Пример #1
0
// Client() returns a new client for accessing consul.
//
func (c *Config) Client() (*consulapi.Client, error) {
	config := consulapi.DefaultConfig()
	if c.Datacenter != "" {
		config.Datacenter = c.Datacenter
	}
	if c.Address != "" {
		config.Address = c.Address
	}
	if c.Scheme != "" {
		config.Scheme = c.Scheme
	}

	tlsConfig := &consulapi.TLSConfig{}
	tlsConfig.CAFile = c.CAFile
	tlsConfig.CertFile = c.CertFile
	tlsConfig.KeyFile = c.KeyFile
	cc, err := consulapi.SetupTLSConfig(tlsConfig)
	if err != nil {
		return nil, err
	}
	config.HttpClient.Transport.(*http.Transport).TLSClientConfig = cc

	if c.Token != "" {
		config.Token = c.Token
	}

	client, err := consulapi.NewClient(config)

	log.Printf("[INFO] Consul Client configured with address: '%s', scheme: '%s', datacenter: '%s'",
		config.Address, config.Scheme, config.Datacenter)
	if err != nil {
		return nil, err
	}
	return client, nil
}
Пример #2
0
func (f *Factory) New(uri *url.URL) bridge.RegistryAdapter {
	config := consulapi.DefaultConfig()
	if uri.Scheme == "consul-unix" {
		config.Address = strings.TrimPrefix(uri.String(), "consul-")
	} else if uri.Scheme == "consul-tls" {
		tlsConfigDesc := &consulapi.TLSConfig{
			Address:            uri.Host,
			CAFile:             os.Getenv("CONSUL_CACERT"),
			CertFile:           os.Getenv("CONSUL_TLSCERT"),
			KeyFile:            os.Getenv("CONSUL_TLSKEY"),
			InsecureSkipVerify: false,
		}
		tlsConfig, err := consulapi.SetupTLSConfig(tlsConfigDesc)
		if err != nil {
			log.Fatal("Cannot set up Consul TLSConfig", err)
		}
		config.Scheme = "https"
		transport := cleanhttp.DefaultPooledTransport()
		transport.TLSClientConfig = tlsConfig
		config.HttpClient.Transport = transport
		config.Address = uri.Host
	} else if uri.Host != "" {
		config.Address = uri.Host
	}
	client, err := consulapi.NewClient(config)
	if err != nil {
		log.Fatal("consul: ", uri.Scheme)
	}
	return &ConsulAdapter{client: client}
}
Пример #3
0
// ApiConfig() returns a usable Consul config that can be passed directly to
// hashicorp/consul/api.  NOTE: datacenter is not set
func (c *ConsulConfig) ApiConfig() (*consul.Config, error) {
	config := consul.DefaultConfig()
	if c.Addr != "" {
		config.Address = c.Addr
	}
	if c.Token != "" {
		config.Token = c.Token
	}
	if c.Timeout != 0 {
		config.HttpClient.Timeout = c.Timeout
	}
	if c.Auth != "" {
		var username, password string
		if strings.Contains(c.Auth, ":") {
			split := strings.SplitN(c.Auth, ":", 2)
			username = split[0]
			password = split[1]
		} else {
			username = c.Auth
		}

		config.HttpAuth = &consul.HttpBasicAuth{
			Username: username,
			Password: password,
		}
	}
	if c.EnableSSL {
		config.Scheme = "https"
		tlsConfig := consul.TLSConfig{
			Address:            config.Address,
			CAFile:             c.CAFile,
			CertFile:           c.CertFile,
			KeyFile:            c.KeyFile,
			InsecureSkipVerify: !c.VerifySSL,
		}
		tlsClientCfg, err := consul.SetupTLSConfig(&tlsConfig)
		if err != nil {
			return nil, fmt.Errorf("error creating tls client config for consul: %v", err)
		}
		config.HttpClient.Transport = &http.Transport{
			TLSClientConfig: tlsClientCfg,
		}
	}
	if c.EnableSSL && !c.VerifySSL {
		config.HttpClient.Transport = &http.Transport{
			TLSClientConfig: &tls.Config{
				InsecureSkipVerify: true,
			},
		}
	}

	return config, nil
}
Пример #4
0
// New returns an initialized consul client
func (cc *Config) New() (*Client, error) {
	var c *api.Config  // upstream client configuration
	var client *Client // client wrapper
	var err error      // general error holder

	// init upstream config
	c = api.DefaultConfig()

	// overwrite address if needed
	if cc.Address != "" {
		c.Address = cc.Address
	}

	// overwrite scheme if needed
	if cc.Scheme != "" {
		c.Scheme = cc.Scheme
	}

	// overwrite dc if needed
	if cc.Datacenter != "" {
		c.Datacenter = cc.Datacenter
	}

	// overwrite token if needed
	if cc.Token != "" {
		c.Token = cc.Token
	}

	// configure if any TLS specific options were passed
	if cc.TLS.CAFile != "" || cc.TLS.CertFile != "" || cc.TLS.KeyFile != "" || cc.TLS.InsecureSkipVerify {
		var tlsConfig *tls.Config // client TLS config
		// attempt to build tls config from passed options
		if tlsConfig, err = api.SetupTLSConfig(cc.TLS); err != nil {
			return nil, err
		}
		// build a new http client and transport
		httpClient := cleanhttp.DefaultClient()
		httpTransport := cleanhttp.DefaultTransport()
		httpTransport.TLSClientConfig = tlsConfig
		httpClient.Transport = httpTransport

		// set client
		c.HttpClient = httpClient
	}

	// init client wrapper
	client = new(Client)
	client.Client, err = api.NewClient(c)

	// return client and error
	return client, err
}
Пример #5
0
// New creates a Consul client
func newClient(conf *Config) (*api.Client, error) {
	config := api.DefaultConfig()
	config.HttpClient = http.DefaultClient
	config.Address = conf.address
	//config.Datacenter = conf.Datacenter
	config.Scheme = "http"

	if conf.auth.Enabled {
		config.HttpAuth = &api.HttpBasicAuth{
			Username: conf.auth.Username,
			Password: conf.auth.Password,
		}
	}

	if conf.enableSSL {
		tlsConfigDesc := &api.TLSConfig{
			Address:            conf.address,
			CAFile:             conf.caCertFile,
			CertFile:           conf.certFile,
			KeyFile:            conf.keyFile,
			InsecureSkipVerify: false,
		}

		if !conf.sslVerify {
			tlsConfigDesc.InsecureSkipVerify = true
		}

		tlsConfig, err := api.SetupTLSConfig(tlsConfigDesc)
		if err != nil {
			return nil, err
		}

		config.Scheme = "https"
		transport := cleanhttp.DefaultPooledTransport()
		transport.TLSClientConfig = tlsConfig
		config.HttpClient.Transport = transport
	}

	config.WaitTime = time.Duration(conf.timeout)
	config.Token = conf.token

	client, err := api.NewClient(config)

	return client, err
}
Пример #6
0
// NewSyncer returns a new consul.Syncer
func NewSyncer(consulConfig *config.ConsulConfig, shutdownCh chan struct{}, logger *log.Logger) (*Syncer, error) {
	var err error
	var c *consul.Client

	cfg := consul.DefaultConfig()

	// If a nil consulConfig was provided, fall back to the default config
	if consulConfig == nil {
		consulConfig = cconfig.DefaultConfig().ConsulConfig
	}

	if consulConfig.Addr != "" {
		cfg.Address = consulConfig.Addr
	}
	if consulConfig.Token != "" {
		cfg.Token = consulConfig.Token
	}
	if consulConfig.Auth != "" {
		var username, password string
		if strings.Contains(consulConfig.Auth, ":") {
			split := strings.SplitN(consulConfig.Auth, ":", 2)
			username = split[0]
			password = split[1]
		} else {
			username = consulConfig.Auth
		}

		cfg.HttpAuth = &consul.HttpBasicAuth{
			Username: username,
			Password: password,
		}
	}
	if consulConfig.EnableSSL {
		cfg.Scheme = "https"
		tlsCfg := consul.TLSConfig{
			Address:            cfg.Address,
			CAFile:             consulConfig.CAFile,
			CertFile:           consulConfig.CertFile,
			KeyFile:            consulConfig.KeyFile,
			InsecureSkipVerify: !consulConfig.VerifySSL,
		}
		tlsClientCfg, err := consul.SetupTLSConfig(&tlsCfg)
		if err != nil {
			return nil, fmt.Errorf("error creating tls client config for consul: %v", err)
		}
		cfg.HttpClient.Transport = &http.Transport{
			TLSClientConfig: tlsClientCfg,
		}
	}
	if consulConfig.EnableSSL && !consulConfig.VerifySSL {
		cfg.HttpClient.Transport = &http.Transport{
			TLSClientConfig: &tls.Config{
				InsecureSkipVerify: true,
			},
		}
	}
	if c, err = consul.NewClient(cfg); err != nil {
		return nil, err
	}
	consulSyncer := Syncer{
		client:            c,
		logger:            logger,
		consulAvailable:   true,
		shutdownCh:        shutdownCh,
		servicesGroups:    make(map[ServiceDomain]map[ServiceKey]*consul.AgentServiceRegistration),
		checkGroups:       make(map[ServiceDomain]map[ServiceKey][]*consul.AgentCheckRegistration),
		trackedServices:   make(map[consulServiceID]*consul.AgentServiceRegistration),
		trackedChecks:     make(map[consulCheckID]*consul.AgentCheckRegistration),
		checkRunners:      make(map[consulCheckID]*CheckRunner),
		periodicCallbacks: make(map[string]types.PeriodicCallback),
	}

	return &consulSyncer, nil
}
Пример #7
0
// NewConsulService returns a new ConsulService
func NewConsulService(config *ConsulConfig, logger *log.Logger, allocID string) (*ConsulService, error) {
	var err error
	var c *consul.Client
	cfg := consul.DefaultConfig()
	if config.Addr != "" {
		cfg.Address = config.Addr
	}
	if config.Token != "" {
		cfg.Token = config.Token
	}
	if config.Auth != "" {
		var username, password string
		if strings.Contains(config.Auth, ":") {
			split := strings.SplitN(config.Auth, ":", 2)
			username = split[0]
			password = split[1]
		} else {
			username = config.Auth
		}

		cfg.HttpAuth = &consul.HttpBasicAuth{
			Username: username,
			Password: password,
		}
	}
	if config.EnableSSL {
		cfg.Scheme = "https"
		tlsCfg := consul.TLSConfig{
			Address:            cfg.Address,
			CAFile:             config.CAFile,
			CertFile:           config.CertFile,
			KeyFile:            config.KeyFile,
			InsecureSkipVerify: !config.VerifySSL,
		}
		tlsClientCfg, err := consul.SetupTLSConfig(&tlsCfg)
		if err != nil {
			return nil, fmt.Errorf("error creating tls client config for consul: %v", err)
		}
		cfg.HttpClient.Transport = &http.Transport{
			TLSClientConfig: tlsClientCfg,
		}
	}
	if config.EnableSSL && !config.VerifySSL {
		cfg.HttpClient.Transport = &http.Transport{
			TLSClientConfig: &tls.Config{
				InsecureSkipVerify: true,
			},
		}
	}
	if c, err = consul.NewClient(cfg); err != nil {
		return nil, err
	}
	consulService := ConsulService{
		client:          c,
		allocID:         allocID,
		logger:          logger,
		trackedServices: make(map[string]*consul.AgentService),
		trackedChecks:   make(map[string]*consul.AgentCheckRegistration),
		checkRunners:    make(map[string]*CheckRunner),

		shutdownCh: make(chan struct{}),
	}
	return &consulService, nil
}