autoconf - use DNS for Swarm instances discovery

2021-08-01 23:10:29 +02:00 · 2021-08-01 23:10:29 +02:00 · 652614f41b
commit 652614f41b
parent 24d9cce82f
5 changed files with 25 additions and 15 deletions
--- a/3
+++ b/3
@ -13,7 +13,8 @@ RUN chmod +x /tmp/docker.sh && \
    rm -f /tmp/docker.sh

 # Fix CVE-2021-22901, CVE-2021-22898, CVE-2021-22897, CVE-2021-33560 and CVE-2021-36159
-RUN apk add "curl>=7.77.0-r0" "libgcrypt>=1.8.8-r0" "apk-tools>=2.12.6-r0"
+RUN apk add "curl>=7.77.0-r0" "libgcrypt>=1.8.8-r0"
+RUN apk add "apk-tools>=2.12.6-r0"

 VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache /pre-server-confs /acme-challenge /plugins

--- a/autoconf/entrypoint.sh
+++ b/autoconf/entrypoint.sh
@ -8,10 +8,10 @@ if [ "$?" -ne 0 ] ; then
 	exit 1
 fi

-if [ "$SWARM_MODE" = "yes" ] ; then
-	chown -R root:nginx /etc/nginx
-	chmod -R 770 /etc/nginx
-fi
+#if [ "$SWARM_MODE" = "yes" ] ; then
+#	chown -R root:nginx /etc/nginx
+#	chmod -R 770 /etc/nginx
+#fi

 # trap SIGTERM and SIGINT
 function trap_exit() {
--- a/autoconf/requirements.txt
+++ b/autoconf/requirements.txt
@ -2,3 +2,4 @@ docker
 requests
 jinja2
 kubernetes
+dnspython
--- a/autoconf/src/Config.py
+++ b/autoconf/src/Config.py
@ -1,6 +1,6 @@
 #!/usr/bin/python3

-import subprocess, shutil, os, traceback, requests, time
+import subprocess, shutil, os, traceback, requests, time, dns.resolver

 import Controller

@ -76,9 +76,9 @@ class Config :
 	def wait(self, instances) :
 		ret = True
 		if self.__type == Controller.Type.DOCKER :
-			ret = self.__wait_docker()
+			ret = self.__wait_docker(instances)
 		elif self.__type == Controller.Type.SWARM or self.__type == Controller.Type.KUBERNETES :
-			ret = self.__wait_api()
+			ret = self.__wait_api(instances)
 		return ret

 	def __wait_docker(self, instances) :
@ -110,7 +110,7 @@ class Config :
 					started = True
 					break
 				i = i + 1
-				log("config", "INFO" "waiting " + str(i) + " seconds before retrying to contact bunkerized-nginx instances")
+				log("config", "INFO", "waiting " + str(i) + " seconds before retrying to contact bunkerized-nginx instances")
 			if started :
 				log("config", "INFO", "bunkerized-nginx instances started")
 				return True
@ -126,17 +126,19 @@ class Config :
 		if self.__type == Controller.Type.SWARM :
 			for instance in instances :
 				name = instance.name
-				for task in instance.tasks() :
-					nodeID = task["NodeID"]
-					taskID = task["ID"]
-					url = "http://" + name + "." + nodeID + "." + taskID + ":8080" + self.__api_uri + path
-					urls.append(url)
+				try :
+					dns_result = dns.resolver.query("tasks." + name)
+					for ip in dns_result :
+						urls.append("http://" + ip.to_text() + ":8080" + self.__api_uri + path)
+				except :
+					ret = False
 		elif self.__type == Controller.Type.KUBERNETES :
 			log("config", "ERROR", "TODO get urls for k8s")

 		for url in urls :
+			req = None
 			try :
-				req = requests.post("http://" + fqdn + ":8080" + self.__api + path)
+				req = requests.post(url)
 			except :
 				pass
 			if req and req.status_code == 200 and req.text == "ok" :
--- a/autoconf/src/app.py
+++ b/autoconf/src/app.py
@ -40,6 +40,12 @@ if current_env != {} :
 	else :
 		log("autoconf", "ERROR", "error while generating initial configuration")

+# Wait for instances
+if controller.wait() :
+	log("autoconf", "INFO", "bunkerized-nginx instances started")
+else :
+	log("autoconf", "ERROR", "bunkerized-nginx instances not started")
+
 # Process events
 log("autoconf", "INFO", "waiting for events ...")
 controller.process_events(current_env)