登入
golang
/
flannel
1
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
目錄樹: e6edfac9cb
分支列表 標籤列表
flannel
/
vendor
/
k8s.io
/
kubernetes
/
pkg
/
apiserver
/
proxy.go

proxy.go 8.1 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268 
  1. /*
    2. 

  2. Copyright 2014 The Kubernetes Authors.
    3. 

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5. you may not use this file except in compliance with the License.
    6. 

  6. You may obtain a copy of the License at
    7. 

  7. 

  8.     http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9. 

  10. Unless required by applicable law or agreed to in writing, software
    11. 

  11. distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13. See the License for the specific language governing permissions and
    14. 

  14. limitations under the License.
    15. 

  15. */
    16. 

  16. 

  17. package apiserver
    18. 

  18. 

  19. import (
    20. 

  20. 	"io"
    21. 

  21. 	"math/rand"
    22. 

  22. 	"net/http"
    23. 

  23. 	"net/http/httputil"
    24. 

  24. 	"net/url"
    25. 

  25. 	"path"
    26. 

  26. 	"strings"
    27. 

  27. 	"time"
    28. 

  28. 

  29. 	"k8s.io/kubernetes/pkg/api"
    30. 

  30. 	"k8s.io/kubernetes/pkg/api/errors"
    31. 

  31. 	"k8s.io/kubernetes/pkg/api/rest"
    32. 

  32. 	"k8s.io/kubernetes/pkg/api/unversioned"
    33. 

  33. 	"k8s.io/kubernetes/pkg/apiserver/metrics"
    34. 

  34. 	"k8s.io/kubernetes/pkg/httplog"
    35. 

  35. 	"k8s.io/kubernetes/pkg/runtime"
    36. 

  36. 	"k8s.io/kubernetes/pkg/util/httpstream"
    37. 

  37. 	"k8s.io/kubernetes/pkg/util/net"
    38. 

  38. 	proxyutil "k8s.io/kubernetes/pkg/util/proxy"
    39. 

  39. 

  40. 	"github.com/golang/glog"
    41. 

  41. )
    42. 

  42. 

  43. // ProxyHandler provides a http.Handler which will proxy traffic to locations
    44. 

  44. // specified by items implementing Redirector.
    45. 

  45. type ProxyHandler struct {
    46. 

  46. 	prefix              string
    47. 

  47. 	storage             map[string]rest.Storage
    48. 

  48. 	serializer          runtime.NegotiatedSerializer
    49. 

  49. 	context             api.RequestContextMapper
    50. 

  50. 	requestInfoResolver *RequestInfoResolver
    51. 

  51. }
    52. 

  52. 

  53. func (r *ProxyHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
    54. 

  54. 	proxyHandlerTraceID := rand.Int63()
    55. 

  55. 

  56. 	var verb string
    57. 

  57. 	var apiResource string
    58. 

  58. 	var httpCode int
    59. 

  59. 	reqStart := time.Now()
    60. 

  60. 	defer metrics.Monitor(&verb, &apiResource, net.GetHTTPClient(req), w.Header().Get("Content-Type"), httpCode, reqStart)
    61. 

  61. 

  62. 	requestInfo, err := r.requestInfoResolver.GetRequestInfo(req)
    63. 

  63. 	if err != nil || !requestInfo.IsResourceRequest {
    64. 

  64. 		notFound(w, req)
    65. 

  65. 		httpCode = http.StatusNotFound
    66. 

  66. 		return
    67. 

  67. 	}
    68. 

  68. 	verb = requestInfo.Verb
    69. 

  69. 	namespace, resource, parts := requestInfo.Namespace, requestInfo.Resource, requestInfo.Parts
    70. 

  70. 

  71. 	ctx, ok := r.context.Get(req)
    72. 

  72. 	if !ok {
    73. 

  73. 		ctx = api.NewContext()
    74. 

  74. 	}
    75. 

  75. 	ctx = api.WithNamespace(ctx, namespace)
    76. 

  76. 	if len(parts) < 2 {
    77. 

  77. 		notFound(w, req)
    78. 

  78. 		httpCode = http.StatusNotFound
    79. 

  79. 		return
    80. 

  80. 	}
    81. 

  81. 	id := parts[1]
    82. 

  82. 	remainder := ""
    83. 

  83. 	if len(parts) > 2 {
    84. 

  84. 		proxyParts := parts[2:]
    85. 

  85. 		remainder = strings.Join(proxyParts, "/")
    86. 

  86. 		if strings.HasSuffix(req.URL.Path, "/") {
    87. 

  87. 			// The original path had a trailing slash, which has been stripped
    88. 

  88. 			// by KindAndNamespace(). We should add it back because some
    89. 

  89. 			// servers (like etcd) require it.
    90. 

  90. 			remainder = remainder + "/"
    91. 

  91. 		}
    92. 

  92. 	}
    93. 

  93. 	storage, ok := r.storage[resource]
    94. 

  94. 	if !ok {
    95. 

  95. 		httplog.LogOf(req, w).Addf("'%v' has no storage object", resource)
    96. 

  96. 		notFound(w, req)
    97. 

  97. 		httpCode = http.StatusNotFound
    98. 

  98. 		return
    99. 

  99. 	}
    100. 

  100. 	apiResource = resource
    101. 

  101. 

  102. 	gv := unversioned.GroupVersion{Group: requestInfo.APIGroup, Version: requestInfo.APIVersion}
    103. 

  103. 

  104. 	redirector, ok := storage.(rest.Redirector)
    105. 

  105. 	if !ok {
    106. 

  106. 		httplog.LogOf(req, w).Addf("'%v' is not a redirector", resource)
    107. 

  107. 		httpCode = errorNegotiated(errors.NewMethodNotSupported(api.Resource(resource), "proxy"), r.serializer, gv, w, req)
    108. 

  108. 		return
    109. 

  109. 	}
    110. 

  110. 

  111. 	location, roundTripper, err := redirector.ResourceLocation(ctx, id)
    112. 

  112. 	if err != nil {
    113. 

  113. 		httplog.LogOf(req, w).Addf("Error getting ResourceLocation: %v", err)
    114. 

  114. 		httpCode = errorNegotiated(err, r.serializer, gv, w, req)
    115. 

  115. 		return
    116. 

  116. 	}
    117. 

  117. 	if location == nil {
    118. 

  118. 		httplog.LogOf(req, w).Addf("ResourceLocation for %v returned nil", id)
    119. 

  119. 		notFound(w, req)
    120. 

  120. 		httpCode = http.StatusNotFound
    121. 

  121. 		return
    122. 

  122. 	}
    123. 

  123. 

  124. 	if roundTripper != nil {
    125. 

  125. 		glog.V(5).Infof("[%x: %v] using transport %T...", proxyHandlerTraceID, req.URL, roundTripper)
    126. 

  126. 	}
    127. 

  127. 

  128. 	// Default to http
    129. 

  129. 	if location.Scheme == "" {
    130. 

  130. 		location.Scheme = "http"
    131. 

  131. 	}
    132. 

  132. 	// Add the subpath
    133. 

  133. 	if len(remainder) > 0 {
    134. 

  134. 		location.Path = singleJoiningSlash(location.Path, remainder)
    135. 

  135. 	}
    136. 

  136. 	// Start with anything returned from the storage, and add the original request's parameters
    137. 

  137. 	values := location.Query()
    138. 

  138. 	for k, vs := range req.URL.Query() {
    139. 

  139. 		for _, v := range vs {
    140. 

  140. 			values.Add(k, v)
    141. 

  141. 		}
    142. 

  142. 	}
    143. 

  143. 	location.RawQuery = values.Encode()
    144. 

  144. 

  145. 	newReq, err := http.NewRequest(req.Method, location.String(), req.Body)
    146. 

  146. 	if err != nil {
    147. 

  147. 		httpCode = errorNegotiated(err, r.serializer, gv, w, req)
    148. 

  148. 		return
    149. 

  149. 	}
    150. 

  150. 	httpCode = http.StatusOK
    151. 

  151. 	newReq.Header = req.Header
    152. 

  152. 	newReq.ContentLength = req.ContentLength
    153. 

  153. 	// Copy the TransferEncoding is for future-proofing. Currently Go only supports "chunked" and
    154. 

  154. 	// it can determine the TransferEncoding based on ContentLength and the Body.
    155. 

  155. 	newReq.TransferEncoding = req.TransferEncoding
    156. 

  156. 

  157. 	// TODO convert this entire proxy to an UpgradeAwareProxy similar to
    158. 

  158. 	// https://github.com/openshift/origin/blob/master/pkg/util/httpproxy/upgradeawareproxy.go.
    159. 

  159. 	// That proxy needs to be modified to support multiple backends, not just 1.
    160. 

  160. 	if r.tryUpgrade(w, req, newReq, location, roundTripper, gv) {
    161. 

  161. 		return
    162. 

  162. 	}
    163. 

  163. 

  164. 	// Redirect requests of the form "/{resource}/{name}" to "/{resource}/{name}/"
    165. 

  165. 	// This is essentially a hack for http://issue.k8s.io/4958.
    166. 

  166. 	// Note: Keep this code after tryUpgrade to not break that flow.
    167. 

  167. 	if len(parts) == 2 && !strings.HasSuffix(req.URL.Path, "/") {
    168. 

  168. 		var queryPart string
    169. 

  169. 		if len(req.URL.RawQuery) > 0 {
    170. 

  170. 			queryPart = "?" + req.URL.RawQuery
    171. 

  171. 		}
    172. 

  172. 		w.Header().Set("Location", req.URL.Path+"/"+queryPart)
    173. 

  173. 		w.WriteHeader(http.StatusMovedPermanently)
    174. 

  174. 		return
    175. 

  175. 	}
    176. 

  176. 

  177. 	start := time.Now()
    178. 

  178. 	glog.V(4).Infof("[%x] Beginning proxy %s...", proxyHandlerTraceID, req.URL)
    179. 

  179. 	defer func() {
    180. 

  180. 		glog.V(4).Infof("[%x] Proxy %v finished %v.", proxyHandlerTraceID, req.URL, time.Now().Sub(start))
    181. 

  181. 	}()
    182. 

  182. 

  183. 	proxy := httputil.NewSingleHostReverseProxy(&url.URL{Scheme: location.Scheme, Host: location.Host})
    184. 

  184. 	alreadyRewriting := false
    185. 

  185. 	if roundTripper != nil {
    186. 

  186. 		_, alreadyRewriting = roundTripper.(*proxyutil.Transport)
    187. 

  187. 		glog.V(5).Infof("[%x] Not making a reriting transport for proxy %s...", proxyHandlerTraceID, req.URL)
    188. 

  188. 	}
    189. 

  189. 	if !alreadyRewriting {
    190. 

  190. 		glog.V(5).Infof("[%x] making a transport for proxy %s...", proxyHandlerTraceID, req.URL)
    191. 

  191. 		prepend := path.Join(r.prefix, resource, id)
    192. 

  192. 		if len(namespace) > 0 {
    193. 

  193. 			prepend = path.Join(r.prefix, "namespaces", namespace, resource, id)
    194. 

  194. 		}
    195. 

  195. 		pTransport := &proxyutil.Transport{
    196. 

  196. 			Scheme:       req.URL.Scheme,
    197. 

  197. 			Host:         req.URL.Host,
    198. 

  198. 			PathPrepend:  prepend,
    199. 

  199. 			RoundTripper: roundTripper,
    200. 

  200. 		}
    201. 

  201. 		roundTripper = pTransport
    202. 

  202. 	}
    203. 

  203. 	proxy.Transport = roundTripper
    204. 

  204. 	proxy.FlushInterval = 200 * time.Millisecond
    205. 

  205. 	proxy.ServeHTTP(w, newReq)
    206. 

  206. }
    207. 

  207. 

  208. // tryUpgrade returns true if the request was handled.
    209. 

  209. func (r *ProxyHandler) tryUpgrade(w http.ResponseWriter, req, newReq *http.Request, location *url.URL, transport http.RoundTripper, gv unversioned.GroupVersion) bool {
    210. 

  210. 	if !httpstream.IsUpgradeRequest(req) {
    211. 

  211. 		return false
    212. 

  212. 	}
    213. 

  213. 	backendConn, err := proxyutil.DialURL(location, transport)
    214. 

  214. 	if err != nil {
    215. 

  215. 		errorNegotiated(err, r.serializer, gv, w, req)
    216. 

  216. 		return true
    217. 

  217. 	}
    218. 

  218. 	defer backendConn.Close()
    219. 

  219. 

  220. 	// TODO should we use _ (a bufio.ReadWriter) instead of requestHijackedConn
    221. 

  221. 	// when copying between the client and the backend? Docker doesn't when they
    222. 

  222. 	// hijack, just for reference...
    223. 

  223. 	requestHijackedConn, _, err := w.(http.Hijacker).Hijack()
    224. 

  224. 	if err != nil {
    225. 

  225. 		errorNegotiated(err, r.serializer, gv, w, req)
    226. 

  226. 		return true
    227. 

  227. 	}
    228. 

  228. 	defer requestHijackedConn.Close()
    229. 

  229. 

  230. 	if err = newReq.Write(backendConn); err != nil {
    231. 

  231. 		errorNegotiated(err, r.serializer, gv, w, req)
    232. 

  232. 		return true
    233. 

  233. 	}
    234. 

  234. 

  235. 	done := make(chan struct{}, 2)
    236. 

  236. 

  237. 	go func() {
    238. 

  238. 		_, err := io.Copy(backendConn, requestHijackedConn)
    239. 

  239. 		if err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
    240. 

  240. 			glog.Errorf("Error proxying data from client to backend: %v", err)
    241. 

  241. 		}
    242. 

  242. 		done <- struct{}{}
    243. 

  243. 	}()
    244. 

  244. 

  245. 	go func() {
    246. 

  246. 		_, err := io.Copy(requestHijackedConn, backendConn)
    247. 

  247. 		if err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
    248. 

  248. 			glog.Errorf("Error proxying data from backend to client: %v", err)
    249. 

  249. 		}
    250. 

  250. 		done <- struct{}{}
    251. 

  251. 	}()
    252. 

  252. 

  253. 	<-done
    254. 

  254. 	return true
    255. 

  255. }
    256. 

  256. 

  257. // borrowed from net/http/httputil/reverseproxy.go
    258. 

  258. func singleJoiningSlash(a, b string) string {
    259. 

  259. 	aslash := strings.HasSuffix(a, "/")
    260. 

  260. 	bslash := strings.HasPrefix(b, "/")
    261. 

  261. 	switch {
    262. 

  262. 	case aslash && bslash:
    263. 

  263. 		return a + b[1:]
    264. 

  264. 	case !aslash && !bslash:
    265. 

  265. 		return a + "/" + b
    266. 

  266. 	}
    267. 

  267. 	return a + b
    268. 

  268. }
    269.