coredns/core/setup/etcd.go

package setup

import (
	"crypto/tls"
	"crypto/x509"
	"io/ioutil"
	"net"
	"net/http"
	"time"

	"github.com/miekg/coredns/middleware"
	"github.com/miekg/coredns/middleware/etcd"
	"github.com/miekg/coredns/middleware/etcd/singleflight"
	"github.com/miekg/coredns/middleware/proxy"

	etcdc "github.com/coreos/etcd/client"
	"golang.org/x/net/context"
)

const defaultEndpoint = "http://127.0.0.1:2379"

// Etcd sets up the etcd middleware.
func Etcd(c *Controller) (middleware.Middleware, error) {
	etcd, err := etcdParse(c)
	if err != nil {
		return nil, err
	}

	return func(next middleware.Handler) middleware.Handler {
		etcd.Next = next
		return etcd
	}, nil
}

func etcdParse(c *Controller) (etcd.Etcd, error) {
	etc := etcd.Etcd{
		// make stuff configurable
		Proxy:      proxy.New([]string{"8.8.8.8:53"}),
		PathPrefix: "skydns",
		Ctx:        context.Background(),
		Inflight:   &singleflight.Group{},
	}
	for c.Next() {
		if c.Val() == "etcd" {
			// etcd [origin...]
			client, err := newEtcdClient([]string{defaultEndpoint}, "", "", "")
			if err != nil {
				return etcd.Etcd{}, err
			}
			etc.Client = client
			etc.Zones = c.RemainingArgs()
			if len(etc.Zones) == 0 {
				etc.Zones = c.ServerBlockHosts
			}
			middleware.Zones(etc.Zones).FullyQualify()
			return etc, nil
		}
	}
	return etcd.Etcd{}, nil
}

func newEtcdClient(endpoints []string, tlsCert, tlsKey, tlsCACert string) (etcdc.KeysAPI, error) {
	etcdCfg := etcdc.Config{
		Endpoints: endpoints,
		Transport: newHTTPSTransport(tlsCert, tlsKey, tlsCACert),
	}
	cli, err := etcdc.New(etcdCfg)
	if err != nil {
		return nil, err
	}
	return etcdc.NewKeysAPI(cli), nil
}

func newHTTPSTransport(tlsCertFile, tlsKeyFile, tlsCACertFile string) etcdc.CancelableTransport {
	var cc *tls.Config = nil

	if tlsCertFile != "" && tlsKeyFile != "" {
		var rpool *x509.CertPool
		if tlsCACertFile != "" {
			if pemBytes, err := ioutil.ReadFile(tlsCACertFile); err == nil {
				rpool = x509.NewCertPool()
				rpool.AppendCertsFromPEM(pemBytes)
			}
		}

		if tlsCert, err := tls.LoadX509KeyPair(tlsCertFile, tlsKeyFile); err == nil {
			cc = &tls.Config{
				RootCAs:            rpool,
				Certificates:       []tls.Certificate{tlsCert},
				InsecureSkipVerify: true,
			}
		}
	}

	tr := &http.Transport{
		Proxy: http.ProxyFromEnvironment,
		Dial: (&net.Dialer{
			Timeout:   30 * time.Second,
			KeepAlive: 30 * time.Second,
		}).Dial,
		TLSHandshakeTimeout: 10 * time.Second,
		TLSClientConfig:     cc,
	}

	return tr
}
more 2016-03-20 17:54:21 +00:00			`package setup`

			`import (`
More stuff copied from SkyDNS 2016-03-20 18:17:07 +00:00			`"crypto/tls"`
			`"crypto/x509"`
			`"io/ioutil"`
			`"net"`
			`"net/http"`
			`"time"`
more 2016-03-20 17:54:21 +00:00
			`"github.com/miekg/coredns/middleware"`
more etcd stuff 2016-03-20 21:36:55 +00:00			`"github.com/miekg/coredns/middleware/etcd"`
more 2016-03-22 22:44:50 +00:00			`"github.com/miekg/coredns/middleware/etcd/singleflight"`
			`"github.com/miekg/coredns/middleware/proxy"`
more etcd stuff 2016-03-20 21:36:55 +00:00
			`etcdc "github.com/coreos/etcd/client"`
more 2016-03-22 22:44:50 +00:00			`"golang.org/x/net/context"`
more 2016-03-20 17:54:21 +00:00			`)`

more etcd stuff 2016-03-20 21:36:55 +00:00			`const defaultEndpoint = "http://127.0.0.1:2379"`
More stuff copied from SkyDNS 2016-03-20 18:17:07 +00:00
			`// Etcd sets up the etcd middleware.`
			`func Etcd(c *Controller) (middleware.Middleware, error) {`
more 2016-03-22 22:44:50 +00:00			`etcd, err := etcdParse(c)`
more 2016-03-20 17:54:21 +00:00			`if err != nil {`
			`return nil, err`
			`}`
More stuff copied from SkyDNS 2016-03-20 18:17:07 +00:00
more 2016-03-20 17:54:21 +00:00			`return func(next middleware.Handler) middleware.Handler {`
more 2016-03-22 22:44:50 +00:00			`etcd.Next = next`
			`return etcd`
more 2016-03-20 17:54:21 +00:00			`}, nil`
			`}`

more 2016-03-22 22:44:50 +00:00			`func etcdParse(c *Controller) (etcd.Etcd, error) {`
			`etc := etcd.Etcd{`
			`// make stuff configurable`
			`Proxy: proxy.New([]string{"8.8.8.8:53"}),`
			`PathPrefix: "skydns",`
			`Ctx: context.Background(),`
			`Inflight: &singleflight.Group{},`
			`}`
more 2016-03-20 17:54:21 +00:00			`for c.Next() {`
More stuff copied from SkyDNS 2016-03-20 18:17:07 +00:00			`if c.Val() == "etcd" {`
more 2016-03-22 22:44:50 +00:00			`// etcd [origin...]`
			`client, err := newEtcdClient([]string{defaultEndpoint}, "", "", "")`
			`if err != nil {`
			`return etcd.Etcd{}, err`
			`}`
			`etc.Client = client`
			`etc.Zones = c.RemainingArgs()`
			`if len(etc.Zones) == 0 {`
			`etc.Zones = c.ServerBlockHosts`
more 2016-03-20 17:54:21 +00:00			`}`
more 2016-03-22 22:44:50 +00:00			`middleware.Zones(etc.Zones).FullyQualify()`
			`return etc, nil`
more 2016-03-20 17:54:21 +00:00			`}`
			`}`
more 2016-03-22 22:44:50 +00:00			`return etcd.Etcd{}, nil`
more 2016-03-20 17:54:21 +00:00			`}`

more etcd stuff 2016-03-20 21:36:55 +00:00			`func newEtcdClient(endpoints []string, tlsCert, tlsKey, tlsCACert string) (etcdc.KeysAPI, error) {`
			`etcdCfg := etcdc.Config{`
			`Endpoints: endpoints,`
More stuff copied from SkyDNS 2016-03-20 18:17:07 +00:00			`Transport: newHTTPSTransport(tlsCert, tlsKey, tlsCACert),`
			`}`
more etcd stuff 2016-03-20 21:36:55 +00:00			`cli, err := etcdc.New(etcdCfg)`
more 2016-03-20 17:54:21 +00:00			`if err != nil {`
			`return nil, err`
			`}`
more etcd stuff 2016-03-20 21:36:55 +00:00			`return etcdc.NewKeysAPI(cli), nil`
More stuff copied from SkyDNS 2016-03-20 18:17:07 +00:00			`}`

more etcd stuff 2016-03-20 21:36:55 +00:00			`func newHTTPSTransport(tlsCertFile, tlsKeyFile, tlsCACertFile string) etcdc.CancelableTransport {`
More stuff copied from SkyDNS 2016-03-20 18:17:07 +00:00			`var cc *tls.Config = nil`

			`if tlsCertFile != "" && tlsKeyFile != "" {`
			`var rpool *x509.CertPool`
			`if tlsCACertFile != "" {`
			`if pemBytes, err := ioutil.ReadFile(tlsCACertFile); err == nil {`
			`rpool = x509.NewCertPool()`
			`rpool.AppendCertsFromPEM(pemBytes)`
			`}`
			`}`

			`if tlsCert, err := tls.LoadX509KeyPair(tlsCertFile, tlsKeyFile); err == nil {`
			`cc = &tls.Config{`
			`RootCAs: rpool,`
			`Certificates: []tls.Certificate{tlsCert},`
			`InsecureSkipVerify: true,`
			`}`
more 2016-03-20 17:54:21 +00:00			`}`
			`}`

More stuff copied from SkyDNS 2016-03-20 18:17:07 +00:00			`tr := &http.Transport{`
			`Proxy: http.ProxyFromEnvironment,`
			`Dial: (&net.Dialer{`
			`Timeout: 30 * time.Second,`
			`KeepAlive: 30 * time.Second,`
			`}).Dial,`
			`TLSHandshakeTimeout: 10 * time.Second,`
			`TLSClientConfig: cc,`
			`}`

			`return tr`
			`}`