From 5eec3b04c37d6ff749e1da536d3352f2b18e5300 Mon Sep 17 00:00:00 2001 From: Seth Pellegrino Date: Fri, 28 Feb 2020 14:17:03 -0800 Subject: [PATCH] fix: etcd client terseness These changes surface the connection error that occurs inside the etcd client when a misconfiguration occurs (such as invalid TLS certificates, or an `address` that does not match one of the valid SANs). --- controlplane/kubeadm/internal/proxy/conn.go | 39 ++++++++++++++++++--- controlplane/kubeadm/internal/proxy/dial.go | 4 +-- go.mod | 2 ++ go.sum | 9 ++--- 4 files changed, 41 insertions(+), 13 deletions(-) diff --git a/controlplane/kubeadm/internal/proxy/conn.go b/controlplane/kubeadm/internal/proxy/conn.go index 1f15396b6bef..ddc4137e88e9 100644 --- a/controlplane/kubeadm/internal/proxy/conn.go +++ b/controlplane/kubeadm/internal/proxy/conn.go @@ -17,22 +17,32 @@ limitations under the License. package proxy import ( + "fmt" + "io" + "io/ioutil" "net" "time" "k8s.io/apimachinery/pkg/util/httpstream" + "k8s.io/apimachinery/pkg/util/runtime" ) // Conn is a Kubernetes API server proxied type of net/conn type Conn struct { stream httpstream.Stream + errChan chan error readDeadline time.Time writeDeadline time.Time } // Read from the connection func (c Conn) Read(b []byte) (n int, err error) { - return c.stream.Read(b) + select { + case err := <-c.errChan: + return 0, err + default: + return c.stream.Read(b) + } } // Close the underlying proxied connection @@ -42,7 +52,12 @@ func (c Conn) Close() error { // Write to the connection func (c Conn) Write(b []byte) (n int, err error) { - return c.stream.Write(b) + select { + case err := <-c.errChan: + return 0, err + default: + return c.stream.Write(b) + } } // Return a fake address representing the proxied connection @@ -77,8 +92,24 @@ func (c Conn) SetReadDeadline(t time.Time) error { // NewConn creates a new net/conn interface based on an underlying Kubernetes // API server proxy connection -func NewConn(stream httpstream.Stream) Conn { +func NewConn(stream httpstream.Stream, errorStream io.Reader) Conn { + errChan := make(chan error) + + go func() { + defer runtime.HandleCrash() + + message, err := ioutil.ReadAll(errorStream) + switch { + case err != nil && err != io.EOF: + errChan <- fmt.Errorf("error reading from error stream: %s", err) + case len(message) > 0: + errChan <- fmt.Errorf("read error from stream: %s", string(message)) + } + close(errChan) + }() + return Conn{ - stream: stream, + stream: stream, + errChan: errChan, } } diff --git a/controlplane/kubeadm/internal/proxy/dial.go b/controlplane/kubeadm/internal/proxy/dial.go index f60e7a84918c..94936e4cd913 100644 --- a/controlplane/kubeadm/internal/proxy/dial.go +++ b/controlplane/kubeadm/internal/proxy/dial.go @@ -83,7 +83,7 @@ func (d *Dialer) DialContextWithAddr(ctx context.Context, addr string) (net.Conn // DialContext creates proxied port-forwarded connections. // ctx is currently unused, but fulfils the type signature used by GRPC. -func (d *Dialer) DialContext(_ context.Context, network string, addr string) (net.Conn, error) { +func (d *Dialer) DialContext(_ context.Context, network string, _ string) (net.Conn, error) { req := d.clientset.CoreV1().RESTClient(). Post(). Resource(d.proxy.Kind). @@ -117,7 +117,7 @@ func (d *Dialer) DialContext(_ context.Context, network string, addr string) (ne return nil, errors.Wrap(err, "error creating forwarding stream") } - c := NewConn(dataStream) + c := NewConn(dataStream, errorStream) return c, nil } diff --git a/go.mod b/go.mod index e4c6c523f52c..e75f0e0e367f 100644 --- a/go.mod +++ b/go.mod @@ -46,3 +46,5 @@ require ( sigs.k8s.io/controller-runtime v0.5.0 sigs.k8s.io/yaml v1.1.0 ) + +replace google.golang.org/grpc => github.com/sethp-nr/grpc-go v0.0.0-20200228215221-53b5c65ead5f diff --git a/go.sum b/go.sum index 86794c35b8e8..2a69b919b996 100644 --- a/go.sum +++ b/go.sum @@ -292,6 +292,8 @@ github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uY github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= +github.com/sethp-nr/grpc-go v0.0.0-20200228215221-53b5c65ead5f h1:XcLYJNmsvqr6IMzc+hIqPdfUvlgR/7g5d7iBtRs8iNI= +github.com/sethp-nr/grpc-go v0.0.0-20200228215221-53b5c65ead5f/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= @@ -362,14 +364,12 @@ golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -395,7 +395,6 @@ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -427,7 +426,6 @@ golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190125232054-d66bd3c5d5a6/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -455,9 +453,6 @@ google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRn google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873 h1:nfPFGzJkUDX6uBmpN/pSw7MbOAWegH5QDQuoXFHedLg= google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.23.1 h1:q4XQuHFC6I28BKZpo6IYyb3mNO+l7lSOxRuYTCiDfXk= -google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=