Skip to content

Commit

Permalink
Merge pull request #1434 from dduportal/breaking/rsyncd/add-sshd-support
Browse files Browse the repository at this point in the history 
feat!(rsyncd): add `sshd` as an alternative Rsync Daemon to `rsyncd`
  • Loading branch information
@dduportal
dduportal authored Nov 24, 2024
2 parents e7b1cde + 4150a66 commit e08721a
Show file tree
Hide file tree
Showing 13 changed files with 512 additions and 308 deletions.
2 changes: 1 addition & 1 deletion charts/rsyncd/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v1
description: rsyncd helm chart for Kubernetes
name: rsyncd
version: 1.5.2
version: 2.0.0
maintainers:
- email: jenkins-infra-team@googlegroups.com
name: jenkins-infra-team
29 changes: 26 additions & 3 deletions charts/rsyncd/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,14 +45,13 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}

{{/*
Data directory volume definition. Might be defined from parent chart templates or autonomously
based on the presence of the global value provided by the parent chart.
Data directory volume definition.
Expected argument: dict{
"currentRsyncComponent": <string>,
"rootContext": { },
}
*/}}
{{- define "rsync.datadir-volumedefinition" -}}
{{- define "rsyncd.datadir-volumedefinition" -}}
{{- if .currentRsyncComponent.volumeTpl -}}
persistentVolumeClaim:
claimName: {{ printf "%s" (tpl .currentRsyncComponent.volumeTpl .rootContext) | trim | trunc 63 -}}
Expand All @@ -62,3 +61,27 @@ persistentVolumeClaim:
emptyDir: {}
{{- end -}}
{{- end -}}

{{/* Define the port exposed by the pod (depends on the RsyncD daemon specified, usually unprivileged port) */}}
{{- define "rsyncd.port" -}}
{{/* Overrides defaults if the top level `port` value exists */}}
{{- if .Values.port -}}
{{ .Values.port }}
{{- else if eq .Values.configuration.rsyncd_daemon "rsyncd" -}}
1873
{{- else if eq .Values.configuration.rsyncd_daemon "sshd" -}}
2222
{{- end -}}
{{- end -}}

{{/* Define the port exposed by the service (usually standard RsyncD or SSH ) */}}
{{- define "rsyncd.service.port" -}}
{{/* Overrides defaults if the `service.port` value exists */}}
{{- if .Values.service.port -}}
{{ .Values.service.port }}
{{- else if eq .Values.configuration.rsyncd_daemon "rsyncd" -}}
873
{{- else if eq .Values.configuration.rsyncd_daemon "sshd" -}}
22
{{- end -}}
{{- end -}}
10 changes: 3 additions & 7 deletions charts/rsyncd/templates/configmap.rsyncd-conf.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
{{- if eq .Values.configuration.rsyncd_daemon "rsyncd" }}
apiVersion: v1
kind: ConfigMap
metadata:
Expand All @@ -13,15 +14,10 @@ data:
read only = true
# Downloads will be possible if file permissions on the daemon side allow them
write only = false
motd file = {{ .Values.configuration.motd.path }}
port = {{ .Values.port }}
jenkins.motd: |-
{{ .Values.configuration.motd.content | nindent 4 }}
{{- range .Values.configuration.components }}
{{- range .Values.configuration.components }}
{{ .name }}.conf: |-
[{{ .name }}]
path = {{ .path }}
comment = {{ .comment}}
{{- end }}
{{- end }}
84 changes: 61 additions & 23 deletions charts/rsyncd/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,43 +34,79 @@ spec:
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
env:
- name: RSYNCD_DAEMON
value: "{{ .Values.configuration.rsyncd_daemon }}"
- name: {{ upper .Values.configuration.rsyncd_daemon }}_PORT
value: "{{ include "rsyncd.port" . }}"
{{- if and .Values.configuration.sshd .Values.configuration.sshd.public_key }}
- name: SSHD_PUBLIC_KEY
value: "{{ .Values.configuration.sshd.public_key }}"
{{- end }}
{{- if and .Values.configuration.sshd .Values.configuration.sshd.log_level }}
- name: SSHD_LOG_LEVEL
value: "{{ .Values.configuration.sshd.log_level }}"
{{- end }}
ports:
- name: rsyncd
containerPort: {{ .Values.port }}
- name: {{ .Values.configuration.rsyncd_daemon }}
containerPort: {{ include "rsyncd.port" . }}
protocol: TCP
livenessProbe:
tcpSocket:
port: {{ .Values.port }}
# Using a tcpSocket pollutes SSHD logs. Instead, we check
# for existence of sshd process as it is the last instruction
# of the entrypoint.
exec:
command:
- pgrep
{{- if eq .Values.configuration.rsyncd_daemon "sshd" }}
- sshd
initialDelaySeconds: 10
{{- else if eq .Values.configuration.rsyncd_daemon "rsyncd" }}
- rsync
initialDelaySeconds: 5
{{- end }}
periodSeconds: 5
readinessProbe:
tcpSocket:
port: {{ .Values.port }}
# Using a tcpSocket pollutes SSHD logs. Instead, we check
# for existence of pid file which means SSH is ready to receive connections
exec:
command:
- sh
- -c
- test -f /home/rsyncd/run/{{ .Values.configuration.rsyncd_daemon }}.pid
{{- if eq .Values.configuration.rsyncd_daemon "sshd" }}
initialDelaySeconds: 10
{{- else if eq .Values.configuration.rsyncd_daemon "rsyncd" }}
initialDelaySeconds: 5
{{- end }}
periodSeconds: 5
{{- with .Values.resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
- name: rsyncd-conf
mountPath: /etc/rsyncd.d/rsyncd.inc
readOnly: true # Default for configmaps
subPath: rsyncd.inc
- name: rsyncd-conf
mountPath: {{ .Values.configuration.motd.path }}
subPath: jenkins.motd
readOnly: true # Default for configmaps
- name: ramfs
mountPath: /tmp
subPath: tmp
- name: ramfs
mountPath: /rsync/run
mountPath: /home/rsyncd/run
subPath: run
{{- if eq .Values.configuration.rsyncd_daemon "rsyncd" }}
- name: rsyncd-conf
mountPath: /home/rsyncd/etc/rsyncd.d/rsyncd.inc
readOnly: true # Default for configmaps
subPath: rsyncd.inc
{{- range .Values.configuration.components }}
- name: rsyncd-conf
mountPath: /etc/rsyncd.d/{{ .name }}.conf
mountPath: /home/rsyncd/etc/rsyncd.d/{{ .name }}.conf
readOnly: true # Default for configmaps
subPath: {{ .name }}.conf
{{- end }}
{{- end }}
{{- range .Values.configuration.components }}
- name: datadir-{{ .name }}
mountPath: {{ .path }}
readOnly: true
readOnly: {{ eq (toString .writeEnabled) "true" | ternary "false" "true" }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
Expand All @@ -85,14 +121,16 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: rsyncd-conf
configMap:
name: {{ include "rsyncd.fullname" . }}-conf
- name: ramfs
emptyDir:
medium: Memory
sizeLimit: 32Mi
{{- range .Values.configuration.components }}
{{- if eq .Values.configuration.rsyncd_daemon "rsyncd" }}
- name: rsyncd-conf
configMap:
name: {{ include "rsyncd.fullname" . }}-conf
{{- end }}
{{- range .Values.configuration.components }}
- name: datadir-{{ .name }}
{{- include "rsync.datadir-volumedefinition" (dict "currentRsyncComponent" . "rootContext" $) | nindent 10 }}
{{- end }}
{{- include "rsyncd.datadir-volumedefinition" (dict "currentRsyncComponent" . "rootContext" $) | nindent 10 }}
{{- end }}
6 changes: 3 additions & 3 deletions charts/rsyncd/templates/service.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,10 +20,10 @@ spec:
{{- end }}
{{- end }}
ports:
- port: {{ .Values.service.port }}
targetPort: {{ .Values.port }}
- port: {{ include "rsyncd.service.port" . }}
targetPort: {{ include "rsyncd.port" . }}
protocol: TCP
name: rsyncd
name: {{ .Values.configuration.rsyncd_daemon }}
selector:
app.kubernetes.io/name: {{ include "rsyncd.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
Loading

0 comments on commit e08721a

Please sign in to comment.