diff --git a/config/samples/core_v1_pod.yaml b/config/samples/core_v1_pod.yaml index 2690703..1af669c 100644 --- a/config/samples/core_v1_pod.yaml +++ b/config/samples/core_v1_pod.yaml @@ -6,9 +6,10 @@ metadata: name: diskconfig-sample spec: # hostPID: true + terminationGracePeriodSeconds: 1 containers: - name: alpine - image: alpine:3.15.4 + image: alpine:3.16 command: - sleep - infinity diff --git a/mutators/pod_mutator.go b/mutators/pod_mutator.go index b5f48a4..0c7653e 100644 --- a/mutators/pod_mutator.go +++ b/mutators/pod_mutator.go @@ -326,6 +326,13 @@ func (a *PodMutator) Handle(ctx context.Context, req admission.Request) admissio }) } + pod.Spec.Volumes = append(pod.Spec.Volumes, corev1.Volume{ + Name: "discoblocks-tools", + VolumeSource: corev1.VolumeSource{ + EmptyDir: &corev1.EmptyDirVolumeSource{}, + }, + }) + logger.Info("Attach volume mounts...") for i := range pod.Spec.Containers { @@ -335,6 +342,12 @@ func (a *PodMutator) Handle(ctx context.Context, req admission.Request) admissio MountPath: mp, }) } + + pod.Spec.Containers[i].VolumeMounts = append(pod.Spec.Containers[i].VolumeMounts, corev1.VolumeMount{ + Name: "discoblocks-tools", + MountPath: "/opt/discoblocks", + ReadOnly: pod.Spec.Containers[i].Name != "discoblocks-metrics", + }) } marshaledPod, err := json.Marshal(pod) diff --git a/pkg/utils/kube.go b/pkg/utils/kube.go index 2a5ad65..982530d 100644 --- a/pkg/utils/kube.go +++ b/pkg/utils/kube.go @@ -22,7 +22,7 @@ const hostCommandPrefix = "\n " var hostCommandReplacePattern = regexp.MustCompile(`\n`) const metricsTeamplate = `name: discoblocks-metrics -image: nixery.dev/shell/ucspi-tcp/mount +image: alpine:3.16 ports: - containerPort: 9100 protocol: TCP @@ -30,6 +30,10 @@ command: - sh - -c - | + apk add patchelf ucspi-tcp && + cp /bin/busybox /opt/discoblocks && + cp -r /lib /opt/discoblocks && + patchelf --set-interpreter /opt/discoblocks/lib/ld-musl-x86_64.so.1 /opt/discoblocks/busybox && trap exit SIGTERM ; while true; do tcpserver -v -c 1 -D -P -R -H -t 3 -l 0 0.0.0.0 9100 df -P & c=$! wait $c; done securityContext: @@ -99,14 +103,13 @@ const ( mountCommandTemplate = `%s DEV_MAJOR=$(chroot /host nsenter --target 1 --mount lsblk -lp | grep ${DEV} | awk '{print $2}' | awk '{split($0,a,":"); print a[1]}') && DEV_MINOR=$(chroot /host nsenter --target 1 --mount lsblk -lp | grep ${DEV} | awk '{print $2}' | awk '{split($0,a,":"); print a[2]}') && +export LD_LIBRARY_PATH=/opt/discoblocks/lib && for CONTAINER_ID in ${CONTAINER_IDS}; do - chroot /host nsenter --target ${PID} --mount mount | grep "${DEV} on ${MOUNT_POINT}" || ( - PID=$(docker inspect -f '{{.State.Pid}}' ${CONTAINER_ID} || crictl inspect --output go-template --template '{{.info.pid}}' ${CONTAINER_ID}) && - ( - chroot /host nsenter --target ${PID} --mount mkdir -p $(dirname ${DEV}) ${MOUNT_POINT} && - chroot /host nsenter --target ${PID} --pid --mount mknod ${DEV} b ${DEV_MAJOR} ${DEV_MINOR} && - chroot /host nsenter --target ${PID} --mount mount ${DEV} ${MOUNT_POINT} - ) + PID=$(docker inspect -f '{{.State.Pid}}' ${CONTAINER_ID} || crictl inspect --output go-template --template '{{.info.pid}}' ${CONTAINER_ID}) && + chroot /host nsenter --target ${PID} --mount /opt/discoblocks/busybox mount | grep "${DEV} on ${MOUNT_POINT}" || ( + chroot /host nsenter --target ${PID} --mount /opt/discoblocks/busybox mkdir -p $(dirname ${DEV}) ${MOUNT_POINT} && + (chroot /host nsenter --target ${PID} --pid --mount /opt/discoblocks/busybox mknod ${DEV} b ${DEV_MAJOR} ${DEV_MINOR} ||:) && + chroot /host nsenter --target ${PID} --mount /opt/discoblocks/busybox mount ${DEV} ${MOUNT_POINT} ) done` ) diff --git a/tests/e2e/stable/storageos/02-assert.yaml b/tests/e2e/stable/storageos/02-assert.yaml index 0b38179..7208ab3 100644 --- a/tests/e2e/stable/storageos/02-assert.yaml +++ b/tests/e2e/stable/storageos/02-assert.yaml @@ -92,8 +92,8 @@ metadata: spec: hostPID: true containers: - - image: nginx:1.23 - - image: nixery.dev/shell/ucspi-tcp/mount + - name: nginx + - name: discoblocks-metrics status: phase: Running --- diff --git a/tests/e2e/stable/storageos/03-assert.tpl.yaml b/tests/e2e/stable/storageos/03-assert.tpl.yaml index 140f36d..9b830d1 100644 --- a/tests/e2e/stable/storageos/03-assert.tpl.yaml +++ b/tests/e2e/stable/storageos/03-assert.tpl.yaml @@ -217,8 +217,8 @@ metadata: namespace: default spec: containers: - - image: nginx:1.23 - - image: nixery.dev/shell/ucspi-tcp/mount + - name: nginx + - name: discoblocks-metrics status: phase: Running