Fix default configuration settings for Nomad Provider

This commit is contained in:
Aofei Sheng 2023-03-20 17:44:05 +08:00 committed by GitHub
parent 4aa3496092
commit b3f162a8a6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 77 additions and 14 deletions

View file

@ -823,7 +823,7 @@ Constraints is an expression that Traefik matches against the Nomad service's ta
Default rule. (Default: ```Host(`{{ normalize .Name }}`)```) Default rule. (Default: ```Host(`{{ normalize .Name }}`)```)
`--providers.nomad.endpoint.address`: `--providers.nomad.endpoint.address`:
The address of the Nomad server, including scheme and port. The address of the Nomad server, including scheme and port. (Default: ```http://127.0.0.1:4646```)
`--providers.nomad.endpoint.endpointwaittime`: `--providers.nomad.endpoint.endpointwaittime`:
WaitTime limits how long a Watch will block. If not provided, the agent default values will be used (Default: ```0```) WaitTime limits how long a Watch will block. If not provided, the agent default values will be used (Default: ```0```)

View file

@ -823,7 +823,7 @@ Constraints is an expression that Traefik matches against the Nomad service's ta
Default rule. (Default: ```Host(`{{ normalize .Name }}`)```) Default rule. (Default: ```Host(`{{ normalize .Name }}`)```)
`TRAEFIK_PROVIDERS_NOMAD_ENDPOINT_ADDRESS`: `TRAEFIK_PROVIDERS_NOMAD_ENDPOINT_ADDRESS`:
The address of the Nomad server, including scheme and port. The address of the Nomad server, including scheme and port. (Default: ```http://127.0.0.1:4646```)
`TRAEFIK_PROVIDERS_NOMAD_ENDPOINT_ENDPOINTWAITTIME`: `TRAEFIK_PROVIDERS_NOMAD_ENDPOINT_ENDPOINTWAITTIME`:
WaitTime limits how long a Watch will block. If not provided, the agent default values will be used (Default: ```0```) WaitTime limits how long a Watch will block. If not provided, the agent default values will be used (Default: ```0```)

View file

@ -62,9 +62,9 @@ type Provider struct {
} }
type EndpointConfig struct { type EndpointConfig struct {
// Address is the Nomad endpoint address, if empty it defaults to NOMAD_ADDR or "http://localhost:4646". // Address is the Nomad endpoint address, if empty it defaults to NOMAD_ADDR or "http://127.0.0.1:4646".
Address string `description:"The address of the Nomad server, including scheme and port." json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"` Address string `description:"The address of the Nomad server, including scheme and port." json:"address,omitempty" toml:"address,omitempty" yaml:"address,omitempty"`
// Region is the Nomad region, if empty it defaults to NOMAD_REGION or "global". // Region is the Nomad region, if empty it defaults to NOMAD_REGION.
Region string `description:"Nomad region to use. If not provided, the local agent region is used." json:"region,omitempty" toml:"region,omitempty" yaml:"region,omitempty"` Region string `description:"Nomad region to use. If not provided, the local agent region is used." json:"region,omitempty" toml:"region,omitempty" yaml:"region,omitempty"`
// Token is the ACL token to connect with Nomad, if empty it defaults to NOMAD_TOKEN. // Token is the ACL token to connect with Nomad, if empty it defaults to NOMAD_TOKEN.
Token string `description:"Token is used to provide a per-request ACL token." json:"token,omitempty" toml:"token,omitempty" yaml:"token,omitempty" loggable:"false"` Token string `description:"Token is used to provide a per-request ACL token." json:"token,omitempty" toml:"token,omitempty" yaml:"token,omitempty" loggable:"false"`
@ -74,7 +74,18 @@ type EndpointConfig struct {
// SetDefaults sets the default values for the Nomad Traefik Provider. // SetDefaults sets the default values for the Nomad Traefik Provider.
func (p *Provider) SetDefaults() { func (p *Provider) SetDefaults() {
p.Endpoint = &EndpointConfig{} defConfig := api.DefaultConfig()
p.Endpoint = &EndpointConfig{
Address: defConfig.Address,
Region: defConfig.Region,
Token: defConfig.SecretID,
TLS: &types.ClientTLS{
CA: defConfig.TLSConfig.CACert,
Cert: defConfig.TLSConfig.ClientCert,
Key: defConfig.TLSConfig.ClientKey,
InsecureSkipVerify: defConfig.TLSConfig.Insecure,
},
}
p.Prefix = defaultPrefix p.Prefix = defaultPrefix
p.ExposedByDefault = true p.ExposedByDefault = true
p.RefreshInterval = ptypes.Duration(15 * time.Second) p.RefreshInterval = ptypes.Duration(15 * time.Second)
@ -162,24 +173,19 @@ func (p *Provider) loadConfiguration(ctx context.Context, configurationC chan<-
} }
func createClient(namespace string, endpoint *EndpointConfig) (*api.Client, error) { func createClient(namespace string, endpoint *EndpointConfig) (*api.Client, error) {
config := api.Config{ return api.NewClient(&api.Config{
Address: endpoint.Address, Address: endpoint.Address,
Namespace: namespace, Namespace: namespace,
Region: endpoint.Region, Region: endpoint.Region,
SecretID: endpoint.Token, SecretID: endpoint.Token,
WaitTime: time.Duration(endpoint.EndpointWaitTime), WaitTime: time.Duration(endpoint.EndpointWaitTime),
} TLSConfig: &api.TLSConfig{
if endpoint.TLS != nil {
config.TLSConfig = &api.TLSConfig{
CACert: endpoint.TLS.CA, CACert: endpoint.TLS.CA,
ClientCert: endpoint.TLS.Cert, ClientCert: endpoint.TLS.Cert,
ClientKey: endpoint.TLS.Key, ClientKey: endpoint.TLS.Key,
Insecure: endpoint.TLS.InsecureSkipVerify, Insecure: endpoint.TLS.InsecureSkipVerify,
} },
} })
return api.NewClient(&config)
} }
// configuration contains information from the service's tags that are globals // configuration contains information from the service's tags that are globals

View file

@ -7,7 +7,9 @@ import (
"strings" "strings"
"testing" "testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/traefik/traefik/v2/pkg/types"
) )
func Test_globalConfig(t *testing.T) { func Test_globalConfig(t *testing.T) {
@ -71,6 +73,61 @@ func Test_globalConfig(t *testing.T) {
} }
} }
func TestProvider_SetDefaults_Endpoint(t *testing.T) {
testCases := []struct {
desc string
envs map[string]string
expected *EndpointConfig
}{
{
desc: "without env vars",
envs: map[string]string{},
expected: &EndpointConfig{
Address: "http://127.0.0.1:4646",
TLS: &types.ClientTLS{},
},
},
{
desc: "with env vars",
envs: map[string]string{
"NOMAD_ADDR": "https://nomad.example.com",
"NOMAD_REGION": "us-west",
"NOMAD_TOKEN": "almighty_token",
"NOMAD_CACERT": "/etc/ssl/private/nomad-agent-ca.pem",
"NOMAD_CLIENT_CERT": "/etc/ssl/private/global-client-nomad.pem",
"NOMAD_CLIENT_KEY": "/etc/ssl/private/global-client-nomad-key.pem",
"NOMAD_SKIP_VERIFY": "true",
},
expected: &EndpointConfig{
Address: "https://nomad.example.com",
Region: "us-west",
Token: "almighty_token",
TLS: &types.ClientTLS{
CA: "/etc/ssl/private/nomad-agent-ca.pem",
Cert: "/etc/ssl/private/global-client-nomad.pem",
Key: "/etc/ssl/private/global-client-nomad-key.pem",
InsecureSkipVerify: true,
},
EndpointWaitTime: 0,
},
},
}
for _, test := range testCases {
test := test
t.Run(test.desc, func(t *testing.T) {
for k, v := range test.envs {
t.Setenv(k, v)
}
p := &Provider{}
p.SetDefaults()
assert.Equal(t, test.expected, p.Endpoint)
})
}
}
func Test_getNomadServiceData(t *testing.T) { func Test_getNomadServiceData(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
switch { switch {