diff --git a/Dockerfile_iptables b/Dockerfile_iptables index a4617a89..e9861151 100644 --- a/Dockerfile_iptables +++ b/Dockerfile_iptables @@ -12,8 +12,10 @@ RUN --mount=type=cache,sharing=locked,id=gomod,target=/go/pkg/mod/cache \ CGO_ENABLED=0 GOOS=linux make build FROM alpine:3.18.4 -# Add Certificates into the image, for anything that does API calls -RUN apk add --no-cache iptables +# Update pkgs and add iptables +RUN apk upgrade && \ + apk add --no-cache iptables + # Add kube-vip binary COPY --from=dev /src/kube-vip / ENTRYPOINT ["/kube-vip"] diff --git a/Makefile b/Makefile index 33e3409b..24579904 100644 --- a/Makefile +++ b/Makefile @@ -5,7 +5,7 @@ TARGET := kube-vip .DEFAULT_GOAL := $(TARGET) # These will be provided to the target -VERSION := v0.6.3 +VERSION := v0.6.4 BUILD := `git rev-parse HEAD` @@ -127,3 +127,14 @@ e2e-tests: service-tests: E2E_IMAGE_PATH=$(REPOSITORY)/$(TARGET):$(DOCKERTAG) go run ./testing/e2e/services -Services + +trivy: dockerx86ActionIPTables + docker run -v /var/run/docker.sock:/var/run/docker.sock aquasec/trivy:0.47.0 \ + image \ + --format table \ + --exit-code 1 \ + --ignore-unfixed \ + --vuln-type 'os,library' \ + --severity 'CRITICAL,HIGH' \ + $(REPOSITORY)/$(TARGET):action + diff --git a/docs/usage/on-prem/index.md b/docs/usage/on-prem/index.md index 08b57d33..18dbcc34 100644 --- a/docs/usage/on-prem/index.md +++ b/docs/usage/on-prem/index.md @@ -142,6 +142,27 @@ kubernetes ClusterIP 10.96.0.1 443/TCP 17m nginx-dhcp LoadBalancer 10.97.150.208 192.168.0.155 80:31184/TCP 3s ``` +You can also specify a hostname used for the DHCP lease by adding an annotation to your service. + +``` +apiVersion: v1 +kind: Service +metadata: + name: nginx-dhcp + annotations: + kube-vip.io/loadbalancerHostname: mydhcp-test +spec: + loadBalancerIP: 0.0.0.0 + ports: + - name: http + port: 80 + protocol: TCP + targetPort: 80 + selector: + app: hello-world + type: LoadBalancer +``` + ### Using UPnP to expose a Service to the outside world With `kube-vip` > 0.2.1, it is possible to expose a Service of type `LoadBalancer` on a specific port to the Internet by using UPnP (on a supported gateway). diff --git a/pkg/manager/instance.go b/pkg/manager/instance.go index 1fa96e17..db9dc29b 100644 --- a/pkg/manager/instance.go +++ b/pkg/manager/instance.go @@ -26,6 +26,7 @@ type Instance struct { dhcpInterface string dhcpInterfaceHwaddr string dhcpInterfaceIP string + dhcpHostname string dhcpClient *vip.DHCPClient // Kubernetes service mapping @@ -78,6 +79,7 @@ func NewInstance(svc *v1.Service, config *kubevip.Config) (*Instance, error) { if svc.Annotations != nil { instance.dhcpInterfaceHwaddr = svc.Annotations[hwAddrKey] instance.dhcpInterfaceIP = svc.Annotations[requestedIP] + instance.dhcpHostname = svc.Annotations[loadbalancerHostname] } // Generate Load Balancer config @@ -179,6 +181,12 @@ func (i *Instance) startDHCP() error { client := vip.NewDHCPClient(iface, initRebootFlag, i.dhcpInterfaceIP) + // Add hostname to dhcp client if annotated + if i.dhcpHostname != "" { + log.Infof("Hostname specified for dhcp lease: [%s] - [%s]", interfaceName, i.dhcpHostname) + client.WithHostName(i.dhcpHostname) + } + go client.Start() // Set that DHCP is enabled diff --git a/pkg/manager/services.go b/pkg/manager/services.go index 9a416d01..32b1757d 100644 --- a/pkg/manager/services.go +++ b/pkg/manager/services.go @@ -27,6 +27,7 @@ const ( endpoint = "kube-vip.io/active-endpoint" flushContrack = "kube-vip.io/flush-conntrack" loadbalancerIPAnnotation = "kube-vip.io/loadbalancerIPs" + loadbalancerHostname = "kube-vip.io/loadbalancerHostname" ) func (sm *Manager) syncServices(_ context.Context, svc *v1.Service, wg *sync.WaitGroup) error {