From 4d3f822c7df4a1bb87c137ad40412823439e2bbb Mon Sep 17 00:00:00 2001 From: CMGS Date: Thu, 5 Dec 2019 13:07:17 +0800 Subject: [PATCH] set CertPath to global config --- core.yaml.sample | 2 +- engine/docker/docker.go | 8 ++++---- store/etcdv3/node.go | 16 +++++++--------- store/etcdv3/node_test.go | 2 +- types/config.go | 2 +- 5 files changed, 14 insertions(+), 16 deletions(-) diff --git a/core.yaml.sample b/core.yaml.sample index 92ad88d87..5d7f8c6dd 100644 --- a/core.yaml.sample +++ b/core.yaml.sample @@ -4,6 +4,7 @@ statsd: "127.0.0.1:8125" profile: ":12346" global_timeout: 300s lock_timeout: 30s +cert_path: "/etc/eru/tls" auth: username: admin @@ -37,7 +38,6 @@ docker: config: "max-size": "10m" network_mode: "bridge" - cert_path: "/etc/eru/tls" hub: "hub.docker.com" namespace: "projecteru2" build_pod: "eru-test" diff --git a/engine/docker/docker.go b/engine/docker/docker.go index 6b79bc153..b3928b5f3 100644 --- a/engine/docker/docker.go +++ b/engine/docker/docker.go @@ -31,16 +31,16 @@ type Engine struct { // MakeClient make docker cli func MakeClient(ctx context.Context, config coretypes.Config, nodename, endpoint, ca, cert, key string) (engine.API, error) { var client *http.Client - if config.Docker.CertPath != "" && ca != "" && cert != "" && key != "" { - caFile, err := ioutil.TempFile(config.Docker.CertPath, fmt.Sprintf("ca-%s", nodename)) + if config.CertPath != "" && ca != "" && cert != "" && key != "" { + caFile, err := ioutil.TempFile(config.CertPath, fmt.Sprintf("ca-%s", nodename)) if err != nil { return nil, err } - certFile, err := ioutil.TempFile(config.Docker.CertPath, fmt.Sprintf("cert-%s", nodename)) + certFile, err := ioutil.TempFile(config.CertPath, fmt.Sprintf("cert-%s", nodename)) if err != nil { return nil, err } - keyFile, err := ioutil.TempFile(config.Docker.CertPath, fmt.Sprintf("key-%s", nodename)) + keyFile, err := ioutil.TempFile(config.CertPath, fmt.Sprintf("key-%s", nodename)) if err != nil { return nil, err } diff --git a/store/etcdv3/node.go b/store/etcdv3/node.go index 02d35d6fc..0b25c2f41 100644 --- a/store/etcdv3/node.go +++ b/store/etcdv3/node.go @@ -6,7 +6,7 @@ import ( "fmt" "strconv" - engineInterface "github.com/projecteru2/core/engine" + "github.com/projecteru2/core/engine" "github.com/projecteru2/core/store" "github.com/coreos/etcd/clientv3" @@ -35,13 +35,13 @@ func (m *Mercury) AddNode(ctx context.Context, name, endpoint, podname, ca, cert // 尝试加载的客户端 // 会自动判断是否是支持的 url - engine, err := enginefactory.GetEngine(ctx, m.config, name, endpoint, ca, cert, key) + client, err := enginefactory.GetEngine(ctx, m.config, name, endpoint, ca, cert, key) if err != nil { return nil, err } // 判断这货是不是活着的 - info, err := engine.Info(ctx) + info, err := client.Info(ctx) if err != nil { return nil, err } @@ -209,21 +209,19 @@ func (m *Mercury) UpdateNodeResource(ctx context.Context, node *types.Node, cpu return m.UpdateNode(ctx, node) } -func (m *Mercury) makeClient(ctx context.Context, podname, nodename, endpoint string, force bool) (engineInterface.API, error) { +func (m *Mercury) makeClient(ctx context.Context, podname, nodename, endpoint string, force bool) (engine.API, error) { // try get client, if nil, create a new one - var client engineInterface.API + var client engine.API var err error client = _cache.Get(nodename) if client == nil || force { var ca, cert, key string - if m.config.Docker.CertPath != "" { + if m.config.CertPath != "" { keyFormats := []string{nodeCaKey, nodeCertKey, nodeKeyKey} data := []string{"", "", ""} for i := 0; i < 3; i++ { - ev, err := m.GetOne(ctx, fmt.Sprintf(keyFormats[i], nodename)) - if err != nil { + if ev, err := m.GetOne(ctx, fmt.Sprintf(keyFormats[i], nodename)); err != nil { log.Warnf("[makeClient] Get key failed %v", err) - data[i] = "" } else { data[i] = string(ev.Value) } diff --git a/store/etcdv3/node_test.go b/store/etcdv3/node_test.go index 885ea5e69..a143426d9 100644 --- a/store/etcdv3/node_test.go +++ b/store/etcdv3/node_test.go @@ -190,7 +190,7 @@ RdCPRPt513WozkJZZAjUSP2U -----END PRIVATE KEY-----` nodename3 := "nodename3" endpoint3 := "tcp://path" - m.config.Docker.CertPath = "/tmp" + m.config.CertPath = "/tmp" node3, err := m.doAddNode(ctx, nodename3, endpoint3, podname, ca, cert, certkey, cpu, share, memory, storage, labels, nil, nil) assert.NoError(t, err) engine3, err := m.makeClient(ctx, podname, nodename3, endpoint3, true) diff --git a/types/config.go b/types/config.go index a451a07f3..953e26911 100644 --- a/types/config.go +++ b/types/config.go @@ -12,6 +12,7 @@ type Config struct { GlobalTimeout time.Duration `yaml:"global_timeout" required:"true" default:"300s"` // timeout for remove, run_and_wait and build, in second Statsd string `yaml:"statsd"` // statsd host and port Profile string `yaml:"profile"` // profile ip:port + CertPath string `yaml:"cert_path"` // docker cert files path Auth AuthConfig `yaml:"auth"` // grpc auth GRPCConfig GRPCConfig `yaml:"grpc"` // grpc config @@ -45,7 +46,6 @@ type GitConfig struct { type DockerConfig struct { APIVersion string `yaml:"version" required:"true" default:"1.32"` // docker API version NetworkMode string `yaml:"network_mode" required:"true" default:"host"` // docker network mode - CertPath string `yaml:"cert_path" required:"true" default:"/tmp"` // docker cert files path Hub string `yaml:"hub"` // docker hub address Namespace string `yaml:"namespace"` // docker hub prefix, will be set to $Hub/$HubPrefix/$appname BuildPod string `yaml:"build_pod"` // podname used to build