fix: bridge provider egress for native k3s
This commit is contained in:
@@ -772,7 +772,7 @@ function importK3sImageScript(service: UniDeskMicroserviceConfig): string {
|
||||
}
|
||||
|
||||
function k8sDeploymentsForService(service: UniDeskMicroserviceConfig): string[] {
|
||||
if (service.id === "code-queue") return ["d601-tcp-egress-gateway", "code-queue"];
|
||||
if (service.id === "code-queue") return ["d601-provider-egress-proxy", "d601-tcp-egress-gateway", "code-queue"];
|
||||
return [service.repository.composeService];
|
||||
}
|
||||
|
||||
|
||||
@@ -17,30 +17,117 @@ metadata:
|
||||
unidesk.ai/provider-id: D601
|
||||
spec:
|
||||
type: ClusterIP
|
||||
selector:
|
||||
app.kubernetes.io/name: provider-egress-proxy
|
||||
unidesk.ai/provider-id: D601
|
||||
ports:
|
||||
- name: http
|
||||
port: 18789
|
||||
targetPort: 18789
|
||||
targetPort: http
|
||||
protocol: TCP
|
||||
---
|
||||
apiVersion: discovery.k8s.io/v1
|
||||
kind: EndpointSlice
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: d601-provider-egress-proxy
|
||||
namespace: unidesk
|
||||
labels:
|
||||
kubernetes.io/service-name: d601-provider-egress-proxy
|
||||
app.kubernetes.io/name: provider-egress-proxy
|
||||
app.kubernetes.io/part-of: unidesk
|
||||
unidesk.ai/provider-id: D601
|
||||
addressType: IPv4
|
||||
ports:
|
||||
- name: http
|
||||
protocol: TCP
|
||||
port: 18789
|
||||
endpoints:
|
||||
- addresses:
|
||||
- "172.25.0.3"
|
||||
data:
|
||||
provider-egress-proxy.js: |
|
||||
const net = require("node:net");
|
||||
|
||||
const listenPort = Number(process.env.PROVIDER_EGRESS_LISTEN_PORT || 18790);
|
||||
const upstreamHost = process.env.PROVIDER_EGRESS_UPSTREAM_HOST || "127.0.0.1";
|
||||
const upstreamPort = Number(process.env.PROVIDER_EGRESS_UPSTREAM_PORT || 18789);
|
||||
|
||||
function closeBoth(left, right) {
|
||||
left.destroy();
|
||||
right.destroy();
|
||||
}
|
||||
|
||||
net.createServer((client) => {
|
||||
const upstream = net.connect({ host: upstreamHost, port: upstreamPort });
|
||||
client.pipe(upstream);
|
||||
upstream.pipe(client);
|
||||
client.on("error", () => closeBoth(client, upstream));
|
||||
upstream.on("error", () => closeBoth(client, upstream));
|
||||
}).listen(listenPort, "0.0.0.0", () => {
|
||||
console.log(JSON.stringify({
|
||||
ts: new Date().toISOString(),
|
||||
service: "provider-egress-proxy",
|
||||
level: "info",
|
||||
message: "listening",
|
||||
data: { listenPort, upstream: `${upstreamHost}:${upstreamPort}` },
|
||||
}));
|
||||
});
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: d601-provider-egress-proxy
|
||||
namespace: unidesk
|
||||
labels:
|
||||
app.kubernetes.io/name: provider-egress-proxy
|
||||
app.kubernetes.io/part-of: unidesk
|
||||
unidesk.ai/provider-id: D601
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: provider-egress-proxy
|
||||
unidesk.ai/provider-id: D601
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: provider-egress-proxy
|
||||
app.kubernetes.io/part-of: unidesk
|
||||
unidesk.ai/provider-id: D601
|
||||
unidesk.ai/node-id: D601
|
||||
spec:
|
||||
hostNetwork: true
|
||||
dnsPolicy: ClusterFirstWithHostNet
|
||||
nodeSelector:
|
||||
unidesk.ai/node-id: D601
|
||||
containers:
|
||||
- name: provider-egress-proxy
|
||||
image: unidesk-code-queue:d601
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- bun
|
||||
- /etc/unidesk-provider-egress/provider-egress-proxy.js
|
||||
ports:
|
||||
- name: http
|
||||
containerPort: 18790
|
||||
env:
|
||||
- name: PROVIDER_EGRESS_LISTEN_PORT
|
||||
value: "18790"
|
||||
- name: PROVIDER_EGRESS_UPSTREAM_HOST
|
||||
value: "127.0.0.1"
|
||||
- name: PROVIDER_EGRESS_UPSTREAM_PORT
|
||||
value: "18789"
|
||||
volumeMounts:
|
||||
- name: script
|
||||
mountPath: /etc/unidesk-provider-egress
|
||||
readOnly: true
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: http
|
||||
periodSeconds: 5
|
||||
timeoutSeconds: 3
|
||||
failureThreshold: 12
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: http
|
||||
periodSeconds: 10
|
||||
timeoutSeconds: 3
|
||||
failureThreshold: 6
|
||||
volumes:
|
||||
- name: script
|
||||
configMap:
|
||||
name: d601-provider-egress-proxy
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
|
||||
Reference in New Issue
Block a user