func createFleetConf(deps service.ServiceDependencies, flags *service.ServiceFlags) (bool, error) {
proxy, err := isEtcdProxy(deps, flags)
if err != nil {
return false, maskAny(err)
}
members, err := flags.GetClusterMembers(deps.Logger)
if err != nil {
deps.Logger.Warning("GetClusterMembers failed: %v", err)
}
etcdServers := []string{}
for _, cm := range members {
if !cm.EtcdProxy {
etcdServers = append(etcdServers, fmt.Sprintf("http://%s:2379", cm.ClusterIP))
}
}
lines := []string{
"[Service]",
fmt.Sprintf("Environment=FLEET_METADATA=%s", flags.Fleet.Metadata),
fmt.Sprintf("Environment=FLEET_ETCD_SERVERS=%s", strings.Join(etcdServers, ",")),
fmt.Sprintf("Environment=FLEET_PUBLIC_IP=%s", flags.Network.ClusterIP),
fmt.Sprintf("Environment=FLEET_AGENT_TTL=%v", flags.Fleet.AgentTTL),
fmt.Sprintf("Environment=FLEET_DISABLE_ENGINE=%v", proxy || flags.Fleet.DisableEngine),
fmt.Sprintf("Environment=FLEET_DISABLE_WATCHES=%v", flags.Fleet.DisableWatches),
fmt.Sprintf("Environment=FLEET_ENGINE_RECONCILE_INTERVAL=%d", flags.Fleet.EngineReconcileInterval),
fmt.Sprintf("Environment=FLEET_TOKEN_LIMIT=%d", flags.Fleet.TokenLimit),
}
changed, err := util.UpdateFile(confPath, []byte(strings.Join(lines, "\n")), configFileMode)
return changed, maskAny(err)
}
func createService(deps service.ServiceDependencies, flags *service.ServiceFlags) (bool, error) {
deps.Logger.Info("creating %s", weaveServicePath)
members, err := flags.GetClusterMembers(deps.Logger)
if err != nil {
return false, maskAny(err)
}
var peers []string
for _, m := range members {
peers = append(peers, m.PrivateHostIP)
}
name, err := getPeerName(deps, flags)
if err != nil {
return false, maskAny(err)
}
opts := struct {
Seed string
Peers string
Name string
Hostname string
}{
Seed: flags.Weave.Seed,
Peers: strings.Join(peers, " "),
Name: name,
Hostname: flags.Weave.Hostname,
}
changed, err := templates.Render(weaveServiceTmpl, weaveServicePath, opts, serviceFileMode)
return changed, maskAny(err)
}
func createService(deps service.ServiceDependencies, flags *service.ServiceFlags) (bool, error) {
deps.Logger.Info("creating %s", consulServicePath)
members, err := flags.GetClusterMembers(deps.Logger)
if err != nil {
return false, maskAny(err)
}
var join []string
bootstrapExpect := 0
for _, m := range members {
if !m.EtcdProxy {
bootstrapExpect++
if m.ClusterIP != flags.Network.ClusterIP {
join = append(join, fmt.Sprintf("-retry-join %s", m.ClusterIP))
}
}
}
srv, err := isServer(members, flags)
if err != nil {
return false, maskAny(err)
}
args := fmt.Sprintf("-advertise=%s %s -client=0.0.0.0 -data-dir=/opt/consul/data", flags.Network.ClusterIP, strings.Join(join, " "))
if srv {
args = fmt.Sprintf("-server -bootstrap-expect=%d %s", bootstrapExpect, args)
}
opts := struct {
Flags string
}{
Flags: args,
}
changed, err := templates.Render(consulServiceTmpl, consulServicePath, opts, serviceFileMode)
return changed, maskAny(err)
}
func createEtcdConfig(deps service.ServiceDependencies, flags *service.ServiceFlags) (etcdConfig, error) {
if flags.Network.ClusterIP == "" {
return etcdConfig{}, maskAny(fmt.Errorf("ClusterIP empty"))
}
members, err := flags.GetClusterMembers(deps.Logger)
if err != nil {
deps.Logger.Warning("GetClusterMembers failed: %v", err)
}
result := etcdConfig{
ClusterIP: flags.Network.ClusterIP,
}
initialCluster := []string{}
endpoints := []string{}
hosts := []string{}
clientPort := 2379
result.ClusterState = flags.Etcd.ClusterState
if result.ClusterState == "" {
result.ClusterState = "new"
}
memberIndex := 0
for index, cm := range members {
if !cm.EtcdProxy {
initialCluster = append(initialCluster, fmt.Sprintf("%s=http://%s:2380", cm.MachineID, cm.ClusterIP))
endpoints = append(endpoints, fmt.Sprintf("http://%s:%d", cm.ClusterIP, clientPort))
hosts = append(hosts, cm.ClusterIP)
}
if cm.ClusterIP == flags.Network.ClusterIP {
result.Name = cm.MachineID
result.IsProxy = cm.EtcdProxy
result.PrivateHostIP = cm.PrivateHostIP
if cm.EtcdProxy {
memberIndex = index
} else {
memberIndex = len(hosts) - 1
}
}
}
result.ListenPeerURLs = fmt.Sprintf("https://%s:2381,http://%s:2380", result.PrivateHostIP, flags.Network.ClusterIP)
result.AdvertisePeerURLs = fmt.Sprintf("https://%s:2381,http://%s:2380", result.PrivateHostIP, flags.Network.ClusterIP)
result.ListenClientURLs = fmt.Sprintf("http://0.0.0.0:%d,http://0.0.0.0:4001", clientPort)
result.AdvertiseClientURLs = fmt.Sprintf("http://%s:%d,http://%s:4001", flags.Network.ClusterIP, clientPort, flags.Network.ClusterIP)
result.InitialCluster = strings.Join(initialCluster, ",")
result.Endpoints = strings.Join(endpoints, ",")
result.Host = hosts[memberIndex%len(hosts)]
result.Port = strconv.Itoa(clientPort)
return result, nil
}
func isEtcdProxy(deps service.ServiceDependencies, flags *service.ServiceFlags) (bool, error) {
members, err := flags.GetClusterMembers(deps.Logger)
if err != nil {
return false, maskAny(err)
}
for _, member := range members {
if member.ClusterIP == flags.Network.ClusterIP {
return member.EtcdProxy, nil
}
}
return false, nil
}
func createConfig(deps service.ServiceDependencies, flags *service.ServiceFlags) (bool, error) {
deps.Logger.Info("creating %s", nomadConfigPath)
members, err := flags.GetClusterMembers(deps.Logger)
if err != nil {
return false, maskAny(err)
}
srv, err := isServer(members, flags)
if err != nil {
return false, maskAny(err)
}
vaultEnv, err := readVaultEnv()
if err != nil {
return false, maskAny(err)
}
vaultAddress := vaultEnv["VAULT_ADDR"]
vaultCAFile := vaultEnv["VAULT_CACERT"]
bootstrapExpect := 0
for _, m := range members {
if !m.EtcdProxy {
bootstrapExpect++
}
}
opts := struct {
AdvertiseIP string
ConsulAddress string
MetaLines []string
IsServer bool
BootstrapExpect int
HasVault bool
VaultAddress string
VaultCAFile string
}{
AdvertiseIP: flags.Network.ClusterIP,
ConsulAddress: fmt.Sprintf("%s:8500", flags.Network.ClusterIP),
IsServer: srv,
BootstrapExpect: bootstrapExpect,
HasVault: false && vaultAddress != "" && vaultCAFile != "", // Vault token is also needed before we can enable
VaultAddress: vaultAddress,
VaultCAFile: vaultCAFile,
}
metaParts := strings.Split(flags.Fleet.Metadata, ",")
for _, meta := range metaParts {
kv := strings.SplitN(meta, "=", 2)
if len(kv) == 2 {
opts.MetaLines = append(opts.MetaLines, fmt.Sprintf("\"%s\" = \"%s\"", kv[0], kv[1]))
}
}
changed, err := templates.Render(nomadConfigTmpl, nomadConfigPath, opts, configFileMode)
return changed, maskAny(err)
}
// createNoProxy creates the value for the no_proxy environment variable.
func createNoProxy(deps service.ServiceDependencies, flags *service.ServiceFlags) (string, error) {
members, err := flags.GetClusterMembers(deps.Logger)
if err != nil {
return "", maskAny(err)
}
list := []string{".local", ".private"}
for _, cm := range members {
list = append(list, cm.ClusterIP)
if cm.ClusterIP != cm.PrivateHostIP {
list = append(list, cm.PrivateHostIP)
}
}
return strings.Join(list, ","), nil
}
func getPeerName(deps service.ServiceDependencies, flags *service.ServiceFlags) (string, error) {
members, err := flags.GetClusterMembers(deps.Logger)
if err != nil {
return "", maskAny(err)
}
for _, member := range members {
if member.ClusterIP == flags.Network.ClusterIP {
name, err := util.WeaveNameFromMachineID(member.MachineID)
if err != nil {
return "", maskAny(err)
}
return name, nil
}
}
return "", nil
}