Add HAProxy 1.7.9

docs/reference/voyager_run.md

@@ -18,7 +18,7 @@ voyager run [flags]
       --cloud-config string                   The path to the cloud provider configuration file.  Empty string for no configuration file.
   -c, --cloud-provider string                 Name of cloud provider
       --custom-templates string               Glob pattern of custom HAProxy template files used to override built-in templates
-      --haproxy-image string                  haproxy image name to be run (default "appscode/haproxy:1.7.6-4.0.0-alpha.1")
+      --haproxy-image string                  haproxy image name to be run (default "appscode/haproxy:1.7.9-4.0.0-alpha.1")
       --haproxy.server-metric-fields string   Comma-separated list of exported server metrics. See http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#9.1 (default "2,3,4,5,6,7,8,9,13,14,15,16,17,18,21,24,33,35,38,39,40,41,42,43,44")
       --haproxy.timeout duration              Timeout for trying to get stats from HAProxy. (default 5s)
   -h, --help                                  help for run

hack/docker/haproxy/1.7.9/Dockerfile

@@ -0,0 +1,46 @@
+FROM appscode/ubuntu:16.04
+
+RUN set -x \
+  && apt-get update \
+  && apt-get install -y libssl1.0.0 libpcre3 socat sed --no-install-recommends \
+  && rm -rf /var/lib/apt/lists/* /usr/share/doc /usr/share/man /tmp/*
+
+ENV HAPROXY_MAJOR 1.7
+ENV HAPROXY_VERSION 1.7.9
+ENV HAPROXY_MD5 a2bbbdd45ffe18d99cdcf26aa992f92d
+
+# see http://sources.debian.net/src/haproxy/1.5.8-1/debian/rules/ for some helpful navigation of the possible "make" arguments
+RUN buildDeps='ca-certificates curl gcc libc6-dev libpcre3-dev libssl-dev make' \
+  && set -x \
+  && apt-get update \
+  && apt-get install -y $buildDeps --no-install-recommends \
+  && curl -SL "http://www.haproxy.org/download/${HAPROXY_MAJOR}/src/haproxy-${HAPROXY_VERSION}.tar.gz" -o haproxy.tar.gz \
+  && echo "${HAPROXY_MD5}  haproxy.tar.gz" | md5sum -c \
+  && mkdir -p /usr/src/haproxy \
+  && tar -xzf haproxy.tar.gz -C /usr/src/haproxy --strip-components=1 \
+  && rm haproxy.tar.gz \
+  && make -C /usr/src/haproxy \
+    TARGET=linux2628 \
+    USE_PCRE=1 PCREDIR= \
+    USE_OPENSSL=1 \
+    USE_ZLIB=1 \
+    all \
+    install-bin \
+  && mkdir -p /usr/local/etc/haproxy \
+  && cp -R /usr/src/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors \
+  && rm -rf /usr/src/haproxy \
+  && mkdir -p /var/state/haproxy \
+  && apt-get purge -y --auto-remove $buildDeps \
+  && rm -rf /var/lib/apt/lists/* /usr/share/doc /usr/share/man /tmp/*
+
+COPY kloader /kloader
+
+# COPY haproxy.cfg /etc/haproxy/haproxy.cfg
+RUN touch /var/run/haproxy.pid
+
+# Setup runit scripts
+COPY sv /etc/sv/
+RUN ln -s /etc/sv /etc/service
+
+COPY runit.sh /runit.sh
+ENTRYPOINT ["/runit.sh"]

hack/docker/haproxy/1.7.9/runit.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+
+export KLOADER_ARGS="$@"
+export > /etc/envvars
+
+[[ $DEBUG == true ]] && set -x
+
+# create haproxy.cfg dir
+mkdir /etc/haproxy
+
+CERT_DIR=/etc/ssl/private/haproxy
+mkdir -p /etc/ssl/private/haproxy
+
+# http://stackoverflow.com/a/2108296
+for dir in /srv/haproxy/secrets/*/
+do
+	# remove trailing /
+	dir=${dir%*/}
+	# just basename
+	secret=${dir##*/}
+
+	cat $dir/tls.crt >  $CERT_DIR/$secret.pem
+	echo '\n' >>  $CERT_DIR/$secret.pem
+	cat $dir/tls.key >> $CERT_DIR/$secret.pem
+done
+
+echo "Checking HAProxy configuration ..."
+cmd="/kloader check $KLOADER_ARGS"
+echo $cmd
+$cmd
+rc=$?; if [[ $rc != 0 ]]; then exit $rc; fi
+
+echo "Starting runit..."
+exec /usr/sbin/runsvdir-start

hack/docker/haproxy/1.7.9/setup.sh

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+GOPATH=$(go env GOPATH)
+REPO_ROOT=$GOPATH/src/github.com/appscode/voyager
+
+source "$REPO_ROOT/hack/libbuild/common/public_image.sh"
+
+detect_tag $REPO_ROOT/dist/.tag
+
+IMG=haproxy
+TAG=1.7.9-$TAG
+
+build() {
+	pushd $(dirname "${BASH_SOURCE}")
+	wget -O kloader https://cdn.appscode.com/binaries/kloader/4.0.1/kloader-linux-amd64
+	chmod +x kloader
+	local cmd="docker build -t appscode/$IMG:$TAG ."
+	echo $cmd; $cmd
+	rm kloader
+	popd
+}
+
+binary_repo $@

hack/docker/haproxy/1.7.9/sv/haproxy/run

@@ -0,0 +1,16 @@
+#!/bin/bash
+source /etc/envvars
+
+# A script to help with haproxy reloads. Needs sudo for :80. Running it for the
+# first time starts haproxy, each subsequent invocation will perform a
+# soft-reload.
+# -f config file
+# -p pid file
+# -D run as daemon
+# -s soft reload, wait for pids to finish handling requests
+# -f send pids a resume signal if reload of new config fails
+
+socat /tmp/haproxy - <<< "show servers state" > /var/state/haproxy/global
+
+# haproxy-systemd-wrapper performs a soft reload
+exec "$(which haproxy-systemd-wrapper)" -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid

hack/docker/haproxy/1.7.9/sv/reloader/reload

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+source /etc/envvars
+
+haproxy -c -f /etc/haproxy/haproxy.cfg
+sv reload haproxy

hack/docker/haproxy/1.7.9/sv/reloader/restart

@@ -0,0 +1,26 @@
+#!/bin/bash
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+source /etc/envvars
+
+CERT_DIR=/etc/ssl/private/haproxy
+mkdir -p /etc/ssl/private/haproxy
+
+# http://stackoverflow.com/a/2108296
+for dir in /srv/haproxy/secrets/*/
+do
+	# remove trailing /
+	dir=${dir%*/}
+	# just basename
+	secret=${dir##*/}
+
+	cat $dir/tls.crt >  $CERT_DIR/$secret.pem
+	echo '\n' >>  $CERT_DIR/$secret.pem
+	cat $dir/tls.key >> $CERT_DIR/$secret.pem
+done
+
+haproxy -c -f /etc/haproxy/haproxy.cfg
+sv reload haproxy

hack/docker/haproxy/1.7.9/sv/reloader/run

@@ -0,0 +1,9 @@
+#!/bin/bash
+exec 1> >(logger -s -p daemon.info -t ${PWD##*/})
+exec 2> >(logger -s -p daemon.error -t ${PWD##*/})
+source /etc/envvars
+
+echo "Starting HAProxy configuration watcher and reloader ..."
+cmd="exec /kloader run $KLOADER_ARGS"
+echo $cmd
+$cmd

pkg/cmds/run.go

@@ -31,7 +31,7 @@ var (
 	masterURL      string
 	kubeconfigPath string
 	opt            config.Options = config.Options{
-		HAProxyImage:      "appscode/haproxy:1.7.6-4.0.0-alpha.1",
+		HAProxyImage:      "appscode/haproxy:1.7.9-4.0.0-alpha.1",
 		OperatorNamespace: namespace(),
 		OperatorService:   "voyager-operator",
 		HTTPChallengePort: 56791,

test/framework/configs.go

@@ -15,7 +15,7 @@ func init() {
 	flag.StringVar(&testConfigs.Master, "master", "", "The address of the Kubernetes API server (overrides any value in kubeconfig)")
 	flag.StringVar(&testConfigs.KubeConfig, "kubeconfig", "", "Path to kubeconfig file with authorization information (the master location is set by the master flag).")
 	flag.StringVar(&testConfigs.CloudProviderName, "cloud-provider", "", "Name of cloud provider")
-	flag.StringVar(&testConfigs.HAProxyImageName, "haproxy-image", "appscode/haproxy:1.7.6-4.0.0-alpha.1", "haproxy image name to be run")
+	flag.StringVar(&testConfigs.HAProxyImageName, "haproxy-image", "appscode/haproxy:1.7.9-4.0.0-alpha.1", "haproxy image name to be run")
 	flag.StringVar(&testConfigs.IngressClass, "ingress-class", "", "Ingress class handled by voyager. Unset by default. Set to voyager to only handle ingress with annotation kubernetes.io/ingress.class=voyager.")
 	flag.BoolVar(&testConfigs.Cleanup, "cleanup", true, "")
 	flag.BoolVar(&testConfigs.InCluster, "in-cluster", false, "")