// List returns a list of nodes that match the condition type/status in the storeToNodeConditionLister. func (s storeToNodeConditionLister) List() (nodes api.NodeList, err error) { for _, m := range s.store.List() { node := *m.(*api.Node) // We currently only use a conditionType of "Ready". If the kubelet doesn't // periodically report the status of a node, the nodecontroller sets its // ConditionStatus to "Unknown". If the kubelet thinks a node is unhealthy // it can (in theory) set its ConditionStatus to "False". var nodeCondition *api.NodeCondition // Get the last condition of the required type for _, cond := range node.Status.Conditions { if cond.Type == s.conditionType { nodeCondition = &cond } else { glog.V(4).Infof("Ignoring condition type %v for node %v", cond.Type, node.Name) } } // Check that the condition has the required status if nodeCondition != nil { if nodeCondition.Status == s.conditionStatus { nodes.Items = append(nodes.Items, node) } else { glog.V(4).Infof("Ignoring node %v with condition status %v", node.Name, nodeCondition.Status) } } else { glog.V(2).Infof("Node %s doesn't have conditions of type %v", node.Name, s.conditionType) } } return }
func (writer *NsenterWriter) WriteFile(filename string, data []byte, perm os.FileMode) error { cmd := "nsenter" base_args := []string{ "--mount=/rootfs/proc/1/ns/mnt", "--", } echo_args := append(base_args, "sh", "-c", fmt.Sprintf("echo %q | cat > %s", data, filename)) glog.V(5).Infof("Command to write data to file: %v %v", cmd, echo_args) outputBytes, err := exec.Command(cmd, echo_args...).CombinedOutput() if err != nil { glog.Errorf("Output from writing to %q: %v", filename, string(outputBytes)) return err } chmod_args := append(base_args, "chmod", fmt.Sprintf("%o", perm), filename) glog.V(5).Infof("Command to change permissions to file: %v %v", cmd, chmod_args) outputBytes, err = exec.Command(cmd, chmod_args...).CombinedOutput() if err != nil { glog.Errorf("Output from chmod command: %v", string(outputBytes)) return err } return nil }
// IsLikelyNotMountPoint determines whether a path is a mountpoint by calling findmnt // in the host's root mount namespace. func (n *NsenterMounter) IsLikelyNotMountPoint(file string) (bool, error) { file, err := filepath.Abs(file) if err != nil { return true, err } args := []string{"--mount=/rootfs/proc/1/ns/mnt", "--", n.absHostPath("findmnt"), "-o", "target", "--noheadings", "--target", file} glog.V(5).Infof("findmnt command: %v %v", nsenterPath, args) exec := exec.New() out, err := exec.Command(nsenterPath, args...).CombinedOutput() if err != nil { // If the command itself is correct, then if we encountered error // then most likely this means that the directory does not exist. return true, os.ErrNotExist } strOut := strings.TrimSuffix(string(out), "\n") glog.V(5).Infof("IsLikelyNotMountPoint findmnt output: %v", strOut) if strOut == file { return false, nil } return true, nil }
//getFinalIP method receives all the IP addrs of a Interface //and returns a nil if the address is Loopback, Ipv6, link-local or nil. //It returns a valid IPv4 if an Ipv4 address is found in the array. func getFinalIP(addrs []net.Addr) (net.IP, error) { if len(addrs) > 0 { for i := range addrs { glog.V(4).Infof("Checking addr %s.", addrs[i].String()) ip, _, err := net.ParseCIDR(addrs[i].String()) if err != nil { return nil, err } //Only IPv4 //TODO : add IPv6 support if ip.To4() != nil { if !ip.IsLoopback() && !ip.IsLinkLocalMulticast() && !ip.IsLinkLocalUnicast() { glog.V(4).Infof("IP found %v", ip) return ip, nil } else { glog.V(4).Infof("Loopback/link-local found %v", ip) } } else { glog.V(4).Infof("%v is not a valid IPv4 address", ip) } } } return nil, nil }
func (t *tcShaper) execAndLog(cmdStr string, args ...string) error { glog.V(6).Infof("Running: %s %s", cmdStr, strings.Join(args, " ")) cmd := t.e.Command(cmdStr, args...) out, err := cmd.CombinedOutput() glog.V(6).Infof("Output from tc: %s", string(out)) return err }
// Body makes the request use obj as the body. Optional. // If obj is a string, try to read a file of that name. // If obj is a []byte, send it directly. // If obj is an io.Reader, use it directly. // If obj is a runtime.Object, marshal it correctly. // Otherwise, set an error. func (r *Request) Body(obj interface{}) *Request { if r.err != nil { return r } switch t := obj.(type) { case string: data, err := ioutil.ReadFile(t) if err != nil { r.err = err return r } glog.V(8).Infof("Request Body: %s", string(data)) r.body = bytes.NewBuffer(data) case []byte: glog.V(8).Infof("Request Body: %s", string(t)) r.body = bytes.NewBuffer(t) case io.Reader: r.body = t case runtime.Object: data, err := r.codec.Encode(t) if err != nil { r.err = err return r } glog.V(8).Infof("Request Body: %s", string(data)) r.body = bytes.NewBuffer(data) default: r.err = fmt.Errorf("unknown type used for body: %+v", obj) } return r }
func chooseHostInterfaceFromRoute(inFile io.Reader, nw networkInterfacer) (net.IP, error) { routes, err := getRoutes(inFile) if err != nil { return nil, err } zero := net.IP{0, 0, 0, 0} var finalIP net.IP for i := range routes { //find interface with gateway if routes[i].Destination.Equal(zero) { glog.V(4).Infof("Default route transits interface %q", routes[i].Interface) finalIP, err := getIPFromInterface(routes[i].Interface, nw) if err != nil { return nil, err } if finalIP != nil { glog.V(4).Infof("Choosing IP %v ", finalIP) return finalIP, nil } } } glog.V(4).Infof("No valid IP found") if finalIP == nil { return nil, fmt.Errorf("Unable to select an IP.") } return nil, nil }
// watchHandler watches w and keeps *resourceVersion up to date. func (r *Reflector) watchHandler(w watch.Interface, resourceVersion *string, resyncCh <-chan time.Time, stopCh <-chan struct{}) error { start := time.Now() eventCount := 0 // Stopping the watcher should be idempotent and if we return from this function there's no way // we're coming back in with the same watch interface. defer w.Stop() loop: for { select { case <-stopCh: return errorStopRequested case <-resyncCh: return errorResyncRequested case event, ok := <-w.ResultChan(): if !ok { break loop } if event.Type == watch.Error { return apierrs.FromObject(event.Object) } if e, a := r.expectedType, reflect.TypeOf(event.Object); e != nil && e != a { util.HandleError(fmt.Errorf("%s: expected type %v, but watch event object had type %v", r.name, e, a)) continue } meta, err := meta.Accessor(event.Object) if err != nil { util.HandleError(fmt.Errorf("%s: unable to understand watch event %#v", r.name, event)) continue } newResourceVersion := meta.ResourceVersion() switch event.Type { case watch.Added: r.store.Add(event.Object) case watch.Modified: r.store.Update(event.Object) case watch.Deleted: // TODO: Will any consumers need access to the "last known // state", which is passed in event.Object? If so, may need // to change this. r.store.Delete(event.Object) default: util.HandleError(fmt.Errorf("%s: unable to understand watch event %#v", r.name, event)) } *resourceVersion = newResourceVersion r.setLastSyncResourceVersion(newResourceVersion) eventCount++ } } watchDuration := time.Now().Sub(start) if watchDuration < 1*time.Second && eventCount == 0 { glog.V(4).Infof("%s: Unexpected watch close - watch lasted less than a second and no items received", r.name) return errors.New("very short watch") } glog.V(4).Infof("%s: Watch close - %v total %v items received", r.name, r.expectedType, eventCount) return nil }
// Decode unmarshals the next object from the underlying stream into the // provide object, or returns an error. func (d *YAMLOrJSONDecoder) Decode(into interface{}) error { if d.decoder == nil { buffer, isJSON := guessJSONStream(d.r, d.bufferSize) if isJSON { glog.V(4).Infof("decoding stream as JSON") d.decoder = json.NewDecoder(buffer) } else { glog.V(4).Infof("decoding stream as YAML") d.decoder = NewYAMLToJSONDecoder(buffer) } } return d.decoder.Decode(into) }
// doNsenterMount nsenters the host's mount namespace and performs the // requested mount. func (n *NsenterMounter) doNsenterMount(source, target, fstype string, options []string) error { glog.V(5).Infof("nsenter Mounting %s %s %s %v", source, target, fstype, options) args := n.makeNsenterArgs(source, target, fstype, options) glog.V(5).Infof("Mount command: %v %v", nsenterPath, args) exec := exec.New() outputBytes, err := exec.Command(nsenterPath, args...).CombinedOutput() if len(outputBytes) != 0 { glog.V(5).Infof("Output from mount command: %v", string(outputBytes)) } return err }
// TransportFor returns an http.RoundTripper that will provide the authentication // or transport level security defined by the provided Config. Will return the // default http.DefaultTransport if no special case behavior is needed. func TransportFor(config *Config) (http.RoundTripper, error) { hasCA := len(config.CAFile) > 0 || len(config.CAData) > 0 hasCert := len(config.CertFile) > 0 || len(config.CertData) > 0 // Set transport level security if config.Transport != nil && (hasCA || hasCert || config.Insecure) { return nil, fmt.Errorf("using a custom transport with TLS certificate options or the insecure flag is not allowed") } var ( transport http.RoundTripper err error ) if config.Transport != nil { transport = config.Transport } else { transport, err = tlsTransportFor(config) if err != nil { return nil, err } } // Call wrap prior to adding debugging wrappers if config.WrapTransport != nil { transport = config.WrapTransport(transport) } switch { case bool(glog.V(9)): transport = NewDebuggingRoundTripper(transport, CurlCommand, URLTiming, ResponseHeaders) case bool(glog.V(8)): transport = NewDebuggingRoundTripper(transport, JustURL, RequestHeaders, ResponseStatus, ResponseHeaders) case bool(glog.V(7)): transport = NewDebuggingRoundTripper(transport, JustURL, RequestHeaders, ResponseStatus) case bool(glog.V(6)): transport = NewDebuggingRoundTripper(transport, URLTiming) } transport, err = HTTPWrappersForConfig(config, transport) if err != nil { return nil, err } // TODO: use the config context to wrap a transport return transport, nil }
// runs all reload funcs to re-sync iptables rules func (runner *runner) reload() { glog.V(1).Infof("reloading iptables rules") for _, f := range runner.reloadFuncs { f() } }
func init() { groupMeta, err := latest.RegisterGroup("extensions") if err != nil { glog.V(4).Infof("%v", err) return } registeredGroupVersions := registered.GroupVersionsForGroup("extensions") groupVersion := registeredGroupVersions[0] *groupMeta = latest.GroupMeta{ GroupVersion: groupVersion, Group: apiutil.GetGroup(groupVersion), Version: apiutil.GetVersion(groupVersion), Codec: runtime.CodecFor(api.Scheme, groupVersion), } var versions []string var groupVersions []string for i := len(registeredGroupVersions) - 1; i >= 0; i-- { versions = append(versions, apiutil.GetVersion(registeredGroupVersions[i])) groupVersions = append(groupVersions, registeredGroupVersions[i]) } groupMeta.Versions = versions groupMeta.GroupVersions = groupVersions groupMeta.SelfLinker = runtime.SelfLinker(accessor) // the list of kinds that are scoped at the root of the api hierarchy // if a kind is not enumerated here, it is assumed to have a namespace scope rootScoped := sets.NewString() ignoredKinds := sets.NewString() groupMeta.RESTMapper = api.NewDefaultRESTMapper("extensions", groupVersions, interfacesFor, importPrefix, ignoredKinds, rootScoped) api.RegisterRESTMapper(groupMeta.RESTMapper) groupMeta.InterfacesFor = interfacesFor }
// Unmount runs umount(8) in the host's mount namespace. func (n *NsenterMounter) Unmount(target string) error { args := []string{ "--mount=/rootfs/proc/1/ns/mnt", "--", n.absHostPath("umount"), target, } glog.V(5).Infof("Unmount command: %v %v", nsenterPath, args) exec := exec.New() outputBytes, err := exec.Command(nsenterPath, args...).CombinedOutput() if len(outputBytes) != 0 { glog.V(5).Infof("Output from mount command: %v", string(outputBytes)) } return err }
func init() { groupMeta, err := latest.RegisterGroup("") if err != nil { glog.V(4).Infof("%v", err) return } // Use the first API version in the list of registered versions as the latest. registeredGroupVersions := registered.GroupVersionsForGroup("") groupVersion := registeredGroupVersions[0] *groupMeta = latest.GroupMeta{ GroupVersion: groupVersion, Group: apiutil.GetGroup(groupVersion), Version: apiutil.GetVersion(groupVersion), Codec: runtime.CodecFor(api.Scheme, groupVersion), } var versions []string var groupVersions []string for i := len(registeredGroupVersions) - 1; i >= 0; i-- { versions = append(versions, apiutil.GetVersion(registeredGroupVersions[i])) groupVersions = append(groupVersions, registeredGroupVersions[i]) } groupMeta.Versions = versions groupMeta.GroupVersions = groupVersions groupMeta.SelfLinker = runtime.SelfLinker(accessor) // the list of kinds that are scoped at the root of the api hierarchy // if a kind is not enumerated here, it is assumed to have a namespace scope // the list of kinds that are scoped at the root of the api hierarchy // if a kind is not enumerated here, it is assumed to have a namespace scope rootScoped := sets.NewString( "Node", "Minion", "Namespace", "PersistentVolume", ) // these kinds should be excluded from the list of resources ignoredKinds := sets.NewString( "ListOptions", "DeleteOptions", "Status", "PodLogOptions", "PodExecOptions", "PodAttachOptions", "PodProxyOptions", "ThirdPartyResource", "ThirdPartyResourceData", "ThirdPartyResourceList") mapper := api.NewDefaultRESTMapper("", versions, interfacesFor, importPrefix, ignoredKinds, rootScoped) // setup aliases for groups of resources mapper.AddResourceAlias("all", userResources...) groupMeta.RESTMapper = mapper api.RegisterRESTMapper(groupMeta.RESTMapper) groupMeta.InterfacesFor = interfacesFor }
func (runner *runner) run(op operation, args []string) ([]byte, error) { iptablesCmd := runner.iptablesCommand() fullArgs := append(runner.waitFlag, string(op)) fullArgs = append(fullArgs, args...) glog.V(4).Infof("running iptables %s %v", string(op), args) return runner.exec.Command(iptablesCmd, fullArgs...).CombinedOutput() // Don't log err here - callers might not think it is an error. }
// Returns error if ListAndWatch didn't even tried to initialize watch. func (r *Reflector) ListAndWatch(stopCh <-chan struct{}) error { var resourceVersion string resyncCh, cleanup := r.resyncChan() defer cleanup() list, err := r.listerWatcher.List() if err != nil { return fmt.Errorf("%s: Failed to list %v: %v", r.name, r.expectedType, err) } meta, err := meta.Accessor(list) if err != nil { return fmt.Errorf("%s: Unable to understand list result %#v", r.name, list) } resourceVersion = meta.ResourceVersion() items, err := runtime.ExtractList(list) if err != nil { return fmt.Errorf("%s: Unable to understand list result %#v (%v)", r.name, list, err) } if err := r.syncWith(items, resourceVersion); err != nil { return fmt.Errorf("%s: Unable to sync list result: %v", r.name, err) } r.setLastSyncResourceVersion(resourceVersion) for { w, err := r.listerWatcher.Watch(resourceVersion) if err != nil { switch err { case io.EOF: // watch closed normally case io.ErrUnexpectedEOF: glog.V(1).Infof("%s: Watch for %v closed with unexpected EOF: %v", r.name, r.expectedType, err) default: util.HandleError(fmt.Errorf("%s: Failed to watch %v: %v", r.name, r.expectedType, err)) } // If this is "connection refused" error, it means that most likely apiserver is not responsive. // It doesn't make sense to re-list all objects because most likely we will be able to restart // watch where we ended. // If that's the case wait and resend watch request. if urlError, ok := err.(*url.Error); ok { if opError, ok := urlError.Err.(*net.OpError); ok { if errno, ok := opError.Err.(syscall.Errno); ok && errno == syscall.ECONNREFUSED { time.Sleep(time.Second) continue } } } return nil } if err := r.watchHandler(w, &resourceVersion, resyncCh, stopCh); err != nil { if err != errorResyncRequested && err != errorStopRequested { glog.Warningf("%s: watch of %v ended with: %v", r.name, r.expectedType, err) } return nil } } }
func isInterfaceUp(intf *net.Interface) bool { if intf == nil { return false } if intf.Flags&net.FlagUp != 0 { glog.V(4).Infof("Interface %v is up", intf.Name) return true } return false }
// Executes the rule check without using the "-C" flag, instead parsing iptables-save. // Present for compatibility with <1.4.11 versions of iptables. This is full // of hack and half-measures. We should nix this ASAP. func (runner *runner) checkRuleWithoutCheck(table Table, chain Chain, args ...string) (bool, error) { glog.V(1).Infof("running iptables-save -t %s", string(table)) out, err := runner.exec.Command(cmdIptablesSave, "-t", string(table)).CombinedOutput() if err != nil { return false, fmt.Errorf("error checking rule: %v", err) } // Sadly, iptables has inconsistent quoting rules for comments. Just remove all quotes. // Also, quoted multi-word comments (which are counted as a single arg) // will be unpacked into multiple args, // in order to compare against iptables-save output (which will be split at whitespace boundary) // e.g. a single arg('"this must be before the NodePort rules"') will be unquoted and unpacked into 7 args. var argsCopy []string for i := range args { tmpField := strings.Trim(args[i], "\"") argsCopy = append(argsCopy, strings.Fields(tmpField)...) } argset := sets.NewString(argsCopy...) for _, line := range strings.Split(string(out), "\n") { var fields = strings.Fields(line) // Check that this is a rule for the correct chain, and that it has // the correct number of argument (+2 for "-A <chain name>") if !strings.HasPrefix(line, fmt.Sprintf("-A %s", string(chain))) || len(fields) != len(argsCopy)+2 { continue } // Sadly, iptables has inconsistent quoting rules for comments. // Just remove all quotes. for i := range fields { fields[i] = strings.Trim(fields[i], "\"") } // TODO: This misses reorderings e.g. "-x foo ! -y bar" will match "! -x foo -y bar" if sets.NewString(fields...).IsSuperset(argset) { return true, nil } glog.V(5).Infof("DBG: fields is not a superset of args: fields=%v args=%v", fields, args) } return false, nil }
// request connects to the server and invokes the provided function when a server response is // received. It handles retry behavior and up front validation of requests. It wil invoke // fn at most once. It will return an error if a problem occurred prior to connecting to the // server - the provided function is responsible for handling server errors. func (r *Request) request(fn func(*http.Request, *http.Response)) error { if r.err != nil { return r.err } // TODO: added to catch programmer errors (invoking operations with an object with an empty namespace) if (r.verb == "GET" || r.verb == "PUT" || r.verb == "DELETE") && r.namespaceSet && len(r.resourceName) > 0 && len(r.namespace) == 0 { return fmt.Errorf("an empty namespace may not be set when a resource name is provided") } if (r.verb == "POST") && r.namespaceSet && len(r.namespace) == 0 { return fmt.Errorf("an empty namespace may not be set during creation") } client := r.client if client == nil { client = http.DefaultClient } // Right now we make about ten retry attempts if we get a Retry-After response. // TODO: Change to a timeout based approach. maxRetries := 10 retries := 0 for { url := r.URL().String() req, err := http.NewRequest(r.verb, url, r.body) if err != nil { return err } req.Header = r.headers resp, err := client.Do(req) if err != nil { return err } done := func() bool { // ensure the response body is closed before we reconnect, so that we reuse the same // TCP connection defer resp.Body.Close() retries++ if seconds, wait := checkWait(resp); wait && retries < maxRetries { glog.V(4).Infof("Got a Retry-After %s response for attempt %d to %v", seconds, retries, url) time.Sleep(time.Duration(seconds) * time.Second) return false } fn(req, resp) return true }() if done { return nil } } }
func (s *SwaggerSchema) ValidateObject(obj interface{}, fieldName, typeName string) errs.ValidationErrorList { allErrs := errs.ValidationErrorList{} models := s.api.Models // TODO: handle required fields here too. model, ok := models.At(typeName) if !ok { return append(allErrs, fmt.Errorf("couldn't find type: %s", typeName)) } properties := model.Properties if len(properties.List) == 0 { // The object does not have any sub-fields. return nil } fields, ok := obj.(map[string]interface{}) if !ok { return append(allErrs, fmt.Errorf("field %s: expected object of type map[string]interface{}, but the actual type is %T", fieldName, obj)) } if len(fieldName) > 0 { fieldName = fieldName + "." } // handle required fields for _, requiredKey := range model.Required { if _, ok := fields[requiredKey]; !ok { allErrs = append(allErrs, fmt.Errorf("field %s: is required", requiredKey)) } } for key, value := range fields { details, ok := properties.At(key) if !ok { allErrs = append(allErrs, fmt.Errorf("found invalid field %s for %s", key, typeName)) continue } if details.Type == nil && details.Ref == nil { allErrs = append(allErrs, fmt.Errorf("could not find the type of %s from object: %v", key, details)) } var fieldType string if details.Type != nil { fieldType = *details.Type } else { fieldType = *details.Ref } if value == nil { glog.V(2).Infof("Skipping nil field: %s", key) continue } errs := s.validateField(value, fieldName+key, fieldType, &details) if len(errs) > 0 { allErrs = append(allErrs, errs...) } } return allErrs }
func getIPFromInterface(intfName string, nw networkInterfacer) (net.IP, error) { intf, err := nw.InterfaceByName(intfName) if err != nil { return nil, err } if isInterfaceUp(intf) { addrs, err := nw.Addrs(intf) if err != nil { return nil, err } glog.V(4).Infof("Interface %q has %d addresses :%v.", intfName, len(addrs), addrs) finalIP, err := getFinalIP(addrs) if err != nil { return nil, err } if finalIP != nil { glog.V(4).Infof("valid IPv4 address for interface %q found as %v.", intfName, finalIP) return finalIP, nil } } return nil, nil }
func (ks *kube2consul) newService(obj interface{}) { if s, ok := obj.(*kapi.Service); ok { name := buildNameString(s.Name, s.Namespace) ks.services[name] = s glog.V(2).Info("Creating Service: ", name) //Add to all existing nodes for _, node := range ks.nodes { if node.ready { ks.createDNS(name, s, &node) } } } }
// transformUnstructuredResponseError handles an error from the server that is not in a structured form. // It is expected to transform any response that is not recognizable as a clear server sent error from the // K8S API using the information provided with the request. In practice, HTTP proxies and client libraries // introduce a level of uncertainty to the responses returned by servers that in common use result in // unexpected responses. The rough structure is: // // 1. Assume the server sends you something sane - JSON + well defined error objects + proper codes // - this is the happy path // - when you get this output, trust what the server sends // 2. Guard against empty fields / bodies in received JSON and attempt to cull sufficient info from them to // generate a reasonable facsimile of the original failure. // - Be sure to use a distinct error type or flag that allows a client to distinguish between this and error 1 above // 3. Handle true disconnect failures / completely malformed data by moving up to a more generic client error // 4. Distinguish between various connection failures like SSL certificates, timeouts, proxy errors, unexpected // initial contact, the presence of mismatched body contents from posted content types // - Give these a separate distinct error type and capture as much as possible of the original message // // TODO: introduce transformation of generic http.Client.Do() errors that separates 4. func (r *Request) transformUnstructuredResponseError(resp *http.Response, req *http.Request, body []byte) error { if body == nil && resp.Body != nil { if data, err := ioutil.ReadAll(resp.Body); err == nil { body = data } } glog.V(8).Infof("Response Body: %s", string(body)) message := "unknown" if isTextResponse(resp) { message = strings.TrimSpace(string(body)) } retryAfter, _ := retryAfterSeconds(resp) return errors.NewGenericServerResponse(resp.StatusCode, req.Method, r.resource, r.resourceName, message, retryAfter, true) }
// Connects to D-Bus and listens for FirewallD start/restart. (On non-FirewallD-using // systems, this is effectively a no-op; we listen for the signals, but they will never be // emitted, so reload() will never be called.) func (runner *runner) connectToFirewallD() { bus, err := runner.dbus.SystemBus() if err != nil { glog.V(1).Infof("Could not connect to D-Bus system bus: %s", err) return } rule := fmt.Sprintf("type='signal',sender='%s',path='%s',interface='%s',member='Reloaded'", firewalldName, firewalldPath, firewalldInterface) bus.BusObject().Call("org.freedesktop.DBus.AddMatch", 0, rule) rule = fmt.Sprintf("type='signal',interface='org.freedesktop.DBus',member='NameOwnerChanged',path='/org/freedesktop/DBus',sender='org.freedesktop.DBus',arg0='%s'", firewalldName) bus.BusObject().Call("org.freedesktop.DBus.AddMatch", 0, rule) runner.signal = make(chan *godbus.Signal, 10) bus.Signal(runner.signal) go runner.dbusSignalHandler(bus) }
func (t *tcShaper) ReconcileInterface() error { exists, output, err := t.interfaceExists() if err != nil { return err } if !exists { glog.V(4).Info("Didn't find bandwidth interface, creating") return t.initializeInterface() } fields := strings.Split(output, " ") if len(fields) != 12 || fields[1] != "htb" || fields[2] != "1:" { if err := t.deleteInterface(fields[2]); err != nil { return err } return t.initializeInterface() } return nil }
// ClientConfig implements ClientConfig func (config DeferredLoadingClientConfig) ClientConfig() (*client.Config, error) { mergedClientConfig, err := config.createClientConfig() if err != nil { return nil, err } mergedConfig, err := mergedClientConfig.ClientConfig() if err != nil { return nil, err } // Are we running in a cluster and were no other configs found? If so, use the in-cluster-config. icc := inClusterClientConfig{} defaultConfig, err := DefaultClientConfig.ClientConfig() if icc.Possible() && err == nil && reflect.DeepEqual(mergedConfig, defaultConfig) { glog.V(2).Info("No kubeconfig could be created, falling back to service account.") return icc.ClientConfig() } return mergedConfig, nil }
// getOrExpire retrieves the object from the timestampedEntry if and only if it hasn't // already expired. It kicks-off a go routine to delete expired objects from // the store and sets exists=false. func (c *ExpirationCache) getOrExpire(key string) (interface{}, bool) { timestampedItem, exists := c.getTimestampedEntry(key) if !exists { return nil, false } if c.expirationPolicy.IsExpired(timestampedItem) { glog.V(4).Infof("Entry %v: %+v has expired", key, timestampedItem.obj) // Since expiration happens lazily on read, don't hold up // the reader trying to acquire a write lock for the delete. // The next reader will retry the delete even if this one // fails; as long as we only return un-expired entries a // reader doesn't need to wait for the result of the delete. go func() { defer util.HandleCrash() c.cacheStorage.Delete(key) }() return nil, false } return timestampedItem.obj, true }
// transformResponse converts an API response into a structured API object func (r *Request) transformResponse(resp *http.Response, req *http.Request) Result { var body []byte if resp.Body != nil { if data, err := ioutil.ReadAll(resp.Body); err == nil { body = data } } glog.V(8).Infof("Response Body: %s", string(body)) // Did the server give us a status response? isStatusResponse := false var status unversioned.Status if err := r.codec.DecodeInto(body, &status); err == nil && status.Status != "" { isStatusResponse = true } switch { case resp.StatusCode == http.StatusSwitchingProtocols: // no-op, we've been upgraded case resp.StatusCode < http.StatusOK || resp.StatusCode > http.StatusPartialContent: if !isStatusResponse { return Result{err: r.transformUnstructuredResponseError(resp, req, body)} } return Result{err: errors.FromObject(&status)} } // If the server gave us a status back, look at what it was. success := resp.StatusCode >= http.StatusOK && resp.StatusCode <= http.StatusPartialContent if isStatusResponse && (status.Status != unversioned.StatusSuccess && !success) { // "Failed" requests are clearly just an error and it makes sense to return them as such. return Result{err: errors.FromObject(&status)} } return Result{ body: body, statusCode: resp.StatusCode, codec: r.codec, } }
func chooseHostInterfaceNativeGo() (net.IP, error) { intfs, err := net.Interfaces() if err != nil { return nil, err } i := 0 var ip net.IP for i = range intfs { if flagsSet(intfs[i].Flags, net.FlagUp) && flagsClear(intfs[i].Flags, net.FlagLoopback|net.FlagPointToPoint) { addrs, err := intfs[i].Addrs() if err != nil { return nil, err } if len(addrs) > 0 { for _, addr := range addrs { if addrIP, _, err := net.ParseCIDR(addr.String()); err == nil { if addrIP.To4() != nil { ip = addrIP.To4() if !ip.IsLinkLocalMulticast() && !ip.IsLinkLocalUnicast() { break } } } } if ip != nil { // This interface should suffice. break } } } } if ip == nil { return nil, fmt.Errorf("no acceptable interface from host") } glog.V(4).Infof("Choosing interface %s (IP %v) as default", intfs[i].Name, ip) return ip, nil }