diff --git a/controller/agentController/controller.go b/controller/agentController/controller.go index 91d890b6..1313c4bf 100644 --- a/controller/agentController/controller.go +++ b/controller/agentController/controller.go @@ -2,27 +2,37 @@ package agentController import ( "context" + "net" + "time" + "github.com/openziti/sdk-golang/ziti" "github.com/openziti/zrok/agent/agentGrpc" "google.golang.org/grpc" "google.golang.org/grpc/credentials/insecure" "google.golang.org/grpc/resolver" - "net" - "time" ) -func NewAgentClient(serviceName string, cfg *Config) (client agentGrpc.AgentClient, conn *grpc.ClientConn, err error) { +type Controller struct { + zCfg *ziti.Config + zCtx ziti.Context +} + +func NewAgentController(cfg *Config) (*Controller, error) { + zCfg, err := ziti.NewConfigFromFile(cfg.IdentityPath) + if err != nil { + return nil, err + } + zCtx, err := ziti.NewContext(zCfg) + if err != nil { + return nil, err + } + return &Controller{zCfg: zCfg, zCtx: zCtx}, nil +} + +func (ctrl *Controller) NewClient(serviceName string) (client agentGrpc.AgentClient, conn *grpc.ClientConn, err error) { opts := []grpc.DialOption{ grpc.WithContextDialer(func(_ context.Context, addr string) (net.Conn, error) { - zcfg, err := ziti.NewConfigFromFile(cfg.IdentityPath) - if err != nil { - return nil, err - } - zctx, err := ziti.NewContext(zcfg) - if err != nil { - return nil, err - } - conn, err := zctx.DialWithOptions(addr, &ziti.DialOptions{ConnectTimeout: 30 * time.Second}) + conn, err := ctrl.zCtx.DialWithOptions(addr, &ziti.DialOptions{ConnectTimeout: 30 * time.Second}) if err != nil { return nil, err } diff --git a/controller/agentPing.go b/controller/agentPing.go index 5291eb4c..cffafc39 100644 --- a/controller/agentPing.go +++ b/controller/agentPing.go @@ -2,9 +2,9 @@ package controller import ( "context" + "github.com/go-openapi/runtime/middleware" "github.com/openziti/zrok/agent/agentGrpc" - "github.com/openziti/zrok/controller/agentController" "github.com/openziti/zrok/rest_model_zrok" "github.com/openziti/zrok/rest_server_zrok/operations/agent" "github.com/sirupsen/logrus" @@ -36,14 +36,14 @@ func (h *agentPingHandler) Handle(params agent.PingParams, principal *rest_model return agent.NewPingBadGateway() } - acli, aconn, err := agentController.NewAgentClient(ae.Token, cfg.AgentController) + agentClient, agentConn, err := agentCtrl.NewClient(ae.Token) if err != nil { logrus.Errorf("error creating agent client for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewPingInternalServerError() } - defer aconn.Close() + defer agentConn.Close() - resp, err := acli.Version(context.Background(), &agentGrpc.VersionRequest{}) + resp, err := agentClient.Version(context.Background(), &agentGrpc.VersionRequest{}) if err != nil { logrus.Errorf("error retrieving agent version for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewPingBadGateway() diff --git a/controller/agentRemoteAccess.go b/controller/agentRemoteAccess.go index b748d8cc..b31cd754 100644 --- a/controller/agentRemoteAccess.go +++ b/controller/agentRemoteAccess.go @@ -2,9 +2,9 @@ package controller import ( "context" + "github.com/go-openapi/runtime/middleware" "github.com/openziti/zrok/agent/agentGrpc" - "github.com/openziti/zrok/controller/agentController" "github.com/openziti/zrok/rest_model_zrok" "github.com/openziti/zrok/rest_server_zrok/operations/agent" "github.com/sirupsen/logrus" @@ -37,12 +37,12 @@ func (h *agentRemoteAccessHandler) Handle(params agent.RemoteAccessParams, princ } _ = trx.Rollback() // ...or will block the access trx on sqlite - acli, aconn, err := agentController.NewAgentClient(ae.Token, cfg.AgentController) + agentClient, agentConn, err := agentCtrl.NewClient(ae.Token) if err != nil { logrus.Errorf("error creating agent client for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewRemoteAccessInternalServerError() } - defer aconn.Close() + defer agentConn.Close() req := &agentGrpc.AccessPrivateRequest{ Token: params.Body.Token, @@ -53,7 +53,7 @@ func (h *agentRemoteAccessHandler) Handle(params agent.RemoteAccessParams, princ AutoEndPort: uint32(params.Body.AutoEndPort), ResponseHeaders: params.Body.ResponseHeaders, } - resp, err := acli.AccessPrivate(context.Background(), req) + resp, err := agentClient.AccessPrivate(context.Background(), req) if err != nil { logrus.Errorf("error creating remote agent private access for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewRemoteAccessBadGateway() diff --git a/controller/agentRemoteShare.go b/controller/agentRemoteShare.go index 6be5df78..2c70e7c7 100644 --- a/controller/agentRemoteShare.go +++ b/controller/agentRemoteShare.go @@ -2,9 +2,9 @@ package controller import ( "context" + "github.com/go-openapi/runtime/middleware" "github.com/openziti/zrok/agent/agentGrpc" - "github.com/openziti/zrok/controller/agentController" "github.com/openziti/zrok/rest_model_zrok" "github.com/openziti/zrok/rest_server_zrok/operations/agent" "github.com/sirupsen/logrus" @@ -37,17 +37,17 @@ func (h *agentRemoteShareHandler) Handle(params agent.RemoteShareParams, princip } _ = trx.Rollback() // ...or will block share trx on sqlite - acli, aconn, err := agentController.NewAgentClient(ae.Token, cfg.AgentController) + agentClient, agentConn, err := agentCtrl.NewClient(ae.Token) if err != nil { logrus.Errorf("error creating agent client for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewRemoteShareInternalServerError() } - defer aconn.Close() + defer agentConn.Close() out := &agent.RemoteShareOKBody{} switch params.Body.ShareMode { case "public": - token, frontendEndpoints, err := h.publicShare(params, acli) + token, frontendEndpoints, err := h.publicShare(params, agentClient) if err != nil { logrus.Errorf("error creating public remote agent share for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewRemoteShareBadGateway() @@ -56,7 +56,7 @@ func (h *agentRemoteShareHandler) Handle(params agent.RemoteShareParams, princip out.FrontendEndpoints = frontendEndpoints case "private": - token, err := h.privateShare(params, acli) + token, err := h.privateShare(params, agentClient) if err != nil { logrus.Errorf("error creating private remote agent share for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewRemoteShareBadGateway() @@ -64,7 +64,7 @@ func (h *agentRemoteShareHandler) Handle(params agent.RemoteShareParams, princip out.Token = token case "reserved": - token, err := h.reservedShare(params, acli) + token, err := h.reservedShare(params, agentClient) if err != nil { logrus.Errorf("error creating reserved remote agent share for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewRemoteShareBadGateway() diff --git a/controller/agentRemoteStatus.go b/controller/agentRemoteStatus.go index f7af69d9..89a7595c 100644 --- a/controller/agentRemoteStatus.go +++ b/controller/agentRemoteStatus.go @@ -2,9 +2,9 @@ package controller import ( "context" + "github.com/go-openapi/runtime/middleware" "github.com/openziti/zrok/agent/agentGrpc" - "github.com/openziti/zrok/controller/agentController" "github.com/openziti/zrok/rest_model_zrok" "github.com/openziti/zrok/rest_server_zrok/operations/agent" "github.com/sirupsen/logrus" @@ -36,14 +36,14 @@ func (h *agentRemoteStatusHandler) Handle(params agent.RemoteStatusParams, princ return agent.NewRemoteStatusBadGateway() } - acli, aconn, err := agentController.NewAgentClient(ae.Token, cfg.AgentController) + agentClient, agentConn, err := agentCtrl.NewClient(ae.Token) if err != nil { logrus.Errorf("error creating agent client for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewRemoteStatusInternalServerError() } - defer aconn.Close() + defer agentConn.Close() - resp, err := acli.Status(context.Background(), &agentGrpc.StatusRequest{}) + resp, err := agentClient.Status(context.Background(), &agentGrpc.StatusRequest{}) if err != nil { logrus.Errorf("error retrieving remote agent status for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewRemoteStatusBadGateway() diff --git a/controller/agentRemoteUnaccess.go b/controller/agentRemoteUnaccess.go index 12a17375..709a20f0 100644 --- a/controller/agentRemoteUnaccess.go +++ b/controller/agentRemoteUnaccess.go @@ -2,9 +2,9 @@ package controller import ( "context" + "github.com/go-openapi/runtime/middleware" "github.com/openziti/zrok/agent/agentGrpc" - "github.com/openziti/zrok/controller/agentController" "github.com/openziti/zrok/rest_model_zrok" "github.com/openziti/zrok/rest_server_zrok/operations/agent" "github.com/sirupsen/logrus" @@ -37,15 +37,15 @@ func (h *agentRemoteUnaccessHandler) Handle(params agent.RemoteUnaccessParams, p } _ = trx.Rollback() // ...or will block unshare trx on sqlite - acli, aconn, err := agentController.NewAgentClient(ae.Token, cfg.AgentController) + agentClient, agentConn, err := agentCtrl.NewClient(ae.Token) if err != nil { logrus.Errorf("error creating agent client for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewRemoteUnshareInternalServerError() } - defer aconn.Close() + defer agentConn.Close() req := &agentGrpc.ReleaseAccessRequest{FrontendToken: params.Body.FrontendToken} - _, err = acli.ReleaseAccess(context.Background(), req) + _, err = agentClient.ReleaseAccess(context.Background(), req) if err != nil { logrus.Errorf("error releasing access '%v' for '%v' (%v): %v", params.Body.FrontendToken, params.Body.EnvZID, principal.Email, err) return agent.NewRemoteUnaccessBadGateway() diff --git a/controller/agentRemoteUnshare.go b/controller/agentRemoteUnshare.go index 1daa96c2..ebf9e5fc 100644 --- a/controller/agentRemoteUnshare.go +++ b/controller/agentRemoteUnshare.go @@ -2,9 +2,9 @@ package controller import ( "context" + "github.com/go-openapi/runtime/middleware" "github.com/openziti/zrok/agent/agentGrpc" - "github.com/openziti/zrok/controller/agentController" "github.com/openziti/zrok/rest_model_zrok" "github.com/openziti/zrok/rest_server_zrok/operations/agent" "github.com/sirupsen/logrus" @@ -37,15 +37,15 @@ func (h *agentRemoteUnshareHandler) Handle(params agent.RemoteUnshareParams, pri } _ = trx.Rollback() // ...or will block unshare trx on sqlite - acli, aconn, err := agentController.NewAgentClient(ae.Token, cfg.AgentController) + agentClient, agentConn, err := agentCtrl.NewClient(ae.Token) if err != nil { logrus.Errorf("error creating agent client for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewRemoteUnshareInternalServerError() } - defer aconn.Close() + defer agentConn.Close() req := &agentGrpc.ReleaseShareRequest{Token: params.Body.Token} - _, err = acli.ReleaseShare(context.Background(), req) + _, err = agentClient.ReleaseShare(context.Background(), req) if err != nil { logrus.Errorf("error releasing share '%v' for '%v' (%v): %v", params.Body.Token, params.Body.EnvZID, principal.Email, err) return agent.NewRemoteUnshareBadGateway() diff --git a/controller/agentShareHttpHealthcheck.go b/controller/agentShareHttpHealthcheck.go index 75b59d59..b93b4119 100644 --- a/controller/agentShareHttpHealthcheck.go +++ b/controller/agentShareHttpHealthcheck.go @@ -5,7 +5,6 @@ import ( "github.com/go-openapi/runtime/middleware" "github.com/openziti/zrok/agent/agentGrpc" - "github.com/openziti/zrok/controller/agentController" "github.com/openziti/zrok/rest_model_zrok" "github.com/openziti/zrok/rest_server_zrok/operations/agent" "github.com/sirupsen/logrus" @@ -38,12 +37,12 @@ func (h *agentShareHttpHealthcheckHandler) Handle(params agent.ShareHTTPHealthch } _ = trx.Rollback() // ...or will block share trx on sqlite - acli, aconn, err := agentController.NewAgentClient(ae.Token, cfg.AgentController) + agentClient, agentConn, err := agentCtrl.NewClient(ae.Token) if err != nil { logrus.Errorf("error creating agent client for '%v' (%v): %v", params.Body.EnvZID, principal.Email, err) return agent.NewShareHTTPHealthcheckInternalServerError() } - defer aconn.Close() + defer agentConn.Close() req := &agentGrpc.ShareHttpHealthcheckRequest{ Token: params.Body.ShareToken, @@ -52,7 +51,7 @@ func (h *agentShareHttpHealthcheckHandler) Handle(params agent.ShareHTTPHealthch ExpectedHttpResponse: uint32(params.Body.ExpectedHTTPResponse), TimeoutMs: uint64(params.Body.TimeoutMs), } - resp, err := acli.ShareHttpHealthcheck(context.Background(), req) + resp, err := agentClient.ShareHttpHealthcheck(context.Background(), req) if err != nil { logrus.Infof("error invoking remoted share '%v' http healthcheck for '%v': %v", params.Body.ShareToken, params.Body.EnvZID, err) return agent.NewShareHTTPHealthcheckBadGateway() diff --git a/controller/controller.go b/controller/controller.go index 8d56da3b..e0456bf1 100644 --- a/controller/controller.go +++ b/controller/controller.go @@ -9,6 +9,7 @@ import ( "github.com/go-openapi/loads" influxdb2 "github.com/influxdata/influxdb-client-go/v2" "github.com/jessevdk/go-flags" + "github.com/openziti/zrok/controller/agentController" "github.com/openziti/zrok/controller/config" "github.com/openziti/zrok/controller/limits" "github.com/openziti/zrok/controller/metrics" @@ -26,6 +27,7 @@ var ( str *store.Store idb influxdb2.Client limitsAgent *limits.Agent + agentCtrl *agentController.Controller ) func Run(inCfg *config.Config) error { @@ -71,6 +73,12 @@ func Run(inCfg *config.Config) error { api.AdminRemoveOrganizationMemberHandler = newRemoveOrganizationMemberHandler() api.AdminUpdateFrontendHandler = newUpdateFrontendHandler() if cfg.AgentController != nil { + if i, err := agentController.NewAgentController(cfg.AgentController); err == nil { + agentCtrl = i + logrus.Infof("created new agent controller") + } else { + return errors.Wrap(err, "error creating agent controller") + } api.AgentEnrollHandler = newAgentEnrollHandler() api.AgentPingHandler = newAgentPingHandler() api.AgentRemoteAccessHandler = newAgentRemoteAccessHandler()