eirini

README

 

What is Eirini?

Eirini is a thin layer of abstraction on top of Kubernetes that allows Cloud Foundry to deploy applications as Pods on a Kubernetes cluster. Eirini uses the Diego abstractions of Long Running Processes (LRPs) and Tasks to capture Cloud Foundry's notion of long running processes and one-off tasks.

Deployment instructions are available at: cloudfoundry-incubator/eirini-release.

Components

---

Eirini is composed of:

• api: The main component, provides the REST API used by the Cloud Controller. It's responsible for starting LRPs and tasks.

• event-reporter: A Kubernetes reconciler that watches for LRP instance crashes and reports them to the Cloud Controller.

• instance-index-env-injector: A Kubernetes webhook that inserts the CF_INSTANCE_INDEX environment variable into every LRP instance (pod).

• task-reporter: A Kubernetes reconciler that reports the outcome of tasks to the Cloud Controller and deletes the underlying Kubernetes Jobs after a configurable TTL has elapsed.

• eirini-controller: A Kubernetes reconciler that acts on create/delete/update operations on Eirini's own Custom Resouce Definitions (CRDs). This is still experimental.

CI Pipelines

We use Concourse. Our pipelines can be found here.

Contributing

Please read CONTRIBUTING.md for details.

Have a question or feedback? Reach out to us!

We can be found in our Slack channel #eirini-dev in the Cloud Foundry workspace. Please hit us up with any questions you may have or to share your experience with Eirini!

Documentation

Index

• Constants
• Variables
• type APIConfig
• type CommonConfig
• type ControllerConfig
• type EventReporterConfig
• type InstanceIndexEnvInjectorConfig
• type KubeConfig
• type MigrationConfig
• type ResourceValidatorConfig
• type TaskReporterConfig

Constants

const (
	// Environment Variable Names
	EnvEiriniNamespace            = "EIRINI_NAMESPACE"
	EnvDownloadURL                = "DOWNLOAD_URL"
	EnvDropletUploadURL           = "DROPLET_UPLOAD_URL"
	EnvAppID                      = "APP_ID"
	EnvCompletionCallback         = "COMPLETION_CALLBACK"
	EnvEiriniAddress              = "EIRINI_ADDRESS"
	EnvInstanceEnvInjectorCertDir = "INSTANCE_ENV_INJECTOR_CERTS_DIR"
	EnvResourceValidatorCertDir   = "RESOURCE_VALIDATOR_CERTS_DIR"
	EnvCCCertDir                  = "CC_CERTS_DIR"
	EnvServerCertDir              = "SERVER_CERTS_DIR"

	EnvPodName              = "POD_NAME"
	EnvCFInstanceIP         = "CF_INSTANCE_IP"
	EnvCFInstanceIndex      = "CF_INSTANCE_INDEX"
	EnvCFInstanceGUID       = "CF_INSTANCE_GUID"
	EnvCFInstanceInternalIP = "CF_INSTANCE_INTERNAL_IP"
	EnvCFInstanceAddr       = "CF_INSTANCE_ADDR"
	EnvCFInstancePort       = "CF_INSTANCE_PORT"
	EnvCFInstancePorts      = "CF_INSTANCE_PORTS"

	RegistrySecretName = "default-image-pull-secret"

	// Certs
	TLSSecretKey  = "tls.key"
	TLSSecretCert = "tls.crt"
	TLSSecretCA   = "tls.ca"

	EiriniCrtDir = "/etc/eirini/certs/"
	CCCrtDir     = "/etc/cf-api/certs/"

	CCUploaderSecretName   = "cc-uploader-certs"   //#nosec G101
	EiriniClientSecretName = "eirini-client-certs" //#nosec G101

	InstanceEnvInjectorCertDir = "/etc/eirini/certs"
	ResourceValidatorCertDir   = "/etc/eirini/certs"
)

Variables

var ErrInvalidInstanceIndex = errors.New("invalid instance index")

var ErrNotFound = errors.New("not found")

Types

type APIConfig

type APIConfig struct {
	CommonConfig `yaml:",inline"`

	DefaultWorkloadsNamespace string `yaml:"app_namespace"`
	CCTLSDisabled             bool   `yaml:"cc_tls_disabled"`
	ServePlaintext            bool   `yaml:"serve_plaintext"`
	TLSPort                   int    `yaml:"tls_port"`
	PlaintextPort             int    `yaml:"plaintext_port"`
}

type CommonConfig

type CommonConfig struct {
	KubeConfig `yaml:",inline"`

	ApplicationServiceAccount               string `yaml:"application_service_account"`
	RegistrySecretName                      string `yaml:"registry_secret_name"`
	AllowRunImageAsRoot                     bool   `yaml:"allow_run_image_as_root"`
	UnsafeAllowAutomountServiceAccountToken bool   `yaml:"unsafe_allow_automount_service_account_token"`
	DefaultMinAvailableInstances            string `yaml:"default_min_available_instances"`

	WorkloadsNamespace string
}

type ControllerConfig

type ControllerConfig struct {
	CommonConfig   `yaml:",inline"`
	PrometheusPort int `yaml:"prometheus_port"`
	TaskTTLSeconds int `yaml:"task_ttl_seconds"`

	LeaderElectionID        string
	LeaderElectionNamespace string
}

type EventReporterConfig

type EventReporterConfig struct {
	CcInternalAPI string `yaml:"cc_internal_api"`
	CCTLSDisabled bool   `yaml:"cc_tls_disabled"`

	WorkloadsNamespace      string
	LeaderElectionID        string
	LeaderElectionNamespace string

	KubeConfig `yaml:",inline"`
}

type InstanceIndexEnvInjectorConfig

type InstanceIndexEnvInjectorConfig struct {
	Port       int32 `yaml:"service_port"`
	KubeConfig `yaml:",inline"`
}

type KubeConfig

type KubeConfig struct {
	ConfigPath string `yaml:"kube_config_path"`
}

type MigrationConfig

type MigrationConfig struct {
	WorkloadsNamespace string
	KubeConfig         `yaml:",inline"`
}

type ResourceValidatorConfig

type ResourceValidatorConfig struct {
	Port       int32 `yaml:"service_port"`
	KubeConfig `yaml:",inline"`
}

type TaskReporterConfig

type TaskReporterConfig struct {
	CCTLSDisabled                bool `yaml:"cc_tls_disabled"`
	LeaderElectionID             string
	LeaderElectionNamespace      string
	CompletionCallbackRetryLimit int `yaml:"completion_callback_retry_limit"`
	TTLSeconds                   int `yaml:"ttl_seconds"`

	WorkloadsNamespace string

	KubeConfig `yaml:",inline"`
}