WIP

jrauh01 · jrauh01 · commit 153d86e1e307 · 2023-12-13T10:02:39.000+01:00
diff --git a/Dockerfile b/Dockerfile
@@ -3,10 +3,13 @@ FROM golang:alpine AS builder
 RUN apk update && apk add --no-cache git
 WORKDIR $GOPATH/src/icinga-kubernetes/
 COPY . .
+#COPY ./config.yml /go/bin/config.yml
 RUN go build -o /go/bin/icinga-kubernetes ./cmd/icinga-kubernetes/main.go
 
 FROM scratch
 
-COPY --from=builder /go/bin/icinga-kubernetes /go/bin/icinga-kubernetes
+WORKDIR /go/bin/
+COPY --from=alpine /tmp /tmp
+COPY --from=builder /go/bin/icinga-kubernetes ./icinga-kubernetes
 EXPOSE 8080
-ENTRYPOINT ["/go/bin/icinga-kubernetes"]
+ENTRYPOINT ["./icinga-kubernetes"]
diff --git a/cmd/icinga-kubernetes/main.go b/cmd/icinga-kubernetes/main.go
@@ -14,10 +14,20 @@ import (
 	"golang.org/x/sync/errgroup"
 	kinformers "k8s.io/client-go/informers"
 	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/rest"
 	kclientcmd "k8s.io/client-go/tools/clientcmd"
+	"os"
 )
 
 func main() {
+	inCluster := false
+
+	if kconfig, err := rest.InClusterConfig(); err == nil {
+		if _, err := kubernetes.NewForConfig(kconfig); err == nil {
+			inCluster = true
+		}
+	}
+
 	kconfig, err := kclientcmd.NewNonInteractiveDeferredLoadingClientConfig(
 		kclientcmd.NewDefaultClientConfigLoadingRules(), &kclientcmd.ConfigOverrides{}).ClientConfig()
 	if err != nil {
@@ -34,7 +44,31 @@ func main() {
 		logging.Fatal(errors.Wrap(err, "can't parse flags"))
 	}
 
-	cfg, err := config.FromYAMLFile[internal.Config](flags.Config)
+	cfg := &internal.Config{}
+	configFile := flags.Config
+
+	if inCluster {
+		ikConfig := os.Getenv("ICINGA_KUBERNETES_CONFIG")
+
+		file, err := os.CreateTemp("", "yaml-config-")
+		if err != nil {
+			logging.Fatal(errors.Wrap(err, "can't create temporary yaml config"))
+		}
+		defer func() {
+			err := os.Remove(file.Name())
+			if err != nil {
+				logging.Fatal(errors.Wrap(err, "can't remove temporary yaml config"))
+			}
+		}()
+
+		if _, err = file.Write([]byte(ikConfig)); err != nil {
+			logging.Fatal(errors.Wrap(err, "can't write to temporary yaml config"))
+		}
+
+		configFile = file.Name()
+	}
+
+	cfg, err = config.FromYAMLFile[internal.Config](configFile)
 	if err != nil {
 		logging.Fatal(errors.Wrap(err, "can't create configuration"))
 	}
diff --git a/icinga-kubernetes-configmap.yml b/icinga-kubernetes-configmap.yml
@@ -0,0 +1,47 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: icinga-kubernetes-config
+data:
+  config: |
+    # This is the configuration file for Icinga Kubernetes.
+    #
+    # Connection configuration for the database to which Icinga Kubernetes synchronizes Kubernetes data.
+    # This is also the database used in Icinga Kubernetes Web to view and work with the data.
+    database:
+      # Database type. Either 'mysql' for MySQL or 'pgsql' for PostgreSQL.
+      # Defaults to 'mysql'.
+    #  type: mysql
+
+      # Database host or absolute Unix socket path.
+      host: 10.96.0.2
+  
+      # Database port. By default, the MySQL or PostgreSQL port, depending on the database type.
+    #  port:
+  
+      # Database name.
+      database: kubernetes
+  
+      # Database user.
+      user: kubernetes
+  
+      # Database password.
+      password: kubernetes
+ 
+    # Icinga Kubernetes logs its activities at various severity levels and any errors that occur either
+    # on the console or in systemd's journal. The latter is used automatically when running under systemd.
+    # In any case, the default log level is 'info'.
+    logging:
+      # Default logging level. Can be set to 'fatal', 'error', 'warn', 'info' or 'debug'.
+      # If not set, defaults to 'info'.
+      level: info
+  
+      # Logging output. Can be set to 'console' (stderr) or 'systemd-journald'.
+      # If not set, logs to systemd-journald when running under systemd, otherwise stderr.
+    #  output:
+
+      # Interval for periodic logging defined as duration string.
+      # A duration string is a sequence of decimal numbers and a unit suffix, such as "20s".
+      # Valid units are "ms", "s", "m", "h".
+      # Defaults to "20s".
+    #  interval: 20s
diff --git a/icinga-kubernetes-expose-8080.yml b/icinga-kubernetes-expose-8080.yml
diff --git a/icinga-kubernetes.yml b/icinga-kubernetes.yml
@@ -1,14 +1,52 @@
----
 apiVersion: v1
 kind: Pod
 metadata:
   name: icinga-kubernetes
   labels:
     app: icinga-kubernetes
 spec:
+  affinity:
+    nodeAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        nodeSelectorTerms:
+          - matchExpressions:
+              - key: kubernetes.io/hostname
+                operator: In
+                values:
+                  - minikube
   containers:
     - name: icinga-kubernetes
       image: icinga-kubernetes
       imagePullPolicy: Never
-      ports:
-        - containerPort: 8080
+      env:
+        - name: ICINGA_KUBERNETES_CONFIG
+          valueFrom:
+            configMapKeyRef:
+              name: icinga-kubernetes-config
+              key: config
+
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  namespace: default
+  name: pod-reader
+rules:
+  - apiGroups: [ "" ] # "" indicates the core API group
+    resources: [ "*" ]
+    verbs: [ "get", "watch", "list" ]
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: read-pods
+  namespace: default
+subjects:
+  - kind: ServiceAccount
+    name: default
+    namespace: default
+roleRef:
+  kind: ClusterRole
+  name: pod-reader
+  apiGroup: ""
diff --git a/schema/mysql/Dockerfile b/schema/mysql/Dockerfile
@@ -0,0 +1,10 @@
+FROM mysql:latest
+
+ENV MYSQL_USER=kubernetes
+ENV MYSQL_PASSWORD=kubernetes
+ENV MYSQL_DATABASE=kubernetes
+ENV MYSQL_ROOT_PASSWORD=kubernetes
+
+COPY schema.sql /docker-entrypoint-initdb.d
+
+EXPOSE 3306
