alihan/fn-serverless
1
0
Fork 0
mirror of https://github.com/fnproject/fn.git synced 2022-10-28 21:29:17 +03:00
Code Issues Packages Projects Releases Wiki Activity

support runner TLS certificates with specified certificate Common Names (#900)

Browse Source 
* support runner TLS certificates with specified certificate Common Names

* removes duplicate constant

* run in insecure mode by default but expose ability to create tls-secured runner pools programmatically

* fixes runner tests to use new tls interfaces
This commit is contained in:
Gerardo Viedma
2018-03-28 13:57:15 +01:00
committed by jan grant
parent 966890ac8f
commit 348bbaf36b
6 changed files with 29 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
api/agent/static_pool.go
View File

@@ -13,39 +13,24 @@ const (
staticPoolShutdownTimeout = 5 * time.Second
)
// allow factory to be overridden in tests
type insecureRunnerFactory func(addr string) (pool.Runner, error)
func insecureGRPCRunnerFactory(addr string) (pool.Runner, error) {
conn, client, err := runnerConnection(addr, nil)
if err != nil {
return nil, err
}
return &gRPCRunner{
address: addr,
conn: conn,
client: client,
}, nil
}
// manages a single set of runners ignoring lb groups
type staticRunnerPool struct {
generator insecureRunnerFactory
generator pool.MTLSRunnerFactory
pki *pool.PKIData // can be nil when running in insecure mode
runnerCN string
rMtx *sync.RWMutex
runners []pool.Runner
}
// DefaultStaticRunnerPool returns a RunnerPool consisting of a static set of runners
func DefaultStaticRunnerPool(runnerAddresses []string) pool.RunnerPool {
return newStaticRunnerPool(runnerAddresses, insecureGRPCRunnerFactory)
return NewStaticRunnerPool(runnerAddresses, nil, "", SecureGRPCRunnerFactory)
}
func newStaticRunnerPool(runnerAddresses []string, runnerFactory insecureRunnerFactory) pool.RunnerPool {
func NewStaticRunnerPool(runnerAddresses []string, pki *pool.PKIData, runnerCN string, runnerFactory pool.MTLSRunnerFactory) pool.RunnerPool {
logrus.WithField("runners", runnerAddresses).Info("Starting static runner pool")
var runners []pool.Runner
for _, addr := range runnerAddresses {
r, err := runnerFactory(addr)
r, err := runnerFactory(addr, runnerCN, pki)
if err != nil {
logrus.WithField("runner_addr", addr).Warn("Invalid runner")
continue
@@ -56,6 +41,8 @@ func newStaticRunnerPool(runnerAddresses []string, runnerFactory insecureRunnerF
return &staticRunnerPool{
rMtx: &sync.RWMutex{},
runners: runners,
pki: pki,
runnerCN: runnerCN,
generator: runnerFactory,
}
}
@@ -73,7 +60,7 @@ func (rp *staticRunnerPool) AddRunner(address string) error {
rp.rMtx.Lock()
defer rp.rMtx.Unlock()
r, err := rp.generator(address)
r, err := rp.generator(address, rp.runnerCN, rp.pki)
if err != nil {
logrus.WithField("runner_addr", address).Warn("Failed to add runner")
return err