ziggi/minilb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

beta contoller implanted

Browse Source
This commit is contained in:
Олег Бородин
2026-04-09 17:50:12 +02:00
parent 29c4e5d674
commit 7bb0698f77
9 changed files with 133 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile.am
View File

@@ -121,8 +121,8 @@ format:
done done
run: run:
test -z $(DESTDIR)$(srv_logdir) || $(MKDIR_P) $(DESTDIR)$(srv_logdir) # test -z $(DESTDIR)$(srv_logdir) || $(MKDIR_P) $(DESTDIR)$(srv_logdir)
test -z $(DESTDIR)$(srv_rundir) || $(MKDIR_P) $(DESTDIR)$(srv_rundir) # test -z $(DESTDIR)$(srv_rundir) || $(MKDIR_P) $(DESTDIR)$(srv_rundir)
env CGO_ENABLED=0 $(GO) run $(GOFLAGS) ./cmd/minilbd/... --asDaemon=false env CGO_ENABLED=0 $(GO) run $(GOFLAGS) ./cmd/minilbd/... --asDaemon=false
BUILD_DIR= $(shell pwd)/TMP.build BUILD_DIR= $(shell pwd)/TMP.build

4
Makefile.in
View File

@@ -908,8 +908,8 @@ format:
done done
run: run:
test -z $(DESTDIR)$(srv_logdir) || $(MKDIR_P) $(DESTDIR)$(srv_logdir) # test -z $(DESTDIR)$(srv_logdir) || $(MKDIR_P) $(DESTDIR)$(srv_logdir)
test -z $(DESTDIR)$(srv_rundir) || $(MKDIR_P) $(DESTDIR)$(srv_rundir) # test -z $(DESTDIR)$(srv_rundir) || $(MKDIR_P) $(DESTDIR)$(srv_rundir)
env CGO_ENABLED=0 $(GO) run $(GOFLAGS) ./cmd/minilbd/... --asDaemon=false env CGO_ENABLED=0 $(GO) run $(GOFLAGS) ./cmd/minilbd/... --asDaemon=false
$(DIST_ARCHIVES): dist $(DIST_ARCHIVES): dist

47
app/config/config.go
View File

@@ -3,6 +3,7 @@ package config
import ( import (
"errors" "errors"
"fmt" "fmt"
"net/netip"
"os" "os"
"path/filepath" "path/filepath"
@@ -29,14 +30,17 @@ type Auth struct {
} }
type Config struct { type Config struct {
Service Service `json:"service" yaml:"service"` Service Service `json:"service" yaml:"service"`
Auths []Auth `json:"auths" yaml:"auths"` Auths []Auth `json:"auths" yaml:"auths"`
Hostname string `json:"hostname" yaml:"hostname"` Hostname string `json:"hostname" yaml:"hostname"`
LogPath string `json:"logfile" yaml:"logfile"` LogPath string `json:"logfile" yaml:"logfile"`
RunPath string `json:"runfile" yaml:"runfile"` RunPath string `json:"runfile" yaml:"runfile"`
AsDaemon bool `json:"asDaemon" yaml:"asDaemon"` AsDaemon bool `json:"asDaemon" yaml:"asDaemon"`
LogLimit int64 `json:"logLimit" yaml:logLimit` LogLimit int64 `json:"logLimit" yaml:"logLimit"`
RunUser string `json:"runUser" yaml:runUser` RunUser string `json:"runUser" yaml:"runUser"`
KubeconfPath string `json:"kubeconfPath" yaml:"kubeconfPath"`
ExtAddress string `json:"extAddress" yaml:"extAddress"`
Kubeconf []byte `json:"-" yaml:"-"`
} }
func NewConfig() (*Config, error) { func NewConfig() (*Config, error) {
@@ -44,9 +48,11 @@ func NewConfig() (*Config, error) {
Service: Service{ Service: Service{
Port: client.DefaultServicePort, Port: client.DefaultServicePort,
}, },
AsDaemon: false, AsDaemon: false,
LogLimit: 1024 * 1024 * 10, // 10 Mb LogLimit: 1024 * 1024 * 10, // 10 Mb
RunUser: "daemon", RunUser: "daemon",
KubeconfPath: "kubeconf.yaml",
ExtAddress: "127.0.0.1",
} }
hostname, err := os.Hostname() hostname, err := os.Hostname()
if err != nil { if err != nil {
@@ -70,20 +76,31 @@ func (conf *Config) Read() error {
if err != nil { if err != nil {
return err return err
} }
if !filepath.IsAbs(conf.KubeconfPath) {
conf.KubeconfPath = filepath.Join(confdirPath, conf.KubeconfPath)
}
kubeconfBytes, err := os.ReadFile(conf.KubeconfPath)
if err != nil {
err = fmt.Errorf("Cannot read kubeconf in path %s: %v", conf.KubeconfPath, err)
return err
}
conf.Kubeconf = kubeconfBytes
return err return err
} }
func (conf *Config) Validate() error { func (conf *Config) Validate() error {
var err []error var errs []error
for i := range conf.Auths { for i := range conf.Auths {
if conf.Auths[i].Username == "" { if conf.Auths[i].Username == "" {
err = append(err, errors.New("Username must be set")) errs = append(errs, errors.New("Username must be set"))
} }
if conf.Auths[i].Password == "" { if conf.Auths[i].Password == "" {
err = append(err, errors.New("Password must be set")) errs = append(errs, errors.New("Password must be set"))
} }
} }
return errors.Join(err...) _, err := netip.ParseAddr(conf.ExtAddress)
errs = append(errs, err)
return errors.Join(errs...)
} }
func (conf *Config) YAML() (string, error) { func (conf *Config) YAML() (string, error) {

10
app/config/variant.go
View File

@@ -1,10 +1,10 @@
package config package config
const ( const (
confdirPath = "/etc/minilb" confdirPath = "/home/ziggi/Projects/minilb/etc/minilb"
rundirPath = "/var/run/minilb" rundirPath = "/home/ziggi/Projects/minilb/tmp/run"
logdirPath = "/var/log/minilb" logdirPath = "/home/ziggi/Projects/minilb/tmp/log"
datadirPath = "/var/lib/minilb" datadirPath = "/home/ziggi/Projects/minilb/tmp/data"
pkgVersion = "0.0.1" pkgVersion = "0.0.1"
runUser = "daemon" runUser = "ziggi"
) )

2
app/control/kubeset.go
View File

@@ -5,7 +5,7 @@ import (
kubeclicmd "k8s.io/client-go/tools/clientcmd" kubeclicmd "k8s.io/client-go/tools/clientcmd"
) )
func makeClientset(kubeconf []byte) (kubeclient.Interface, error) { func MakeClientset(kubeconf []byte) (kubeclient.Interface, error) {
var res kubeclient.Interface var res kubeclient.Interface
var err error var err error
clientConfig, err := kubeclicmd.NewClientConfigFromBytes(kubeconf) clientConfig, err := kubeclicmd.NewClientConfigFromBytes(kubeconf)

29
app/control/svccont.go
View File

@@ -17,6 +17,28 @@ import (
"helmet/app/logger" "helmet/app/logger"
) )
type Proxy interface {
CreateOrUpdateForwarder(ctx context.Context, proto string, lport, dport uint32, addrs ...string) error
DeleteForwarder(ctx context.Context, proto string, lport uint32) error
}
type Dummyproxy struct {
log *logger.Logger
}
func NewDummyproxy() Proxy {
return &Dummyproxy{
log: logger.NewLogger("dummyproxy"),
}
}
func (prox *Dummyproxy) CreateOrUpdateForwarder(ctx context.Context, proto string, lport, dport uint32, addrs ...string) error {
return nil
}
func (prox *Dummyproxy) DeleteForwarder(ctx context.Context, proto string, lport uint32) error {
return nil
}
type Controller struct { type Controller struct {
lbaddr string lbaddr string
clientset k8client.Interface clientset k8client.Interface
@@ -24,11 +46,13 @@ type Controller struct {
ctx context.Context ctx context.Context
cancel context.CancelFunc cancel context.CancelFunc
log *logger.Logger log *logger.Logger
proxy Proxy
} }
func NewController(clientset k8client.Interface, lbaddr string) *Controller { func NewController(proxy Proxy, clientset k8client.Interface, lbaddr string) *Controller {
ctx, cancel := context.WithCancel(context.Background()) ctx, cancel := context.WithCancel(context.Background())
cont := &Controller{ cont := &Controller{
proxy: proxy,
clientset: clientset, clientset: clientset,
ctx: ctx, ctx: ctx,
cancel: cancel, cancel: cancel,
@@ -40,7 +64,7 @@ func NewController(clientset k8client.Interface, lbaddr string) *Controller {
func (cont *Controller) Run() { func (cont *Controller) Run() {
cont.log.Debugf("Start controller") cont.log.Debugf("Start controller")
factory := k8inform.NewSharedInformerFactory(cont.clientset, time.Minute*10) factory := k8inform.NewSharedInformerFactory(cont.clientset, 10*time.Second)
defer factory.Shutdown() defer factory.Shutdown()
serviceInformer := factory.Core().V1().Services().Informer() serviceInformer := factory.Core().V1().Services().Informer()
@@ -57,6 +81,7 @@ func (cont *Controller) Run() {
synced := factory.WaitForCacheSync(ctx.Done()) synced := factory.WaitForCacheSync(ctx.Done())
for _, sync := range synced { for _, sync := range synced {
if !sync { if !sync {
cont.log.Errorf("Cannot sync controller")
return return
} }
} }

3
app/operator/oper.go
View File

@@ -8,6 +8,7 @@ import (
type OperatorConfig struct { type OperatorConfig struct {
Auths []config.Auth Auths []config.Auth
Proxy *rproxy.Proxy
} }
type Operator struct { type Operator struct {
@@ -20,8 +21,8 @@ func NewOperator(conf *OperatorConfig) (*Operator, error) {
var err error var err error
oper := &Operator{ oper := &Operator{
auths: conf.Auths, auths: conf.Auths,
proxy: conf.Proxy,
} }
oper.log = logger.NewLogger("operator") oper.log = logger.NewLogger("operator")
oper.proxy = rproxy.NewProxy()
return oper, err return oper, err
} }

75
app/server/server.go
View File

@@ -14,9 +14,11 @@ import (
"time" "time"
"helmet/app/config" "helmet/app/config"
"helmet/app/control"
"helmet/app/handler" "helmet/app/handler"
"helmet/app/logger" "helmet/app/logger"
"helmet/app/operator" "helmet/app/operator"
"helmet/app/rproxy"
"helmet/app/service" "helmet/app/service"
"helmet/pkg/network" "helmet/pkg/network"
"helmet/pkg/x509crt" "helmet/pkg/x509crt"
@@ -35,6 +37,8 @@ type Server struct {
cancel context.CancelFunc cancel context.CancelFunc
wg sync.WaitGroup wg sync.WaitGroup
listen net.Listener listen net.Listener
cont *control.Controller
proxy *rproxy.Proxy
} }
func NewServer() (*Server, error) { func NewServer() (*Server, error) {
@@ -69,21 +73,39 @@ func (srv *Server) Build() error {
var err error var err error
srv.log.Infof("Build server") srv.log.Infof("Build server")
// Get effective user uid/guid currUser, err := user.Current()
usr, err := user.Lookup(srv.conf.RunUser) if err != nil {
err = fmt.Errorf("Error getting current user: %v\n", err)
return err
}
cuid64, err := strconv.ParseInt(currUser.Uid, 10, 64)
if err != nil { if err != nil {
return err return err
} }
uid64, err := strconv.ParseInt(usr.Uid, 10, 64) cgid64, err := strconv.ParseInt(currUser.Gid, 10, 64)
if err != nil { if err != nil {
return err return err
} }
gid64, err := strconv.ParseInt(usr.Gid, 10, 64) euid := int(cuid64)
if err != nil { egid := int(cgid64)
return err
if cuid64 == 0 {
// Get effective user uid/guid
usr, err := user.Lookup(srv.conf.RunUser)
if err != nil {
return err
}
uid64, err := strconv.ParseInt(usr.Uid, 10, 64)
if err != nil {
return err
}
gid64, err := strconv.ParseInt(usr.Gid, 10, 64)
if err != nil {
return err
}
euid = int(uid64)
egid = int(gid64)
} }
uid := int(uid64)
gid := int(gid64)
if srv.conf.AsDaemon { if srv.conf.AsDaemon {
logDir := filepath.Dir(srv.conf.LogPath) logDir := filepath.Dir(srv.conf.LogPath)
@@ -92,7 +114,7 @@ func (srv *Server) Build() error {
if err != nil { if err != nil {
return err return err
} }
err = os.Chown(logDir, uid, gid) err = os.Chown(logDir, euid, egid)
if err != nil { if err != nil {
return err return err
} }
@@ -102,7 +124,7 @@ func (srv *Server) Build() error {
if err != nil { if err != nil {
return err return err
} }
err = os.Chown(runDir, uid, gid) err = os.Chown(runDir, euid, egid)
if err != nil { if err != nil {
return err return err
} }
@@ -111,17 +133,22 @@ func (srv *Server) Build() error {
addrinfo := ":" + strconv.FormatUint(uint64(srv.conf.Service.Port), 10) addrinfo := ":" + strconv.FormatUint(uint64(srv.conf.Service.Port), 10)
listener, err := network.CreateListener(addrinfo) listener, err := network.CreateListener(addrinfo)
if err != nil { if err != nil {
return err return fmt.Errorf("Cannot create listener: %v", err)
} }
srv.listen = listener srv.listen = listener
// Change effective user // Change effective user
err = syscall.Setuid(uid) if cuid64 == 0 {
if err != nil { err = syscall.Setuid(euid)
return err if err != nil {
return fmt.Errorf("Cannot change running user: %v", err)
}
} }
//return fmt.Errorf("Debug break")
uidstr := strconv.FormatInt(int64(syscall.Geteuid()), 10) uidstr := strconv.FormatInt(int64(syscall.Geteuid()), 10)
usr, err = user.LookupId(uidstr) usr, err := user.LookupId(uidstr)
if err != nil { if err != nil {
return err return err
} }
@@ -132,9 +159,23 @@ func (srv *Server) Build() error {
if err != nil { if err != nil {
return err return err
} }
// Create proxy
srv.proxy = rproxy.NewProxy()
// Create controller
clientset, err := control.MakeClientset(srv.conf.Kubeconf)
if err != nil {
return err
}
srv.cont = control.NewController(srv.proxy, clientset, srv.conf.ExtAddress)
if err != nil {
return err
}
// Create operator // Create operator
operatorConfig := &operator.OperatorConfig{ operatorConfig := &operator.OperatorConfig{
Auths: srv.conf.Auths, Auths: srv.conf.Auths,
Proxy: srv.proxy,
//Database: srv.db, //Database: srv.db,
} }
srv.oper, err = operator.NewOperator(operatorConfig) srv.oper, err = operator.NewOperator(operatorConfig)
@@ -229,6 +270,7 @@ func (srv *Server) Run() error {
// Run service // Run service
startService := func(svc *service.Service, done chan error) { startService := func(svc *service.Service, done chan error) {
srv.log.Infof("Run rpc service")
err = svc.Run() err = svc.Run()
if err != nil { if err != nil {
srv.log.Errorf("Service error: %v", err) srv.log.Errorf("Service error: %v", err)
@@ -236,6 +278,9 @@ func (srv *Server) Run() error {
} }
} }
go startService(srv.svc, done) go startService(srv.svc, done)
// Run controller
srv.log.Infof("Run controller")
go srv.cont.Run()
signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM) signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM)
var signal os.Signal var signal os.Signal

4
initrc/minilbd.service
View File

@@ -3,10 +3,10 @@ Description=minilbd
[Service] [Service]
Type=forking Type=forking
ExecStart=/usr/sbin/minilbd --asDaemon=true ExecStart=/usr/local/sbin/minilbd --asDaemon=true
ExecReload=/bin/kill -HUP $MAINPID ExecReload=/bin/kill -HUP $MAINPID
ExecRestart=/bin/kill -HUP $MAINPID ExecRestart=/bin/kill -HUP $MAINPID
ExecStartPre=/usr/bin/install -d -o daemon /var/run/minilb /var/log/minilb ExecStartPre=/usr/bin/install -d -o ziggi /home/ziggi/Projects/minilb/tmp/run /home/ziggi/Projects/minilb/tmp/log
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target