forked from rancher/rancher
-
Notifications
You must be signed in to change notification settings - Fork 0
/
listener_controller.go
108 lines (93 loc) · 2.72 KB
/
listener_controller.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
package dynamiclistener
import (
"net/http"
"context"
"github.com/rancher/norman/types/convert"
"github.com/rancher/rancher/pkg/cert"
"github.com/rancher/rancher/pkg/settings"
"github.com/rancher/types/apis/management.cattle.io/v3"
"github.com/rancher/types/config"
"k8s.io/apimachinery/pkg/labels"
)
type Controller struct {
listenConfig v3.ListenConfigInterface
listenConfigLister v3.ListenConfigLister
server *server
}
func Start(ctx context.Context, context *config.ScaledContext, httpPort, httpsPort int, handler http.Handler) {
c := &Controller{
server: newServer(ctx, context.Management.ListenConfigs(""),
context.Management.ListenConfigs("").Controller().Lister(),
handler, httpPort, httpsPort),
listenConfig: context.Management.ListenConfigs(""),
listenConfigLister: context.Management.ListenConfigs("").Controller().Lister(),
}
context.Management.ListenConfigs("").AddHandler("listener", c.sync)
go func() {
<-ctx.Done()
c.server.Shutdown()
}()
}
func (c *Controller) sync(key string, listener *v3.ListenConfig) error {
if listener == nil {
return nil
}
if listener.Enabled {
return c.enable(listener)
}
c.server.Disable(listener)
allConfigs, err := c.listenConfigLister.List("", labels.Everything())
if err != nil {
return err
}
var lastConfig *v3.ListenConfig
for _, config := range allConfigs {
if !config.Enabled || config.DeletionTimestamp != nil {
continue
}
if lastConfig == nil || lastConfig.CreationTimestamp.Before(&config.CreationTimestamp) {
lastConfig = config
}
}
if lastConfig != nil {
return c.enable(listener)
}
return nil
}
func (c *Controller) enable(listener *v3.ListenConfig) error {
current, err := c.server.Enable(listener)
if err != nil {
return err
}
if current {
return c.updateCurrent(listener)
}
return nil
}
func (c *Controller) updateCurrent(listener *v3.ListenConfig) error {
settings.CACerts.Set(listener.CACerts)
if listener.Key != "" && listener.CACerts != "" && listener.Cert != "" {
certInfo, err := cert.Info(listener.Cert+"\n"+listener.CACerts, listener.Key)
if err != nil {
return err
}
if certInfo.SerialNumber != listener.SerialNumber {
copy := listener.DeepCopy()
copy.CertFingerprint = certInfo.Fingerprint
copy.CN = certInfo.CN
copy.Version = certInfo.Version
copy.ExpiresAt = convert.ToString(certInfo.ExpiresAt)
copy.Issuer = certInfo.Issuer
copy.IssuedAt = convert.ToString(certInfo.IssuedAt)
copy.Algorithm = certInfo.Algorithm
copy.SerialNumber = certInfo.SerialNumber
copy.KeySize = certInfo.KeySize
copy.SubjectAlternativeNames = certInfo.SubjectAlternativeNames
_, err := c.listenConfig.Update(copy)
if err != nil {
return err
}
}
}
return nil
}