X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/fb7dca3e3f07d37ad542f0e7cdf177f616493fe9..5f41a89121dea9d536ea33391ae2827432db947b:/lib/service/cmd.go

diff --git a/lib/service/cmd.go b/lib/service/cmd.go
index 5687ec1dad..20441c2a6c 100644
--- a/lib/service/cmd.go
+++ b/lib/service/cmd.go
@@ -147,9 +147,10 @@ func (c *command) RunCommand(prog string, args []string, stdin io.Reader, stdout
 	instrumented := httpserver.Instrument(reg, log,
 		httpserver.HandlerWithDeadline(cluster.API.RequestTimeout.Duration(),
 			httpserver.AddRequestIDs(
-				httpserver.LogRequests(
-					interceptHealthReqs(cluster.ManagementToken, handler.CheckHealth,
-						httpserver.NewRequestLimiter(cluster.API.MaxConcurrentRequests, handler, reg))))))
+				httpserver.Inspect(reg, cluster.ManagementToken,
+					httpserver.LogRequests(
+						interceptHealthReqs(cluster.ManagementToken, handler.CheckHealth,
+							httpserver.NewRequestLimiter(cluster.API.MaxConcurrentRequests, handler, reg)))))))
 	srv := &httpserver.Server{
 		Server: http.Server{
 			Handler:     ifCollectionInHost(instrumented, instrumented.ServeAPI(cluster.ManagementToken, instrumented)),
@@ -158,7 +159,7 @@ func (c *command) RunCommand(prog string, args []string, stdin io.Reader, stdout
 		Addr: listenURL.Host,
 	}
 	if listenURL.Scheme == "https" || listenURL.Scheme == "wss" {
-		tlsconfig, err := tlsConfigWithCertUpdater(cluster, logger)
+		tlsconfig, err := makeTLSConfig(cluster, logger)
 		if err != nil {
 			logger.WithError(err).Errorf("cannot start %s service on %s", c.svcName, listenURL.String())
 			return 1
@@ -241,10 +242,11 @@ func getListenAddr(svcs arvados.Services, prog arvados.ServiceName, log logrus.F
 		return arvados.URL{}, arvados.URL{}, fmt.Errorf("unknown service name %q", prog)
 	}
 
-	if want := os.Getenv("ARVADOS_SERVICE_INTERNAL_URL"); want == "" {
-	} else if url, err := url.Parse(want); err != nil {
-		return arvados.URL{}, arvados.URL{}, fmt.Errorf("$ARVADOS_SERVICE_INTERNAL_URL (%q): %s", want, err)
-	} else {
+	if want := os.Getenv("ARVADOS_SERVICE_INTERNAL_URL"); want != "" {
+		url, err := url.Parse(want)
+		if err != nil {
+			return arvados.URL{}, arvados.URL{}, fmt.Errorf("$ARVADOS_SERVICE_INTERNAL_URL (%q): %s", want, err)
+		}
 		if url.Path == "" {
 			url.Path = "/"
 		}
@@ -272,7 +274,19 @@ func getListenAddr(svcs arvados.Services, prog arvados.ServiceName, log logrus.F
 			// intermediate proxy/routing)
 			listenURL = internalURL
 		}
-		listener, err := net.Listen("tcp", listenURL.Host)
+		listenAddr := listenURL.Host
+		if _, _, err := net.SplitHostPort(listenAddr); err != nil {
+			// url "https://foo.example/" (with no
+			// explicit port name/number) means listen on
+			// the well-known port for the specified
+			// protocol, "foo.example:https".
+			port := listenURL.Scheme
+			if port == "ws" || port == "wss" {
+				port = "http" + port[2:]
+			}
+			listenAddr = net.JoinHostPort(listenAddr, port)
+		}
+		listener, err := net.Listen("tcp", listenAddr)
 		if err == nil {
 			listener.Close()
 			return listenURL, internalURL, nil