new release 0.2.0

LICENSE

@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright 2020 CLASTIX
+   Copyright [2020] Clastix Labs
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.

helm/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

helm/Chart.yaml

@@ -0,0 +1,23 @@
+apiVersion: v2
+name: kubelived
+description: A Helm chart for installing Keepalived for Kubernetes Control Plane
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+appVersion: 0.2.0

helm/templates/NOTES.txt

@@ -0,0 +1,19 @@
+- Kubelived Helm Chart deployed:
+
+   # Check the installer logs
+   $ kubectl logs -f ds/{{ template "kubelived.fullname" . }}-installer -n {{ .Release.Namespace }}
+
+   # Check the keepalived logs
+   $ kubectl logs -f kube-keepalived-<master> -n {{ .Release.Namespace }}
+
+- Manage this chart:
+
+   # Upgrade Kubelived
+   $ helm upgrade {{ .Release.Name }} -f <values.yaml> kubelived -n {{ .Release.Namespace }}
+
+   # Show this status again
+   $ helm status {{ .Release.Name }} -n {{ .Release.Namespace }}
+
+   # Uninstall Kubelived
+   $ helm uninstall {{ .Release.Name }} -n {{ .Release.Namespace }}
+

helm/templates/_helpers.tpl

@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "kubelived.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "kubelived.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "kubelived.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "kubelived.labels" -}}
+helm.sh/chart: {{ include "kubelived.chart" . }}
+{{ include "kubelived.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "kubelived.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "kubelived.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "kubelived.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "kubelived.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

helm/templates/keepalived-config.yaml

@@ -0,0 +1,47 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: keepalived-config
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "kubelived.labels" . | nindent 4 }}
+data:
+  {{ .Values.keepalived_config_file }}: |
+    # keepalived global configuration
+    global_defs {
+      default_interface KEEPALIVED_INTERFACE
+      enable_script_security 
+    }
+    vrrp_script {{ .Values.keepalived_health_service_name }} {
+      script   {{ quote .Values.keepalived_health_service_check }}
+      interval {{ .Values.keepalived_health_service_interval }}
+      timeout  {{ .Values.keepalived_health_service_timeout }}
+      rise     {{ .Values.keepalived_health_service_rise }}
+      fall     {{ .Values.keepalived_health_service_fall }}
+      user     {{ .Values.keepalived_health_service_user }}
+    }
+    vrrp_instance VI_1 {
+      state {{ upper .Values.keepalived_initial_state }}
+      interface KEEPALIVED_INTERFACE
+      virtual_router_id {{ .Values.keepalived_router_id }}
+      priority KEEPALIVED_PRIORITY
+      advert_int {{ .Values.keepalived_health_service_interval }}
+      authentication {
+        auth_type PASS
+        auth_pass {{ .Values.keepalived_password | b64enc }}
+      }
+      track_script {
+        {{ .Values.keepalived_health_service_name }}
+      }     
+      virtual_ipaddress {
+        {{ .Values.keepalived_virtual_address }} label KEEPALIVED_INTERFACE:VIP
+      }
+      
+      {{- if .Values.keepalived_unicast_peers }}
+      unicast_peer {
+      {{- range .Values.keepalived_unicast_peers }}
+        {{ . }}
+      {{- end }}
+      }    
+      {{- end }}
+    }

helm/templates/keepalived-install-scripts.yaml

@@ -0,0 +1,48 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: keepalived-install-scripts
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "kubelived.labels" . | nindent 4 }}
+data:
+  install.sh: |
+    #!/bin/sh
+    #
+    echo $(date): "Copying keepalived manifest file to /etc/kubernetes/manifests/kube-keepalived.yaml"
+    cp -f /opt/kube-keepalived.yaml /etc/kubernetes/manifests/kube-keepalived.yaml
+    chmod 600 /etc/kubernetes/manifests/kube-keepalived.yaml
+    #
+    echo $(date): "Copying keepalived config file to {{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }}" 
+    cp -f /opt/{{ .Values.keepalived_config_file }} {{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }}
+
+    KEEPALIVED_INTERFACE=$(ip route get {{ .Values.keepalived_virtual_address }} | awk '{print $3}')
+    echo $(date): "Finding the keepalived interface:" $KEEPALIVED_INTERFACE 
+    KEEPALIVED_PRIORITY=$(ip route get {{ .Values.keepalived_virtual_address }} | awk '{print $5}' | cut -d. -f4)
+    echo $(date): "Calculating the keepalived priority:" $KEEPALIVED_PRIORITY
+
+    sed -i "s|KEEPALIVED_INTERFACE|$KEEPALIVED_INTERFACE|g" {{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }}
+    sed -i "s|KEEPALIVED_PRIORITY|$KEEPALIVED_PRIORITY|g" {{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }}
+    echo $(date): "Updated the keepalived config file"
+
+    # Unless told otherwise, sleep forever.
+    # This prevents Kubernetes from restarting the pod repeatedly.
+    should_sleep=true
+    echo $(date): "Done installing keepalived."
+    while [ "$should_sleep" = "true"  ]; do
+      if [ -e {{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }} ];
+      then
+        echo $(date): "Nothing to do, going to sleep again ..."
+        sleep 120
+      else
+        should_sleep=false
+        echo $(date): "Missing keepalived configuration file: {{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }}"
+      fi
+    done
+  uninstall.sh: |
+    #!/bin/sh
+    #
+    echo $(date): "Removing keepalived manifest file from /etc/kubernetes/manifests/kube-keepalived.yaml"
+    rm -rf /etc/kubernetes/manifests/kube-keepalived.yaml
+    echo $(date): "Removing keepalived config file from {{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }}"
+    rm -rf {{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }}

helm/templates/keepalived-installer.yaml

@@ -0,0 +1,70 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: keepalived-installer
+  labels:
+    {{- include "kubelived.labels" . | nindent 4 }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  selector:
+    matchLabels:
+      {{- include "kubelived.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      annotations:
+        scheduler.alpha.kubernetes.io/critical-pod: ""
+      labels:
+        {{- include "kubelived.selectorLabels" . | nindent 8 }}
+    spec:
+      serviceAccountName: {{ include "kubelived.serviceAccountName" . }}
+      priorityClassName: system-node-critical
+      hostNetwork: true
+      nodeSelector:
+        node-role.kubernetes.io/master: ""
+      tolerations:
+        - key: CriticalAddonsOnly
+          operator: Exists
+        - effect: NoSchedule
+          key: node-role.kubernetes.io/master
+      containers:
+      - name: installer
+        securityContext:
+          privileged: true
+        image: busybox
+        imagePullPolicy: IfNotPresent
+        command: ["./scripts/install.sh"]
+        lifecycle:
+          preStop:
+            exec:
+              command: ["/bin/sh", "-c", "./scripts/uninstall.sh"]
+        volumeMounts:
+        - name: manifest
+          mountPath: /etc/kubernetes/manifests
+        - name: config
+          mountPath: {{ .Values.keepalived_config_path }}
+        - name: keepalived-manifest
+          mountPath: /opt/kube-keepalived.yaml
+          subPath: kube-keepalived.yaml
+        - name: keepalived-config
+          mountPath: /opt/{{ .Values.keepalived_config_file }}
+          subPath: {{ .Values.keepalived_config_file }}
+        - name: keepalived-install-scripts
+          mountPath: /scripts
+      volumes:
+      - name: manifest
+        hostPath:
+          path: /etc/kubernetes/manifests
+      - name: config
+        hostPath:
+          path: {{ .Values.keepalived_config_path }}
+          type: DirectoryOrCreate
+      - name: keepalived-manifest
+        configMap:
+          name: keepalived-manifest
+      - name: keepalived-config
+        configMap:
+          name: keepalived-config
+      - name: keepalived-install-scripts
+        configMap:
+          name: keepalived-install-scripts
+          defaultMode: 0700

helm/templates/keepalived-manifest.yaml

@@ -0,0 +1,54 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: keepalived-manifest
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "kubelived.labels" . | nindent 4 }}
+data:
+  kube-keepalived.yaml: |
+    # Kubernetes: manifest for static pods are in /etc/kubernetes/manifest 
+    apiVersion: v1
+    kind: Pod
+    metadata:
+      annotations:
+        scheduler.alpha.kubernetes.io/critical-pod: ""
+      labels:
+        {{- include "kubelived.selectorLabels" . | nindent 8 }}
+      name: kube-keepalived
+      namespace: kube-system
+    spec:
+      containers:
+      - name: keepalived
+        image: {{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+        imagePullPolicy: Always
+        args: # override options in the Dockerfile
+        - --vrrp
+        - --log-detail
+        - --dump-conf
+        - --use-file={{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }}
+        livenessProbe:
+          exec:
+            command: ["pidof", "keepalived"]
+          initialDelaySeconds: 10
+        securityContext:
+          privileged: true
+          capabilities:
+            add:
+            - NET_ADMIN
+        resources:
+        volumeMounts:
+        - mountPath: /etc/localtime
+          name: host-localtime
+        - mountPath: {{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }}
+          name: config
+      hostNetwork: true
+      priorityClassName: system-node-critical
+      restartPolicy: Always
+      volumes:
+      - hostPath:
+          path: /etc/localtime
+        name: host-localtime
+      - hostPath:
+          path: {{ .Values.keepalived_config_path }}/{{ .Values.keepalived_config_file }}
+        name: config