init

Author: cheerego

.cnb.yml

@@ -0,0 +1,15 @@
+"**":
+  push:
+    - services:
+        - docker
+      stages:
+        - name: docker login
+          script:
+            - docker login -u ${CNB_TOKEN_USER_NAME} -p "${CNB_TOKEN}" ${CNB_DOCKER_REGISTRY}
+        - name: docker build
+          script:
+            - docker build -t ${CNB_DOCKER_REGISTRY}/${CNB_REPO_SLUG_LOWERCASE}:${CNB_COMMIT} -t ${CNB_DOCKER_REGISTRY}/${CNB_REPO_SLUG_LOWERCASE}:latest .
+        - name: docker push
+          script:
+            - docker push ${CNB_DOCKER_REGISTRY}/${CNB_REPO_SLUG_LOWERCASE}:${CNB_COMMIT}
+            - docker push ${CNB_DOCKER_REGISTRY}/${CNB_REPO_SLUG_LOWERCASE}:latest

.gitignore

@@ -0,0 +1 @@
+.idea

Dockerfile

@@ -0,0 +1,9 @@
+FROM golang:1.23.5-bookworm
+
+WORKDIR /app
+COPY . .
+RUN go build  -o nginx-reloader .
+
+CMD /app/nginx-reloader
+
+

README.md

@@ -0,0 +1,20 @@
+# K8S Nginx Hot Reload
+
+## Know-Why
+
+* [share-process-namespace](https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/)
+  * Processes are visible to other containers in the pod.
+  * Container filesystems are visible to other containers in the pod through the `/proc/$pid/root` link.
+* SideCar Container
+* Go program
+  * kill -HUP pid.
+  * Watch nginx config dirs.
+  * Event debounce.
+* [configmap updated automatically](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#mounted-configmaps-are-updated-automatically)
+
+## How-Use
+
+* example [nginx-reloader.yml](https://github.com/cheerego/nginx-reloader/blob/master/nginx-reloader.yml)
+* enable shareProcessNamespace
+* TIME_AFTER_SECONDS, Event debounce default second.   
+* WATCH_DIRS, split by comma, like `/etc/nginx,/etc/nginx/conf.d`

go.mod

@@ -0,0 +1,21 @@
+module nginx-reloader
+
+go 1.23.2
+
+require (
+	github.com/fsnotify/fsnotify v1.8.0
+	github.com/pkg/errors v0.9.1
+	github.com/shirou/gopsutil/v4 v4.24.12
+	golang.org/x/sync v0.10.0
+)
+
+require (
+	github.com/ebitengine/purego v0.8.1 // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
+	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
+	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
+	github.com/tklauser/go-sysconf v0.3.12 // indirect
+	github.com/tklauser/numcpus v0.6.1 // indirect
+	github.com/yusufpapurcu/wmi v1.2.4 // indirect
+	golang.org/x/sys v0.28.0 // indirect
+)

go.sum

@@ -0,0 +1,40 @@
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/ebitengine/purego v0.8.1 h1:sdRKd6plj7KYW33EH5As6YKfe8m9zbN9JMrOjNVF/BE=
+github.com/ebitengine/purego v0.8.1/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ=
+github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/8M=
+github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
+github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY=
+github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
+github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 h1:6E+4a0GO5zZEnZ81pIr0yLvtUWk2if982qA3F3QD6H4=
+github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF4JjgDlrVEn3C11VoGHZN7m8qihwgMEtzYw=
+github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
+github.com/shirou/gopsutil/v4 v4.24.12 h1:qvePBOk20e0IKA1QXrIIU+jmk+zEiYVVx06WjBRlZo4=
+github.com/shirou/gopsutil/v4 v4.24.12/go.mod h1:DCtMPAad2XceTeIAbGyVfycbYQNBGk2P8cvDi7/VN9o=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/tklauser/go-sysconf v0.3.12 h1:0QaGUFOdQaIVdPgfITYzaTegZvdCjmYO52cSFAEVmqU=
+github.com/tklauser/go-sysconf v0.3.12/go.mod h1:Ho14jnntGE1fpdOqQEEaiKRpvIavV0hSfmBq8nJbHYI=
+github.com/tklauser/numcpus v0.6.1 h1:ng9scYS7az0Bk4OZLvrNXNSAO2Pxr1XXRAPyjhIx+Fk=
+github.com/tklauser/numcpus v0.6.1/go.mod h1:1XfjsgE2zo8GVw7POkMbHENHzVg3GzmoZ9fESEdAacY=
+github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
+github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
+golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
+golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
+golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

main.go

@@ -0,0 +1,193 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"github.com/fsnotify/fsnotify"
+	"github.com/pkg/errors"
+	"github.com/shirou/gopsutil/v4/process"
+	"golang.org/x/sync/errgroup"
+	"io/fs"
+	"log"
+	"os"
+	"os/exec"
+	"os/signal"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"sync"
+	"syscall"
+	"time"
+)
+
+// https://kubernetes.io/zh-cn/docs/tasks/configure-pod-container/share-process-namespace/
+// https://cctoctofx.netlify.app/post/cloud-computing/k8s-config-update/
+
+func main() {
+	time.Sleep(10 * time.Second)
+	err := NewNginxReloadWatcher().Start()
+	if err != nil {
+		log.Println("[ERROR] start watcher err")
+	}
+}
+
+type NginxReloadWatcher struct {
+	sync.Mutex
+	nginxMasterPid   int32
+	timer            *time.Timer
+	timeAfterSeconds time.Duration
+
+	// file watch 的目录，用逗号分割
+	// 如 /etc/nginx,/etc/nginx/conf.d
+	watchDirs []string
+}
+
+func NewNginxReloadWatcher() *NginxReloadWatcher {
+
+	timeAfterSecondsEnv := os.Getenv("TIME_AFTER_SECONDS")
+	var timeAfter = 30
+	atoi, err := strconv.Atoi(timeAfterSecondsEnv)
+	if err == nil {
+		timeAfter = atoi
+	}
+	log.Println("TIME_AFTER_SECONDS: ", timeAfter)
+
+	watchDirsEnv := os.Getenv("WATCH_DIRS")
+
+	log.Println("WATCH_DIRS: ", watchDirsEnv)
+	watchDirs := strings.Split(watchDirsEnv, ",")
+	log.Println("WATCH_DIRS after split: ", watchDirs)
+
+	return &NginxReloadWatcher{
+		timeAfterSeconds: time.Duration(timeAfter) * time.Second,
+		watchDirs:        watchDirs,
+	}
+}
+
+func (n *NginxReloadWatcher) findNginxMaterPid() (int32, error) {
+	processes, err := process.Processes()
+	if err != nil {
+		return 0, err
+	}
+
+	for _, p := range processes {
+		name, err := p.Name()
+		if err != nil {
+			return 0, errors.Wrap(err, "process Name err")
+		}
+		if name != "nginx" {
+			continue
+		}
+		ppid, err := p.Ppid()
+		if err != nil {
+			return 0, errors.Wrap(err, "process ppid err")
+		}
+		if ppid == 0 {
+			return p.Pid, nil
+		}
+	}
+	return 0, errors.New("not found nginx master")
+}
+
+func (n *NginxReloadWatcher) Start() error {
+	pid, err := n.findNginxMaterPid()
+	if err != nil {
+		return err
+	}
+	log.Println(fmt.Sprintf("nginx master id %d", pid))
+	n.nginxMasterPid = pid
+
+	g, gctx := errgroup.WithContext(context.TODO())
+	g.Go(func() error {
+		killSignal := make(chan os.Signal, 1)
+		signal.Notify(killSignal, os.Interrupt, syscall.SIGTERM, os.Kill)
+		<-killSignal
+		return errors.New("kill signal")
+	})
+
+	g.Go(func() error {
+		watcher, err := fsnotify.NewWatcher()
+		if err != nil {
+			return err
+		}
+		defer watcher.Close()
+
+		// Add a path.
+		for _, parentDir := range n.watchDirs {
+			parentDir = fmt.Sprintf("/proc/%d/root%s", pid, parentDir)
+			err = watcher.Add(parentDir)
+			if err != nil {
+				return err
+			}
+			err = filepath.WalkDir(parentDir, func(path string, d fs.DirEntry, err error) error {
+				if err != nil {
+					fmt.Printf("无法访问路径 %q: %v\n", path, err)
+					return err // 继续遍历其他文件/目录
+				}
+				if d.IsDir() {
+					watcher.Add(path)
+				}
+				return nil
+			})
+			if err != nil {
+				return errors.Wrap(err, "遍历目录时出错")
+			}
+		}
+
+		watchList := watcher.WatchList()
+
+		for _, item := range watchList {
+			log.Println(item)
+		}
+
+		for {
+			select {
+			case <-gctx.Done():
+				return errors.New("gctx done")
+			case event, ok := <-watcher.Events:
+				if !ok {
+					continue
+				}
+				log.Println("event:", event)
+				if event.Has(fsnotify.Create) || event.Has(fsnotify.Write) || event.Has(fsnotify.Remove) || event.Has(fsnotify.Rename) || event.Has(fsnotify.Chmod) {
+					n.timerHubSignal(event.String())
+				}
+
+			case err, ok := <-watcher.Errors:
+				if !ok {
+					continue
+				}
+				log.Println("error:", err)
+			}
+		}
+
+	})
+	return g.Wait()
+}
+
+func (n *NginxReloadWatcher) timerHubSignal(event string) {
+
+	n.Lock()
+	defer n.Unlock()
+
+	if n.timer != nil {
+		log.Println("[INFO] stop preview timer")
+		n.timer.Stop()
+	}
+	//
+	log.Println("[INFO] set new timer ", event)
+	n.timer = time.AfterFunc(n.timeAfterSeconds, func() {
+		n.Lock()
+		defer n.Unlock()
+		n.timer = nil
+
+		command := exec.Command("/bin/bash", "-c", fmt.Sprintf("kill -HUP %d", n.nginxMasterPid))
+		output, err := command.CombinedOutput()
+		s := string(output)
+		if err != nil {
+			log.Println(fmt.Sprintf("kill -HUP %d err, err %v, output %s, event %s", n.nginxMasterPid, err, s, event))
+			return
+		}
+		log.Println(fmt.Sprintf("kill -HUP %d success, output %s, event %s", n.nginxMasterPid, s, event))
+	})
+}