Skip to content

Commit

Permalink
External Network: Wireguard Templates
Browse files Browse the repository at this point in the history
  • Loading branch information
cheina97 committed Oct 16, 2023
1 parent 6861dad commit 3d5109a
Show file tree
Hide file tree
Showing 6 changed files with 154 additions and 12 deletions.
48 changes: 48 additions & 0 deletions deployments/liqo/files/liqo-wireguard-gateway-client-template.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
metadata:
labels:
app: "{{ .Name }}"
spec:
deployment:
metadata:
labels:
app: "{{ .Name }}"
spec:
replicas: 1
selector:
matchLabels:
app: "{{ .Name }}"
template:
metadata:
labels:
app: "{{ .Name }}"
spec:
containers:
- name: tunnel
image: ghcr.io/liqotech/gateway/wireguard/tunnel
imagePullPolicy: Always
args:
- --name="{{ .Name }}"
- --namespace="{{ .Namespace }}"
- --remote-cluster-id="{{ .ClusterID }}"
- --wireguard-gateway-uid="{{ .GatewayUID }}"
- --mode=client
- --mtu="{{ .MTU }}"
- --endpoint-address="{{ index .Spec.Endpoint.Addresses 0 }}"
- --endpoint-port="{{ .Spec.Endpoint.Port }}"
securityContext:
privileged: true
capabilities:
add:
- ALL
- name: gateway
image: ghcr.io/liqotech/gateway/main
imagePullPolicy: Always
args:
- --name="{{ .Name }}"
- --namespace="{{ .Namespace }}"
- --mode=client
securityContext:
privileged: true
capabilities:
add:
- ALL
59 changes: 59 additions & 0 deletions deployments/liqo/files/liqo-wireguard-gateway-server-template.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
metadata:
labels:
app: "{{ .Name }}"
spec:
service:
metadata:
labels:
app: "{{ .Name }}"
spec:
selector:
app: "{{ .Name }}"
type: "{{ .Spec.Endpoint.ServiceType }}"
ports:
- port: "{{ .Spec.Endpoint.Port }}"
protocol: UDP
nodePort: 31820
deployment:
metadata:
labels:
app: "{{ .Name }}"
spec:
replicas: 1
selector:
matchLabels:
app: "{{ .Name }}"
template:
metadata:
labels:
app: "{{ .Name }}"
spec:
containers:
- name: tunnel
image: ghcr.io/liqotech/gateway/wireguard/tunnel
imagePullPolicy: Always
args:
- --name="{{ .Name }}"
- --namespace="{{ .Namespace }}"
- --remote-cluster-id="{{ .ClusterID }}"
- --wireguard-gateway-uid="{{ .GatewayUID }}"
- --mode=server
- --mtu="{{ .Spec.MTU }}"
- --listen-port="{{ .Spec.Endpoint.Port }}"
securityContext:
privileged: true
capabilities:
add:
- ALL
- name: gateway
image: ghcr.io/liqotech/gateway/main
imagePullPolicy: Always
args:
- --name="{{ .Name }}"
- --namespace="{{ .Namespace }}"
- --mode=server
securityContext:
privileged: true
capabilities:
add:
- ALL
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{{- if .Values.networking.internal }}

apiVersion: networking.liqo.io/v1alpha1
kind: WgGatewayClientTemplate
metadata:
name: wg-client-template
namespace: liqo
spec:
objectKind:
apiVersion: networking.liqo.io/v1alpha1
kind: WgGatewayClient
template: {{- .Files.Get ("files/liqo-wireguard-gateway-client-template.yaml") | nindent 4 }}
{{- end }}
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{{- if .Values.networking.internal }}

apiVersion: networking.liqo.io/v1alpha1
kind: WgGatewayServerTemplate
metadata:
name: wg-server-template
namespace: liqo
spec:
objectKind:
apiVersion: networking.liqo.io/v1alpha1
kind: WgGatewayServer
template: {{- .Files.Get ("files/liqo-wireguard-gateway-server-template.yaml") | nindent 4 }}
{{- end }}

Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,11 @@ type ClientReconciler struct {
}

type templateData struct {
Spec networkingv1alpha1.GatewayClientSpec
GatewayUID string
ClusterID string
Spec networkingv1alpha1.GatewayClientSpec
GatewayName string
GatewayNamespace string
GatewayUID string
ClusterID string
}

// NewClientReconciler returns a new ClientReconciler.
Expand Down Expand Up @@ -178,9 +180,11 @@ func (r *ClientReconciler) EnsureGatewayClient(ctx context.Context, gwClient *ne
},
})
spec, err := enutils.RenderTemplate(objectTemplateSpec, templateData{
Spec: gwClient.Spec,
GatewayUID: string(gwClient.UID),
ClusterID: remoteClusterID,
Spec: gwClient.Spec,
GatewayName: gwClient.Name,
GatewayNamespace: gwClient.Namespace,
GatewayUID: string(gwClient.UID),
ClusterID: remoteClusterID,
})
if err != nil {
return fmt.Errorf("unable to render the template: %w", err)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,11 @@ type ServerReconciler struct {
}

type templateData struct {
Spec networkingv1alpha1.GatewayServerSpec
GatewayUID string
ClusterID string
Spec networkingv1alpha1.GatewayServerSpec
GatewayName string
GatewayNamespace string
GatewayUID string
ClusterID string
}

// NewServerReconciler returns a new ServerReconciler.
Expand Down Expand Up @@ -178,9 +180,11 @@ func (r *ServerReconciler) EnsureGatewayServer(ctx context.Context, server *netw
},
})
spec, err := enutils.RenderTemplate(objectTemplateSpec, templateData{
Spec: server.Spec,
GatewayUID: string(server.UID),
ClusterID: remoteClusterID,
Spec: server.Spec,
GatewayName: server.Name,
GatewayNamespace: server.Namespace,
GatewayUID: string(server.UID),
ClusterID: remoteClusterID,
})
if err != nil {
return fmt.Errorf("unable to render the template: %w", err)
Expand Down

0 comments on commit 3d5109a

Please sign in to comment.