From 7e2e3f30e5e98159cdc30b4a0c920e37152d9200 Mon Sep 17 00:00:00 2001 From: Tom Wieczorek Date: Wed, 8 Jan 2025 15:58:01 +0100 Subject: [PATCH 1/2] Dissolve the API command's command struct Have a more functional apporach of assembling the HTTP handlers. Signed-off-by: Tom Wieczorek --- cmd/api/api.go | 62 ++++++++++++++++++++++++++------------------------ 1 file changed, 32 insertions(+), 30 deletions(-) diff --git a/cmd/api/api.go b/cmd/api/api.go index ec729d01dc72..5d7475479128 100644 --- a/cmd/api/api.go +++ b/cmd/api/api.go @@ -41,7 +41,7 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/client-go/kubernetes" + clientcorev1 "k8s.io/client-go/kubernetes/typed/core/v1" tokenutil "k8s.io/cluster-bootstrap/token/util" bootstraptokenv1 "k8s.io/kubernetes/cmd/kubeadm/app/apis/bootstraptoken/v1" @@ -49,11 +49,6 @@ import ( "github.com/spf13/cobra" ) -type command struct { - *config.CLIOptions - client kubernetes.Interface -} - func NewAPICmd() *cobra.Command { cmd := &cobra.Command{ Use: "api", @@ -69,7 +64,13 @@ func NewAPICmd() *cobra.Command { if err != nil { return err } - return (&command{CLIOptions: opts}).start() + + run, err := buildServer(opts.K0sVars) + if err != nil { + return err + } + + return run() }, } @@ -78,18 +79,19 @@ func NewAPICmd() *cobra.Command { return cmd } -func (c *command) start() (err error) { +func buildServer(k0sVars *config.CfgVars) (func() error, error) { // Single kube client for whole lifetime of the API - c.client, err = kubeutil.NewClientFromFile(c.K0sVars.AdminKubeConfigPath) + client, err := kubeutil.NewClientFromFile(k0sVars.AdminKubeConfigPath) if err != nil { - return err + return nil, err } + secrets := client.CoreV1().Secrets("kube-system") prefix := "/v1beta1" mux := http.NewServeMux() - nodeConfig, err := c.K0sVars.NodeConfig() + nodeConfig, err := k0sVars.NodeConfig() if err != nil { - return err + return nil, err } storage := nodeConfig.Spec.Storage @@ -97,12 +99,12 @@ func (c *command) start() (err error) { // Only mount the etcd handler if we're running on internal etcd storage // by default the mux will return 404 back which the caller should handle mux.Handle(prefix+"/etcd/members", mw.AllowMethods(http.MethodPost)( - c.authMiddleware(c.etcdHandler(), "controller-join"))) + authMiddleware(etcdHandler(k0sVars.CertRootDir, k0sVars.EtcdCertDir), secrets, "controller-join"))) } if storage.IsJoinable() { mux.Handle(prefix+"/ca", mw.AllowMethods(http.MethodGet)( - c.authMiddleware(c.caHandler(), "controller-join"))) + authMiddleware(caHandler(k0sVars.CertRootDir), secrets, "controller-join"))) } srv := &http.Server{ @@ -116,13 +118,13 @@ func (c *command) start() (err error) { ReadTimeout: 15 * time.Second, } - return srv.ListenAndServeTLS( - filepath.Join(c.K0sVars.CertRootDir, "k0s-api.crt"), - filepath.Join(c.K0sVars.CertRootDir, "k0s-api.key"), - ) + cert := filepath.Join(k0sVars.CertRootDir, "k0s-api.crt") + key := filepath.Join(k0sVars.CertRootDir, "k0s-api.key") + + return func() error { return srv.ListenAndServeTLS(cert, key) }, nil } -func (c *command) etcdHandler() http.Handler { +func etcdHandler(certRootDir, etcdCertDir string) http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { ctx := req.Context() var etcdReq v1beta1.EtcdRequest @@ -138,7 +140,7 @@ func (c *command) etcdHandler() http.Handler { return } - etcdClient, err := etcd.NewClient(c.K0sVars.CertRootDir, c.K0sVars.EtcdCertDir, nil) + etcdClient, err := etcd.NewClient(certRootDir, etcdCertDir, nil) if err != nil { sendError(err, resp) return @@ -154,7 +156,7 @@ func (c *command) etcdHandler() http.Handler { InitialCluster: memberList, } - etcdCaCertPath, etcdCaCertKey := filepath.Join(c.K0sVars.EtcdCertDir, "ca.crt"), filepath.Join(c.K0sVars.EtcdCertDir, "ca.key") + etcdCaCertPath, etcdCaCertKey := filepath.Join(etcdCertDir, "ca.crt"), filepath.Join(etcdCertDir, "ca.key") etcdCACert, err := os.ReadFile(etcdCaCertPath) if err != nil { sendError(err, resp) @@ -178,30 +180,30 @@ func (c *command) etcdHandler() http.Handler { }) } -func (c *command) caHandler() http.Handler { +func caHandler(certRootDir string) http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { caResp := v1beta1.CaResponse{} - key, err := os.ReadFile(path.Join(c.K0sVars.CertRootDir, "ca.key")) + key, err := os.ReadFile(path.Join(certRootDir, "ca.key")) if err != nil { sendError(err, resp) return } caResp.Key = key - crt, err := os.ReadFile(path.Join(c.K0sVars.CertRootDir, "ca.crt")) + crt, err := os.ReadFile(path.Join(certRootDir, "ca.crt")) if err != nil { sendError(err, resp) return } caResp.Cert = crt - saKey, err := os.ReadFile(path.Join(c.K0sVars.CertRootDir, "sa.key")) + saKey, err := os.ReadFile(path.Join(certRootDir, "sa.key")) if err != nil { sendError(err, resp) return } caResp.SAKey = saKey - saPub, err := os.ReadFile(path.Join(c.K0sVars.CertRootDir, "sa.pub")) + saPub, err := os.ReadFile(path.Join(certRootDir, "sa.pub")) if err != nil { sendError(err, resp) return @@ -223,14 +225,14 @@ func (c *command) caHandler() http.Handler { // We need to validate: // - that we find a secret with the ID // - that the token matches whats inside the secret -func (c *command) isValidToken(ctx context.Context, rawTokenString string, usage string) bool { +func isValidToken(ctx context.Context, secrets clientcorev1.SecretInterface, rawTokenString, usage string) bool { tokenString, err := bootstraptokenv1.NewBootstrapTokenString(rawTokenString) if err != nil { return false } secretName := tokenutil.BootstrapTokenSecretName(tokenString.ID) - secret, err := c.client.CoreV1().Secrets("kube-system").Get(ctx, secretName, metav1.GetOptions{}) + secret, err := secrets.Get(ctx, secretName, metav1.GetOptions{}) if err != nil { if !apierrors.IsNotFound(err) { logrus.WithError(err).Error("Failed to get bootstrap token with ID ", tokenString.ID) @@ -262,12 +264,12 @@ func (c *command) isValidToken(ctx context.Context, rawTokenString string, usage } } -func (c *command) authMiddleware(next http.Handler, usage string) http.Handler { +func authMiddleware(next http.Handler, secrets clientcorev1.SecretInterface, usage string) http.Handler { unauthorizedErr := errors.New("go away") return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { token, ok := strings.CutPrefix(r.Header.Get("Authorization"), "Bearer ") - if ok && c.isValidToken(r.Context(), token, usage) { + if ok && isValidToken(r.Context(), secrets, token, usage) { next.ServeHTTP(w, r) } else { sendError(unauthorizedErr, w, http.StatusUnauthorized) From b17f100f5d718fc79231d19a20e6a26286ae79ec Mon Sep 17 00:00:00 2001 From: Tom Wieczorek Date: Thu, 9 Jan 2025 08:33:52 +0100 Subject: [PATCH 2/2] Let API subcommand accept the runtime config via stdin The API subcommand is not designed to run as a standalone process. Rather, it's intended to be executed under the supervision of a k0s controller. Therefore, the usual way of loading the configuration is inappropriate. Instead, have this subcommand accept the runtime configuration via stdin. This will prevent a false fallback to a generated default configuration, as well as loading the configuration from a possibly existing default configuration file that has nothing to do with the one used by the supervising process. Signed-off-by: Tom Wieczorek --- cmd/api/api.go | 45 +++++++++++++++------- cmd/controller/controller.go | 7 +--- pkg/component/controller/k0scontrolapi.go | 23 ++++++++---- pkg/config/runtime.go | 46 ++++++++++++++--------- pkg/config/runtime_test.go | 7 ++-- pkg/supervisor/supervisor.go | 5 +++ 6 files changed, 86 insertions(+), 47 deletions(-) diff --git a/cmd/api/api.go b/cmd/api/api.go index 5d7475479128..c2391a8aec84 100644 --- a/cmd/api/api.go +++ b/cmd/api/api.go @@ -23,6 +23,7 @@ import ( "encoding/json" "errors" "fmt" + "io" "net/http" "os" "path" @@ -47,26 +48,27 @@ import ( "github.com/sirupsen/logrus" "github.com/spf13/cobra" + "github.com/spf13/pflag" ) func NewAPICmd() *cobra.Command { cmd := &cobra.Command{ Use: "api", Short: "Run the controller API", - Args: cobra.NoArgs, + Long: `Run the controller API. +Reads the runtime configuration from standard input.`, + Args: cobra.NoArgs, PersistentPreRunE: func(cmd *cobra.Command, args []string) error { logrus.SetOutput(cmd.OutOrStdout()) internallog.SetInfoLevel() return config.CallParentPersistentPreRun(cmd, args) }, RunE: func(cmd *cobra.Command, _ []string) error { - opts, err := config.GetCmdOpts(cmd) - if err != nil { - return err - } + var run func() error - run, err := buildServer(opts.K0sVars) - if err != nil { + if runtimeConfig, err := loadRuntimeConfig(cmd.InOrStdin()); err != nil { + return err + } else if run, err = buildServer(runtimeConfig.Spec.K0sVars, runtimeConfig.Spec.NodeConfig); err != nil { return err } @@ -74,12 +76,33 @@ func NewAPICmd() *cobra.Command { }, } - cmd.Flags().AddFlagSet(config.GetPersistentFlagSet()) + flags := cmd.Flags() + config.GetPersistentFlagSet().VisitAll(func(f *pflag.Flag) { + switch f.Name { + case "debug", "debugListenOn", "verbose": + flags.AddFlag(f) + } + }) return cmd } -func buildServer(k0sVars *config.CfgVars) (func() error, error) { +func loadRuntimeConfig(stdin io.Reader) (*config.RuntimeConfig, error) { + logrus.Info("Reading runtime configuration from standard input ...") + bytes, err := io.ReadAll(stdin) + if err != nil { + return nil, fmt.Errorf("failed to read from standard input: %w", err) + } + + runtimeConfig, err := config.ParseRuntimeConfig(bytes) + if err != nil { + return nil, fmt.Errorf("failed to load runtime configuration: %w", err) + } + + return runtimeConfig, nil +} + +func buildServer(k0sVars *config.CfgVars, nodeConfig *v1beta1.ClusterConfig) (func() error, error) { // Single kube client for whole lifetime of the API client, err := kubeutil.NewClientFromFile(k0sVars.AdminKubeConfigPath) if err != nil { @@ -89,10 +112,6 @@ func buildServer(k0sVars *config.CfgVars) (func() error, error) { prefix := "/v1beta1" mux := http.NewServeMux() - nodeConfig, err := k0sVars.NodeConfig() - if err != nil { - return nil, err - } storage := nodeConfig.Spec.Storage if storage.Type == v1beta1.EtcdStorageType && !storage.Etcd.IsExternalClusterUsed() { diff --git a/cmd/controller/controller.go b/cmd/controller/controller.go index 9036d803c085..125f26ffce46 100644 --- a/cmd/controller/controller.go +++ b/cmd/controller/controller.go @@ -165,7 +165,7 @@ func (c *command) start(ctx context.Context) error { return fmt.Errorf("failed to initialize runtime config: %w", err) } defer func() { - if err := rtc.Cleanup(); err != nil { + if err := rtc.Spec.Cleanup(); err != nil { logrus.WithError(err).Warn("Failed to cleanup runtime config") } }() @@ -329,10 +329,7 @@ func (c *command) start(ctx context.Context) error { } if !c.SingleNode && !slices.Contains(c.DisableComponents, constant.ControlAPIComponentName) { - nodeComponents.Add(ctx, &controller.K0SControlAPI{ - ConfigPath: c.CfgFile, - K0sVars: c.K0sVars, - }) + nodeComponents.Add(ctx, &controller.K0SControlAPI{RuntimeConfig: rtc}) } if !slices.Contains(c.DisableComponents, constant.CsrApproverComponentName) { diff --git a/pkg/component/controller/k0scontrolapi.go b/pkg/component/controller/k0scontrolapi.go index 64da68b51e76..b15109e999c1 100644 --- a/pkg/component/controller/k0scontrolapi.go +++ b/pkg/component/controller/k0scontrolapi.go @@ -17,18 +17,21 @@ limitations under the License. package controller import ( + "bytes" "context" + "io" "os" "github.com/k0sproject/k0s/pkg/component/manager" "github.com/k0sproject/k0s/pkg/config" "github.com/k0sproject/k0s/pkg/supervisor" + "sigs.k8s.io/yaml" ) // K0SControlAPI implements the k0s control API component type K0SControlAPI struct { - ConfigPath string - K0sVars *config.CfgVars + RuntimeConfig *config.RuntimeConfig + supervisor supervisor.Supervisor } @@ -48,15 +51,19 @@ func (m *K0SControlAPI) Start(_ context.Context) error { if err != nil { return err } + + runtimeConfig, err := yaml.Marshal(m.RuntimeConfig) + if err != nil { + return err + } + m.supervisor = supervisor.Supervisor{ Name: "k0s-control-api", BinPath: selfExe, - RunDir: m.K0sVars.RunDir, - DataDir: m.K0sVars.DataDir, - Args: []string{ - "api", - "--data-dir=" + m.K0sVars.DataDir, - }, + RunDir: m.RuntimeConfig.Spec.K0sVars.RunDir, + DataDir: m.RuntimeConfig.Spec.K0sVars.DataDir, + Args: []string{"api"}, + Stdin: func() io.Reader { return bytes.NewReader(runtimeConfig) }, } return m.supervisor.Supervise() diff --git a/pkg/config/runtime.go b/pkg/config/runtime.go index a94c67f8869f..69adbd88123e 100644 --- a/pkg/config/runtime.go +++ b/pkg/config/runtime.go @@ -39,7 +39,7 @@ const ( var ( ErrK0sNotRunning = errors.New("k0s is not running") ErrK0sAlreadyRunning = errors.New("an instance of k0s is already running") - ErrInvalidRuntimeConfig = errors.New("invalid runtime config") + ErrInvalidRuntimeConfig = errors.New("invalid runtime configuration") ) // Runtime config is a static copy of the start up config and CfgVars that is used by @@ -65,23 +65,11 @@ func LoadRuntimeConfig(path string) (*RuntimeConfigSpec, error) { return nil, err } - config := &RuntimeConfig{} - if err := yaml.Unmarshal(content, config); err != nil { - return nil, err - } - - if config.APIVersion != v1beta1.ClusterConfigAPIVersion { - return nil, fmt.Errorf("%w: invalid api version: %s", ErrInvalidRuntimeConfig, config.APIVersion) - } - - if config.Kind != RuntimeConfigKind { - return nil, fmt.Errorf("%w: invalid kind: %s", ErrInvalidRuntimeConfig, config.Kind) + config, err := ParseRuntimeConfig(content) + if err != nil { + return nil, fmt.Errorf("failed to parse runtime configuration: %w", err) } - spec := config.Spec - if spec == nil { - return nil, fmt.Errorf("%w: spec is nil", ErrInvalidRuntimeConfig) - } // If a pid is defined but there's no process found, the instance of k0s is // expected to have died, in which case the existing config is removed and @@ -97,7 +85,29 @@ func LoadRuntimeConfig(path string) (*RuntimeConfigSpec, error) { return spec, nil } -func NewRuntimeConfig(k0sVars *CfgVars) (*RuntimeConfigSpec, error) { +func ParseRuntimeConfig(content []byte) (*RuntimeConfig, error) { + var config RuntimeConfig + + if err := yaml.Unmarshal(content, &config); err != nil { + return nil, err + } + + if config.APIVersion != v1beta1.ClusterConfigAPIVersion { + return nil, fmt.Errorf("%w: invalid api version: %q", ErrInvalidRuntimeConfig, config.APIVersion) + } + + if config.Kind != RuntimeConfigKind { + return nil, fmt.Errorf("%w: invalid kind: %q", ErrInvalidRuntimeConfig, config.Kind) + } + + if config.Spec == nil { + return nil, fmt.Errorf("%w: spec is nil", ErrInvalidRuntimeConfig) + } + + return &config, nil +} + +func NewRuntimeConfig(k0sVars *CfgVars) (*RuntimeConfig, error) { if _, err := LoadRuntimeConfig(k0sVars.RuntimeConfigPath); err == nil { return nil, ErrK0sAlreadyRunning } @@ -135,7 +145,7 @@ func NewRuntimeConfig(k0sVars *CfgVars) (*RuntimeConfigSpec, error) { return nil, fmt.Errorf("failed to write runtime config: %w", err) } - return cfg.Spec, nil + return cfg, nil } func (r *RuntimeConfigSpec) Cleanup() error { diff --git a/pkg/config/runtime_test.go b/pkg/config/runtime_test.go index 390a534d6eb1..8499a634cfa2 100644 --- a/pkg/config/runtime_test.go +++ b/pkg/config/runtime_test.go @@ -70,15 +70,16 @@ func TestNewRuntimeConfig(t *testing.T) { } // create a new runtime config and check if it's valid - spec, err := NewRuntimeConfig(k0sVars) + cfg, err := NewRuntimeConfig(k0sVars) + spec := cfg.Spec assert.NoError(t, err) assert.NotNil(t, spec) assert.Same(t, k0sVars, spec.K0sVars) assert.Equal(t, os.Getpid(), spec.Pid) assert.NotNil(t, spec.NodeConfig) - cfg, err := spec.K0sVars.NodeConfig() + nodeConfig, err := spec.K0sVars.NodeConfig() assert.NoError(t, err) - assert.Equal(t, "10.0.0.1", cfg.Spec.API.Address) + assert.Equal(t, "10.0.0.1", nodeConfig.Spec.API.Address) assert.FileExists(t, rtConfigPath) // try to create a new runtime config when one is already active and check if it returns an error diff --git a/pkg/supervisor/supervisor.go b/pkg/supervisor/supervisor.go index 1594ba9551e4..e878fbfdaa89 100644 --- a/pkg/supervisor/supervisor.go +++ b/pkg/supervisor/supervisor.go @@ -20,6 +20,7 @@ import ( "context" "errors" "fmt" + "io" "os" "os/exec" "path" @@ -44,6 +45,7 @@ type Supervisor struct { BinPath string RunDir string DataDir string + Stdin func() io.Reader Args []string PidFile string UID int @@ -174,6 +176,9 @@ func (s *Supervisor) Supervise() error { s.cmd = exec.Command(s.BinPath, s.Args...) s.cmd.Dir = s.DataDir s.cmd.Env = getEnv(s.DataDir, s.Name, s.KeepEnvPrefix) + if s.Stdin != nil { + s.cmd.Stdin = s.Stdin() + } // detach from the process group so children don't // get signals sent directly to parent.