From 59749e683c934765011b51869e5629fbc6525ec0 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Mon, 24 Aug 2020 16:51:46 -0400 Subject: [PATCH 1/2] Fixed escaping for DB certs in web images --- .gitignore | 3 +++ web-apache-mysql/ubuntu/docker-entrypoint.sh | 4 ++++ web-apache-pgsql/ubuntu/docker-entrypoint.sh | 4 ++++ web-nginx-mysql/ubuntu/docker-entrypoint.sh | 4 ++++ web-nginx-pgsql/ubuntu/docker-entrypoint.sh | 4 ++++ 5 files changed, 19 insertions(+) diff --git a/.gitignore b/.gitignore index 3d63db5ec..03f34fddd 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,5 @@ zbx_env/ zbx_env*/ +.*CERT_FILE +.*KEY_FILE +.*CA_FILE diff --git a/web-apache-mysql/ubuntu/docker-entrypoint.sh b/web-apache-mysql/ubuntu/docker-entrypoint.sh index 3cd52ce60..1abd0b211 100755 --- a/web-apache-mysql/ubuntu/docker-entrypoint.sh +++ b/web-apache-mysql/ubuntu/docker-entrypoint.sh @@ -220,6 +220,10 @@ prepare_zbx_web_config() { server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") + ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") + ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") + ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") + sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ diff --git a/web-apache-pgsql/ubuntu/docker-entrypoint.sh b/web-apache-pgsql/ubuntu/docker-entrypoint.sh index 81ca0c4e9..1cf2460e0 100755 --- a/web-apache-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-apache-pgsql/ubuntu/docker-entrypoint.sh @@ -222,6 +222,10 @@ prepare_zbx_web_config() { server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") + ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") + ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") + ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") + sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ diff --git a/web-nginx-mysql/ubuntu/docker-entrypoint.sh b/web-nginx-mysql/ubuntu/docker-entrypoint.sh index c99c9eda7..7b00ff08d 100755 --- a/web-nginx-mysql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-mysql/ubuntu/docker-entrypoint.sh @@ -248,6 +248,10 @@ prepare_zbx_web_config() { server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") + ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") + ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") + ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") + sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ diff --git a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh index 6a2e893d0..4223377a1 100755 --- a/web-nginx-pgsql/ubuntu/docker-entrypoint.sh +++ b/web-nginx-pgsql/ubuntu/docker-entrypoint.sh @@ -248,6 +248,10 @@ prepare_zbx_web_config() { server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}") server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}") + ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}") + ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}") + ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}") + sed -i \ -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \ -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \ From add779496a85f1bfb2851b74149313fc8d106b95 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Thu, 27 Aug 2020 13:01:12 -0400 Subject: [PATCH 2/2] add selector for Zabbix agent DaemonSet --- kubernetes.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kubernetes.yaml b/kubernetes.yaml index 06c087cd6..08e18a6f5 100644 --- a/kubernetes.yaml +++ b/kubernetes.yaml @@ -458,6 +458,9 @@ metadata: tier: agent namespace: zabbix spec: + selector: + matchLabels: + name: zabbix-agent updateStrategy: type: RollingUpdate rollingUpdate: