func (t *ContainerService) RoleForIP(containerIP string) (*ContainerRole, error) { t.lock.Lock() defer t.lock.Unlock() info, err := t.containerForIP(containerIP) if err != nil { return nil, err } if info.RequiresRefresh() { log.Infof("Refreshing role for container %s: role=%s session=%s", info.ShortContainerID, info.RoleArn, info.SessionName) creds, err := AssumeRole(t.auth, info.RoleArn.String(), info.SessionName) info.LastUpdated = time.Now() info.Error = err info.Credentials = creds } if info.Error != nil { return nil, info.Error } return &ContainerRole{info.LastUpdated, info.RoleArn, info.Credentials}, nil }
func (t *ContainerService) syncContainers() { log.Info("Synchronizing state with running docker containers") apiContainers, err := t.docker.ListContainers(docker.ListContainersOptions{ All: false, // only running containers Size: false, // do not need size information Limit: 0, // all running containers Since: "", // not applicable Before: "", // not applicable }) if err != nil { log.Error("Error listing running containers: ", err) return } containerIPMap := make(map[string]*ContainerInfo) containerIDMap := make(map[string]string) for _, apiContainer := range apiContainers { container, err := t.docker.InspectContainer(apiContainer.ID) if err != nil { log.Error("Error inspecting container: ", apiContainer.ID, ": ", err) continue } shortContainerID := apiContainer.ID[:6] containerIP := container.NetworkSettings.IPAddress roleArn, roleErr := getRoleArnFromEnv(container.Config.Env, t.defaultRoleArn) if roleArn.Empty() && roleErr == nil { roleErr = fmt.Errorf("No role defined for container %s: image=%s", shortContainerID, container.Config.Image) } log.Infof("Container: id=%s image=%s role=%s", shortContainerID, container.Config.Image, roleArn) containerIPMap[containerIP] = &ContainerInfo{ ContainerID: apiContainer.ID, ShortContainerID: shortContainerID, SessionName: generateSessionName(container), LastUpdated: time.Time{}, Error: roleErr, RoleArn: roleArn, } containerIDMap[apiContainer.ID] = containerIP } t.containerIPMap = containerIPMap t.containerIDMap = containerIDMap }
func logHandler(handler func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) { start := time.Now() logWriter := &LogResponseWriter{w, 200} defer func() { if e := recover(); e != nil { log.Critical("Panic in request handler: ", e) logWriter.WriteHeader(http.StatusInternalServerError) } elapsed := time.Since(start) log.Infof("%s \"%s %s %s\" %d %s", remoteIP(r.RemoteAddr), r.Method, r.URL.Path, r.Proto, logWriter.Status, elapsed) }() handler(logWriter, r) } }