func makeOutgoingProxy(ipAddress string, config *Config, logger *gosteno.Logger) *trafficcontroller.Proxy {
authorizer := authorization.NewLogAccessAuthorizer(config.ApiHost, config.SkipCertVerify)
logger.Debugf("Output Proxy Startup: Number of zones: %v", len(config.Loggregators))
hashers := makeHashers(config.Loggregators, config.OutgoingPort, logger)
logger.Debugf("Output Proxy Startup: Number of hashers for the proxy: %v", len(hashers))
proxy := trafficcontroller.NewProxy(net.JoinHostPort(ipAddress, strconv.FormatUint(uint64(config.OutgoingPort), 10)), hashers, authorizer, logger)
return proxy
}
func makeOutgoingProxy(config *Config, logger *gosteno.Logger) *trafficcontroller.Proxy {
authorizer := authorization.NewLogAccessAuthorizer(config.ApiHost, config.SkipCertVerify)
logger.Debugf("Output Proxy Startup: Number of zones: %v", len(config.Loggregators))
hashers := makeHashers(config.Loggregators, config.LoggregatorOutgoingPort, logger)
logger.Debugf("Output Proxy Startup: Number of hashers for the proxy: %v", len(hashers))
proxy := trafficcontroller.NewProxy(hashers, authorizer, logger)
return proxy
}
func makeProxy(adapter storeadapter.StoreAdapter, config *Config, logger *gosteno.Logger, messageGenerator marshaller.MessageGenerator, translator dopplerproxy.RequestTranslator, listenerConstructor channel_group_connector.ListenerConstructor, cookieDomain string) *dopplerproxy.Proxy {
logAuthorizer := authorization.NewLogAccessAuthorizer(*disableAccessControl, config.ApiHost, config.SkipCertVerify)
uaaClient := uaa_client.NewUaaClient(config.UaaHost, config.UaaClientId, config.UaaClientSecret, config.SkipCertVerify)
adminAuthorizer := authorization.NewAdminAccessAuthorizer(*disableAccessControl, &uaaClient)
provider := MakeProvider(adapter, "/healthstatus/doppler", config.DopplerPort, logger)
cgc := channel_group_connector.NewChannelGroupConnector(provider, listenerConstructor, messageGenerator, logger)
return dopplerproxy.NewDopplerProxy(logAuthorizer, adminAuthorizer, cgc, translator, cookieDomain, logger)
}
func makeProxy(adapter storeadapter.StoreAdapter, config *config.Config, logger *gosteno.Logger, messageGenerator marshaller.MessageGenerator, translator dopplerproxy.RequestTranslator, listenerConstructor channel_group_connector.ListenerConstructor, cookieDomain string) *dopplerproxy.Proxy {
logAuthorizer := authorization.NewLogAccessAuthorizer(*disableAccessControl, config.ApiHost, config.SkipCertVerify)
uaaClient := uaa_client.NewUaaClient(config.UaaHost, config.UaaClientId, config.UaaClientSecret, config.SkipCertVerify)
adminAuthorizer := authorization.NewAdminAccessAuthorizer(*disableAccessControl, &uaaClient)
preferredServers := func(string) bool { return false }
finder := dopplerservice.NewLegacyFinder(adapter, int(config.DopplerPort), preferredServers, nil, logger)
finder.Start()
cgc := channel_group_connector.NewChannelGroupConnector(finder, listenerConstructor, messageGenerator, logger)
return dopplerproxy.NewDopplerProxy(logAuthorizer, adminAuthorizer, cgc, translator, cookieDomain, logger)
}
logger *gosteno.Logger = loggertesthelper.Logger()
server *httptest.Server
)
BeforeEach(func() {
transport = &http.Transport{
TLSClientConfig: &tls.Config{
InsecureSkipVerify: true,
},
}
http.DefaultClient.Transport = transport
})
Context("Disable Access Control", func() {
It("returns http.StatusOK", func() {
authorizer := authorization.NewLogAccessAuthorizer(true, "http://cloudcontroller.example.com")
Expect(authorizer("bearer anything", "myAppId", logger)).To(Equal(http.StatusOK))
})
})
Context("Server does not use SSL", func() {
BeforeEach(func() {
server = startHTTPServer()
})
AfterEach(func() {
server.Close()
})
It("does not allow access for requests with empty AuthTokens", func() {
func main() {
flag.Parse()
config, err := config.ParseConfig(*logLevel, *configFile, *logFilePath)
if err != nil {
panic(err)
}
log := logger.NewLogger(*logLevel, *logFilePath, "loggregator trafficcontroller", config.Syslog)
log.Info("Startup: Setting up the loggregator traffic controller")
dropsonde.Initialize("127.0.0.1:"+strconv.Itoa(config.MetronPort), "LoggregatorTrafficController")
profiler := profiler.NewProfiler(*cpuprofile, *memprofile, 1*time.Second, log)
profiler.Profile()
defer profiler.Stop()
uptimeMonitor := monitor.NewUptimeMonitor(time.Duration(config.MonitorIntervalSeconds) * time.Second)
go uptimeMonitor.Start()
defer uptimeMonitor.Stop()
etcdAdapter := DefaultStoreAdapterProvider(config.EtcdUrls, config.EtcdMaxConcurrentRequests)
err = etcdAdapter.Connect()
if err != nil {
log.Errorf("Cannot connect to ETCD: %s", err.Error())
os.Exit(-1)
}
ipAddress, err := localip.LocalIP()
if err != nil {
panic(err)
}
logAuthorizer := authorization.NewLogAccessAuthorizer(*disableAccessControl, config.ApiHost, config.SkipCertVerify)
uaaClient := uaa_client.NewUaaClient(config.UaaHost, config.UaaClientId, config.UaaClientSecret, config.SkipCertVerify)
adminAuthorizer := authorization.NewAdminAccessAuthorizer(*disableAccessControl, &uaaClient)
preferredServers := func(string) bool { return false }
finder := dopplerservice.NewLegacyFinder(etcdAdapter, int(config.DopplerPort), preferredServers, nil, log)
finder.Start()
dopplerProxy := makeProxy(etcdAdapter, config, log, marshaller.DropsondeLogMessage, dopplerproxy.TranslateFromDropsondePath,
newDropsondeWebsocketListener, finder, logAuthorizer, adminAuthorizer, "doppler."+config.SystemDomain)
startOutgoingDopplerProxy(net.JoinHostPort(ipAddress, strconv.FormatUint(uint64(config.OutgoingDropsondePort), 10)), dopplerProxy)
legacyProxy := makeProxy(etcdAdapter, config, log, marshaller.LoggregatorLogMessage, dopplerproxy.TranslateFromLegacyPath,
newLegacyWebsocketListener, finder, logAuthorizer, adminAuthorizer, "loggregator."+config.SystemDomain)
startOutgoingProxy(net.JoinHostPort(ipAddress, strconv.FormatUint(uint64(config.OutgoingPort), 10)), legacyProxy)
killChan := make(chan os.Signal)
signal.Notify(killChan, os.Kill, os.Interrupt)
dumpChan := registerGoRoutineDumpSignalChannel()
for {
select {
case <-dumpChan:
logger.DumpGoRoutine()
case <-killChan:
break
}
}
}
func main() {
flag.Parse()
config, err := config.ParseConfig(*logLevel, *configFile)
if err != nil {
panic(fmt.Errorf("Unable to parse config: %s", err))
}
transport := &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: config.SkipCertVerify}}
http.DefaultClient.Transport = transport
ipAddress, err := localip.LocalIP()
if err != nil {
panic(fmt.Errorf("Unable to resolve own IP address: %s", err))
}
log := logger.NewLogger(*logLevel, *logFilePath, "loggregator trafficcontroller", config.Syslog)
log.Info("Startup: Setting up the loggregator traffic controller")
dropsonde.Initialize(net.JoinHostPort(config.MetronHost, strconv.Itoa(config.MetronPort)), "LoggregatorTrafficController")
go func() {
err := http.ListenAndServe(net.JoinHostPort(ipAddress, pprofPort), nil)
if err != nil {
log.Errorf("Error starting pprof server: %s", err.Error())
}
}()
uptimeMonitor := monitor.NewUptimeMonitor(time.Duration(config.MonitorIntervalSeconds) * time.Second)
go uptimeMonitor.Start()
defer uptimeMonitor.Stop()
etcdAdapter := defaultStoreAdapterProvider(config.EtcdUrls, config.EtcdMaxConcurrentRequests)
err = etcdAdapter.Connect()
if err != nil {
panic(fmt.Errorf("Unable to connect to ETCD: %s", err))
}
logAuthorizer := authorization.NewLogAccessAuthorizer(*disableAccessControl, config.ApiHost)
uaaClient := uaa_client.NewUaaClient(config.UaaHost, config.UaaClientId, config.UaaClientSecret)
adminAuthorizer := authorization.NewAdminAccessAuthorizer(*disableAccessControl, &uaaClient)
// TODO: The preferredProtocol of udp tells the finder to pull out the Doppler URLs from the legacy ETCD endpoint.
// Eventually we'll have a separate websocket client pool
finder := dopplerservice.NewFinder(etcdAdapter, int(config.DopplerPort), []string{"udp"}, "", log)
finder.Start()
// Draining the finder's events channel in order to not block the finder from handling etcd events.
go func() {
for {
finder.Next()
}
}()
var accessMiddleware, legacyAccessMiddleware func(middleware.HttpHandler) *middleware.AccessHandler
if config.SecurityEventLog != "" {
accessLog, err := os.OpenFile(config.SecurityEventLog, os.O_APPEND|os.O_WRONLY, os.ModeAppend)
if err != nil {
panic(fmt.Errorf("Unable to open access log: %s", err))
}
defer func() {
accessLog.Sync()
accessLog.Close()
}()
accessLogger := accesslogger.New(accessLog, log)
accessMiddleware = middleware.Access(accessLogger, ipAddress, config.OutgoingDropsondePort, log)
legacyAccessMiddleware = middleware.Access(accessLogger, ipAddress, config.OutgoingPort, log)
}
dopplerCgc := channel_group_connector.NewChannelGroupConnector(finder, newDropsondeWebsocketListener, marshaller.DropsondeLogMessage, log)
dopplerHandler := http.Handler(dopplerproxy.NewDopplerProxy(logAuthorizer, adminAuthorizer, dopplerCgc, dopplerproxy.TranslateFromDropsondePath, "doppler."+config.SystemDomain, log))
if accessMiddleware != nil {
dopplerHandler = accessMiddleware(dopplerHandler)
}
startOutgoingProxy(net.JoinHostPort(ipAddress, strconv.FormatUint(uint64(config.OutgoingDropsondePort), 10)), dopplerHandler)
legacyCgc := channel_group_connector.NewChannelGroupConnector(finder, newLegacyWebsocketListener, marshaller.LoggregatorLogMessage, log)
legacyHandler := http.Handler(dopplerproxy.NewDopplerProxy(logAuthorizer, adminAuthorizer, legacyCgc, dopplerproxy.TranslateFromLegacyPath, "loggregator."+config.SystemDomain, log))
if legacyAccessMiddleware != nil {
legacyHandler = legacyAccessMiddleware(legacyHandler)
}
startOutgoingProxy(net.JoinHostPort(ipAddress, strconv.FormatUint(uint64(config.OutgoingPort), 10)), legacyHandler)
killChan := signalmanager.RegisterKillSignalChannel()
dumpChan := signalmanager.RegisterGoRoutineDumpSignalChannel()
for {
select {
case <-dumpChan:
signalmanager.DumpGoRoutine()
case <-killChan:
log.Info("Shutting down")
return
}
}
}
func main() {
// Put os.Exit in a deferred statement so that other defers get executed prior to
// the os.Exit call.
exitCode := 0
defer func() {
os.Exit(exitCode)
}()
flag.Parse()
config, err := config.ParseConfig(*logLevel, *configFile, *logFilePath)
if err != nil {
panic(err)
}
log := logger.NewLogger(*logLevel, *logFilePath, "loggregator trafficcontroller", config.Syslog)
log.Info("Startup: Setting up the loggregator traffic controller")
dropsonde.Initialize("127.0.0.1:"+strconv.Itoa(config.MetronPort), "LoggregatorTrafficController")
profiler := profiler.New(*cpuprofile, *memprofile, 1*time.Second, log)
profiler.Profile()
defer profiler.Stop()
uptimeMonitor := monitor.NewUptimeMonitor(time.Duration(config.MonitorIntervalSeconds) * time.Second)
go uptimeMonitor.Start()
defer uptimeMonitor.Stop()
etcdAdapter := DefaultStoreAdapterProvider(config.EtcdUrls, config.EtcdMaxConcurrentRequests)
err = etcdAdapter.Connect()
if err != nil {
log.Errorf("Cannot connect to ETCD: %s", err.Error())
exitCode = -1
return
}
ipAddress, err := localip.LocalIP()
if err != nil {
panic(err)
}
logAuthorizer := authorization.NewLogAccessAuthorizer(*disableAccessControl, config.ApiHost, config.SkipCertVerify)
uaaClient := uaa_client.NewUaaClient(config.UaaHost, config.UaaClientId, config.UaaClientSecret, config.SkipCertVerify)
adminAuthorizer := authorization.NewAdminAccessAuthorizer(*disableAccessControl, &uaaClient)
preferredServers := func(string) bool { return false }
finder := dopplerservice.NewLegacyFinder(etcdAdapter, int(config.DopplerPort), preferredServers, nil, log)
finder.Start()
dopplerCgc := channel_group_connector.NewChannelGroupConnector(finder, newDropsondeWebsocketListener, marshaller.DropsondeLogMessage, log)
dopplerProxy := dopplerproxy.NewDopplerProxy(logAuthorizer, adminAuthorizer, dopplerCgc, dopplerproxy.TranslateFromDropsondePath, "doppler."+config.SystemDomain, log)
startOutgoingProxy(net.JoinHostPort(ipAddress, strconv.FormatUint(uint64(config.OutgoingDropsondePort), 10)), dopplerProxy)
legacyCgc := channel_group_connector.NewChannelGroupConnector(finder, newLegacyWebsocketListener, marshaller.LoggregatorLogMessage, log)
legacyProxy := dopplerproxy.NewDopplerProxy(logAuthorizer, adminAuthorizer, legacyCgc, dopplerproxy.TranslateFromLegacyPath, "loggregator."+config.SystemDomain, log)
startOutgoingProxy(net.JoinHostPort(ipAddress, strconv.FormatUint(uint64(config.OutgoingPort), 10)), legacyProxy)
killChan := signalmanager.RegisterKillSignalChannel()
dumpChan := signalmanager.RegisterGoRoutineDumpSignalChannel()
for {
select {
case <-dumpChan:
signalmanager.DumpGoRoutine()
case <-killChan:
log.Info("Shutting down")
return
}
}
}