cluster.go 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203
  1. package controlapi
  2. import (
  3. "strings"
  4. "github.com/docker/swarmkit/api"
  5. "github.com/docker/swarmkit/ca"
  6. "github.com/docker/swarmkit/manager/state/store"
  7. "github.com/docker/swarmkit/protobuf/ptypes"
  8. "golang.org/x/net/context"
  9. "google.golang.org/grpc"
  10. "google.golang.org/grpc/codes"
  11. )
  12. func validateClusterSpec(spec *api.ClusterSpec) error {
  13. if spec == nil {
  14. return grpc.Errorf(codes.InvalidArgument, errInvalidArgument.Error())
  15. }
  16. // Validate that expiry time being provided is valid, and over our minimum
  17. if spec.CAConfig.NodeCertExpiry != nil {
  18. expiry, err := ptypes.Duration(spec.CAConfig.NodeCertExpiry)
  19. if err != nil {
  20. return grpc.Errorf(codes.InvalidArgument, errInvalidArgument.Error())
  21. }
  22. if expiry < ca.MinNodeCertExpiration {
  23. return grpc.Errorf(codes.InvalidArgument, "minimum certificate expiry time is: %s", ca.MinNodeCertExpiration)
  24. }
  25. }
  26. // Validate that AcceptancePolicies only include Secrets that are bcrypted
  27. // TODO(diogo): Add a global list of acceptace algorithms. We only support bcrypt for now.
  28. if len(spec.AcceptancePolicy.Policies) > 0 {
  29. for _, policy := range spec.AcceptancePolicy.Policies {
  30. if policy.Secret != nil && strings.ToLower(policy.Secret.Alg) != "bcrypt" {
  31. return grpc.Errorf(codes.InvalidArgument, "hashing algorithm is not supported: %s", policy.Secret.Alg)
  32. }
  33. }
  34. }
  35. // Validate that heartbeatPeriod time being provided is valid
  36. if spec.Dispatcher.HeartbeatPeriod != nil {
  37. heartbeatPeriod, err := ptypes.Duration(spec.Dispatcher.HeartbeatPeriod)
  38. if err != nil {
  39. return grpc.Errorf(codes.InvalidArgument, errInvalidArgument.Error())
  40. }
  41. if heartbeatPeriod < 0 {
  42. return grpc.Errorf(codes.InvalidArgument, "heartbeat time period cannot be a negative duration")
  43. }
  44. }
  45. return nil
  46. }
  47. // GetCluster returns a Cluster given a ClusterID.
  48. // - Returns `InvalidArgument` if ClusterID is not provided.
  49. // - Returns `NotFound` if the Cluster is not found.
  50. func (s *Server) GetCluster(ctx context.Context, request *api.GetClusterRequest) (*api.GetClusterResponse, error) {
  51. if request.ClusterID == "" {
  52. return nil, grpc.Errorf(codes.InvalidArgument, errInvalidArgument.Error())
  53. }
  54. var cluster *api.Cluster
  55. s.store.View(func(tx store.ReadTx) {
  56. cluster = store.GetCluster(tx, request.ClusterID)
  57. })
  58. if cluster == nil {
  59. return nil, grpc.Errorf(codes.NotFound, "cluster %s not found", request.ClusterID)
  60. }
  61. redactedClusters := redactClusters([]*api.Cluster{cluster})
  62. // WARN: we should never return cluster here. We need to redact the private fields first.
  63. return &api.GetClusterResponse{
  64. Cluster: redactedClusters[0],
  65. }, nil
  66. }
  67. // UpdateCluster updates a Cluster referenced by ClusterID with the given ClusterSpec.
  68. // - Returns `NotFound` if the Cluster is not found.
  69. // - Returns `InvalidArgument` if the ClusterSpec is malformed.
  70. // - Returns `Unimplemented` if the ClusterSpec references unimplemented features.
  71. // - Returns an error if the update fails.
  72. func (s *Server) UpdateCluster(ctx context.Context, request *api.UpdateClusterRequest) (*api.UpdateClusterResponse, error) {
  73. if request.ClusterID == "" || request.ClusterVersion == nil {
  74. return nil, grpc.Errorf(codes.InvalidArgument, errInvalidArgument.Error())
  75. }
  76. if err := validateClusterSpec(request.Spec); err != nil {
  77. return nil, err
  78. }
  79. var cluster *api.Cluster
  80. err := s.store.Update(func(tx store.Tx) error {
  81. cluster = store.GetCluster(tx, request.ClusterID)
  82. if cluster == nil {
  83. return nil
  84. }
  85. cluster.Meta.Version = *request.ClusterVersion
  86. cluster.Spec = *request.Spec.Copy()
  87. return store.UpdateCluster(tx, cluster)
  88. })
  89. if err != nil {
  90. return nil, err
  91. }
  92. if cluster == nil {
  93. return nil, grpc.Errorf(codes.NotFound, "cluster %s not found", request.ClusterID)
  94. }
  95. redactedClusters := redactClusters([]*api.Cluster{cluster})
  96. // WARN: we should never return cluster here. We need to redact the private fields first.
  97. return &api.UpdateClusterResponse{
  98. Cluster: redactedClusters[0],
  99. }, nil
  100. }
  101. func filterClusters(candidates []*api.Cluster, filters ...func(*api.Cluster) bool) []*api.Cluster {
  102. result := []*api.Cluster{}
  103. for _, c := range candidates {
  104. match := true
  105. for _, f := range filters {
  106. if !f(c) {
  107. match = false
  108. break
  109. }
  110. }
  111. if match {
  112. result = append(result, c)
  113. }
  114. }
  115. return result
  116. }
  117. // ListClusters returns a list of all clusters.
  118. func (s *Server) ListClusters(ctx context.Context, request *api.ListClustersRequest) (*api.ListClustersResponse, error) {
  119. var (
  120. clusters []*api.Cluster
  121. err error
  122. )
  123. s.store.View(func(tx store.ReadTx) {
  124. switch {
  125. case request.Filters != nil && len(request.Filters.Names) > 0:
  126. clusters, err = store.FindClusters(tx, buildFilters(store.ByName, request.Filters.Names))
  127. case request.Filters != nil && len(request.Filters.NamePrefixes) > 0:
  128. clusters, err = store.FindClusters(tx, buildFilters(store.ByNamePrefix, request.Filters.NamePrefixes))
  129. case request.Filters != nil && len(request.Filters.IDPrefixes) > 0:
  130. clusters, err = store.FindClusters(tx, buildFilters(store.ByIDPrefix, request.Filters.IDPrefixes))
  131. default:
  132. clusters, err = store.FindClusters(tx, store.All)
  133. }
  134. })
  135. if err != nil {
  136. return nil, err
  137. }
  138. if request.Filters != nil {
  139. clusters = filterClusters(clusters,
  140. func(e *api.Cluster) bool {
  141. return filterContains(e.Spec.Annotations.Name, request.Filters.Names)
  142. },
  143. func(e *api.Cluster) bool {
  144. return filterContainsPrefix(e.Spec.Annotations.Name, request.Filters.NamePrefixes)
  145. },
  146. func(e *api.Cluster) bool {
  147. return filterContainsPrefix(e.ID, request.Filters.IDPrefixes)
  148. },
  149. func(e *api.Cluster) bool {
  150. return filterMatchLabels(e.Spec.Annotations.Labels, request.Filters.Labels)
  151. },
  152. )
  153. }
  154. // WARN: we should never return cluster here. We need to redact the private fields first.
  155. return &api.ListClustersResponse{
  156. Clusters: redactClusters(clusters),
  157. }, nil
  158. }
  159. // redactClusters is a method that enforces a whitelist of fields that are ok to be
  160. // returned in the Cluster object. It should filter out all senstive information.
  161. func redactClusters(clusters []*api.Cluster) []*api.Cluster {
  162. var redactedClusters []*api.Cluster
  163. // Only add public fields to the new clusters
  164. for _, cluster := range clusters {
  165. // Copy all the mandatory fields
  166. // Do not copy secret key
  167. newCluster := &api.Cluster{
  168. ID: cluster.ID,
  169. Meta: cluster.Meta,
  170. Spec: cluster.Spec,
  171. RootCA: api.RootCA{
  172. CACert: cluster.RootCA.CACert,
  173. CACertHash: cluster.RootCA.CACertHash,
  174. },
  175. }
  176. redactedClusters = append(redactedClusters, newCluster)
  177. }
  178. return redactedClusters
  179. }