripts/chart-templates/crd-base/* ${TRAEFIK_TMP_CRD}
for template_file in $(find ${TRAEFIK_TMP_CRD} -type f); do
# Applies any environment variables currently set onto your template file
eval "echo \"$(sed 's/"/\\"/g' ${template_file})\"" > ${template_file}
done
# Move anything from ${f}/charts-crd/overlay-upstream to the main chart
cp -R ${TRAEFIK_TMP_CRD}/overlay-upstream/* ${TRAEFIK_TMP_CHART}
rm -rf ${TRAEFIK_TMP_CRD}/overlay-upstream
# Move CRDs from main chart to CRD chart
mkdir -p ${TRAEFIK_TMP_CRD}/templates
mv ${TRAEFIK_TMP_CHART}/crds/* ${TRAEFIK_TMP_CRD}/templates
rm -rf ${TRAEFIK_TMP_CHART}/crds
# Package charts
OPTS="--format gnu --sort=name --owner=0 --group=0 --numeric-owner"
GZIP=-n tar ${OPTS} --mtime='UTC 2021-01-01' -cz -f ${CHARTS_DIR}/${TRAEFIK_FILE} -C ${TMP_DIR} $(basename ${TRAEFIK_TMP_CHART})
GZIP=-n tar ${OPTS} --mtime='UTC 2021-01-01' -cz -f ${CHARTS_DIR}/${TRAEFIK_CRD_FILE} -C ${TMP_DIR} $(basename ${TRAEFIK_TMP_CRD})
}
TRAEFIK_FILE=traefik-${TRAEFIK_VERSION}.tgz TRAEFIK_FILE=traefik-${TRAEFIK_VERSION}.tgz
TRAEFIK_URL=https://charts.helm.sh/stable/packages/${TRAEFIK_FILE} TRAEFIK_CRD_FILE=traefik-crd-${TRAEFIK_VERSION}.tgz
TRAEFIK_URL=https://helm.traefik.io/traefik/${TRAEFIK_FILE}
echo "Downloading Traefik Helm chart from ${TRAEFIK_URL}" setup_tmp
curl -sfL ${TRAEFIK_URL} -o ${CHARTS_DIR}/${TRAEFIK_FILE} download_and_package_traefik
code=$?
if [ $code -ne 0 ]; then
echo "Error: Failed to download Traefik Helm chart!"
exit $code
fi
cp scripts/wg-add.sh bin/aux/ cp scripts/wg-add.sh bin/aux/