V0.43.0 hmhco

Dockerfile

@@ -0,0 +1,18 @@
+FROM public.ecr.aws/docker/library/golang:1.18.4-alpine3.15 as build
+ARG TARGETOS
+ARG TARGETARCH
+
+COPY . /go
+
+RUN cd /go/control-plane && \
+	set -x; go build -o pkg/bin/consul-k8s-control-plane
+
+# final image
+# we are simply copying our custom built binary over the standard binary in the image
+# If we need to upgrade past 1.12.x this line should be updated to reflect that
+FROM hashicorp/consul-k8s-control-plane:0.43.0
+
+ARG TARGETOS
+ARG TARGETARCH
+
+COPY --from=build /go/control-plane/pkg/bin/ /bin

HMH-README.md

@@ -0,0 +1,23 @@
+### Building
+
+This must be built from a linux machine, will not work on m1 mac.
+
+#### 0.12.x
+```
+git clone https://github.com/pveasey/consul-k8s
+cd consul-k8s/
+git checkout v0.43.0-hmhco
+docker build . -t docker.br.hmheng.io/kubernetes/consul-k8s-control-plane:0.43.0-veaseyp-2
+docker push docker.br.hmheng.io/kubernetes/consul-k8s-control-plane:0.43.0-veaseyp-1
+```
+
+#### future releases
+first checkout hashicorp target tag 
+
+#               our branch   hashicorps tag
+git checkout -b v0.X.X-hmhco v0.x.x 
+
+add the go changes and dockerfile like this PR
+https://github.com/hmhco/consul-k8s/pull/1/
+
+You will need to update the `FROM hashicorp/consul-k8s-control-plane:0.43.0` to match the target version of the build

control-plane/connect-inject/annotations.go

@@ -86,6 +86,10 @@ const (
 	annotationConsulSidecarMemoryLimit   = "consul.hashicorp.com/consul-sidecar-memory-limit"
 	annotationConsulSidecarMemoryRequest = "consul.hashicorp.com/consul-sidecar-memory-request"
 
+	// annotationSidecarProxyPreStopDelay is the number of seconds to delay Envoy Sidecar shutdown
+	// set to 0 to have no delay, defaults to 1 second
+	annotationSidecarProxyPreStopDelay = "consul.hashicorp.com/sidecar-proxy-prestop-delay"
+
 	// annotations for metrics to configure where Prometheus scrapes
 	// metrics from, whether to run a merged metrics endpoint on the consul
 	// sidecar, and configure the connect service metrics.

control-plane/connect-inject/envoy_sidecar.go

@@ -48,6 +48,11 @@ func (h *Handler) envoySidecar(namespace corev1.Namespace, pod corev1.Pod, mpi m
 		Command: cmd,
 	}
 
+    lifecycle, err := h.envoySidecarLifecycle(pod)
+	if err == nil {
+		container.Lifecycle = lifecycle
+	}
+
 	tproxyEnabled, err := transparentProxyEnabled(namespace, pod, h.EnableTransparentProxy)
 	if err != nil {
 		return corev1.Container{}, err
@@ -123,6 +128,34 @@ func (h *Handler) getContainerSidecarCommand(pod corev1.Pod, multiPortSvcName st
 	return cmd, nil
 }
 
+func (h *Handler) envoySidecarLifecycle(pod corev1.Pod) (*corev1.Lifecycle, error) {
+
+	delay, annotationSet := pod.Annotations[annotationSidecarProxyPreStopDelay]
+
+    //default delay with no annotationSidecarProxyPreStopDelay set
+    // With testing in sandbox with consul 1.12.8 - 1 second appears to be too slow in some cases
+    // never seen it fail requests with 2 second delay but will
+    // default 3 seconds to have ample time to de-register consul service
+	if !annotationSet {
+		delay = "3"
+	}
+
+	lifecycle := &corev1.Lifecycle{
+		PreStop: &corev1.Handler{
+			Exec: &corev1.ExecAction{
+				Command: []string{
+					"/bin/sh",
+					"-c",
+					"sleep " + delay,
+				},
+			},
+		},
+	}
+
+	return lifecycle, nil
+}
+
+
 func (h *Handler) envoySidecarResources(pod corev1.Pod) (corev1.ResourceRequirements, error) {
 	resources := corev1.ResourceRequirements{
 		Limits:   corev1.ResourceList{},