From aabdf0fec790f9dd341af07013cc1c47ae04b876 Mon Sep 17 00:00:00 2001 From: Eric Biagiotti Date: Tue, 6 Aug 2019 18:00:36 -0400 Subject: [PATCH] 14715: Keepproxy uses cluster config Arvados-DCO-1.1-Signed-off-by: Eric Biagiotti --- lib/config/deprecated.go | 3 +- services/keepproxy/keepproxy.go | 196 +++++++++++++++----------------- services/keepproxy/usage.go | 75 +----------- 3 files changed, 97 insertions(+), 177 deletions(-) diff --git a/lib/config/deprecated.go b/lib/config/deprecated.go index dcfdd8b747..4e7b85ec5d 100644 --- a/lib/config/deprecated.go +++ b/lib/config/deprecated.go @@ -380,10 +380,11 @@ func (ldr *Loader) loadOldKeepproxyConfig(cfg *arvados.Config) error { cluster.ManagementToken = *oc.ManagementToken } + // The following legacy options are no longer supported. If they are set to + // true or PIDFile has a value, error out and notify the user unsupportedEntry := func(cfgEntry string) error { return fmt.Errorf("the keepproxy %s configuration option is no longer supported, please remove it from your configuration file", cfgEntry) } - if oc.DisableGet != nil && *oc.DisableGet { return unsupportedEntry("DisableGet") } diff --git a/services/keepproxy/keepproxy.go b/services/keepproxy/keepproxy.go index f8aa6c4aa7..e4e54040f2 100644 --- a/services/keepproxy/keepproxy.go +++ b/services/keepproxy/keepproxy.go @@ -20,39 +20,20 @@ import ( "syscall" "time" + "git.curoverse.com/arvados.git/lib/config" "git.curoverse.com/arvados.git/sdk/go/arvados" "git.curoverse.com/arvados.git/sdk/go/arvadosclient" - "git.curoverse.com/arvados.git/sdk/go/config" "git.curoverse.com/arvados.git/sdk/go/health" "git.curoverse.com/arvados.git/sdk/go/httpserver" "git.curoverse.com/arvados.git/sdk/go/keepclient" "github.com/coreos/go-systemd/daemon" - "github.com/ghodss/yaml" "github.com/gorilla/mux" log "github.com/sirupsen/logrus" + "gopkg.in/yaml.v2" ) var version = "dev" -type Config struct { - Client arvados.Client - Listen string - DisableGet bool - DisablePut bool - DefaultReplicas int - Timeout arvados.Duration - PIDFile string - Debug bool - ManagementToken string -} - -func DefaultConfig() *Config { - return &Config{ - Listen: ":25107", - Timeout: arvados.Duration(15 * time.Second), - } -} - var ( listener net.Listener router http.Handler @@ -60,69 +41,74 @@ var ( const rfc3339NanoFixed = "2006-01-02T15:04:05.000000000Z07:00" -func main() { - log.SetFormatter(&log.JSONFormatter{ - TimestampFormat: rfc3339NanoFixed, - }) - - cfg := DefaultConfig() +func configure(logger log.FieldLogger, args []string) *arvados.Cluster { + flags := flag.NewFlagSet(args[0], flag.ExitOnError) + flags.Usage = usage - flagset := flag.NewFlagSet("keepproxy", flag.ExitOnError) - flagset.Usage = usage + dumpConfig := flags.Bool("dump-config", false, "write current configuration to stdout and exit") + getVersion := flags.Bool("version", false, "Print version information and exit.") - const deprecated = " (DEPRECATED -- use config file instead)" - flagset.StringVar(&cfg.Listen, "listen", cfg.Listen, "Local port to listen on."+deprecated) - flagset.BoolVar(&cfg.DisableGet, "no-get", cfg.DisableGet, "Disable GET operations."+deprecated) - flagset.BoolVar(&cfg.DisablePut, "no-put", cfg.DisablePut, "Disable PUT operations."+deprecated) - flagset.IntVar(&cfg.DefaultReplicas, "default-replicas", cfg.DefaultReplicas, "Default number of replicas to write if not specified by the client. If 0, use site default."+deprecated) - flagset.StringVar(&cfg.PIDFile, "pid", cfg.PIDFile, "Path to write pid file."+deprecated) - timeoutSeconds := flagset.Int("timeout", int(time.Duration(cfg.Timeout)/time.Second), "Timeout (in seconds) on requests to internal Keep services."+deprecated) - flagset.StringVar(&cfg.ManagementToken, "management-token", cfg.ManagementToken, "Authorization token to be included in all health check requests.") + loader := config.NewLoader(os.Stdin, logger) + loader.SetupFlags(flags) - var cfgPath string - const defaultCfgPath = "/etc/arvados/keepproxy/keepproxy.yml" - flagset.StringVar(&cfgPath, "config", defaultCfgPath, "Configuration file `path`") - dumpConfig := flagset.Bool("dump-config", false, "write current configuration to stdout and exit") - getVersion := flagset.Bool("version", false, "Print version information and exit.") - flagset.Parse(os.Args[1:]) + args = loader.MungeLegacyConfigArgs(logger, args[1:], "-legacy-keepproxy-config") + flags.Parse(args) // Print version information if requested if *getVersion { fmt.Printf("keepproxy %s\n", version) - return + return nil } - err := config.LoadFile(cfg, cfgPath) + cfg, err := loader.Load() if err != nil { - h := os.Getenv("ARVADOS_API_HOST") - t := os.Getenv("ARVADOS_API_TOKEN") - if h == "" || t == "" || !os.IsNotExist(err) || cfgPath != defaultCfgPath { + log.Fatal(err) + } + + cluster, err := cfg.GetCluster("") + if err != nil { + log.Fatal(err) + } + + if *dumpConfig { + out, err := yaml.Marshal(cfg) + if err != nil { log.Fatal(err) } - log.Print("DEPRECATED: No config file found, but ARVADOS_API_HOST and ARVADOS_API_TOKEN environment variables are set. Please use a config file instead.") - cfg.Client.APIHost = h - cfg.Client.AuthToken = t - if regexp.MustCompile("^(?i:1|yes|true)$").MatchString(os.Getenv("ARVADOS_API_HOST_INSECURE")) { - cfg.Client.Insecure = true - } - if y, err := yaml.Marshal(cfg); err == nil && !*dumpConfig { - log.Print("Current configuration:\n", string(y)) + _, err = os.Stdout.Write(out) + if err != nil { + log.Fatal(err) } - cfg.Timeout = arvados.Duration(time.Duration(*timeoutSeconds) * time.Second) + return nil } + return cluster +} - if *dumpConfig { - log.Fatal(config.DumpAndExit(cfg)) +func main() { + logger := log.New() + logger.Formatter = &log.JSONFormatter{ + TimestampFormat: rfc3339NanoFixed, + } + + cluster := configure(logger, os.Args) + if cluster == nil { + return } log.Printf("keepproxy %s started", version) - arv, err := arvadosclient.New(&cfg.Client) + client, err := arvados.NewClientFromConfig(cluster) + if err != nil { + log.Fatal(err) + } + client.AuthToken = cluster.SystemRootToken + + arv, err := arvadosclient.New(client) if err != nil { log.Fatalf("Error setting up arvados client %s", err.Error()) } - if cfg.Debug { + if cluster.SystemLogs.LogLevel == "debug" { keepclient.DebugPrintf = log.Printf } kc, err := keepclient.MakeKeepClient(arv) @@ -131,39 +117,43 @@ func main() { } keepclient.RefreshServiceDiscoveryOnSIGHUP() - if cfg.PIDFile != "" { - f, err := os.Create(cfg.PIDFile) - if err != nil { - log.Fatal(err) - } - defer f.Close() - err = syscall.Flock(int(f.Fd()), syscall.LOCK_EX|syscall.LOCK_NB) - if err != nil { - log.Fatalf("flock(%s): %s", cfg.PIDFile, err) - } - defer os.Remove(cfg.PIDFile) - err = f.Truncate(0) - if err != nil { - log.Fatalf("truncate(%s): %s", cfg.PIDFile, err) - } - _, err = fmt.Fprint(f, os.Getpid()) - if err != nil { - log.Fatalf("write(%s): %s", cfg.PIDFile, err) - } - err = f.Sync() - if err != nil { - log.Fatalf("sync(%s): %s", cfg.PIDFile, err) - } + pidFile := "keepproxy" + f, err := os.Create(pidFile) + if err != nil { + log.Fatal(err) + } + defer f.Close() + err = syscall.Flock(int(f.Fd()), syscall.LOCK_EX|syscall.LOCK_NB) + if err != nil { + log.Fatalf("flock(%s): %s", pidFile, err) + } + defer os.Remove(pidFile) + err = f.Truncate(0) + if err != nil { + log.Fatalf("truncate(%s): %s", pidFile, err) + } + _, err = fmt.Fprint(f, os.Getpid()) + if err != nil { + log.Fatalf("write(%s): %s", pidFile, err) + } + err = f.Sync() + if err != nil { + log.Fatalf("sync(%s): %s", pidFile, err) } - if cfg.DefaultReplicas > 0 { - kc.Want_replicas = cfg.DefaultReplicas + if cluster.Collections.DefaultReplication > 0 { + kc.Want_replicas = cluster.Collections.DefaultReplication } - listener, err = net.Listen("tcp", cfg.Listen) + var listen arvados.URL + for listen = range cluster.Services.Keepproxy.InternalURLs { + break + } + listener, err := net.Listen("tcp", listen.Host) if err != nil { - log.Fatalf("listen(%s): %s", cfg.Listen, err) + log.Fatalf("listen(%s): %s", listen, err) } + if _, err := daemon.SdNotify(false, "READY=1"); err != nil { log.Printf("Error notifying init daemon: %v", err) } @@ -181,7 +171,7 @@ func main() { signal.Notify(term, syscall.SIGINT) // Start serving requests. - router = MakeRESTRouter(!cfg.DisableGet, !cfg.DisablePut, kc, time.Duration(cfg.Timeout), cfg.ManagementToken) + router = MakeRESTRouter(kc, time.Duration(cluster.API.KeepServiceRequestTimeout), cluster.SystemRootToken) http.Serve(listener, httpserver.AddRequestIDs(httpserver.LogRequests(router))) log.Println("shutting down") @@ -292,7 +282,7 @@ type proxyHandler struct { // MakeRESTRouter returns an http.Handler that passes GET and PUT // requests to the appropriate handlers. -func MakeRESTRouter(enable_get bool, enable_put bool, kc *keepclient.KeepClient, timeout time.Duration, mgmtToken string) http.Handler { +func MakeRESTRouter(kc *keepclient.KeepClient, timeout time.Duration, mgmtToken string) http.Handler { rest := mux.NewRouter() transport := defaultTransport @@ -315,24 +305,20 @@ func MakeRESTRouter(enable_get bool, enable_put bool, kc *keepclient.KeepClient, }, } - if enable_get { - rest.HandleFunc(`/{locator:[0-9a-f]{32}\+.*}`, h.Get).Methods("GET", "HEAD") - rest.HandleFunc(`/{locator:[0-9a-f]{32}}`, h.Get).Methods("GET", "HEAD") + rest.HandleFunc(`/{locator:[0-9a-f]{32}\+.*}`, h.Get).Methods("GET", "HEAD") + rest.HandleFunc(`/{locator:[0-9a-f]{32}}`, h.Get).Methods("GET", "HEAD") - // List all blocks - rest.HandleFunc(`/index`, h.Index).Methods("GET") + // List all blocks + rest.HandleFunc(`/index`, h.Index).Methods("GET") - // List blocks whose hash has the given prefix - rest.HandleFunc(`/index/{prefix:[0-9a-f]{0,32}}`, h.Index).Methods("GET") - } + // List blocks whose hash has the given prefix + rest.HandleFunc(`/index/{prefix:[0-9a-f]{0,32}}`, h.Index).Methods("GET") - if enable_put { - rest.HandleFunc(`/{locator:[0-9a-f]{32}\+.*}`, h.Put).Methods("PUT") - rest.HandleFunc(`/{locator:[0-9a-f]{32}}`, h.Put).Methods("PUT") - rest.HandleFunc(`/`, h.Put).Methods("POST") - rest.HandleFunc(`/{any}`, h.Options).Methods("OPTIONS") - rest.HandleFunc(`/`, h.Options).Methods("OPTIONS") - } + rest.HandleFunc(`/{locator:[0-9a-f]{32}\+.*}`, h.Put).Methods("PUT") + rest.HandleFunc(`/{locator:[0-9a-f]{32}}`, h.Put).Methods("PUT") + rest.HandleFunc(`/`, h.Put).Methods("POST") + rest.HandleFunc(`/{any}`, h.Options).Methods("OPTIONS") + rest.HandleFunc(`/`, h.Options).Methods("OPTIONS") rest.Handle("/_health/{check}", &health.Handler{ Token: mgmtToken, diff --git a/services/keepproxy/usage.go b/services/keepproxy/usage.go index 6d3d21e6f2..4eeb550654 100644 --- a/services/keepproxy/usage.go +++ b/services/keepproxy/usage.go @@ -5,86 +5,19 @@ package main import ( - "encoding/json" - "flag" "fmt" "os" ) func usage() { - c := DefaultConfig() - c.Client.APIHost = "zzzzz.arvadosapi.com:443" - exampleConfigFile, err := json.MarshalIndent(c, " ", " ") - if err != nil { - panic(err) - } fmt.Fprintf(os.Stderr, ` - -Keepproxy forwards GET and PUT requests to keepstore servers. See +Keepproxy forwards GET and PUT requests to keepstore servers. See http://doc.arvados.org/install/install-keepproxy.html Usage: keepproxy [-config path/to/keepproxy.yml] -Options: -`) - flag.PrintDefaults() - fmt.Fprintf(os.Stderr, ` -Example config file: - %s - -Client.APIHost: - - Address (or address:port) of the Arvados API endpoint. - -Client.AuthToken: - - Anonymous API token. - -Client.Insecure: - - True if your Arvados API endpoint uses an unverifiable SSL/TLS - certificate. - -Listen: - - Local port to listen on. Can be "address:port" or ":port", where - "address" is a host IP address or name and "port" is a port number - or name. - -DisableGet: - - Respond 404 to GET and HEAD requests. +DEPRECATION WARNING: The -config parameter is deprecated. Use the +cluster config instead. -DisablePut: - - Respond 404 to PUT, POST, and OPTIONS requests. - -DefaultReplicas: - - Default number of replicas to write if not specified by the - client. If this is zero or omitted, the site-wide - defaultCollectionReplication configuration will be used. - -Timeout: - - Timeout for requests to keep services, with units (e.g., "120s", - "2m"). - -PIDFile: - - Path to PID file. During startup this file will be created if - needed, and locked using flock() until keepproxy exits. If it is - already locked, or any error is encountered while writing to it, - keepproxy will exit immediately. If omitted or empty, no PID file - will be used. - -Debug: - - Enable debug logging. - -ManagementToken: - - Authorization token to be included in all health check requests. - -`, exampleConfigFile) +`) } -- 2.30.2