Skip to content

Commit

Permalink
Merge branch 'main' into issue/702/outgoing-filter-dns
Browse files Browse the repository at this point in the history
  • Loading branch information
meowjesty authored Aug 21, 2023
2 parents 474eb96 + b60f9b7 commit a99911d
Show file tree
Hide file tree
Showing 14 changed files with 151 additions and 45 deletions.
29 changes: 29 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,35 @@ This project uses [*towncrier*](https://towncrier.readthedocs.io/) and the chang

<!-- towncrier release notes start -->

## [3.60.0](https://github.com/metalbear-co/mirrord/tree/3.60.0) - 2023-08-21


### Added

- Detect and warn when cluster is openshift
[#1560](https://github.com/metalbear-co/mirrord/issues/1560)
- Add missing hook for open64, fixing certificate loading on C# + Linux
[#1815](https://github.com/metalbear-co/mirrord/issues/1815)
- Small changes relevant to operator for #1782.


### Fixed

- Fixed environment on ephemeral container
This is done by two things:

1. There was an issue where we used `self` instead of `1` to obtain env based
on pid.
2. We didn't have container runtime to use for fetching, so now we also copy
env from the original pod spec and set it to ours.
[#1818](https://github.com/metalbear-co/mirrord/issues/1818)


### Internal

- Added a missing comma in the documentation


## [3.59.0](https://github.com/metalbear-co/mirrord/tree/3.59.0) - 2023-08-18


Expand Down
46 changes: 23 additions & 23 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ resolver = "2"

# latest commits on rustls suppress certificate verification
[workspace.package]
version = "3.59.0"
version = "3.60.0"
edition = "2021"
license = "MIT"
readme = "README.md"
Expand Down
1 change: 0 additions & 1 deletion changelog.d/1560.added.md

This file was deleted.

33 changes: 23 additions & 10 deletions mirrord/agent/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -97,20 +97,32 @@ impl State {
None => None,
};

let environ_path = PathBuf::from("/proc")
.join(
// If we are in an ephemeral container, we use pid 1.
// if not, we use the pid of the target container or fallback to self
let pid = {
if args.ephemeral_container {
"1".to_string()
} else {
container
.as_ref()
.map(|h| h.pid().to_string())
.unwrap_or_else(|| "self".to_string()),
)
.join("environ");
.unwrap_or_else(|| "self".to_string())
}
};

let mut env: HashMap<String, String> = HashMap::new();

let environ_path = PathBuf::from("/proc").join(pid).join("environ");

if let Some(container) = container.as_ref() {
env.extend(container.raw_env().clone());
}

// in ephemeral container, we get same env as the target container, so copy our env.
if args.ephemeral_container {
env.extend(std::env::vars())
}

let mut env = container
.as_ref()
.map(ContainerHandle::raw_env)
.cloned()
.unwrap_or_default();
match env::get_proc_environ(environ_path).await {
Ok(environ) => env.extend(environ.into_iter()),
Err(err) => {
Expand Down Expand Up @@ -474,6 +486,7 @@ impl ClientConnectionHandler {
self.respond(DaemonMessage::SwitchProtocolVersionResponse(version))
.await?;
}
ClientMessage::ReadyForLogs => {}
}

Ok(true)
Expand Down
8 changes: 4 additions & 4 deletions mirrord/agent/src/steal/connection.rs
Original file line number Diff line number Diff line change
Expand Up @@ -248,14 +248,14 @@ impl TcpConnectionStealer {

if HTTP_FRAMED_VERSION.matches(version) {
Ok(daemon_tx
.send(DaemonTcp::HttpRequest(
request.into_serializable_fallback().await?,
.send(DaemonTcp::HttpRequestFramed(
request.into_serializable().await?,
))
.await?)
} else {
Ok(daemon_tx
.send(DaemonTcp::HttpRequestFramed(
request.into_serializable().await?,
.send(DaemonTcp::HttpRequest(
request.into_serializable_fallback().await?,
))
.await?)
}
Expand Down
2 changes: 1 addition & 1 deletion mirrord/config/src/feature/network/incoming.rs
Original file line number Diff line number Diff line change
Expand Up @@ -279,7 +279,7 @@ pub struct IncomingAdvancedFileConfig {
/// },
/// "port_mapping": [[ 7777, 8888 ]],
/// "ignore_localhost": false,
/// "ignore_ports": [9999, 10000]
/// "ignore_ports": [9999, 10000],
/// "listen_ports": [[80, 8111]]
/// }
/// }
Expand Down
24 changes: 23 additions & 1 deletion mirrord/kube/src/api/container.rs
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,7 @@ static AGENT_READY_REGEX: LazyLock<Regex> = LazyLock::new(|| {
* Wait until the agent prints the "agent ready" message.
* Return agent version extracted from the message (if found).
*/
#[tracing::instrument(level = "trace", skip(pod_api), ret)]
async fn wait_for_agent_startup(
pod_api: &Api<Pod>,
pod_name: &str,
Expand Down Expand Up @@ -416,7 +417,7 @@ impl ContainerApi for EphemeralContainer {
agent_command_line.push(timeout.to_string());
}

let ephemeral_container: KubeEphemeralContainer = serde_json::from_value(json!({
let mut ephemeral_container: KubeEphemeralContainer = serde_json::from_value(json!({
"name": mirrord_agent_name,
"image": Self::agent_image(agent),
"securityContext": {
Expand All @@ -437,6 +438,27 @@ impl ContainerApi for EphemeralContainer {
debug!("Requesting ephemeral_containers_subresource");

let pod_api = get_k8s_resource_api(client, agent.namespace.as_deref());
let pod: Pod = pod_api.get(&runtime_data.pod_name).await?;
let pod_spec = pod.spec.ok_or(KubeApiError::PodSpecNotFound)?;

let container_spec = pod_spec
.containers
.iter()
.find(|c| c.name == runtime_data.container_name)
.ok_or_else(|| KubeApiError::ContainerNotFound(runtime_data.container_name))?;

if let Some(spec_env) = container_spec.env.as_ref() {
let mut env = ephemeral_container.env.unwrap_or_default();
env.extend(spec_env.iter().cloned());
ephemeral_container.env = Some(env)
}

if let Some(env_from) = container_spec.env_from.as_ref() {
let mut env = ephemeral_container.env_from.unwrap_or_default();
env.extend(env_from.iter().cloned());
ephemeral_container.env_from = Some(env)
}

let mut ephemeral_containers_subresource: Pod = pod_api
.get_subresource("ephemeralcontainers", &runtime_data.pod_name)
.await
Expand Down
2 changes: 2 additions & 0 deletions mirrord/kube/src/api/runtime.rs
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,7 @@ impl RuntimeData {
})
}

#[tracing::instrument(level = "trace", skip(client), ret)]
pub async fn check_node(&self, client: &kube::Client) -> NodeCheck {
let node_api: Api<Node> = Api::all(client.clone());
let pod_api: Api<Pod> = Api::all(client.clone());
Expand Down Expand Up @@ -153,6 +154,7 @@ impl RuntimeData {
}
}

#[derive(Debug)]
pub enum NodeCheck {
Success,
Failed(String, usize),
Expand Down
Loading

0 comments on commit a99911d

Please sign in to comment.