mirror of https://github.com/hashicorp/consul
agent/proxy: pass proxy ID as an env var
parent
37dde6d64a
commit
6e386ba6be
|
@ -33,6 +33,10 @@ type Daemon struct {
|
||||||
// be a Cmd that isn't yet started.
|
// be a Cmd that isn't yet started.
|
||||||
Command *exec.Cmd
|
Command *exec.Cmd
|
||||||
|
|
||||||
|
// ProxyId is the ID of the proxy service. This is required for API
|
||||||
|
// requests (along with the token) and is passed via env var.
|
||||||
|
ProxyId string
|
||||||
|
|
||||||
// ProxyToken is the special local-only ACL token that allows a proxy
|
// ProxyToken is the special local-only ACL token that allows a proxy
|
||||||
// to communicate to the Connect-specific endpoints.
|
// to communicate to the Connect-specific endpoints.
|
||||||
ProxyToken string
|
ProxyToken string
|
||||||
|
@ -204,7 +208,9 @@ func (p *Daemon) start() (*os.Process, error) {
|
||||||
// reference. We allocate an exactly sized slice.
|
// reference. We allocate an exactly sized slice.
|
||||||
cmd.Env = make([]string, len(p.Command.Env), len(p.Command.Env)+1)
|
cmd.Env = make([]string, len(p.Command.Env), len(p.Command.Env)+1)
|
||||||
copy(cmd.Env, p.Command.Env)
|
copy(cmd.Env, p.Command.Env)
|
||||||
cmd.Env = append(cmd.Env, fmt.Sprintf("%s=%s", EnvProxyToken, p.ProxyToken))
|
cmd.Env = append(cmd.Env,
|
||||||
|
fmt.Sprintf("%s=%s", EnvProxyId, p.ProxyId),
|
||||||
|
fmt.Sprintf("%s=%s", EnvProxyToken, p.ProxyToken))
|
||||||
|
|
||||||
// Args must always contain a 0 entry which is usually the executed binary.
|
// Args must always contain a 0 entry which is usually the executed binary.
|
||||||
// To be safe and a bit more robust we default this, but only to prevent
|
// To be safe and a bit more robust we default this, but only to prevent
|
||||||
|
@ -387,6 +393,9 @@ func (p *Daemon) UnmarshalSnapshot(m map[string]interface{}) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// daemonSnapshot is the structure of the marshalled data for snapshotting.
|
// daemonSnapshot is the structure of the marshalled data for snapshotting.
|
||||||
|
//
|
||||||
|
// Note we don't have to store the ProxyId because this is stored directly
|
||||||
|
// within the manager snapshot and is restored automatically.
|
||||||
type daemonSnapshot struct {
|
type daemonSnapshot struct {
|
||||||
// Pid of the process. This is the only value actually required to
|
// Pid of the process. This is the only value actually required to
|
||||||
// regain mangement control. The remainder values are for Equal.
|
// regain mangement control. The remainder values are for Equal.
|
||||||
|
|
|
@ -30,10 +30,12 @@ func TestDaemonStartStop(t *testing.T) {
|
||||||
|
|
||||||
d := &Daemon{
|
d := &Daemon{
|
||||||
Command: helperProcess("start-stop", path),
|
Command: helperProcess("start-stop", path),
|
||||||
|
ProxyId: "tubes",
|
||||||
ProxyToken: uuid,
|
ProxyToken: uuid,
|
||||||
Logger: testLogger,
|
Logger: testLogger,
|
||||||
}
|
}
|
||||||
require.NoError(d.Start())
|
require.NoError(d.Start())
|
||||||
|
defer d.Stop()
|
||||||
|
|
||||||
// Wait for the file to exist
|
// Wait for the file to exist
|
||||||
retry.Run(t, func(r *retry.R) {
|
retry.Run(t, func(r *retry.R) {
|
||||||
|
@ -49,7 +51,7 @@ func TestDaemonStartStop(t *testing.T) {
|
||||||
// that we properly passed the token as an env var.
|
// that we properly passed the token as an env var.
|
||||||
data, err := ioutil.ReadFile(path)
|
data, err := ioutil.ReadFile(path)
|
||||||
require.NoError(err)
|
require.NoError(err)
|
||||||
require.Equal(uuid, string(data))
|
require.Equal("tubes:"+uuid, string(data))
|
||||||
|
|
||||||
// Stop the process
|
// Stop the process
|
||||||
require.NoError(d.Stop())
|
require.NoError(d.Stop())
|
||||||
|
|
|
@ -411,6 +411,7 @@ func (m *Manager) newProxy(mp *local.ManagedProxy) (Proxy, error) {
|
||||||
|
|
||||||
// Build the daemon structure
|
// Build the daemon structure
|
||||||
proxy.Command = &cmd
|
proxy.Command = &cmd
|
||||||
|
proxy.ProxyId = id
|
||||||
proxy.ProxyToken = mp.ProxyToken
|
proxy.ProxyToken = mp.ProxyToken
|
||||||
return proxy, nil
|
return proxy, nil
|
||||||
|
|
||||||
|
|
|
@ -11,9 +11,16 @@ import (
|
||||||
"github.com/hashicorp/consul/agent/structs"
|
"github.com/hashicorp/consul/agent/structs"
|
||||||
)
|
)
|
||||||
|
|
||||||
// EnvProxyToken is the name of the environment variable that is passed
|
const (
|
||||||
// to managed proxies containing the proxy token.
|
// EnvProxyId is the name of the environment variable that is set for
|
||||||
const EnvProxyToken = "CONNECT_PROXY_TOKEN"
|
// managed proxies containing the proxy service ID. This is required along
|
||||||
|
// with the token to make API requests related to the proxy.
|
||||||
|
EnvProxyId = "CONNECT_PROXY_ID"
|
||||||
|
|
||||||
|
// EnvProxyToken is the name of the environment variable that is passed
|
||||||
|
// to managed proxies containing the proxy token.
|
||||||
|
EnvProxyToken = "CONNECT_PROXY_TOKEN"
|
||||||
|
)
|
||||||
|
|
||||||
// Proxy is the interface implemented by all types of managed proxies.
|
// Proxy is the interface implemented by all types of managed proxies.
|
||||||
//
|
//
|
||||||
|
@ -51,6 +58,10 @@ type Proxy interface {
|
||||||
// so that Consul can recover the proxy process after a restart. The
|
// so that Consul can recover the proxy process after a restart. The
|
||||||
// result should only contain primitive values and containers (lists/maps).
|
// result should only contain primitive values and containers (lists/maps).
|
||||||
//
|
//
|
||||||
|
// MarshalSnapshot does NOT need to store the following fields, since they
|
||||||
|
// are part of the manager snapshot and will be automatically restored
|
||||||
|
// for any proxies: proxy ID.
|
||||||
|
//
|
||||||
// UnmarshalSnapshot is called to restore the receiving Proxy from its
|
// UnmarshalSnapshot is called to restore the receiving Proxy from its
|
||||||
// marshalled state. If UnmarshalSnapshot returns an error, the snapshot
|
// marshalled state. If UnmarshalSnapshot returns an error, the snapshot
|
||||||
// is ignored and the marshalled snapshot will be lost. The manager will
|
// is ignored and the marshalled snapshot will be lost. The manager will
|
||||||
|
|
|
@ -78,7 +78,10 @@ func TestHelperProcess(t *testing.T) {
|
||||||
defer signal.Stop(ch)
|
defer signal.Stop(ch)
|
||||||
|
|
||||||
path := args[0]
|
path := args[0]
|
||||||
data := []byte(os.Getenv(EnvProxyToken))
|
var data []byte
|
||||||
|
data = append(data, []byte(os.Getenv(EnvProxyId))...)
|
||||||
|
data = append(data, ':')
|
||||||
|
data = append(data, []byte(os.Getenv(EnvProxyToken))...)
|
||||||
|
|
||||||
if err := ioutil.WriteFile(path, data, 0644); err != nil {
|
if err := ioutil.WriteFile(path, data, 0644); err != nil {
|
||||||
t.Fatalf("err: %s", err)
|
t.Fatalf("err: %s", err)
|
||||||
|
|
Loading…
Reference in New Issue