-
Notifications
You must be signed in to change notification settings - Fork 48
/
main.go
141 lines (117 loc) Β· 4.44 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
// Copyright (c) Microsoft and contributors. All rights reserved.
//
// This source code is licensed under the MIT license found in the
// LICENSE file in the root directory of this source tree.
package main
import (
"context"
"flag"
"net"
"net/url"
"os"
"os/signal"
"strconv"
"syscall"
"time"
"github.com/Azure/kubernetes-kms/pkg/metrics"
"github.com/Azure/kubernetes-kms/pkg/plugin"
"github.com/Azure/kubernetes-kms/pkg/utils"
"github.com/Azure/kubernetes-kms/pkg/version"
"google.golang.org/grpc"
pb "k8s.io/apiserver/pkg/storage/value/encrypt/envelope/v1beta1"
"k8s.io/component-base/config"
json "k8s.io/component-base/logs/json"
"k8s.io/klog/v2"
)
var (
listenAddr = flag.String("listen-addr", "unix:///opt/azurekms.socket", "gRPC listen address")
keyvaultName = flag.String("keyvault-name", "", "Azure Key Vault name")
keyName = flag.String("key-name", "", "Azure Key Vault KMS key name")
keyVersion = flag.String("key-version", "", "Azure Key Vault KMS key version")
logFormatJSON = flag.Bool("log-format-json", false, "set log formatter to json")
// TODO remove this flag in future release.
_ = flag.String("configFilePath", "/etc/kubernetes/azure.json", "[DEPRECATED] Path for Azure Cloud Provider config file")
configFilePath = flag.String("config-file-path", "/etc/kubernetes/azure.json", "Path for Azure Cloud Provider config file")
versionInfo = flag.Bool("version", false, "Prints the version information")
healthzPort = flag.Int("healthz-port", 8787, "port for health check")
healthzPath = flag.String("healthz-path", "/healthz", "path for health check")
healthzTimeout = flag.Duration("healthz-timeout", 20*time.Second, "RPC timeout for health check")
metricsBackend = flag.String("metrics-backend", "prometheus", "Backend used for metrics")
metricsAddress = flag.String("metrics-addr", "8095", "The address the metric endpoint binds to")
proxyMode = flag.Bool("proxy-mode", false, "Proxy mode")
proxyAddress = flag.String("proxy-address", "", "proxy address")
proxyPort = flag.Int("proxy-port", 7788, "port for proxy")
)
func main() {
klog.InitFlags(nil)
flag.Parse()
if *logFormatJSON {
jsonFactory := json.Factory{}
logger, _ := jsonFactory.Create(config.FormatOptions{})
klog.SetLogger(logger)
}
if *versionInfo {
version.PrintVersion()
os.Exit(0)
}
ctx := withShutdownSignal(context.Background())
// initialize metrics exporter
err := metrics.InitMetricsExporter(*metricsBackend, *metricsAddress)
if err != nil {
klog.Fatalf("failed to initialize metrics exporter, error: %+v", err)
}
klog.InfoS("Starting KeyManagementServiceServer service", "version", version.BuildVersion, "buildDate", version.BuildDate)
kmsServer, err := plugin.New(ctx, *configFilePath, *keyvaultName, *keyName, *keyVersion, *proxyMode, *proxyAddress, *proxyPort)
if err != nil {
klog.Fatalf("failed to create server, error: %v", err)
}
// Initialize and run the GRPC server
proto, addr, err := utils.ParseEndpoint(*listenAddr)
if err != nil {
klog.Fatalf("failed to parse endpoint, err: %+v", err)
}
if err := os.Remove(addr); err != nil && !os.IsNotExist(err) {
klog.Fatalf("failed to remove %s, error: %s", addr, err.Error())
}
listener, err := net.Listen(proto, addr)
if err != nil {
klog.Fatalf("failed to listen: %v", err)
}
opts := []grpc.ServerOption{
grpc.UnaryInterceptor(utils.UnaryServerInterceptor),
}
s := grpc.NewServer(opts...)
pb.RegisterKeyManagementServiceServer(s, kmsServer)
klog.Infof("Listening for connections on address: %v", listener.Addr())
go s.Serve(listener)
healthz := &plugin.HealthZ{
KMSServer: kmsServer,
HealthCheckURL: &url.URL{
Host: net.JoinHostPort("", strconv.FormatUint(uint64(*healthzPort), 10)),
Path: *healthzPath,
},
UnixSocketPath: listener.Addr().String(),
RPCTimeout: *healthzTimeout,
}
go healthz.Serve()
<-ctx.Done()
// gracefully stop the grpc server
klog.Infof("terminating the server")
s.GracefulStop()
klog.Flush()
// using os.Exit skips running deferred functions
os.Exit(0)
}
// withShutdownSignal returns a copy of the parent context that will close if
// the process receives termination signals.
func withShutdownSignal(ctx context.Context) context.Context {
signalChan := make(chan os.Signal, 1)
signal.Notify(signalChan, syscall.SIGTERM, syscall.SIGINT, os.Interrupt)
nctx, cancel := context.WithCancel(ctx)
go func() {
<-signalChan
klog.Info("received shutdown signal")
cancel()
}()
return nctx
}