-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdocker-entrypoint.sh
More file actions
executable file
·86 lines (69 loc) · 3.63 KB
/
docker-entrypoint.sh
File metadata and controls
executable file
·86 lines (69 loc) · 3.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#!/bin/bash
NUM_REDIS_REPLICAS=${NUM_REDIS_REPLICAS:-3}
KUBERNETES_CLUSTER_DOMAIN=${KUBERNETES_CLUSTER_DOMAIN:-"cluster.local"}
declare -a podList
replicaCount=0
while [[ ${replicaCount} -lt ${NUM_REDIS_REPLICAS} ]]; do
podName="redis-server-${replicaCount}"
podList+=($podName)
let replicaCount=replicaCount+1
done
bkRedisFile="/usr/local/etc/haproxy/bk_redis.txt"
if [ -f $bkRedisFile ] ; then
rm $bkRedisFile
fi
echo " " | tee ${bkRedisFile} > /dev/null
echo "backend bk_redis1" | tee -a ${bkRedisFile} > /dev/null
echo " log global" | tee -a ${bkRedisFile} > /dev/null
echo " option tcp-check" | tee -a ${bkRedisFile} > /dev/null
# echo " option tcplog" | tee -a ${bkRedisFile} > /dev/null
echo " option log-health-checks" | tee -a ${bkRedisFile} > /dev/null
echo " errorfile 503 /usr/local/etc/haproxy/errors/503.http" | tee -a ${bkRedisFile} > /dev/null
echo " tcp-check comment PING\ phase" | tee -a ${bkRedisFile} > /dev/null
echo " tcp-check send PING\r\n" | tee -a ${bkRedisFile} > /dev/null
echo " tcp-check expect string +PONG" | tee -a ${bkRedisFile} > /dev/null
echo " tcp-check comment role\ check" | tee -a ${bkRedisFile} > /dev/null
echo " tcp-check send info\ replication\r\n" | tee -a ${bkRedisFile} > /dev/null
echo " tcp-check expect string role:master" | tee -a ${bkRedisFile} > /dev/null
echo " tcp-check comment QUIT\ phase" | tee -a ${bkRedisFile} > /dev/null
echo " tcp-check send QUIT\r\n" | tee -a ${bkRedisFile} > /dev/null
echo " tcp-check expect string +OK" | tee -a ${bkRedisFile} > /dev/null
for ((i = 0; i < ${#podList[@]}; ++i)); do
echo " server redis_$i ${podList[i]}.redis-server.default.svc.${KUBERNETES_CLUSTER_DOMAIN}:6379 check resolvers kubernetes init-addr last,libc,none inter 1s rise 1 fall 180" | tee -a ${bkRedisFile} > /dev/null
done
sed -i "\$r /usr/local/etc/haproxy/bk_redis.txt" /usr/local/etc/haproxy/haproxy.cfg
if [ -f $bkRedisFile ] ; then
rm $bkRedisFile
fi
## Enable Redis Auth if flag is set to true.
if [ "$REDIS_AUTH_ENABLED" = "true" ]; then
redissecret=`cat /etc/redis/redis-secret/secret`
##set passwords to redis secret
sed -i "s/passwordhere/$redissecret/" /usr/local/etc/haproxy/haproxy.cfg
## Set auth to redis
sed -i "/log-health-checks/a\\ tcp-check send AUTH\\\ $redissecret\\\r\\\n" /usr/local/etc/haproxy/haproxy.cfg
sed -i "/tcp-check send AUTH/a\\ tcp-check expect string +OK" /usr/local/etc/haproxy/haproxy.cfg
fi
# get the namespace and include in the ordinal hostname for redis
k8s_namespace=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
sed -i -E "s/(redis-server-[[:digit:]].redis-server.)default(.svc.${KUBERNETES_CLUSTER_DOMAIN})/\1${k8s_namespace}\2/" /usr/local/etc/haproxy/haproxy.cfg
## If DNS_RESOLVER is empty than take namespaces from /etc/resolv.conf
[ -z "${DNS_RESOLVER}" ] && export DNS_RESOLVER=$(cat /etc/resolv.conf | grep nameserver | awk '{ print $2 }')
sed -i "/^resolvers kubernetes/a\\ nameserver dns $DNS_RESOLVER:53" /usr/local/etc/haproxy/haproxy.cfg
## loop through all namespaces and add to haproxy.cfg
#for ((i=0; i<${#DNS_RESOLVER[*]}; i++));
#do
##sed -i "/^resolvers kubernetes/a\\ nameserver dns${i} ${DNS_RESOLVER[$i]}:53" /usr/local/etc/haproxy/haproxy.cfg
#done
# first arg is `-f` or `--some-option`
if [ "${1#-}" != "$1" ]; then
set -- haproxy "$@"
fi
if [ "$1" = 'haproxy' ]; then
shift # "haproxy"
# if the user wants "haproxy", let's add a couple useful flags
# -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2")
# -db -- disables background mode
set -- haproxy -W -db "$@"
fi
exec "$@"