docs/k8s: make run.sh handle SIGINT

It was previously using jobcontrol to achieve this, but that apparently
doesn't work when there is no tty. This makes it so that it directly
handles SIGINT and SIGTERM and passes it on to tailscaled. I tested this
works on a Digital Ocean K8s cluster.

Fixes #5512

Signed-off-by: Maisem Ali <maisem@tailscale.com>
(cherry picked from commit 060ecb010f)
This commit is contained in:
Maisem Ali 2022-09-04 15:27:13 -07:00 committed by Denton Gentry
parent 78584a8552
commit 66cc9e6301
No known key found for this signature in database

View File

@ -4,8 +4,6 @@
#! /bin/sh #! /bin/sh
set -m # enable job control
export PATH=$PATH:/tailscale/bin export PATH=$PATH:/tailscale/bin
TS_AUTH_KEY="${TS_AUTH_KEY:-}" TS_AUTH_KEY="${TS_AUTH_KEY:-}"
@ -60,8 +58,16 @@ if [[ ! -z "${TS_TAILSCALED_EXTRA_ARGS}" ]]; then
TAILSCALED_ARGS="${TAILSCALED_ARGS} ${TS_TAILSCALED_EXTRA_ARGS}" TAILSCALED_ARGS="${TAILSCALED_ARGS} ${TS_TAILSCALED_EXTRA_ARGS}"
fi fi
handler() {
echo "Caught SIGINT/SIGTERM, shutting down tailscaled"
kill -s SIGINT $PID
wait ${PID}
}
echo "Starting tailscaled" echo "Starting tailscaled"
tailscaled ${TAILSCALED_ARGS} & tailscaled ${TAILSCALED_ARGS} &
PID=$!
trap handler SIGINT SIGTERM
UP_ARGS="--accept-dns=${TS_ACCEPT_DNS}" UP_ARGS="--accept-dns=${TS_ACCEPT_DNS}"
if [[ ! -z "${TS_ROUTES}" ]]; then if [[ ! -z "${TS_ROUTES}" ]]; then
@ -82,4 +88,5 @@ if [[ ! -z "${TS_DEST_IP}" ]]; then
iptables -t nat -I PREROUTING -d "$(tailscale --socket=/tmp/tailscaled.sock ip -4)" -j DNAT --to-destination "${TS_DEST_IP}" iptables -t nat -I PREROUTING -d "$(tailscale --socket=/tmp/tailscaled.sock ip -4)" -j DNAT --to-destination "${TS_DEST_IP}"
fi fi
fg echo "Waiting for tailscaled to exit"
wait ${PID}