Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[admin] Use OTEL helper instead of tlscfg #6319

Merged
merged 10 commits into from
Dec 12, 2024
Merged

[admin] Use OTEL helper instead of tlscfg #6319

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
debb781
otel helper
chahatsagarmain Dec 6, 2024
ab9bfe7
using server config
chahatsagarmain Dec 7, 2024
3c86027
Merge branch 'main' into internal-tlscfg
yurishkuro Dec 11, 2024
cb1fe90
use otel helpers
chahatsagarmain Dec 11, 2024
b654e54
reviewed changes
chahatsagarmain Dec 12, 2024
d44e04a
remove pointer
chahatsagarmain Dec 12, 2024
0f0d231
Apply suggestions from code review
yurishkuro Dec 12, 2024
4569ab2
cleanup
yurishkuro Dec 12, 2024
8720eb8
cleanup
yurishkuro Dec 12, 2024
a8af5d7
fix
yurishkuro Dec 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 28 additions & 28 deletions cmd/internal/flags/admin.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,17 +5,16 @@

import (
"context"
"crypto/tls"
"errors"
"flag"
"fmt"
"io"
"net"
"net/http"
"net/http/pprof"
"time"

"github.com/spf13/viper"
"go.opentelemetry.io/collector/config/confighttp"
"go.uber.org/zap"
"go.uber.org/zap/zapcore"

Expand All @@ -35,22 +34,22 @@

// AdminServer runs an HTTP server with admin endpoints, such as healthcheck at /, /metrics, etc.
type AdminServer struct {
logger *zap.Logger
adminHostPort string
hc *healthcheck.HealthCheck
mux *http.ServeMux
server *http.Server
tlsCfg *tls.Config
tlsCertWatcherCloser io.Closer
logger *zap.Logger
hc *healthcheck.HealthCheck
mux *http.ServeMux
server *http.Server
serverCfg *confighttp.ServerConfig
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved
}

// NewAdminServer creates a new admin server.
func NewAdminServer(hostPort string) *AdminServer {
return &AdminServer{
adminHostPort: hostPort,
logger: zap.NewNop(),
hc: healthcheck.New(),
mux: http.NewServeMux(),
logger: zap.NewNop(),
hc: healthcheck.New(),
mux: http.NewServeMux(),
serverCfg: &confighttp.ServerConfig{
Endpoint: hostPort,
},
}
}

Expand All @@ -67,29 +66,26 @@

// AddFlags registers CLI flags.
func (s *AdminServer) AddFlags(flagSet *flag.FlagSet) {
flagSet.String(adminHTTPHostPort, s.adminHostPort, fmt.Sprintf("The host:port (e.g. 127.0.0.1%s or %s) for the admin server, including health check, /metrics, etc.", s.adminHostPort, s.adminHostPort))
flagSet.String(adminHTTPHostPort, s.serverCfg.Endpoint, fmt.Sprintf("The host:port (e.g. 127.0.0.1%s or %s) for the admin server, including health check, /metrics, etc.", s.serverCfg.Endpoint, s.serverCfg.Endpoint))
tlsAdminHTTPFlagsConfig.AddFlags(flagSet)
}

// InitFromViper initializes the server with properties retrieved from Viper.
func (s *AdminServer) initFromViper(v *viper.Viper, logger *zap.Logger) error {
s.setLogger(logger)

s.adminHostPort = v.GetString(adminHTTPHostPort)
var tlsAdminHTTP tlscfg.Options
s.serverCfg.Endpoint = v.GetString(adminHTTPHostPort)
tlsAdminHTTP, err := tlsAdminHTTPFlagsConfig.InitFromViper(v)
tlsAdminHTTPConfig := tlsAdminHTTP.ToOtelServerConfig()
if err != nil {
return fmt.Errorf("failed to parse admin server TLS options: %w", err)
}
chahatsagarmain marked this conversation as resolved.
Show resolved Hide resolved
if tlsAdminHTTP.Enabled {
tlsCfg, err := tlsAdminHTTP.Config(s.logger) // This checks if the certificates are correctly provided
if tlsAdminHTTPConfig != nil {
s.serverCfg.TLSSetting = tlsAdminHTTPConfig
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved
_, err = s.serverCfg.TLSSetting.LoadTLSConfig(context.Background())
if err != nil {
return err
}
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved
s.tlsCfg = tlsCfg
s.tlsCertWatcherCloser = &tlsAdminHTTP
} else {
s.tlsCertWatcherCloser = io.NopCloser(nil)
}
return nil
}
Expand All @@ -101,7 +97,7 @@

// Serve starts HTTP server.
func (s *AdminServer) Serve() error {
l, err := net.Listen("tcp", s.adminHostPort)
l, err := net.Listen("tcp", s.serverCfg.Endpoint)
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved
if err != nil {
s.logger.Error("Admin server failed to listen", zap.Error(err))
return err
Expand All @@ -127,13 +123,18 @@
ErrorLog: errorLog,
ReadHeaderTimeout: 2 * time.Second,
}
if s.tlsCfg != nil {
s.server.TLSConfig = s.tlsCfg
if s.serverCfg.TLSSetting != nil {
tlsConfig, err := s.serverCfg.TLSSetting.LoadTLSConfig(context.Background())
if err != nil {
s.logger.Error("failed to load tls config", zap.Error(err))
s.hc.Set(healthcheck.Broken)
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved
}

Check warning on line 131 in cmd/internal/flags/admin.go

View check run for this annotation

Codecov / codecov/patch

cmd/internal/flags/admin.go#L129-L131 

Added lines #L129 - L131 were not covered by tests
s.server.TLSConfig = tlsConfig
}
s.logger.Info("Starting admin HTTP server", zap.String("http-addr", s.adminHostPort))
s.logger.Info("Starting admin HTTP server", zap.String("http-addr", s.serverCfg.Endpoint))
go func() {
var err error
if s.tlsCfg != nil {
if s.serverCfg.TLSSetting != nil {
err = s.server.ServeTLS(l, "", "")
} else {
err = s.server.Serve(l)
Expand All @@ -160,7 +161,6 @@
// Close stops the HTTP server
func (s *AdminServer) Close() error {
return errors.Join(
s.tlsCertWatcherCloser.Close(),
s.server.Shutdown(context.Background()),
)
}
4 changes: 2 additions & 2 deletions cmd/internal/flags/admin_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
package flags

import (
"context"
"crypto/tls"
"fmt"
"net"
Expand Down Expand Up @@ -133,9 +134,8 @@ func TestAdminServerTLS(t *testing.T) {
adminServer.Serve()
defer adminServer.Close()

clientTLSCfg, err0 := test.clientTLS.Config(zap.NewNop())
clientTLSCfg, err0 := test.clientTLS.ToOtelClientConfig().LoadTLSConfig(context.Background())
require.NoError(t, err0)
defer test.clientTLS.Close()
dialer := &net.Dialer{Timeout: 2 * time.Second}
conn, clientError := tls.DialWithDialer(dialer, "tcp", fmt.Sprintf("localhost:%d", ports.CollectorAdminHTTP), clientTLSCfg)
require.NoError(t, clientError)
Expand Down
Loading