Skip to content

Commit

Permalink
Upgrade to HAProxy 1.8.9 (#1124)
Browse files Browse the repository at this point in the history
  • Loading branch information
@tamalsaha
tamalsaha committed Jun 9, 2018
1 parent 33f9df4 commit 9533714
Show file tree
Hide file tree
Showing 21 changed files with 182 additions and 18 deletions.
2 changes: 1 addition & 1 deletion chart/voyager/README.md
View file
Expand Up @@ -52,7 +52,7 @@ The following tables lists the configurable parameters of the Voyager chart and
| `voyager.tag` | Voyager container image tag | `7.0.0` |
| `haproxy.registry` | Docker registry used to pull HAProxy image | `appscode` |
| `haproxy.repository` | HAProxy container image | `haproxy` |
| `haproxy.tag` | HAProxy container image tag | `1.8.8-7.0.0-alpine` |
| `haproxy.tag` | HAProxy container image tag | `1.8.9-7.0.0-alpine` |
| `imagePullSecrets` | Specify image pull secrets | `nil` (does not add image pull secrets to deployed pods) |
| `imagePullPolicy` | Image pull policy | `IfNotPresent` |
| `cloudProvider` | Name of cloud provider | `nil` |
Expand Down
2 changes: 1 addition & 1 deletion chart/voyager/values.yaml
View file
Expand Up @@ -10,7 +10,7 @@ voyager:
haproxy:
registry: appscode
repository: haproxy
tag: 1.8.8-7.0.0-alpine
tag: 1.8.9-7.0.0-alpine
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
Expand Down
2 changes: 1 addition & 1 deletion docs/reference/voyager_run.md
View file
Expand Up @@ -63,7 +63,7 @@ voyager run [flags]
--docker-registry string Docker image registry for HAProxy and Prometheus exporter (default "appscode")
--enable-swagger-ui Enables swagger ui on the apiserver at /swagger-ui
--exporter-image-tag string Tag of Docker image containing Prometheus exporter (default "7.0.0")
--haproxy-image-tag string Tag of Docker image containing HAProxy binary (default "1.8.8-7.0.0-alpine")
--haproxy-image-tag string Tag of Docker image containing HAProxy binary (default "1.8.9-7.0.0-alpine")
--haproxy.server-metric-fields string Comma-separated list of exported server metrics. See http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#9.1 (default "2,3,4,5,6,7,8,9,13,14,15,16,17,18,21,24,33,35,38,39,40,41,42,43,44")
--haproxy.timeout duration Timeout for trying to get stats from HAProxy. (default 5s)
-h, --help help for run
Expand Down
2 changes: 1 addition & 1 deletion docs/setup/developer-guide/overview.md
View file
Expand Up @@ -162,7 +162,7 @@ Following configurations can be enabled for test via flags in `./hack/make.py te
| cloud-provider | | Name of cloud Provider |
| ingress-class | | | Ingress class handled by voyager. Unset by default. Set to voyager to only handle ingress with annotation kubernetes.io/ingress.class=voyager. |
| namespace | test- <random> | Run tests in this namespaces |
| haproxy-image| appscode/haproxy:1.8.8-7.0.0-alpine | HAProxy image name to run |
| haproxy-image| appscode/haproxy:1.8.9-7.0.0-alpine | HAProxy image name to run |
| cleanup | true | Turn off cleanup for dynamically generated pods and configmaps. Helps with manual testing |
| in-cluster | false | Operator is running inside cluster. Helps with running operator testing. |
| daemon-host-name | master | Daemon host name to run daemon hosts |
Expand Down
4 changes: 2 additions & 2 deletions docs/setup/install.md
View file
Expand Up @@ -62,7 +62,7 @@ options:
-p, --provider=PROVIDER specify a cloud provider
--rbac create RBAC roles and bindings (default: true)
--docker-registry docker registry used to pull voyager images (default: appscode)
--haproxy-image-tag tag of Docker image containing HAProxy binary (default: 1.8.8-7.0.0-alpine)
--haproxy-image-tag tag of Docker image containing HAProxy binary (default: 1.8.9-7.0.0-alpine)
--image-pull-secret name of secret used to pull voyager operator images
--restrict-to-namespace restrict voyager to its own namespace
--run-on-master run voyager operator on master
Expand Down Expand Up @@ -109,7 +109,7 @@ $ curl -fsSL https://raw.githubusercontent.com/appscode/voyager/7.0.0/hack/deplo
| bash -s -- --provider=$provider --docker-registry=MY_REGISTRY [--image-pull-secret=SECRET_NAME] [--rbac]
```

By default, Voyager uses Alpine based HAProxy image (1.8.8-7.0.0-alpine). But you can also Debian based image for HAProxy by setting --haproxy-image-tag=1.8.8-7.0.0 flag.
By default, Voyager uses Alpine based HAProxy image (1.8.9-7.0.0-alpine). But you can also Debian based image for HAProxy by setting --haproxy-image-tag=1.8.9-7.0.0 flag.

Voyager implements a [validating admission webhook](https://kubernetes.io/docs/admin/admission-controllers/#validatingadmissionwebhook-alpha-in-18-beta-in-19) to validate Voyager CRDs. This is enabled by default for Kubernetes 1.9.0 or later releases. To disable this feature, pass the `--enable-validating-webhook=false` flag.

Expand Down
6 changes: 3 additions & 3 deletions hack/deploy/voyager.sh
View file
Expand Up @@ -95,7 +95,7 @@ export VOYAGER_RESTRICT_TO_NAMESPACE=false
export VOYAGER_ROLE_TYPE=ClusterRole
export VOYAGER_DOCKER_REGISTRY=${DOCKER_REGISTRY:-appscode}
export VOYAGER_IMAGE_TAG=7.0.0
export VOYAGER_HAPROXY_IMAGE_TAG=1.8.8-7.0.0-alpine
export VOYAGER_HAPROXY_IMAGE_TAG=1.8.9-7.0.0-alpine
export VOYAGER_IMAGE_PULL_SECRET=
export VOYAGER_IMAGE_PULL_POLICY=IfNotPresent
export VOYAGER_ENABLE_ANALYTICS=true
Expand All @@ -109,7 +109,7 @@ if [ "$APPSCODE_ENV" = "dev" ]; then
detect_tag
export SCRIPT_LOCATION="cat "
export VOYAGER_IMAGE_TAG=$TAG
export VOYAGER_HAPROXY_IMAGE_TAG=1.8.8-$TAG-alpine
export VOYAGER_HAPROXY_IMAGE_TAG=1.8.9-$TAG-alpine
export VOYAGER_IMAGE_PULL_POLICY=Always
fi

Expand All @@ -127,7 +127,7 @@ show_help() {
echo "-p, --provider=PROVIDER specify a cloud provider"
echo " --rbac create RBAC roles and bindings (default: true)"
echo " --docker-registry docker registry used to pull voyager images (default: appscode)"
echo " --haproxy-image-tag tag of Docker image containing HAProxy binary (default: 1.8.8-7.0.0-alpine)"
echo " --haproxy-image-tag tag of Docker image containing HAProxy binary (default: 1.8.9-7.0.0-alpine)"
echo " --image-pull-secret name of secret used to pull voyager operator images"
echo " --restrict-to-namespace restrict voyager to its own namespace"
echo " --run-on-master run voyager operator on master"
Expand Down
4 changes: 2 additions & 2 deletions hack/dev-test.sh
View file
Expand Up @@ -33,14 +33,14 @@ docker_build() {
echo "===building voyager docker image==="
./hack/docker/voyager/setup.sh
echo "===building haproxy docker image==="
./hack/docker/haproxy/1.8.8-alpine/setup.sh
./hack/docker/haproxy/1.8.9-alpine/setup.sh
}

docker_push() {
echo "===pushing voyager docker image==="
./hack/docker/voyager/setup.sh push
echo "===pushing haproxy docker image==="
./hack/docker/haproxy/1.8.8-alpine/setup.sh push
./hack/docker/haproxy/1.8.9-alpine/setup.sh push
}

install() {
Expand Down
23 changes: 23 additions & 0 deletions hack/docker/haproxy/1.8.9-alpine/Dockerfile
View file
@@ -0,0 +1,23 @@
FROM haproxy:1.8.9-alpine

# Installs required packages
# Change timezone to UTC
RUN set -x \
&& apk add --update --no-cache ca-certificates su-exec runit socklog tzdata bash openrc lua5.3 lua-socket \
&& rm -rf /etc/sv /etc/service \
&& echo 'Etc/UTC' > /etc/timezone \
&& ln -sf /usr/share/lua/ /usr/local/share/ \
&& ln -sf /usr/lib/lua/ /usr/local/lib/

ENV TZ :/etc/localtime
ENV LANG en_US.utf8

COPY voyager /usr/bin/voyager
COPY auth-request.lua /etc/auth-request.lua

# Setup runit scripts
COPY sv /etc/sv/
RUN ln -s /etc/sv /etc/service

COPY runit.sh /runit.sh
ENTRYPOINT ["/runit.sh"]
14 changes: 14 additions & 0 deletions hack/docker/haproxy/1.8.9-alpine/runit.sh
View file
@@ -0,0 +1,14 @@
#!/bin/bash

export HAPROXY_CONTROLLER_ARGS="$@"
export > /etc/envvars

[[ $DEBUG == true ]] && set -x

# create haproxy.cfg dir
mkdir /etc/haproxy
touch /var/run/haproxy.pid
mkdir -p /etc/ssl/private/haproxy

echo "Starting runit..."
exec /sbin/runsvdir -P /etc/service
30 changes: 30 additions & 0 deletions hack/docker/haproxy/1.8.9-alpine/setup.sh
View file
@@ -0,0 +1,30 @@
#!/bin/bash

set -eou pipefail

GOPATH=$(go env GOPATH)
REPO_ROOT=$GOPATH/src/github.com/appscode/voyager

source "$REPO_ROOT/hack/libbuild/common/public_image.sh"

detect_tag $REPO_ROOT/dist/.tag

IMG=haproxy
TAG=1.8.9-$TAG-alpine
DOCKER_REGISTRY=${DOCKER_REGISTRY:-appscode}

build() {
pushd $(dirname "${BASH_SOURCE}")
cp $REPO_ROOT/dist/voyager/voyager-alpine-amd64 voyager
chmod +x voyager

# download auth-request.lua
curl -fsSL -o auth-request.lua https://raw.githubusercontent.com/appscode/haproxy-auth-request/v1.8.9/auth-request.lua

local cmd="docker build -t $DOCKER_REGISTRY/$IMG:$TAG ."
echo $cmd; $cmd
rm voyager auth-request.lua
popd
}

binary_repo $@
8 changes: 8 additions & 0 deletions hack/docker/haproxy/1.8.9-alpine/sv/haproxy-controller/run
View file
@@ -0,0 +1,8 @@
#!/bin/bash

source /etc/envvars

echo "Starting HAProxy controller ..."
cmd="exec voyager haproxy-controller $HAPROXY_CONTROLLER_ARGS"
echo $cmd
$cmd
3 changes: 3 additions & 0 deletions hack/docker/haproxy/1.8.9-alpine/sv/socklog-unix/run
View file
@@ -0,0 +1,3 @@
#!/bin/bash
exec 2>&1
exec chpst -Unobody socklog unix /dev/log
29 changes: 29 additions & 0 deletions hack/docker/haproxy/1.8.9/Dockerfile
View file
@@ -0,0 +1,29 @@
FROM haproxy:1.8.9

ENV DEBIAN_FRONTEND noninteractive
ENV DEBCONF_NONINTERACTIVE_SEEN true

# Installs required packages
# Change timezone to UTC
RUN set -x \
&& apt-get update \
&& apt-get install -y --no-install-recommends ca-certificates runit lua5.3 lua-socket \
&& rm -rf /var/lib/apt/lists/* /usr/share/doc /usr/share/man /tmp/* /etc/sv /etc/service \
&& echo 'Etc/UTC' > /etc/timezone

# Install socklog
COPY socklog.deb .
RUN set -x && apt install ./socklog.deb && rm socklog.deb

ENV TZ :/etc/localtime
ENV LANG en_US.utf8

COPY voyager /usr/bin/voyager
COPY auth-request.lua /etc/auth-request.lua

# Setup runit scripts
COPY sv /etc/sv/
RUN ln -s /etc/sv /etc/service

COPY runit.sh /runit.sh
ENTRYPOINT ["/runit.sh"]
14 changes: 14 additions & 0 deletions hack/docker/haproxy/1.8.9/runit.sh
View file
@@ -0,0 +1,14 @@
#!/bin/bash

export HAPROXY_CONTROLLER_ARGS="$@"
export > /etc/envvars

[[ $DEBUG == true ]] && set -x

# create haproxy.cfg dir
mkdir /etc/haproxy
touch /var/run/haproxy.pid
mkdir -p /etc/ssl/private/haproxy

echo "Starting runit..."
exec /usr/bin/runsvdir -P /etc/service
32 changes: 32 additions & 0 deletions hack/docker/haproxy/1.8.9/setup.sh
View file
@@ -0,0 +1,32 @@
#!/bin/bash

set -eou pipefail

GOPATH=$(go env GOPATH)
REPO_ROOT=$GOPATH/src/github.com/appscode/voyager

source "$REPO_ROOT/hack/libbuild/common/public_image.sh"

detect_tag $REPO_ROOT/dist/.tag

IMG=haproxy
TAG=1.8.9-$TAG
DOCKER_REGISTRY=${DOCKER_REGISTRY:-appscode}

build() {
pushd $(dirname "${BASH_SOURCE}")
cp $REPO_ROOT/dist/voyager/voyager-linux-amd64 voyager
chmod +x voyager

# download socklog (`socklog` not available for `stretch`, use `jessie` deb instead)
curl -L -o socklog.deb http://ftp.us.debian.org/debian/pool/main/s/socklog/socklog_2.1.0-8_amd64.deb
# download auth-request.lua
curl -fsSL -o auth-request.lua https://raw.githubusercontent.com/appscode/haproxy-auth-request/v1.8.9/auth-request.lua

local cmd="docker build -t $DOCKER_REGISTRY/$IMG:$TAG ."
echo $cmd; $cmd
rm voyager socklog.deb auth-request.lua
popd
}

binary_repo $@
8 changes: 8 additions & 0 deletions hack/docker/haproxy/1.8.9/sv/haproxy-controller/run
View file
@@ -0,0 +1,8 @@
#!/bin/bash

source /etc/envvars

echo "Starting HAProxy controller ..."
cmd="exec voyager haproxy-controller $HAPROXY_CONTROLLER_ARGS"
echo $cmd
$cmd
3 changes: 3 additions & 0 deletions hack/docker/haproxy/1.8.9/sv/socklog-unix/run
View file
@@ -0,0 +1,3 @@
#!/bin/bash
exec 2>&1
exec chpst -Unobody socklog unix /dev/log
2 changes: 1 addition & 1 deletion hack/docker/voyager/Dockerfile
View file
@@ -1,4 +1,4 @@
FROM haproxy:1.8.8-alpine
FROM haproxy:1.8.9-alpine

RUN set -x \
&& apk add --update --no-cache ca-certificates lua5.3 lua-socket \
Expand Down
2 changes: 1 addition & 1 deletion hack/docker/voyager/setup.sh
View file
Expand Up @@ -41,7 +41,7 @@ build_docker() {
chmod 755 voyager

# download auth-request.lua
curl -fsSL -o auth-request.lua https://raw.githubusercontent.com/appscode/haproxy-auth-request/v1.8.8/auth-request.lua
curl -fsSL -o auth-request.lua https://raw.githubusercontent.com/appscode/haproxy-auth-request/v1.8.9/auth-request.lua

local cmd="docker build -t $DOCKER_REGISTRY/$IMG:$TAG ."
echo $cmd; $cmd
Expand Down
8 changes: 4 additions & 4 deletions hack/release.sh
View file
Expand Up @@ -13,11 +13,11 @@ rm -rf dist
./hack/docker/voyager/setup.sh
./hack/docker/voyager/setup.sh release

./hack/docker/haproxy/1.8.8/setup.sh
./hack/docker/haproxy/1.8.8/setup.sh release
./hack/docker/haproxy/1.8.9/setup.sh
./hack/docker/haproxy/1.8.9/setup.sh release

./hack/docker/haproxy/1.8.8-alpine/setup.sh
./hack/docker/haproxy/1.8.8-alpine/setup.sh release
./hack/docker/haproxy/1.8.9-alpine/setup.sh
./hack/docker/haproxy/1.8.9-alpine/setup.sh release

rm dist/.tag

Expand Down
2 changes: 1 addition & 1 deletion pkg/cmds/server/options.go
View file
Expand Up @@ -69,7 +69,7 @@ func (s OperatorOptions) WatchNamespace() string {
func NewOperatorOptions() *OperatorOptions {
return &OperatorOptions{
DockerRegistry: "appscode",
HAProxyImageTag: "1.8.8-7.0.0-alpine",
HAProxyImageTag: "1.8.9-7.0.0-alpine",
ExporterImageTag: "7.0.0",
OperatorNamespace: meta.Namespace(),
OperatorService: "voyager-operator",
Expand Down

0 comments on commit 9533714

Please sign in to comment.