Support specifying an alternate number of replicas for cloudflared

Cloudflared should [support HA configurations out of the box](https://blog.cloudflare.com/highly-available-and-highly-scalable-cloudflare-tunnels/) with no extra work from the controller. This also means it should be possible to support a DaemonSet option for cloudflared.
STRRL · Jan 7, 2024 · e8b4e33 · e8b4e33
1 parent 8875a52
commit e8b4e33
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 11 deletions.
diff --git a/cmd/cloudflare-tunnel-ingress-controller/main.go b/cmd/cloudflare-tunnel-ingress-controller/main.go
@@ -21,12 +21,13 @@ type rootCmdFlags struct {
 	// for annotation on Ingress
 	ingressClass string
 	// for IngressClass.spec.controller
-	controllerClass      string
-	logLevel             int
-	cloudflareAPIToken   string
-	cloudflareAccountId  string
-	cloudflareTunnelName string
-	namespace            string
+	controllerClass         string
+	logLevel                int
+	cloudflareAPIToken      string
+	cloudflareAccountId     string
+	cloudflareTunnelName    string
+	namespace               string
+	cloudflaredReplicaCount int32
 }
 
 func main() {
@@ -99,7 +100,13 @@ func main() {
 					case <-done:
 						return
 					case _ = <-ticker.C:
-						err := controller.CreateControlledCloudflaredIfNotExist(ctx, mgr.GetClient(), tunnelClient, options.namespace)
+						err := controller.CreateControlledCloudflaredIfNotExist(
+							ctx,
+							mgr.GetClient(),
+							tunnelClient,
+							options.namespace,
+							options.cloudflaredReplicaCount,
+						)
 						if err != nil {
 							logger.WithName("controlled-cloudflared").Error(err, "create controlled cloudflared")
 						}
@@ -119,6 +126,7 @@ func main() {
 	rootCommand.PersistentFlags().StringVar(&options.cloudflareAccountId, "cloudflare-account-id", options.cloudflareAccountId, "cloudflare account id")
 	rootCommand.PersistentFlags().StringVar(&options.cloudflareTunnelName, "cloudflare-tunnel-name", options.cloudflareTunnelName, "cloudflare tunnel name")
 	rootCommand.PersistentFlags().StringVar(&options.namespace, "namespace", options.namespace, "namespace to execute cloudflared connector")
+	rootCommand.PersistentFlags().Int32Var(&options.cloudflaredReplicaCount, "cloudflared-replica-count", options.cloudflaredReplicaCount, "namespace to execute cloudflared connector")
 
 	err := rootCommand.Execute()
 	if err != nil {

diff --git a/helm/cloudflare-tunnel-ingress-controller/templates/deployment.yaml b/helm/cloudflare-tunnel-ingress-controller/templates/deployment.yaml
@@ -39,6 +39,7 @@ spec:
             - --cloudflare-account-id=$(CLOUDFLARE_ACCOUNT_ID)
             - --cloudflare-tunnel-name=$(CLOUDFLARE_TUNNEL_NAME)
             - --namespace=$(NAMESPACE)
+            - --cloudflared-replica-count={{ .Values.cloudflared.replicaCount }}
           env:
             - name: CLOUDFLARE_API_TOKEN
               valueFrom:

diff --git a/helm/cloudflare-tunnel-ingress-controller/values.yaml b/helm/cloudflare-tunnel-ingress-controller/values.yaml
@@ -21,6 +21,9 @@ ingressClass:
 
 replicaCount: 1
 
+cloudflared:
+  replicaCount: 1
+
 image:
   repository: ghcr.io/strrl/cloudflare-tunnel-ingress-controller
   pullPolicy: IfNotPresent

diff --git a/pkg/controller/controlled-cloudflared-connector.go b/pkg/controller/controlled-cloudflared-connector.go
@@ -9,7 +9,6 @@ import (
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
-	"k8s.io/utils/pointer"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -18,6 +17,7 @@ func CreateControlledCloudflaredIfNotExist(
 	kubeClient client.Client,
 	tunnelClient *cloudflarecontroller.TunnelClient,
 	namespace string,
+	replicas int32,
 ) error {
 	list := appsv1.DeploymentList{}
 	err := kubeClient.List(ctx, &list, &client.ListOptions{
@@ -39,15 +39,15 @@ func CreateControlledCloudflaredIfNotExist(
 		return errors.Wrap(err, "fetch tunnel token")
 	}
 
-	deployment := cloudflaredConnectDeploymentTemplating(token, namespace)
+	deployment := cloudflaredConnectDeploymentTemplating(token, namespace, replicas)
 	err = kubeClient.Create(ctx, deployment)
 	if err != nil {
 		return errors.Wrap(err, "create controlled-cloudflared-connector deployment")
 	}
 	return nil
 }
 
-func cloudflaredConnectDeploymentTemplating(token string, namespace string) *appsv1.Deployment {
+func cloudflaredConnectDeploymentTemplating(token string, namespace string, replicas int32) *appsv1.Deployment {
 	appName := "controlled-cloudflared-connector"
 	return &appsv1.Deployment{
 		ObjectMeta: metav1.ObjectMeta{
@@ -59,7 +59,7 @@ func cloudflaredConnectDeploymentTemplating(token string, namespace string) *app
 			},
 		},
 		Spec: appsv1.DeploymentSpec{
-			Replicas: pointer.Int32(1),
+			Replicas: &replicas,
 			Selector: &metav1.LabelSelector{
 				MatchLabels: map[string]string{
 					"app": appName,