Add ability to aggregate steve servers through remotedialer

2025-09-08 02:39:26 +00:00 · 2021-03-18 10:13:16 -07:00
parent 3e79b62d3b
commit 376934558c
4 changed files with 269 additions and 13 deletions
--- a/pkg/aggregation/server.go
+++ b/pkg/aggregation/server.go
@@ -0,0 +1,82 @@
+package aggregation
+
+import (
+	"context"
+	"crypto/tls"
+	"crypto/x509"
+	"net"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/gorilla/websocket"
+	"github.com/rancher/remotedialer"
+	"github.com/rancher/steve/pkg/auth"
+	"github.com/sirupsen/logrus"
+)
+
+func ListenAndServe(ctx context.Context, url string, caCert []byte, token string, handler http.Handler) {
+	dialer := websocket.Dialer{
+		Proxy:            http.ProxyFromEnvironment,
+		HandshakeTimeout: 45 * time.Second,
+	}
+
+	if caCert != nil && len(caCert) == 0 {
+		dialer.TLSClientConfig = &tls.Config{
+			InsecureSkipVerify: true,
+		}
+	} else if len(caCert) > 0 {
+		pool := x509.NewCertPool()
+		pool.AppendCertsFromPEM(caCert)
+		dialer.TLSClientConfig = &tls.Config{
+			RootCAs: pool,
+		}
+	}
+
+	handler = auth.ToMiddleware(auth.AuthenticatorFunc(auth.Impersonation))(handler)
+
+	headers := http.Header{}
+	headers.Add("Authorization", "Bearer "+token)
+
+	for {
+		err := serve(ctx, dialer, url, headers, handler)
+		if err != nil {
+			logrus.Errorf("Failed to dial steve aggregation server: %v", err)
+		}
+		select {
+		case <-ctx.Done():
+			return
+		case <-time.After(5 * time.Second):
+		}
+	}
+}
+
+func serve(ctx context.Context, dialer websocket.Dialer, url string, headers http.Header, handler http.Handler) error {
+	url = strings.Replace(url, "http://", "ws://", 1)
+	url = strings.Replace(url, "https://", "wss://", 1)
+	conn, _, err := dialer.DialContext(ctx, url, headers)
+	if err != nil {
+		return err
+	}
+	defer conn.Close()
+
+	listener := NewListener("steve")
+	server := http.Server{
+		Handler: handler,
+		BaseContext: func(_ net.Listener) context.Context {
+			return ctx
+		},
+	}
+	go server.Serve(listener)
+	defer server.Shutdown(context.Background())
+
+	session := remotedialer.NewClientSessionWithDialer(allowAll, conn, listener.Dial)
+	defer session.Close()
+
+	_, err = session.Serve(ctx)
+	return err
+}
+
+func allowAll(_, _ string) bool {
+	return true
+}