docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Extract sockets initialization to a package. 

Because I just used it somewhere else and it would be nice if I didn't have to copy and paste the code.

Signed-off-by: David Calavera <david.calavera@gmail.com>
This commit is contained in:
David Calavera 2015-05-20 16:48:39 -07:00
parent 2bf409d4ef
commit 0bfbc6e788
6 changed files with 37 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
api/server/server.go
View File

@ -30,6 +30,7 @@ import (
"github.com/docker/docker/pkg/parsers/filters" "github.com/docker/docker/pkg/parsers/filters"
"github.com/docker/docker/pkg/parsers/kernel" "github.com/docker/docker/pkg/parsers/kernel"
"github.com/docker/docker/pkg/signal" "github.com/docker/docker/pkg/signal"
"github.com/docker/docker/pkg/sockets"
"github.com/docker/docker/pkg/stdcopy" "github.com/docker/docker/pkg/stdcopy"
"github.com/docker/docker/pkg/streamformatter" "github.com/docker/docker/pkg/streamformatter"
"github.com/docker/docker/pkg/version" "github.com/docker/docker/pkg/version"
@ -1402,6 +1403,26 @@ func (s *Server) ping(version version.Version, w http.ResponseWriter, r *http.Re
return err return err
} }
func (s *Server) initTcpSocket(addr string) (l net.Listener, err error) {
if !s.cfg.TlsVerify {
logrus.Warn("/!\\ DON'T BIND ON ANY IP ADDRESS WITHOUT setting -tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\")
}
var c *sockets.TlsConfig
if s.cfg.Tls || s.cfg.TlsVerify {
c = sockets.NewTlsConfig(s.cfg.TlsCert, s.cfg.TlsKey, s.cfg.TlsCa, s.cfg.TlsVerify)
}
if l, err = sockets.NewTcpSocket(addr, c, s.start); err != nil {
return nil, err
}
if err := allocateDaemonPort(addr); err != nil {
return nil, err
}
return
}
func makeHttpHandler(logging bool, localMethod string, localRoute string, handlerFunc HttpApiFunc, corsHeaders string, dockerVersion version.Version) http.HandlerFunc { func makeHttpHandler(logging bool, localMethod string, localRoute string, handlerFunc HttpApiFunc, corsHeaders string, dockerVersion version.Version) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) {
// log the request // log the request

13
api/server/server_linux.go
View File

@ -7,8 +7,8 @@ import (
"net" "net"
"net/http" "net/http"
"github.com/Sirupsen/logrus"
"github.com/docker/docker/daemon" "github.com/docker/docker/daemon"
"github.com/docker/docker/pkg/sockets"
"github.com/docker/docker/pkg/systemd" "github.com/docker/docker/pkg/systemd"
) )
@ -45,17 +45,12 @@ func (s *Server) newServer(proto, addr string) (serverCloser, error) {
} }
return nil, nil return nil, nil
case "tcp": case "tcp":
if !s.cfg.TlsVerify { l, err = s.initTcpSocket(addr)
logrus.Warn("/!\\ DON'T BIND ON ANY IP ADDRESS WITHOUT setting -tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\") if err != nil {
}
if l, err = NewTcpSocket(addr, tlsConfigFromServerConfig(s.cfg), s.start); err != nil {
return nil, err
}
if err := allocateDaemonPort(addr); err != nil {
return nil, err return nil, err
} }
case "unix": case "unix":
if l, err = NewUnixSocket(addr, s.cfg.SocketGroup, s.start); err != nil { if l, err = sockets.NewUnixSocket(addr, s.cfg.SocketGroup, s.start); err != nil {
return nil, err return nil, err
} }
default: default:

10
api/server/server_windows.go
View File

@ -7,7 +7,6 @@ import (
"net" "net"
"net/http" "net/http"
"github.com/Sirupsen/logrus"
"github.com/docker/docker/daemon" "github.com/docker/docker/daemon"
) )
@ -19,13 +18,8 @@ func (s *Server) newServer(proto, addr string) (Server, error) {
) )
switch proto { switch proto {
case "tcp": case "tcp":
if !s.cfg.TlsVerify { l, err = s.initTcpSocket(addr)
logrus.Warn("/!\\ DON'T BIND ON ANY IP ADDRESS WITHOUT setting -tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\") if err != nil {
}
if l, err = NewTcpSocket(addr, tlsConfigFromServerConfig(s.cfg)); err != nil {
return nil, err
}
if err := allocateDaemonPort(addr); err != nil {
return nil, err return nil, err
} }
default: default:

0
pkg/sockets/README.md Normal file
View File

22
api/server/tcp_socket.go → pkg/sockets/tcp_socket.go
View File

@ -1,4 +1,4 @@
package server package sockets
import ( import (
"crypto/tls" "crypto/tls"
@ -11,27 +11,23 @@ import (
"github.com/docker/docker/pkg/listenbuffer" "github.com/docker/docker/pkg/listenbuffer"
) )
type tlsConfig struct { type TlsConfig struct {
CA string CA string
Certificate string Certificate string
Key string Key string
Verify bool Verify bool
} }
func tlsConfigFromServerConfig(conf *ServerConfig) *tlsConfig { func NewTlsConfig(tlsCert, tlsKey, tlsCA string, verify bool) *TlsConfig {
verify := conf.TlsVerify return &TlsConfig{
if !conf.Tls && !conf.TlsVerify {
return nil
}
return &tlsConfig{
Verify: verify, Verify: verify,
Certificate: conf.TlsCert, Certificate: tlsCert,
Key: conf.TlsKey, Key: tlsKey,
CA: conf.TlsCa, CA: tlsCA,
} }
} }
func NewTcpSocket(addr string, config *tlsConfig, activate <-chan struct{}) (net.Listener, error) { func NewTcpSocket(addr string, config *TlsConfig, activate <-chan struct{}) (net.Listener, error) {
l, err := listenbuffer.NewListenBuffer("tcp", addr, activate) l, err := listenbuffer.NewListenBuffer("tcp", addr, activate)
if err != nil { if err != nil {
return nil, err return nil, err
@ -44,7 +40,7 @@ func NewTcpSocket(addr string, config *tlsConfig, activate <-chan struct{}) (net
return l, nil return l, nil
} }
func setupTls(l net.Listener, config *tlsConfig) (net.Listener, error) { func setupTls(l net.Listener, config *TlsConfig) (net.Listener, error) {
tlsCert, err := tls.LoadX509KeyPair(config.Certificate, config.Key) tlsCert, err := tls.LoadX509KeyPair(config.Certificate, config.Key)
if err != nil { if err != nil {
if os.IsNotExist(err) { if os.IsNotExist(err) {

2
api/server/unix_socket.go → pkg/sockets/unix_socket.go
View File

@ -1,6 +1,6 @@
// +build linux // +build linux
package server package sockets
import ( import (
"fmt" "fmt"