fix: bridge provider egress for native k3s

This commit is contained in:
Codex
2026-05-16 13:22:31 +00:00
parent d7c496f6f5
commit 81ed669f97
2 changed files with 100 additions and 13 deletions
+1 -1
View File
@@ -772,7 +772,7 @@ function importK3sImageScript(service: UniDeskMicroserviceConfig): string {
}
function k8sDeploymentsForService(service: UniDeskMicroserviceConfig): string[] {
if (service.id === "code-queue") return ["d601-tcp-egress-gateway", "code-queue"];
if (service.id === "code-queue") return ["d601-provider-egress-proxy", "d601-tcp-egress-gateway", "code-queue"];
return [service.repository.composeService];
}
@@ -17,30 +17,117 @@ metadata:
unidesk.ai/provider-id: D601
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: provider-egress-proxy
unidesk.ai/provider-id: D601
ports:
- name: http
port: 18789
targetPort: 18789
targetPort: http
protocol: TCP
---
apiVersion: discovery.k8s.io/v1
kind: EndpointSlice
apiVersion: v1
kind: ConfigMap
metadata:
name: d601-provider-egress-proxy
namespace: unidesk
labels:
kubernetes.io/service-name: d601-provider-egress-proxy
app.kubernetes.io/name: provider-egress-proxy
app.kubernetes.io/part-of: unidesk
unidesk.ai/provider-id: D601
addressType: IPv4
ports:
- name: http
protocol: TCP
port: 18789
endpoints:
- addresses:
- "172.25.0.3"
data:
provider-egress-proxy.js: |
const net = require("node:net");
const listenPort = Number(process.env.PROVIDER_EGRESS_LISTEN_PORT || 18790);
const upstreamHost = process.env.PROVIDER_EGRESS_UPSTREAM_HOST || "127.0.0.1";
const upstreamPort = Number(process.env.PROVIDER_EGRESS_UPSTREAM_PORT || 18789);
function closeBoth(left, right) {
left.destroy();
right.destroy();
}
net.createServer((client) => {
const upstream = net.connect({ host: upstreamHost, port: upstreamPort });
client.pipe(upstream);
upstream.pipe(client);
client.on("error", () => closeBoth(client, upstream));
upstream.on("error", () => closeBoth(client, upstream));
}).listen(listenPort, "0.0.0.0", () => {
console.log(JSON.stringify({
ts: new Date().toISOString(),
service: "provider-egress-proxy",
level: "info",
message: "listening",
data: { listenPort, upstream: `${upstreamHost}:${upstreamPort}` },
}));
});
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: d601-provider-egress-proxy
namespace: unidesk
labels:
app.kubernetes.io/name: provider-egress-proxy
app.kubernetes.io/part-of: unidesk
unidesk.ai/provider-id: D601
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: provider-egress-proxy
unidesk.ai/provider-id: D601
template:
metadata:
labels:
app.kubernetes.io/name: provider-egress-proxy
app.kubernetes.io/part-of: unidesk
unidesk.ai/provider-id: D601
unidesk.ai/node-id: D601
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
nodeSelector:
unidesk.ai/node-id: D601
containers:
- name: provider-egress-proxy
image: unidesk-code-queue:d601
imagePullPolicy: IfNotPresent
command:
- bun
- /etc/unidesk-provider-egress/provider-egress-proxy.js
ports:
- name: http
containerPort: 18790
env:
- name: PROVIDER_EGRESS_LISTEN_PORT
value: "18790"
- name: PROVIDER_EGRESS_UPSTREAM_HOST
value: "127.0.0.1"
- name: PROVIDER_EGRESS_UPSTREAM_PORT
value: "18789"
volumeMounts:
- name: script
mountPath: /etc/unidesk-provider-egress
readOnly: true
readinessProbe:
tcpSocket:
port: http
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 12
livenessProbe:
tcpSocket:
port: http
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 6
volumes:
- name: script
configMap:
name: d601-provider-egress-proxy
---
apiVersion: v1
kind: ConfigMap