mirror of
https://github.com/kubenetworks/kubevpn.git
synced 2025-09-27 03:36:09 +08:00
naison
@@ -11,7 +11,7 @@ import (
|
|||||||
func CmdImageCopy(cmdutil.Factory) *cobra.Command {
|
func CmdImageCopy(cmdutil.Factory) *cobra.Command {
|
||||||
var imageCmd = &cobra.Command{
|
var imageCmd = &cobra.Command{
|
||||||
Use: "image <cmd>",
|
Use: "image <cmd>",
|
||||||
Short: "copy images",
|
Short: "Copy images",
|
||||||
}
|
}
|
||||||
|
|
||||||
copyCmd := &cobra.Command{
|
copyCmd := &cobra.Command{
|
||||||
|
|||||||
@@ -21,9 +21,9 @@ func CmdReset(f cmdutil.Factory) *cobra.Command {
|
|||||||
var sshConf = &pkgssh.SshConfig{}
|
var sshConf = &pkgssh.SshConfig{}
|
||||||
cmd := &cobra.Command{
|
cmd := &cobra.Command{
|
||||||
Use: "reset",
|
Use: "reset",
|
||||||
Short: "Reset workloads to origin status",
|
Short: "Reset workloads to origin spec",
|
||||||
Long: templates.LongDesc(i18n.T(`
|
Long: templates.LongDesc(i18n.T(`
|
||||||
Reset workloads to origin status
|
Reset workloads to origin spec
|
||||||
|
|
||||||
Reset will remove injected container envoy-proxy and vpn, and restore service mesh rules.
|
Reset will remove injected container envoy-proxy and vpn, and restore service mesh rules.
|
||||||
`)),
|
`)),
|
||||||
|
|||||||
@@ -1,9 +1,7 @@
|
|||||||
package cmds
|
package cmds
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
|
||||||
"net"
|
"net"
|
||||||
"os"
|
|
||||||
|
|
||||||
"github.com/spf13/cobra"
|
"github.com/spf13/cobra"
|
||||||
cmdutil "k8s.io/kubectl/pkg/cmd/util"
|
cmdutil "k8s.io/kubectl/pkg/cmd/util"
|
||||||
@@ -53,11 +51,10 @@ func CmdRouteAdd(cmdutil.Factory) *cobra.Command {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
resp, err := cli.Route(cmd.Context(), &rpc.RouteRequest{Cidr: cidr.String(), Type: rpc.RouteType_ROUTE_ADD})
|
_, err = cli.Route(cmd.Context(), &rpc.RouteRequest{Cidr: cidr.String(), Type: rpc.RouteType_ROUTE_ADD})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
_, err = fmt.Fprint(os.Stdout, resp.Message)
|
|
||||||
return err
|
return err
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
@@ -91,11 +88,10 @@ func CmdRouteDelete(cmdutil.Factory) *cobra.Command {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
resp, err := cli.Route(cmd.Context(), &rpc.RouteRequest{Cidr: cidr.String(), Type: rpc.RouteType_ROUTE_DELETE})
|
_, err = cli.Route(cmd.Context(), &rpc.RouteRequest{Cidr: cidr.String(), Type: rpc.RouteType_ROUTE_DELETE})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
_, err = fmt.Fprint(os.Stdout, resp.Message)
|
|
||||||
return err
|
return err
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -36,11 +36,11 @@ func CmdSync(f cmdutil.Factory) *cobra.Command {
|
|||||||
var imagePullSecretName string
|
var imagePullSecretName string
|
||||||
cmd := &cobra.Command{
|
cmd := &cobra.Command{
|
||||||
Use: "sync",
|
Use: "sync",
|
||||||
Short: i18n.T("Sync workloads run in current namespace with same volume、env、and network"),
|
Short: i18n.T("Sync local dir to cloned workloads dir"),
|
||||||
Long: templates.LongDesc(i18n.T(`
|
Long: templates.LongDesc(i18n.T(`
|
||||||
Sync local dir to workloads which run in current namespace with same volume、env、and network
|
Sync local dir to cloned workloads which run in current namespace with same volume、env and network as target workloads
|
||||||
|
|
||||||
In this way, you can startup another deployment in current namespace, but with different image version,
|
In this way, we startup another deployment in current namespace, but with different image version,
|
||||||
it also supports service mesh proxy. only traffic with special header will hit to sync resource.
|
it also supports service mesh proxy. only traffic with special header will hit to sync resource.
|
||||||
`)),
|
`)),
|
||||||
Example: templates.Examples(i18n.T(`
|
Example: templates.Examples(i18n.T(`
|
||||||
|
|||||||
@@ -60,8 +60,6 @@ func (svr *Server) Route(ctx context.Context, req *rpc.RouteRequest) (*rpc.Route
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return &rpc.RouteResponse{
|
return &rpc.RouteResponse{}, nil
|
||||||
Message: "ok",
|
|
||||||
}, nil
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -45,10 +45,9 @@ type Config struct {
|
|||||||
func (c *Config) AddServiceNameToHosts(ctx context.Context, hosts ...Entry) error {
|
func (c *Config) AddServiceNameToHosts(ctx context.Context, hosts ...Entry) error {
|
||||||
var serviceList []v12.Service
|
var serviceList []v12.Service
|
||||||
c.Lock.Lock()
|
c.Lock.Lock()
|
||||||
defer c.Lock.Unlock()
|
|
||||||
|
|
||||||
appendHosts := c.generateAppendHosts(serviceList, hosts)
|
appendHosts := c.generateAppendHosts(serviceList, hosts)
|
||||||
err := c.appendHosts(appendHosts)
|
err := c.appendHosts(appendHosts)
|
||||||
|
c.Lock.Unlock()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
plog.G(ctx).Errorf("Failed to add hosts(%s): %v", entryList2String(appendHosts), err)
|
plog.G(ctx).Errorf("Failed to add hosts(%s): %v", entryList2String(appendHosts), err)
|
||||||
return err
|
return err
|
||||||
|
|||||||
@@ -7,13 +7,11 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
"os"
|
"os"
|
||||||
"os/exec"
|
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"slices"
|
"slices"
|
||||||
"strings"
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/fsnotify/fsnotify"
|
|
||||||
miekgdns "github.com/miekg/dns"
|
miekgdns "github.com/miekg/dns"
|
||||||
v12 "k8s.io/api/core/v1"
|
v12 "k8s.io/api/core/v1"
|
||||||
"k8s.io/apimachinery/pkg/util/sets"
|
"k8s.io/apimachinery/pkg/util/sets"
|
||||||
@@ -26,8 +24,6 @@ import (
|
|||||||
// https://github.com/golang/go/issues/12524
|
// https://github.com/golang/go/issues/12524
|
||||||
// man 5 resolver
|
// man 5 resolver
|
||||||
|
|
||||||
var cancel context.CancelFunc
|
|
||||||
var resolv = "/etc/resolv.conf"
|
|
||||||
var ignoreSearchSuffix = []string{"com", "io", "net", "org", "cn", "ru"}
|
var ignoreSearchSuffix = []string{"com", "io", "net", "org", "cn", "ru"}
|
||||||
|
|
||||||
// SetupDNS support like
|
// SetupDNS support like
|
||||||
@@ -124,14 +120,14 @@ func (c *Config) usingResolver(ctx context.Context) {
|
|||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if err != nil {
|
if err != nil {
|
||||||
plog.G(ctx).Errorf("Failed to read resovler %s error: %v", filename, err)
|
plog.G(ctx).Errorf("Failed to read resovler %s: %v", filename, err)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
var conf *miekgdns.ClientConfig
|
var conf *miekgdns.ClientConfig
|
||||||
conf, err = miekgdns.ClientConfigFromReader(bytes.NewBufferString(string(content)))
|
conf, err = miekgdns.ClientConfigFromReader(bytes.NewBufferString(string(content)))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
plog.G(ctx).Errorf("Parse resolver %s error: %v", filename, err)
|
plog.G(ctx).Errorf("Failed to parse resolver %s: %v", filename, err)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if slices.Contains(conf.Servers, clientConfig.Servers[0]) {
|
if slices.Contains(conf.Servers, clientConfig.Servers[0]) {
|
||||||
@@ -141,51 +137,11 @@ func (c *Config) usingResolver(ctx context.Context) {
|
|||||||
conf.Servers = append([]string{clientConfig.Servers[0]}, conf.Servers...)
|
conf.Servers = append([]string{clientConfig.Servers[0]}, conf.Servers...)
|
||||||
err = os.WriteFile(filename, []byte(toString(*conf)), 0644)
|
err = os.WriteFile(filename, []byte(toString(*conf)), 0644)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
plog.G(ctx).Errorf("Failed to write resovler %s error: %v", filename, err)
|
plog.G(ctx).Errorf("Failed to write resovler %s: %v", filename, err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *Config) usingNetworkSetup(ip string, ns string) {
|
|
||||||
networkSetup(ip, ns)
|
|
||||||
var ctx context.Context
|
|
||||||
ctx, cancel = context.WithCancel(context.Background())
|
|
||||||
go func() {
|
|
||||||
ticker := time.NewTicker(time.Second * 10)
|
|
||||||
newWatcher, _ := fsnotify.NewWatcher()
|
|
||||||
defer newWatcher.Close()
|
|
||||||
defer ticker.Stop()
|
|
||||||
_ = newWatcher.Add(resolv)
|
|
||||||
c := make(chan struct{}, 1)
|
|
||||||
c <- struct{}{}
|
|
||||||
for {
|
|
||||||
select {
|
|
||||||
case <-ticker.C:
|
|
||||||
c <- struct{}{}
|
|
||||||
case /*e :=*/ <-newWatcher.Events:
|
|
||||||
//if e.Op == fsnotify.Write {
|
|
||||||
c <- struct{}{}
|
|
||||||
//}
|
|
||||||
case <-c:
|
|
||||||
if rc, err := miekgdns.ClientConfigFromFile(resolv); err == nil && rc.Timeout != 1 {
|
|
||||||
if !sets.New[string](rc.Servers...).Has(ip) {
|
|
||||||
rc.Servers = append(rc.Servers, ip)
|
|
||||||
for _, s := range []string{ns + ".svc.cluster.local", "svc.cluster.local", "cluster.local"} {
|
|
||||||
rc.Search = append(rc.Search, s)
|
|
||||||
}
|
|
||||||
//rc.Ndots = 5
|
|
||||||
}
|
|
||||||
//rc.Attempts = 1
|
|
||||||
rc.Timeout = 1
|
|
||||||
_ = os.WriteFile(resolv, []byte(toString(*rc)), 0644)
|
|
||||||
}
|
|
||||||
case <-ctx.Done():
|
|
||||||
return
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}()
|
|
||||||
}
|
|
||||||
|
|
||||||
func toString(config miekgdns.ClientConfig) string {
|
func toString(config miekgdns.ClientConfig) string {
|
||||||
var builder strings.Builder
|
var builder strings.Builder
|
||||||
// builder.WriteString(`#
|
// builder.WriteString(`#
|
||||||
@@ -220,9 +176,6 @@ func toString(config miekgdns.ClientConfig) string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (c *Config) CancelDNS() {
|
func (c *Config) CancelDNS() {
|
||||||
if cancel != nil {
|
|
||||||
cancel()
|
|
||||||
}
|
|
||||||
for _, filename := range GetResolvers(c.Config.Search, c.Ns, c.Services) {
|
for _, filename := range GetResolvers(c.Config.Search, c.Ns, c.Services) {
|
||||||
content, err := os.ReadFile(filename)
|
content, err := os.ReadFile(filename)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -294,107 +247,6 @@ func GetResolvers(searchList []string, nsList []string, serviceName []v12.Servic
|
|||||||
return resolvers
|
return resolvers
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
➜ resolver sudo networksetup -setdnsservers Wi-Fi 172.20.135.131 1.1.1.1
|
|
||||||
➜ resolver sudo networksetup -setsearchdomains Wi-Fi test.svc.cluster.local svc.cluster.local cluster.local
|
|
||||||
➜ resolver sudo networksetup -getsearchdomains Wi-Fi
|
|
||||||
test.svc.cluster.local
|
|
||||||
svc.cluster.local
|
|
||||||
cluster.local
|
|
||||||
➜ resolver sudo networksetup -getdnsservers Wi-Fi
|
|
||||||
172.20.135.131
|
|
||||||
1.1.1.1
|
|
||||||
*/
|
|
||||||
func networkSetup(ip string, namespace string) {
|
|
||||||
networkCancel()
|
|
||||||
b, err := exec.Command("networksetup", "-listallnetworkservices").Output()
|
|
||||||
if err != nil {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
services := strings.Split(string(b), "\n")
|
|
||||||
for _, s := range services[:len(services)-1] {
|
|
||||||
cmd := exec.Command("networksetup", "-getdnsservers", s)
|
|
||||||
output, err := cmd.Output()
|
|
||||||
if err == nil {
|
|
||||||
var nameservers []string
|
|
||||||
if strings.Contains(string(output), "There aren't any DNS Servers") {
|
|
||||||
nameservers = make([]string, 0, 0)
|
|
||||||
// fix networksetup -getdnsservers is empty, but resolv.conf nameserver is not empty
|
|
||||||
if rc, err := miekgdns.ClientConfigFromFile(resolv); err == nil {
|
|
||||||
nameservers = rc.Servers
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
nameservers = strings.Split(string(output), "\n")
|
|
||||||
nameservers = nameservers[:len(nameservers)-1]
|
|
||||||
}
|
|
||||||
// add to tail
|
|
||||||
nameservers = append(nameservers, ip)
|
|
||||||
args := []string{"-setdnsservers", s}
|
|
||||||
output, err = exec.Command("networksetup", append(args, nameservers...)...).Output()
|
|
||||||
if err != nil {
|
|
||||||
plog.G(context.Background()).Warnf("Failed to set DNS server for %s, err: %v, output: %s\n", s, err, string(output))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
output, err = exec.Command("networksetup", "-getsearchdomains", s).Output()
|
|
||||||
if err == nil {
|
|
||||||
var searchDomains []string
|
|
||||||
if strings.Contains(string(output), "There aren't any Search Domains") {
|
|
||||||
searchDomains = make([]string, 0, 0)
|
|
||||||
} else {
|
|
||||||
searchDomains = strings.Split(string(output), "\n")
|
|
||||||
searchDomains = searchDomains[:len(searchDomains)-1]
|
|
||||||
}
|
|
||||||
newSearchDomains := make([]string, len(searchDomains)+3, len(searchDomains)+3)
|
|
||||||
copy(newSearchDomains[3:], searchDomains)
|
|
||||||
newSearchDomains[0] = fmt.Sprintf("%s.svc.cluster.local", namespace)
|
|
||||||
newSearchDomains[1] = "svc.cluster.local"
|
|
||||||
newSearchDomains[2] = "cluster.local"
|
|
||||||
args := []string{"-setsearchdomains", s}
|
|
||||||
bytes, err := exec.Command("networksetup", append(args, newSearchDomains...)...).Output()
|
|
||||||
if err != nil {
|
|
||||||
plog.G(context.Background()).Warnf("Failed to set search domain for %s, err: %v, output: %s\n", s, err, string(bytes))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func networkCancel() {
|
|
||||||
b, err := exec.Command("networksetup", "-listallnetworkservices").CombinedOutput()
|
|
||||||
if err != nil {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
services := strings.Split(string(b), "\n")
|
|
||||||
for _, s := range services[:len(services)-1] {
|
|
||||||
output, err := exec.Command("networksetup", "-getsearchdomains", s).Output()
|
|
||||||
if err == nil {
|
|
||||||
i := strings.Split(string(output), "\n")
|
|
||||||
if i[1] == "svc.cluster.local" && i[2] == "cluster.local" {
|
|
||||||
bytes, err := exec.Command("networksetup", "-setsearchdomains", s, strings.Join(i[3:], " ")).Output()
|
|
||||||
if err != nil {
|
|
||||||
plog.G(context.Background()).Warnf("Failed to remove search domain for %s, err: %v, output: %s\n", s, err, string(bytes))
|
|
||||||
}
|
|
||||||
|
|
||||||
output, err := exec.Command("networksetup", "-getdnsservers", s).Output()
|
|
||||||
if err == nil {
|
|
||||||
dnsServers := strings.Split(string(output), "\n")
|
|
||||||
// dnsServers[len(dnsServers)-1]=""
|
|
||||||
// dnsServers[len(dnsServers)-2]="ip which added by KubeVPN"
|
|
||||||
dnsServers = dnsServers[:len(dnsServers)-2]
|
|
||||||
if len(dnsServers) == 0 {
|
|
||||||
// set default dns server to 1.1.1.1 or just keep on empty
|
|
||||||
dnsServers = append(dnsServers, "empty")
|
|
||||||
}
|
|
||||||
args := []string{"-setdnsservers", s}
|
|
||||||
combinedOutput, err := exec.Command("networksetup", append(args, dnsServers...)...).Output()
|
|
||||||
if err != nil {
|
|
||||||
plog.G(context.Background()).Warnf("Failed to remove DNS server for %s, err: %v, output: %s", s, err, string(combinedOutput))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func GetHostFile() string {
|
func GetHostFile() string {
|
||||||
return "/etc/hosts"
|
return "/etc/hosts"
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user