From 7aad9f99f5bb66e7ed77038ec3b48c723f533055 Mon Sep 17 00:00:00 2001 From: singchia Date: Wed, 17 Jan 2024 11:52:52 +0800 Subject: [PATCH] add edge config and template --- go.mod | 2 +- pkg/config/config.go | 114 ++++++++++++++++++++++++++++++++-- pkg/config/config.yaml | 56 +++++++++++++++++ pkg/config/config_test.go | 36 +++++++++++ pkg/edgebound/edge_manager.go | 2 +- 5 files changed, 204 insertions(+), 6 deletions(-) create mode 100644 pkg/config/config.yaml diff --git a/go.mod b/go.mod index 3769e89..8d15343 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 replace github.com/singchia/geminio => ../../moresec/singchia/geminio require ( - github.com/jumboframes/armorigo v0.2.5 + github.com/jumboframes/armorigo v0.3.0 github.com/singchia/geminio v1.1.0 github.com/singchia/go-timer/v2 v2.2.1 github.com/spf13/pflag v1.0.5 diff --git a/pkg/config/config.go b/pkg/config/config.go index fbf54a5..3ab58ce 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -2,9 +2,11 @@ package config import ( "flag" + "io" "os" "strconv" + armio "github.com/jumboframes/armorigo/io" "github.com/spf13/pflag" "gopkg.in/yaml.v2" "k8s.io/klog/v2" @@ -31,24 +33,34 @@ type CertKey struct { } type TLS struct { + Enable bool `yaml:"enable"` MTLS bool `yaml:"mtls"` CACerts []string `yaml:"ca_certs"` // ca certs paths Certs []CertKey `yaml:"certs"` // certs paths } type Listen struct { - Network string `yaml:"network"` - Addr string `yaml:"addr"` - TLSEnable bool `yaml:"tls_enable"` - TLS TLS `yaml:"tls"` + Network string `yaml:"network"` + Addr string `yaml:"addr"` + TLS TLS `yaml:"tls"` } +// edgebound +// Bypass is for the lagecy gateway, this will split +type Bypass struct { + Enable bool `yaml:"enable"` + Network string `yaml:"network"` + Addr string `yaml:"addr"` // addr to dial + TLS TLS `yaml:"tls"` +} type Edgebound struct { Listen Listen `yaml:"listen"` + Bypass Bypass `yaml:"bypass"` // alloc edgeID when no get_id function online EdgeIDAllocWhenNoIDServiceOn bool `yaml:"edgeid_alloc_when_no_idservice_on"` } +// servicebound type Servicebound struct { Listen Listen `yaml:"listen"` } @@ -137,3 +149,97 @@ func ParseFlags() (*Configuration, error) { return config, nil } + +func genDefaultConfig(writer io.Writer) error { + conf := &Configuration{ + Daemon: Daemon{ + RLimit: RLimit{ + NumFile: 1024, + }, + PProf: PProf{ + Addr: "0.0.0.0:6060", + }, + }, + Edgebound: Edgebound{ + Listen: Listen{ + Network: "tcp", + Addr: "0.0.0.0:2432", + TLS: TLS{ + Enable: true, + MTLS: true, + CACerts: []string{ + "ca1.cert", + "ca2.cert", + }, + Certs: []CertKey{ + { + Cert: "edgebound.cert", + Key: "edgebound.key", + }, + }, + }, + }, + EdgeIDAllocWhenNoIDServiceOn: true, + Bypass: Bypass{ + Enable: true, + Network: "tcp", + Addr: "192.168.1.10:8443", + TLS: TLS{ + Enable: true, + MTLS: true, + CACerts: []string{ + "ca1.cert", + }, + Certs: []CertKey{ + { + Cert: "frontier.cert", + Key: "frontier.key", + }, + }, + }, + }, + }, + Servicebound: Servicebound{ + Listen: Listen{ + Network: "tcp", + Addr: "0.0.0.0:2431", + TLS: TLS{ + Enable: true, + MTLS: true, + CACerts: []string{ + "ca1.cert", + "ca2.cert", + }, + Certs: []CertKey{ + { + Cert: "servicebound.cert", + Key: "servicebound.key", + }, + }, + }, + }, + }, + Log: Log{ + LogDir: "/app/log", + LogFile: "frontier.log", + LogFileMaxSizeMB: 100, + ToStderr: false, + AlsoToStderr: false, + Verbosity: 4, + AddDirHeader: true, + SkipHeaders: true, + OneOutput: true, + SkipLogHeaders: true, + StderrThreshold: 1024, + }, + } + data, err := yaml.Marshal(conf) + if err != nil { + return err + } + _, err = armio.WriteAll(data, writer) + if err != nil { + return err + } + return nil +} diff --git a/pkg/config/config.yaml b/pkg/config/config.yaml new file mode 100644 index 0000000..40e73fb --- /dev/null +++ b/pkg/config/config.yaml @@ -0,0 +1,56 @@ +daemon: + rlimit: + nofile: 1024 + pprof: + addr: 0.0.0.0:6060 +edgebound: + listen: + network: tcp + addr: 0.0.0.0:2432 + tls: + enable: true + mtls: true + ca_certs: + - ca1.cert + - ca2.cert + certs: + - cert: edgebound.cert + key: edgebound.key + bypass: + enable: true + network: tcp + addr: 192.168.1.10:8443 + tls: + enable: true + mtls: true + ca_certs: + - ca1.cert + certs: + - cert: frontier.cert + key: frontier.key + edgeid_alloc_when_no_idservice_on: true +servicebound: + listen: + network: tcp + addr: 0.0.0.0:2431 + tls: + enable: true + mtls: true + ca_certs: + - ca1.cert + - ca2.cert + certs: + - cert: servicebound.cert + key: servicebound.key +log: + log_dir: /app/log + log_file: frontier.log + log_file_max_size: 100 + logtostderr: false + alsologtostderr: false + verbosity: 4 + add_dir_header: true + skip_headers: true + one_output: true + skip_log_headers: true + stderrthreshold: 1024 diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go index 2fd11a2..84733d6 100644 --- a/pkg/config/config_test.go +++ b/pkg/config/config_test.go @@ -1,8 +1,11 @@ package config import ( + "os" "reflect" "testing" + + "gopkg.in/yaml.v2" ) func TestParseFlags(t *testing.T) { @@ -36,3 +39,36 @@ func TestParseFlags(t *testing.T) { }) } } + +func TestParseFile(t *testing.T) { + conf := &Configuration{ + Daemon: Daemon{ + RLimit: RLimit{ + NumFile: 1024, + }, + PProf: PProf{ + Addr: "0.0.0.0:6060", + }, + }, + Edgebound: Edgebound{}, + Servicebound: Servicebound{}, + Log: Log{}, + } + _, err := yaml.Marshal(conf) + if err != nil { + t.Error(err) + return + } +} + +func TestGenDefaultConfig(t *testing.T) { + file, err := os.OpenFile("./config.yaml", os.O_CREATE|os.O_RDWR, 0666) + if err != nil { + t.Error(err) + } + defer file.Close() + err = genDefaultConfig(file) + if err != nil { + t.Error(err) + } +} diff --git a/pkg/edgebound/edge_manager.go b/pkg/edgebound/edge_manager.go index 825be2d..4023e68 100644 --- a/pkg/edgebound/edge_manager.go +++ b/pkg/edgebound/edge_manager.go @@ -84,7 +84,7 @@ func newedgeManager(conf *config.Configuration, dao *dao.Dao, informer EdgeInfor informer: informer, } - if !conf.Edgebound.Listen.TLSEnable { + if !conf.Edgebound.Listen.TLS.Enable { if ln, err = net.Listen(network, addr); err != nil { klog.Errorf("net listen err: %s, network: %s, addr: %s", err, network, addr) return nil, err