2023-04-10 15:36:59 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2019-10-10 19:30:37 +00:00
|
|
|
package client
|
|
|
|
|
|
|
|
import (
|
2019-10-31 13:59:24 +00:00
|
|
|
"bytes"
|
2019-10-10 19:30:37 +00:00
|
|
|
"context"
|
|
|
|
"errors"
|
|
|
|
"io"
|
|
|
|
"time"
|
|
|
|
|
2023-05-01 21:18:34 +00:00
|
|
|
"github.com/hashicorp/go-msgpack/codec"
|
2021-03-22 14:12:42 +00:00
|
|
|
|
2020-07-02 13:51:25 +00:00
|
|
|
"github.com/hashicorp/nomad/command/agent/host"
|
2019-10-15 19:14:25 +00:00
|
|
|
"github.com/hashicorp/nomad/command/agent/monitor"
|
2019-12-19 16:41:55 +00:00
|
|
|
"github.com/hashicorp/nomad/command/agent/pprof"
|
2022-08-17 16:26:34 +00:00
|
|
|
"github.com/hashicorp/nomad/helper/pointer"
|
2019-10-10 19:30:37 +00:00
|
|
|
"github.com/hashicorp/nomad/nomad/structs"
|
|
|
|
|
2023-12-08 13:47:02 +00:00
|
|
|
metrics "github.com/armon/go-metrics"
|
2019-10-10 19:30:37 +00:00
|
|
|
log "github.com/hashicorp/go-hclog"
|
2021-03-22 14:12:42 +00:00
|
|
|
|
2019-10-31 13:59:24 +00:00
|
|
|
sframer "github.com/hashicorp/nomad/client/lib/streamframer"
|
2019-10-10 19:30:37 +00:00
|
|
|
cstructs "github.com/hashicorp/nomad/client/structs"
|
|
|
|
)
|
|
|
|
|
2019-10-30 13:28:24 +00:00
|
|
|
type Agent struct {
|
2019-10-10 19:30:37 +00:00
|
|
|
c *Client
|
|
|
|
}
|
|
|
|
|
2019-10-30 13:36:39 +00:00
|
|
|
func NewAgentEndpoint(c *Client) *Agent {
|
2019-12-10 20:18:57 +00:00
|
|
|
a := &Agent{c: c}
|
|
|
|
a.c.streamingRpcs.Register("Agent.Monitor", a.monitor)
|
|
|
|
return a
|
2019-10-10 19:30:37 +00:00
|
|
|
}
|
|
|
|
|
2019-12-12 20:10:32 +00:00
|
|
|
func (a *Agent) Profile(args *structs.AgentPprofRequest, reply *structs.AgentPprofResponse) error {
|
2019-12-10 20:18:57 +00:00
|
|
|
// Check ACL for agent write
|
2019-12-13 18:41:55 +00:00
|
|
|
aclObj, err := a.c.ResolveToken(args.AuthToken)
|
|
|
|
if err != nil {
|
2019-12-12 21:52:13 +00:00
|
|
|
return err
|
2019-12-10 20:18:57 +00:00
|
|
|
} else if aclObj != nil && !aclObj.AllowAgentWrite() {
|
2019-12-12 21:52:13 +00:00
|
|
|
return structs.ErrPermissionDenied
|
2019-12-10 20:18:57 +00:00
|
|
|
}
|
|
|
|
|
2019-12-13 18:41:55 +00:00
|
|
|
// If ACLs are disabled, EnableDebug must be enabled
|
2022-08-18 23:32:04 +00:00
|
|
|
if aclObj == nil && !a.c.GetConfig().EnableDebug {
|
2019-12-19 16:41:55 +00:00
|
|
|
return structs.ErrPermissionDenied
|
2019-12-13 18:41:55 +00:00
|
|
|
}
|
|
|
|
|
2019-12-04 13:36:12 +00:00
|
|
|
var resp []byte
|
2019-12-11 19:58:41 +00:00
|
|
|
var headers map[string]string
|
2019-12-09 15:55:43 +00:00
|
|
|
|
2019-12-12 20:10:32 +00:00
|
|
|
// Determine which profile to run and generate profile.
|
|
|
|
// Blocks for args.Seconds
|
|
|
|
// Our RPC endpoints currently don't support context
|
|
|
|
// or request cancellation so stubbing with TODO
|
2019-12-04 13:36:12 +00:00
|
|
|
switch args.ReqType {
|
2019-12-19 16:41:55 +00:00
|
|
|
case pprof.CPUReq:
|
|
|
|
resp, headers, err = pprof.CPUProfile(context.TODO(), args.Seconds)
|
|
|
|
case pprof.CmdReq:
|
|
|
|
resp, headers, err = pprof.Cmdline()
|
|
|
|
case pprof.LookupReq:
|
|
|
|
resp, headers, err = pprof.Profile(args.Profile, args.Debug, args.GC)
|
|
|
|
case pprof.TraceReq:
|
|
|
|
resp, headers, err = pprof.Trace(context.TODO(), args.Seconds)
|
2019-12-04 13:36:12 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if err != nil {
|
2019-12-19 16:41:55 +00:00
|
|
|
if pprof.IsErrProfileNotFound(err) {
|
2019-12-09 15:55:43 +00:00
|
|
|
return structs.NewErrRPCCoded(404, err.Error())
|
|
|
|
}
|
|
|
|
return structs.NewErrRPCCoded(500, err.Error())
|
2019-12-04 13:36:12 +00:00
|
|
|
}
|
2019-12-09 15:55:43 +00:00
|
|
|
|
|
|
|
// Copy profile response to reply
|
2019-12-04 13:36:12 +00:00
|
|
|
reply.Payload = resp
|
2019-12-10 20:18:57 +00:00
|
|
|
reply.AgentID = a.c.NodeID()
|
2019-12-11 19:58:41 +00:00
|
|
|
reply.HTTPHeaders = headers
|
2019-12-04 13:36:12 +00:00
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2019-12-10 20:18:57 +00:00
|
|
|
func (a *Agent) monitor(conn io.ReadWriteCloser) {
|
2019-11-04 19:17:15 +00:00
|
|
|
defer metrics.MeasureSince([]string{"client", "agent", "monitor"}, time.Now())
|
2019-10-15 14:33:07 +00:00
|
|
|
defer conn.Close()
|
2019-10-10 19:30:37 +00:00
|
|
|
|
|
|
|
// Decode arguments
|
2019-10-24 16:47:46 +00:00
|
|
|
var args cstructs.MonitorRequest
|
2019-10-10 19:30:37 +00:00
|
|
|
decoder := codec.NewDecoder(conn, structs.MsgpackHandle)
|
|
|
|
encoder := codec.NewEncoder(conn, structs.MsgpackHandle)
|
|
|
|
|
2019-10-24 16:47:46 +00:00
|
|
|
if err := decoder.Decode(&args); err != nil {
|
2022-08-17 16:26:34 +00:00
|
|
|
handleStreamResultError(err, pointer.Of(int64(500)), encoder)
|
2019-10-10 19:30:37 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check acl
|
2019-12-10 20:18:57 +00:00
|
|
|
if aclObj, err := a.c.ResolveToken(args.AuthToken); err != nil {
|
2022-08-17 16:26:34 +00:00
|
|
|
handleStreamResultError(err, pointer.Of(int64(403)), encoder)
|
2019-10-10 19:30:37 +00:00
|
|
|
return
|
2019-10-25 18:25:19 +00:00
|
|
|
} else if aclObj != nil && !aclObj.AllowAgentRead() {
|
2022-08-17 16:26:34 +00:00
|
|
|
handleStreamResultError(structs.ErrPermissionDenied, pointer.Of(int64(403)), encoder)
|
2019-10-10 19:30:37 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-10-30 13:36:39 +00:00
|
|
|
logLevel := log.LevelFromString(args.LogLevel)
|
2019-10-24 16:47:46 +00:00
|
|
|
if args.LogLevel == "" {
|
2019-10-10 19:30:37 +00:00
|
|
|
logLevel = log.LevelFromString("INFO")
|
|
|
|
}
|
|
|
|
|
|
|
|
if logLevel == log.NoLevel {
|
2022-08-17 16:26:34 +00:00
|
|
|
handleStreamResultError(errors.New("Unknown log level"), pointer.Of(int64(400)), encoder)
|
2019-10-10 19:30:37 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
|
|
defer cancel()
|
|
|
|
|
2019-12-10 20:18:57 +00:00
|
|
|
monitor := monitor.New(512, a.c.logger, &log.LoggerOptions{
|
2023-10-20 07:35:54 +00:00
|
|
|
JSONFormat: args.LogJSON,
|
|
|
|
Level: logLevel,
|
|
|
|
IncludeLocation: args.LogIncludeLocation,
|
2019-10-10 19:30:37 +00:00
|
|
|
})
|
|
|
|
|
2019-10-31 13:59:24 +00:00
|
|
|
frames := make(chan *sframer.StreamFrame, streamFramesBuffer)
|
|
|
|
errCh := make(chan error)
|
|
|
|
var buf bytes.Buffer
|
2021-04-02 13:31:10 +00:00
|
|
|
frameCodec := codec.NewEncoder(&buf, structs.JsonHandle)
|
2019-10-31 13:59:24 +00:00
|
|
|
|
|
|
|
framer := sframer.NewStreamFramer(frames, 1*time.Second, 200*time.Millisecond, 1024)
|
|
|
|
framer.Run()
|
2019-12-04 13:36:12 +00:00
|
|
|
|
2019-10-31 13:59:24 +00:00
|
|
|
defer framer.Destroy()
|
|
|
|
|
|
|
|
// goroutine to detect remote side closing
|
2019-10-10 19:30:37 +00:00
|
|
|
go func() {
|
2019-10-15 19:14:25 +00:00
|
|
|
if _, err := conn.Read(nil); err != nil {
|
2019-10-24 16:47:46 +00:00
|
|
|
// One end of the pipe explicitly closed, exit
|
2019-10-15 19:14:25 +00:00
|
|
|
cancel()
|
|
|
|
return
|
|
|
|
}
|
2020-12-09 19:05:18 +00:00
|
|
|
<-ctx.Done()
|
2019-10-10 19:30:37 +00:00
|
|
|
}()
|
|
|
|
|
2019-11-05 14:16:51 +00:00
|
|
|
logCh := monitor.Start()
|
|
|
|
defer monitor.Stop()
|
2019-10-31 13:59:24 +00:00
|
|
|
initialOffset := int64(0)
|
|
|
|
|
|
|
|
// receive logs and build frames
|
|
|
|
go func() {
|
|
|
|
defer framer.Destroy()
|
|
|
|
LOOP:
|
|
|
|
for {
|
|
|
|
select {
|
|
|
|
case log := <-logCh:
|
|
|
|
if err := framer.Send("", "log", log, initialOffset); err != nil {
|
|
|
|
select {
|
|
|
|
case errCh <- err:
|
|
|
|
case <-ctx.Done():
|
|
|
|
}
|
|
|
|
break LOOP
|
|
|
|
}
|
|
|
|
case <-ctx.Done():
|
|
|
|
break LOOP
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}()
|
2019-10-15 19:14:25 +00:00
|
|
|
|
2019-10-10 19:30:37 +00:00
|
|
|
var streamErr error
|
|
|
|
OUTER:
|
|
|
|
for {
|
|
|
|
select {
|
2019-10-31 13:59:24 +00:00
|
|
|
case frame, ok := <-frames:
|
|
|
|
if !ok {
|
|
|
|
// frame may have been closed when an error
|
|
|
|
// occurred. Check once more for an error.
|
|
|
|
select {
|
|
|
|
case streamErr = <-errCh:
|
|
|
|
// There was a pending error!
|
|
|
|
default:
|
|
|
|
// No error, continue on
|
|
|
|
}
|
|
|
|
|
|
|
|
break OUTER
|
|
|
|
}
|
|
|
|
|
2019-10-10 19:30:37 +00:00
|
|
|
var resp cstructs.StreamErrWrapper
|
2019-10-31 13:59:24 +00:00
|
|
|
if args.PlainText {
|
|
|
|
resp.Payload = frame.Data
|
|
|
|
} else {
|
|
|
|
if err := frameCodec.Encode(frame); err != nil {
|
|
|
|
streamErr = err
|
|
|
|
break OUTER
|
|
|
|
}
|
|
|
|
|
|
|
|
resp.Payload = buf.Bytes()
|
|
|
|
buf.Reset()
|
|
|
|
}
|
|
|
|
|
2019-10-10 19:30:37 +00:00
|
|
|
if err := encoder.Encode(resp); err != nil {
|
|
|
|
streamErr = err
|
|
|
|
break OUTER
|
|
|
|
}
|
|
|
|
encoder.Reset(conn)
|
|
|
|
case <-ctx.Done():
|
|
|
|
break OUTER
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if streamErr != nil {
|
2022-08-17 16:26:34 +00:00
|
|
|
handleStreamResultError(streamErr, pointer.Of(int64(500)), encoder)
|
2019-11-04 19:32:53 +00:00
|
|
|
return
|
2019-10-10 19:30:37 +00:00
|
|
|
}
|
|
|
|
}
|
2020-07-02 13:51:25 +00:00
|
|
|
|
|
|
|
// Host collects data about the host evironment running the agent
|
2020-08-31 21:14:26 +00:00
|
|
|
func (a *Agent) Host(args *structs.HostDataRequest, reply *structs.HostDataResponse) error {
|
2020-07-02 13:51:25 +00:00
|
|
|
aclObj, err := a.c.ResolveToken(args.AuthToken)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if (aclObj != nil && !aclObj.AllowAgentRead()) ||
|
2022-08-18 23:32:04 +00:00
|
|
|
(aclObj == nil && !a.c.GetConfig().EnableDebug) {
|
2020-07-02 13:51:25 +00:00
|
|
|
return structs.ErrPermissionDenied
|
|
|
|
}
|
|
|
|
|
|
|
|
data, err := host.MakeHostData()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
reply.AgentID = a.c.NodeID()
|
|
|
|
reply.HostData = data
|
|
|
|
return nil
|
|
|
|
}
|