Example #1
0
/*
Create a proxy that encrypts outbound connection to TLS enabled endpoint
*/
func ExampleLoadCertificate() {
	tlscfg, err := proxy.LoadCertificate(proxy.CertOptions{
		"s3://devops.org/cert/ca.pem",
		"file://cert.pem",
		"key.pem",
	})
	if err != nil {
		log.Fatal(err)
	}

	// prepare proxy option with TLS enabled
	pxyOpts := &proxy.ConnOptions{
		// Conneciton initiator does not encrypt data
		Net:  "tcp4",
		From: ":6379",

		// destination endpoint must accept TLS encrypted data
		To: []string{"10.0.0.12:6379"},

		// instructs go-proxy to establish TLS connection with config
		TLSConfig: proxy.TLSConfig{
			Client: tlscfg,
		},
	}

	context, cancel := ctx.WithCancel(ctx.Background())
	defer cancel()

	err := proxy.To(context, pxyOpts)
	log.Warning(err)
}
Example #2
0
/*
Create a proxy that connects each source endpoint to each remote endpoint.
Each connection behaves in the same way as proxy.To, but invoking
cancel function aborts both.
*/
func ExampleClusterTo_cluster() {
	pxyOpts := &proxy.ConnOptions{
		Net:       "tcp4",
		FromRange: []string{":16379", ":16378"},
		To:        []string{"10.0.0.12:6379", "10.0.1.123:6379"},
		Balance:   true,
	}

	context, cancel := ctx.WithCancel(ctx.Background())
	defer cancel()

	err := proxy.ClusterTo(context, pxyOpts)
	log.Warning(err)
}
Example #3
0
/*
Create a proxy that listens on 0.0.0.0:6379 and foward to two remote
host, balance connections
*/
func ExampleTo_static() {
	pxyOpts := &proxy.ConnOptions{
		Net:     "tcp4",
		From:    ":6379",
		To:      []string{"10.0.0.12:6379", "10.0.1.123:6379"},
		Balance: true,
	}

	context, cancel := ctx.WithCancel(ctx.Background())
	defer cancel()

	err := proxy.To(context, pxyOpts)
	log.Warning(err)
}
Example #4
0
/*
Create a proxy that listens on 0.0.0.0:27017 and foward to hosts
registered under service key /srv/mongo_router/debug, trying them in
order.

New set of hosts is obtained on nodes joining or leaving service
/srv/mongo_router/debug, followed by connection reset.

See coreos/etcd https://github.com/coreos/etcd for more information on
discovery backend
*/
func ExampleSrv_discovery() {
	pxyOpts := &proxy.ConnOptions{
		Net:  "tcp4",
		From: ":27017",
		Discovery: &proxy.DiscOptions{
			Service:   "/srv/mongo_router/debug",
			Endpoints: []string{"http://10.0.1.11:2379", "http://10.0.2.13:2379"},
		},
	}

	context, cancel := ctx.WithCancel(ctx.Background())
	defer cancel()

	err := proxy.Srv(context, pxyOpts)
	log.Warning(err)
}
Example #5
0
// StartService bootstraps the metadata service
func StartService(configFile, address, profileName, MFA string, port int, fake bool) {
	log := &ConsoleLogger{}
	config := Config{}

	// TODO: Move to function and use a default configuration file
	if configFile != "" {
		// Parse in options from the given config file.
		log.Debug("Loading configuration: %s\n", configFile)
		configContents, configErr := ioutil.ReadFile(configFile)
		if configErr != nil {
			log.Fatalf("Error reading config: %s\n", configErr.Error())
		}

		configParseErr := yaml.Unmarshal(configContents, &config)
		if configParseErr != nil {
			log.Fatalf("Error in parsing config file: %s\n", configParseErr.Error())
		}

		if len(config.Profiles) == 0 {
			log.Info("No profiles found, falling back to old config format.\n")
			configParseErr := yaml.Unmarshal(configContents, &config.Profiles)
			if configParseErr != nil {
				log.Fatalf("Error in parsing config file: %s\n", configParseErr.Error())
			}
			if len(config.Profiles) > 0 {
				log.Warning("WARNING: old deprecated config format is used.\n")
			}
		}
	} else {
		log.Debug("No configuration file given\n")
	}

	defer func() {
		log.Debug("Removing socket: %v\n", address)
		os.Remove(address)
	}()

	if port == 0 {
		port = config.Port
	}

	if port == 0 {
		port = 80
	}

	// Startup the HTTP server and respond to requests.
	listener, err := net.ListenTCP("tcp", &net.TCPAddr{
		IP:   net.ParseIP("169.254.169.254"),
		Port: port,
	})
	if err != nil {
		log.Fatalf("Failed to bind to socket: %s\n", err)
	}

	var credsManager CredentialsManager
	if fake {
		credsManager = &FakeCredentialsManager{}
	} else {
		credsManager = NewCredentialsExpirationManager(profileName, config, MFA)
	}

	log.Info("Starting web service: %v:%v\n", "169.254.169.254", port)
	mds, metadataError := NewMetadataService(listener, credsManager)
	if metadataError != nil {
		log.Fatalf("Failed to start metadata service: %s\n", metadataError.Error())
	}
	mds.Start()

	stop := make(chan struct{})
	agentServer := NewCliHandler(address, credsManager, stop, config)
	err = agentServer.Start()
	if err != nil {
		log.Fatalf("Failed to start agentServer: %s\n", err.Error())
	}

	// Wait for a graceful shutdown signal
	terminate := make(chan os.Signal)
	signal.Notify(terminate, syscall.SIGINT, syscall.SIGTERM)

	log.Info("Service: online\n")
	defer log.Info("Caught signal: shutting down.\n")

	for {
		select {
		case <-stop:
			return
		case <-terminate:
			return
		}
	}
}