status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-02-16 15:47:21 +00:00
Code Issues Projects Releases Wiki Activity

agent/config: move ports to ports structure, update docs

Browse Source
This commit is contained in:
Mitchell Hashimoto 2018-06-06 13:35:44 -07:00 committed by Jack Pearkes
parent ecfda7cda5
commit 927b45bf91
6 changed files with 49 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
agent/agent_endpoint_test.go
View File

@ -3188,10 +3188,10 @@ func TestAgentConnectProxyConfig_ConfigHandling(t *testing.T) {
bind_addr = "0.0.0.0"
connect {
enabled = true
proxy_defaults = {
bind_min_port = 10000
bind_max_port = 10000
}
}
ports {
proxy_min_port = 10000
proxy_max_port = 10000
}
`,
proxy: structs.ServiceDefinitionConnectProxy{},
@ -3210,12 +3210,14 @@ func TestAgentConnectProxyConfig_ConfigHandling(t *testing.T) {
connect {
enabled = true
proxy_defaults = {
bind_min_port = 10000
bind_max_port = 10000
exec_mode = "script"
script_command = ["script.sh"]
}
}
ports {
proxy_min_port = 10000
proxy_max_port = 10000
}
`,
proxy: structs.ServiceDefinitionConnectProxy{},
wantMode: api.ProxyExecModeScript,
@ -3233,12 +3235,14 @@ func TestAgentConnectProxyConfig_ConfigHandling(t *testing.T) {
connect {
enabled = true
proxy_defaults = {
bind_min_port = 10000
bind_max_port = 10000
exec_mode = "daemon"
daemon_command = ["daemon.sh"]
}
}
ports {
proxy_min_port = 10000
proxy_max_port = 10000
}
`,
proxy: structs.ServiceDefinitionConnectProxy{},
wantMode: api.ProxyExecModeDaemon,
@ -3256,13 +3260,15 @@ func TestAgentConnectProxyConfig_ConfigHandling(t *testing.T) {
connect {
enabled = true
proxy_defaults = {
bind_min_port = 10000
bind_max_port = 10000
config = {
connect_timeout_ms = 1000
}
}
}
ports {
proxy_min_port = 10000
proxy_max_port = 10000
}
`,
proxy: structs.ServiceDefinitionConnectProxy{
Config: map[string]interface{}{
@ -3286,8 +3292,6 @@ func TestAgentConnectProxyConfig_ConfigHandling(t *testing.T) {
connect {
enabled = true
proxy_defaults = {
bind_min_port = 10000
bind_max_port = 10000
exec_mode = "daemon"
daemon_command = ["daemon.sh"]
script_command = ["script.sh"]
@ -3296,6 +3300,10 @@ func TestAgentConnectProxyConfig_ConfigHandling(t *testing.T) {
}
}
}
ports {
proxy_min_port = 10000
proxy_max_port = 10000
}
`,
proxy: structs.ServiceDefinitionConnectProxy{
ExecMode: "script",

40
agent/config/builder.go
View File

@ -340,6 +340,12 @@ func (b *Builder) Build() (rt RuntimeConfig, err error) {
serverPort := b.portVal("ports.server", c.Ports.Server)
serfPortLAN := b.portVal("ports.serf_lan", c.Ports.SerfLAN)
serfPortWAN := b.portVal("ports.serf_wan", c.Ports.SerfWAN)
proxyMinPort := b.portVal("ports.proxy_min_port", c.Ports.ProxyMinPort)
proxyMaxPort := b.portVal("ports.proxy_max_port", c.Ports.ProxyMaxPort)
if proxyMaxPort < proxyMinPort {
return RuntimeConfig{}, fmt.Errorf(
"proxy_min_port must be less than proxy_max_port. To disable, set both to zero.")
}
// determine the default bind and advertise address
//
@ -521,7 +527,6 @@ func (b *Builder) Build() (rt RuntimeConfig, err error) {
consulRaftLeaderLeaseTimeout := b.durationVal("consul.raft.leader_lease_timeout", c.Consul.Raft.LeaderLeaseTimeout) * time.Duration(performanceRaftMultiplier)
// Connect proxy defaults.
proxyBindMinPort, proxyBindMaxPort := b.connectProxyPortRange(c.Connect)
var connectEnabled bool
var connectCAProvider string
var connectCAConfig map[string]interface{}
@ -663,8 +668,8 @@ func (b *Builder) Build() (rt RuntimeConfig, err error) {
ConnectEnabled: connectEnabled,
ConnectCAProvider: connectCAProvider,
ConnectCAConfig: connectCAConfig,
ConnectProxyBindMinPort: proxyBindMinPort,
ConnectProxyBindMaxPort: proxyBindMaxPort,
ConnectProxyBindMinPort: proxyMinPort,
ConnectProxyBindMaxPort: proxyMaxPort,
ConnectProxyDefaultExecMode: proxyDefaultExecMode,
ConnectProxyDefaultDaemonCommand: proxyDefaultDaemonCommand,
ConnectProxyDefaultScriptCommand: proxyDefaultScriptCommand,
@ -1068,35 +1073,6 @@ func (b *Builder) serviceConnectVal(v *ServiceConnect) *structs.ServiceConnect {
}
}
func (b *Builder) connectProxyPortRange(v *Connect) (int, int) {
// Choose this default range just because. There are zero "safe" ranges that
// don't have something somewhere that uses them which is why this is
// configurable. We rely on the host not having any of these ports for non
// agent managed proxies. I went with 20k because I know of at least one
// super-common server memcached that defaults to the 10k range.
start := 20000
end := 20256 // 256 proxies on a host is enough for anyone ;)
if v == nil || v.ProxyDefaults == nil {
return start, end
}
min, max := v.ProxyDefaults.BindMinPort, v.ProxyDefaults.BindMaxPort
if min == nil && max == nil {
return start, end
}
// If either was set show a warning if the overall range was invalid
if min == nil || max == nil || *max < *min {
b.warn("Connect proxy_defaults bind_min_port and bind_max_port must both "+
"be set with max >= min. To disable automatic port allocation set both "+
"to 0. Using default range %d..%d.", start, end)
return start, end
}
return *min, *max
}
func (b *Builder) boolVal(v *bool) bool {
if v == nil {
return false

19
agent/config/config.go
View File

@ -377,11 +377,6 @@ type Connect struct {
// ConnectProxyDefaults is the agent-global connect proxy configuration.
type ConnectProxyDefaults struct {
// BindMinPort, BindMaxPort are the inclusive lower and upper bounds on the
// port range allocated to the agent to assign to connect proxies that have no
// bind_port specified.
BindMinPort *int `json:"bind_min_port,omitempty" hcl:"bind_min_port" mapstructure:"bind_min_port"`
BindMaxPort *int `json:"bind_max_port,omitempty" hcl:"bind_max_port" mapstructure:"bind_max_port"`
// ExecMode is used where a registration doesn't include an exec_mode.
// Defaults to daemon.
ExecMode *string `json:"exec_mode,omitempty" hcl:"exec_mode" mapstructure:"exec_mode"`
@ -445,12 +440,14 @@ type Telemetry struct {
}
type Ports struct {
DNS *int `json:"dns,omitempty" hcl:"dns" mapstructure:"dns"`
HTTP *int `json:"http,omitempty" hcl:"http" mapstructure:"http"`
HTTPS *int `json:"https,omitempty" hcl:"https" mapstructure:"https"`
SerfLAN *int `json:"serf_lan,omitempty" hcl:"serf_lan" mapstructure:"serf_lan"`
SerfWAN *int `json:"serf_wan,omitempty" hcl:"serf_wan" mapstructure:"serf_wan"`
Server *int `json:"server,omitempty" hcl:"server" mapstructure:"server"`
DNS *int `json:"dns,omitempty" hcl:"dns" mapstructure:"dns"`
HTTP *int `json:"http,omitempty" hcl:"http" mapstructure:"http"`
HTTPS *int `json:"https,omitempty" hcl:"https" mapstructure:"https"`
SerfLAN *int `json:"serf_lan,omitempty" hcl:"serf_lan" mapstructure:"serf_lan"`
SerfWAN *int `json:"serf_wan,omitempty" hcl:"serf_wan" mapstructure:"serf_wan"`
Server *int `json:"server,omitempty" hcl:"server" mapstructure:"server"`
ProxyMinPort *int `json:"proxy_min_port,omitempty" hcl:"proxy_min_port" mapstructure:"proxy_min_port"`
ProxyMaxPort *int `json:"proxy_max_port,omitempty" hcl:"proxy_max_port" mapstructure:"proxy_max_port"`
}
type UnixSocket struct {

2
agent/config/default.go
View File

@ -85,6 +85,8 @@ func DefaultSource() Source {
serf_lan = ` + strconv.Itoa(consul.DefaultLANSerfPort) + `
serf_wan = ` + strconv.Itoa(consul.DefaultWANSerfPort) + `
server = ` + strconv.Itoa(consul.DefaultRPCPort) + `
proxy_min_port = 20000
proxy_max_port = 20255
}
telemetry = {
metrics_prefix = "consul"

10
agent/config/runtime_test.go
View File

@ -2455,8 +2455,6 @@ func TestFullConfig(t *testing.T) {
},
"enabled": true,
"proxy_defaults": {
"bind_min_port": 2000,
"bind_max_port": 3000,
"exec_mode": "script",
"daemon_command": ["consul", "connect", "proxy"],
"script_command": ["proxyctl.sh"],
@ -2531,7 +2529,9 @@ func TestFullConfig(t *testing.T) {
"dns": 7001,
"http": 7999,
"https": 15127,
"server": 3757
"server": 3757,
"proxy_min_port": 2000,
"proxy_max_port": 3000
},
"protocol": 30793,
"raft_protocol": 19016,
@ -2917,8 +2917,6 @@ func TestFullConfig(t *testing.T) {
}
enabled = true
proxy_defaults {
bind_min_port = 2000
bind_max_port = 3000
exec_mode = "script"
daemon_command = ["consul", "connect", "proxy"]
script_command = ["proxyctl.sh"]
@ -2996,6 +2994,8 @@ func TestFullConfig(t *testing.T) {
http = 7999,
https = 15127
server = 3757
proxy_min_port = 2000
proxy_max_port = 3000
}
protocol = 30793
raft_protocol = 19016

10
website/source/docs/agent/options.html.md
View File

@ -236,7 +236,7 @@ will exit with an error at startup.
<a href="#retry_join">`retry_join`</a> could be more appropriate to help
mitigate node startup race conditions when automating a Consul cluster
deployment.
In Consul 1.1.0 and later this can be set to a
[go-sockaddr](https://godoc.org/github.com/hashicorp/go-sockaddr/template)
template
@ -293,7 +293,7 @@ will exit with an error at startup.
times to specify multiple WAN agents to join. If Consul is unable to join with
any of the specified addresses, agent startup will fail. By default, the agent
won't [`-join-wan`](#_join_wan) any nodes when it starts up.
In Consul 1.1.0 and later this can be set to a
[go-sockaddr](https://godoc.org/github.com/hashicorp/go-sockaddr/template)
template.
@ -688,7 +688,7 @@ Consul will not enable TLS for the HTTP API unless the `https` port has been ass
0.8 the default was changed to true, to make remote exec opt-in instead of opt-out.
* <a name="disable_update_check"></a><a href="#disable_update_check">`disable_update_check`</a>
Disables automatic checking for security bulletins and new version releases. This is disabled in
Disables automatic checking for security bulletins and new version releases. This is disabled in
Consul Enterprise.
* <a name="discard_check_output"></a><a href="#discard_check_output">`discard_check_output`</a>
@ -760,7 +760,7 @@ Consul will not enable TLS for the HTTP API unless the `https` port has been ass
* <a name="udp_answer_limit"></a><a href="#udp_answer_limit">`udp_answer_limit`</a> - Limit the number of
resource records contained in the answer section of a UDP-based DNS
response. This parameter applies only to UDP DNS queries that are less than 512 bytes. This setting is deprecated
response. This parameter applies only to UDP DNS queries that are less than 512 bytes. This setting is deprecated
and replaced in Consul 1.0.7 by <a href="#a_record_limit">`a_record_limit`</a>.
* <a name="a_record_limit"></a><a href="#a_record_limit">`a_record_limit`</a> - Limit the number of
@ -942,6 +942,8 @@ Consul will not enable TLS for the HTTP API unless the `https` port has been ass
to disable. **Note**: this will disable WAN federation which is not recommended. Various catalog and WAN related
endpoints will return errors or empty results.
* <a name="server_rpc_port"></a><a href="#server_rpc_port">`server`</a> - Server RPC address. Default 8300.
* <a name="proxy_min_port"></a><a href="#proxy_min_port">`proxy_min_port`</a> - Minimum port number to use for automatically assigned [managed Connect proxies](/docs/connect/proxies.html). If Connect is disabled, managed proxies are unused, or ports are always specified, then this value is unused. Defaults to 20000.
* <a name="proxy_max_port"></a><a href="#proxy_max_port">`proxy_max_port`</a> - Maximum port number to use for automatically assigned [managed Connect proxies](/docs/connect/proxies.html). See [`proxy_min_port`](#proxy_mi_port) for more information. Defaults to 20255.
* <a name="protocol"></a><a href="#protocol">`protocol`</a> Equivalent to the
[`-protocol` command-line flag](#_protocol).