From 61f1d24f393f632739e1a432ae81bb5b0d82dadc Mon Sep 17 00:00:00 2001 From: Atin Malaviya Date: Tue, 18 Nov 2014 17:56:48 -0500 Subject: [PATCH] consul.Config() helper to generate the tlsutil.Config{} struct, 30 second keepalive, use keepalive for HTTP and HTTPS --- command/agent/command.go | 7 +++---- command/agent/http.go | 6 ++++-- command/util_test.go | 2 +- consul/client.go | 12 +----------- consul/config.go | 14 ++++++++++++++ consul/server.go | 11 +---------- 6 files changed, 24 insertions(+), 28 deletions(-) diff --git a/command/agent/command.go b/command/agent/command.go index de800e673f..9236c23f2b 100644 --- a/command/agent/command.go +++ b/command/agent/command.go @@ -466,10 +466,9 @@ func (c *Command) Run(args []string) int { if c.rpcServer != nil { defer c.rpcServer.Shutdown() } - if c.httpServers != nil { - for _, server := range c.httpServers { - defer server.Shutdown() - } + + for _, server := range c.httpServers { + defer server.Shutdown() } // Join startup nodes if specified diff --git a/command/agent/http.go b/command/agent/http.go index 79b847a34a..e5804ae1dd 100644 --- a/command/agent/http.go +++ b/command/agent/http.go @@ -93,11 +93,13 @@ func NewHTTPServers(agent *Agent, config *Config, logOutput io.Writer) ([]*HTTPS } // Create non-TLS listener - list, err = net.Listen("tcp", httpAddr.String()) + ln, err := net.Listen("tcp", httpAddr.String()) if err != nil { return nil, fmt.Errorf("Failed to get Listen on %s: %v", httpAddr.String(), err) } + list = tcpKeepAliveListener{ln.(*net.TCPListener)} + // Create the mux mux := http.NewServeMux() @@ -140,7 +142,7 @@ func (ln tcpKeepAliveListener) Accept() (c net.Conn, err error) { return } tc.SetKeepAlive(true) - tc.SetKeepAlivePeriod(3 * time.Minute) + tc.SetKeepAlivePeriod(30 * time.Second) return tc, nil } diff --git a/command/util_test.go b/command/util_test.go index bb09664735..cd201139bc 100644 --- a/command/util_test.go +++ b/command/util_test.go @@ -98,7 +98,7 @@ func nextConfig() *agent.Config { conf.Server = true conf.Ports.HTTP = 10000 + 10*idx - conf.Ports.HTTPS = 10400 + 10*idx + conf.Ports.HTTPS = 10401 + 10*idx conf.Ports.RPC = 10100 + 10*idx conf.Ports.SerfLan = 10201 + 10*idx conf.Ports.SerfWan = 10202 + 10*idx diff --git a/consul/client.go b/consul/client.go index 54bd4056a5..28838bf795 100644 --- a/consul/client.go +++ b/consul/client.go @@ -4,7 +4,6 @@ import ( "crypto/tls" "fmt" "github.com/hashicorp/consul/consul/structs" - "github.com/hashicorp/consul/tlsutil" "github.com/hashicorp/serf/serf" "log" "math/rand" @@ -94,16 +93,7 @@ func NewClient(config *Config) (*Client, error) { // Create the tlsConfig var tlsConfig *tls.Config var err error - tlsConf := &tlsutil.Config{ - VerifyIncoming: config.VerifyIncoming, - VerifyOutgoing: config.VerifyOutgoing, - CAFile: config.CAFile, - CertFile: config.CertFile, - KeyFile: config.KeyFile, - NodeName: config.NodeName, - ServerName: config.ServerName} - - if tlsConfig, err = tlsConf.OutgoingTLSConfig(); err != nil { + if tlsConfig, err = config.tlsConfig().OutgoingTLSConfig(); err != nil { return nil, err } diff --git a/consul/config.go b/consul/config.go index e623dcade5..9cb1944cbc 100644 --- a/consul/config.go +++ b/consul/config.go @@ -7,6 +7,7 @@ import ( "os" "time" + "github.com/hashicorp/consul/tlsutil" "github.com/hashicorp/memberlist" "github.com/hashicorp/raft" "github.com/hashicorp/serf/serf" @@ -234,3 +235,16 @@ func DefaultConfig() *Config { return conf } + +func (c *Config) tlsConfig() *tlsutil.Config { + tlsConf := &tlsutil.Config{ + VerifyIncoming: c.VerifyIncoming, + VerifyOutgoing: c.VerifyOutgoing, + CAFile: c.CAFile, + CertFile: c.CertFile, + KeyFile: c.KeyFile, + NodeName: c.NodeName, + ServerName: c.ServerName} + + return tlsConf +} diff --git a/consul/server.go b/consul/server.go index 4b6aa3a93c..2adbc7edbb 100644 --- a/consul/server.go +++ b/consul/server.go @@ -16,7 +16,6 @@ import ( "time" "github.com/hashicorp/consul/acl" - "github.com/hashicorp/consul/tlsutil" "github.com/hashicorp/golang-lru" "github.com/hashicorp/raft" "github.com/hashicorp/raft-mdb" @@ -169,15 +168,7 @@ func NewServer(config *Config) (*Server, error) { } // Create the tlsConfig for outgoing connections - tlsConf := &tlsutil.Config{ - VerifyIncoming: config.VerifyIncoming, - VerifyOutgoing: config.VerifyOutgoing, - CAFile: config.CAFile, - CertFile: config.CertFile, - KeyFile: config.KeyFile, - NodeName: config.NodeName, - ServerName: config.ServerName} - + tlsConf := config.tlsConfig() tlsConfig, err := tlsConf.OutgoingTLSConfig() if err != nil { return nil, err