hotfix: fix detect helm ns but still use -n namespace (#506)

* hotfix: fix detect helm ns but still use -n namespace
2025-12-24 11:51:13 +08:00 · 2025-04-02 19:20:31 +08:00
parent e205b77e41
commit 94db7846d8
13 changed files with 51 additions and 22 deletions
--- a/pkg/inject/controller.go
+++ b/pkg/inject/controller.go
@@ -1,7 +1,10 @@
 package inject

 import (
+	"bytes"
 	_ "embed"
+	"fmt"
+	"text/template"

 	log "github.com/sirupsen/logrus"
 	v1 "k8s.io/api/core/v1"
@@ -35,7 +38,7 @@ func RemoveContainers(spec *v1.PodTemplateSpec) {
 }

 // AddMeshContainer todo envoy support ipv6
-func AddMeshContainer(spec *v1.PodTemplateSpec, ns, nodeId string, c util.PodRouteConfig, ipv6 bool) {
+func AddMeshContainer(spec *v1.PodTemplateSpec, ns, nodeId string, c util.PodRouteConfig, ipv6 bool, connectNamespace string) {
 	// remove envoy proxy containers if already exist
 	RemoveContainers(spec)

@@ -79,7 +82,7 @@ kubevpn serve -L "tun:/localhost:8422?net=${TunIPv4}&route=${CIDR4}" -F "tcp://$
 			},
 			{
 				Name:  "TrafficManagerService",
-				Value: config.ConfigMapPodTrafficManager,
+				Value: fmt.Sprintf("%s.%s", config.ConfigMapPodTrafficManager, connectNamespace),
 			},
 			{
 				Name: config.EnvPodNamespace,
@@ -139,9 +142,9 @@ kubevpn serve -L "tun:/localhost:8422?net=${TunIPv4}&route=${CIDR4}" -F "tcp://$
 		Args: []string{
 			func() string {
 				if ipv6 {
-					return string(envoyConfig)
+					return GetEnvoyConfig(string(envoyConfig), fmt.Sprintf("%s.%s", config.ConfigMapPodTrafficManager, connectNamespace))
 				}
-				return string(envoyConfigIPv4)
+				return GetEnvoyConfig(string(envoyConfigIPv4), fmt.Sprintf("%s.%s", config.ConfigMapPodTrafficManager, connectNamespace))
 			}(),
 		},
 		Resources: v1.ResourceRequirements{
@@ -158,7 +161,7 @@ kubevpn serve -L "tun:/localhost:8422?net=${TunIPv4}&route=${CIDR4}" -F "tcp://$
 	})
 }

-func AddEnvoyContainer(spec *v1.PodTemplateSpec, ns, nodeId string, ipv6 bool) {
+func AddEnvoyContainer(spec *v1.PodTemplateSpec, ns, nodeId string, ipv6 bool, connectNamespace string) {
 	// remove envoy proxy containers if already exist
 	RemoveContainers(spec)

@@ -203,9 +206,9 @@ kubevpn serve -L "ssh://:2222"`,
 		Args: []string{
 			func() string {
 				if ipv6 {
-					return string(envoyConfigFargate)
+					return GetEnvoyConfig(string(envoyConfigFargate), fmt.Sprintf("%s.%s", config.ConfigMapPodTrafficManager, connectNamespace))
 				}
-				return string(envoyConfigIPv4Fargate)
+				return GetEnvoyConfig(string(envoyConfigIPv4Fargate), fmt.Sprintf("%s.%s", config.ConfigMapPodTrafficManager, connectNamespace))
 			}(),
 		},
 		Resources: v1.ResourceRequirements{
@@ -221,3 +224,16 @@ kubevpn serve -L "ssh://:2222"`,
 		ImagePullPolicy: v1.PullIfNotPresent,
 	})
 }
+
+func GetEnvoyConfig(tmplStr string, value string) string {
+	tmpl, err := template.New("").Parse(tmplStr)
+	if err != nil {
+		return ""
+	}
+	buf := new(bytes.Buffer)
+	err = tmpl.Execute(buf, value)
+	if err != nil {
+		return ""
+	}
+	return buf.String()
+}
--- a/pkg/inject/envoy.yaml
+++ b/pkg/inject/envoy.yaml
@@ -47,7 +47,7 @@ static_resources:
              - endpoint:
                  address:
                    socket_address:
-                      address: kubevpn-traffic-manager
+                      address: {{.}}
                      port_value: 9002
                      ipv4_compat: true
      http2_protocol_options: { }
--- a/pkg/inject/envoy_ipv4.yaml
+++ b/pkg/inject/envoy_ipv4.yaml
@@ -45,7 +45,7 @@ static_resources:
              - endpoint:
                  address:
                    socket_address:
-                      address: kubevpn-traffic-manager
+                      address: {{.}}
                      port_value: 9002
                      ipv4_compat: true
      http2_protocol_options: { }
--- a/pkg/inject/exchange.go
+++ b/pkg/inject/exchange.go
@@ -1,6 +1,8 @@
 package inject

 import (
+	"fmt"
+
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/resource"
 	"k8s.io/utils/pointer"
@@ -18,7 +20,7 @@ func RemoveContainer(spec *corev1.PodSpec) {
 	}
 }

-func AddContainer(spec *corev1.PodSpec, c util.PodRouteConfig) {
+func AddContainer(spec *corev1.PodSpec, c util.PodRouteConfig, connectNamespace string) {
 	// remove vpn container if already exist
 	RemoveContainer(spec)
 	spec.Containers = append(spec.Containers, corev1.Container{
@@ -51,7 +53,7 @@ func AddContainer(spec *corev1.PodSpec, c util.PodRouteConfig) {
 			},
 			{
 				Name:  "TrafficManagerService",
-				Value: config.ConfigMapPodTrafficManager,
+				Value: fmt.Sprintf("%s.%s", config.ConfigMapPodTrafficManager, connectNamespace),
 			},
 			{
 				Name: config.EnvPodNamespace,
--- a/pkg/inject/fargate.go
+++ b/pkg/inject/fargate.go
@@ -66,7 +66,7 @@ func InjectEnvoySidecar(ctx context.Context, f cmdutil.Factory, clientset *kuber

 	enableIPv6, _ := util.DetectPodSupportIPv6(ctx, f, connectNamespace)
 	// (1) add mesh container
-	AddEnvoyContainer(templateSpec, object.Namespace, nodeID, enableIPv6)
+	AddEnvoyContainer(templateSpec, object.Namespace, nodeID, enableIPv6, connectNamespace)
 	helper := pkgresource.NewHelper(object.Client, object.Mapping)
 	ps := []P{
 		{
--- a/pkg/inject/fargate_envoy.yaml
+++ b/pkg/inject/fargate_envoy.yaml
@@ -34,5 +34,5 @@ static_resources:
              - endpoint:
                  address:
                    socket_address:
-                      address: kubevpn-traffic-manager
+                      address: {{.}}
                      port_value: 9002
--- a/pkg/inject/fargate_envoy_ipv4.yaml
+++ b/pkg/inject/fargate_envoy_ipv4.yaml
@@ -34,5 +34,5 @@ static_resources:
              - endpoint:
                  address:
                    socket_address:
-                      address: kubevpn-traffic-manager
+                      address: {{.}}
                      port_value: 9002
--- a/pkg/inject/mesh.go
+++ b/pkg/inject/mesh.go
@@ -90,7 +90,7 @@ func InjectVPNAndEnvoySidecar(ctx context.Context, f cmdutil.Factory, mapInterfa

 	enableIPv6, _ := util.DetectPodSupportIPv6(ctx, f, connectNamespace)
 	// (1) add mesh container
-	AddMeshContainer(templateSpec, object.Namespace, nodeID, c, enableIPv6)
+	AddMeshContainer(templateSpec, object.Namespace, nodeID, c, enableIPv6, connectNamespace)
 	helper := pkgresource.NewHelper(object.Client, object.Mapping)
 	ps := []P{
 		{
--- a/pkg/inject/proxy.go
+++ b/pkg/inject/proxy.go
@@ -51,7 +51,7 @@ func InjectVPNSidecar(ctx context.Context, f util.Factory, connectNamespace stri
 		return err
 	}

-	AddContainer(&podTempSpec.Spec, c)
+	AddContainer(&podTempSpec.Spec, c, connectNamespace)

 	workload := fmt.Sprintf("%s/%s", object.Mapping.Resource.Resource, object.Name)
 	helper := resource.NewHelper(object.Client, object.Mapping)
--- a/pkg/inject/render_test.go
+++ b/pkg/inject/render_test.go
@@ -0,0 +1,11 @@
+package inject
+
+import (
+	"testing"
+)
+
+func TestRender(t *testing.T) {
+	tmplStr := string(envoyConfig)
+	conf := GetEnvoyConfig(tmplStr, "test")
+	t.Log(conf)
+}