Ingress: Improve port opening Update nginx replica counts and rollout strategy. What proxy-backend configmap changes and reload auto proxy nginx. Make ingress optional. Use <PREFIX>.<CLUSTER_NAME>.clusters.p.<DOMAIN> addresses for remote cluster services. Change-Id: Ideb146a8c0275822ee5cd28311c00a817f4202aa

commit: f55ab36eb75967020b08fa078dfad313cd2ee449 [log] [tgz]
author: gio <gio@v1.dodo.cloud> Fri Apr 11 17:48:17 2025 +0400
committer: gio <gio@v1.dodo.cloud> Wed Apr 16 16:57:09 2025 +0400
tree: 0608dac568a5a637ef34b917d3bc3204814b2966
parent: cbd8909ed7d8f3bdb17abd679173c137ec62169b [diff] [blame]
diff --git a/core/installer/cluster.go b/core/installer/cluster.go
index ac7d970..a51435f 100644
--- a/core/installer/cluster.go
+++ b/core/installer/cluster.go

@@ -2,8 +2,6 @@
 
 import (
 	"bytes"
-	"crypto/sha256"
-	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -152,12 +150,9 @@
 			return "", err
 		}
 		defer w.Close()
-		h := sha256.New()
-		o := io.MultiWriter(w, h)
-		if err := cfg.Render(o); err != nil {
+		if err := cfg.Render(w); err != nil {
 			return "", err
 		}
-		hash := base64.StdEncoding.EncodeToString(h.Sum(nil))
 		nginxPath := filepath.Join(filepath.Dir(c.ConfigPath), "ingress-nginx.yaml")
 		nginx, err := func() (map[string]any, error) {
 			r, err := fs.Reader(nginxPath)
@@ -178,15 +173,6 @@
 		if err != nil {
 			return "", err
 		}
-		cv := nginx["spec"].(map[string]any)["values"].(map[string]any)["controller"].(map[string]any)
-		var annotations map[string]any
-		if a, ok := cv["podAnnotations"]; ok {
-			annotations = a.(map[string]any)
-		} else {
-			annotations = map[string]any{}
-			cv["podAnnotations"] = annotations
-		}
-		annotations["dodo.cloud/hash"] = string(hash)
 		buf, err := yaml.Marshal(nginx)
 		if err != nil {
 			return "", err
@@ -229,12 +215,9 @@
 			return "", err
 		}
 		defer w.Close()
-		h := sha256.New()
-		o := io.MultiWriter(w, h)
-		if err := cfg.Render(o); err != nil {
+		if err := cfg.Render(w); err != nil {
 			return "", err
 		}
-		hash := base64.StdEncoding.EncodeToString(h.Sum(nil))
 		nginxPath := filepath.Join(filepath.Dir(c.ConfigPath), "ingress-nginx.yaml")
 		nginx, err := func() (map[string]any, error) {
 			r, err := fs.Reader(nginxPath)
@@ -255,15 +238,6 @@
 		if err != nil {
 			return "", err
 		}
-		cv := nginx["spec"].(map[string]any)["values"].(map[string]any)["controller"].(map[string]any)
-		var annotations map[string]any
-		if a, ok := cv["podAnnotations"]; ok {
-			annotations = a.(map[string]any)
-		} else {
-			annotations = map[string]any{}
-			cv["podAnnotations"] = annotations
-		}
-		annotations["dodo.cloud/hash"] = string(hash)
 		buf, err := yaml.Marshal(nginx)
 		if err != nil {
 			return "", err
@@ -346,12 +320,9 @@
 			return "", err
 		}
 		defer w.Close()
-		h := sha256.New()
-		o := io.MultiWriter(w, h)
-		if err := cfg.Render(o); err != nil {
+		if err := cfg.Render(w); err != nil {
 			return "", err
 		}
-		hash := base64.StdEncoding.EncodeToString(h.Sum(nil))
 		nginxPath := filepath.Join(filepath.Dir(c.ConfigPath), "ingress-nginx.yaml")
 		nginx, err := func() (map[string]any, error) {
 			r, err := fs.Reader(nginxPath)
@@ -372,15 +343,6 @@
 		if err != nil {
 			return "", err
 		}
-		cv := nginx["spec"].(map[string]any)["values"].(map[string]any)["controller"].(map[string]any)
-		var annotations map[string]any
-		if a, ok := cv["podAnnotations"]; ok {
-			annotations = a.(map[string]any)
-		} else {
-			annotations = map[string]any{}
-			cv["podAnnotations"] = annotations
-		}
-		annotations["dodo.cloud/hash"] = string(hash)
 		buf, err := yaml.Marshal(nginx)
 		if err != nil {
 			return "", err
@@ -420,12 +382,9 @@
 			return "", err
 		}
 		defer w.Close()
-		h := sha256.New()
-		o := io.MultiWriter(w, h)
-		if err := cfg.Render(o); err != nil {
+		if err := cfg.Render(w); err != nil {
 			return "", err
 		}
-		hash := base64.StdEncoding.EncodeToString(h.Sum(nil))
 		nginxPath := filepath.Join(filepath.Dir(c.ConfigPath), "ingress-nginx.yaml")
 		nginx, err := func() (map[string]any, error) {
 			r, err := fs.Reader(nginxPath)
@@ -446,15 +405,6 @@
 		if err != nil {
 			return "", err
 		}
-		cv := nginx["spec"].(map[string]any)["values"].(map[string]any)["controller"].(map[string]any)
-		var annotations map[string]any
-		if a, ok := cv["podAnnotations"]; ok {
-			annotations = a.(map[string]any)
-		} else {
-			annotations = map[string]any{}
-			cv["podAnnotations"] = annotations
-		}
-		annotations["dodo.cloud/hash"] = string(hash)
 		buf, err := yaml.Marshal(nginx)
 		if err != nil {
 			return "", err
@@ -489,6 +439,7 @@
 
 type NginxProxyConfig struct {
 	Namespace   string
+	PID         string
 	IngressPort int
 	Resolvers   []net.IP
 	Ingress     map[string]string
@@ -541,6 +492,9 @@
 			if items[0] == "namespace:" {
 				ret.Namespace = items[1]
 			}
+		} else if items[0] == "pid" {
+
+			ret.PID = items[1]
 		} else if items[0] == "http" {
 			insideHttp = true
 		} else if insideHttp && items[0] == "map" {
@@ -624,6 +578,9 @@
 
 const nginxConfigTmpl = `    worker_processes  1;
     worker_rlimit_nofile 8192;
+    {{- if .PID }}
+    pid {{ .PID }};
+    {{- end }}
     events {
         worker_connections  1024;
     }
@@ -655,7 +612,6 @@
         {{- range $port, $upstream := .UDP }}
         server {
             listen {{ $port }} udp;
-            resolver 100.100.100.100;
             proxy_pass {{ $upstream }};
         }
         {{- end  }}
commit	f55ab36eb75967020b08fa078dfad313cd2ee449	[log] [tgz]
author	gio <gio@v1.dodo.cloud>	Fri Apr 11 17:48:17 2025 +0400
committer	gio <gio@v1.dodo.cloud>	Wed Apr 16 16:57:09 2025 +0400
tree	0608dac568a5a637ef34b917d3bc3204814b2966
parent	cbd8909ed7d8f3bdb17abd679173c137ec62169b [diff] [blame]