Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[admin] Use OTEL helper instead of tlscfg #6319

Merged
merged 10 commits into from
Dec 12, 2024
+53 −58
Merged

[admin] Use OTEL helper instead of tlscfg #6319

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
debb781
otel helper
chahatsagarmain Dec 6, 2024
ab9bfe7
using server config
chahatsagarmain Dec 7, 2024
3c86027
Merge branch 'main' into internal-tlscfg
yurishkuro Dec 11, 2024
cb1fe90
use otel helpers
chahatsagarmain Dec 11, 2024
b654e54
reviewed changes
chahatsagarmain Dec 12, 2024
d44e04a
remove pointer
chahatsagarmain Dec 12, 2024
0f0d231
Apply suggestions from code review
yurishkuro Dec 12, 2024
4569ab2
cleanup
yurishkuro Dec 12, 2024
8720eb8
cleanup
yurishkuro Dec 12, 2024
a8af5d7
fix
yurishkuro Dec 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
81 changes: 41 additions & 40 deletions cmd/internal/flags/admin.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,23 +5,22 @@ package flags

import (
"context"
"crypto/tls"
"errors"
"flag"
"fmt"
"io"
"net"
"net/http"
"net/http/pprof"
"time"

"github.com/spf13/viper"
"go.opentelemetry.io/collector/config/confighttp"
"go.uber.org/zap"
"go.uber.org/zap/zapcore"

"github.com/jaegertracing/jaeger/pkg/config/tlscfg"
"github.com/jaegertracing/jaeger/pkg/healthcheck"
"github.com/jaegertracing/jaeger/pkg/recoveryhandler"
"github.com/jaegertracing/jaeger/pkg/telemetry"
"github.com/jaegertracing/jaeger/pkg/version"
)

Expand All @@ -35,22 +34,22 @@ var tlsAdminHTTPFlagsConfig = tlscfg.ServerFlagsConfig{

// AdminServer runs an HTTP server with admin endpoints, such as healthcheck at /, /metrics, etc.
type AdminServer struct {
logger *zap.Logger
adminHostPort string
hc *healthcheck.HealthCheck
mux *http.ServeMux
server *http.Server
tlsCfg *tls.Config
tlsCertWatcherCloser io.Closer
logger *zap.Logger
hc *healthcheck.HealthCheck
mux *http.ServeMux
server *http.Server
serverCfg *confighttp.ServerConfig
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved
}

// NewAdminServer creates a new admin server.
func NewAdminServer(hostPort string) *AdminServer {
return &AdminServer{
adminHostPort: hostPort,
logger: zap.NewNop(),
hc: healthcheck.New(),
mux: http.NewServeMux(),
logger: zap.NewNop(),
hc: healthcheck.New(),
mux: http.NewServeMux(),
serverCfg: &confighttp.ServerConfig{
Endpoint: hostPort,
},
}
}

Expand All @@ -67,29 +66,26 @@ func (s *AdminServer) setLogger(logger *zap.Logger) {

// AddFlags registers CLI flags.
func (s *AdminServer) AddFlags(flagSet *flag.FlagSet) {
flagSet.String(adminHTTPHostPort, s.adminHostPort, fmt.Sprintf("The host:port (e.g. 127.0.0.1%s or %s) for the admin server, including health check, /metrics, etc.", s.adminHostPort, s.adminHostPort))
flagSet.String(adminHTTPHostPort, s.serverCfg.Endpoint, fmt.Sprintf("The host:port (e.g. 127.0.0.1%s or %s) for the admin server, including health check, /metrics, etc.", s.serverCfg.Endpoint, s.serverCfg.Endpoint))
tlsAdminHTTPFlagsConfig.AddFlags(flagSet)
}

// InitFromViper initializes the server with properties retrieved from Viper.
func (s *AdminServer) initFromViper(v *viper.Viper, logger *zap.Logger) error {
s.setLogger(logger)

s.adminHostPort = v.GetString(adminHTTPHostPort)
var tlsAdminHTTP tlscfg.Options
s.serverCfg.Endpoint = v.GetString(adminHTTPHostPort)
tlsAdminHTTP, err := tlsAdminHTTPFlagsConfig.InitFromViper(v)
tlsAdminHTTPConfig := tlsAdminHTTP.ToOtelServerConfig()
if err != nil {
return fmt.Errorf("failed to parse admin server TLS options: %w", err)
}
chahatsagarmain marked this conversation as resolved.
Show resolved Hide resolved
if tlsAdminHTTP.Enabled {
tlsCfg, err := tlsAdminHTTP.Config(s.logger) // This checks if the certificates are correctly provided
if tlsAdminHTTPConfig != nil {
s.serverCfg.TLSSetting = tlsAdminHTTPConfig
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved
_, err = s.serverCfg.TLSSetting.LoadTLSConfig(context.Background())
if err != nil {
return err
}
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved
s.tlsCfg = tlsCfg
s.tlsCertWatcherCloser = &tlsAdminHTTP
} else {
s.tlsCertWatcherCloser = io.NopCloser(nil)
}
return nil
}
Expand All @@ -101,12 +97,14 @@ func (s *AdminServer) Handle(path string, handler http.Handler) {

// Serve starts HTTP server.
func (s *AdminServer) Serve() error {
l, err := net.Listen("tcp", s.adminHostPort)
l, err := s.serverCfg.ToListener(context.Background())
if err != nil {
s.logger.Error("Admin server failed to listen", zap.Error(err))
return err
}
s.serveWithListener(l)
if err = s.serveWithListener(l); err != nil {
return err
}
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved

s.logger.Info(
"Admin server started",
Expand All @@ -115,34 +113,38 @@ func (s *AdminServer) Serve() error {
return nil
}

func (s *AdminServer) serveWithListener(l net.Listener) {
func (s *AdminServer) serveWithListener(l net.Listener) (err error) {
s.logger.Info("Mounting health check on admin server", zap.String("route", "/"))
s.mux.Handle("/", s.hc.Handler())
version.RegisterHandler(s.mux, s.logger)
s.registerPprofHandlers()
recoveryHandler := recoveryhandler.NewRecoveryHandler(s.logger, true)
errorLog, _ := zap.NewStdLogAt(s.logger, zapcore.ErrorLevel)
s.server = &http.Server{
Handler: recoveryHandler(s.mux),
ErrorLog: errorLog,
ReadHeaderTimeout: 2 * time.Second,
s.server, err = s.serverCfg.ToServer(context.Background(), nil, telemetry.NoopSettings().ToOtelComponent(),
recoveryHandler(s.mux))
if err != nil {
return err
}
if s.tlsCfg != nil {
s.server.TLSConfig = s.tlsCfg
s.server.ErrorLog = errorLog

if s.serverCfg.TLSSetting != nil {
tlsConfig, err := s.serverCfg.TLSSetting.LoadTLSConfig(context.Background())
if err != nil {
s.logger.Error("failed to load tls config", zap.Error(err))
s.hc.Set(healthcheck.Broken)
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved
}
s.server.TLSConfig = tlsConfig
}
s.logger.Info("Starting admin HTTP server", zap.String("http-addr", s.adminHostPort))
s.logger.Info("Starting admin HTTP server", zap.String("http-addr", s.serverCfg.Endpoint))
go func() {
var err error
if s.tlsCfg != nil {
err = s.server.ServeTLS(l, "", "")
} else {
err = s.server.Serve(l)
}
err := s.server.Serve(l)
yurishkuro marked this conversation as resolved.
Show resolved Hide resolved
if err != nil && !errors.Is(err, http.ErrServerClosed) {
s.logger.Error("failed to serve", zap.Error(err))
s.hc.Set(healthcheck.Broken)
}
}()

return nil
}

func (s *AdminServer) registerPprofHandlers() {
Expand All @@ -160,7 +162,6 @@ func (s *AdminServer) registerPprofHandlers() {
// Close stops the HTTP server
func (s *AdminServer) Close() error {
return errors.Join(
s.tlsCertWatcherCloser.Close(),
s.server.Shutdown(context.Background()),
)
}
4 changes: 2 additions & 2 deletions cmd/internal/flags/admin_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
package flags

import (
"context"
"crypto/tls"
"fmt"
"net"
Expand Down Expand Up @@ -133,9 +134,8 @@ func TestAdminServerTLS(t *testing.T) {
adminServer.Serve()
defer adminServer.Close()

clientTLSCfg, err0 := test.clientTLS.Config(zap.NewNop())
clientTLSCfg, err0 := test.clientTLS.ToOtelClientConfig().LoadTLSConfig(context.Background())
require.NoError(t, err0)
defer test.clientTLS.Close()
dialer := &net.Dialer{Timeout: 2 * time.Second}
conn, clientError := tls.DialWithDialer(dialer, "tcp", fmt.Sprintf("localhost:%d", ports.CollectorAdminHTTP), clientTLSCfg)
require.NoError(t, clientError)
Expand Down
Loading