From 53b22fc6711fb86cc03864ef01774c2ace446fa0 Mon Sep 17 00:00:00 2001 From: Kasra Fakhari Date: Thu, 5 Mar 2020 09:29:40 +0330 Subject: [PATCH 1/6] WIP: first step for TLS support --- config/config.go | 19 +++++++++++++++++-- container/container.go | 15 +++++++++++---- log/log.go | 20 ++++++++++---------- main.go | 16 ++++++++-------- metric/runner.go | 17 +++++++++-------- status/status.go | 14 ++++++++------ 6 files changed, 63 insertions(+), 38 deletions(-) diff --git a/config/config.go b/config/config.go index 05a3ab5..4cb2c4b 100644 --- a/config/config.go +++ b/config/config.go @@ -21,8 +21,17 @@ const ( DefaultDockerEndpoint = "unix:///var/run/docker.sock" ) +// DockerConfig is container for Endpoint and tls config +type DockerConfig struct { + Endpoint string + UseTLS bool + CertFile string + KeyFile string + CaFile string +} + var Config struct { - DockerEndpoint string + DockerClientInfo *DockerConfig TsuruEndpoint string TsuruToken string MetricsInterval time.Duration @@ -41,7 +50,13 @@ func init() { func LoadConfig() { bslog.Debug, _ = strconv.ParseBool(os.Getenv("BS_DEBUG")) - Config.DockerEndpoint = StringEnvOrDefault(DefaultDockerEndpoint, "DOCKER_ENDPOINT") + Config.DockerClientInfo = &DockerConfig{ + Endpoint: StringEnvOrDefault(DefaultDockerEndpoint, "DOCKER_ENDPOINT"), + UseTLS: false, + CertFile: "", + KeyFile: "", + CaFile: "", + } Config.TsuruEndpoint = os.Getenv("TSURU_ENDPOINT") Config.TsuruToken = os.Getenv("TSURU_TOKEN") Config.SyslogListenAddress = os.Getenv("SYSLOG_LISTEN_ADDRESS") diff --git a/container/container.go b/container/container.go index fdba671..46db6b6 100644 --- a/container/container.go +++ b/container/container.go @@ -10,6 +10,8 @@ import ( "strings" "time" + "github.com/tsuru/bs/config" + docker "github.com/fsouza/go-dockerclient" lru "github.com/hashicorp/golang-lru" ) @@ -27,7 +29,7 @@ var ( const containerIDTrimSize = 12 type InfoClient struct { - endpoint string + dockerInfo *config.DockerConfig client *docker.Client containerCache *lru.Cache } @@ -45,14 +47,19 @@ const ( fullTimeout = 1 * time.Minute ) -func NewClient(endpoint string) (*InfoClient, error) { - c := InfoClient{endpoint: endpoint} +func NewClient(dockerInfo *config.DockerConfig) (*InfoClient, error) { + c := InfoClient{dockerInfo: dockerInfo} var err error c.containerCache, err = lru.New(100) if err != nil { return nil, err } - c.client, err = docker.NewClient(endpoint) + if dockerInfo.UseTLS { + c.client, err = docker.NewTLSClient(dockerInfo.Endpoint, dockerInfo.CertFile, + dockerInfo.KeyFile, dockerInfo.CaFile) + } else { + c.client, err = docker.NewClient(dockerInfo.Endpoint) + } if err != nil { return nil, err } diff --git a/log/log.go b/log/log.go index 0d503ca..6943dd8 100644 --- a/log/log.go +++ b/log/log.go @@ -36,14 +36,14 @@ var ( type LogMessage interface{} type LogForwarder struct { - BindAddress string - DockerEndpoint string - EnabledBackends []string - infoClient *container.InfoClient - server *syslog.Server - backends []logBackend - formatter *LenientFormat - kubeStreamer *kubernetesLogStreamer + BindAddress string + DockerClientInfo *config.DockerConfig + EnabledBackends []string + infoClient *container.InfoClient + server *syslog.Server + backends []logBackend + formatter *LenientFormat + kubeStreamer *kubernetesLogStreamer } type forwarderBackend interface { @@ -142,9 +142,9 @@ func (l *LogForwarder) Start() (err error) { if len(l.backends) == 0 { bslog.Warnf("no log backend enabled, discarding all received log messages.") } - l.infoClient, err = container.NewClient(l.DockerEndpoint) + l.infoClient, err = container.NewClient(l.DockerClientInfo) if err != nil { - err = fmt.Errorf("unable to initialize docker client %s: %s", l.DockerEndpoint, err) + err = fmt.Errorf("unable to initialize docker client %s: %s", l.DockerClientInfo.Endpoint, err) return } l.formatter = &LenientFormat{} diff --git a/main.go b/main.go index 22930d1..76fc216 100644 --- a/main.go +++ b/main.go @@ -59,15 +59,15 @@ func main() { return } lf := log.LogForwarder{ - BindAddress: config.Config.SyslogListenAddress, - DockerEndpoint: config.Config.DockerEndpoint, - EnabledBackends: config.Config.LogBackends, + BindAddress: config.Config.SyslogListenAddress, + DockerClientInfo: config.Config.DockerClientInfo, + EnabledBackends: config.Config.LogBackends, } err = lf.Start() if err != nil { bslog.Fatalf("Unable to initialize log forwarder: %s\n", err) } - mRunner := metric.NewRunner(config.Config.DockerEndpoint, config.Config.MetricsInterval, + mRunner := metric.NewRunner(config.Config.DockerClientInfo, config.Config.MetricsInterval, config.Config.MetricsBackend) mRunner.EnableBasicMetrics = config.Config.MetricsEnableBasic mRunner.EnableConnMetrics = config.Config.MetricsEnableConn @@ -77,10 +77,10 @@ func main() { bslog.Warnf("Unable to initialize metrics runner: %s\n", err) } reporter, err := status.NewReporter(&status.ReporterConfig{ - TsuruEndpoint: config.Config.TsuruEndpoint, - TsuruToken: config.Config.TsuruToken, - DockerEndpoint: config.Config.DockerEndpoint, - Interval: config.Config.StatusInterval, + TsuruEndpoint: config.Config.TsuruEndpoint, + TsuruToken: config.Config.TsuruToken, + DockerClientInfo: config.Config.DockerClientInfo, + Interval: config.Config.StatusInterval, }) if err != nil { bslog.Warnf("Unable to initialize status reporter: %s\n", err) diff --git a/metric/runner.go b/metric/runner.go index 5a69816..e6f8a55 100644 --- a/metric/runner.go +++ b/metric/runner.go @@ -10,11 +10,12 @@ import ( "time" "github.com/tsuru/bs/bslog" + "github.com/tsuru/bs/config" "github.com/tsuru/bs/container" ) type runner struct { - dockerEndpoint string + dockerClientInfo *config.DockerConfig interval time.Duration metricsBackend string abort chan struct{} @@ -24,13 +25,13 @@ type runner struct { EnableHostMetrics bool } -func NewRunner(dockerEndpoint string, interval time.Duration, metricsBackend string) *runner { +func NewRunner(dockerClientInfo *config.DockerConfig, interval time.Duration, metricsBackend string) *runner { return &runner{ - abort: make(chan struct{}), - exit: make(chan struct{}), - dockerEndpoint: dockerEndpoint, - interval: interval, - metricsBackend: metricsBackend, + abort: make(chan struct{}), + exit: make(chan struct{}), + dockerClientInfo: dockerClientInfo, + interval: interval, + metricsBackend: metricsBackend, } } @@ -43,7 +44,7 @@ func (r *runner) Start() (err error) { close(r.exit) } }() - client, err := container.NewClient(r.dockerEndpoint) + client, err := container.NewClient(r.dockerClientInfo) if err != nil { return } diff --git a/status/status.go b/status/status.go index 4efde0d..f0887a7 100644 --- a/status/status.go +++ b/status/status.go @@ -19,6 +19,7 @@ import ( "github.com/ajg/form" docker "github.com/fsouza/go-dockerclient" "github.com/tsuru/bs/bslog" + "github.com/tsuru/bs/config" "github.com/tsuru/bs/container" node "github.com/tsuru/bs/node" "github.com/tsuru/tsuru/provision" @@ -36,10 +37,10 @@ type respUnit struct { } type ReporterConfig struct { - Interval time.Duration - DockerEndpoint string - TsuruEndpoint string - TsuruToken string + Interval time.Duration + DockerClientInfo *config.DockerConfig + TsuruEndpoint string + TsuruToken string } type Reporter struct { @@ -76,7 +77,7 @@ func NewReporter(config *ReporterConfig) (*Reporter, error) { } abort := make(chan struct{}) exit := make(chan struct{}) - infoClient, err := container.NewClient(config.DockerEndpoint) + infoClient, err := container.NewClient(config.DockerClientInfo) if err != nil { return nil, err } @@ -137,7 +138,8 @@ func (r *Reporter) reportStatus() { opts := docker.ListContainersOptions{All: true} containers, err := client.ListContainers(opts) if err != nil { - bslog.Errorf("[status reporter] failed to list containers in the Docker server at %q: %s", r.config.DockerEndpoint, err) + bslog.Errorf("[status reporter] failed to list containers in the Docker server at %q: %s", + r.config.DockerClientInfo.Endpoint, err) return } containerStatuses := r.retrieveContainerStatuses(containers) From 135099fab4fe0e94e6b15c18ec8f706936578746 Mon Sep 17 00:00:00 2001 From: Kasra Fakhari Date: Thu, 5 Mar 2020 09:58:13 +0330 Subject: [PATCH 2/6] check existance of docker cert files & enable tls --- config/config.go | 36 +++++++++++++++++++++++++++++------- 1 file changed, 29 insertions(+), 7 deletions(-) diff --git a/config/config.go b/config/config.go index 4cb2c4b..7678426 100644 --- a/config/config.go +++ b/config/config.go @@ -5,6 +5,7 @@ package config import ( + "fmt" "os" "reflect" "strconv" @@ -50,13 +51,8 @@ func init() { func LoadConfig() { bslog.Debug, _ = strconv.ParseBool(os.Getenv("BS_DEBUG")) - Config.DockerClientInfo = &DockerConfig{ - Endpoint: StringEnvOrDefault(DefaultDockerEndpoint, "DOCKER_ENDPOINT"), - UseTLS: false, - CertFile: "", - KeyFile: "", - CaFile: "", - } + var dockerEndpoint = StringEnvOrDefault(DefaultDockerEndpoint, "DOCKER_ENDPOINT") + Config.DockerClientInfo = loadDockerConfig(dockerEndpoint) Config.TsuruEndpoint = os.Getenv("TSURU_ENDPOINT") Config.TsuruToken = os.Getenv("TSURU_TOKEN") Config.SyslogListenAddress = os.Getenv("SYSLOG_LISTEN_ADDRESS") @@ -69,6 +65,25 @@ func LoadConfig() { Config.MetricsEnableHost = BoolEnvOrDefault(true, "METRICS_ENABLE_HOST") } +func loadDockerConfig(dockerEndpoint string) *DockerConfig { + var config = &DockerConfig{ + Endpoint: dockerEndpoint, + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + } + if strings.HasPrefix(dockerEndpoint, "https:") { + if fileAvailable(config.CertFile) && fileAvailable(config.KeyFile) && fileAvailable(config.CaFile) { + bslog.Debugf("Docker cert files found. Configuring TLS support.") + config.UseTLS = true + } else { + bslog.Warnf("A valid certificate is required for using https schema without cert files.") + } + } + return config +} + func envOrDefault(convert func(string) interface{}, defaultValue interface{}, envs ...string) interface{} { for i, env := range envs { val := os.Getenv(env) @@ -141,3 +156,10 @@ func SecondsEnvOrDefault(defaultValue float64, envs ...string) time.Duration { return val }, defaultValue, envs...).(float64) * float64(time.Second)) } + +func fileAvailable(name string) bool { + if _, err := os.Stat(name); err == nil { + return true + } + return false +} From 394491007f0d51e7932e2547311214663ecc2af3 Mon Sep 17 00:00:00 2001 From: Kasra Fakhari Date: Thu, 5 Mar 2020 09:59:28 +0330 Subject: [PATCH 3/6] remove unused import --- config/config.go | 1 - 1 file changed, 1 deletion(-) diff --git a/config/config.go b/config/config.go index 7678426..dadecb1 100644 --- a/config/config.go +++ b/config/config.go @@ -5,7 +5,6 @@ package config import ( - "fmt" "os" "reflect" "strconv" From 7cc992d15de5d20c14adb3f0084776773c22ed5c Mon Sep 17 00:00:00 2001 From: Kasra Fakhari Date: Sat, 7 Mar 2020 11:14:42 +0330 Subject: [PATCH 4/6] fix tests to match new docker config style --- config/config_test.go | 16 +++- container/container_test.go | 32 +++++-- log/log_test.go | 173 +++++++++++++++++++----------------- metric/runner_test.go | 17 +++- status/status_test.go | 37 ++++++-- 5 files changed, 174 insertions(+), 101 deletions(-) diff --git a/config/config_test.go b/config/config_test.go index d2c0160..09bc70d 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -31,7 +31,13 @@ func (S) TestLoadConfig(c *check.C) { os.Setenv("SYSLOG_LISTEN_ADDRESS", "udp://0.0.0.0:1514") os.Setenv("LOG_BACKENDS", "b1, b2 ") LoadConfig() - c.Check(Config.DockerEndpoint, check.Equals, "http://192.168.50.4:2375") + c.Check(Config.DockerClientInfo, check.DeepEquals, &DockerConfig{ + Endpoint: "http://192.168.50.4:2375", + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }) c.Check(Config.TsuruEndpoint, check.Equals, "http://192.168.50.4:8080") c.Check(Config.TsuruToken, check.Equals, "sometoken") c.Check(Config.StatusInterval, check.Equals, time.Duration(45e9)) @@ -49,7 +55,13 @@ func (S) TestLoadConfigInvalidDuration(c *check.C) { os.Setenv("STATUS_INTERVAL", "four") os.Setenv("HOST_PROC", "/prochost") LoadConfig() - c.Check(Config.DockerEndpoint, check.Equals, "http://192.168.50.4:2375") + c.Check(Config.DockerClientInfo, check.DeepEquals, &DockerConfig{ + Endpoint: "http://192.168.50.4:2375", + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }) c.Check(Config.TsuruEndpoint, check.Equals, "http://192.168.50.4:8080") c.Check(Config.TsuruToken, check.Equals, "sometoken") c.Check(Config.StatusInterval, check.Equals, time.Duration(60e9)) diff --git a/container/container_test.go b/container/container_test.go index 34fc438..37c8040 100644 --- a/container/container_test.go +++ b/container/container_test.go @@ -11,6 +11,7 @@ import ( docker "github.com/fsouza/go-dockerclient" dTesting "github.com/fsouza/go-dockerclient/testing" + "github.com/tsuru/bs/config" "gopkg.in/check.v1" ) @@ -22,6 +23,16 @@ func Test(t *testing.T) { type S struct{} +func createDockerConfig(url string) *config.DockerConfig { + return &config.DockerConfig{ + Endpoint: url, + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + } +} + func createContainer(c *check.C, url string, envs []string, labels map[string]string, name string) string { dockerClient, err := docker.NewClient(url) c.Assert(err, check.IsNil) @@ -48,7 +59,8 @@ func (S) TestInfoClientGetContainer(c *check.C) { }) c.Assert(err, check.IsNil) id := createContainer(c, dockerServer.URL(), []string{"TSURU_PROCESSNAME=procx", "TSURU_APPNAME=coolappname"}, nil, "myContName") - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) cont, err := client.GetContainer(id, true, []string{}) c.Assert(err, check.IsNil) @@ -81,7 +93,8 @@ func (S) TestInfoClientGetContainerNonApp(c *check.C) { }) c.Assert(err, check.IsNil) id := createContainer(c, dockerServer.URL(), nil, nil, "myContName") - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) cont, err := client.GetContainer(id, true, []string{}) c.Assert(err, check.IsNil) @@ -100,7 +113,8 @@ func (S) TestInfoClientGetAppContainer(c *check.C) { }) c.Assert(err, check.IsNil) id := createContainer(c, dockerServer.URL(), []string{"TSURU_APPNAME=coolappname"}, nil, "myContName") - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) cont, err := client.GetAppContainer(id, true) c.Assert(err, check.IsNil) @@ -127,7 +141,8 @@ func (S) TestInfoClientGetContainerRequiredEnv(c *check.C) { dockerServer, err := dTesting.NewServer("127.0.0.1:0", nil, nil) c.Assert(err, check.IsNil) id := createContainer(c, dockerServer.URL(), []string{"MONITORED=1"}, nil, "myContName") - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) _, err = client.GetContainer(id, true, []string{"NOTMONITORED"}) c.Assert(err, check.Equals, ErrTsuruVariablesNotFound) @@ -139,7 +154,8 @@ func (S) TestInfoClientGetContainerRequiredEnv(c *check.C) { func (S) TestInfoClientGetContainerNotFound(c *check.C) { dockerServer, err := dTesting.NewServer("127.0.0.1:0", nil, nil) c.Assert(err, check.IsNil) - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) _, err = client.GetContainer("xxxxxx", true, []string{"TSURU_APPNAME"}) c.Assert(err, check.ErrorMatches, "No such container: xxxxxx") @@ -149,7 +165,8 @@ func (S) TestContainerHasEnvs(c *check.C) { dockerServer, err := dTesting.NewServer("127.0.0.1:0", nil, nil) id := createContainer(c, dockerServer.URL(), []string{"TSURU_APPNAME=coolappname"}, nil, "myContName") c.Assert(err, check.IsNil) - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) cont, err := client.GetAppContainer(id, false) c.Assert(err, check.IsNil) @@ -165,7 +182,8 @@ func (S) TestContainerIsIsolated(c *check.C) { id3 := createContainer(c, dockerServer.URL(), []string{"TSURU_APPNAME=coolappname"}, map[string]string{"tsuru.io/is-isolated-run": "true"}, "withTsuruIOLabel") id4 := createContainer(c, dockerServer.URL(), []string{"TSURU_APPNAME=coolappname"}, nil, "withoutLabel") c.Assert(err, check.IsNil) - client, err := NewClient(dockerServer.URL()) + dockerConfig := createDockerConfig(dockerServer.URL()) + client, err := NewClient(dockerConfig) c.Assert(err, check.IsNil) cont1, err := client.GetAppContainer(id1, false) cont2, err := client.GetAppContainer(id2, false) diff --git a/log/log_test.go b/log/log_test.go index b0d2eba..155d79a 100644 --- a/log/log_test.go +++ b/log/log_test.go @@ -30,6 +30,7 @@ import ( docker "github.com/fsouza/go-dockerclient" dTesting "github.com/fsouza/go-dockerclient/testing" "github.com/tsuru/bs/bslog" + "github.com/tsuru/bs/config" "github.com/tsuru/tsuru/app" "golang.org/x/net/websocket" "gopkg.in/check.v1" @@ -54,6 +55,16 @@ func (s *S) SetUpSuite(c *check.C) { c.Assert(err, check.IsNil) } +func createDockerConfig(url string) *config.DockerConfig { + return &config.DockerConfig{ + Endpoint: url, + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + } +} + func serverWithContainer() (*dTesting.DockerServer, string, error) { dockerServer, err := dTesting.NewServer("127.0.0.1:0", nil, nil) if err != nil { @@ -128,9 +139,9 @@ func (s *S) TestLogForwarderStart(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -150,9 +161,9 @@ func (s *S) TestLogForwarderStart(c *check.C) { func (s *S) TestLogForwarderStartNoneBackend(c *check.C) { lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"none"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"none"}, } err := lf.Start() c.Assert(err, check.IsNil) @@ -173,9 +184,9 @@ func (s *S) TestLogForwarderStartWithTimezone(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -241,9 +252,9 @@ func testLogForwarderWSForwarder( os.Setenv("LOG_TSURU_PONG_INTERVAL", "2.0") testTlsConfig = &tls.Config{RootCAs: srvCerts} lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err := lf.Start() c.Assert(err, check.IsNil) @@ -288,8 +299,8 @@ func testLogForwarderWSForwarder( func (s *S) TestLogForwarderStartBindError(c *check.C) { lf := LogForwarder{ - BindAddress: "xudp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + BindAddress: "xudp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err := lf.Start() c.Assert(err, check.ErrorMatches, `invalid protocol "xudp", expected tcp or udp`) @@ -297,15 +308,15 @@ func (s *S) TestLogForwarderStartBindError(c *check.C) { func (s *S) TestLogForwarderStartAlreadyBound(c *check.C) { lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err := lf.Start() c.Assert(err, check.IsNil) defer lf.stopWait() lf2 := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err = lf2.Start() c.Assert(err, check.ErrorMatches, `.*address already in use.*`) @@ -346,9 +357,9 @@ func (s *S) TestLogForwarderOverflow(c *check.C) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "2.0") lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err = lf.Start() c.Assert(err, check.IsNil) @@ -424,9 +435,9 @@ func (s *S) TestLogForwarderHandleIgnoredInvalid(c *check.C) { var err error for i, p := range parts { lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err = lf.Start() c.Assert(err, check.IsNil) @@ -453,9 +464,9 @@ func (s *S) TestLogForwarderTableTennis(c *check.C) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "0.6") lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err = lf.Start() c.Assert(err, check.IsNil) @@ -505,9 +516,9 @@ func (s *S) TestLogForwarderTableTennisNoPong(c *check.C) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "0.8") lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), } err = lf.Start() c.Assert(err, check.IsNil) @@ -532,9 +543,9 @@ func (s *S) TestLogForwarderStartWithMessageExtra(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -564,9 +575,9 @@ func (s *S) TestLogForwarderSyslogSplit(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -653,9 +664,9 @@ func (s *S) TestLogForwarderStartFromFile(c *check.C) { defer os.Unsetenv("LOG_KUBERNETES_LOG_DIR") defer os.Unsetenv("LOG_KUBERNETES_LOG_POS_DIR") lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -677,9 +688,9 @@ func (s *S) TestLogForwarderStress(c *check.C) { tcpConn := startReceiver(n, done, data) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "tcp://"+tcpConn.Addr().String()) lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err := lf.Start() c.Assert(err, check.IsNil) @@ -721,9 +732,9 @@ func (s *S) TestLogForwarderHandleNonTsuruApp(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -755,9 +766,9 @@ func (s *S) TestLogForwarderHandleNonTsuruAppKubernetesLabels(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "udp://"+udpConn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -817,9 +828,9 @@ func BenchmarkMessagesWaitOneSyslogAddress(b *testing.B) { forwardedConns := []net.Listener{startReceiver(b.N, done[0])} os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "tcp://"+forwardedConns[0].Addr().String()) lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() if err != nil { @@ -855,9 +866,9 @@ func BenchmarkMessagesWaitTwoSyslogAddresses(b *testing.B) { forwardedConns := []net.Listener{startReceiver(b.N, done[0]), startReceiver(b.N, done[1])} os.Setenv("LOG_SYSLOG_FORWARD_ADDRESSES", "tcp://"+forwardedConns[0].Addr().String()+",tcp://"+forwardedConns[1].Addr().String()) lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), - EnabledBackends: []string{"syslog"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), + EnabledBackends: []string{"syslog"}, } err = lf.Start() if err != nil { @@ -920,9 +931,9 @@ func BenchmarkMessagesBroadcastNonAppContainer(b *testing.B) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "2.0") lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), - EnabledBackends: []string{"tsuru", "syslog"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), + EnabledBackends: []string{"tsuru", "syslog"}, } err = lf.Start() if err != nil { @@ -973,9 +984,9 @@ func BenchmarkMessagesBroadcast(b *testing.B) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "2.0") lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), - EnabledBackends: []string{"tsuru", "syslog"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), + EnabledBackends: []string{"tsuru", "syslog"}, } err = lf.Start() if err != nil { @@ -1022,9 +1033,9 @@ func BenchmarkMessagesBroadcastWaitTsuru(b *testing.B) { os.Setenv("LOG_TSURU_PING_INTERVAL", "0.1") os.Setenv("LOG_TSURU_PONG_INTERVAL", "2.0") lf := LogForwarder{ - EnabledBackends: []string{"tsuru"}, - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), + EnabledBackends: []string{"tsuru"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), } err = lf.Start() if err != nil { @@ -1053,9 +1064,9 @@ func (s *S) TestGelfForwarder(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_GELF_HOST", reader.Addr()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -1087,9 +1098,9 @@ func (s *S) TestGelfForwarderExtraTags(c *check.C) { os.Setenv("LOG_GELF_HOST", reader.Addr()) os.Setenv("LOG_GELF_EXTRA_TAGS", `{"_tags": "TSURU"}`) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -1122,9 +1133,9 @@ func (s *S) TestGelfForwarderParseExtraTags(c *check.C) { os.Setenv("LOG_GELF_HOST", reader.Addr()) os.Setenv("LOG_GELF_FIELDS_WHITELIST", "request_id,status,method,uri") lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -1160,9 +1171,9 @@ func (s *S) TestGelfForwarderParseLevel(c *check.C) { os.Setenv("LOG_GELF_HOST", reader.Addr()) os.Setenv("LOG_GELF_FIELDS_WHITELIST", "request_id,status") lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -1193,9 +1204,9 @@ func (s *S) TestGelfForwarderStdErr(c *check.C) { c.Assert(err, check.IsNil) os.Setenv("LOG_GELF_HOST", reader.Addr()) lf := LogForwarder{ - BindAddress: "udp://127.0.0.1:59317", - DockerEndpoint: s.dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "udp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(s.dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() c.Assert(err, check.IsNil) @@ -1293,9 +1304,9 @@ func BenchmarkMessagesWaitOneGelfBackend(b *testing.B) { conn := startReceiver() os.Setenv("LOG_GELF_HOST", conn.LocalAddr().String()) lf := LogForwarder{ - BindAddress: "tcp://127.0.0.1:59317", - DockerEndpoint: dockerServer.URL(), - EnabledBackends: []string{"gelf"}, + BindAddress: "tcp://127.0.0.1:59317", + DockerClientInfo: createDockerConfig(dockerServer.URL()), + EnabledBackends: []string{"gelf"}, } err = lf.Start() if err != nil { diff --git a/metric/runner_test.go b/metric/runner_test.go index dc51f0c..48f59df 100644 --- a/metric/runner_test.go +++ b/metric/runner_test.go @@ -11,6 +11,7 @@ import ( docker "github.com/fsouza/go-dockerclient" "github.com/fsouza/go-dockerclient/testing" + "github.com/tsuru/bs/config" "gopkg.in/check.v1" ) @@ -26,7 +27,13 @@ func (s *S) TestRunner(c *check.C) { dockerServer, conts := s.startDockerServer(bogusContainers, nil, c) defer dockerServer.Stop() s.prepareStats(dockerServer, conts) - r := NewRunner(dockerServer.URL(), time.Second, "fake") + r := NewRunner(&config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }, time.Second, "fake") r.EnableBasicMetrics = true err := r.Start() c.Assert(err, check.IsNil) @@ -71,7 +78,13 @@ func (s *S) TestRunnerSelectionEnv(c *check.C) { dockerServer, conts := s.startDockerServer(bogusContainers, nil, c) defer dockerServer.Stop() s.prepareStats(dockerServer, conts) - r := NewRunner(dockerServer.URL(), time.Second, "fake") + r := NewRunner(&config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }, time.Second, "fake") r.EnableBasicMetrics = true err := r.Start() c.Assert(err, check.IsNil) diff --git a/status/status_test.go b/status/status_test.go index b5d4224..226d9b3 100644 --- a/status/status_test.go +++ b/status/status_test.go @@ -23,6 +23,7 @@ import ( docker "github.com/fsouza/go-dockerclient" dtesting "github.com/fsouza/go-dockerclient/testing" "github.com/tsuru/bs/bslog" + "github.com/tsuru/bs/config" "gopkg.in/check.v1" ) @@ -61,10 +62,16 @@ func (s S) TestReportStatus(c *check.C) { tsuruServer, requests := s.startTsuruServer(&resp) defer tsuruServer.Close() reporter, err := NewReporter(&ReporterConfig{ - Interval: 10 * time.Minute, - DockerEndpoint: dockerServer.URL(), - TsuruEndpoint: tsuruServer.URL, - TsuruToken: "some-token", + Interval: 10 * time.Minute, + DockerClientInfo: &config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }, + TsuruEndpoint: tsuruServer.URL, + TsuruToken: "some-token", }) c.Assert(err, check.IsNil) reporter.Stop() @@ -145,10 +152,16 @@ func (s S) TestReportStatus404OnHostStatus(c *check.C) { }) defer tsuruServer.Close() reporter, err := NewReporter(&ReporterConfig{ - Interval: 10 * time.Minute, - DockerEndpoint: dockerServer.URL(), - TsuruEndpoint: tsuruServer.URL, - TsuruToken: "some-token", + Interval: 10 * time.Minute, + DockerClientInfo: &config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }, + TsuruEndpoint: tsuruServer.URL, + TsuruToken: "some-token", }) c.Assert(err, check.IsNil) reporter.Stop() @@ -220,7 +233,13 @@ func (s S) TestReportStatusMultipleRemovals(c *check.C) { defer tsuruServer.Close() reporter, err := NewReporter(&ReporterConfig{ Interval: 10 * time.Minute, - DockerEndpoint: dockerServer.URL(), + DockerClientInfo: &config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }, TsuruEndpoint: tsuruServer.URL, TsuruToken: "some-token", }) From 647481d208661c414db5362179e9d860adec94ac Mon Sep 17 00:00:00 2001 From: Kasra Fakhari Date: Sat, 7 Mar 2020 11:25:21 +0330 Subject: [PATCH 5/6] fix two other tests for docker new client config style --- log/monitor_test.go | 9 ++++++++- metric/reporter_test.go | 9 ++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/log/monitor_test.go b/log/monitor_test.go index affe335..f26b83f 100644 --- a/log/monitor_test.go +++ b/log/monitor_test.go @@ -13,6 +13,7 @@ import ( docker "github.com/fsouza/go-dockerclient" dTesting "github.com/fsouza/go-dockerclient/testing" + "github.com/tsuru/bs/config" "github.com/tsuru/bs/container" "gopkg.in/check.v1" "gopkg.in/mcuadros/go-syslog.v2/format" @@ -277,7 +278,13 @@ func (s *S) TestLogEntryFromName(c *check.C) { func serverWithClient(c *check.C) (*dTesting.DockerServer, *container.InfoClient) { dockerServer, err := dTesting.NewServer("127.0.0.1:0", nil, nil) c.Assert(err, check.IsNil) - cli, err := container.NewClient(dockerServer.URL()) + cli, err := container.NewClient(&config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }) c.Assert(err, check.IsNil) err = cli.GetClient().PullImage(docker.PullImageOptions{Repository: "myimg"}, docker.AuthConfiguration{}) c.Assert(err, check.IsNil) diff --git a/metric/reporter_test.go b/metric/reporter_test.go index 26d62d1..dc3e606 100644 --- a/metric/reporter_test.go +++ b/metric/reporter_test.go @@ -10,6 +10,7 @@ import ( "testing" docker "github.com/fsouza/go-dockerclient" + "github.com/tsuru/bs/config" "github.com/tsuru/bs/container" "gopkg.in/check.v1" ) @@ -107,7 +108,13 @@ func (s *S) TestGetMetrics(c *check.C) { bogusContainers := s.buildContainers() dockerServer, conts := s.startDockerServer(bogusContainers, nil, c) s.prepareStats(dockerServer, conts) - client, err := container.NewClient(dockerServer.URL()) + client, err := container.NewClient(&config.DockerConfig{ + Endpoint: dockerServer.URL(), + UseTLS: false, + CertFile: "/docker-certs/cert.pem", + KeyFile: "/docker-certs/key.pem", + CaFile: "/docker-certs/ca.pem", + }) c.Assert(err, check.IsNil) defer dockerServer.Stop() r := Reporter{backend: &fakeBackend, infoClient: client} From 461e9749f0ffe3950b9a1afaf8b0f7a7560eb880 Mon Sep 17 00:00:00 2001 From: Kasra Fakhari Date: Sat, 7 Mar 2020 18:39:32 +0330 Subject: [PATCH 6/6] fix file format --- status/status_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/status/status_test.go b/status/status_test.go index 226d9b3..35042b1 100644 --- a/status/status_test.go +++ b/status/status_test.go @@ -232,7 +232,7 @@ func (s S) TestReportStatusMultipleRemovals(c *check.C) { tsuruServer, _ := s.startTsuruServer(&resp) defer tsuruServer.Close() reporter, err := NewReporter(&ReporterConfig{ - Interval: 10 * time.Minute, + Interval: 10 * time.Minute, DockerClientInfo: &config.DockerConfig{ Endpoint: dockerServer.URL(), UseTLS: false, @@ -240,8 +240,8 @@ func (s S) TestReportStatusMultipleRemovals(c *check.C) { KeyFile: "/docker-certs/key.pem", CaFile: "/docker-certs/ca.pem", }, - TsuruEndpoint: tsuruServer.URL, - TsuruToken: "some-token", + TsuruEndpoint: tsuruServer.URL, + TsuruToken: "some-token", }) c.Assert(err, check.IsNil) reporter.Stop()