Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cleanup pkg/ssh #70940

Merged
merged 1 commit into from
Dec 5, 2018
Merged

cleanup pkg/ssh #70940

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 0 additions & 1 deletion pkg/master/tunneler/BUILD
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ go_library(
"//pkg/util/file:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/util/clock:go_default_library",
"//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library",
"//vendor/github.com/prometheus/client_golang/prometheus:go_default_library",
"//vendor/k8s.io/klog:go_default_library",
],
)
Expand Down
9 changes: 3 additions & 6 deletions pkg/master/tunneler/ssh.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,11 +29,9 @@ import (

"k8s.io/apimachinery/pkg/util/clock"
"k8s.io/apimachinery/pkg/util/wait"
"k8s.io/klog"
"k8s.io/kubernetes/pkg/ssh"
utilfile "k8s.io/kubernetes/pkg/util/file"

"github.com/prometheus/client_golang/prometheus"
"k8s.io/klog"
)

type InstallSSHKey func(ctx context.Context, user string, data []byte) error
Expand Down Expand Up @@ -83,9 +81,8 @@ type SSHTunneler struct {
InstallSSHKey InstallSSHKey
HealthCheckURL *url.URL

tunnels *ssh.SSHTunnelList
lastSyncMetric prometheus.GaugeFunc
clock clock.Clock
tunnels *ssh.SSHTunnelList
clock clock.Clock

getAddresses AddressFunc
stopChan chan struct{}
Expand Down
4 changes: 2 additions & 2 deletions pkg/master/tunneler/ssh_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,9 @@ import (
"testing"
"time"

"k8s.io/apimachinery/pkg/util/clock"

"github.com/stretchr/testify/assert"

"k8s.io/apimachinery/pkg/util/clock"
)

// TestSecondsSinceSync verifies that proper results are returned
Expand Down
64 changes: 15 additions & 49 deletions pkg/ssh/ssh.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ import (
"encoding/pem"
"errors"
"fmt"
"io"
"io/ioutil"
mathrand "math/rand"
"net"
Expand All @@ -39,11 +38,11 @@ import (

"github.com/prometheus/client_golang/prometheus"
"golang.org/x/crypto/ssh"
"k8s.io/klog"

utilnet "k8s.io/apimachinery/pkg/util/net"
"k8s.io/apimachinery/pkg/util/runtime"
"k8s.io/apimachinery/pkg/util/wait"
"k8s.io/klog"
)

var (
Expand All @@ -68,51 +67,27 @@ func init() {

// TODO: Unit tests for this code, we can spin up a test SSH server with instructions here:
// https://godoc.org/golang.org/x/crypto/ssh#ServerConn
type SSHTunnel struct {
type sshTunnel struct {
Config *ssh.ClientConfig
Host string
SSHPort string
running bool
sock net.Listener
client *ssh.Client
}

func (s *SSHTunnel) copyBytes(out io.Writer, in io.Reader) {
if _, err := io.Copy(out, in); err != nil {
klog.Errorf("Error in SSH tunnel: %v", err)
}
}

func NewSSHTunnel(user, keyfile, host string) (*SSHTunnel, error) {
signer, err := MakePrivateKeySignerFromFile(keyfile)
if err != nil {
return nil, err
}
return makeSSHTunnel(user, signer, host)
}

func NewSSHTunnelFromBytes(user string, privateKey []byte, host string) (*SSHTunnel, error) {
signer, err := MakePrivateKeySignerFromBytes(privateKey)
if err != nil {
return nil, err
}
return makeSSHTunnel(user, signer, host)
}

func makeSSHTunnel(user string, signer ssh.Signer, host string) (*SSHTunnel, error) {
func makeSSHTunnel(user string, signer ssh.Signer, host string) (*sshTunnel, error) {
config := ssh.ClientConfig{
User: user,
Auth: []ssh.AuthMethod{ssh.PublicKeys(signer)},
HostKeyCallback: ssh.InsecureIgnoreHostKey(),
}
return &SSHTunnel{
return &sshTunnel{
Config: &config,
Host: host,
SSHPort: "22",
}, nil
}

func (s *SSHTunnel) Open() error {
func (s *sshTunnel) Open() error {
var err error
s.client, err = realTimeoutDialer.Dial("tcp", net.JoinHostPort(s.Host, s.SSHPort), s.Config)
tunnelOpenCounter.Inc()
Expand All @@ -122,28 +97,15 @@ func (s *SSHTunnel) Open() error {
return err
}

func (s *SSHTunnel) Dial(ctx context.Context, network, address string) (net.Conn, error) {
func (s *sshTunnel) Dial(ctx context.Context, network, address string) (net.Conn, error) {
if s.client == nil {
return nil, errors.New("tunnel is not opened.")
}
// This Dial method does not allow to pass a context unfortunately
return s.client.Dial(network, address)
}

func (s *SSHTunnel) tunnel(conn net.Conn, remoteHost, remotePort string) error {
if s.client == nil {
return errors.New("tunnel is not opened.")
}
tunnel, err := s.client.Dial("tcp", net.JoinHostPort(remoteHost, remotePort))
if err != nil {
return err
}
go s.copyBytes(tunnel, conn)
go s.copyBytes(conn, tunnel)
return nil
}

func (s *SSHTunnel) Close() error {
func (s *sshTunnel) Close() error {
if s.client == nil {
return errors.New("Cannot close tunnel. Tunnel was not opened.")
}
Expand Down Expand Up @@ -305,13 +267,17 @@ type sshTunnelEntry struct {
}

type sshTunnelCreator interface {
NewSSHTunnel(user, keyFile, healthCheckURL string) (tunnel, error)
newSSHTunnel(user, keyFile, host string) (tunnel, error)
}

type realTunnelCreator struct{}

func (*realTunnelCreator) NewSSHTunnel(user, keyFile, healthCheckURL string) (tunnel, error) {
return NewSSHTunnel(user, keyFile, healthCheckURL)
func (*realTunnelCreator) newSSHTunnel(user, keyFile, host string) (tunnel, error) {
signer, err := MakePrivateKeySignerFromFile(keyFile)
if err != nil {
return nil, err
}
return makeSSHTunnel(user, signer, host)
}

type SSHTunnelList struct {
Expand Down Expand Up @@ -481,7 +447,7 @@ func (l *SSHTunnelList) Update(addrs []string) {

func (l *SSHTunnelList) createAndAddTunnel(addr string) {
klog.Infof("Trying to add tunnel to %q", addr)
tunnel, err := l.tunnelCreator.NewSSHTunnel(l.user, l.keyfile, addr)
tunnel, err := l.tunnelCreator.newSSHTunnel(l.user, l.keyfile, addr)
if err != nil {
klog.Errorf("Failed to create tunnel for %q: %v", addr, err)
return
Expand Down
16 changes: 12 additions & 4 deletions pkg/ssh/ssh_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,9 @@ import (
"testing"
"time"

"k8s.io/apimachinery/pkg/util/wait"

"golang.org/x/crypto/ssh"

"k8s.io/apimachinery/pkg/util/wait"
"k8s.io/klog"
)

Expand Down Expand Up @@ -134,7 +134,7 @@ func TestSSHTunnel(t *testing.T) {
}

privateData := EncodePrivateKey(private)
tunnel, err := NewSSHTunnelFromBytes("foo", privateData, server.Host)
tunnel, err := newSSHTunnelFromBytes("foo", privateData, server.Host)
if err != nil {
t.Errorf("unexpected error: %v", err)
t.FailNow()
Expand Down Expand Up @@ -183,7 +183,7 @@ func (*fakeTunnel) Dial(ctx context.Context, network, address string) (net.Conn,

type fakeTunnelCreator struct{}

func (*fakeTunnelCreator) NewSSHTunnel(string, string, string) (tunnel, error) {
func (*fakeTunnelCreator) newSSHTunnel(string, string, string) (tunnel, error) {
return &fakeTunnel{}, nil
}

Expand Down Expand Up @@ -355,3 +355,11 @@ func TestTimeoutDialer(t *testing.T) {

listener.Close()
}

func newSSHTunnelFromBytes(user string, privateKey []byte, host string) (*sshTunnel, error) {
signer, err := MakePrivateKeySignerFromBytes(privateKey)
if err != nil {
return nil, err
}
return makeSSHTunnel(user, signer, host)
}