From 8e235a72b41b1d2d624621bd370de5b092b55205 Mon Sep 17 00:00:00 2001 From: Hans Hasselberg Date: Thu, 13 Sep 2018 16:06:04 +0200 Subject: [PATCH] Allow disabling the HTTP API again. (#4655) If you provide an invalid HTTP configuration consul will still start again instead of failing. But if you do so the build-in proxy won't be able to start which you might need for connect. --- agent/agent.go | 50 +++++++++++++++++++++++++-------------------- agent/agent_test.go | 29 ++++++++++++++++++++++++++ 2 files changed, 57 insertions(+), 22 deletions(-) diff --git a/agent/agent.go b/agent/agent.go index 6b8dabe3ba..4fc0c02798 100644 --- a/agent/agent.go +++ b/agent/agent.go @@ -277,6 +277,30 @@ func LocalConfig(cfg *config.RuntimeConfig) local.Config { return lc } +func (a *Agent) setupProxyManager() error { + acfg, err := a.config.APIConfig(true) + if err != nil { + return fmt.Errorf("[INFO] agent: Connect managed proxies are disabled due to providing an invalid HTTP configuration") + } + a.proxyManager = proxy.NewManager() + a.proxyManager.AllowRoot = a.config.ConnectProxyAllowManagedRoot + a.proxyManager.State = a.State + a.proxyManager.Logger = a.logger + if a.config.DataDir != "" { + // DataDir is required for all non-dev mode agents, but we want + // to allow setting the data dir for demos and so on for the agent, + // so do the check above instead. + a.proxyManager.DataDir = filepath.Join(a.config.DataDir, "proxy") + + // Restore from our snapshot (if it exists) + if err := a.proxyManager.Restore(a.proxyManager.SnapshotPath()); err != nil { + a.logger.Printf("[WARN] agent: error restoring proxy state: %s", err) + } + } + a.proxyManager.ProxyEnv = acfg.GenerateEnv() + return nil +} + func (a *Agent) Start() error { c := a.config @@ -373,29 +397,11 @@ func (a *Agent) Start() error { // done here after the local state above is loaded in so we can have // a more accurate initial state view. if !c.ConnectTestDisableManagedProxies { - a.proxyManager = proxy.NewManager() - a.proxyManager.AllowRoot = a.config.ConnectProxyAllowManagedRoot - a.proxyManager.State = a.State - a.proxyManager.Logger = a.logger - if a.config.DataDir != "" { - // DataDir is required for all non-dev mode agents, but we want - // to allow setting the data dir for demos and so on for the agent, - // so do the check above instead. - a.proxyManager.DataDir = filepath.Join(a.config.DataDir, "proxy") - - // Restore from our snapshot (if it exists) - if err := a.proxyManager.Restore(a.proxyManager.SnapshotPath()); err != nil { - a.logger.Printf("[WARN] agent: error restoring proxy state: %s", err) - } + if err := a.setupProxyManager(); err != nil { + a.logger.Printf(err.Error()) + } else { + go a.proxyManager.Run() } - - acfg, err := a.config.APIConfig(true) - if err != nil { - return err - } - a.proxyManager.ProxyEnv = acfg.GenerateEnv() - - go a.proxyManager.Run() } // Start watching for critical services to deregister, based on their diff --git a/agent/agent_test.go b/agent/agent_test.go index 4881b1d024..7b1bc6c0bc 100644 --- a/agent/agent_test.go +++ b/agent/agent_test.go @@ -3054,3 +3054,32 @@ func TestAgent_ReLoadProxiesFromConfig(t *testing.T) { proxies = a.State.Proxies() require.Len(proxies, 0) } + +func TestAgent_SetupProxyManager(t *testing.T) { + t.Parallel() + dataDir := testutil.TempDir(t, "agent") // we manage the data dir + defer os.RemoveAll(dataDir) + hcl := ` + ports { http = -1 } + data_dir = "` + dataDir + `" + ` + c := TestConfig( + // randomPortsSource(false), + config.Source{Name: t.Name(), Format: "hcl", Data: hcl}, + ) + a, err := New(c) + require.NoError(t, err) + require.Error(t, a.setupProxyManager(), "setupProxyManager should fail with invalid HTTP API config") + + hcl = ` + ports { http = 8001 } + data_dir = "` + dataDir + `" + ` + c = TestConfig( + // randomPortsSource(false), + config.Source{Name: t.Name(), Format: "hcl", Data: hcl}, + ) + a, err = New(c) + require.NoError(t, err) + require.NoError(t, a.setupProxyManager()) +}