README

Eirini

 

Build Status Maintainability Test Coverage Go Report Card Slack Status

What is Eirini?

Eirini is a thin layer of abstraction on top of Kubernetes that allows Cloud Foundry to deploy applications as Pods on a Kubernetes cluster. Eirini uses the Diego abstractions of Long Running Processes (LRPs) and Tasks to capture Cloud Foundry's notion of long running processes and one-off tasks.

Deployment instructions are available at: cloudfoundry-incubator/eirini-release.

Components

Eirini Overview Diagram


Eirini is composed of:

  • api: The main component, provides the REST API used by the Cloud Controller. It's responsible for starting LRPs and tasks.

  • event-reporter: A Kubernetes reconciler that watches for LRP instance crashes and reports them to the Cloud Controller.

  • instance-index-env-injector: A Kubernetes webhook that inserts the CF_INSTANCE_INDEX environment variable into every LRP instance (pod).

  • task-reporter: A Kubernetes reconciler that reports the outcome of tasks to the Cloud Controller and deletes the underlying Kubernetes Jobs after a configurable TTL has elapsed.

  • eirini-controller: A Kubernetes reconciler that acts on create/delete/update operations on Eirini's own Custom Resouce Definitions (CRDs). This is still experimental.

CI Pipelines

We use Concourse. Our pipelines can be found here.

Contributing

Please read CONTRIBUTING.md for details.

Have a question or feedback? Reach out to us!

We can be found in our Slack channel #eirini-dev in the Cloud Foundry workspace. Please hit us up with any questions you may have or to share your experience with Eirini!

Documentation

Index

Constants

View Source
const (
	// Environment Variable Names
	EnvEiriniNamespace            = "EIRINI_NAMESPACE"
	EnvDownloadURL                = "DOWNLOAD_URL"
	EnvDropletUploadURL           = "DROPLET_UPLOAD_URL"
	EnvAppID                      = "APP_ID"
	EnvCompletionCallback         = "COMPLETION_CALLBACK"
	EnvEiriniAddress              = "EIRINI_ADDRESS"
	EnvInstanceEnvInjectorCertDir = "INSTANCE_ENV_INJECTOR_CERTS_DIR"
	EnvResourceValidatorCertDir   = "RESOURCE_VALIDATOR_CERTS_DIR"
	EnvCCCertDir                  = "CC_CERTS_DIR"
	EnvServerCertDir              = "SERVER_CERTS_DIR"

	EnvPodName              = "POD_NAME"
	EnvCFInstanceIP         = "CF_INSTANCE_IP"
	EnvCFInstanceIndex      = "CF_INSTANCE_INDEX"
	EnvCFInstanceGUID       = "CF_INSTANCE_GUID"
	EnvCFInstanceInternalIP = "CF_INSTANCE_INTERNAL_IP"
	EnvCFInstanceAddr       = "CF_INSTANCE_ADDR"
	EnvCFInstancePort       = "CF_INSTANCE_PORT"
	EnvCFInstancePorts      = "CF_INSTANCE_PORTS"

	RegistrySecretName = "default-image-pull-secret"

	// Certs
	TLSSecretKey  = "tls.key"
	TLSSecretCert = "tls.crt"
	TLSSecretCA   = "tls.ca"

	EiriniCrtDir = "/etc/eirini/certs/"
	CCCrtDir     = "/etc/cf-api/certs/"

	CCUploaderSecretName   = "cc-uploader-certs"   //#nosec G101
	EiriniClientSecretName = "eirini-client-certs" //#nosec G101

	InstanceEnvInjectorCertDir = "/etc/eirini/certs"
	ResourceValidatorCertDir   = "/etc/eirini/certs"
)

Variables

View Source
var ErrInvalidInstanceIndex = errors.New("invalid instance index")
View Source
var ErrNotFound = errors.New("not found")

Functions

This section is empty.

Types

type APIConfig

type APIConfig struct {
	CommonConfig `yaml:",inline"`

	DefaultWorkloadsNamespace string `yaml:"app_namespace"`
	CCTLSDisabled             bool   `yaml:"cc_tls_disabled"`
	ServePlaintext            bool   `yaml:"serve_plaintext"`
	TLSPort                   int    `yaml:"tls_port"`
	PlaintextPort             int    `yaml:"plaintext_port"`
}

type CommonConfig

type CommonConfig struct {
	KubeConfig `yaml:",inline"`

	ApplicationServiceAccount               string `yaml:"application_service_account"`
	RegistrySecretName                      string `yaml:"registry_secret_name"`
	AllowRunImageAsRoot                     bool   `yaml:"allow_run_image_as_root"`
	UnsafeAllowAutomountServiceAccountToken bool   `yaml:"unsafe_allow_automount_service_account_token"`
	DefaultMinAvailableInstances            string `yaml:"default_min_available_instances"`

	WorkloadsNamespace string
}

type ControllerConfig

type ControllerConfig struct {
	CommonConfig   `yaml:",inline"`
	PrometheusPort int `yaml:"prometheus_port"`

	LeaderElectionID        string
	LeaderElectionNamespace string
}

type EventReporterConfig

type EventReporterConfig struct {
	CcInternalAPI string `yaml:"cc_internal_api"`
	CCTLSDisabled bool   `yaml:"cc_tls_disabled"`

	WorkloadsNamespace      string
	LeaderElectionID        string
	LeaderElectionNamespace string

	KubeConfig `yaml:",inline"`
}

type InstanceIndexEnvInjectorConfig

type InstanceIndexEnvInjectorConfig struct {
	Port       int32 `yaml:"service_port"`
	KubeConfig `yaml:",inline"`
}

type KubeConfig

type KubeConfig struct {
	ConfigPath string `yaml:"kube_config_path"`
}

type MigrationConfig

type MigrationConfig struct {
	WorkloadsNamespace string
	KubeConfig         `yaml:",inline"`
}

type ResourceValidatorConfig

type ResourceValidatorConfig struct {
	Port       int32 `yaml:"service_port"`
	KubeConfig `yaml:",inline"`
}

type TaskReporterConfig

type TaskReporterConfig struct {
	CCTLSDisabled                bool `yaml:"cc_tls_disabled"`
	LeaderElectionID             string
	LeaderElectionNamespace      string
	CompletionCallbackRetryLimit int `yaml:"completion_callback_retry_limit"`
	TTLSeconds                   int `yaml:"ttl_seconds"`

	WorkloadsNamespace string

	KubeConfig `yaml:",inline"`
}

Directories

Path Synopsis
bifrostfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
cmd
api
eventsfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
handlerfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
k8s
client
Package client wraps the k8s client.
Package client wraps the k8s client.
informers/event/eventfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
informers/task/taskfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
jobs/jobsfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
k8sfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
pdb
pdb/pdbfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
reconciler/reconcilerfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
shared/sharedfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
stset/stsetfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
webhook
Package webhook container extensions to use with eirinix
Package webhook container extensions to use with eirinix
Package migrations organises required migrations of eirini managed k8s objects
Package migrations organises required migrations of eirini managed k8s objects
migrationsfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
models
cf
pkg
generated/clientset/versioned
This package has the automatically generated clientset.
This package has the automatically generated clientset.
generated/clientset/versioned/fake
This package has the automatically generated fake clientset.
This package has the automatically generated fake clientset.
generated/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
This package contains the scheme of the automatically generated clientset.
generated/clientset/versioned/typed/eirini/v1
This package has the automatically generated typed clients.
This package has the automatically generated typed clients.
generated/clientset/versioned/typed/eirini/v1/fake
Package fake has the automatically generated clients.
Package fake has the automatically generated clients.
prometheusfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
stagerfakes
Code generated by counterfeiter.
Code generated by counterfeiter.
utilfakes
Code generated by counterfeiter.
Code generated by counterfeiter.