agent: thread through ACL config to Server
This commit is contained in:
Armon Dadgar
parent
9cd8ac832f
commit
7d4aa1975f
|
|
@ -106,6 +106,15 @@ func convertServerConfig(agentConfig *Config, logOutput io.Writer) (*nomad.Confi
|
|||
if agentConfig.Region != "" {
|
||||
conf.Region = agentConfig.Region
|
||||
}
|
||||
|
||||
// Set the Authoritative Region if set, otherwise default to
|
||||
// the same as the local region.
|
||||
if agentConfig.Server.AuthoritativeRegion != "" {
|
||||
conf.AuthoritativeRegion = agentConfig.Server.AuthoritativeRegion
|
||||
} else if agentConfig.Region != "" {
|
||||
conf.AuthoritativeRegion = agentConfig.Region
|
||||
}
|
||||
|
||||
if agentConfig.Datacenter != "" {
|
||||
conf.Datacenter = agentConfig.Datacenter
|
||||
}
|
||||
|
|
@ -134,6 +143,9 @@ func convertServerConfig(agentConfig *Config, logOutput io.Writer) (*nomad.Confi
|
|||
if len(agentConfig.Server.EnabledSchedulers) != 0 {
|
||||
conf.EnabledSchedulers = agentConfig.Server.EnabledSchedulers
|
||||
}
|
||||
if agentConfig.ACL.Enabled {
|
||||
conf.ACLEnabled = true
|
||||
}
|
||||
|
||||
// Set up the bind addresses
|
||||
rpcAddr, err := net.ResolveTCPAddr("tcp", agentConfig.normalizedAddrs.RPC)
|
||||
|
|
|
|||
|
|
@ -57,6 +57,7 @@ func TestAgent_ServerConfig(t *testing.T) {
|
|||
conf.AdvertiseAddrs.Serf = "127.0.0.1:4000"
|
||||
conf.AdvertiseAddrs.RPC = "127.0.0.1:4001"
|
||||
conf.AdvertiseAddrs.HTTP = "10.10.11.1:4005"
|
||||
conf.ACL.Enabled = true
|
||||
|
||||
// Parses the advertise addrs correctly
|
||||
if err := conf.normalizeAddrs(); err != nil {
|
||||
|
|
@ -74,6 +75,12 @@ func TestAgent_ServerConfig(t *testing.T) {
|
|||
if serfPort != 4000 {
|
||||
t.Fatalf("expected 4000, got: %d", serfPort)
|
||||
}
|
||||
if out.AuthoritativeRegion != "global" {
|
||||
t.Fatalf("bad: %#v", out.AuthoritativeRegion)
|
||||
}
|
||||
if !out.ACLEnabled {
|
||||
t.Fatalf("ACL not enabled")
|
||||
}
|
||||
|
||||
// Assert addresses weren't changed
|
||||
if addr := conf.AdvertiseAddrs.RPC; addr != "127.0.0.1:4001" {
|
||||
|
|
|
|||
|
|
@ -101,6 +101,10 @@ type Config struct {
|
|||
// Region is the region this Nomad server belongs to.
|
||||
Region string
|
||||
|
||||
// AuthoritativeRegion is the region which is treated as the authoritative source
|
||||
// for ACLs and Policies. This provides a single source of truth to resolve conflicts.
|
||||
AuthoritativeRegion string
|
||||
|
||||
// Datacenter is the datacenter this Nomad server belongs to.
|
||||
Datacenter string
|
||||
|
||||
|
|
@ -224,6 +228,9 @@ type Config struct {
|
|||
|
||||
// TLSConfig holds various TLS related configurations
|
||||
TLSConfig *config.TLSConfig
|
||||
|
||||
// ACLEnabled controls if ACL enforcement and management is enabled.
|
||||
ACLEnabled bool
|
||||
}
|
||||
|
||||
// CheckVersion is used to check if the ProtocolVersion is valid
|
||||
|
|
|
|||
Loading…
Reference in New Issue