【backport】Release v0.6.1 (openyurtio#739)

* bugfix: panic happened when x-tunnel-server-svc service type is lb (openyurtio#724) * enhancement: tunnel-server supports to proxy requests that access tunnel-server directly with specified destination (openyurtio#725) * cache-agent for yurthub support '*' (openyurtio#727) * cache-agent for yurthub support '*' Signed-off-by: 刘畅 <basefly@outlook.com> * add unit test for cache_agents of yurthub Signed-off-by: 刘畅 <basefly@outlook.com> * fmt code Signed-off-by: 刘畅 <basefly@outlook.com> * add NoArgs check for cmds (openyurtio#728) * fix: not initialized `sets.String` cause panic (openyurtio#733) Co-authored-by: zhanglifang@chinatelecom.cn <zhanglifang@chinatelecom.cn> Co-authored-by: hhstu <55697154+hhstu@users.noreply.github.com> Co-authored-by: Yifei Zhang <chpzhangyifei@qq.com> Co-authored-by: DrmagicE <379342542@qq.com> Co-authored-by: zhanglifang@chinatelecom.cn <zhanglifang@chinatelecom.cn>
MrGirl · Feb 15, 2022 · d6f7f48 · d6f7f48
1 parent 7df5fd6
commit d6f7f48
Show file tree

Hide file tree

Showing 16 changed files with 88 additions and 11 deletions.
diff --git a/cmd/yurt-node-servant/convert/convert.go b/cmd/yurt-node-servant/convert/convert.go
@@ -47,6 +47,7 @@ func NewConvertCmd() *cobra.Command {
 			}
 			klog.Info("convert success")
 		},
+		Args: cobra.NoArgs,
 	}
 	setFlags(cmd)
 

diff --git a/cmd/yurt-node-servant/preflight-convert/preflight.go b/cmd/yurt-node-servant/preflight-convert/preflight.go
@@ -48,6 +48,7 @@ func NewxPreflightConvertCmd() *cobra.Command {
 			}
 			klog.Info("convert pre-flight checks success")
 		},
+		Args: cobra.NoArgs,
 	}
 	setFlags(cmd)
 

diff --git a/cmd/yurt-node-servant/revert/revert.go b/cmd/yurt-node-servant/revert/revert.go
@@ -40,6 +40,7 @@ func NewRevertCmd() *cobra.Command {
 			}
 			klog.Info("revert success")
 		},
+		Args: cobra.NoArgs,
 	}
 	setFlags(cmd)
 

diff --git a/cmd/yurt-tunnel-agent/app/start.go b/cmd/yurt-tunnel-agent/app/start.go
@@ -61,6 +61,7 @@ func NewYurttunnelAgentCommand(stopCh <-chan struct{}) *cobra.Command {
 			}
 			return nil
 		},
+		Args: cobra.NoArgs,
 	}
 
 	agentOptions.AddFlags(cmd.Flags())

diff --git a/cmd/yurt-tunnel-server/app/start.go b/cmd/yurt-tunnel-server/app/start.go
@@ -65,6 +65,7 @@ func NewYurttunnelServerCommand(stopCh <-chan struct{}) *cobra.Command {
 			}
 			return nil
 		},
+		Args: cobra.NoArgs,
 	}
 
 	serverOptions.AddFlags(cmd.Flags())

diff --git a/pkg/node-servant/constant.go b/pkg/node-servant/constant.go
@@ -139,7 +139,7 @@ spec:
         - /bin/sh
         - -c
         args:
-        - "/usr/local/bin/entry.sh preflight-convert if {{.ignore_preflight_errors}} {{if .ignore_preflight_errors}}--ignore-preflight-errors {{.ignore_preflight_errors}} {{end}}"
+        - "/usr/local/bin/entry.sh preflight-convert {{if .ignore_preflight_errors}}--ignore-preflight-errors {{.ignore_preflight_errors}} {{end}}"
         securityContext:
           privileged: true
         volumeMounts:

diff --git a/pkg/util/certmanager/certmanager.go b/pkg/util/certmanager/certmanager.go
@@ -196,7 +196,7 @@ func newCertManager(
 		if getIPs != nil {
 			tmpIPs, err := getIPs()
 			if err == nil && len(tmpIPs) != 0 {
-				klog.V(3).Infof("the latest tunnel server's ips=%#+v", tmpIPs)
+				klog.V(4).Infof("the latest tunnel server's ips=%#+v", tmpIPs)
 				ips = tmpIPs
 			}
 		}

diff --git a/pkg/yurtctl/cmd/clusterinfo/clusterinfo.go b/pkg/yurtctl/cmd/clusterinfo/clusterinfo.go
@@ -66,6 +66,7 @@ func NewClusterInfoCmd() *cobra.Command {
 				klog.Fatalf("fail to run cluster-info cmd: %s", err)
 			}
 		},
+		Args: cobra.NoArgs,
 	}
 
 	return cmd

diff --git a/pkg/yurtctl/cmd/convert/convert.go b/pkg/yurtctl/cmd/convert/convert.go
@@ -87,6 +87,7 @@ func NewConvertCmd() *cobra.Command {
 				os.Exit(1)
 			}
 		},
+		Args: cobra.NoArgs,
 	}
 
 	setFlags(cmd)

diff --git a/pkg/yurtctl/cmd/join/join.go b/pkg/yurtctl/cmd/join/join.go
@@ -205,7 +205,7 @@ func newJoinData(cmd *cobra.Command, args []string, opt *joinOptions, out io.Wri
 		return nil, errors.Errorf("when --discovery-token-ca-cert-hash is not specified, --discovery-token-unsafe-skip-ca-verification should be true")
 	}
 
-	var ignoreErrors sets.String
+	ignoreErrors := sets.String{}
 	for i := range opt.ignorePreflightErrors {
 		ignoreErrors.Insert(opt.ignorePreflightErrors[i])
 	}

diff --git a/pkg/yurtctl/cmd/markautonomous/markautonomous.go b/pkg/yurtctl/cmd/markautonomous/markautonomous.go
@@ -60,6 +60,7 @@ func NewMarkAutonomousCmd() *cobra.Command {
 				klog.Fatalf("fail to make nodes autonomous: %s", err)
 			}
 		},
+		Args: cobra.NoArgs,
 	}
 
 	cmd.Flags().StringP("autonomous-nodes", "a", "",

diff --git a/pkg/yurtctl/cmd/revert/revert.go b/pkg/yurtctl/cmd/revert/revert.go
@@ -73,6 +73,7 @@ func NewRevertCmd() *cobra.Command {
 				os.Exit(1)
 			}
 		},
+		Args: cobra.NoArgs,
 	}
 
 	cmd.Flags().String("node-servant-image",

diff --git a/pkg/yurthub/cachemanager/cache_manager.go b/pkg/yurthub/cachemanager/cache_manager.go
@@ -570,7 +570,7 @@ func (cm *cacheManager) CanCacheFor(req *http.Request) bool {
 		// request with Edge-Cache header, continue verification
 	} else {
 		cm.RLock()
-		if !cm.cacheAgents.Has(comp) {
+		if !cm.cacheAgents.HasAny("*", comp) {
 			cm.RUnlock()
 			return false
 		}

diff --git a/pkg/yurthub/cachemanager/cache_manager_test.go b/pkg/yurthub/cachemanager/cache_manager_test.go
@@ -18,6 +18,7 @@ package cachemanager
 
 import (
 	"bytes"
+	"context"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -40,6 +41,9 @@ import (
 	"k8s.io/apimachinery/pkg/watch"
 	"k8s.io/apiserver/pkg/endpoints/filters"
 	"k8s.io/apiserver/pkg/endpoints/request"
+	"k8s.io/client-go/informers"
+	"k8s.io/client-go/kubernetes/fake"
+	"k8s.io/client-go/tools/cache"
 
 	"github.com/openyurtio/openyurt/pkg/projectinfo"
 	hubmeta "github.com/openyurtio/openyurt/pkg/yurthub/kubernetes/meta"
@@ -2376,7 +2380,6 @@ func TestCanCacheFor(t *testing.T) {
 		t.Errorf("failed to create disk storage, %v", err)
 	}
 	s := NewStorageWrapper(dStorage)
-	m, _ := NewCacheManager(s, nil, nil, nil)
 
 	type proxyRequest struct {
 		userAgent string
@@ -2386,6 +2389,7 @@ func TestCanCacheFor(t *testing.T) {
 	}
 
 	testcases := map[string]struct {
+		cacheAgents    string
 		preRequest     *proxyRequest
 		preExpectCache bool
 		request        *proxyRequest
@@ -2583,19 +2587,53 @@ func TestCanCacheFor(t *testing.T) {
 			},
 			expectCache: false,
 		},
+		"cacheAgents *": {
+			request: &proxyRequest{
+				userAgent: "lc",
+				verb:      "GET",
+				path:      "/api/v1/namespaces/default/pods/test/status",
+			},
+			cacheAgents: "*",
+			expectCache: true,
+		},
+		"cacheAgents *  for old": {
+			request: &proxyRequest{
+				userAgent: "lc",
+				verb:      "GET",
+				path:      "/api/v1/namespaces/default/pods/test/status",
+			},
+			cacheAgents: "*,xxx",
+			expectCache: true,
+		},
+		"cacheAgents without *": {
+			request: &proxyRequest{
+				userAgent: "lc",
+				verb:      "GET",
+				path:      "/api/v1/namespaces/default/pods/test/status",
+			},
+			cacheAgents: "xxx",
+			expectCache: false,
+		},
 	}
 
 	for k, tt := range testcases {
 		t.Run(k, func(t *testing.T) {
+			stop := make(chan struct{})
+			defer close(stop)
+			client := fake.NewSimpleClientset()
+			informerFactory := informers.NewSharedInformerFactory(client, 0)
+			m, _ := NewCacheManager(s, nil, nil, informerFactory)
+			informerFactory.Start(nil)
+			cache.WaitForCacheSync(stop, informerFactory.Core().V1().ConfigMaps().Informer().HasSynced)
 			if tt.preRequest != nil {
-				reqCanCache := checkReqCanCache(m, tt.preRequest.userAgent, tt.preRequest.verb, tt.preRequest.path, tt.preRequest.header)
+				reqCanCache := checkReqCanCache(m, tt.preRequest.userAgent, tt.preRequest.verb, tt.preRequest.path, tt.preRequest.header, tt.cacheAgents, client)
 				if reqCanCache != tt.preExpectCache {
 					t.Errorf("Got request pre can cache %v, but expect request pre can cache %v", reqCanCache, tt.preExpectCache)
 				}
 			}
 
 			if tt.request != nil {
-				reqCanCache := checkReqCanCache(m, tt.request.userAgent, tt.request.verb, tt.request.path, tt.request.header)
+				reqCanCache := checkReqCanCache(m, tt.request.userAgent, tt.request.verb, tt.request.path, tt.request.header, tt.cacheAgents, client)
 				if reqCanCache != tt.expectCache {
 					t.Errorf("Got request can cache %v, but expect request can cache %v", reqCanCache, tt.expectCache)
 				}
@@ -2608,7 +2646,7 @@ func TestCanCacheFor(t *testing.T) {
 	}
 }
 
-func checkReqCanCache(m CacheManager, userAgent, verb, path string, header map[string]string) bool {
+func checkReqCanCache(m CacheManager, userAgent, verb, path string, header map[string]string, cacheAgents string, testClient *fake.Clientset) bool {
 	req, _ := http.NewRequest(verb, path, nil)
 	if len(userAgent) != 0 {
 		req.Header.Set("User-Agent", userAgent)
@@ -2619,7 +2657,22 @@ func checkReqCanCache(m CacheManager, userAgent, verb, path string, header map[s
 	}
 
 	req.RemoteAddr = "127.0.0.1"
-
+	if cacheAgents != "" {
+		_, err := testClient.CoreV1().ConfigMaps(util.YurtHubNamespace).Create(context.Background(), &v1.ConfigMap{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      util.YurthubConfigMapName,
+				Namespace: util.YurtHubNamespace,
+			},
+			Data: map[string]string{
+				util.CacheUserAgentsKey: cacheAgents,
+			},
+		}, metav1.CreateOptions{})
+		if err != nil {
+			return false
+		}
+		// waiting for create event
+		time.Sleep(2 * time.Second)
+	}
 	var reqCanCache bool
 	var handler http.Handler = http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
 		reqCanCache = m.CanCacheFor(req)

diff --git a/pkg/yurttunnel/handlerwrapper/tracerequest/tracereq.go b/pkg/yurttunnel/handlerwrapper/tracerequest/tracereq.go
@@ -67,6 +67,7 @@ func (trm *traceReqMiddleware) WrapHandler(handler http.Handler) http.Handler {
 	}
 
 	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		klog.V(3).Infof("request header in traceReqMiddleware: %v with host: %s and urL: %s", req.Header, req.Host, req.URL.String())
 		scheme := "https"
 		if req.TLS == nil {
 			scheme = "http"
@@ -90,6 +91,18 @@ func (trm *traceReqMiddleware) WrapHandler(handler http.Handler) http.Handler {
 				http.Error(w, err.Error(), http.StatusBadRequest)
 				return
 			}
+		} else {
+			// access tunnel-server directly with specified ProxyDestHeaderKey,
+			// request's Host should be modified to specified destination.
+			proxyDest := req.Header.Get(constants.ProxyDestHeaderKey)
+			if len(proxyDest) != 0 {
+				destHost, destPort, err := net.SplitHostPort(proxyDest)
+				if err == nil && (destHost != host || destPort != port) {
+					req.Host = proxyDest
+					req.Header.Set("Host", proxyDest)
+					req.URL.Host = proxyDest
+				}
+			}
 		}
 
 		// observe metrics

diff --git a/pkg/yurttunnel/server/serveraddr/addr.go b/pkg/yurttunnel/server/serveraddr/addr.go
@@ -351,8 +351,10 @@ func GetDefaultDomainsForSvc(ns, name string) []string {
 
 func NodeListToNodes(nodeLst *corev1.NodeList) []*corev1.Node {
 	nodes := make([]*corev1.Node, 0)
-	for _, node := range nodeLst.Items {
-		nodes = append(nodes, &node)
+	if nodeLst != nil {
+		for _, node := range nodeLst.Items {
+			nodes = append(nodes, &node)
+		}
 	}
 	return nodes
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -47,6 +47,7 @@ func NewConvertCmd() *cobra.Command { @@
     			}
     			klog.Info("convert success")
     		},
+    		Args: cobra.NoArgs,
     	}
     	setFlags(cmd)
@@ Expand Down @@