2015-09-07 02:08:05 +00:00
|
|
|
package agent
|
|
|
|
|
|
|
|
import (
|
2019-10-10 19:30:37 +00:00
|
|
|
"bytes"
|
|
|
|
"context"
|
2017-10-13 23:25:25 +00:00
|
|
|
"encoding/json"
|
2019-10-07 19:52:26 +00:00
|
|
|
"fmt"
|
2019-10-10 19:30:37 +00:00
|
|
|
"io"
|
2015-09-11 22:19:26 +00:00
|
|
|
"net"
|
2015-09-07 02:08:05 +00:00
|
|
|
"net/http"
|
2017-09-14 17:04:48 +00:00
|
|
|
"sort"
|
2019-10-24 16:47:46 +00:00
|
|
|
"strconv"
|
2016-10-17 17:48:04 +00:00
|
|
|
"strings"
|
2015-09-07 02:08:05 +00:00
|
|
|
|
2019-10-10 19:30:37 +00:00
|
|
|
"github.com/docker/docker/pkg/ioutils"
|
2019-10-07 19:52:26 +00:00
|
|
|
log "github.com/hashicorp/go-hclog"
|
2017-10-09 23:09:44 +00:00
|
|
|
"github.com/hashicorp/nomad/acl"
|
2019-10-10 19:30:37 +00:00
|
|
|
cstructs "github.com/hashicorp/nomad/client/structs"
|
2019-12-04 13:36:12 +00:00
|
|
|
"github.com/hashicorp/nomad/command/agent/profile"
|
2016-10-17 17:48:04 +00:00
|
|
|
"github.com/hashicorp/nomad/nomad/structs"
|
2015-09-07 02:08:05 +00:00
|
|
|
"github.com/hashicorp/serf/serf"
|
2017-08-08 04:33:18 +00:00
|
|
|
"github.com/mitchellh/copystructure"
|
2019-10-10 19:30:37 +00:00
|
|
|
"github.com/ugorji/go/codec"
|
2015-09-07 02:08:05 +00:00
|
|
|
)
|
|
|
|
|
2015-09-11 22:19:26 +00:00
|
|
|
type Member struct {
|
|
|
|
Name string
|
|
|
|
Addr net.IP
|
|
|
|
Port uint16
|
|
|
|
Tags map[string]string
|
|
|
|
Status string
|
|
|
|
ProtocolMin uint8
|
|
|
|
ProtocolMax uint8
|
|
|
|
ProtocolCur uint8
|
|
|
|
DelegateMin uint8
|
|
|
|
DelegateMax uint8
|
|
|
|
DelegateCur uint8
|
|
|
|
}
|
|
|
|
|
|
|
|
func nomadMember(m serf.Member) Member {
|
|
|
|
return Member{
|
|
|
|
Name: m.Name,
|
|
|
|
Addr: m.Addr,
|
|
|
|
Port: m.Port,
|
|
|
|
Tags: m.Tags,
|
|
|
|
Status: m.Status.String(),
|
|
|
|
ProtocolMin: m.ProtocolMin,
|
|
|
|
ProtocolMax: m.ProtocolMax,
|
|
|
|
ProtocolCur: m.ProtocolCur,
|
|
|
|
DelegateMin: m.DelegateMin,
|
|
|
|
DelegateMax: m.DelegateMax,
|
|
|
|
DelegateCur: m.DelegateCur,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-09-07 02:08:05 +00:00
|
|
|
func (s *HTTPServer) AgentSelfRequest(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
if req.Method != "GET" {
|
|
|
|
return nil, CodedError(405, ErrInvalidMethod)
|
|
|
|
}
|
|
|
|
|
2017-10-06 19:02:53 +00:00
|
|
|
var secret string
|
|
|
|
s.parseToken(req, &secret)
|
|
|
|
|
2017-10-09 23:09:44 +00:00
|
|
|
var aclObj *acl.ACL
|
|
|
|
var err error
|
2017-10-06 19:02:53 +00:00
|
|
|
|
2015-09-07 02:08:05 +00:00
|
|
|
// Get the member as a server
|
2015-09-11 22:19:26 +00:00
|
|
|
var member serf.Member
|
2017-10-09 23:09:44 +00:00
|
|
|
if srv := s.agent.Server(); srv != nil {
|
2015-09-11 22:19:26 +00:00
|
|
|
member = srv.LocalMember()
|
2017-10-09 23:09:44 +00:00
|
|
|
aclObj, err = srv.ResolveToken(secret)
|
|
|
|
} else {
|
|
|
|
// Not a Server; use the Client for token resolution
|
|
|
|
aclObj, err = s.agent.Client().ResolveToken(secret)
|
|
|
|
}
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check agent read permissions
|
|
|
|
if aclObj != nil && !aclObj.AllowAgentRead() {
|
|
|
|
return nil, structs.ErrPermissionDenied
|
2015-09-07 02:08:05 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
self := agentSelf{
|
2015-09-11 22:19:26 +00:00
|
|
|
Member: nomadMember(member),
|
2015-09-07 02:08:05 +00:00
|
|
|
Stats: s.agent.Stats(),
|
|
|
|
}
|
2017-08-08 04:33:18 +00:00
|
|
|
if ac, err := copystructure.Copy(s.agent.config); err != nil {
|
|
|
|
return nil, CodedError(500, err.Error())
|
|
|
|
} else {
|
|
|
|
self.Config = ac.(*Config)
|
|
|
|
}
|
|
|
|
|
2017-08-08 17:54:11 +00:00
|
|
|
if self.Config != nil && self.Config.Vault != nil && self.Config.Vault.Token != "" {
|
2017-08-08 04:33:18 +00:00
|
|
|
self.Config.Vault.Token = "<redacted>"
|
|
|
|
}
|
|
|
|
|
2019-09-22 12:35:53 +00:00
|
|
|
if self.Config != nil && self.Config.ACL != nil && self.Config.ACL.ReplicationToken != "" {
|
|
|
|
self.Config.ACL.ReplicationToken = "<redacted>"
|
|
|
|
}
|
|
|
|
|
2019-09-23 17:07:27 +00:00
|
|
|
if self.Config != nil && self.Config.Consul != nil && self.Config.Consul.Token != "" {
|
|
|
|
self.Config.Consul.Token = "<redacted>"
|
|
|
|
}
|
|
|
|
|
|
|
|
if self.Config != nil && self.Config.Telemetry != nil && self.Config.Telemetry.CirconusAPIToken != "" {
|
|
|
|
self.Config.Telemetry.CirconusAPIToken = "<redacted>"
|
|
|
|
}
|
|
|
|
|
2015-09-07 02:08:05 +00:00
|
|
|
return self, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *HTTPServer) AgentJoinRequest(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
if req.Method != "PUT" && req.Method != "POST" {
|
|
|
|
return nil, CodedError(405, ErrInvalidMethod)
|
|
|
|
}
|
|
|
|
srv := s.agent.Server()
|
|
|
|
if srv == nil {
|
|
|
|
return nil, CodedError(501, ErrInvalidMethod)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the join addresses
|
|
|
|
query := req.URL.Query()
|
|
|
|
addrs := query["address"]
|
|
|
|
if len(addrs) == 0 {
|
|
|
|
return nil, CodedError(400, "missing address to join")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Attempt the join
|
|
|
|
num, err := srv.Join(addrs)
|
|
|
|
var errStr string
|
|
|
|
if err != nil {
|
|
|
|
errStr = err.Error()
|
|
|
|
}
|
|
|
|
return joinResult{num, errStr}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *HTTPServer) AgentMembersRequest(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
if req.Method != "GET" {
|
|
|
|
return nil, CodedError(405, ErrInvalidMethod)
|
|
|
|
}
|
2017-10-06 19:02:53 +00:00
|
|
|
|
2017-10-10 17:36:54 +00:00
|
|
|
args := &structs.GenericRequest{}
|
|
|
|
if s.parse(resp, req, &args.Region, &args.QueryOptions) {
|
|
|
|
return nil, nil
|
2017-10-06 19:02:53 +00:00
|
|
|
}
|
|
|
|
|
2016-11-03 21:14:52 +00:00
|
|
|
var out structs.ServerMembersResponse
|
|
|
|
if err := s.agent.RPC("Status.Members", args, &out); err != nil {
|
|
|
|
return nil, err
|
2015-09-07 02:08:05 +00:00
|
|
|
}
|
2015-09-11 22:19:26 +00:00
|
|
|
|
2016-11-03 21:14:52 +00:00
|
|
|
return out, nil
|
2015-09-07 02:08:05 +00:00
|
|
|
}
|
|
|
|
|
2019-10-07 19:52:26 +00:00
|
|
|
func (s *HTTPServer) AgentMonitor(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
var secret string
|
|
|
|
s.parseToken(req, &secret)
|
|
|
|
|
|
|
|
// Check agent read permissions
|
|
|
|
if aclObj, err := s.agent.Server().ResolveToken(secret); err != nil {
|
|
|
|
return nil, err
|
|
|
|
} else if aclObj != nil && !aclObj.AllowAgentRead() {
|
|
|
|
return nil, structs.ErrPermissionDenied
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the provided loglevel.
|
2019-10-30 13:36:39 +00:00
|
|
|
logLevel := req.URL.Query().Get("log_level")
|
2019-10-07 19:52:26 +00:00
|
|
|
if logLevel == "" {
|
|
|
|
logLevel = "INFO"
|
|
|
|
}
|
|
|
|
|
2019-10-09 15:17:29 +00:00
|
|
|
if log.LevelFromString(logLevel) == log.NoLevel {
|
|
|
|
return nil, CodedError(400, fmt.Sprintf("Unknown log level: %s", logLevel))
|
2019-10-07 19:52:26 +00:00
|
|
|
}
|
|
|
|
|
2019-10-30 13:55:41 +00:00
|
|
|
logJSON := false
|
2019-10-30 13:36:39 +00:00
|
|
|
logJSONStr := req.URL.Query().Get("log_json")
|
2019-10-30 13:55:41 +00:00
|
|
|
if logJSONStr != "" {
|
|
|
|
parsed, err := strconv.ParseBool(logJSONStr)
|
|
|
|
if err != nil {
|
|
|
|
return nil, CodedError(400, fmt.Sprintf("Unknown option for log json: %v", err))
|
|
|
|
}
|
|
|
|
logJSON = parsed
|
2019-10-24 16:47:46 +00:00
|
|
|
}
|
2019-10-09 15:17:29 +00:00
|
|
|
|
2019-11-05 15:34:02 +00:00
|
|
|
plainText := false
|
|
|
|
plainTextStr := req.URL.Query().Get("plain")
|
|
|
|
if plainTextStr != "" {
|
|
|
|
parsed, err := strconv.ParseBool(plainTextStr)
|
|
|
|
if err != nil {
|
|
|
|
return nil, CodedError(400, fmt.Sprintf("Unknown option for plain: %v", err))
|
|
|
|
}
|
|
|
|
plainText = parsed
|
|
|
|
}
|
|
|
|
|
2019-11-12 21:23:39 +00:00
|
|
|
nodeID := req.URL.Query().Get("node_id")
|
2019-10-15 19:14:25 +00:00
|
|
|
// Build the request and parse the ACL token
|
|
|
|
args := cstructs.MonitorRequest{
|
2019-11-05 15:34:02 +00:00
|
|
|
NodeID: nodeID,
|
2019-11-12 21:23:39 +00:00
|
|
|
ServerID: req.URL.Query().Get("server_id"),
|
2019-11-05 15:34:02 +00:00
|
|
|
LogLevel: logLevel,
|
|
|
|
LogJSON: logJSON,
|
|
|
|
PlainText: plainText,
|
2019-10-15 19:14:25 +00:00
|
|
|
}
|
2019-11-05 15:34:02 +00:00
|
|
|
|
2019-11-13 14:32:18 +00:00
|
|
|
// if node and server were requested return error
|
|
|
|
if args.NodeID != "" && args.ServerID != "" {
|
|
|
|
return nil, CodedError(400, "Cannot target node and server simultaneously")
|
|
|
|
}
|
|
|
|
|
2019-10-15 19:14:25 +00:00
|
|
|
s.parse(resp, req, &args.QueryOptions.Region, &args.QueryOptions)
|
|
|
|
|
|
|
|
// Make the RPC
|
|
|
|
var handler structs.StreamingRpcHandler
|
|
|
|
var handlerErr error
|
2019-10-24 20:55:23 +00:00
|
|
|
if nodeID != "" {
|
2019-10-25 14:58:54 +00:00
|
|
|
// Determine the handler to use
|
|
|
|
useLocalClient, useClientRPC, useServerRPC := s.rpcHandlerForNode(nodeID)
|
2019-10-24 20:55:23 +00:00
|
|
|
if useLocalClient {
|
|
|
|
handler, handlerErr = s.agent.Client().StreamingRpcHandler("Agent.Monitor")
|
|
|
|
} else if useClientRPC {
|
|
|
|
handler, handlerErr = s.agent.Client().RemoteStreamingRpcHandler("Agent.Monitor")
|
|
|
|
} else if useServerRPC {
|
|
|
|
handler, handlerErr = s.agent.Server().StreamingRpcHandler("Agent.Monitor")
|
|
|
|
} else {
|
|
|
|
handlerErr = CodedError(400, "No local Node and node_id not provided")
|
|
|
|
}
|
2019-10-15 19:14:25 +00:00
|
|
|
} else {
|
2019-12-04 13:36:12 +00:00
|
|
|
// No node id monitor server
|
2019-10-24 20:55:23 +00:00
|
|
|
handler, handlerErr = s.agent.Server().StreamingRpcHandler("Agent.Monitor")
|
2019-10-15 19:14:25 +00:00
|
|
|
}
|
2019-10-09 15:17:29 +00:00
|
|
|
|
2019-10-15 19:14:25 +00:00
|
|
|
if handlerErr != nil {
|
|
|
|
return nil, CodedError(500, handlerErr.Error())
|
|
|
|
}
|
|
|
|
httpPipe, handlerPipe := net.Pipe()
|
|
|
|
decoder := codec.NewDecoder(httpPipe, structs.MsgpackHandle)
|
|
|
|
encoder := codec.NewEncoder(httpPipe, structs.MsgpackHandle)
|
|
|
|
|
2019-10-24 16:47:46 +00:00
|
|
|
ctx, cancel := context.WithCancel(req.Context())
|
2019-10-15 19:14:25 +00:00
|
|
|
go func() {
|
|
|
|
<-ctx.Done()
|
|
|
|
httpPipe.Close()
|
|
|
|
}()
|
|
|
|
|
2019-10-25 18:25:19 +00:00
|
|
|
// Create an output that gets flushed on every write
|
2019-10-15 19:14:25 +00:00
|
|
|
output := ioutils.NewWriteFlusher(resp)
|
|
|
|
|
2019-10-25 14:58:54 +00:00
|
|
|
// create an error channel to handle errors
|
2019-10-15 19:14:25 +00:00
|
|
|
errCh := make(chan HTTPCodedError, 2)
|
|
|
|
|
2019-10-25 14:58:54 +00:00
|
|
|
// stream response
|
2019-10-15 19:14:25 +00:00
|
|
|
go func() {
|
|
|
|
defer cancel()
|
|
|
|
|
|
|
|
// Send the request
|
|
|
|
if err := encoder.Encode(args); err != nil {
|
|
|
|
errCh <- CodedError(500, err.Error())
|
|
|
|
return
|
2019-10-10 19:30:37 +00:00
|
|
|
}
|
|
|
|
|
2019-10-15 19:14:25 +00:00
|
|
|
for {
|
|
|
|
select {
|
|
|
|
case <-ctx.Done():
|
|
|
|
errCh <- nil
|
|
|
|
return
|
|
|
|
default:
|
|
|
|
}
|
2019-10-10 19:30:37 +00:00
|
|
|
|
2019-10-15 19:14:25 +00:00
|
|
|
var res cstructs.StreamErrWrapper
|
|
|
|
if err := decoder.Decode(&res); err != nil {
|
2019-10-10 19:30:37 +00:00
|
|
|
errCh <- CodedError(500, err.Error())
|
|
|
|
return
|
|
|
|
}
|
2019-10-15 19:14:25 +00:00
|
|
|
decoder.Reset(httpPipe)
|
2019-10-07 19:52:26 +00:00
|
|
|
|
2019-10-15 19:14:25 +00:00
|
|
|
if err := res.Error; err != nil {
|
|
|
|
if err.Code != nil {
|
|
|
|
errCh <- CodedError(int(*err.Code), err.Error())
|
2019-10-10 19:30:37 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
2019-10-07 19:52:26 +00:00
|
|
|
|
2019-10-15 19:14:25 +00:00
|
|
|
if _, err := io.Copy(output, bytes.NewReader(res.Payload)); err != nil {
|
|
|
|
errCh <- CodedError(500, err.Error())
|
|
|
|
return
|
2019-10-07 19:52:26 +00:00
|
|
|
}
|
|
|
|
}
|
2019-10-15 19:14:25 +00:00
|
|
|
}()
|
2019-10-07 19:52:26 +00:00
|
|
|
|
2019-10-15 19:14:25 +00:00
|
|
|
handler(handlerPipe)
|
|
|
|
cancel()
|
|
|
|
codedErr := <-errCh
|
2019-10-09 15:17:29 +00:00
|
|
|
|
2019-10-15 19:14:25 +00:00
|
|
|
if codedErr != nil &&
|
|
|
|
(codedErr == io.EOF ||
|
|
|
|
strings.Contains(codedErr.Error(), "closed") ||
|
|
|
|
strings.Contains(codedErr.Error(), "EOF")) {
|
|
|
|
codedErr = nil
|
2019-10-07 19:52:26 +00:00
|
|
|
}
|
2019-10-15 19:14:25 +00:00
|
|
|
return nil, codedErr
|
2019-10-07 19:52:26 +00:00
|
|
|
}
|
2019-10-09 15:17:29 +00:00
|
|
|
|
2015-09-07 02:08:05 +00:00
|
|
|
func (s *HTTPServer) AgentForceLeaveRequest(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
if req.Method != "PUT" && req.Method != "POST" {
|
|
|
|
return nil, CodedError(405, ErrInvalidMethod)
|
|
|
|
}
|
|
|
|
srv := s.agent.Server()
|
|
|
|
if srv == nil {
|
|
|
|
return nil, CodedError(501, ErrInvalidMethod)
|
|
|
|
}
|
|
|
|
|
2017-10-06 19:02:53 +00:00
|
|
|
var secret string
|
|
|
|
s.parseToken(req, &secret)
|
|
|
|
|
|
|
|
// Check agent write permissions
|
2017-10-09 22:49:04 +00:00
|
|
|
if aclObj, err := s.agent.Server().ResolveToken(secret); err != nil {
|
2017-10-06 19:02:53 +00:00
|
|
|
return nil, err
|
|
|
|
} else if aclObj != nil && !aclObj.AllowAgentWrite() {
|
|
|
|
return nil, structs.ErrPermissionDenied
|
|
|
|
}
|
|
|
|
|
2015-09-07 02:08:05 +00:00
|
|
|
// Get the node to eject
|
|
|
|
node := req.URL.Query().Get("node")
|
|
|
|
if node == "" {
|
|
|
|
return nil, CodedError(400, "missing node to force leave")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Attempt remove
|
|
|
|
err := srv.RemoveFailedNode(node)
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2019-12-11 19:58:41 +00:00
|
|
|
func (s *HTTPServer) AgentPprofRequest(resp http.ResponseWriter, req *http.Request) ([]byte, error) {
|
2019-12-04 13:36:12 +00:00
|
|
|
path := strings.TrimPrefix(req.URL.Path, "/v1/agent/pprof/")
|
|
|
|
switch {
|
|
|
|
case path == "":
|
2019-12-09 15:55:43 +00:00
|
|
|
// no root index route
|
2019-12-04 13:36:12 +00:00
|
|
|
return nil, CodedError(404, ErrInvalidMethod)
|
|
|
|
case path == "cmdline":
|
2019-12-10 16:13:22 +00:00
|
|
|
return s.agentPprof(profile.CmdReq, resp, req)
|
2019-12-04 13:36:12 +00:00
|
|
|
case path == "profile":
|
2019-12-10 16:13:22 +00:00
|
|
|
return s.agentPprof(profile.CPUReq, resp, req)
|
2019-12-04 13:36:12 +00:00
|
|
|
case path == "trace":
|
2019-12-10 16:13:22 +00:00
|
|
|
return s.agentPprof(profile.TraceReq, resp, req)
|
2019-12-04 13:36:12 +00:00
|
|
|
default:
|
2019-12-09 15:55:43 +00:00
|
|
|
// Add profile to request
|
2019-12-10 20:18:57 +00:00
|
|
|
values := req.URL.Query()
|
|
|
|
values.Add("profile", path)
|
|
|
|
req.URL.RawQuery = values.Encode()
|
|
|
|
|
2019-12-04 13:36:12 +00:00
|
|
|
// generic pprof profile request
|
2019-12-10 16:13:22 +00:00
|
|
|
return s.agentPprof(profile.LookupReq, resp, req)
|
2019-12-04 13:36:12 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-12-11 19:58:41 +00:00
|
|
|
func (s *HTTPServer) agentPprof(reqType profile.ReqType, resp http.ResponseWriter, req *http.Request) ([]byte, error) {
|
2019-12-04 13:36:12 +00:00
|
|
|
var secret string
|
|
|
|
s.parseToken(req, &secret)
|
|
|
|
|
2019-12-10 16:13:22 +00:00
|
|
|
// Check agent write permissions
|
|
|
|
aclObj, err := s.agent.Server().ResolveToken(secret)
|
|
|
|
if err != nil {
|
2019-12-04 13:36:12 +00:00
|
|
|
return nil, err
|
|
|
|
} else if aclObj != nil && !aclObj.AllowAgentWrite() {
|
|
|
|
return nil, structs.ErrPermissionDenied
|
|
|
|
}
|
|
|
|
|
2019-12-10 16:13:22 +00:00
|
|
|
enableDebug := s.agent.GetConfig().EnableDebug
|
|
|
|
|
|
|
|
// ACLs not enabled
|
|
|
|
if aclObj == nil {
|
|
|
|
// If debug is not explicitly enabled
|
|
|
|
// return unauthorized
|
|
|
|
if enableDebug == false {
|
|
|
|
return nil, structs.ErrPermissionDenied
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-12-04 13:36:12 +00:00
|
|
|
// Parse profile duration, default to 1 second
|
2019-12-09 15:55:43 +00:00
|
|
|
secondsParam := req.URL.Query().Get("seconds")
|
2019-12-04 13:36:12 +00:00
|
|
|
var seconds int
|
|
|
|
if secondsParam == "" {
|
|
|
|
seconds = 1
|
|
|
|
} else {
|
2019-12-11 19:58:41 +00:00
|
|
|
seconds, err = strconv.Atoi(secondsParam)
|
2019-12-04 13:36:12 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, CodedError(400, err.Error())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Create the request
|
2019-12-12 20:10:32 +00:00
|
|
|
args := &structs.AgentPprofRequest{
|
2019-12-09 15:55:43 +00:00
|
|
|
NodeID: req.URL.Query().Get("node_id"),
|
2019-12-10 16:13:22 +00:00
|
|
|
Profile: req.URL.Query().Get("profile"),
|
2019-12-09 15:55:43 +00:00
|
|
|
ServerID: req.URL.Query().Get("server_id"),
|
2019-12-10 16:13:22 +00:00
|
|
|
ReqType: reqType,
|
2019-12-04 13:36:12 +00:00
|
|
|
Seconds: seconds,
|
|
|
|
}
|
|
|
|
|
|
|
|
// if node and server were requested return error
|
|
|
|
if args.NodeID != "" && args.ServerID != "" {
|
|
|
|
return nil, CodedError(400, "Cannot target node and server simultaneously")
|
|
|
|
}
|
|
|
|
|
|
|
|
s.parse(resp, req, &args.QueryOptions.Region, &args.QueryOptions)
|
|
|
|
|
2019-12-12 20:10:32 +00:00
|
|
|
var reply structs.AgentPprofResponse
|
2019-12-04 13:36:12 +00:00
|
|
|
var rpcErr error
|
|
|
|
if args.NodeID != "" {
|
|
|
|
// Make the RPC
|
2019-12-09 15:55:43 +00:00
|
|
|
localClient, remoteClient, localServer := s.rpcHandlerForNode(args.NodeID)
|
2019-12-04 13:36:12 +00:00
|
|
|
if localClient {
|
|
|
|
rpcErr = s.agent.Client().ClientRPC("Agent.Profile", &args, &reply)
|
|
|
|
} else if remoteClient {
|
|
|
|
rpcErr = s.agent.Client().RPC("Agent.Profile", &args, &reply)
|
|
|
|
} else if localServer {
|
|
|
|
rpcErr = s.agent.Server().RPC("Agent.Profile", &args, &reply)
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
// No node id request server
|
|
|
|
rpcErr = s.agent.Server().RPC("Agent.Profile", &args, &reply)
|
|
|
|
}
|
|
|
|
|
|
|
|
if rpcErr != nil {
|
2019-12-10 20:18:57 +00:00
|
|
|
code, msg, ok := structs.CodeFromRPCCodedErr(rpcErr)
|
|
|
|
if !ok {
|
|
|
|
return nil, CodedError(500, rpcErr.Error())
|
|
|
|
}
|
|
|
|
// Return CodedError
|
|
|
|
return nil, CodedError(code, msg)
|
2019-12-04 13:36:12 +00:00
|
|
|
}
|
|
|
|
|
2019-12-11 19:58:41 +00:00
|
|
|
// Set headers from profile request
|
|
|
|
for k, v := range reply.HTTPHeaders {
|
|
|
|
resp.Header().Set(k, v)
|
2019-12-10 20:18:57 +00:00
|
|
|
}
|
2019-12-11 19:58:41 +00:00
|
|
|
|
2019-12-04 13:36:12 +00:00
|
|
|
return reply.Payload, nil
|
|
|
|
}
|
|
|
|
|
2016-06-01 07:34:46 +00:00
|
|
|
// AgentServersRequest is used to query the list of servers used by the Nomad
|
|
|
|
// Client for RPCs. This endpoint can also be used to update the list of
|
|
|
|
// servers for a given agent.
|
2015-09-25 03:39:03 +00:00
|
|
|
func (s *HTTPServer) AgentServersRequest(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
switch req.Method {
|
|
|
|
case "PUT", "POST":
|
|
|
|
return s.updateServers(resp, req)
|
|
|
|
case "GET":
|
|
|
|
return s.listServers(resp, req)
|
|
|
|
default:
|
|
|
|
return nil, CodedError(405, ErrInvalidMethod)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (s *HTTPServer) listServers(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
client := s.agent.Client()
|
|
|
|
if client == nil {
|
|
|
|
return nil, CodedError(501, ErrInvalidMethod)
|
|
|
|
}
|
|
|
|
|
2017-10-06 19:02:53 +00:00
|
|
|
var secret string
|
|
|
|
s.parseToken(req, &secret)
|
|
|
|
|
|
|
|
// Check agent read permissions
|
|
|
|
if aclObj, err := s.agent.Client().ResolveToken(secret); err != nil {
|
|
|
|
return nil, err
|
|
|
|
} else if aclObj != nil && !aclObj.AllowAgentRead() {
|
|
|
|
return nil, structs.ErrPermissionDenied
|
|
|
|
}
|
|
|
|
|
2016-09-22 00:06:52 +00:00
|
|
|
peers := s.agent.client.GetServers()
|
2017-09-14 17:04:48 +00:00
|
|
|
sort.Strings(peers)
|
2016-05-23 18:09:31 +00:00
|
|
|
return peers, nil
|
2015-09-25 03:39:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *HTTPServer) updateServers(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
client := s.agent.Client()
|
|
|
|
if client == nil {
|
|
|
|
return nil, CodedError(501, ErrInvalidMethod)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the servers from the request
|
|
|
|
servers := req.URL.Query()["address"]
|
|
|
|
if len(servers) == 0 {
|
|
|
|
return nil, CodedError(400, "missing server address")
|
|
|
|
}
|
|
|
|
|
2017-10-06 19:02:53 +00:00
|
|
|
var secret string
|
|
|
|
s.parseToken(req, &secret)
|
|
|
|
|
|
|
|
// Check agent write permissions
|
|
|
|
if aclObj, err := s.agent.Client().ResolveToken(secret); err != nil {
|
|
|
|
return nil, err
|
|
|
|
} else if aclObj != nil && !aclObj.AllowAgentWrite() {
|
|
|
|
return nil, structs.ErrPermissionDenied
|
|
|
|
}
|
|
|
|
|
2015-09-25 03:39:03 +00:00
|
|
|
// Set the servers list into the client
|
2018-09-13 17:43:40 +00:00
|
|
|
s.agent.logger.Trace("adding servers to the client's primary server list", "servers", servers, "path", "/v1/agent/servers", "method", "PUT")
|
2018-05-11 19:52:05 +00:00
|
|
|
if _, err := client.SetServers(servers); err != nil {
|
2018-09-13 17:43:40 +00:00
|
|
|
s.agent.logger.Error("failed adding servers to client's server list", "servers", servers, "error", err, "path", "/v1/agent/servers", "method", "PUT")
|
2016-09-22 00:06:52 +00:00
|
|
|
//TODO is this the right error to return?
|
|
|
|
return nil, CodedError(400, err.Error())
|
2016-05-23 18:09:31 +00:00
|
|
|
}
|
2015-09-25 03:39:03 +00:00
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
2016-10-17 17:48:04 +00:00
|
|
|
// KeyringOperationRequest allows an operator to install/delete/use keys
|
|
|
|
func (s *HTTPServer) KeyringOperationRequest(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
srv := s.agent.Server()
|
|
|
|
if srv == nil {
|
|
|
|
return nil, CodedError(501, ErrInvalidMethod)
|
|
|
|
}
|
|
|
|
|
2017-10-06 19:02:53 +00:00
|
|
|
var secret string
|
|
|
|
s.parseToken(req, &secret)
|
|
|
|
|
|
|
|
// Check agent write permissions
|
2017-10-09 23:09:44 +00:00
|
|
|
if aclObj, err := srv.ResolveToken(secret); err != nil {
|
2017-10-06 19:02:53 +00:00
|
|
|
return nil, err
|
|
|
|
} else if aclObj != nil && !aclObj.AllowAgentWrite() {
|
|
|
|
return nil, structs.ErrPermissionDenied
|
|
|
|
}
|
|
|
|
|
2016-10-17 17:48:04 +00:00
|
|
|
kmgr := srv.KeyManager()
|
|
|
|
var sresp *serf.KeyResponse
|
|
|
|
var err error
|
|
|
|
|
|
|
|
// Get the key from the req body
|
|
|
|
var args structs.KeyringRequest
|
|
|
|
|
|
|
|
//Get the op
|
|
|
|
op := strings.TrimPrefix(req.URL.Path, "/v1/agent/keyring/")
|
|
|
|
|
|
|
|
switch op {
|
|
|
|
case "list":
|
|
|
|
sresp, err = kmgr.ListKeys()
|
|
|
|
case "install":
|
|
|
|
if err := decodeBody(req, &args); err != nil {
|
|
|
|
return nil, CodedError(500, err.Error())
|
|
|
|
}
|
|
|
|
sresp, err = kmgr.InstallKey(args.Key)
|
|
|
|
case "use":
|
|
|
|
if err := decodeBody(req, &args); err != nil {
|
|
|
|
return nil, CodedError(500, err.Error())
|
|
|
|
}
|
|
|
|
sresp, err = kmgr.UseKey(args.Key)
|
|
|
|
case "remove":
|
|
|
|
if err := decodeBody(req, &args); err != nil {
|
|
|
|
return nil, CodedError(500, err.Error())
|
|
|
|
}
|
|
|
|
sresp, err = kmgr.RemoveKey(args.Key)
|
|
|
|
default:
|
|
|
|
return nil, CodedError(404, "resource not found")
|
|
|
|
}
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
kresp := structs.KeyringResponse{
|
|
|
|
Messages: sresp.Messages,
|
|
|
|
Keys: sresp.Keys,
|
|
|
|
NumNodes: sresp.NumNodes,
|
|
|
|
}
|
|
|
|
return kresp, nil
|
|
|
|
}
|
|
|
|
|
2015-09-07 02:08:05 +00:00
|
|
|
type agentSelf struct {
|
|
|
|
Config *Config `json:"config"`
|
2015-09-11 22:19:26 +00:00
|
|
|
Member Member `json:"member,omitempty"`
|
2015-09-07 02:08:05 +00:00
|
|
|
Stats map[string]map[string]string `json:"stats"`
|
|
|
|
}
|
|
|
|
|
|
|
|
type joinResult struct {
|
|
|
|
NumJoined int `json:"num_joined"`
|
|
|
|
Error string `json:"error"`
|
|
|
|
}
|
2017-10-13 22:37:44 +00:00
|
|
|
|
|
|
|
func (s *HTTPServer) HealthRequest(resp http.ResponseWriter, req *http.Request) (interface{}, error) {
|
|
|
|
if req.Method != "GET" {
|
|
|
|
return nil, CodedError(405, ErrInvalidMethod)
|
|
|
|
}
|
|
|
|
|
|
|
|
var args structs.GenericRequest
|
|
|
|
if s.parse(resp, req, &args.Region, &args.QueryOptions) {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
health := healthResponse{}
|
|
|
|
getClient := true
|
|
|
|
getServer := true
|
|
|
|
|
|
|
|
// See if we're checking a specific agent type and default to failing
|
|
|
|
if healthType, ok := req.URL.Query()["type"]; ok {
|
|
|
|
getClient = false
|
|
|
|
getServer = false
|
|
|
|
for _, ht := range healthType {
|
|
|
|
switch ht {
|
|
|
|
case "client":
|
|
|
|
getClient = true
|
|
|
|
health.Client = &healthResponseAgent{
|
|
|
|
Ok: false,
|
|
|
|
Message: "client not enabled",
|
|
|
|
}
|
|
|
|
case "server":
|
|
|
|
getServer = true
|
|
|
|
health.Server = &healthResponseAgent{
|
|
|
|
Ok: false,
|
|
|
|
Message: "server not enabled",
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// If we should check the client and it exists assume it's healthy
|
|
|
|
if client := s.agent.Client(); getClient && client != nil {
|
2017-10-13 23:25:25 +00:00
|
|
|
if len(client.GetServers()) == 0 {
|
|
|
|
health.Client = &healthResponseAgent{
|
|
|
|
Ok: false,
|
|
|
|
Message: "no known servers",
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
health.Client = &healthResponseAgent{
|
|
|
|
Ok: true,
|
|
|
|
Message: "ok",
|
|
|
|
}
|
2017-10-13 22:37:44 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// If we should check the server and it exists, see if there's a leader
|
|
|
|
if server := s.agent.Server(); getServer && server != nil {
|
|
|
|
health.Server = &healthResponseAgent{
|
|
|
|
Ok: true,
|
|
|
|
Message: "ok",
|
|
|
|
}
|
|
|
|
|
|
|
|
leader := ""
|
|
|
|
if err := s.agent.RPC("Status.Leader", &args, &leader); err != nil {
|
|
|
|
health.Server.Ok = false
|
|
|
|
health.Server.Message = err.Error()
|
|
|
|
} else if leader == "" {
|
|
|
|
health.Server.Ok = false
|
|
|
|
health.Server.Message = "no leader"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-10-13 23:25:25 +00:00
|
|
|
if health.ok() {
|
|
|
|
return &health, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
jsonResp, err := json.Marshal(&health)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
2017-10-13 22:37:44 +00:00
|
|
|
}
|
2017-10-13 23:25:25 +00:00
|
|
|
return nil, CodedError(500, string(jsonResp))
|
2017-10-13 22:37:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type healthResponse struct {
|
|
|
|
Client *healthResponseAgent `json:"client,omitempty"`
|
|
|
|
Server *healthResponseAgent `json:"server,omitempty"`
|
|
|
|
}
|
|
|
|
|
|
|
|
// ok returns true as long as neither Client nor Server have Ok=false.
|
|
|
|
func (h healthResponse) ok() bool {
|
|
|
|
if h.Client != nil && !h.Client.Ok {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
if h.Server != nil && !h.Server.Ok {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
|
|
|
|
type healthResponseAgent struct {
|
|
|
|
Ok bool `json:"ok"`
|
|
|
|
Message string `json:"message,omitempty"`
|
|
|
|
}
|