-
Notifications
You must be signed in to change notification settings - Fork 462
/
config.go
115 lines (102 loc) · 3.06 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and Gardener contributors
//
// SPDX-License-Identifier: Apache-2.0
package valitail
import (
"bytes"
_ "embed"
"errors"
"net/url"
"text/template"
"github.com/Masterminds/sprig/v3"
"k8s.io/utils/ptr"
v1beta1constants "github.com/gardener/gardener/pkg/apis/core/v1beta1/constants"
extensionsv1alpha1 "github.com/gardener/gardener/pkg/apis/extensions/v1alpha1"
"github.com/gardener/gardener/pkg/component/extensions/operatingsystemconfig/original/components"
"github.com/gardener/gardener/pkg/utils"
)
var (
tplNameValitail = "config"
//go:embed templates/valitail-config.tpl.yaml
tplContentValitail string
tplValitail *template.Template
)
func init() {
tplValitail = template.Must(template.
New(tplNameValitail).
Funcs(sprig.TxtFuncMap()).
Parse(tplContentValitail))
}
func getValitailConfigurationFile(ctx components.Context) (extensionsv1alpha1.File, error) {
if ctx.ValiIngress == "" {
return extensionsv1alpha1.File{}, errors.New("vali ingress url is missing")
}
apiServerURL, err := url.Parse(ctx.APIServerURL)
if err != nil {
return extensionsv1alpha1.File{}, err
}
var config bytes.Buffer
if err := tplValitail.Execute(&config, map[string]interface{}{
"clientURL": "https://" + ctx.ValiIngress + "/vali/api/v1/push",
"pathCACert": PathCACert,
"valiIngress": ctx.ValiIngress,
"pathAuthToken": PathAuthToken,
"APIServerURL": ctx.APIServerURL,
"APIServerHostname": apiServerURL.Hostname(),
}); err != nil {
return extensionsv1alpha1.File{}, err
}
return extensionsv1alpha1.File{
Path: PathConfig,
Permissions: ptr.To[int32](0644),
Content: extensionsv1alpha1.FileContent{
Inline: &extensionsv1alpha1.FileContentInline{
Encoding: "b64",
Data: utils.EncodeBase64(config.Bytes()),
},
},
}, nil
}
func getValitailCAFile(ctx components.Context) extensionsv1alpha1.File {
var cABundle []byte
if ctx.CABundle != nil {
cABundle = []byte(*ctx.CABundle)
}
return extensionsv1alpha1.File{
Path: PathCACert,
Permissions: ptr.To[int32](0644),
Content: extensionsv1alpha1.FileContent{
Inline: &extensionsv1alpha1.FileContentInline{
Encoding: "b64",
Data: utils.EncodeBase64(cABundle),
},
},
}
}
func getValitailUnit() extensionsv1alpha1.Unit {
return extensionsv1alpha1.Unit{
Name: UnitName,
Command: ptr.To(extensionsv1alpha1.CommandStart),
Enable: ptr.To(true),
Content: ptr.To(`[Unit]
Description=valitail daemon
Documentation=https://github.com/credativ/plutono
[Install]
WantedBy=multi-user.target
[Service]
CPUAccounting=yes
MemoryAccounting=yes
CPUQuota=3%
CPUQuotaPeriodSec=1000ms
MemoryMin=29M
MemoryHigh=400M
MemoryMax=800M
MemorySwapMax=0
Restart=always
RestartSec=5
EnvironmentFile=/etc/environment
ExecStartPre=/bin/sh -c "systemctl set-environment HOSTNAME=$(hostname | tr [:upper:] [:lower:])"
ExecStart=` + v1beta1constants.OperatingSystemConfigFilePathBinaries + `/valitail -config.file=` + PathConfig),
FilePaths: []string{PathConfig, PathCACert, valitailBinaryPath},
}
}