[lxc-devel] [lxd/master] Make network address bind error fatal when clustered
freeekanayaka on Github
lxc-bot at linuxcontainers.org
Tue May 12 11:57:03 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 361 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20200512/4edfe414/attachment.bin>
-------------- next part --------------
From 2340417ec1e39ab48dd9917f580fa2fe00efb9e0 Mon Sep 17 00:00:00 2001
From: Free Ekanayaka <free.ekanayaka at canonical.com>
Date: Tue, 12 May 2020 12:55:35 +0100
Subject: [PATCH] Make network address bind error fatal when clustered
Signed-off-by: Free Ekanayaka <free.ekanayaka at canonical.com>
---
lxd/endpoints/cluster.go | 11 -----------
lxd/endpoints/endpoints.go | 25 +++++++++++++++++++------
lxd/endpoints/network.go | 9 ++++-----
3 files changed, 23 insertions(+), 22 deletions(-)
diff --git a/lxd/endpoints/cluster.go b/lxd/endpoints/cluster.go
index b44d7fb88d..6e977d25e1 100644
--- a/lxd/endpoints/cluster.go
+++ b/lxd/endpoints/cluster.go
@@ -6,9 +6,7 @@ import (
"time"
"github.com/lxc/lxd/lxd/util"
- "github.com/lxc/lxd/shared"
"github.com/lxc/lxd/shared/logger"
- "github.com/pkg/errors"
)
// ClusterAddress returns the cluster addresss of the cluster endpoint, or an
@@ -92,12 +90,3 @@ func (e *Endpoints) ClusterUpdateAddress(address string) error {
return nil
}
-
-func clusterCreateListener(address string, cert *shared.CertInfo) (net.Listener, error) {
- listener, err := net.Listen("tcp", util.CanonicalNetworkAddress(address))
- if err != nil {
- return nil, errors.Wrap(err, "Listen to cluster address")
- }
-
- return networkTLSListener(listener, cert), nil
-}
diff --git a/lxd/endpoints/endpoints.go b/lxd/endpoints/endpoints.go
index 6a0c341567..feba2c178d 100644
--- a/lxd/endpoints/endpoints.go
+++ b/lxd/endpoints/endpoints.go
@@ -194,18 +194,31 @@ func (e *Endpoints) up(config *Config) error {
e.inherited[network] = false
}
- // Errors here are not fatal and are just logged.
- e.listeners[network] = networkCreateListener(config.NetworkAddress, e.cert)
+ // Errors here are not fatal and are just logged (unless we're
+ // clustered, see below).
+ var networkAddressErr error
+ e.listeners[network], networkAddressErr = networkCreateListener(config.NetworkAddress, e.cert)
isCovered := util.IsAddressCovered(config.ClusterAddress, config.NetworkAddress)
- if config.ClusterAddress != "" && !isCovered {
- e.listeners[cluster], err = clusterCreateListener(config.ClusterAddress, e.cert)
- if err != nil {
- return err
+ if config.ClusterAddress != "" {
+ if isCovered {
+ // In case of clustering we fail if we coun't
+ // bind the network address.
+ if networkAddressErr != nil {
+ return networkAddressErr
+ }
+
+ } else {
+ e.listeners[cluster], err = networkCreateListener(config.ClusterAddress, e.cert)
+ if err != nil {
+ return err
+ }
}
logger.Infof("Starting cluster handler:")
e.serveHTTP(cluster)
+ } else if networkAddressErr != nil {
+ logger.Error("Cannot listen on https socket, skipping...", log.Ctx{"err": networkAddressErr})
}
}
diff --git a/lxd/endpoints/network.go b/lxd/endpoints/network.go
index 5c78d8bf3a..6d9f4f1e5c 100644
--- a/lxd/endpoints/network.go
+++ b/lxd/endpoints/network.go
@@ -9,8 +9,8 @@ import (
"github.com/lxc/lxd/lxd/util"
"github.com/lxc/lxd/shared"
- log "github.com/lxc/lxd/shared/log15"
"github.com/lxc/lxd/shared/logger"
+ "github.com/pkg/errors"
)
// NetworkPublicKey returns the public key of the TLS certificate used by the
@@ -151,13 +151,12 @@ func (e *Endpoints) NetworkUpdateCert(cert *shared.CertInfo) {
}
// Create a new net.Listener bound to the tcp socket of the network endpoint.
-func networkCreateListener(address string, cert *shared.CertInfo) net.Listener {
+func networkCreateListener(address string, cert *shared.CertInfo) (net.Listener, error) {
listener, err := net.Listen("tcp", util.CanonicalNetworkAddress(address))
if err != nil {
- logger.Error("Cannot listen on https socket, skipping...", log.Ctx{"err": err})
- return nil
+ return nil, errors.Wrap(err, "Bind network address")
}
- return networkTLSListener(listener, cert)
+ return networkTLSListener(listener, cert), nil
}
// A variation of the standard tls.Listener that supports atomically swapping
More information about the lxc-devel
mailing list