enable etcd lock

yunionio · Apr 28, 2020 · 5158a50 · 5158a50
1 parent 38c1c70
commit 5158a50
Show file tree

Hide file tree

Showing 6 changed files with 74 additions and 2 deletions.
diff --git a/pkg/apis/identity/endpoint.go b/pkg/apis/identity/endpoint.go
@@ -36,3 +36,7 @@ type CertificateDetails struct {
 	CaCertificate string `json:"ca_certificate"`
 	CaPrivateKey  string `json:"ca_private_key"`
 }
+
+const (
+	ENDPOINT_ETCD_INTERNAL = "etcd-internal"
+)
diff --git a/pkg/cloudcommon/app/auth.go b/pkg/cloudcommon/app/auth.go
@@ -19,13 +19,17 @@ import (
 	"time"
 
 	"yunion.io/x/log"
+	"yunion.io/x/pkg/errors"
 	"yunion.io/x/pkg/utils"
 
+	"yunion.io/x/onecloud/pkg/apis/identity"
 	"yunion.io/x/onecloud/pkg/cloudcommon/consts"
 	"yunion.io/x/onecloud/pkg/cloudcommon/notifyclient"
 	common_options "yunion.io/x/onecloud/pkg/cloudcommon/options"
 	"yunion.io/x/onecloud/pkg/cloudcommon/policy"
+	"yunion.io/x/onecloud/pkg/httperrors"
 	"yunion.io/x/onecloud/pkg/mcclient/auth"
+	"yunion.io/x/onecloud/pkg/mcclient/modules"
 )
 
 func InitAuth(options *common_options.CommonOptions, authComplete auth.AuthCompletedCallback) {
@@ -90,3 +94,19 @@ func InitBaseAuth(options *common_options.BaseOptions) {
 	}
 	consts.SetNonDefaultDomainProjects(options.NonDefaultDomainProjects)
 }
+
+func FetchEtcdServiceInfo() (*identity.EndpointDetails, error) {
+	s := auth.GetAdminSession(context.Background(), "", "")
+	ret, err := modules.EndpointsV3.GetByName(s, identity.ENDPOINT_ETCD_INTERNAL, nil)
+	if err != nil && errors.Cause(err) == httperrors.ErrNotFound {
+		return nil, nil
+	} else if err != nil {
+		return nil, err
+	}
+	endpoint := new(identity.EndpointDetails)
+	err = ret.Unmarshal(endpoint)
+	if err != nil {
+		return nil, errors.Wrap(err, "unmarshal endpoint")
+	}
+	return endpoint, nil
+}
diff --git a/pkg/cloudcommon/etcd/etcd.go b/pkg/cloudcommon/etcd/etcd.go
@@ -25,6 +25,7 @@ import (
 	"google.golang.org/grpc"
 
 	"yunion.io/x/log"
+
 	"yunion.io/x/onecloud/pkg/util/seclib2"
 )
 

diff --git a/pkg/cloudcommon/options/options.go b/pkg/cloudcommon/options/options.go
@@ -128,8 +128,8 @@ type DBOptions struct {
 	LockmanMethod string `help:"method for lock synchronization" choices:"inmemory|etcd" default:"inmemory"`
 
 	EtcdOptions
-	EtcdLockPrefix string `help:"prefix of etcd lock records"`
-	EtcdLockTTL    int    `help:"ttl of etcd lock records"`
+	EtcdLockPrefix string `help:"prefix of etcd lock records" default:"/onecloud/lockman"`
+	EtcdLockTTL    int    `help:"ttl of etcd lock records" default:"5"`
 }
 
 type EtcdOptions struct {

diff --git a/pkg/compute/options/options.go b/pkg/compute/options/options.go
@@ -132,6 +132,8 @@ type ComputeOptions struct {
 	EnableHostHealthCheck bool `help:"enable host health check"`
 	HostHealthTimeout     int  `help:"second of wait host reconnect" default:"60"`
 
+	FetchEtcdServiceInfoAndUseEtcdLock bool `default:"true" help:"fetch etcd service info and use etcd lock"`
+
 	SCapabilityOptions
 	SASControllerOptions
 	common_options.CommonOptions

diff --git a/pkg/compute/service/service.go b/pkg/compute/service/service.go
@@ -16,7 +16,9 @@ package service
 
 import (
 	"context"
+	"io/ioutil"
 	"os"
+	"path/filepath"
 	"time"
 
 	_ "github.com/go-sql-driver/mysql"
@@ -60,6 +62,13 @@ func StartService() {
 		log.Infof("Auth complete!!")
 	})
 
+	if opts.FetchEtcdServiceInfoAndUseEtcdLock {
+		err := initEtcdLockOpts(opts)
+		if err != nil {
+			log.Fatalln(err)
+		}
+	}
+
 	app := app_common.InitApp(baseOpts, true)
 	InitHandlers(app)
 
@@ -162,3 +171,39 @@ func initDefaultEtcdClient(opts *common_options.DBOptions) error {
 	}
 	return nil
 }
+
+func initEtcdLockOpts(opts *options.ComputeOptions) error {
+	etcdEndpoint, err := app_common.FetchEtcdServiceInfo()
+	if err != nil {
+		return errors.Wrap(err, "fetch etcd service info")
+	}
+	if etcdEndpoint != nil {
+		opts.EtcdEndpoints = []string{etcdEndpoint.Url}
+		opts.LockmanMethod = common_options.LockMethodEtcd
+		if len(etcdEndpoint.CertId) > 0 {
+			dir, err := ioutil.TempDir("", "etcd-cluster-tls")
+			if err != nil {
+				return errors.Wrap(err, "create dir etcd cluster tls")
+			}
+			opts.EtcdCert, err = writeFile(dir, "etcd.crt", []byte(etcdEndpoint.Certificate))
+			if err != nil {
+				return errors.Wrap(err, "write file certificate")
+			}
+			opts.EtcdKey, err = writeFile(dir, "etcd.key", []byte(etcdEndpoint.PrivateKey))
+			if err != nil {
+				return errors.Wrap(err, "write file private key")
+			}
+			opts.EtcdCacert, err = writeFile(dir, "etcd-ca.crt", []byte(etcdEndpoint.CaCertificate))
+			if err != nil {
+				return errors.Wrap(err, "write file  cacert")
+			}
+			opts.EtcdUseTLS = true
+		}
+	}
+	return nil
+}
+
+func writeFile(dir, file string, data []byte) (string, error) {
+	p := filepath.Join(dir, file)
+	return p, ioutil.WriteFile(p, data, 0600)
+}