diff --git a/contrib/for-demos/proxy-to-service/Dockerfile b/contrib/for-demos/proxy-to-service/Dockerfile index 052212c5c79..0ebe1a7a2ad 100644 --- a/contrib/for-demos/proxy-to-service/Dockerfile +++ b/contrib/for-demos/proxy-to-service/Dockerfile @@ -3,6 +3,7 @@ FROM progrium/busybox MAINTAINER Tim Hockin "thockin@google.com" RUN opkg-install socat +ADD start.sh start.sh -# Usage: docker run -p : -ENTRYPOINT [ "sh", "-c", "PROTO=$(echo $0 | tr a-z A-Z); exec socat ${PROTO}-LISTEN:$1,reuseaddr,fork ${PROTO}:$2:$1" ] +# Usage: docker run -p : [timeout] +ENTRYPOINT ["/start.sh"] diff --git a/contrib/for-demos/proxy-to-service/Makefile b/contrib/for-demos/proxy-to-service/Makefile index 54f4424f138..f5af8ab8b29 100644 --- a/contrib/for-demos/proxy-to-service/Makefile +++ b/contrib/for-demos/proxy-to-service/Makefile @@ -4,7 +4,7 @@ .PHONY: all container push -TAG = v1 +TAG = v2 PREFIX = gcr.io/google_containers NAME = proxy-to-service diff --git a/contrib/for-demos/proxy-to-service/README.md b/contrib/for-demos/proxy-to-service/README.md index 6b5199a0951..2d8dfa3eb5c 100644 --- a/contrib/for-demos/proxy-to-service/README.md +++ b/contrib/for-demos/proxy-to-service/README.md @@ -7,7 +7,7 @@ also can not choose to expose it on some nodes but not others. These things will be fixed in the future, but until then, here is a stop-gap measure you can use. -The container image `gcr.io/google_containers/proxy-to-service:v1` is a very +The container image `gcr.io/google_containers/proxy-to-service:v2` is a very small container that will do port-forwarding for you. You can use it to forward a pod port or a host port to a service. Pods can choose any port or host port, and are not limited in the same way Services are. @@ -23,15 +23,15 @@ metadata: spec: containers: - name: proxy-udp - image: gcr.io/google_containers/proxy-to-service:v1 - args: [ "udp", "53", "kube-dns.default" ] + image: gcr.io/google_containers/proxy-to-service:v2 + args: [ "udp", "53", "kube-dns.default", "1" ] ports: - name: udp protocol: UDP containerPort: 53 hostPort: 53 - name: proxy-tcp - image: gcr.io/google_containers/proxy-to-service:v1 + image: gcr.io/google_containers/proxy-to-service:v2 args: [ "tcp", "53", "kube-dns.default" ] ports: - name: tcp @@ -42,7 +42,14 @@ spec: This creates a pod with two containers (one for TCP, one for UDP). Each container receives traffic on a port (53 here) and forwards that traffic to the -kube-dns service. You can run this on as many or as few nodes as you want. +`kube-dns` service. You can run this on as many or as few nodes as you want. + +Note that the UDP container has a 4th argument - this is a timeout. Unlike +TCP, UDP does not really have a concept of "connection terminated". If you +need to proxy UDP, you should choose an appropriate timeout. You can specify a +timeout for TCP sessions too, which will close the session after the specified +number of seconds of inactivity. In this case, DNS sessions are not really +ever reused, so a short timeout is appropriate. [![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/contrib/for-demos/proxy-to-service/README.md?pixel)]() diff --git a/contrib/for-demos/proxy-to-service/start.sh b/contrib/for-demos/proxy-to-service/start.sh new file mode 100755 index 00000000000..39b92050afd --- /dev/null +++ b/contrib/for-demos/proxy-to-service/start.sh @@ -0,0 +1,35 @@ +#!/bin/sh + +# Copyright 2015 The Kubernetes Authors All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Usage: $0 [timeout] +# protocol: tcp|udp - case insensitive +# port: port number on which to receive and connect +# service: the destination service name or IP +# timeout: idle timeout in seconds (optional) + +if [[ -z "$1" -o -z "$2" -o -z "$3" ]]; then + echo "usage: $0 [timeout]" + exit 1 +fi + +PROTO=$(echo $1 | tr a-z A-Z) +TIMEOUT="" +test -n "$4" && TIMEOUT="-T$4" + +CMD="socat ${TIMEOUT} ${PROTO}-LISTEN:$2,reuseaddr,fork ${PROTO}:$3:$2" +echo "Running ${CMD}" +exec ${CMD} diff --git a/hooks/boilerplate.py b/hooks/boilerplate.py index 72497f5840b..72fcf9709d6 100755 --- a/hooks/boilerplate.py +++ b/hooks/boilerplate.py @@ -33,11 +33,16 @@ def file_passes(filename, extension, ref, regexs): data = f.read() - # remove build tags from the top of Go file + # remove build tags from the top of Go files if extension == "go": p = regexs["go_build_constraints"] (data, found) = p.subn("", data, 1) + # remove shebang from the top of shell files + if extension == "sh": + p = regexs["shebang"] + (data, found) = p.subn("", data, 1) + data = data.splitlines() # if our test file is smaller than the reference it surely fails! @@ -91,6 +96,8 @@ def main(): regexs["date"] = re.compile( '(2014|2015)' ) # strip // +build \n\n build constraints regexs["go_build_constraints"] = re.compile(r"^(// \+build.*\n)+\n", re.MULTILINE) + # strip #!.* from shell scripts + regexs["shebang"] = re.compile(r"^(#!.*\n)\n*", re.MULTILINE) for filename in filenames: if not file_passes(filename, extension, ref, regexs): diff --git a/hooks/boilerplate.sh.txt b/hooks/boilerplate.sh.txt index f592735e31e..6ce3fbd4645 100644 --- a/hooks/boilerplate.sh.txt +++ b/hooks/boilerplate.sh.txt @@ -1,5 +1,3 @@ -#!/bin/bash - # Copyright YEAR The Kubernetes Authors All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License");