func (t *ContainerService) RoleForIP(containerIP string) (*ContainerRole, error) {
	t.lock.Lock()
	defer t.lock.Unlock()

	info, err := t.containerForIP(containerIP)

	if err != nil {
		return nil, err
	}

	if info.RequiresRefresh() {
		log.Infof("Refreshing role for container %s: role=%s session=%s", info.ShortContainerID, info.RoleArn, info.SessionName)
		creds, err := AssumeRole(t.auth, info.RoleArn.String(), info.SessionName)

		info.LastUpdated = time.Now()
		info.Error = err
		info.Credentials = creds
	}

	if info.Error != nil {
		return nil, info.Error
	}

	return &ContainerRole{info.LastUpdated, info.RoleArn, info.Credentials}, nil
}
func (t *ContainerService) syncContainers() {
	log.Info("Synchronizing state with running docker containers")
	apiContainers, err := t.docker.ListContainers(docker.ListContainersOptions{
		All:    false, // only running containers
		Size:   false, // do not need size information
		Limit:  0,     // all running containers
		Since:  "",    // not applicable
		Before: "",    // not applicable
	})

	if err != nil {
		log.Error("Error listing running containers: ", err)
		return
	}

	containerIPMap := make(map[string]*ContainerInfo)
	containerIDMap := make(map[string]string)

	for _, apiContainer := range apiContainers {
		container, err := t.docker.InspectContainer(apiContainer.ID)

		if err != nil {
			log.Error("Error inspecting container: ", apiContainer.ID, ": ", err)
			continue
		}

		shortContainerID := apiContainer.ID[:6]
		containerIP := container.NetworkSettings.IPAddress

		roleArn, roleErr := getRoleArnFromEnv(container.Config.Env, t.defaultRoleArn)

		if roleArn.Empty() && roleErr == nil {
			roleErr = fmt.Errorf("No role defined for container %s: image=%s", shortContainerID, container.Config.Image)
		}

		log.Infof("Container: id=%s image=%s role=%s", shortContainerID, container.Config.Image, roleArn)

		containerIPMap[containerIP] = &ContainerInfo{
			ContainerID:      apiContainer.ID,
			ShortContainerID: shortContainerID,
			SessionName:      generateSessionName(container),
			LastUpdated:      time.Time{},
			Error:            roleErr,
			RoleArn:          roleArn,
		}

		containerIDMap[apiContainer.ID] = containerIP
	}

	t.containerIPMap = containerIPMap
	t.containerIDMap = containerIDMap
}
Example #3
0
func logHandler(handler func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) {
	return func(w http.ResponseWriter, r *http.Request) {
		start := time.Now()
		logWriter := &LogResponseWriter{w, 200}

		defer func() {
			if e := recover(); e != nil {
				log.Critical("Panic in request handler: ", e)
				logWriter.WriteHeader(http.StatusInternalServerError)
			}

			elapsed := time.Since(start)
			log.Infof("%s \"%s %s %s\" %d %s", remoteIP(r.RemoteAddr), r.Method, r.URL.Path, r.Proto, logWriter.Status, elapsed)
		}()

		handler(logWriter, r)
	}
}