add addons

deploy/addons/auto-pause/auto-pause.service

@@ -0,0 +1,9 @@
+Description=Auto Pause Service
+
+[Service]
+Type=simple
+ExecStart=/usr/local/bin/auto-pause
+Restart=always
+
+[Install]
+WantedBy=multi-user.target

deploy/addons/auto-pause/auto-pause.yaml.tmpl

@@ -24,15 +24,11 @@ spec:
           type: File
       - name: lua-script
         hostPath:
-          path: /var/lib/minikube/hello_world.lua
-          type: File
-      - name: mini-status
-        hostPath:
-          path: /var/lib/minikube/pstatus.txt
+          path: /var/lib/minikube/unpause.lua
           type: File
       containers:
         - name: auto-pause
-          image: "haproxy"
+          image: "haproxy:2.3.5"
           ports:
             - name: https
               containerPort: 6443
@@ -43,7 +39,5 @@ spec:
             mountPath: /usr/local/etc/haproxy/haproxy.cfg
             readOnly: true
           - name: lua-script
-            mountPath: /etc/haproxy/hello_world.lua
-          - name: mini-status
-            mountPath: /var/lib/minikube/pstatus.txt
+            mountPath: /etc/haproxy/unpause.lua
 ---

deploy/addons/auto-pause/haproxy.cfg

@@ -12,7 +12,7 @@ listen stats
 
 # change haproxy.cfg file with the following
 global
-   lua-load /etc/haproxy/hello_world.lua
+   lua-load /etc/haproxy/unpause.lua
 
 ############## Configure HAProxy Secure Frontend #############
 frontend k8s-api-https-proxy
@@ -21,12 +21,15 @@ frontend k8s-api-https-proxy
     tcp-request inspect-delay 5s
     tcp-request content accept if { req.ssl_hello_type 1 }
     default_backend k8s-api-https
-
 ############## Configure HAProxy SecureBackend #############
 backend k8s-api-https
     balance roundrobin
     mode tcp
-    tcp-request content lua.foo_action
+    #tcp-request inspect-delay 10s
+    #tcp-request content lua.foo_action
+    tcp-request inspect-delay 10s
+    tcp-request content lua.unpause 192.168.49.2 8000
+    tcp-request content reject if { var(req.blocked) -m bool }
     option tcplog
     option tcp-check
     default-server inter 10s downinter 5s rise 2 fall 2 slowstart 60s maxconn 250 maxqueue 256 weight 100

deploy/addons/auto-pause/hello_world.lua

@@ -1,9 +0,0 @@
-local function foo(txn)
-    core.Info("hello_world\n")
-    f = io.open("/tmp/abc.txt", "a")
-    f:write("hello_world\n")
-    f:close()
-end
-
-core.register_action("foo_action", { 'tcp-req' }, foo, 0)
-

deploy/addons/auto-pause/notes.md

@@ -1,4 +0,0 @@
-## Running in docker 
-```
-docker run -p 38443:38443 -v $(pwd):/t -it --rm --name haproxy haproxy -f /t/haproxy.cfg 
-```

deploy/addons/auto-pause/unpause.lua

@@ -0,0 +1,58 @@
+local function unpause(txn, addr, port)
+    core.Info("hello_world\n")
+    if not addr then addr = '127.0.0.1' end
+    if not port then port = 5000 end
+
+    -- Set up a request to the service
+    local hdrs = {
+        [1] = string.format('host: %s:%s', addr, port),
+        [2] = 'accept: */*',
+        [3] = 'connection: close'
+    }
+
+    local req = {
+        [1] = string.format('GET /%s HTTP/1.1', tostring(txn.f:src())),
+        [2] = table.concat(hdrs, '\r\n'),
+        [3] = '\r\n'
+    }
+
+    req = table.concat(req,  '\r\n')
+
+    -- Use core.tcp to get an instance of the Socket class
+    local socket = core.tcp()
+    socket:settimeout(5)
+
+    -- Connect to the service and send the request
+    if socket:connect(addr, port) then
+        if socket:send(req) then
+            -- Skip response headers
+            while true do
+                local line, _ = socket:receive('*l')
+
+                if not line then break end
+                if line == '' then break end
+            end
+
+            -- Get response body, if any
+            local content = socket:receive('*a')
+
+            -- Check if this request should be allowed
+            if content and content == 'allow' then
+                txn:set_var('req.blocked', false)
+                return
+            end
+        else
+            core.Alert('Could not connect to IP Checker server (send)')
+        end
+
+        socket:close()
+    else
+        core.Alert('Could not connect to IP Checker server (connect)')
+    end
+
+    -- The request should be blocked
+    txn:set_var('req.blocked', true)
+end
+
+core.register_action('unpause', {'tcp-req'}, unpause, 2)
+

pkg/addons/config.go

@@ -42,6 +42,12 @@ var addonPodLabels = map[string]string{
 
 // Addons is a list of all addons
 var Addons = []*Addon{
+	{
+		name:      "auto-pause",
+		set:       SetBool,
+		callbacks: []setFn{enableOrDisableAddon},
+	},
+
 	{
 		name:      "dashboard",
 		set:       SetBool,

pkg/minikube/assets/addons.go

@@ -71,6 +71,34 @@ func (a *Addon) IsEnabled(cc *config.ClusterConfig) bool {
 // Addons is the list of addons
 // TODO: Make dynamically loadable: move this data to a .yaml file within each addon directory
 var Addons = map[string]*Addon{
+	"auto-pause": NewAddon([]*BinAsset{
+		MustBinAsset(
+			"deploy/addons/auto-pause/auto-pause.yaml.tmpl",
+			vmpath.GuestAddonsDir,
+			"auto-pause.yaml",
+			"0640"),
+		MustBinAsset(
+			"deploy/addons/auto-pause/haproxy.cfg",
+			"/var/lib/minikube/",
+			"haproxy.cfg",
+			"0640"),
+		MustBinAsset(
+			"deploy/addons/auto-pause/unpause.lua",
+			"/var/lib/minikube/",
+			"unpause.lua",
+			"0640"),
+		MustBinAsset(
+			"deploy/addons/auto-pause/auto-pause.service",
+			"/etc/systemd/system/",
+			"auto-pause.service",
+			"0640"),
+
+		//GuestPersistentDir
+	}, false, "auto-pause", map[string]string{
+		"haproxy": "haproxy:2.3.5",
+	}, map[string]string{
+		"haproxy": "gcr.io",
+	}),
 	"dashboard": NewAddon([]*BinAsset{
 		// We want to create the kubernetes-dashboard ns first so that every subsequent object can be created
 		MustBinAsset("deploy/addons/dashboard/dashboard-ns.yaml", vmpath.GuestAddonsDir, "dashboard-ns.yaml", "0640"),