simplify code according to feedback
This commit is contained in:
parent
6b69404f1a
commit
b770504126
@ -35,14 +35,14 @@ bootstrap_peers = [
|
|||||||
|
|
||||||
|
|
||||||
[consul_discovery]
|
[consul_discovery]
|
||||||
mode = "node"
|
api = "catalog"
|
||||||
consul_http_addr = "http://127.0.0.1:8500"
|
consul_http_addr = "http://127.0.0.1:8500"
|
||||||
service_name = "garage-daemon"
|
service_name = "garage-daemon"
|
||||||
ca_cert = "/etc/consul/consul-ca.crt"
|
ca_cert = "/etc/consul/consul-ca.crt"
|
||||||
client_cert = "/etc/consul/consul-client.crt"
|
client_cert = "/etc/consul/consul-client.crt"
|
||||||
client_key = "/etc/consul/consul-key.crt"
|
client_key = "/etc/consul/consul-key.crt"
|
||||||
# for `service` mode, unset client_cert and client_key, and optionally enable `consul_http_token`
|
# for `catalog` API mode, unset client_cert and client_key, and optionally enable `token`
|
||||||
# consul_http_token = "abcdef-01234-56789"
|
# token = "abcdef-01234-56789"
|
||||||
tls_skip_verify = false
|
tls_skip_verify = false
|
||||||
tags = [ "dns-enabled" ]
|
tags = [ "dns-enabled" ]
|
||||||
meta = { dns-acl = "allow trusted" }
|
meta = { dns-acl = "allow trusted" }
|
||||||
|
@ -19,10 +19,15 @@ struct ConsulQueryEntry {
|
|||||||
address: String,
|
address: String,
|
||||||
#[serde(rename = "ServicePort")]
|
#[serde(rename = "ServicePort")]
|
||||||
service_port: u16,
|
service_port: u16,
|
||||||
#[serde(rename = "NodeMeta")]
|
|
||||||
node_meta: HashMap<String, String>,
|
|
||||||
#[serde(rename = "ServiceMeta")]
|
#[serde(rename = "ServiceMeta")]
|
||||||
service_meta: HashMap<String, String>,
|
meta: HashMap<String, String>,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Serialize, Clone, Debug)]
|
||||||
|
#[serde(untagged)]
|
||||||
|
enum PublishRequest {
|
||||||
|
Catalog(ConsulPublishEntry),
|
||||||
|
Service(ConsulPublishService),
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Serialize, Clone, Debug)]
|
#[derive(Serialize, Clone, Debug)]
|
||||||
@ -31,8 +36,6 @@ struct ConsulPublishEntry {
|
|||||||
node: String,
|
node: String,
|
||||||
#[serde(rename = "Address")]
|
#[serde(rename = "Address")]
|
||||||
address: IpAddr,
|
address: IpAddr,
|
||||||
#[serde(rename = "NodeMeta")]
|
|
||||||
node_meta: HashMap<String, String>,
|
|
||||||
#[serde(rename = "Service")]
|
#[serde(rename = "Service")]
|
||||||
service: ConsulPublishCatalogService,
|
service: ConsulPublishCatalogService,
|
||||||
}
|
}
|
||||||
@ -46,7 +49,7 @@ struct ConsulPublishCatalogService {
|
|||||||
#[serde(rename = "Tags")]
|
#[serde(rename = "Tags")]
|
||||||
tags: Vec<String>,
|
tags: Vec<String>,
|
||||||
#[serde(rename = "Meta")]
|
#[serde(rename = "Meta")]
|
||||||
service_meta: HashMap<String, String>,
|
meta: HashMap<String, String>,
|
||||||
#[serde(rename = "Address")]
|
#[serde(rename = "Address")]
|
||||||
address: IpAddr,
|
address: IpAddr,
|
||||||
#[serde(rename = "Port")]
|
#[serde(rename = "Port")]
|
||||||
@ -77,42 +80,36 @@ pub struct ConsulDiscovery {
|
|||||||
|
|
||||||
impl ConsulDiscovery {
|
impl ConsulDiscovery {
|
||||||
pub fn new(config: ConsulDiscoveryConfig) -> Result<Self, ConsulError> {
|
pub fn new(config: ConsulDiscoveryConfig) -> Result<Self, ConsulError> {
|
||||||
let mut builder: reqwest::ClientBuilder = reqwest::Client::builder();
|
let mut builder: reqwest::ClientBuilder = reqwest::Client::builder().use_rustls_tls();
|
||||||
if config.tls_skip_verify {
|
if config.tls_skip_verify {
|
||||||
builder = builder.danger_accept_invalid_certs(true);
|
builder = builder.danger_accept_invalid_certs(true);
|
||||||
} else if let Some(ca_cert) = &config.ca_cert {
|
} else if let Some(ca_cert) = &config.ca_cert {
|
||||||
let mut ca_cert_buf = vec![];
|
let mut ca_cert_buf = vec![];
|
||||||
File::open(ca_cert)?.read_to_end(&mut ca_cert_buf)?;
|
File::open(ca_cert)?.read_to_end(&mut ca_cert_buf)?;
|
||||||
builder = builder.use_rustls_tls();
|
|
||||||
builder =
|
builder =
|
||||||
builder.add_root_certificate(reqwest::Certificate::from_pem(&ca_cert_buf[..])?);
|
builder.add_root_certificate(reqwest::Certificate::from_pem(&ca_cert_buf[..])?);
|
||||||
}
|
}
|
||||||
|
|
||||||
let client: reqwest::Client = match &config.consul_http_api {
|
match &config.api {
|
||||||
ConsulDiscoveryAPI::Catalog => {
|
ConsulDiscoveryAPI::Catalog => match (&config.client_cert, &config.client_key) {
|
||||||
match (&config.client_cert, &config.client_key) {
|
(Some(client_cert), Some(client_key)) => {
|
||||||
(Some(client_cert), Some(client_key)) => {
|
let mut client_cert_buf = vec![];
|
||||||
let mut client_cert_buf = vec![];
|
File::open(client_cert)?.read_to_end(&mut client_cert_buf)?;
|
||||||
File::open(client_cert)?.read_to_end(&mut client_cert_buf)?;
|
|
||||||
|
|
||||||
let mut client_key_buf = vec![];
|
let mut client_key_buf = vec![];
|
||||||
File::open(client_key)?.read_to_end(&mut client_key_buf)?;
|
File::open(client_key)?.read_to_end(&mut client_key_buf)?;
|
||||||
|
|
||||||
let identity = reqwest::Identity::from_pem(
|
let identity = reqwest::Identity::from_pem(
|
||||||
&[&client_cert_buf[..], &client_key_buf[..]].concat()[..],
|
&[&client_cert_buf[..], &client_key_buf[..]].concat()[..],
|
||||||
)?;
|
)?;
|
||||||
|
|
||||||
builder = builder.use_rustls_tls();
|
builder = builder.identity(identity);
|
||||||
builder = builder.identity(identity);
|
|
||||||
}
|
|
||||||
(None, None) => {}
|
|
||||||
_ => return Err(ConsulError::InvalidTLSConfig),
|
|
||||||
}
|
}
|
||||||
|
(None, None) => {}
|
||||||
builder.build()?
|
_ => return Err(ConsulError::InvalidTLSConfig),
|
||||||
}
|
},
|
||||||
ConsulDiscoveryAPI::Agent => {
|
ConsulDiscoveryAPI::Agent => {
|
||||||
if let Some(token) = &config.consul_http_token {
|
if let Some(token) = &config.token {
|
||||||
let mut headers = reqwest::header::HeaderMap::new();
|
let mut headers = reqwest::header::HeaderMap::new();
|
||||||
headers.insert(
|
headers.insert(
|
||||||
"x-consul-token",
|
"x-consul-token",
|
||||||
@ -120,11 +117,11 @@ impl ConsulDiscovery {
|
|||||||
);
|
);
|
||||||
builder = builder.default_headers(headers);
|
builder = builder.default_headers(headers);
|
||||||
}
|
}
|
||||||
|
|
||||||
builder.build()?
|
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
|
let client: reqwest::Client = builder.build()?;
|
||||||
|
|
||||||
Ok(Self { client, config })
|
Ok(Self { client, config })
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -142,14 +139,11 @@ impl ConsulDiscovery {
|
|||||||
let mut ret = vec![];
|
let mut ret = vec![];
|
||||||
for ent in entries {
|
for ent in entries {
|
||||||
let ip = ent.address.parse::<IpAddr>().ok();
|
let ip = ent.address.parse::<IpAddr>().ok();
|
||||||
let pubkey = match &self.config.consul_http_api {
|
let pubkey = ent
|
||||||
ConsulDiscoveryAPI::Catalog => ent.node_meta.get("pubkey"),
|
.meta
|
||||||
ConsulDiscoveryAPI::Agent => {
|
.get(&format!("{}-pubkey", META_PREFIX))
|
||||||
ent.service_meta.get(&format!("{}-pubkey", META_PREFIX))
|
.and_then(|k| hex::decode(k).ok())
|
||||||
}
|
.and_then(|k| NodeID::from_slice(&k[..]));
|
||||||
}
|
|
||||||
.and_then(|k| hex::decode(k).ok())
|
|
||||||
.and_then(|k| NodeID::from_slice(&k[..]));
|
|
||||||
if let (Some(ip), Some(pubkey)) = (ip, pubkey) {
|
if let (Some(ip), Some(pubkey)) = (ip, pubkey) {
|
||||||
ret.push((pubkey, SocketAddr::new(ip, ent.service_port)));
|
ret.push((pubkey, SocketAddr::new(ip, ent.service_port)));
|
||||||
} else {
|
} else {
|
||||||
@ -179,47 +173,34 @@ impl ConsulDiscovery {
|
|||||||
]
|
]
|
||||||
.concat();
|
.concat();
|
||||||
|
|
||||||
let meta_prefix: String = match &self.config.consul_http_api {
|
let mut meta = self.config.meta.clone().unwrap_or_default();
|
||||||
ConsulDiscoveryAPI::Catalog => "".to_string(),
|
meta.insert(format!("{}-pubkey", META_PREFIX), hex::encode(node_id));
|
||||||
ConsulDiscoveryAPI::Agent => format!("{}-", META_PREFIX),
|
meta.insert(format!("{}-hostname", META_PREFIX), hostname.to_string());
|
||||||
};
|
|
||||||
|
|
||||||
let mut meta = HashMap::from([
|
|
||||||
(format!("{}pubkey", meta_prefix), hex::encode(node_id)),
|
|
||||||
(format!("{}hostname", meta_prefix), hostname.to_string()),
|
|
||||||
]);
|
|
||||||
|
|
||||||
if let Some(global_meta) = &self.config.meta {
|
|
||||||
for (key, value) in global_meta.into_iter() {
|
|
||||||
meta.insert(key.clone(), value.clone());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
let url = format!(
|
let url = format!(
|
||||||
"{}/v1/{}",
|
"{}/v1/{}",
|
||||||
self.config.consul_http_addr,
|
self.config.consul_http_addr,
|
||||||
(match &self.config.consul_http_api {
|
(match &self.config.api {
|
||||||
ConsulDiscoveryAPI::Catalog => "catalog/register",
|
ConsulDiscoveryAPI::Catalog => "catalog/register",
|
||||||
ConsulDiscoveryAPI::Agent => "agent/service/register?replace-existing-checks",
|
ConsulDiscoveryAPI::Agent => "agent/service/register?replace-existing-checks",
|
||||||
})
|
})
|
||||||
);
|
);
|
||||||
|
|
||||||
let req = self.client.put(&url);
|
let req = self.client.put(&url);
|
||||||
let http = (match &self.config.consul_http_api {
|
let advertisement: PublishRequest = match &self.config.api {
|
||||||
ConsulDiscoveryAPI::Catalog => req.json(&ConsulPublishEntry {
|
ConsulDiscoveryAPI::Catalog => PublishRequest::Catalog(ConsulPublishEntry {
|
||||||
node: node.clone(),
|
node: node.clone(),
|
||||||
address: rpc_public_addr.ip(),
|
address: rpc_public_addr.ip(),
|
||||||
node_meta: meta.clone(),
|
|
||||||
service: ConsulPublishCatalogService {
|
service: ConsulPublishCatalogService {
|
||||||
service_id: node.clone(),
|
service_id: node.clone(),
|
||||||
service_name: self.config.service_name.clone(),
|
service_name: self.config.service_name.clone(),
|
||||||
tags,
|
tags,
|
||||||
service_meta: meta.clone(),
|
meta: meta.clone(),
|
||||||
address: rpc_public_addr.ip(),
|
address: rpc_public_addr.ip(),
|
||||||
port: rpc_public_addr.port(),
|
port: rpc_public_addr.port(),
|
||||||
},
|
},
|
||||||
}),
|
}),
|
||||||
ConsulDiscoveryAPI::Agent => req.json(&ConsulPublishService {
|
ConsulDiscoveryAPI::Agent => PublishRequest::Service(ConsulPublishService {
|
||||||
service_id: node.clone(),
|
service_id: node.clone(),
|
||||||
service_name: self.config.service_name.clone(),
|
service_name: self.config.service_name.clone(),
|
||||||
tags,
|
tags,
|
||||||
@ -227,9 +208,8 @@ impl ConsulDiscovery {
|
|||||||
address: rpc_public_addr.ip(),
|
address: rpc_public_addr.ip(),
|
||||||
port: rpc_public_addr.port(),
|
port: rpc_public_addr.port(),
|
||||||
}),
|
}),
|
||||||
})
|
};
|
||||||
.send()
|
let http = req.json(&advertisement).send().await?;
|
||||||
.await?;
|
|
||||||
http.error_for_status()?;
|
http.error_for_status()?;
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
|
@ -135,23 +135,18 @@ pub struct AdminConfig {
|
|||||||
pub trace_sink: Option<String>,
|
pub trace_sink: Option<String>,
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Deserialize, Debug, Clone)]
|
#[derive(Deserialize, Debug, Clone, Default)]
|
||||||
|
#[serde(rename_all = "lowercase")]
|
||||||
pub enum ConsulDiscoveryAPI {
|
pub enum ConsulDiscoveryAPI {
|
||||||
#[serde(rename_all = "lowercase")]
|
#[default]
|
||||||
Catalog,
|
Catalog,
|
||||||
Agent,
|
Agent,
|
||||||
}
|
}
|
||||||
impl ConsulDiscoveryAPI {
|
|
||||||
fn default() -> Self {
|
|
||||||
ConsulDiscoveryAPI::Catalog
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Deserialize, Debug, Clone)]
|
#[derive(Deserialize, Debug, Clone)]
|
||||||
pub struct ConsulDiscoveryConfig {
|
pub struct ConsulDiscoveryConfig {
|
||||||
/// The consul api to use when registering: either `catalog` (the default) or `agent`
|
/// The consul api to use when registering: either `catalog` (the default) or `agent`
|
||||||
#[serde(default = "ConsulDiscoveryAPI::default")]
|
pub api: ConsulDiscoveryAPI,
|
||||||
pub consul_http_api: ConsulDiscoveryAPI,
|
|
||||||
/// Consul http or https address to connect to to discover more peers
|
/// Consul http or https address to connect to to discover more peers
|
||||||
pub consul_http_addr: String,
|
pub consul_http_addr: String,
|
||||||
/// Consul service name to use
|
/// Consul service name to use
|
||||||
@ -163,7 +158,7 @@ pub struct ConsulDiscoveryConfig {
|
|||||||
/// Client TLS key to use when connecting to Consul
|
/// Client TLS key to use when connecting to Consul
|
||||||
pub client_key: Option<String>,
|
pub client_key: Option<String>,
|
||||||
/// /// Token to use for connecting to consul
|
/// /// Token to use for connecting to consul
|
||||||
pub consul_http_token: Option<String>,
|
pub token: Option<String>,
|
||||||
/// Skip TLS hostname verification
|
/// Skip TLS hostname verification
|
||||||
#[serde(default)]
|
#[serde(default)]
|
||||||
pub tls_skip_verify: bool,
|
pub tls_skip_verify: bool,
|
||||||
|
Loading…
Reference in New Issue
Block a user