From d5de4f48ae2fc799668211a94d0f9c09a685a3bd Mon Sep 17 00:00:00 2001 From: Yaroslav Skopets Date: Fri, 4 Oct 2019 11:59:40 -0700 Subject: [PATCH] kuma-dp: make drain time of Envoy Listeners configurable --- app/kuma-dp/pkg/dataplane/envoy/envoy.go | 4 ++++ app/kuma-dp/pkg/dataplane/envoy/envoy_test.go | 6 +++++- app/kuma-injector/pkg/injector/injector.go | 4 ++++ .../pkg/injector/testdata/inject.01.golden.yaml | 2 ++ .../pkg/injector/testdata/inject.02.golden.yaml | 2 ++ .../pkg/injector/testdata/inject.03.golden.yaml | 2 ++ .../pkg/injector/testdata/inject.04.golden.yaml | 2 ++ .../pkg/injector/testdata/inject.config.yaml | 1 + .../testdata/install-control-plane.defaults.golden.yaml | 1 + .../testdata/install-control-plane.overrides.golden.yaml | 1 + .../data/install/k8s/control-plane/kuma-injector/app.yaml | 1 + .../pkg/install/k8s/control-plane/templates_vfsdata.go | 8 ++++---- pkg/config/app/kuma-dp/config.go | 7 +++++++ pkg/config/app/kuma-dp/config_test.go | 6 +++++- .../app/kuma-dp/testdata/default-config.golden.yaml | 1 + pkg/config/app/kuma-dp/testdata/invalid-config.input.yaml | 1 + pkg/config/app/kuma-dp/testdata/valid-config.input.yaml | 1 + pkg/config/app/kuma-injector/config.go | 7 +++++++ pkg/config/app/kuma-injector/config_test.go | 4 +++- .../app/kuma-injector/testdata/default-config.golden.yaml | 1 + .../app/kuma-injector/testdata/invalid-config.input.yaml | 1 + .../app/kuma-injector/testdata/valid-config.input.yaml | 1 + 22 files changed, 57 insertions(+), 7 deletions(-) diff --git a/app/kuma-dp/pkg/dataplane/envoy/envoy.go b/app/kuma-dp/pkg/dataplane/envoy/envoy.go index 1f8d0e5aa988..a6528121f260 100644 --- a/app/kuma-dp/pkg/dataplane/envoy/envoy.go +++ b/app/kuma-dp/pkg/dataplane/envoy/envoy.go @@ -2,9 +2,11 @@ package envoy import ( "context" + "fmt" "io" "os" "os/exec" + "time" "path/filepath" @@ -105,6 +107,8 @@ func (e *Envoy) Run(stop <-chan struct{}) error { args := []string{ "-c", configFile, + "--drain-time-s", + fmt.Sprintf("%d", e.opts.Config.Dataplane.DrainTime/time.Second), // "hot restart" (enabled by default) requires each Envoy instance to have // `--base-id ` argument. // it is not possible to start multiple Envoy instances on the same Linux machine diff --git a/app/kuma-dp/pkg/dataplane/envoy/envoy_test.go b/app/kuma-dp/pkg/dataplane/envoy/envoy_test.go index 930b1bf53156..ee9a93183f77 100644 --- a/app/kuma-dp/pkg/dataplane/envoy/envoy_test.go +++ b/app/kuma-dp/pkg/dataplane/envoy/envoy_test.go @@ -10,6 +10,7 @@ import ( "os/exec" "path/filepath" "strings" + "time" "github.com/gogo/protobuf/proto" @@ -63,6 +64,9 @@ var _ = Describe("Envoy", func() { It("should generate bootstrap config file and start Envoy", func(done Done) { // given cfg := kuma_dp.Config{ + Dataplane: kuma_dp.Dataplane{ + DrainTime: 15 * time.Second, + }, DataplaneRuntime: kuma_dp.DataplaneRuntime{ BinaryPath: filepath.Join("testdata", "envoy-mock.exit-0.sh"), ConfigDir: configDir, @@ -115,7 +119,7 @@ var _ = Describe("Envoy", func() { // then Expect(err).ToNot(HaveOccurred()) // and - Expect(strings.TrimSpace(buf.String())).To(Equal(fmt.Sprintf("-c %s --disable-hot-restart", expectedConfigFile))) + Expect(strings.TrimSpace(buf.String())).To(Equal(fmt.Sprintf("-c %s --drain-time-s 15 --disable-hot-restart", expectedConfigFile))) By("verifying the contents Envoy config file") // when diff --git a/app/kuma-injector/pkg/injector/injector.go b/app/kuma-injector/pkg/injector/injector.go index 7c7b525c29b7..969754c2cf03 100644 --- a/app/kuma-injector/pkg/injector/injector.go +++ b/app/kuma-injector/pkg/injector/injector.go @@ -104,6 +104,10 @@ func (i *KumaInjector) NewSidecarContainer(pod *kube_core.Pod) kube_core.Contain Name: "KUMA_DATAPLANE_ADMIN_PORT", Value: fmt.Sprintf("%d", i.cfg.SidecarContainer.AdminPort), }, + { + Name: "KUMA_DATAPLANE_DRAIN_TIME", + Value: fmt.Sprintf("%s", i.cfg.SidecarContainer.DrainTime), + }, }, SecurityContext: &kube_core.SecurityContext{ RunAsUser: &i.cfg.SidecarContainer.UID, diff --git a/app/kuma-injector/pkg/injector/testdata/inject.01.golden.yaml b/app/kuma-injector/pkg/injector/testdata/inject.01.golden.yaml index 50138d2800a5..775148649d44 100644 --- a/app/kuma-injector/pkg/injector/testdata/inject.01.golden.yaml +++ b/app/kuma-injector/pkg/injector/testdata/inject.01.golden.yaml @@ -46,6 +46,8 @@ spec: value: $(POD_NAME).$(POD_NAMESPACE) - name: KUMA_DATAPLANE_ADMIN_PORT value: "9901" + - name: KUMA_DATAPLANE_DRAIN_TIME + value: 31s image: kuma/kuma-sidecar:latest imagePullPolicy: IfNotPresent livenessProbe: diff --git a/app/kuma-injector/pkg/injector/testdata/inject.02.golden.yaml b/app/kuma-injector/pkg/injector/testdata/inject.02.golden.yaml index d719b33b5025..74cce7cfd470 100644 --- a/app/kuma-injector/pkg/injector/testdata/inject.02.golden.yaml +++ b/app/kuma-injector/pkg/injector/testdata/inject.02.golden.yaml @@ -47,6 +47,8 @@ spec: value: $(POD_NAME).$(POD_NAMESPACE) - name: KUMA_DATAPLANE_ADMIN_PORT value: "9901" + - name: KUMA_DATAPLANE_DRAIN_TIME + value: 31s image: kuma/kuma-sidecar:latest imagePullPolicy: IfNotPresent livenessProbe: diff --git a/app/kuma-injector/pkg/injector/testdata/inject.03.golden.yaml b/app/kuma-injector/pkg/injector/testdata/inject.03.golden.yaml index b07492a79d8b..658ce304c400 100644 --- a/app/kuma-injector/pkg/injector/testdata/inject.03.golden.yaml +++ b/app/kuma-injector/pkg/injector/testdata/inject.03.golden.yaml @@ -106,6 +106,8 @@ spec: value: $(POD_NAME).$(POD_NAMESPACE) - name: KUMA_DATAPLANE_ADMIN_PORT value: "9901" + - name: KUMA_DATAPLANE_DRAIN_TIME + value: 31s image: kuma/kuma-sidecar:latest imagePullPolicy: IfNotPresent livenessProbe: diff --git a/app/kuma-injector/pkg/injector/testdata/inject.04.golden.yaml b/app/kuma-injector/pkg/injector/testdata/inject.04.golden.yaml index 62e722121aed..226f31f2cca0 100644 --- a/app/kuma-injector/pkg/injector/testdata/inject.04.golden.yaml +++ b/app/kuma-injector/pkg/injector/testdata/inject.04.golden.yaml @@ -46,6 +46,8 @@ spec: value: $(POD_NAME).$(POD_NAMESPACE) - name: KUMA_DATAPLANE_ADMIN_PORT value: "9901" + - name: KUMA_DATAPLANE_DRAIN_TIME + value: 31s image: kuma/kuma-sidecar:latest imagePullPolicy: IfNotPresent livenessProbe: diff --git a/app/kuma-injector/pkg/injector/testdata/inject.config.yaml b/app/kuma-injector/pkg/injector/testdata/inject.config.yaml index 036f17aa7179..92dde5d351e3 100644 --- a/app/kuma-injector/pkg/injector/testdata/inject.config.yaml +++ b/app/kuma-injector/pkg/injector/testdata/inject.config.yaml @@ -9,6 +9,7 @@ sidecarContainer: uid: 5678 gid: 5678 adminPort: 9901 + drainTime: 31s readinessProbe: initialDelaySeconds: 11 diff --git a/app/kumactl/cmd/install/testdata/install-control-plane.defaults.golden.yaml b/app/kumactl/cmd/install/testdata/install-control-plane.defaults.golden.yaml index 973ac4eb0dc5..4957c99379b6 100644 --- a/app/kumactl/cmd/install/testdata/install-control-plane.defaults.golden.yaml +++ b/app/kumactl/cmd/install/testdata/install-control-plane.defaults.golden.yaml @@ -47,6 +47,7 @@ data: uid: 5678 gid: 5678 adminPort: 9901 + drainTime: 30s readinessProbe: initialDelaySeconds: 1 diff --git a/app/kumactl/cmd/install/testdata/install-control-plane.overrides.golden.yaml b/app/kumactl/cmd/install/testdata/install-control-plane.overrides.golden.yaml index f29ba42ae4ab..aa2cd6231aca 100644 --- a/app/kumactl/cmd/install/testdata/install-control-plane.overrides.golden.yaml +++ b/app/kumactl/cmd/install/testdata/install-control-plane.overrides.golden.yaml @@ -47,6 +47,7 @@ data: uid: 5678 gid: 5678 adminPort: 9901 + drainTime: 30s readinessProbe: initialDelaySeconds: 1 diff --git a/app/kumactl/data/install/k8s/control-plane/kuma-injector/app.yaml b/app/kumactl/data/install/k8s/control-plane/kuma-injector/app.yaml index a9c76238d0f0..d3fcd07462d1 100644 --- a/app/kumactl/data/install/k8s/control-plane/kuma-injector/app.yaml +++ b/app/kumactl/data/install/k8s/control-plane/kuma-injector/app.yaml @@ -36,6 +36,7 @@ data: uid: 5678 gid: 5678 adminPort: 9901 + drainTime: 30s readinessProbe: initialDelaySeconds: 1 diff --git a/app/kumactl/pkg/install/k8s/control-plane/templates_vfsdata.go b/app/kumactl/pkg/install/k8s/control-plane/templates_vfsdata.go index e90957a99506..acb57686e71e 100644 --- a/app/kumactl/pkg/install/k8s/control-plane/templates_vfsdata.go +++ b/app/kumactl/pkg/install/k8s/control-plane/templates_vfsdata.go @@ -93,14 +93,14 @@ var Templates = func() http.FileSystem { }, "/control-plane/kuma-injector": &vfsgen۰DirInfo{ name: "kuma-injector", - modTime: time.Date(2019, 9, 9, 23, 26, 41, 275078553, time.UTC), + modTime: time.Date(2019, 10, 1, 15, 20, 59, 233077892, time.UTC), }, "/control-plane/kuma-injector/app.yaml": &vfsgen۰CompressedFileInfo{ name: "app.yaml", - modTime: time.Date(2019, 10, 1, 13, 58, 7, 955609752, time.UTC), - uncompressedSize: 3910, + modTime: time.Date(2019, 10, 4, 18, 43, 3, 730114625, time.UTC), + uncompressedSize: 3933, - compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x57\x5b\x73\x9b\x38\x14\x7e\xe7\x57\x68\xf2\x8e\x2f\x6d\x9c\x4d\x99\xe9\x83\xe3\x78\x53\x6f\x62\x9b\xc1\xa4\x7d\xf4\xc8\xe2\x04\x6b\x23\x24\x56\x12\x6c\x3d\x6d\xfe\xfb\x8e\x10\x10\x88\x2f\xc4\xdb\xfa\x09\xce\xed\x3b\x37\x9f\x73\x70\x5c\xd7\x75\x70\x4a\xbf\x82\x54\x54\x70\x0f\xe5\x43\xe7\x99\xf2\xc8\x43\x2b\x90\x39\x25\xe0\x24\xa0\x71\x84\x35\xf6\x1c\x84\x38\x4e\xc0\x43\xcf\x59\x82\x5d\xca\xff\x06\xa2\x85\x2c\xa9\x2a\xc5\x04\x3c\xf4\xe3\x07\xea\x2d\xaa\x57\xf4\xf2\xe2\xa8\x14\x88\xd1\x4c\x85\xd4\xca\x3c\xb8\xc5\xa3\x87\x2e\x2f\x3f\x3a\x08\x55\x26\xb7\x5a\xa7\xaa\x78\xd7\x58\xc6\xa0\xfd\x42\xe6\xda\x0a\x29\x60\x05\x94\x57\x08\xe0\x34\x7d\xeb\xc2\x89\x18\x88\x04\xed\xe8\x5d\x5a\xb8\xbd\x01\xc9\x41\x83\xea\x51\xd1\xd7\x4c\x75\x85\xe6\x6a\xa6\x5c\x02\x52\x77\xc4\x58\x99\xd0\x4c\xf5\x88\xf1\xdb\x48\xcc\x4a\x23\x21\x53\x13\x90\x1a\xfd\x44\x9b\xab\x4b\xe0\xc4\x28\x58\xd1\x67\xd8\xed\x89\xde\xc3\xae\x25\x79\x34\xb2\x89\xe0\x4f\x34\x9e\xe3\xb4\x33\x08\x52\x48\xbe\x33\x04\x2b\xdc\xdb\xe1\x84\x79\xe8\x67\x91\xef\xca\x90\xcd\x3e\x42\x8a\x46\x40\xb0\x9c\x08\xae\x31\xe5\x50\xd3\x11\x92\x10\x51\x09\xa4\x2c\xde\x70\x34\x18\x0c\x6b\x5e\x46\x23\x0f\x8d\xae\xfe\xb8\xae\x29\xf1\x1e\x05\x47\x09\xe5\x56\xf9\xd3\xa7\xc1\xd0\x69\x18\xc6\x11\xe5\xa0\x94\x2f\xc5\x06\x5e\x01\x8d\x73\x54\x53\xcc\x6e\x81\xe1\xdd\x0a\x88\xe0\x91\xf2\xd0\xb0\x21\xa0\x69\x02\x22\xd3\x35\xaf\xf8\x7d\x6c\x08\xa4\x20\xa9\x88\xda\x7c\x34\x6a\x08\xa8\x8c\x10\x50\x2a\xdc\x4a\x50\x5b\xc1\xa2\x42\xa6\x09\xf1\x84\x29\xcb\x24\xbc\x11\xf8\x50\x4b\x30\x9a\xc3\xfb\x9d\xbf\x1a\xfc\x56\xef\xbb\x9c\x93\xa0\x44\x26\x09\xa8\xa6\x63\x12\xfe\xc9\x40\xe9\x16\x0d\x21\x92\x66\x1e\x1a\x0d\x92\x16\x31\x81\x44\xc8\x9d\x87\xae\x2e\xe7\xb4\xc1\x60\x34\xa1\x07\xf5\x87\x83\xc1\x11\x0b\xa3\xe1\x87\x39\xdd\x6b\x78\x9c\xa6\xaa\x5f\x77\xfd\x2d\xa4\x4c\xec\x12\xe0\xfa\x17\xc7\x12\x42\x0c\x6f\x80\xa9\xa3\x23\xa5\x9a\x5b\x4a\x4b\xac\x21\xde\x59\x41\x29\x18\xa3\x3c\x7e\x4c\x23\xac\xeb\x52\x26\xf8\xfb\x2a\x93\x31\xbc\x36\x5e\x82\xbf\x3f\x72\x9c\x63\xca\xf0\x86\x81\x87\x06\x7b\x43\x2c\xc1\x9a\x6c\x1f\x1a\x2e\x1c\x74\x02\x21\x0d\x49\xca\x6a\xac\x66\xcc\x45\x96\x5b\x06\x8e\x98\x40\xa8\x8a\xa5\x28\x42\xf5\xb7\xad\xd5\xdc\x23\xe9\x2b\x7b\x34\xc1\x31\xb4\xc7\xd4\xcc\x90\xd0\xcb\x8b\x67\x88\x66\x0c\x48\xc1\x7c\x86\x39\x94\x45\xb3\xf9\x6d\xa8\xfb\x19\x63\xbe\x60\x94\x54\xf3\xae\x4d\x6c\xca\x03\xcf\x5f\xc3\xa9\x3c\xbb\x7f\x9c\x8f\xd7\xb3\xc5\x5f\xd3\x49\xb8\x0c\xd6\xdf\xa6\x37\x5f\x96\xcb\xfb\xf5\x6a\x1a\x7c\x9d\x06\x6b\x7f\x19\x84\x8d\x7e\xca\x31\xcb\xc0\x43\x17\x66\x75\x5c\x9c\x67\x69\x32\x0d\xc2\xf5\xed\x2c\xd8\xb7\xd6\xcf\xb1\xec\xcb\x8c\xf7\x55\xb1\x4f\x54\xdf\xe4\xca\x2c\x91\x56\xce\xfa\x8d\x75\x71\x0a\x76\xb2\x5c\x84\xc1\xf2\x61\xed\x3f\x8c\x17\xd3\xf5\xcd\x72\x19\xae\xc2\x60\xec\x57\x6e\x3c\x06\x0f\xfb\x1e\x98\xfd\xe8\xf5\x2d\x1e\xb1\x29\x77\x53\x93\xf3\xde\xdb\xd6\xf6\x46\x57\xd7\x1f\xce\xf2\x60\xec\xcf\x7e\x23\xf6\xb0\x03\x7b\x35\xbb\x9d\x4e\xc6\xd6\x87\xf1\x6c\x31\x0d\xd6\xb3\xf9\xf8\x6e\xba\x0f\x6b\x8c\xdf\x62\x8d\x0b\xa8\x73\x7a\xee\x30\xee\x6c\x31\x0b\xcf\x05\xe5\x54\xb7\x80\x5b\x9c\x03\xc8\x58\xc6\xaa\xd9\xbe\x32\xe3\x8d\x37\xd7\x65\x22\x76\x19\xe4\xc0\x3e\x53\xfe\x24\x5a\x2c\xbb\x78\xdd\x27\xca\xe0\x73\x1f\x34\x39\xd2\x62\x8d\xfd\x5c\xab\xd7\xa7\x55\x65\xad\xfe\x8f\xb7\xae\x28\xfb\x3b\xba\x8c\x4c\x95\xef\x40\xb7\x47\x76\x8a\xf5\xd6\x43\xfd\x2d\x60\xa6\xb7\xbb\x36\x6b\xdf\xb6\xf9\x29\xb2\x05\x93\xfc\x2f\x61\xe8\xaf\xde\xb1\xc0\x4f\xc1\x1a\xad\x5f\x02\x3d\x6f\xb5\x0d\x8f\x6d\xa6\xd6\x6e\xcb\x05\xcb\x12\x98\x8b\x8c\xb7\x93\xde\x71\x3f\xd6\x36\x8d\xa2\x6f\xe3\xfb\x9f\x53\xc5\xa6\x73\xc9\xd9\xce\x43\x5a\x66\xd0\xe1\x44\x7d\xff\x1d\x72\xe1\x68\xa7\x75\xa1\xd9\x34\x9c\x5e\x22\xfb\xf1\xdb\x48\x9b\xb9\xb7\x94\x45\xb7\xf2\xbb\x82\x23\xd5\x55\xdc\x84\x38\xa1\xb7\x77\x6d\x44\x09\x55\xe6\x51\x42\x4c\x8b\xd5\x4f\x05\xef\x3d\x5f\x17\x5f\x0c\xf9\x70\x03\x1a\x57\xa7\xc8\x3c\xd3\x58\x53\x1e\x7f\x83\xcd\x56\x88\x67\x7b\x8f\x67\x56\xa3\xf3\x26\xff\xd7\x2a\x95\x6e\x54\x5a\x25\x55\x79\xce\xc1\x60\x7b\x65\xa1\x9a\xa7\xcd\xaa\xeb\xaa\xa8\x8a\x5b\x5e\xed\xa5\xb1\x22\x58\xe0\xe6\x3a\x89\x9c\xfa\x48\x6c\xed\xe8\x12\xf4\xcf\x26\xcb\xce\x3a\xc2\x28\x70\x6d\x03\xb6\x30\x04\xdf\x64\x3c\x62\xf0\x9e\x2f\x1f\x53\xf2\xe2\xc3\xb2\xf2\xf0\xf4\x99\x76\xa4\x80\x25\xa7\x1c\x14\x96\xea\x96\x31\x3a\x08\xc9\x8c\x41\xf9\xb5\x89\x53\x7a\x27\x45\x96\x96\x19\x71\xd1\xc5\x45\x79\xf3\x55\x65\xaf\x39\xb9\xdd\x5d\x22\x05\x5b\x90\x9a\x31\x09\xa6\xe3\xd0\x6e\x8b\x37\x43\xc5\x7c\xcd\x46\xca\xf9\x2f\x00\x00\xff\xff\x4a\x78\x9a\x34\x46\x0f\x00\x00"), + compressedContent: []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x57\x4b\x73\xa3\x38\x10\xbe\xf3\x2b\x54\xb9\xe3\x47\x12\x67\x33\x54\xcd\xc1\x71\xbc\x19\x6f\x62\x9b\xc2\x64\xe6\xe8\x92\x45\x07\x6b\x23\x24\x56\x12\xec\xb8\x66\xf2\xdf\xb7\x84\x80\x40\xfc\x20\xd9\x19\x4e\xd0\xcf\xaf\xbb\x45\x77\xcb\x71\x5d\xd7\xc1\x29\xfd\x0a\x52\x51\xc1\x3d\x94\x0f\x9d\x67\xca\x23\x0f\xad\x40\xe6\x94\x80\x93\x80\xc6\x11\xd6\xd8\x73\x10\xe2\x38\x01\x0f\x3d\x67\x09\x76\x29\xff\x1b\x88\x16\xb2\xa4\xaa\x14\x13\xf0\xd0\x8f\x1f\xa8\xb7\xa8\x3e\xd1\xcb\x8b\xa3\x52\x20\x46\x33\x15\x52\x2b\xf3\xe2\x16\xaf\x1e\xba\xbc\xbc\x70\x10\xaa\x4c\x6e\xb5\x4e\x55\xf1\xad\xb1\x8c\x41\xfb\x85\xcc\xb5\x15\x52\xc0\x0a\x57\x5e\x21\x80\xd3\xf4\x2d\x84\x13\x31\x10\x09\xda\xd1\xbb\xb4\x80\xbd\x01\xc9\x41\x83\xea\x51\xd1\xd7\x4c\x75\x85\xe6\x6a\xa6\x5c\x02\x52\x77\xc4\x58\x99\xd0\x4c\xf5\x88\xc1\x6d\x24\x66\xa5\x91\x90\xa9\x09\x48\x8d\x7e\xa2\xcd\xd5\x25\x70\x62\x14\xac\xe8\x33\xec\xf6\x44\xef\x61\xd7\x92\x3c\x1a\xd9\x44\xf0\x27\x1a\xcf\x71\xda\x19\x04\x29\x24\xdf\x19\x82\x15\xee\xed\x70\xc2\x3c\xf4\xb3\xc8\x77\x65\xc8\x66\x1f\x21\x45\x23\x20\x58\x4e\x04\xd7\x98\x72\xa8\xe9\x08\x49\x88\xa8\x04\x52\x16\x6f\x38\x1a\x0c\x86\x35\x2f\xa3\x91\x87\x46\x57\x7f\x5c\xd7\x94\x78\x8f\x82\xa3\x84\x72\xab\xfc\xe9\x53\x43\x37\x92\x98\xf2\x90\x9a\xd0\x2e\x06\xca\x69\xf8\xc3\x11\xe5\xa0\x94\x2f\xc5\x06\x5e\x71\x18\xcc\x54\x53\xcc\x6e\x81\xe1\xdd\x0a\x88\xe0\x91\xf2\xd0\xb0\x21\xa0\x69\x02\x22\xd3\x35\xaf\x78\x2e\x1a\x02\x29\x48\x2a\xa2\x36\x1f\x8d\x1a\x02\x2a\x23\x04\x94\x0a\xb7\x12\xd4\x56\xb0\xa8\x90\x69\xba\x78\xc2\x94\x65\x12\xde\x08\x9c\xd7\x12\x8c\xe6\xf0\x7e\xf0\x57\x83\xdf\x8a\xbe\x0b\x9c\x04\x25\x32\x49\x40\x35\x81\x49\xf8\x27\x03\xa5\x5b\x34\x84\x48\x9a\x79\x68\x34\x48\x5a\xc4\x04\x12\x21\x77\x1e\xba\xba\x9c\xd3\x06\x83\xd1\x84\x1e\xd4\x1f\x0e\x06\x47\x2c\x8c\x86\xe7\x73\xba\xf7\x1f\xe0\x34\x55\xfd\xfa\x67\xb8\x85\x94\x89\x5d\x02\x5c\xff\x62\xb7\x42\x88\xe1\x0d\x30\x75\xb4\xd3\x54\xed\x4c\x69\x89\x35\xc4\x3b\x2b\x28\x05\x63\x94\xc7\x8f\x69\x84\x75\x5d\xca\x04\x7f\x5f\x65\x32\x86\xd7\x83\x97\xe0\xef\x8f\x1c\xe7\x98\x32\xbc\x61\xe0\xa1\xc1\x5e\x6f\x4b\xb0\x26\xdb\x87\x06\x84\x83\x20\x10\xd2\x90\xa4\xac\xf6\xd5\x8c\xb9\xc8\x72\xcb\xc0\x11\x13\x08\x55\xb1\x14\x45\xa8\xfe\xe6\x5a\xcd\x3d\x92\xbe\xf2\x8c\x26\x38\x86\x76\xf7\x9a\x19\x12\x7a\x79\xf1\x0c\xd1\x74\x07\x29\x98\xcf\x30\x87\xb2\x68\x36\xbf\x0d\x75\x3f\x63\xcc\x17\x8c\x92\xaa\x0d\xb6\x89\x4d\x79\xe0\xf9\x6b\x38\x15\xb2\xfb\xc7\xf9\x78\x3d\x5b\xfc\x35\x9d\x84\xcb\x60\xfd\x6d\x7a\xf3\x65\xb9\xbc\x5f\xaf\xa6\xc1\xd7\x69\xb0\xf6\x97\x41\xd8\x38\x4f\x39\x66\x19\x78\xe8\xcc\x4c\x94\xb3\x8f\x59\x9a\x4c\x83\x70\x7d\x3b\x0b\xf6\xad\xf5\x73\x2c\xfb\x32\xe3\x7d\x55\x8c\x19\xd5\x37\xb9\x32\xb3\xa5\x95\xb3\x7e\x63\x8a\x9c\x72\x3b\x59\x2e\xc2\x60\xf9\xb0\xf6\x1f\xc6\x8b\xe9\xfa\x66\xb9\x0c\x57\x61\x30\xf6\x2b\x18\x8f\xc1\xc3\x3e\x02\x33\x36\xbd\xbe\xf5\x47\x6c\xca\xdd\xd4\xe4\xbc\xf7\xf6\x68\x7b\xa3\xab\xeb\xf3\x0f\x21\x18\xfb\xb3\xdf\xe8\x7b\xd8\xe1\x7b\x35\xbb\x9d\x4e\xc6\x16\xc3\x78\xb6\x98\x06\xeb\xd9\x7c\x7c\x37\xdd\x77\x6b\x8c\xdf\x62\x8d\x0b\x57\x1f\x39\x73\x87\xfd\xce\x16\xb3\xf0\xa3\x4e\x39\xd5\x2d\xc7\x2d\xce\x01\xcf\x58\xc6\xaa\x79\x7c\x65\xc6\x1b\x5f\xae\xcb\x44\xec\x32\xc8\x81\x7d\xa6\xfc\x49\xb4\x58\x76\x1e\xbb\x4f\x94\xc1\xe7\x3e\x68\x72\xe4\x88\x35\xc6\x76\xad\x5e\x6f\x5c\x95\xb5\xfa\x1f\x6f\x2d\x57\xf6\x39\x3a\x8c\x4c\x95\xef\x40\xb7\x5b\x76\x8a\xf5\xd6\x43\xfd\x2d\x60\xa6\xb7\xbb\x36\x6b\xdf\xb6\x79\x14\xd9\x82\x49\xfe\x97\x30\xf4\x57\xef\x18\xe0\xa7\xdc\x1a\xad\x5f\x72\xfa\xb1\xd1\x36\x3c\x36\x99\x5a\xb3\x2d\x17\x2c\x4b\x60\x2e\x32\xde\x4e\x7a\xc7\x5a\x59\xdb\x34\x8a\xbe\x8d\xef\x7f\x76\x15\x9b\xce\x25\x67\x3b\x0f\x69\x99\x41\x07\x88\x7a\x2d\x3c\x04\xe1\xe8\x49\xeb\xf2\x66\xd3\x70\x7a\x88\xec\xc7\x6f\x23\x6d\xe6\xde\x52\x16\xdd\xca\xef\x0a\x8e\x54\xcb\x72\xd3\xc5\x09\xbd\xbd\x6d\x23\x4a\xa8\x32\xaf\x12\x62\x5a\x8c\x7e\x2a\x78\xef\xf9\xba\xb8\x48\xe4\xc3\x0d\x68\x5c\xad\x22\xf3\x4c\x63\x4d\x79\xfc\x0d\x36\x5b\x21\x9e\xed\x9a\x9e\x59\x8d\xce\x55\xfd\x5f\xab\x54\xc2\xa8\xb4\x4a\xaa\xf2\x9c\x83\xc1\xf6\xca\x42\x35\x57\x9b\x55\xd7\x56\x51\x15\xb7\x5c\xe6\x4b\x63\x45\xb0\xc0\xcd\x76\x12\x39\xf5\x92\xd8\x9a\xd1\xa5\xd3\x3f\x9b\x2c\xdb\xeb\x08\xa3\xc0\xb5\x0d\xd8\xba\x21\xf8\x26\xe3\x11\x83\xf7\x5c\x88\x4c\xc9\x8b\xfb\x66\x85\xf0\xf4\x9a\x76\xa4\x80\x25\xa7\x6c\x14\x96\xea\x96\x31\x3a\x08\xc9\x8c\x41\x79\x09\xc5\x29\xbd\x93\x22\x4b\xcb\x8c\xb8\xe8\xec\xac\xdc\xf9\xaa\xb2\xd7\x9c\xdc\xce\x2e\x91\x82\x2d\x48\xcd\x98\x04\xd3\x71\x68\xa7\xc5\x9b\xa6\x62\x2e\xb9\x91\x72\xfe\x0b\x00\x00\xff\xff\x71\xd8\x06\xb7\x5d\x0f\x00\x00"), }, "/control-plane/namespace.yaml": &vfsgen۰FileInfo{ name: "namespace.yaml", diff --git a/pkg/config/app/kuma-dp/config.go b/pkg/config/app/kuma-dp/config.go index 6013b4a7e2fa..a303033eae61 100644 --- a/pkg/config/app/kuma-dp/config.go +++ b/pkg/config/app/kuma-dp/config.go @@ -2,6 +2,7 @@ package kumadp import ( "net/url" + "time" "github.com/Kong/kuma/pkg/config" @@ -20,6 +21,7 @@ func DefaultConfig() Config { Mesh: "default", Name: "", // Dataplane name must be set explicitly AdminPort: 0, // by default, turn off Admin interface of Envoy + DrainTime: 30 * time.Second, }, DataplaneRuntime: DataplaneRuntime{ BinaryPath: "envoy", @@ -57,6 +59,8 @@ type Dataplane struct { Name string `yaml:"name,omitempty" envconfig:"kuma_dataplane_name"` // Envoy Admin port. AdminPort uint32 `yaml:"adminPort,omitempty" envconfig:"kuma_dataplane_admin_port"` + // Drain time for listeners. + DrainTime time.Duration `yaml:"drainTime,omitempty" envconfig:"kuma_dataplane_drain_time"` } // DataplaneRuntime defines the context in which dataplane (Envoy) runs. @@ -103,6 +107,9 @@ func (d *Dataplane) Validate() (errs error) { if 65535 < d.AdminPort { errs = multierr.Append(errs, errors.Errorf(".AdminPort must be in the range [0, 65535]")) } + if d.DrainTime <= 0 { + errs = multierr.Append(errs, errors.Errorf(".DrainTime must be positive")) + } return } diff --git a/pkg/config/app/kuma-dp/config_test.go b/pkg/config/app/kuma-dp/config_test.go index ec13106075b7..d3e71345d466 100644 --- a/pkg/config/app/kuma-dp/config_test.go +++ b/pkg/config/app/kuma-dp/config_test.go @@ -5,6 +5,7 @@ import ( "os" "path/filepath" "strings" + "time" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -27,6 +28,7 @@ var _ = Describe("Config", func() { // and Expect(cfg.ControlPlane.BootstrapServer.URL).To(Equal("https://kuma-control-plane.internal:5682")) Expect(cfg.Dataplane.AdminPort).To(Equal(uint32(2345))) + Expect(cfg.Dataplane.DrainTime).To(Equal(60 * time.Second)) }) Context("with modified environment variables", func() { @@ -52,6 +54,7 @@ var _ = Describe("Config", func() { "KUMA_DATAPLANE_MESH": "pilot", "KUMA_DATAPLANE_NAME": "example", "KUMA_DATAPLANE_ADMIN_PORT": "2345", + "KUMA_DATAPLANE_DRAIN_TIME": "60s", "KUMA_DATAPLANE_RUNTIME_BINARY_PATH": "envoy.sh", "KUMA_DATAPLANE_RUNTIME_CONFIG_DIR": "/var/run/envoy", } @@ -73,6 +76,7 @@ var _ = Describe("Config", func() { Expect(cfg.Dataplane.Mesh).To(Equal("pilot")) Expect(cfg.Dataplane.Name).To(Equal("example")) Expect(cfg.Dataplane.AdminPort).To(Equal(uint32(2345))) + Expect(cfg.Dataplane.DrainTime).To(Equal(60 * time.Second)) Expect(cfg.DataplaneRuntime.BinaryPath).To(Equal("envoy.sh")) Expect(cfg.DataplaneRuntime.ConfigDir).To(Equal("/var/run/envoy")) }) @@ -103,6 +107,6 @@ var _ = Describe("Config", func() { err := config.Load(filepath.Join("testdata", "invalid-config.input.yaml"), &cfg) // then - Expect(err).To(MatchError(`Invalid configuration: .ControlPlane is not valid: .BootstrapServer is not valid: .URL must be a valid absolute URI; .Dataplane is not valid: .Mesh must be non-empty; .Name must be non-empty; .AdminPort must be in the range [0, 65535]; .DataplaneRuntime is not valid: .BinaryPath must be non-empty`)) + Expect(err).To(MatchError(`Invalid configuration: .ControlPlane is not valid: .BootstrapServer is not valid: .URL must be a valid absolute URI; .Dataplane is not valid: .Mesh must be non-empty; .Name must be non-empty; .AdminPort must be in the range [0, 65535]; .DrainTime must be positive; .DataplaneRuntime is not valid: .BinaryPath must be non-empty`)) }) }) diff --git a/pkg/config/app/kuma-dp/testdata/default-config.golden.yaml b/pkg/config/app/kuma-dp/testdata/default-config.golden.yaml index 80ae556cb119..df2798fb3d02 100644 --- a/pkg/config/app/kuma-dp/testdata/default-config.golden.yaml +++ b/pkg/config/app/kuma-dp/testdata/default-config.golden.yaml @@ -1,4 +1,5 @@ dataplane: mesh: default + drainTime: 30s dataplaneRuntime: binaryPath: envoy diff --git a/pkg/config/app/kuma-dp/testdata/invalid-config.input.yaml b/pkg/config/app/kuma-dp/testdata/invalid-config.input.yaml index 618f47be87d4..933f2cac9621 100644 --- a/pkg/config/app/kuma-dp/testdata/invalid-config.input.yaml +++ b/pkg/config/app/kuma-dp/testdata/invalid-config.input.yaml @@ -5,5 +5,6 @@ dataplane: mesh: name: adminPort: 82345 + drainTime: 0 dataplaneRuntime: binaryPath: diff --git a/pkg/config/app/kuma-dp/testdata/valid-config.input.yaml b/pkg/config/app/kuma-dp/testdata/valid-config.input.yaml index 5e7d61487e40..3176186eb4af 100644 --- a/pkg/config/app/kuma-dp/testdata/valid-config.input.yaml +++ b/pkg/config/app/kuma-dp/testdata/valid-config.input.yaml @@ -5,6 +5,7 @@ dataplane: mesh: pilot name: example adminPort: 2345 + drainTime: 60s dataplaneRuntime: binaryPath: envoy.sh configDir: /var/run/envoy diff --git a/pkg/config/app/kuma-injector/config.go b/pkg/config/app/kuma-injector/config.go index 89b38b7f249d..f53dc2c06b28 100644 --- a/pkg/config/app/kuma-injector/config.go +++ b/pkg/config/app/kuma-injector/config.go @@ -3,6 +3,7 @@ package kumainjector import ( "net" "net/url" + "time" "github.com/Kong/kuma/pkg/config" @@ -37,6 +38,7 @@ func DefaultConfig() Config { UID: 5678, GID: 5678, AdminPort: 9901, + DrainTime: 30 * time.Second, ReadinessProbe: SidecarReadinessProbe{ InitialDelaySeconds: 1, @@ -130,6 +132,8 @@ type SidecarContainer struct { GID int64 `yaml:"gid,omitempty" envconfig:"kuma_injector_sidecar_container_gui"` // Admin port. AdminPort uint32 `yaml:"adminPort,omitempty" envconfig:"kuma_injector_sidecar_container_admin_port"` + // Drain time for listeners. + DrainTime time.Duration `yaml:"drainTime,omitempty" envconfig:"kuma_injector_sidecar_container_drain_time"` // Readiness probe. ReadinessProbe SidecarReadinessProbe `yaml:"readinessProbe,omitempty"` // Liveness probe. @@ -288,6 +292,9 @@ func (c *SidecarContainer) Validate() (errs error) { if 65535 < c.AdminPort { errs = multierr.Append(errs, errors.Errorf(".AdminPort must be in the range [0, 65535]")) } + if c.DrainTime <= 0 { + errs = multierr.Append(errs, errors.Errorf(".DrainTime must be positive")) + } if err := c.ReadinessProbe.Validate(); err != nil { errs = multierr.Append(errs, errors.Wrapf(err, ".ReadinessProbe is not valid")) } diff --git a/pkg/config/app/kuma-injector/config_test.go b/pkg/config/app/kuma-injector/config_test.go index cb18cd5c7d5d..32ee9d90572b 100644 --- a/pkg/config/app/kuma-injector/config_test.go +++ b/pkg/config/app/kuma-injector/config_test.go @@ -3,6 +3,7 @@ package kumainjector_test import ( "io/ioutil" "path/filepath" + "time" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -37,6 +38,7 @@ var _ = Describe("Config", func() { Expect(cfg.Injector.SidecarContainer.UID).To(Equal(int64(2345))) Expect(cfg.Injector.SidecarContainer.GID).To(Equal(int64(3456))) Expect(cfg.Injector.SidecarContainer.AdminPort).To(Equal(uint32(45678))) + Expect(cfg.Injector.SidecarContainer.DrainTime).To(Equal(15 * time.Second)) // and Expect(cfg.Injector.SidecarContainer.ReadinessProbe.InitialDelaySeconds).To(Equal(int32(11))) Expect(cfg.Injector.SidecarContainer.ReadinessProbe.TimeoutSeconds).To(Equal(int32((13)))) @@ -82,6 +84,6 @@ var _ = Describe("Config", func() { err := config.Load(filepath.Join("testdata", "invalid-config.input.yaml"), &cfg) // then - Expect(err).To(MatchError(`Invalid configuration: .WebHookServer is not valid: .Address must be either empty or a valid IPv4/IPv6 address; .Port must be in the range [0, 65535]; .CertDir must be non-empty; .Injector is not valid: .ControlPlane is not valid: .BootstrapServer is not valid: .URL must be a valid absolute URI; .ApiServer is not valid: .URL must be a valid absolute URI; .SidecarContainer is not valid: .Image must be non-empty; .RedirectPort must be in the range [0, 65535]; .AdminPort must be in the range [0, 65535]; .ReadinessProbe is not valid: .InitialDelaySeconds must be >= 1; .TimeoutSeconds must be >= 1; .PeriodSeconds must be >= 1; .SuccessThreshold must be >= 1; .FailureThreshold must be >= 1; .LivenessProbe is not valid: .InitialDelaySeconds must be >= 1; .TimeoutSeconds must be >= 1; .PeriodSeconds must be >= 1; .FailureThreshold must be >= 1; .Resources is not valid: .Requests is not valid: .CPU is not valid: quantities must match the regular expression '^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'; .Memory is not valid: quantities must match the regular expression '^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'; .Limits is not valid: .CPU is not valid: quantities must match the regular expression '^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'; .Memory is not valid: quantities must match the regular expression '^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'; .InitContainer is not valid: .Image must be non-empty`)) + Expect(err).To(MatchError(`Invalid configuration: .WebHookServer is not valid: .Address must be either empty or a valid IPv4/IPv6 address; .Port must be in the range [0, 65535]; .CertDir must be non-empty; .Injector is not valid: .ControlPlane is not valid: .BootstrapServer is not valid: .URL must be a valid absolute URI; .ApiServer is not valid: .URL must be a valid absolute URI; .SidecarContainer is not valid: .Image must be non-empty; .RedirectPort must be in the range [0, 65535]; .AdminPort must be in the range [0, 65535]; .DrainTime must be positive; .ReadinessProbe is not valid: .InitialDelaySeconds must be >= 1; .TimeoutSeconds must be >= 1; .PeriodSeconds must be >= 1; .SuccessThreshold must be >= 1; .FailureThreshold must be >= 1; .LivenessProbe is not valid: .InitialDelaySeconds must be >= 1; .TimeoutSeconds must be >= 1; .PeriodSeconds must be >= 1; .FailureThreshold must be >= 1; .Resources is not valid: .Requests is not valid: .CPU is not valid: quantities must match the regular expression '^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'; .Memory is not valid: quantities must match the regular expression '^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'; .Limits is not valid: .CPU is not valid: quantities must match the regular expression '^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'; .Memory is not valid: quantities must match the regular expression '^([+-]?[0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'; .InitContainer is not valid: .Image must be non-empty`)) }) }) diff --git a/pkg/config/app/kuma-injector/testdata/default-config.golden.yaml b/pkg/config/app/kuma-injector/testdata/default-config.golden.yaml index f4a5ddd8dec3..a3b22f447eef 100644 --- a/pkg/config/app/kuma-injector/testdata/default-config.golden.yaml +++ b/pkg/config/app/kuma-injector/testdata/default-config.golden.yaml @@ -12,6 +12,7 @@ injector: uid: 5678 gid: 5678 adminPort: 9901 + drainTime: 30s readinessProbe: initialDelaySeconds: 1 diff --git a/pkg/config/app/kuma-injector/testdata/invalid-config.input.yaml b/pkg/config/app/kuma-injector/testdata/invalid-config.input.yaml index 604664263d29..f25902a8df3d 100644 --- a/pkg/config/app/kuma-injector/testdata/invalid-config.input.yaml +++ b/pkg/config/app/kuma-injector/testdata/invalid-config.input.yaml @@ -14,5 +14,6 @@ injector: uid: -1 gid: -2 adminPort: 523456 + drainTime: 0s initContainer: image: diff --git a/pkg/config/app/kuma-injector/testdata/valid-config.input.yaml b/pkg/config/app/kuma-injector/testdata/valid-config.input.yaml index 6c13bd61461a..8bb308f1b21d 100644 --- a/pkg/config/app/kuma-injector/testdata/valid-config.input.yaml +++ b/pkg/config/app/kuma-injector/testdata/valid-config.input.yaml @@ -14,6 +14,7 @@ injector: uid: 2345 gid: 3456 adminPort: 45678 + drainTime: 15s readinessProbe: initialDelaySeconds: 11