diff --git a/config/config.go b/config/config.go index ce83862..d117b3b 100644 --- a/config/config.go +++ b/config/config.go @@ -21,8 +21,17 @@ const ( DefaultDockerEndpoint = "unix:///var/run/docker.sock" ) +// DockerConfig is container for Endpoint and tls config +type DockerConfig struct { + Endpoint string + UseTLS bool + CertFile string + KeyFile string + CaFile string +} + var Config struct { - DockerEndpoint string + DockerClientInfo *DockerConfig TsuruEndpoint string TsuruToken string MetricsInterval time.Duration @@ -42,7 +51,8 @@ func init() { func LoadConfig() { bslog.Debug, _ = strconv.ParseBool(os.Getenv("BS_DEBUG")) - Config.DockerEndpoint = StringEnvOrDefault(DefaultDockerEndpoint, "DOCKER_ENDPOINT") + var dockerEndpoint = StringEnvOrDefault(DefaultDockerEndpoint, "DOCKER_ENDPOINT") + Config.DockerClientInfo = loadDockerConfig(dockerEndpoint) Config.TsuruEndpoint = os.Getenv("TSURU_ENDPOINT") Config.TsuruToken = os.Getenv("TSURU_TOKEN") Config.SyslogListenAddress = os.Getenv("SYSLOG_LISTEN_ADDRESS") @@ -56,6 +66,25 @@ func LoadConfig() { Config.MetricsEnableHost = BoolEnvOrDefault(true, "METRICS_ENABLE_HOST") } +func loadDockerConfig(dockerEndpoint string) *DockerConfig { + var config = &DockerConfig{ + Endpoint: dockerEndpoint, + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + } + if strings.HasPrefix(dockerEndpoint, "https:") { + if fileAvailable(config.CertFile) && fileAvailable(config.KeyFile) && fileAvailable(config.CaFile) { + bslog.Debugf("Docker cert files found. Configuring TLS support.") + config.UseTLS = true + } else { + bslog.Warnf("A valid certificate is required for using https schema without cert files.") + } + } + return config +} + func envOrDefault(convert func(string) interface{}, defaultValue interface{}, envs ...string) interface{} { for i, env := range envs { val := os.Getenv(env) @@ -128,3 +157,10 @@ func SecondsEnvOrDefault(defaultValue float64, envs ...string) time.Duration { return val }, defaultValue, envs...).(float64) * float64(time.Second)) } + +func fileAvailable(name string) bool { + if _, err := os.Stat(name); err == nil { + return true + } + return false +} diff --git a/config/config_test.go b/config/config_test.go index d2c0160..09bc70d 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -31,7 +31,13 @@ func (S) TestLoadConfig(c *check.C) { os.Setenv("SYSLOG_LISTEN_ADDRESS", "udp://0.0.0.0:1514") os.Setenv("LOG_BACKENDS", "b1, b2 ") LoadConfig() - c.Check(Config.DockerEndpoint, check.Equals, "http://192.168.50.4:2375") + c.Check(Config.DockerClientInfo, check.DeepEquals, &DockerConfig{ + Endpoint: "http://192.168.50.4:2375", + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }) c.Check(Config.TsuruEndpoint, check.Equals, "http://192.168.50.4:8080") c.Check(Config.TsuruToken, check.Equals, "sometoken") c.Check(Config.StatusInterval, check.Equals, time.Duration(45e9)) @@ -49,7 +55,13 @@ func (S) TestLoadConfigInvalidDuration(c *check.C) { os.Setenv("STATUS_INTERVAL", "four") os.Setenv("HOST_PROC", "/prochost") LoadConfig() - c.Check(Config.DockerEndpoint, check.Equals, "http://192.168.50.4:2375") + c.Check(Config.DockerClientInfo, check.DeepEquals, &DockerConfig{ + Endpoint: "http://192.168.50.4:2375", + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }) c.Check(Config.TsuruEndpoint, check.Equals, "http://192.168.50.4:8080") c.Check(Config.TsuruToken, check.Equals, "sometoken") c.Check(Config.StatusInterval, check.Equals, time.Duration(60e9)) diff --git a/container/container.go b/container/container.go index a942e03..7aa6822 100644 --- a/container/container.go +++ b/container/container.go @@ -11,6 +11,8 @@ import ( "strings" "time" + "github.com/tsuru/bs/config" + docker "github.com/fsouza/go-dockerclient" lru "github.com/hashicorp/golang-lru" "github.com/tsuru/bs/bslog" @@ -31,7 +33,7 @@ var ( const containerIDTrimSize = 12 type InfoClient struct { - endpoint string + dockerInfo *config.DockerConfig client *docker.Client containerCache *lru.Cache @@ -55,14 +57,19 @@ const ( fullTimeout = 1 * time.Minute ) -func NewClient(endpoint string) (*InfoClient, error) { - c := InfoClient{endpoint: endpoint} +func NewClient(dockerInfo *config.DockerConfig) (*InfoClient, error) { + c := InfoClient{dockerInfo: dockerInfo} var err error c.containerCache, err = lru.New(100) if err != nil { return nil, err } - c.client, err = docker.NewClient(endpoint) + if dockerInfo.UseTLS { + c.client, err = docker.NewTLSClient(dockerInfo.Endpoint, dockerInfo.CertFile, + dockerInfo.KeyFile, dockerInfo.CaFile) + } else { + c.client, err = docker.NewClient(dockerInfo.Endpoint) + } if err != nil { return nil, err } diff --git a/container/container_test.go b/container/container_test.go index d5071d8..f9ea17e 100644 --- a/container/container_test.go +++ b/container/container_test.go @@ -11,6 +11,7 @@ import ( docker "github.com/fsouza/go-dockerclient" dTesting "github.com/fsouza/go-dockerclient/testing" + "github.com/tsuru/bs/config" "gopkg.in/check.v1" ) @@ -22,6 +23,16 @@ func Test(t *testing.T) { type S struct{} +func createDockerConfig(url string) *config.DockerConfig { + return &config.DockerConfig{ + Endpoint: url, + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + } +} + func createContainer(c *check.C, url string, envs []string, labels map[string]string, name string) string { dockerClient, err := docker.NewClient(url) c.Assert(err, check.IsNil) @@ -48,7 +59,8 @@ func (S) TestInfoClientGetContainer(c *check.C) { }) c.Assert(err, check.IsNil) id := createContainer(c, dockerServer.URL(), []string{"TSURU_PROCESSNAME=procx", "TSURU_APPNAME=coolappname"}, nil, "myContName") - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) cont, err := client.GetContainer(id, true, []string{}) c.Assert(err, check.IsNil) @@ -81,7 +93,8 @@ func (S) TestInfoClientGetContainerNonApp(c *check.C) { }) c.Assert(err, check.IsNil) id := createContainer(c, dockerServer.URL(), nil, nil, "myContName") - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) cont, err := client.GetContainer(id, true, []string{}) c.Assert(err, check.IsNil) @@ -100,7 +113,8 @@ func (S) TestInfoClientGetAppContainer(c *check.C) { }) c.Assert(err, check.IsNil) id := createContainer(c, dockerServer.URL(), []string{"TSURU_APPNAME=coolappname"}, nil, "myContName") - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) cont, err := client.GetAppContainer(id, true) c.Assert(err, check.IsNil) @@ -161,7 +175,8 @@ func (S) TestInfoClientGetContainerRequiredEnv(c *check.C) { dockerServer, err := dTesting.NewServer("127.0.0.1:0", nil, nil) c.Assert(err, check.IsNil) id := createContainer(c, dockerServer.URL(), []string{"MONITORED=1"}, nil, "myContName") - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) _, err = client.GetContainer(id, true, []string{"NOTMONITORED"}) c.Assert(err, check.Equals, ErrTsuruVariablesNotFound) @@ -173,7 +188,8 @@ func (S) TestInfoClientGetContainerRequiredEnv(c *check.C) { func (S) TestInfoClientGetContainerNotFound(c *check.C) { dockerServer, err := dTesting.NewServer("127.0.0.1:0", nil, nil) c.Assert(err, check.IsNil) - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) _, err = client.GetContainer("xxxxxx", true, []string{"TSURU_APPNAME"}) c.Assert(err, check.ErrorMatches, "No such container: xxxxxx") @@ -183,7 +199,8 @@ func (S) TestContainerHasEnvs(c *check.C) { dockerServer, err := dTesting.NewServer("127.0.0.1:0", nil, nil) id := createContainer(c, dockerServer.URL(), []string{"TSURU_APPNAME=coolappname"}, nil, "myContName") c.Assert(err, check.IsNil) - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) cont, err := client.GetAppContainer(id, false) c.Assert(err, check.IsNil) @@ -199,7 +216,8 @@ func (S) TestContainerIsIsolated(c *check.C) { id3 := createContainer(c, dockerServer.URL(), []string{"TSURU_APPNAME=coolappname"}, map[string]string{"tsuru.io/is-isolated-run": "true"}, "withTsuruIOLabel") id4 := createContainer(c, dockerServer.URL(), []string{"TSURU_APPNAME=coolappname"}, nil, "withoutLabel") c.Assert(err, check.IsNil) - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) cont1, err := client.GetAppContainer(id1, false) c.Assert(err, check.IsNil) diff --git a/log/log.go b/log/log.go index 548dab2..cddd10f 100644 --- a/log/log.go +++ b/log/log.go @@ -36,14 +36,14 @@ var ( type LogMessage interface{} type LogForwarder struct { - BindAddress string - DockerEndpoint string - EnabledBackends []string - infoClient *container.InfoClient - server *syslog.Server - backends []logBackend - formatter *LenientFormat - kubeStreamer *kubernetesLogStreamer + BindAddress string + DockerClientInfo *config.DockerConfig + EnabledBackends []string + infoClient *container.InfoClient + server *syslog.Server + backends []logBackend + formatter *LenientFormat + kubeStreamer *kubernetesLogStreamer } type forwarderBackend interface { @@ -142,9 +142,9 @@ func (l *LogForwarder) Start() (err error) { if len(l.backends) == 0 { bslog.Warnf("no log backend enabled, discarding all received log messages.") } - l.infoClient, err = container.NewClient(l.DockerEndpoint) + l.infoClient, err = container.NewClient(l.DockerClientInfo) if err != nil { - err = fmt.Errorf("unable to initialize docker client %s: %s", l.DockerEndpoint, err) + err = fmt.Errorf("unable to initialize docker client %s: %s", l.DockerClientInfo.Endpoint, err) return } l.formatter = &LenientFormat{} diff --git a/log/log_test.go b/log/log_test.go index a18c983..1a4ecb6 100644 --- a/log/log_test.go +++ b/log/log_test.go @@ -30,6 +30,7 @@ import ( docker "github.com/fsouza/go-dockerclient" dTesting "github.com/fsouza/go-dockerclient/testing" "github.com/tsuru/bs/bslog" + "github.com/tsuru/bs/config" "github.com/tsuru/tsuru/app" "golang.org/x/net/websocket" "gopkg.in/check.v1" @@ -54,6 +55,16 @@ func (s *S) SetUpSuite(c *check.C) { c.Assert(err, check.IsNil) } +func createDockerConfig(url string) *config.DockerConfig { + return &config.DockerConfig{ + Endpoint: url, + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + } +} + func serverWithContainer() (*dTesting.DockerServer, string, error) { dockerServer, err := dTesting.NewServer("127.0.0.1:0", nil, nil) if err != nil { @@ -128,9 +139,9 @@ func (s *S) TestLogForwarderStart(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -151,9 +162,9 @@ func (s *S) TestLogForwarderStart(c *check.C) { func (s *S) TestLogForwarderStartNoneBackend(c *check.C) { lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"none"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"none"}, } err := lf.Start() c.Assert(err, check.IsNil) @@ -174,9 +185,9 @@ func (s *S) TestLogForwarderStartWithTimezone(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -243,9 +254,9 @@ func testLogForwarderWSForwarder( os.Setenv("LOG_TSURU_PONG_INTERVAL", "2.0") testTlsConfig = &tls.Config{RootCAs: srvCerts} lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err := lf.Start() c.Assert(err, check.IsNil) @@ -290,8 +301,8 @@ func testLogForwarderWSForwarder( func (s *S) TestLogForwarderStartBindError(c *check.C) { lf := LogForwarder{ - BindAddress: "xudp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + BindAddress: "xudp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err := lf.Start() c.Assert(err, check.ErrorMatches, `invalid protocol "xudp", expected tcp or udp`) @@ -299,15 +310,15 @@ func (s *S) TestLogForwarderStartBindError(c *check.C) { func (s *S) TestLogForwarderStartAlreadyBound(c *check.C) { lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err := lf.Start() c.Assert(err, check.IsNil) defer lf.stopWait() lf2 := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err = lf2.Start() c.Assert(err, check.ErrorMatches, `.*address already in use.*`) @@ -348,9 +359,9 @@ func (s *S) TestLogForwarderOverflow(c *check.C) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "2.0") lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err = lf.Start() c.Assert(err, check.IsNil) @@ -426,9 +437,9 @@ func (s *S) TestLogForwarderHandleIgnoredInvalid(c *check.C) { var err error for i, p := range parts { lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err = lf.Start() c.Assert(err, check.IsNil) @@ -455,9 +466,9 @@ func (s *S) TestLogForwarderTableTennis(c *check.C) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "0.6") lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err = lf.Start() c.Assert(err, check.IsNil) @@ -507,9 +518,9 @@ func (s *S) TestLogForwarderTableTennisNoPong(c *check.C) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "0.8") lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err = lf.Start() c.Assert(err, check.IsNil) @@ -534,9 +545,9 @@ func (s *S) TestLogForwarderStartWithMessageExtra(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -567,9 +578,9 @@ func (s *S) TestLogForwarderSyslogSplit(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -657,9 +668,9 @@ func (s *S) TestLogForwarderStartFromFile(c *check.C) { defer os.Unsetenv("LOG_KUBERNETES_LOG_DIR") defer os.Unsetenv("LOG_KUBERNETES_LOG_POS_DIR") lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -682,9 +693,9 @@ func (s *S) TestLogForwarderStress(c *check.C) { tcpConn := startReceiver(n, done, data) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "tcp://"+tcpConn.Addr().String()) lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err := lf.Start() c.Assert(err, check.IsNil) @@ -726,9 +737,9 @@ func (s *S) TestLogForwarderHandleNonTsuruApp(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -761,9 +772,9 @@ func (s *S) TestLogForwarderHandleNonTsuruAppKubernetesLabels(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -824,9 +835,9 @@ func BenchmarkMessagesWaitOneSyslogAddress(b *testing.B) { forwardedConns := []net.Listener{startReceiver(b.N, done[0])} os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "tcp://"+forwardedConns[0].Addr().String()) lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() if err != nil { @@ -864,9 +875,9 @@ func BenchmarkMessagesWaitTwoSyslogAddresses(b *testing.B) { forwardedConns := []net.Listener{startReceiver(b.N, done[0]), startReceiver(b.N, done[1])} os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "tcp://"+forwardedConns[0].Addr().String()+",tcp://"+forwardedConns[1].Addr().String()) lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() if err != nil { @@ -931,9 +942,9 @@ func BenchmarkMessagesBroadcastNonAppContainer(b *testing.B) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "2.0") lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), - EnabledBackends: []string{"tsuru", "syslog"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), + EnabledBackends: []string{"tsuru", "syslog"}, } err = lf.Start() if err != nil { @@ -984,9 +995,9 @@ func BenchmarkMessagesBroadcast(b *testing.B) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "2.0") lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), - EnabledBackends: []string{"tsuru", "syslog"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), + EnabledBackends: []string{"tsuru", "syslog"}, } err = lf.Start() if err != nil { @@ -1033,9 +1044,9 @@ func BenchmarkMessagesBroadcastWaitTsuru(b *testing.B) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "2.0") lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), } err = lf.Start() if err != nil { @@ -1064,9 +1075,9 @@ func (s *S) TestGelfForwarder(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_GELF_HOST", reader.Addr()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -1098,9 +1109,9 @@ func (s *S) TestGelfForwarderExtraTags(c *check.C) { os.Setenv("LOG_GELF_HOST", reader.Addr()) os.Setenv("LOG_GELF_EXTRA_TAGS", `{"_tags": "TSURU"}`) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -1176,9 +1187,9 @@ func (s *S) TestGelfForwarderParseExtraTags(c *check.C) { os.Setenv("LOG_GELF_HOST", reader.Addr()) os.Setenv("LOG_GELF_FIELDS_WHITELIST", "request_id,status,method,uri") lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -1214,9 +1225,9 @@ func (s *S) TestGelfForwarderParseLevel(c *check.C) { os.Setenv("LOG_GELF_HOST", reader.Addr()) os.Setenv("LOG_GELF_FIELDS_WHITELIST", "request_id,status") lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -1247,9 +1258,9 @@ func (s *S) TestGelfForwarderStdErr(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_GELF_HOST", reader.Addr()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -1347,9 +1358,9 @@ func BenchmarkMessagesWaitOneGelfBackend(b *testing.B) { conn := startReceiver() os.Setenv("LOG_GELF_HOST", conn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() if err != nil { diff --git a/log/monitor_test.go b/log/monitor_test.go index f9c062f..cf402d7 100644 --- a/log/monitor_test.go +++ b/log/monitor_test.go @@ -13,6 +13,7 @@ import ( docker "github.com/fsouza/go-dockerclient" dTesting "github.com/fsouza/go-dockerclient/testing" + "github.com/tsuru/bs/config" "github.com/tsuru/bs/container" "gopkg.in/check.v1" "gopkg.in/mcuadros/go-syslog.v2/format" @@ -278,7 +279,13 @@ func (s *S) TestLogEntryFromName(c *check.C) { func serverWithClient(c *check.C) (*dTesting.DockerServer, *container.InfoClient) { dockerServer, err := dTesting.NewServer("127.0.0.1:0", nil, nil) c.Assert(err, check.IsNil) - cli, err := container.NewClient(dockerServer.URL()) + cli, err := container.NewClient(&config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }) c.Assert(err, check.IsNil) err = cli.GetClient().PullImage(docker.PullImageOptions{Repository: "myimg"}, docker.AuthConfiguration{}) c.Assert(err, check.IsNil) diff --git a/main.go b/main.go index 6f8e1a5..42a1137 100644 --- a/main.go +++ b/main.go @@ -59,9 +59,9 @@ func main() { return } lf := log.LogForwarder{ - BindAddress: config.Config.SyslogListenAddress, - DockerEndpoint: config.Config.DockerEndpoint, - EnabledBackends: config.Config.LogBackends, + BindAddress: config.Config.SyslogListenAddress, + DockerClientInfo: config.Config.DockerClientInfo, + EnabledBackends: config.Config.LogBackends, } err = lf.Start() if err != nil { @@ -74,7 +74,7 @@ func main() { reporter, err := status.NewReporter(&status.ReporterConfig{ TsuruEndpoint: config.Config.TsuruEndpoint, TsuruToken: config.Config.TsuruToken, - DockerEndpoint: config.Config.DockerEndpoint, + DockerClientInfo: config.Config.DockerClientInfo, Interval: config.Config.StatusInterval, Kubernetes: isKubernetes(), }) @@ -108,7 +108,7 @@ func initializeMetricsReporter() (StopWaiter, error) { return nil, nil } metricsRunner := metric.NewRunner( - config.Config.DockerEndpoint, + config.Config.DockerClientInfo, config.Config.MetricsInterval, config.Config.MetricsBackend, ) diff --git a/metric/reporter_test.go b/metric/reporter_test.go index 26d62d1..dc3e606 100644 --- a/metric/reporter_test.go +++ b/metric/reporter_test.go @@ -10,6 +10,7 @@ import ( "testing" docker "github.com/fsouza/go-dockerclient" + "github.com/tsuru/bs/config" "github.com/tsuru/bs/container" "gopkg.in/check.v1" ) @@ -107,7 +108,13 @@ func (s *S) TestGetMetrics(c *check.C) { bogusContainers := s.buildContainers() dockerServer, conts := s.startDockerServer(bogusContainers, nil, c) s.prepareStats(dockerServer, conts) - client, err := container.NewClient(dockerServer.URL()) + client, err := container.NewClient(&config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }) c.Assert(err, check.IsNil) defer dockerServer.Stop() r := Reporter{backend: &fakeBackend, infoClient: client} diff --git a/metric/runner.go b/metric/runner.go index 5a69816..e6f8a55 100644 --- a/metric/runner.go +++ b/metric/runner.go @@ -10,11 +10,12 @@ import ( "time" "github.com/tsuru/bs/bslog" + "github.com/tsuru/bs/config" "github.com/tsuru/bs/container" ) type runner struct { - dockerEndpoint string + dockerClientInfo *config.DockerConfig interval time.Duration metricsBackend string abort chan struct{} @@ -24,13 +25,13 @@ type runner struct { EnableHostMetrics bool } -func NewRunner(dockerEndpoint string, interval time.Duration, metricsBackend string) *runner { +func NewRunner(dockerClientInfo *config.DockerConfig, interval time.Duration, metricsBackend string) *runner { return &runner{ - abort: make(chan struct{}), - exit: make(chan struct{}), - dockerEndpoint: dockerEndpoint, - interval: interval, - metricsBackend: metricsBackend, + abort: make(chan struct{}), + exit: make(chan struct{}), + dockerClientInfo: dockerClientInfo, + interval: interval, + metricsBackend: metricsBackend, } } @@ -43,7 +44,7 @@ func (r *runner) Start() (err error) { close(r.exit) } }() - client, err := container.NewClient(r.dockerEndpoint) + client, err := container.NewClient(r.dockerClientInfo) if err != nil { return } diff --git a/metric/runner_test.go b/metric/runner_test.go index dc51f0c..48f59df 100644 --- a/metric/runner_test.go +++ b/metric/runner_test.go @@ -11,6 +11,7 @@ import ( docker "github.com/fsouza/go-dockerclient" "github.com/fsouza/go-dockerclient/testing" + "github.com/tsuru/bs/config" "gopkg.in/check.v1" ) @@ -26,7 +27,13 @@ func (s *S) TestRunner(c *check.C) { dockerServer, conts := s.startDockerServer(bogusContainers, nil, c) defer dockerServer.Stop() s.prepareStats(dockerServer, conts) - r := NewRunner(dockerServer.URL(), time.Second, "fake") + r := NewRunner(&config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }, time.Second, "fake") r.EnableBasicMetrics = true err := r.Start() c.Assert(err, check.IsNil) @@ -71,7 +78,13 @@ func (s *S) TestRunnerSelectionEnv(c *check.C) { dockerServer, conts := s.startDockerServer(bogusContainers, nil, c) defer dockerServer.Stop() s.prepareStats(dockerServer, conts) - r := NewRunner(dockerServer.URL(), time.Second, "fake") + r := NewRunner(&config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }, time.Second, "fake") r.EnableBasicMetrics = true err := r.Start() c.Assert(err, check.IsNil) diff --git a/status/status.go b/status/status.go index f3adc80..17184ca 100644 --- a/status/status.go +++ b/status/status.go @@ -19,6 +19,7 @@ import ( "github.com/ajg/form" docker "github.com/fsouza/go-dockerclient" "github.com/tsuru/bs/bslog" + "github.com/tsuru/bs/config" "github.com/tsuru/bs/container" node "github.com/tsuru/bs/node" "github.com/tsuru/tsuru/provision" @@ -36,11 +37,11 @@ type respUnit struct { } type ReporterConfig struct { - Interval time.Duration - DockerEndpoint string - TsuruEndpoint string - TsuruToken string - Kubernetes bool + Interval time.Duration + DockerClientInfo *config.DockerConfig + TsuruEndpoint string + TsuruToken string + Kubernetes bool } type Reporter struct { @@ -77,7 +78,7 @@ func NewReporter(config *ReporterConfig) (*Reporter, error) { } abort := make(chan struct{}) exit := make(chan struct{}) - infoClient, err := container.NewClient(config.DockerEndpoint) + infoClient, err := container.NewClient(config.DockerClientInfo) if err != nil { return nil, err } @@ -145,7 +146,7 @@ func (r *Reporter) reportStatus() { opts := docker.ListContainersOptions{All: true} containers, err := client.ListContainers(opts) if err != nil { - bslog.Errorf("[status reporter] failed to list containers in the Docker server at %q: %s", r.config.DockerEndpoint, err) + bslog.Errorf("[status reporter] failed to list containers in the Docker server at %q: %s", r.config.DockerClientInfo.Endpoint, err) return } hostData.Units = r.retrieveContainerStatuses(containers) diff --git a/status/status_test.go b/status/status_test.go index 915ae16..072a766 100644 --- a/status/status_test.go +++ b/status/status_test.go @@ -23,6 +23,7 @@ import ( docker "github.com/fsouza/go-dockerclient" dtesting "github.com/fsouza/go-dockerclient/testing" "github.com/tsuru/bs/bslog" + "github.com/tsuru/bs/config" "gopkg.in/check.v1" ) @@ -61,10 +62,16 @@ func (s S) TestReportStatus(c *check.C) { tsuruServer, requests := s.startTsuruServer(&resp) defer tsuruServer.Close() reporter, err := NewReporter(&ReporterConfig{ - Interval: 10 * time.Minute, - DockerEndpoint: dockerServer.URL(), - TsuruEndpoint: tsuruServer.URL, - TsuruToken: "some-token", + Interval: 10 * time.Minute, + DockerClientInfo: &config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }, + TsuruEndpoint: tsuruServer.URL, + TsuruToken: "some-token", }) c.Assert(err, check.IsNil) reporter.Stop() @@ -188,10 +195,16 @@ func (s S) TestReportStatus404OnHostStatus(c *check.C) { }) defer tsuruServer.Close() reporter, err := NewReporter(&ReporterConfig{ - Interval: 10 * time.Minute, - DockerEndpoint: dockerServer.URL(), - TsuruEndpoint: tsuruServer.URL, - TsuruToken: "some-token", + Interval: 10 * time.Minute, + DockerClientInfo: &config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }, + TsuruEndpoint: tsuruServer.URL, + TsuruToken: "some-token", }) c.Assert(err, check.IsNil) reporter.Stop() @@ -262,10 +275,16 @@ func (s S) TestReportStatusMultipleRemovals(c *check.C) { tsuruServer, _ := s.startTsuruServer(&resp) defer tsuruServer.Close() reporter, err := NewReporter(&ReporterConfig{ - Interval: 10 * time.Minute, - DockerEndpoint: dockerServer.URL(), - TsuruEndpoint: tsuruServer.URL, - TsuruToken: "some-token", + Interval: 10 * time.Minute, + DockerClientInfo: &config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }, + TsuruEndpoint: tsuruServer.URL, + TsuruToken: "some-token", }) c.Assert(err, check.IsNil) reporter.Stop()