fleetboard-io · Airren · Jul 29, 2024 · Jul 26, 2024 · Jul 29, 2024
diff --git a/Makefile b/Makefile
@@ -68,30 +68,30 @@ images:
 	docker build $(DOCKERARGS) -f ./build/crossdns.Dockerfile ./ -t ${REGISTRY}/${REGISTRY_NAMESPACE}/crossdns:${IMAGE_TAG}
 	docker build $(DOCKERARGS) -f ./build/cnf.Dockerfile ./ -t ${REGISTRY}/${REGISTRY_NAMESPACE}/cnf:${IMAGE_TAG}
 	docker build $(DOCKERARGS) -f ./build/dedinic.Dockerfile ./ -t ${REGISTRY}/${REGISTRY_NAMESPACE}/dedinic:${IMAGE_TAG}
-	docker build $(DOCKERARGS) -f ./build/ep-controller.Dockerfile ./ -t ${REGISTRY}/${REGISTRY_NAMESPACE}/ep-controller:${IMAGE_TAG}
+	docker build $(DOCKERARGS) -f ./build/ep-controller.Dockerfile ./ -t ${REGISTRY}/${REGISTRY_NAMESPACE}/controller:${IMAGE_TAG}
 
 image-crossdns:
 	docker build $(DOCKERARGS) -f ./build/crossdns.Dockerfile ./ -t ${REGISTRY}/${REGISTRY_NAMESPACE}/crossdns:${IMAGE_TAG}
 	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/crossdns:${IMAGE_TAG}
 
-image-dedinic:
-	docker build $(DOCKERARGS) -f ./build/dedinic.Dockerfile ./ -t ${REGISTRY}/${REGISTRY_NAMESPACE}/dedinic:${IMAGE_TAG}
-	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/dedinic:${IMAGE_TAG}
-
 image-cnf:
 	docker build $(DOCKERARGS) -f ./build/cnf.Dockerfile ./ -t ${REGISTRY}/${REGISTRY_NAMESPACE}/cnf:${IMAGE_TAG}
 	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/cnf:${IMAGE_TAG}
+	docker tag ${REGISTRY}/${REGISTRY_NAMESPACE}/cnf:${IMAGE_TAG} ${REGISTRY}/${REGISTRY_NAMESPACE}/controller:latest
+	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/cnf:latest
 
 image-ep-controller:
-	docker build $(DOCKERARGS) -f ./build/ep-controller.Dockerfile ./ -t ${REGISTRY}/${REGISTRY_NAMESPACE}/ep-controller:${IMAGE_TAG}
-	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/ep-controller:${IMAGE_TAG}
+	docker build $(DOCKERARGS) -f ./build/ep-controller.Dockerfile ./ -t ${REGISTRY}/${REGISTRY_NAMESPACE}/controller:${IMAGE_TAG}
+	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/controller:${IMAGE_TAG}
+	docker tag ${REGISTRY}/${REGISTRY_NAMESPACE}/controller:${IMAGE_TAG} ${REGISTRY}/${REGISTRY_NAMESPACE}/controller:latest
+	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/controller:latest
 
 
 images-push:
 	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/crossdns:${IMAGE_TAG}
 	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/cnf:${IMAGE_TAG}
 	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/dedinic:${IMAGE_TAG}
-	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/ep-controller:${IMAGE_TAG}
+	docker push ${REGISTRY}/${REGISTRY_NAMESPACE}/controller:${IMAGE_TAG}
 
 # find or download golangci-lint
 # download golangci-lint if necessary

diff --git a/build/cnf.Dockerfile b/build/cnf.Dockerfile
@@ -1,17 +1,27 @@
-FROM golang:1.21 as builder
+FROM golang:1.21-alpine as builder
 
 WORKDIR /workspace
-RUN apt install -y  make
+RUN apk update && apk add --no-cache make git
 COPY ../go.mod ../go.sum ./
 COPY ../staging ./staging
 RUN go mod download
 COPY .. .
 RUN make cnf
 
 
-FROM  ubuntu:jammy
-RUN apt update &&  apt install iproute2 bridge-utils tcpdump -y
-RUN apt install  wireguard-tools wget openresolv iptables -y
-RUN apt-get autoclean; rm -rf /var/lib/apt/lists/*
+FROM alpine:latest
+
+# Install required packages
+RUN apk update && apk add --no-cache \
+    iproute2 \
+    bridge-utils \
+    tcpdump \
+    iputils \
+    wireguard-tools \
+    wget \
+    openresolv \
+    iptables \
+    vim
+
 WORKDIR /cnf
 COPY --from=builder /workspace/bin/cnf ./
diff --git a/build/daemon.Dockerfile b/build/daemon.Dockerfile
diff --git a/build/dedinic.Dockerfile b/build/dedinic.Dockerfile
diff --git a/build/start-dedinic.sh b/build/start-dedinic.sh
diff --git a/deploy/cluster/templates/cnf-cluster.yaml b/deploy/cluster/templates/cnf-cluster.yaml
@@ -19,24 +19,40 @@ spec:
         app: cnf-nauti
         router.nauti.io/cnf: "true"
     spec:
-      serviceAccountName: octopus
+      serviceAccountName: {{ .Values.serviceAccount.name }}
       hostNetwork: false
       containers:
-        - name: cnf-nauti
+        - name: controller
+          command:
+            - "/ep-controller"
+          env:
+            - name: NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+            - name: PARALLEL_IP_ANNOTATION
+              value: "router.nauti.io/dedicated_ip"
+          image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}/controller:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          resources:
+            requests:
+              cpu: 500m
+              memory: 512Mi
+        - name: cnf
           image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}/cnf:{{ .Values.image.tag | default .Chart.AppVersion }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
           securityContext:
             runAsUser: 0
             privileged: true
           command:
-            - ./cnf
+            - /cnf/cnf
           args:
             - --shared-namespace=syncer-operator
             - --local-namespace=syncer-operator
-            - --as-hub={{ .Values.cluster.hub }}}
+            - --as-hub={{ .Values.cluster.hub }}
             - --as-cluster=true
             - --hub-secret-namespace=nauti-system
-            - --hub-secret-name=octopus
+            - --hub-secret-name={{ .Values.hub.secretName }}
             - --hub-url={{ .Values.hub.hubURL }}
           env:
             - name: NAUTI_CLUSTERID
@@ -54,9 +70,39 @@ spec:
           resources:
             limits:
               cpu: "1"
-              memory: 1000Mi
+              memory: 1Gi
             requests:
-              cpu: 200m
-              memory: 200Mi
+              cpu: 100m
+              memory: 100Mi
+          terminationMessagePath: /dev/termination-log
+          terminationMessagePolicy: File
+          volumeMounts:
+            - mountPath: /var/run/netns
+              mountPropagation: Bidirectional
+              name: host-ns
+            - mountPath: /var/run/nri
+              mountPropagation: HostToContainer
+              name: host-nri
+      dnsPolicy: ClusterFirst
       nodeSelector:
-        kubernetes.io/os: "linux"
+        kubernetes.io/os: linux
+      priorityClassName: system-node-critical
+      restartPolicy: Always
+      securityContext: { }
+      terminationGracePeriodSeconds: 30
+      tolerations:
+        - effect: NoSchedule
+          operator: Exists
+        - effect: NoExecute
+          operator: Exists
+        - key: CriticalAddonsOnly
+          operator: Exists
+      volumes:
+        - hostPath:
+            path: /var/run/netns
+            type: ""
+          name: host-ns
+        - hostPath:
+            path: /var/run/nri
+            type: DirectoryOrCreate
+          name: host-nri
diff --git a/deploy/cluster/templates/dedinic-cr.yaml b/deploy/cluster/templates/dedinic-cr.yaml