github.com/demonoid81/moby@v0.0.0-20200517203328-62dd8e17c460/daemon/cluster/convert/swarm.go (about)

     1  package convert // import "github.com/demonoid81/moby/daemon/cluster/convert"
     2  
     3  import (
     4  	"fmt"
     5  	"strings"
     6  
     7  	types "github.com/demonoid81/moby/api/types/swarm"
     8  	swarmapi "github.com/docker/swarmkit/api"
     9  	"github.com/docker/swarmkit/ca"
    10  	gogotypes "github.com/gogo/protobuf/types"
    11  )
    12  
    13  // SwarmFromGRPC converts a grpc Cluster to a Swarm.
    14  func SwarmFromGRPC(c swarmapi.Cluster) types.Swarm {
    15  	swarm := types.Swarm{
    16  		ClusterInfo: types.ClusterInfo{
    17  			ID: c.ID,
    18  			Spec: types.Spec{
    19  				Orchestration: types.OrchestrationConfig{
    20  					TaskHistoryRetentionLimit: &c.Spec.Orchestration.TaskHistoryRetentionLimit,
    21  				},
    22  				Raft: types.RaftConfig{
    23  					SnapshotInterval:           c.Spec.Raft.SnapshotInterval,
    24  					KeepOldSnapshots:           &c.Spec.Raft.KeepOldSnapshots,
    25  					LogEntriesForSlowFollowers: c.Spec.Raft.LogEntriesForSlowFollowers,
    26  					HeartbeatTick:              int(c.Spec.Raft.HeartbeatTick),
    27  					ElectionTick:               int(c.Spec.Raft.ElectionTick),
    28  				},
    29  				EncryptionConfig: types.EncryptionConfig{
    30  					AutoLockManagers: c.Spec.EncryptionConfig.AutoLockManagers,
    31  				},
    32  				CAConfig: types.CAConfig{
    33  					// do not include the signing CA cert or key (it should already be redacted via the swarm APIs) -
    34  					// the key because it's secret, and the cert because otherwise doing a get + update on the spec
    35  					// can cause issues because the key would be missing and the cert wouldn't
    36  					ForceRotate: c.Spec.CAConfig.ForceRotate,
    37  				},
    38  			},
    39  			TLSInfo: types.TLSInfo{
    40  				TrustRoot: string(c.RootCA.CACert),
    41  			},
    42  			RootRotationInProgress: c.RootCA.RootRotation != nil,
    43  			DefaultAddrPool:        c.DefaultAddressPool,
    44  			SubnetSize:             c.SubnetSize,
    45  			DataPathPort:           c.VXLANUDPPort,
    46  		},
    47  		JoinTokens: types.JoinTokens{
    48  			Worker:  c.RootCA.JoinTokens.Worker,
    49  			Manager: c.RootCA.JoinTokens.Manager,
    50  		},
    51  	}
    52  
    53  	issuerInfo, err := ca.IssuerFromAPIRootCA(&c.RootCA)
    54  	if err == nil && issuerInfo != nil {
    55  		swarm.TLSInfo.CertIssuerSubject = issuerInfo.Subject
    56  		swarm.TLSInfo.CertIssuerPublicKey = issuerInfo.PublicKey
    57  	}
    58  
    59  	heartbeatPeriod, _ := gogotypes.DurationFromProto(c.Spec.Dispatcher.HeartbeatPeriod)
    60  	swarm.Spec.Dispatcher.HeartbeatPeriod = heartbeatPeriod
    61  
    62  	swarm.Spec.CAConfig.NodeCertExpiry, _ = gogotypes.DurationFromProto(c.Spec.CAConfig.NodeCertExpiry)
    63  
    64  	for _, ca := range c.Spec.CAConfig.ExternalCAs {
    65  		swarm.Spec.CAConfig.ExternalCAs = append(swarm.Spec.CAConfig.ExternalCAs, &types.ExternalCA{
    66  			Protocol: types.ExternalCAProtocol(strings.ToLower(ca.Protocol.String())),
    67  			URL:      ca.URL,
    68  			Options:  ca.Options,
    69  			CACert:   string(ca.CACert),
    70  		})
    71  	}
    72  
    73  	// Meta
    74  	swarm.Version.Index = c.Meta.Version.Index
    75  	swarm.CreatedAt, _ = gogotypes.TimestampFromProto(c.Meta.CreatedAt)
    76  	swarm.UpdatedAt, _ = gogotypes.TimestampFromProto(c.Meta.UpdatedAt)
    77  
    78  	// Annotations
    79  	swarm.Spec.Annotations = annotationsFromGRPC(c.Spec.Annotations)
    80  
    81  	return swarm
    82  }
    83  
    84  // SwarmSpecToGRPC converts a Spec to a grpc ClusterSpec.
    85  func SwarmSpecToGRPC(s types.Spec) (swarmapi.ClusterSpec, error) {
    86  	return MergeSwarmSpecToGRPC(s, swarmapi.ClusterSpec{})
    87  }
    88  
    89  // MergeSwarmSpecToGRPC merges a Spec with an initial grpc ClusterSpec
    90  func MergeSwarmSpecToGRPC(s types.Spec, spec swarmapi.ClusterSpec) (swarmapi.ClusterSpec, error) {
    91  	// We take the initSpec (either created from scratch, or returned by swarmkit),
    92  	// and will only change the value if the one taken from types.Spec is not nil or 0.
    93  	// In other words, if the value taken from types.Spec is nil or 0, we will maintain the status quo.
    94  	if s.Annotations.Name != "" {
    95  		spec.Annotations.Name = s.Annotations.Name
    96  	}
    97  	if len(s.Annotations.Labels) != 0 {
    98  		spec.Annotations.Labels = s.Annotations.Labels
    99  	}
   100  
   101  	if s.Orchestration.TaskHistoryRetentionLimit != nil {
   102  		spec.Orchestration.TaskHistoryRetentionLimit = *s.Orchestration.TaskHistoryRetentionLimit
   103  	}
   104  	if s.Raft.SnapshotInterval != 0 {
   105  		spec.Raft.SnapshotInterval = s.Raft.SnapshotInterval
   106  	}
   107  	if s.Raft.KeepOldSnapshots != nil {
   108  		spec.Raft.KeepOldSnapshots = *s.Raft.KeepOldSnapshots
   109  	}
   110  	if s.Raft.LogEntriesForSlowFollowers != 0 {
   111  		spec.Raft.LogEntriesForSlowFollowers = s.Raft.LogEntriesForSlowFollowers
   112  	}
   113  	if s.Raft.HeartbeatTick != 0 {
   114  		spec.Raft.HeartbeatTick = uint32(s.Raft.HeartbeatTick)
   115  	}
   116  	if s.Raft.ElectionTick != 0 {
   117  		spec.Raft.ElectionTick = uint32(s.Raft.ElectionTick)
   118  	}
   119  	if s.Dispatcher.HeartbeatPeriod != 0 {
   120  		spec.Dispatcher.HeartbeatPeriod = gogotypes.DurationProto(s.Dispatcher.HeartbeatPeriod)
   121  	}
   122  	if s.CAConfig.NodeCertExpiry != 0 {
   123  		spec.CAConfig.NodeCertExpiry = gogotypes.DurationProto(s.CAConfig.NodeCertExpiry)
   124  	}
   125  	if s.CAConfig.SigningCACert != "" {
   126  		spec.CAConfig.SigningCACert = []byte(s.CAConfig.SigningCACert)
   127  	}
   128  	if s.CAConfig.SigningCAKey != "" {
   129  		// do propagate the signing CA key here because we want to provide it TO the swarm APIs
   130  		spec.CAConfig.SigningCAKey = []byte(s.CAConfig.SigningCAKey)
   131  	}
   132  	spec.CAConfig.ForceRotate = s.CAConfig.ForceRotate
   133  
   134  	for _, ca := range s.CAConfig.ExternalCAs {
   135  		protocol, ok := swarmapi.ExternalCA_CAProtocol_value[strings.ToUpper(string(ca.Protocol))]
   136  		if !ok {
   137  			return swarmapi.ClusterSpec{}, fmt.Errorf("invalid protocol: %q", ca.Protocol)
   138  		}
   139  		spec.CAConfig.ExternalCAs = append(spec.CAConfig.ExternalCAs, &swarmapi.ExternalCA{
   140  			Protocol: swarmapi.ExternalCA_CAProtocol(protocol),
   141  			URL:      ca.URL,
   142  			Options:  ca.Options,
   143  			CACert:   []byte(ca.CACert),
   144  		})
   145  	}
   146  
   147  	spec.EncryptionConfig.AutoLockManagers = s.EncryptionConfig.AutoLockManagers
   148  
   149  	return spec, nil
   150  }