Skip to content

Manifest to run Harmony Connect Remote Access (former ODO) in K8S

Notifications You must be signed in to change notification settings

chkp-apopisteru/odo-in-k8s

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 

Repository files navigation

odo-in-k8s

Manifest to run Harmony Connect Remote Access (former ODO) in K8S

Converted original instructions to run adanite/odo_connecter:GEO_v3 in Kubernetes

  • as a Pod
  • as a Deployment

Original command:

docker run -d \
--cap-add=NET_ADMIN \
--sysctl net.ipv4.ip_forward=1 \
--device /dev/net/tun --restart=always \
--log-opt max-size=1g \
-e Secret=<CONNECTOR-SECRET> \
adanite/odo_connector:eu_v3

Several interesting requirements had to be solved:

  • using sysctl
  • mapping device
  • using linux capabilities
  • DNS (quick hack change core-dns config to forward to external servers)
  • logging, solved with run-time option --log-file-max-size=1024

<CONNECTOR_SECRET> provided via ConfigMap in Pod, not Secret, since there is no decryption function inside the container and secrets are only base64 encoded. In Deployment, <CONNECTOR_SECRET> is provided as a Secret.

For offline install, with docker runtime, one may pull the image on a different machine, save it, transfer the archive to K8S master node and docker load it.

Since the manifest includes both ConfigMap and Pod, if Secret must be changed simply run kubectl replace --force --grace-period=0 -f to have both reinitialized (yes, I know that updating CM will update the env var of container, but it was easier and more consistent during testing).

Tested with minikube, which requires --extra-config

minikube start --driver=docker --network-plugin=cni --cni=calico --extra-config="kubelet.allowed-unsafe-sysctls=kernel.msg*,net.*" --kubernetes-version=v1.22.2

About

Manifest to run Harmony Connect Remote Access (former ODO) in K8S

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published