Skip to content

Commit

Permalink
fix:polaris-sidecar linsten unix socket file share to envoy (#161)
Browse files Browse the repository at this point in the history
  • Loading branch information
chuntaojun authored Jan 6, 2024
1 parent 8ecfc22 commit 9ba91e5
Show file tree
Hide file tree
Showing 13 changed files with 51 additions and 47 deletions.
32 changes: 3 additions & 29 deletions deploy/kubernetes_v1.21/helm/templates/_params.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -24,41 +24,15 @@ data:
Define the volume mounts for the sidecar container.
*/}}
{{- define "configmap-sidecar.polaris_volume_mounts" -}}
- name: sds
mountPath: /var/run/polaris/mtls
- mountPath: /tmp/polaris-sidecar
defaultMode: 777
name: polaris-socket
{{ "{{" }} if ne ( index .ObjectMeta.Annotations `polarismesh.cn/tls-mode`) "none" {{ "}}" }}
- name: root-ca
mountPath: /etc/polaris-sidecar/certs
{{ "{{" }} end {{ "}}" }}
{{- end -}}

{{/*
Define the volume for the bootstrap init container.
*/}}
{{- define "configmap-sidecar.bootstrap_volume" -}}
- name: sds
emptyDir: {}
{{ "{{" }} if ne ( index .ObjectMeta.Annotations `polarismesh.cn/tls-mode`) "none"{{ "}}" }}
- name: root-ca
secret:
secretName: polaris-sidecar-secret
items:
- key: root-cert
path: rootca.pem
{{ "{{" }} end {{ "}}" }}
- name: polaris-client-config
emptyDir: {}
- name: envoy-bootstrap
emptyDir: {}
- name: envoy-logs
emptyDir: {}
- name: polaris-dir
emptyDir: {}
- name: polaris-log
emptyDir: {}
{{- end -}}


{{/*
Define the cmd envs for the bootstrap init container.
*/}}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ rules:
- services
- namespaces
- pods
- endpoints
verbs:
- get
- list
Expand All @@ -19,6 +18,7 @@ rules:
resources:
- events
- configmaps
- endpoints
verbs:
- create
- update
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -114,8 +114,9 @@ data:
- mountPath: /etc/envoy_logs
name: envoy-logs
readOnly: false
- name: sds
mountPath: /var/run/polaris/mtls
- mountPath: /tmp/polaris-sidecar
defaultMode: 777
name: polaris-socket
- image: {{ include "polaris-controller.sidecar.image" . }}
name: polaris-sidecar
securityContext:
Expand All @@ -130,7 +131,15 @@ data:
cpu: 100m
memory: 50Mi
volumeMounts:
{{ include "configmap-sidecar.polaris_volume_mounts" . | nindent 10 }}
- mountPath: /root/polaris
defaultMode: 777
name: polaris-dir
- mountPath: /root/log
defaultMode: 777
name: polaris-log
- mountPath: /tmp/polaris-sidecar
defaultMode: 777
name: polaris-socket
initContainers:
- name: polaris-bootstrap-writer
image: {{ include "polaris-controller.sidecar.envoy_init.image" . }}
Expand Down Expand Up @@ -182,4 +191,6 @@ data:
- name: polaris-dir
emptyDir: {}
- name: polaris-log
emptyDir: {}
- name: polaris-socket
emptyDir: {}
12 changes: 8 additions & 4 deletions deploy/kubernetes_v1.21/kubernetes/injector.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -157,8 +157,9 @@ data:
- mountPath: /etc/envoy_logs
name: envoy-logs
readOnly: false
- name: sds
mountPath: /var/run/polaris/mtls
- mountPath: /tmp/polaris-sidecar
defaultMode: 777
name: polaris-socket
- image: polarismesh/polaris-sidecar:#SIDECAR_VERSION#
name: polaris-sidecar
securityContext:
Expand All @@ -173,8 +174,9 @@ data:
cpu: 100m
memory: 50Mi
volumeMounts:
- name: sds
mountPath: /var/run/polaris/mtls
- mountPath: /tmp/polaris-sidecar
defaultMode: 777
name: polaris-socket
{{ if ( openTlsMode .ObjectMeta.Annotations `polarismesh.cn/tls-mode` ) }}
- name: root-ca
mountPath: /etc/polaris-sidecar/certs
Expand Down Expand Up @@ -268,6 +270,8 @@ data:
emptyDir: {}
- name: polaris-log
emptyDir: {}
- name: polaris-socket
emptyDir: {}
---
apiVersion: v1
kind: Service
Expand Down
3 changes: 1 addition & 2 deletions deploy/kubernetes_v1.21/kubernetes/rbac.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,7 @@ rules:
resources:
- services
- namespaces
- configmaps
- pods
- endpoints
verbs:
- get
- list
Expand All @@ -27,6 +25,7 @@ rules:
resources:
- events
- configmaps
- endpoints
verbs:
- create
- update
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ rules:
- services
- namespaces
- pods
- endpoints
verbs:
- get
- list
Expand All @@ -19,6 +18,7 @@ rules:
resources:
- events
- configmaps
- endpoints
verbs:
- create
- update
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,9 @@ data:
- mountPath: /etc/envoy_logs
name: envoy-logs
readOnly: false
- mountPath: /tmp/polaris-sidecar
defaultMode: 777
name: polaris-socket
- image: {{ include "polaris-controller.sidecar.image" . }}
name: polaris-sidecar
securityContext:
Expand All @@ -134,6 +137,9 @@ data:
- mountPath: /root/log
defaultMode: 777
name: polaris-log
- mountPath: /tmp/polaris-sidecar
defaultMode: 777
name: polaris-socket
initContainers:
- name: polaris-bootstrap-writer
image: {{ include "polaris-controller.sidecar.envoy_init.image" . }}
Expand Down Expand Up @@ -185,4 +191,6 @@ data:
- name: polaris-dir
emptyDir: {}
- name: polaris-log
emptyDir: {}
- name: polaris-socket
emptyDir: {}
8 changes: 8 additions & 0 deletions deploy/kubernetes_v1.22/kubernetes/injector.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,9 @@ data:
- mountPath: /etc/envoy_logs
name: envoy-logs
readOnly: false
- mountPath: /tmp/polaris-sidecar
defaultMode: 777
name: polaris-socket
- image: polarismesh/polaris-sidecar:#SIDECAR_VERSION#
name: polaris-sidecar
securityContext:
Expand All @@ -162,6 +165,9 @@ data:
- mountPath: /root/log
defaultMode: 777
name: polaris-log
- mountPath: /tmp/polaris-sidecar
defaultMode: 777
name: polaris-socket
initContainers:
- name: polaris-bootstrap-writer
image: polarismesh/polaris-envoy-bootstrap-generator:#CONTROLLER_VERSION#
Expand Down Expand Up @@ -241,3 +247,5 @@ data:
emptyDir: {}
- name: polaris-log
emptyDir: {}
- name: polaris-socket
emptyDir: {}
2 changes: 1 addition & 1 deletion deploy/kubernetes_v1.22/kubernetes/rbac.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@ rules:
- services
- namespaces
- pods
- endpoints
verbs:
- get
- list
Expand All @@ -26,6 +25,7 @@ rules:
resources:
- events
- configmaps
- endpoints
verbs:
- create
- update
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ static_resources:
- endpoint:
address:
pipe:
path: /var/run/polaris/ratelimit/rls.sock
path: /tmp/polaris-sidecar/ratelimit/rls.sock
dynamic_resources:
lds_config:
api_config_source:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ static_resources:
- endpoint:
address:
pipe:
path: /var/run/polaris/ratelimit/rls.sock
path: /tmp/polaris-sidecar/ratelimit/rls.sock
dynamic_resources:
lds_config:
api_config_source:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ static_resources:
- endpoint:
address:
pipe:
path: /var/run/polaris/mtls/sds.sock
path: /tmp/polaris-sidecar/mtls/sds.sock
- name: polaris_xds_server
connect_timeout: 5s
typed_extension_protocol_options:
Expand Down Expand Up @@ -65,7 +65,7 @@ static_resources:
- endpoint:
address:
pipe:
path: /var/run/polaris/ratelimit/rls.sock
path: /tmp/polaris-sidecar/ratelimit/rls.sock
dynamic_resources:
lds_config:
api_config_source:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ static_resources:
- endpoint:
address:
pipe:
path: /var/run/polaris/mtls/sds.sock
path: /tmp/polaris-sidecar/mtls/sds.sock
- name: polaris_xds_server
connect_timeout: 5s
typed_extension_protocol_options:
Expand Down Expand Up @@ -65,7 +65,7 @@ static_resources:
- endpoint:
address:
pipe:
path: /var/run/polaris/ratelimit/rls.sock
path: /tmp/polaris-sidecar/ratelimit/rls.sock
dynamic_resources:
lds_config:
api_config_source:
Expand Down

0 comments on commit 9ba91e5

Please sign in to comment.