/
server.go
58 lines (47 loc) · 1.49 KB
/
server.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
package main
import (
"crypto/x509"
"io"
"log"
"net/http"
"time"
flag "github.com/spf13/pflag"
certUtil "k8s.io/client-go/util/cert"
)
var (
listenAddr = flag.String("listen-addr", ":8080", "HTTP serving address.")
readTimeout = flag.Duration("read-timeout", 2*time.Minute, "HTTP request timeout.")
writeTimeout = flag.Duration("write-timeout", 2*time.Minute, "HTTP response timeout.")
)
// Called on every request to /cert. Errors will be logged and return a 500.
type certProvider func() ([]*x509.Certificate, error)
func httpserver(cp certProvider) {
mux := http.NewServeMux()
mux.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "text/plain; charset=utf-8")
io.WriteString(w, "ok\n")
})
mux.HandleFunc("/v1/cert.pem", func(w http.ResponseWriter, r *http.Request) {
certs, err := cp()
if err != nil {
log.Printf("Error handling /cert request: %v", err)
w.Header().Set("Content-Type", "text/plain; charset=utf-8")
w.WriteHeader(http.StatusInternalServerError)
io.WriteString(w, "Internal error\n")
return
}
w.Header().Set("Content-Type", "application/x-pem-file")
for _, cert := range certs {
w.Write(certUtil.EncodeCertPEM(cert))
}
})
server := http.Server{
Addr: *listenAddr,
Handler: mux,
ReadTimeout: *readTimeout,
WriteTimeout: *writeTimeout,
}
log.Printf("HTTP server serving on %s", server.Addr)
err := server.ListenAndServe()
log.Printf("HTTP server exiting: %v", err)
}