@@ -239,12 +239,12 @@ sync() {
239239
240240 local config_file_count
241241 local new_sha
242- if [ " $ev " = ' CREATE' ] || [ " $ev " = ' MOVED_TO' ] || [ " $ev " = ' MODIFY' ; then
242+ if [ " $ev " = ' CREATE' -o " $ev " = ' MOVED_TO' -o " $ev " = ' MODIFY' ; then
243243 # When the event type is 'CREATE', 'MOVED_TO' or 'MODIFY', we check the
244244 # previously observed SHA (updated with each file watch) and compare it
245245 # against the new file's SHA. If they differ, it means something has
246246 # changed.
247- new_sha=$( sha256sum " ${filepath} " | while read -r s _ ; do echo " $s " ; done )
247+ new_sha=$( sha256sum " ${filepath} " | awk ' {print $1} ' )
248248 if [ " $new_sha " != " $prev_sha " ; then
249249 # Create but don't rm old one since we don't know if this will be configured
250250 # to run as _the_ cni plugin.
@@ -271,7 +271,7 @@ monitor_cni_config() {
271271 sync " $filename " " $action " " $cni_conf_sha "
272272 # calculate file SHA to use in the next iteration
273273 if [[ -e " $directory /$filename " ; then
274- cni_conf_sha=" $( sha256sum " $directory /$filename " | while read -r s _ ; do echo " $s " ; done) "
274+ cni_conf_sha=$( sha256sum " $directory /$filename " | awk ' {print $1} ' )
275275 fi
276276 fi
277277 done
@@ -310,34 +310,35 @@ rm -f "${DEFAULT_CNI_CONF_PATH}"
310310
311311install_cni_bin
312312
313+ # The CNI config monitor must be set up _before_ we start patching CNI config
314+ # files!
315+ # Otherwise, new CNI config files can be created just _after_ the initial round
316+ # of patching and just _before_ we set up the `inotifywait` loop to detect new
317+ # CNI config files.
318+ cni_conf_sha=" __init__"
319+ monitor_cni_config &
320+
313321# Append our config to any existing config file (*.conflist or *.conf)
314322config_files=$( find " ${HOST_CNI_NET} " \( -iname ' *conflist' ' *conf' \) )
315323if [ -z " $config_files " ; then
316- log " No active CNI configuration files found"
324+ log " No active CNI configuration files found"
317325else
318326 config_file_count=$( echo " $config_files " | grep -v linkerd | sort | wc -l)
319327 if [ " $config_file_count " -eq 0 ]; then
320328 log " No active CNI configuration files found"
321329 else
322330 find " ${HOST_CNI_NET} " \( -iname ' *conflist' ' *conf' \) -print0 |
323331 while read -r -d $' \0' ; do
324- log " Installing CNI configuration for $file "
325- create_kubeconfig
326- create_cni_conf
327- install_cni_conf " $file "
332+ log " Trigger CNI config detection for $file "
333+ tmp_file=" $( mktemp -u /tmp/linkerd-cni.patch-candidate.XXXXXX) "
334+ cp -fp " $file " " $tmp_file "
335+ # The following will trigger the `sync()` function via `inotifywait` in
336+ # `monitor_cni_config()`.
337+ mv -f " $tmp_file " " $file "
328338 done
329339 fi
330340fi
331341
332- # Compute SHA for first config file found; this will be updated after every iteration.
333- # First config file is likely to be chosen as the de facto CNI config by the
334- # host.
335- conf=" $( find " ${HOST_CNI_NET} " \( -iname ' *conflist' ' *conf' \) | sort | head -n 1) "
336- cni_conf_sha=" "
337- if [[ -n " $conf " ]]; then
338- cni_conf_sha=" $( sha256sum " $conf " | while read -r s _; do echo " $s " ; done)"
339- fi
340-
341342# Watch in bg so we can receive interrupt signals through 'trap'. From 'man
342343# bash':
343344# "If bash is waiting for a command to complete and receives a signal
346347# builtin, the reception of a signal for which a trap has been set will cause
347348# the wait builtin to return immediately with an exit status greater than 128,
348349# immediately after which the trap is executed."
349- monitor_cni_config &
350350monitor_service_account_token &
351351# uses -n so that we exit when the first background job exits (when there's an error)
352352wait -n
0 commit comments