github.com/maier/nomad@v0.4.1-0.20161110003312-a9e3d0b8549d/client/config/config.go (about) 1 package config 2 3 import ( 4 "fmt" 5 "io" 6 "os" 7 "strconv" 8 "strings" 9 "time" 10 11 "github.com/hashicorp/nomad/helper/tlsutil" 12 "github.com/hashicorp/nomad/nomad/structs" 13 "github.com/hashicorp/nomad/nomad/structs/config" 14 ) 15 16 var ( 17 // DefaultEnvBlacklist is the default set of environment variables that are 18 // filtered when passing the environment variables of the host to a task. 19 DefaultEnvBlacklist = strings.Join([]string{ 20 "CONSUL_TOKEN", 21 "VAULT_TOKEN", 22 "ATLAS_TOKEN", 23 "AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", "AWS_SESSION_TOKEN", 24 "GOOGLE_APPLICATION_CREDENTIALS", 25 }, ",") 26 27 // DefaulUserBlacklist is the default set of users that tasks are not 28 // allowed to run as when using a driver in "user.checked_drivers" 29 DefaultUserBlacklist = strings.Join([]string{ 30 "root", 31 "Administrator", 32 }, ",") 33 34 // DefaultUserCheckedDrivers is the set of drivers we apply the user 35 // blacklist onto. For virtualized drivers it often doesn't make sense to 36 // make this stipulation so by default they are ignored. 37 DefaultUserCheckedDrivers = strings.Join([]string{ 38 "exec", 39 "qemu", 40 "java", 41 }, ",") 42 ) 43 44 // RPCHandler can be provided to the Client if there is a local server 45 // to avoid going over the network. If not provided, the Client will 46 // maintain a connection pool to the servers 47 type RPCHandler interface { 48 RPC(method string, args interface{}, reply interface{}) error 49 } 50 51 // Config is used to parameterize and configure the behavior of the client 52 type Config struct { 53 // DevMode controls if we are in a development mode which 54 // avoids persistent storage. 55 DevMode bool 56 57 // StateDir is where we store our state 58 StateDir string 59 60 // AllocDir is where we store data for allocations 61 AllocDir string 62 63 // LogOutput is the destination for logs 64 LogOutput io.Writer 65 66 // Region is the clients region 67 Region string 68 69 // Network interface to be used in network fingerprinting 70 NetworkInterface string 71 72 // Network speed is the default speed of network interfaces if they can not 73 // be determined dynamically. 74 NetworkSpeed int 75 76 // MaxKillTimeout allows capping the user-specifiable KillTimeout. If the 77 // task's KillTimeout is greater than the MaxKillTimeout, MaxKillTimeout is 78 // used. 79 MaxKillTimeout time.Duration 80 81 // Servers is a list of known server addresses. These are as "host:port" 82 Servers []string 83 84 // RPCHandler can be provided to avoid network traffic if the 85 // server is running locally. 86 RPCHandler RPCHandler 87 88 // Node provides the base node 89 Node *structs.Node 90 91 // ClientMaxPort is the upper range of the ports that the client uses for 92 // communicating with plugin subsystems over loopback 93 ClientMaxPort uint 94 95 // ClientMinPort is the lower range of the ports that the client uses for 96 // communicating with plugin subsystems over loopback 97 ClientMinPort uint 98 99 // GloballyReservedPorts are ports that are reserved across all network 100 // devices and IPs. 101 GloballyReservedPorts []int 102 103 // A mapping of directories on the host OS to attempt to embed inside each 104 // task's chroot. 105 ChrootEnv map[string]string 106 107 // Options provides arbitrary key-value configuration for nomad internals, 108 // like fingerprinters and drivers. The format is: 109 // 110 // namespace.option = value 111 Options map[string]string 112 113 // Version is the version of the Nomad client 114 Version string 115 116 // Revision is the commit number of the Nomad client 117 Revision string 118 119 // ConsulConfig is this Agent's Consul configuration 120 ConsulConfig *config.ConsulConfig 121 122 // VaultConfig is this Agent's Vault configuration 123 VaultConfig *config.VaultConfig 124 125 // StatsCollectionInterval is the interval at which the Nomad client 126 // collects resource usage stats 127 StatsCollectionInterval time.Duration 128 129 // PublishNodeMetrics determines whether nomad is going to publish node 130 // level metrics to remote Telemetry sinks 131 PublishNodeMetrics bool 132 133 // PublishAllocationMetrics determines whether nomad is going to publish 134 // allocation metrics to remote Telemetry sinks 135 PublishAllocationMetrics bool 136 137 // TLSConfig holds various TLS related configurations 138 TLSConfig *config.TLSConfig 139 } 140 141 func (c *Config) Copy() *Config { 142 nc := new(Config) 143 *nc = *c 144 nc.Node = nc.Node.Copy() 145 nc.Servers = structs.CopySliceString(nc.Servers) 146 nc.Options = structs.CopyMapStringString(nc.Options) 147 nc.GloballyReservedPorts = structs.CopySliceInt(c.GloballyReservedPorts) 148 nc.ConsulConfig = c.ConsulConfig.Copy() 149 nc.VaultConfig = c.VaultConfig.Copy() 150 return nc 151 } 152 153 // DefaultConfig returns the default configuration 154 func DefaultConfig() *Config { 155 return &Config{ 156 VaultConfig: config.DefaultVaultConfig(), 157 ConsulConfig: config.DefaultConsulConfig(), 158 LogOutput: os.Stderr, 159 Region: "global", 160 StatsCollectionInterval: 1 * time.Second, 161 TLSConfig: &config.TLSConfig{}, 162 } 163 } 164 165 // Read returns the specified configuration value or "". 166 func (c *Config) Read(id string) string { 167 return c.Options[id] 168 } 169 170 // ReadDefault returns the specified configuration value, or the specified 171 // default value if none is set. 172 func (c *Config) ReadDefault(id string, defaultValue string) string { 173 val, ok := c.Options[id] 174 if !ok { 175 return defaultValue 176 } 177 return val 178 } 179 180 // ReadBool parses the specified option as a boolean. 181 func (c *Config) ReadBool(id string) (bool, error) { 182 val, ok := c.Options[id] 183 if !ok { 184 return false, fmt.Errorf("Specified config is missing from options") 185 } 186 bval, err := strconv.ParseBool(val) 187 if err != nil { 188 return false, fmt.Errorf("Failed to parse %s as bool: %s", val, err) 189 } 190 return bval, nil 191 } 192 193 // ReadBoolDefault tries to parse the specified option as a boolean. If there is 194 // an error in parsing, the default option is returned. 195 func (c *Config) ReadBoolDefault(id string, defaultValue bool) bool { 196 val, err := c.ReadBool(id) 197 if err != nil { 198 return defaultValue 199 } 200 return val 201 } 202 203 // ReadStringListToMap tries to parse the specified option as a comma separated list. 204 // If there is an error in parsing, an empty list is returned. 205 func (c *Config) ReadStringListToMap(key string) map[string]struct{} { 206 s := strings.TrimSpace(c.Read(key)) 207 list := make(map[string]struct{}) 208 if s != "" { 209 for _, e := range strings.Split(s, ",") { 210 trimmed := strings.TrimSpace(e) 211 list[trimmed] = struct{}{} 212 } 213 } 214 return list 215 } 216 217 // ReadStringListToMap tries to parse the specified option as a comma separated list. 218 // If there is an error in parsing, an empty list is returned. 219 func (c *Config) ReadStringListToMapDefault(key, defaultValue string) map[string]struct{} { 220 val, ok := c.Options[key] 221 if !ok { 222 val = defaultValue 223 } 224 225 list := make(map[string]struct{}) 226 if val != "" { 227 for _, e := range strings.Split(val, ",") { 228 trimmed := strings.TrimSpace(e) 229 list[trimmed] = struct{}{} 230 } 231 } 232 return list 233 } 234 235 // TLSConfig returns a TLSUtil Config based on the client configuration 236 func (c *Config) TLSConfiguration() *tlsutil.Config { 237 tlsConf := &tlsutil.Config{ 238 VerifyIncoming: true, 239 VerifyOutgoing: true, 240 VerifyServerHostname: c.TLSConfig.VerifyServerHostname, 241 CAFile: c.TLSConfig.CAFile, 242 CertFile: c.TLSConfig.CertFile, 243 KeyFile: c.TLSConfig.KeyFile, 244 } 245 return tlsConf 246 }