This repository has been archived by the owner on Apr 29, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 9
/
ingress.go
114 lines (96 loc) · 3.28 KB
/
ingress.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
package cs
import (
"bytes"
"fmt"
"strings"
"github.com/caos/orbos/mntr"
"github.com/caos/orbos/internal/operator/orbiter/kinds/clusters/core/infra"
"github.com/caos/orbos/internal/operator/orbiter/kinds/loadbalancers/dynamic"
dynamiclbmodel "github.com/caos/orbos/internal/operator/orbiter/kinds/loadbalancers/dynamic"
)
func desiredToCurrentVIP(current *Current) func(vip *dynamiclbmodel.VIP) string {
return func(vip *dynamic.VIP) string {
for idx := range vip.Transport {
transport := vip.Transport[idx]
address, ok := current.Current.Ingresses[transport.Name]
if ok {
return address.Location
}
}
panic(fmt.Errorf("external address for %v is not ensured", vip))
}
}
func checkAuth(_ infra.Machine) (string, int) {
return `#!/bin/sh
set -e
curl -f -H "Authorization: Bearer $(cat /var/orbiter/cstoken)" "https://api.cloudscale.ch/v1/floating-ips"
`, 0
}
func notifyMaster(hostPools map[string][]*dynamiclbmodel.VIP, current *Current, poolsWithUnassignedVIPs map[string]bool) func(m infra.Machine) (string, bool) {
return func(m infra.Machine) (string, bool) {
machine := m.(*machine)
return fmt.Sprintf(`#!/bin/sh
set -e
# API token (with write permission) to access the cloudscale.ch API.
api_token="$(cat /var/orbiter/cstoken)"
# Set of Floating IPs shared between the servers within the same VRRP group.
floating_ipv4='%s'
# UUID of the server that this script is running on.
# The UUID of the server can be retrieved using the API.
server_uuid='%s'
# Call the cloudscale.ch API to assign a specific Floating IP to this server.
set_master() {
curl \
-f \
-H "Authorization: Bearer $api_token" \
-F server="$server_uuid" \
"https://api.cloudscale.ch/v1/floating-ips/$1"
}
for VIP in "$floating_ipv4"; do
set_master $VIP
done
`, strings.Join(hostedVIPs(hostPools, m, current), " "), machine.server.UUID), poolsWithUnassignedVIPs[machine.poolName]
}
}
func hostedVIPs(hostPools map[string][]*dynamiclbmodel.VIP, m infra.Machine, current *Current) []string {
seen := make(map[string]bool)
var locations []string
for hostPool, vips := range hostPools {
if m.(*machine).server.Tags["pool"] != hostPool {
continue
}
for vipIdx := range vips {
vip := vips[vipIdx]
for transpIdx := range vip.Transport {
transp := vip.Transport[transpIdx]
addr, ok := current.Current.Ingresses[transp.Name]
if !ok || addr == nil {
continue
}
if _, ok := seen[addr.Location]; !ok {
seen[addr.Location] = true
locations = append(locations, addr.Location)
}
}
}
}
return locations
}
func ensureTokens(monitor mntr.Monitor, token []byte, authCheckResult []dynamiclbmodel.AuthCheckResult) []func() error {
var ensure []func() error
for idx := range authCheckResult {
ensure = append(ensure, func(result dynamiclbmodel.AuthCheckResult) func() error {
return func() error { return ensureToken(monitor, token, result) }
}(authCheckResult[idx]))
}
return ensure
}
func ensureToken(monitor mntr.Monitor, token []byte, authCheckResult dynamiclbmodel.AuthCheckResult) error {
if authCheckResult.ExitCode != 0 {
if err := authCheckResult.Machine.WriteFile("/var/orbiter/cstoken", bytes.NewReader(token), 600); err != nil {
return err
}
monitor.WithField("machine", authCheckResult.Machine.ID()).Info("API token written")
}
return nil
}