Merge pull request #3968 from onedr0p/etcd-snapshot-insecure

Allow option to disable s3 over https when using etcd-snapshot
pull/3992/head
Michal Rostecki 3 years ago committed by GitHub
commit bfb3d9b19d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -77,6 +77,11 @@ var EtcdSnapshotFlags = []cli.Flag{
Usage: "(db) S3 folder", Usage: "(db) S3 folder",
Destination: &ServerConfig.EtcdS3Folder, Destination: &ServerConfig.EtcdS3Folder,
}, },
&cli.BoolFlag{
Name: "s3-insecure",
Usage: "(db) Disables S3 over HTTPS",
Destination: &ServerConfig.EtcdS3Insecure,
},
} }
func NewEtcdSnapshotCommand(action func(*cli.Context) error, subcommands []cli.Command) cli.Command { func NewEtcdSnapshotCommand(action func(*cli.Context) error, subcommands []cli.Command) cli.Command {

@ -89,6 +89,7 @@ type Server struct {
EtcdS3BucketName string EtcdS3BucketName string
EtcdS3Region string EtcdS3Region string
EtcdS3Folder string EtcdS3Folder string
EtcdS3Insecure bool
} }
var ( var (
@ -331,6 +332,11 @@ func NewServerCommand(action func(*cli.Context) error) cli.Command {
Usage: "(db) S3 folder", Usage: "(db) S3 folder",
Destination: &ServerConfig.EtcdS3Folder, Destination: &ServerConfig.EtcdS3Folder,
}, },
&cli.BoolFlag{
Name: "etcd-s3-insecure",
Usage: "(db) Disables S3 over HTTPS",
Destination: &ServerConfig.EtcdS3Insecure,
},
cli.StringFlag{ cli.StringFlag{
Name: "default-local-storage-path", Name: "default-local-storage-path",
Usage: "(storage) Default local storage path for local provisioner storage class", Usage: "(storage) Default local storage path for local provisioner storage class",

@ -49,6 +49,7 @@ func commandSetup(app *cli.Context, cfg *cmds.Server, sc *server.Config) (string
sc.ControlConfig.EtcdS3BucketName = cfg.EtcdS3BucketName sc.ControlConfig.EtcdS3BucketName = cfg.EtcdS3BucketName
sc.ControlConfig.EtcdS3Region = cfg.EtcdS3Region sc.ControlConfig.EtcdS3Region = cfg.EtcdS3Region
sc.ControlConfig.EtcdS3Folder = cfg.EtcdS3Folder sc.ControlConfig.EtcdS3Folder = cfg.EtcdS3Folder
sc.ControlConfig.EtcdS3Insecure = cfg.EtcdS3Insecure
sc.ControlConfig.Runtime = &config.ControlRuntime{} sc.ControlConfig.Runtime = &config.ControlRuntime{}
return server.ResolveDataDir(cfg.DataDir) return server.ResolveDataDir(cfg.DataDir)

@ -145,6 +145,7 @@ func run(app *cli.Context, cfg *cmds.Server, leaderControllers server.CustomCont
serverConfig.ControlConfig.EtcdS3BucketName = cfg.EtcdS3BucketName serverConfig.ControlConfig.EtcdS3BucketName = cfg.EtcdS3BucketName
serverConfig.ControlConfig.EtcdS3Region = cfg.EtcdS3Region serverConfig.ControlConfig.EtcdS3Region = cfg.EtcdS3Region
serverConfig.ControlConfig.EtcdS3Folder = cfg.EtcdS3Folder serverConfig.ControlConfig.EtcdS3Folder = cfg.EtcdS3Folder
serverConfig.ControlConfig.EtcdS3Insecure = cfg.EtcdS3Insecure
} else { } else {
logrus.Info("ETCD snapshots are disabled") logrus.Info("ETCD snapshots are disabled")
} }

@ -167,6 +167,7 @@ type Control struct {
EtcdS3BucketName string EtcdS3BucketName string
EtcdS3Region string EtcdS3Region string
EtcdS3Folder string EtcdS3Folder string
EtcdS3Insecure bool
BindAddress string BindAddress string
SANs []string SANs []string

@ -879,6 +879,7 @@ type s3Config struct {
Bucket string `json:"bucket,omitempty"` Bucket string `json:"bucket,omitempty"`
Region string `json:"region,omitempty"` Region string `json:"region,omitempty"`
Folder string `json:"folder,omitempty"` Folder string `json:"folder,omitempty"`
Insecure bool `json:"insecure,omitempty"`
} }
// SnapshotFile represents a single snapshot and it's // SnapshotFile represents a single snapshot and it's
@ -945,6 +946,7 @@ func (e *ETCD) listSnapshots(ctx context.Context, snapshotDir string) ([]Snapsho
Bucket: e.config.EtcdS3BucketName, Bucket: e.config.EtcdS3BucketName,
Region: e.config.EtcdS3Region, Region: e.config.EtcdS3Region,
Folder: e.config.EtcdS3Folder, Folder: e.config.EtcdS3Folder,
Insecure: e.config.EtcdS3Insecure,
}, },
}) })
} }

@ -53,7 +53,7 @@ func NewS3(ctx context.Context, config *config.Control) (*S3, error) {
opt := minio.Options{ opt := minio.Options{
Creds: creds, Creds: creds,
Secure: true, Secure: !config.EtcdS3Insecure,
Region: config.EtcdS3Region, Region: config.EtcdS3Region,
Transport: tr, Transport: tr,
BucketLookup: bucketLookupType(config.EtcdS3Endpoint), BucketLookup: bucketLookupType(config.EtcdS3Endpoint),

Loading…
Cancel
Save