Add server daemonset yaml template files #25

sufuf3 · 2018-06-07T04:40:15Z

Add tcp & unix with namespace vortex
Fake image name

tcp can run
unix can run

test files are under ~/go/src/github.com/linkernetworks/network-controller/example/server-yaml

codecov · 2018-06-07T05:47:19Z

Codecov Report

Merging #25 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master      #25   +/-   ##
=======================================
  Coverage   86.13%   86.13%           
=======================================
  Files           5        5           
  Lines         137      137           
=======================================
  Hits          118      118           
  Misses         12       12           
  Partials        7        7

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8939b35...d26f4da. Read the comment docs.

hwchiu

Add the privilege=true for those daemonSet

sufuf3 · 2018-06-10T01:38:28Z

I added the following config in these yaml files.

        securityContext:
          privileged: true

Could you please help me review this PR, again?
Many thanks.

hwchiu

LGTM

John-Lin · 2018-06-10T07:53:57Z

deploy/server/unix-daemonset.yaml

+        volumeMounts:
+        - mountPath: /var/run/docker.sock
+          name: docker-sock
+        - mountPath: /tmp/a.sock


rename to /var/run/vortex.sock

John-Lin · 2018-06-10T07:54:10Z

deploy/server/unix-daemonset.yaml

+          path: /var/run/docker.sock
+      - name: grpc-sock
+        hostPath:
+          path: /tmp/a.sock


rename to /var/run/vortex.sock

John-Lin · 2018-06-10T07:54:51Z

deploy/server/unix-daemonset.yaml

+        securityContext:
+          privileged: true
+        command: ["./network-controller-server"]
+        args: ["-unix=/tmp/a.sock"]


rename to /var/run/vortex.sock

John-Lin · 2018-06-10T07:58:25Z

deploy/server/tcp-daemonset.yaml

+metadata:
+  name: network-controller-server-tcp
+  namespace: vortex
+  labels:


At this moment. we don't need this label

John-Lin · 2018-06-10T08:00:07Z

deploy/server/unix-daemonset.yaml

+metadata:
+  name: network-controller-server-unix
+  namespace: vortex
+  labels:


At this moment. we don't need this label

sufuf3 · 2018-06-10T13:01:45Z

I removed labels. Also, updated the socket name.
Mount path should be folder, so I use /var/run as volumes.hostPath.path & volumeMounts.mountPath.

Please help me review this PR, again.
Thank you very much.

John-Lin · 2018-06-10T15:58:20Z

deploy/server/unix-daemonset.yaml

+          path: /var/run/docker.sock
+      - name: grpc-sock
+        hostPath:
+          path: /var/run/


I found mount entire /var/run/ can cause significant security issue. we should change back to /tmp

Unix sockets only live while the program is running, so /tmp/ is usually an alright place for them to live

John-Lin · 2018-06-10T16:13:46Z

deploy/server/unix-daemonset.yaml

+          path: /var/run/docker.sock
+      - name: grpc-sock
+        hostPath:
+          path: /var/run/


Unix sockets only live while the program is running, so /tmp/ is usually an alright place for them to live

- Add tcp & unix with namespace vortex

sufuf3 force-pushed the sufuf3/server-yaml-tmp branch from c6a8d73 to 1ae7dbb Compare June 7, 2018 05:47

hwchiu suggested changes Jun 7, 2018

View reviewed changes

sufuf3 force-pushed the sufuf3/server-yaml-tmp branch from 1ae7dbb to 9d84803 Compare June 10, 2018 01:34

sufuf3 changed the title ~~[WIP] Add server daemonset yaml template files~~ Add server daemonset yaml template files Jun 10, 2018

hwchiu approved these changes Jun 10, 2018

View reviewed changes

hwchiu requested review from John-Lin and chenyunchen June 10, 2018 03:51

John-Lin suggested changes Jun 10, 2018

View reviewed changes

sufuf3 force-pushed the sufuf3/server-yaml-tmp branch from 9d84803 to 99fd754 Compare June 10, 2018 12:53

sufuf3 requested a review from John-Lin June 10, 2018 12:57

John-Lin suggested changes Jun 10, 2018

View reviewed changes

Add server daemonset yaml template files

d26f4da

- Add tcp & unix with namespace vortex

sufuf3 force-pushed the sufuf3/server-yaml-tmp branch from 99fd754 to d26f4da Compare June 10, 2018 16:15

John-Lin approved these changes Jun 11, 2018

View reviewed changes

John-Lin merged commit c66eb50 into master Jun 11, 2018

hwchiu deleted the sufuf3/server-yaml-tmp branch June 11, 2018 07:10

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add server daemonset yaml template files #25

Add server daemonset yaml template files #25

sufuf3 commented Jun 7, 2018 •

edited

Loading

codecov bot commented Jun 7, 2018 •

edited

Loading

hwchiu left a comment

sufuf3 commented Jun 10, 2018

hwchiu left a comment

John-Lin Jun 10, 2018

John-Lin Jun 10, 2018

John-Lin Jun 10, 2018

John-Lin Jun 10, 2018

John-Lin Jun 10, 2018

sufuf3 commented Jun 10, 2018 •

edited

Loading

John-Lin Jun 10, 2018

John-Lin Jun 10, 2018

John-Lin Jun 10, 2018

Add server daemonset yaml template files #25

Add server daemonset yaml template files #25

Conversation

sufuf3 commented Jun 7, 2018 • edited Loading

codecov bot commented Jun 7, 2018 • edited Loading

Codecov Report

hwchiu left a comment

Choose a reason for hiding this comment

sufuf3 commented Jun 10, 2018

hwchiu left a comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

sufuf3 commented Jun 10, 2018 • edited Loading

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

sufuf3 commented Jun 7, 2018 •

edited

Loading

codecov bot commented Jun 7, 2018 •

edited

Loading

sufuf3 commented Jun 10, 2018 •

edited

Loading