// Server starts gateway server created from the given configuration. // // It returns a function that can be used to explicitely stop // the kite server. func (d *Driver) Server(cfg *keygen.Config) (cancel func()) { kiteCfg := d.Kite(cfg, "keygen") keygen.NewServer(kiteCfg) go kiteCfg.Kite.Run() <-kiteCfg.Kite.ServerReadyNotify() cfg.ServerURL = fmt.Sprintf("http://127.0.0.1:%d/kite", kiteCfg.Kite.Port()) return kiteCfg.Kite.Close }
// New gives new, registered kloud kite. // // If conf contains invalid or missing configuration, it return non-nil error. func New(conf *Config) (*Kloud, error) { k := kite.New(stack.NAME, stack.VERSION) k.Config = kiteconfig.MustGet() k.Config.Port = conf.Port k.ClientFunc = httputil.ClientFunc(conf.DebugMode) if conf.DebugMode { k.SetLogLevel(kite.DEBUG) } if conf.Region != "" { k.Config.Region = conf.Region } if conf.Environment != "" { k.Config.Environment = conf.Environment } // TODO(rjeczalik): refactor modelhelper methods to not use global DB modelhelper.Initialize(conf.MongoURL) sess, err := newSession(conf, k) if err != nil { return nil, err } e := newEndpoints(conf) sess.Log.Debug("Konfig.Endpoints: %s", util.LazyJSON(e)) authUsers := map[string]string{ "kloudctl": conf.KloudSecretKey, } restClient := httputil.DefaultRestClient(conf.DebugMode) storeOpts := &credential.Options{ MongoDB: sess.DB, Log: sess.Log.New("stackcred"), Client: restClient, } if !conf.NoSneaker { storeOpts.CredURL = e.Social().WithPath("/credential").Private.URL } sess.Log.Debug("storeOpts: %+v", storeOpts) userPrivateKey, userPublicKey := userMachinesKeys(conf.UserPublicKey, conf.UserPrivateKey) stacker := &provider.Stacker{ DB: sess.DB, Log: sess.Log, Kite: sess.Kite, Userdata: sess.Userdata, Debug: conf.DebugMode, KloudSecretKey: conf.KloudSecretKey, CredStore: credential.NewStore(storeOpts), TunnelURL: conf.TunnelURL, SSHKey: &publickeys.Keys{ KeyName: publickeys.DeployKeyName, PrivateKey: userPrivateKey, PublicKey: userPublicKey, }, } stats := common.MustInitMetrics(Name) kloud := &Kloud{ Kite: k, Stack: stack.New(), Queue: &queue.Queue{ Interval: 5 * time.Second, Log: sess.Log.New("queue"), Kite: k, MongoDB: sess.DB, }, } authFn := func(opts *api.AuthOptions) (*api.Session, error) { s, err := modelhelper.FetchOrCreateSession(opts.User.Username, opts.User.Team) if err != nil { return nil, err } return &api.Session{ ClientID: s.ClientId, User: &api.User{ Username: s.Username, Team: s.GroupName, }, }, nil } transport := &api.Transport{ RoundTripper: storeOpts.Client.Transport, AuthFunc: api.NewCache(authFn).Auth, Debug: conf.DebugMode, } if conf.DebugMode { transport.Log = sess.Log } kloud.Stack.Endpoints = e kloud.Stack.Userdata = sess.Userdata kloud.Stack.DescribeFunc = provider.Desc kloud.Stack.CredClient = credential.NewClient(storeOpts) kloud.Stack.MachineClient = machine.NewClient(machine.NewMongoDatabase()) kloud.Stack.TeamClient = team.NewClient(team.NewMongoDatabase()) kloud.Stack.PresenceClient = client.NewInternal(e.Social().Private.String()) kloud.Stack.PresenceClient.HTTPClient = restClient kloud.Stack.RemoteClient = &remoteapi.Client{ Client: storeOpts.Client, Transport: transport, Endpoint: e.Koding.Private.URL, } kloud.Stack.ContextCreator = func(ctx context.Context) context.Context { return session.NewContext(ctx, sess) } kloud.Stack.Metrics = stats // RSA key pair that we add to the newly created machine for // provisioning. kloud.Stack.PublicKeys = stacker.SSHKey kloud.Stack.DomainStorage = sess.DNSStorage kloud.Stack.Domainer = sess.DNSClient kloud.Stack.Locker = stacker kloud.Stack.Log = sess.Log kloud.Stack.SecretKey = conf.KloudSecretKey for _, p := range provider.All() { s := stacker.New(p) if err = kloud.Stack.AddProvider(p.Name, s); err != nil { return nil, err } kloud.Queue.Register(s) sess.Log.Debug("registering %q provider", p.Name) } go kloud.Queue.Run() if conf.KeygenAccessKey != "" && conf.KeygenSecretKey != "" { cfg := &keygen.Config{ AccessKey: conf.KeygenAccessKey, SecretKey: conf.KeygenSecretKey, Region: conf.KeygenRegion, Bucket: conf.KeygenBucket, AuthExpire: conf.KeygenTokenTTL, AuthFunc: kloud.Stack.ValidateUser, Kite: k, } kloud.Keygen = keygen.NewServer(cfg) } else { k.Log.Warning(`disabling "keygen" methods due to missing S3/STS credentials`) } // Teams/stack handling methods. k.HandleFunc("plan", kloud.Stack.Plan) k.HandleFunc("apply", kloud.Stack.Apply) k.HandleFunc("describeStack", kloud.Stack.Status) k.HandleFunc("authenticate", kloud.Stack.Authenticate) k.HandleFunc("bootstrap", kloud.Stack.Bootstrap) k.HandleFunc("import", kloud.Stack.Import) // Credential handling. k.HandleFunc("credential.describe", kloud.Stack.CredentialDescribe) k.HandleFunc("credential.list", kloud.Stack.CredentialList) k.HandleFunc("credential.add", kloud.Stack.CredentialAdd) // Authorization handling. k.HandleFunc("auth.login", kloud.Stack.AuthLogin) k.HandleFunc("auth.passwordLogin", kloud.Stack.AuthPasswordLogin).DisableAuthentication() // Configuration handling. k.HandleFunc("config.metadata", kloud.Stack.ConfigMetadata) // Team handling. k.HandleFunc("team.list", kloud.Stack.TeamList) k.HandleFunc("team.whoami", kloud.Stack.TeamWhoami) // Machine handling. k.HandleFunc("machine.list", kloud.Stack.MachineList) // Single machine handling. k.HandleFunc("stop", kloud.Stack.Stop) k.HandleFunc("start", kloud.Stack.Start) k.HandleFunc("info", kloud.Stack.Info) k.HandleFunc("event", kloud.Stack.Event) // Klient proxy methods. k.HandleFunc("admin.add", kloud.Stack.AdminAdd) k.HandleFunc("admin.remove", kloud.Stack.AdminRemove) k.HandleHTTPFunc("/healthCheck", artifact.HealthCheckHandler(Name)) k.HandleHTTPFunc("/version", artifact.VersionHandler()) for worker, key := range authUsers { worker, key := worker, key k.Authenticators[worker] = func(r *kite.Request) error { if r.Auth.Key != key { return errors.New("wrong secret key passed, you are not authenticated") } return nil } } if conf.DebugMode { // This should be actually debug level 2. It outputs every single Kite // message and enables the kite debugging system. So enable it only if // you need it. // k.SetLogLevel(kite.DEBUG) k.Log.Info("Debug mode enabled") } if conf.TestMode { k.Log.Info("Test mode enabled") } registerURL := k.RegisterURL(!conf.Public) if conf.RegisterURL != "" { u, err := url.Parse(conf.RegisterURL) if err != nil { return nil, fmt.Errorf("Couldn't parse register url: %s", err) } registerURL = u } if err := k.RegisterForever(registerURL); err != nil { return nil, err } return kloud, nil }