github.com/mattyr/nomad@v0.3.3-0.20160919021406-3485a065154a/nomad/structs/config/consul.go (about) 1 package config 2 3 import ( 4 "crypto/tls" 5 "fmt" 6 "net/http" 7 "strings" 8 "time" 9 10 consul "github.com/hashicorp/consul/api" 11 ) 12 13 // ConsulConfig contains the configuration information necessary to 14 // communicate with a Consul Agent in order to: 15 // 16 // - Register services and their checks with Consul 17 // 18 // - Bootstrap this Nomad Client with the list of Nomad Servers registered 19 // with Consul 20 // 21 // Both the Agent and the executor need to be able to import ConsulConfig. 22 type ConsulConfig struct { 23 // ServerServiceName is the name of the service that Nomad uses to register 24 // servers with Consul 25 ServerServiceName string `mapstructure:"server_service_name"` 26 27 // ClientServiceName is the name of the service that Nomad uses to register 28 // clients with Consul 29 ClientServiceName string `mapstructure:"client_service_name"` 30 31 // AutoAdvertise determines if this Nomad Agent will advertise its 32 // services via Consul. When true, Nomad Agent will register 33 // services with Consul. 34 AutoAdvertise bool `mapstructure:"auto_advertise"` 35 36 // Addr is the address of the local Consul agent 37 Addr string `mapstructure:"address"` 38 39 // Timeout is used by Consul HTTP Client 40 Timeout time.Duration `mapstructure:"timeout"` 41 42 // Token is used to provide a per-request ACL token. This options overrides 43 // the agent's default token 44 Token string `mapstructure:"token"` 45 46 // Auth is the information to use for http access to Consul agent 47 Auth string `mapstructure:"auth"` 48 49 // EnableSSL sets the transport scheme to talk to the Consul agent as https 50 EnableSSL bool `mapstructure:"ssl"` 51 52 // VerifySSL enables or disables SSL verification when the transport scheme 53 // for the consul api client is https 54 VerifySSL bool `mapstructure:"verify_ssl"` 55 56 // CAFile is the path to the ca certificate used for Consul communication 57 CAFile string `mapstructure:"ca_file"` 58 59 // CertFile is the path to the certificate for Consul communication 60 CertFile string `mapstructure:"cert_file"` 61 62 // KeyFile is the path to the private key for Consul communication 63 KeyFile string `mapstructure:"key_file"` 64 65 // ServerAutoJoin enables Nomad servers to find peers by querying Consul and 66 // joining them 67 ServerAutoJoin bool `mapstructure:"server_auto_join"` 68 69 // ClientAutoJoin enables Nomad servers to find addresses of Nomad servers 70 // and register with them 71 ClientAutoJoin bool `mapstructure:"client_auto_join"` 72 } 73 74 // DefaultConsulConfig() returns the canonical defaults for the Nomad 75 // `consul` configuration. 76 func DefaultConsulConfig() *ConsulConfig { 77 return &ConsulConfig{ 78 ServerServiceName: "nomad", 79 ClientServiceName: "nomad-client", 80 AutoAdvertise: true, 81 ServerAutoJoin: true, 82 ClientAutoJoin: true, 83 Timeout: 5 * time.Second, 84 } 85 } 86 87 // Merge merges two Consul Configurations together. 88 func (a *ConsulConfig) Merge(b *ConsulConfig) *ConsulConfig { 89 result := *a 90 91 if b.ServerServiceName != "" { 92 result.ServerServiceName = b.ServerServiceName 93 } 94 if b.ClientServiceName != "" { 95 result.ClientServiceName = b.ClientServiceName 96 } 97 if b.AutoAdvertise { 98 result.AutoAdvertise = true 99 } 100 if b.Addr != "" { 101 result.Addr = b.Addr 102 } 103 if b.Timeout != 0 { 104 result.Timeout = b.Timeout 105 } 106 if b.Token != "" { 107 result.Token = b.Token 108 } 109 if b.Auth != "" { 110 result.Auth = b.Auth 111 } 112 if b.EnableSSL { 113 result.EnableSSL = true 114 } 115 if b.VerifySSL { 116 result.VerifySSL = true 117 } 118 if b.CAFile != "" { 119 result.CAFile = b.CAFile 120 } 121 if b.CertFile != "" { 122 result.CertFile = b.CertFile 123 } 124 if b.KeyFile != "" { 125 result.KeyFile = b.KeyFile 126 } 127 if b.ServerAutoJoin { 128 result.ServerAutoJoin = true 129 } 130 if b.ClientAutoJoin { 131 result.ClientAutoJoin = true 132 } 133 return &result 134 } 135 136 // ApiConfig() returns a usable Consul config that can be passed directly to 137 // hashicorp/consul/api. NOTE: datacenter is not set 138 func (c *ConsulConfig) ApiConfig() (*consul.Config, error) { 139 config := consul.DefaultConfig() 140 if c.Addr != "" { 141 config.Address = c.Addr 142 } 143 if c.Token != "" { 144 config.Token = c.Token 145 } 146 if c.Timeout != 0 { 147 config.HttpClient.Timeout = c.Timeout 148 } 149 if c.Auth != "" { 150 var username, password string 151 if strings.Contains(c.Auth, ":") { 152 split := strings.SplitN(c.Auth, ":", 2) 153 username = split[0] 154 password = split[1] 155 } else { 156 username = c.Auth 157 } 158 159 config.HttpAuth = &consul.HttpBasicAuth{ 160 Username: username, 161 Password: password, 162 } 163 } 164 if c.EnableSSL { 165 config.Scheme = "https" 166 tlsConfig := consul.TLSConfig{ 167 Address: config.Address, 168 CAFile: c.CAFile, 169 CertFile: c.CertFile, 170 KeyFile: c.KeyFile, 171 InsecureSkipVerify: !c.VerifySSL, 172 } 173 tlsClientCfg, err := consul.SetupTLSConfig(&tlsConfig) 174 if err != nil { 175 return nil, fmt.Errorf("error creating tls client config for consul: %v", err) 176 } 177 config.HttpClient.Transport = &http.Transport{ 178 TLSClientConfig: tlsClientCfg, 179 } 180 } 181 if c.EnableSSL && !c.VerifySSL { 182 config.HttpClient.Transport = &http.Transport{ 183 TLSClientConfig: &tls.Config{ 184 InsecureSkipVerify: true, 185 }, 186 } 187 } 188 189 return config, nil 190 } 191 192 // Copy returns a copy of this Consul config. 193 func (c *ConsulConfig) Copy() *ConsulConfig { 194 if c == nil { 195 return nil 196 } 197 198 nc := new(ConsulConfig) 199 *nc = *c 200 return nc 201 }