add verify load balancer

This commit is contained in:
Leonard Cohnen 2022-09-01 15:01:23 +02:00 committed by 3u13r
parent 00e72db5d8
commit 26f5aec853
3 changed files with 43 additions and 5 deletions

View File

@ -2,10 +2,13 @@ package resources
import (
"fmt"
"net"
"strings"
"github.com/edgelesssys/constellation/internal/constants"
"github.com/edgelesssys/constellation/internal/kubernetes"
"github.com/edgelesssys/constellation/internal/versions"
"google.golang.org/protobuf/proto"
apps "k8s.io/api/apps/v1"
k8s "k8s.io/api/core/v1"
meta "k8s.io/apimachinery/pkg/apis/meta/v1"
@ -15,9 +18,17 @@ import (
type verificationDaemonset struct {
DaemonSet apps.DaemonSet
Service k8s.Service
LoadBalancer k8s.Service
}
func NewVerificationDaemonSet(csp string) *verificationDaemonset {
func NewVerificationDaemonSet(csp, loadBalancerIP string) *verificationDaemonset {
var err error
if strings.Contains(loadBalancerIP, ":") {
loadBalancerIP, _, err = net.SplitHostPort(loadBalancerIP)
if err != nil {
panic(err)
}
}
return &verificationDaemonset{
DaemonSet: apps.DaemonSet{
TypeMeta: meta.TypeMeta{
@ -141,6 +152,33 @@ func NewVerificationDaemonSet(csp string) *verificationDaemonset {
},
},
},
LoadBalancer: k8s.Service{
TypeMeta: meta.TypeMeta{
APIVersion: "v1",
Kind: "Service",
},
ObjectMeta: meta.ObjectMeta{
Name: "verify",
Namespace: "kube-system",
},
Spec: k8s.ServiceSpec{
AllocateLoadBalancerNodePorts: proto.Bool(false),
Type: k8s.ServiceTypeLoadBalancer,
LoadBalancerClass: proto.String("constellation"),
ExternalIPs: []string{loadBalancerIP},
Ports: []k8s.ServicePort{
{
Name: "grpc",
Protocol: k8s.ProtocolTCP,
Port: constants.VerifyServiceNodePortGRPC,
TargetPort: intstr.FromInt(constants.VerifyServicePortGRPC),
},
},
Selector: map[string]string{
"k8s-app": "verification-service",
},
},
},
}
}

View File

@ -9,7 +9,7 @@ import (
)
func TestNewVerificationDaemonset(t *testing.T) {
deployment := NewVerificationDaemonSet("csp")
deployment := NewVerificationDaemonSet("csp", "192.168.2.1")
deploymentYAML, err := deployment.Marshal()
require.NoError(t, err)

View File

@ -200,7 +200,7 @@ func (k *KubeWrapper) InitCluster(
}
if err := k.clusterUtil.SetupVerificationService(
k.client, resources.NewVerificationDaemonSet(k.cloudProvider),
k.client, resources.NewVerificationDaemonSet(k.cloudProvider, controlPlaneEndpoint),
); err != nil {
return nil, fmt.Errorf("failed to setup verification service: %w", err)
}