Skip to content
/ dovecot-director-controller Public

Kubernetes controller to update dovevot director mappings on dovecot state changes

License

MIT license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sers-dev/dovecot-director-controller

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits

.github/workflows

.github/workflows

 
 

cmd

cmd

 
 

docker

docker

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

go.mod

go.mod

 
 

Repository files navigation

Dovecot Director Controller

Dovecot director is used to keep a temporary user -> mail server (= dovecot server) mapping, as described in dovecot docs.

If a dovecot director and dovecot server are used in a kubernetes cluster, mappings are not being updated in case a dovecot container restarts for example since dovecot is not made to be used with private IPs as it is in k8s setup. To update the new pod ip and therefore to correct the mapping, a manual execution of the command doveadm reload needs to be done on the dovecot director server.

Since no one wants to waste manual effort on responses to ordinary container events this tool intends to automatically execute said command on the dovecot director pod container shell whenever a dovecot container/pod becomes ready or when the tls secret is changed or updated.

Usage

Runs inside and outside of a kubernetes cluster.

If you don't run it inside a k8s cluster it tries to load the kubeconfig in the executing users homedir. If it does not exist you need to specify the absolute path with command flag "-c".

Environment variables needed for successful execution:

  • DOVECOT_NAMESPACE(string): Name of namespace that must contain both dovecot and dovecot director pods

  • DOVECOT_DIRECTOR_LABELS(string): All labels given to dovecot director for conclusive identification of dovecot director pods in the following format: <LABEL1>=<VALUE1>,<LABEL2>=<VALUE2>

  • DOVECOT_LABELS(string): All labels given to dovecot for conclusive identification of dovecot pods, same format as in DOVECOT_DIRECTOR_LABELS

    Optional environment parameters:

  • DOVECOT_DIRECTOR_CONTAINER_NAME (string) : Container Name of dovecot-director in Pod. Defaults to first Container in Pod if not set.

  • SYNC_FREQUENCY_DURATION (int, seconds, default: 70): This parameter is based on kubelets parameter --sync-frequency duration which is by default set to 60s, so if you change the value of kubelets parameter you should use the same value plus a few seconds to trigger at doveadm reload after adding/changing tls secrets successfully

When running inside a kubernetes cluster the pod needs the following permissions via Role for the same namespace your dovecot pods run in:

rules:
- apiGroups:
  - ""
  resources:
  - pods
  - secrets
  verbs:
  - list
  - watch
- apiGroups:
  - ""
  resources:
  - pods/exec
  verbs:
  - create

Used Library

https://github.com/kubernetes/client-go

About

Kubernetes controller to update dovevot director mappings on dovecot state changes

Topics

go kubernetes golang mail controller dovecot k8s hacktoberfest e-mail dovecot-director

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

3 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 3

Support to watch events of k8s secrets Latest
Oct 18, 2022
+ 2 releases

Packages 1

 

Contributors 2

  •  
  •  

Languages