Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add acme v02 support #391

Merged
merged 14 commits into from
Dec 11, 2019
Merged
Prev Previous commit
Next Next commit
add acme-election-id command-line option
  • Loading branch information
jcmoraisjr committed Dec 11, 2019
commit 860db3174efcdc8879a2b4c3aaf50cf588801c47
1 change: 1 addition & 0 deletions pkg/common/ingress/controller/controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,7 @@ type Configuration struct {
AcmeCheckPeriod time.Duration
AcmeFailInitialDuration time.Duration
AcmeFailMaxDuration time.Duration
AcmeElectionID string
AcmeSecretKeyName string
AcmeTokenConfigmapName string

Expand Down
4 changes: 4 additions & 0 deletions pkg/common/ingress/controller/launch.go
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,9 @@ func NewIngressController(backend ingress.Controller) *GenericController {
acmeCheckPeriod = flags.Duration("acme-check-period", 24*time.Hour,
`Time between checks of invalid or expiring certificates`)

acmeElectionID = flags.String("acme-election-id", "acme-leader",
`Prefix of the election ID used to choose the acme leader`)

acmeFailInitialDuration = flags.Duration("acme-fail-initial-duration", 5*time.Minute,
`The initial time to wait to retry sign a new certificate after a failure.
The time between retries will grow exponentially until 'acme-fail-max-duration'`)
Expand Down Expand Up @@ -278,6 +281,7 @@ func NewIngressController(backend ingress.Controller) *GenericController {
Client: kubeClient,
AcmeServer: *acmeServer,
AcmeCheckPeriod: *acmeCheckPeriod,
AcmeElectionID: *acmeElectionID,
AcmeFailInitialDuration: *acmeFailInitialDuration,
AcmeFailMaxDuration: *acmeFailMaxDuration,
AcmeSecretKeyName: *acmeSecretKeyName,
Expand Down
5 changes: 2 additions & 3 deletions pkg/controller/controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -113,9 +113,8 @@ func (hc *HAProxyController) configController() {
hc.stopCh = hc.controller.GetStopCh()
hc.logger = &logger{depth: 1}
hc.cache = newCache(hc.cfg.Client, hc.storeLister, hc.controller)
if hc.cfg.AcmeServer || false /* waiting status sync, which also uses leader election */ {
// TODO move status sync + fix electorID
electorID := fmt.Sprintf("tmp-%s-acme-elector", hc.cfg.IngressClass)
if hc.cfg.AcmeServer {
electorID := fmt.Sprintf("%s-%s", hc.cfg.AcmeElectionID, hc.cfg.IngressClass)
hc.leaderelector = NewLeaderElector(electorID, hc.logger, hc.cache, hc)
}
var acmeSigner acme.Signer
Expand Down