Add read only public port on volume server
Add read only public port on volume server
This commit is contained in:
chrislusf
@@ -64,7 +64,7 @@ var (
|
||||
masterConfFile = cmdServer.Flag.String("master.conf", "/etc/weedfs/weedfs.conf", "xml configuration file")
|
||||
masterDefaultReplicaPlacement = cmdServer.Flag.String("master.defaultReplicaPlacement", "000", "Default replication type if not specified.")
|
||||
volumePort = cmdServer.Flag.Int("volume.port", 8080, "volume server http listen port")
|
||||
volumeAdminPort = cmdServer.Flag.Int("volume.port.admin", 0, "volume server admin port to talk with master and other volume servers")
|
||||
volumePublicPort = cmdServer.Flag.Int("volume.port.public", 0, "volume server public port")
|
||||
volumeDataFolders = cmdServer.Flag.String("dir", os.TempDir(), "directories to store data files. dir[,dir]...")
|
||||
volumeMaxDataVolumeCounts = cmdServer.Flag.String("volume.max", "7", "maximum numbers of volumes, count[,count]...")
|
||||
volumePulse = cmdServer.Flag.Int("pulseSeconds", 5, "number of seconds between heartbeats")
|
||||
@@ -109,8 +109,8 @@ func runServer(cmd *Command, args []string) bool {
|
||||
*filerOptions.defaultReplicaPlacement = *masterDefaultReplicaPlacement
|
||||
}
|
||||
|
||||
if *volumeAdminPort == 0 {
|
||||
*volumeAdminPort = *volumePort
|
||||
if *volumePublicPort == 0 {
|
||||
*volumePublicPort = *volumePort
|
||||
}
|
||||
|
||||
if *serverMaxCpu < 1 {
|
||||
@@ -223,9 +223,17 @@ func runServer(cmd *Command, args []string) bool {
|
||||
|
||||
volumeWait.Wait()
|
||||
time.Sleep(100 * time.Millisecond)
|
||||
r := http.NewServeMux()
|
||||
volumeServer := weed_server.NewVolumeServer(r, r,
|
||||
*serverIp, *volumePort, *volumeAdminPort, *serverPublicUrl,
|
||||
if *volumePublicPort == 0 {
|
||||
*volumePublicPort = *volumePort
|
||||
}
|
||||
isSeperatedPublicPort := *volumePublicPort != *volumePort
|
||||
volumeMux := http.NewServeMux()
|
||||
publicVolumeMux := volumeMux
|
||||
if isSeperatedPublicPort {
|
||||
publicVolumeMux = http.NewServeMux()
|
||||
}
|
||||
volumeServer := weed_server.NewVolumeServer(volumeMux, publicVolumeMux,
|
||||
*serverIp, *volumePort, *serverPublicUrl,
|
||||
folders, maxCounts,
|
||||
*serverIp+":"+strconv.Itoa(*masterPort), *volumePulse, *serverDataCenter, *serverRack,
|
||||
serverWhiteList, *volumeFixJpgOrientation,
|
||||
@@ -239,13 +247,26 @@ func runServer(cmd *Command, args []string) bool {
|
||||
if eListen != nil {
|
||||
glog.Fatalf("Volume server listener error: %v", eListen)
|
||||
}
|
||||
if isSeperatedPublicPort {
|
||||
publicListeningAddress := *serverIp + ":" + strconv.Itoa(*volumePublicPort)
|
||||
glog.V(0).Infoln("Start Seaweed volume server", util.VERSION, "public at", publicListeningAddress)
|
||||
publicListener, e := util.NewListener(publicListeningAddress, time.Duration(*serverTimeout)*time.Second)
|
||||
if e != nil {
|
||||
glog.Fatalf("Volume server listener error:%v", e)
|
||||
}
|
||||
go func() {
|
||||
if e := http.Serve(publicListener, publicVolumeMux); e != nil {
|
||||
glog.Fatalf("Volume server fail to serve public: %v", e)
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
OnInterrupt(func() {
|
||||
volumeServer.Shutdown()
|
||||
pprof.StopCPUProfile()
|
||||
})
|
||||
|
||||
if e := http.Serve(volumeListener, r); e != nil {
|
||||
if e := http.Serve(volumeListener, volumeMux); e != nil {
|
||||
glog.Fatalf("Volume server fail to serve:%v", e)
|
||||
}
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@ var (
|
||||
|
||||
type VolumeServerOptions struct {
|
||||
port *int
|
||||
adminPort *int
|
||||
publicPort *int
|
||||
folders []string
|
||||
folderMaxLimits []int
|
||||
ip *string
|
||||
@@ -38,7 +38,7 @@ type VolumeServerOptions struct {
|
||||
func init() {
|
||||
cmdVolume.Run = runVolume // break init cycle
|
||||
v.port = cmdVolume.Flag.Int("port", 8080, "http listen port")
|
||||
v.adminPort = cmdVolume.Flag.Int("port.admin", 0, "admin port to talk with master and other volume servers")
|
||||
v.publicPort = cmdVolume.Flag.Int("port.public", 0, "port opened to public")
|
||||
v.ip = cmdVolume.Flag.String("ip", "", "ip or server name")
|
||||
v.publicUrl = cmdVolume.Flag.String("publicUrl", "", "Publicly accessible address")
|
||||
v.bindIp = cmdVolume.Flag.String("ip.bind", "0.0.0.0", "ip address to bind to")
|
||||
@@ -102,19 +102,19 @@ func runVolume(cmd *Command, args []string) bool {
|
||||
*v.publicUrl = *v.ip + ":" + strconv.Itoa(*v.port)
|
||||
}
|
||||
|
||||
if *v.adminPort == 0 {
|
||||
*v.adminPort = *v.port
|
||||
if *v.publicPort == 0 {
|
||||
*v.publicPort = *v.port
|
||||
}
|
||||
isSeperatedAdminPort := *v.adminPort != *v.port
|
||||
isSeperatedPublicPort := *v.publicPort != *v.port
|
||||
|
||||
publicMux := http.NewServeMux()
|
||||
adminMux := publicMux
|
||||
if isSeperatedAdminPort {
|
||||
adminMux = http.NewServeMux()
|
||||
volumeMux := http.NewServeMux()
|
||||
publicVolumeMux := volumeMux
|
||||
if isSeperatedPublicPort {
|
||||
publicVolumeMux = http.NewServeMux()
|
||||
}
|
||||
|
||||
volumeServer := weed_server.NewVolumeServer(publicMux, adminMux,
|
||||
*v.ip, *v.port, *v.adminPort, *v.publicUrl,
|
||||
volumeServer := weed_server.NewVolumeServer(volumeMux, publicVolumeMux,
|
||||
*v.ip, *v.port, *v.publicUrl,
|
||||
v.folders, v.folderMaxLimits,
|
||||
*v.master, *v.pulseSeconds, *v.dataCenter, *v.rack,
|
||||
v.whiteList,
|
||||
@@ -127,16 +127,16 @@ func runVolume(cmd *Command, args []string) bool {
|
||||
if e != nil {
|
||||
glog.Fatalf("Volume server listener error:%v", e)
|
||||
}
|
||||
if isSeperatedAdminPort {
|
||||
adminListeningAddress := *v.bindIp + ":" + strconv.Itoa(*v.adminPort)
|
||||
glog.V(0).Infoln("Start Seaweed volume server", util.VERSION, "admin at", adminListeningAddress)
|
||||
adminListener, e := util.NewListener(adminListeningAddress, time.Duration(*v.idleConnectionTimeout)*time.Second)
|
||||
if isSeperatedPublicPort {
|
||||
publicListeningAddress := *v.bindIp + ":" + strconv.Itoa(*v.publicPort)
|
||||
glog.V(0).Infoln("Start Seaweed volume server", util.VERSION, "public at", publicListeningAddress)
|
||||
publicListener, e := util.NewListener(publicListeningAddress, time.Duration(*v.idleConnectionTimeout)*time.Second)
|
||||
if e != nil {
|
||||
glog.Fatalf("Volume server listener error:%v", e)
|
||||
}
|
||||
go func() {
|
||||
if e := http.Serve(adminListener, adminMux); e != nil {
|
||||
glog.Fatalf("Volume server fail to serve admin: %v", e)
|
||||
if e := http.Serve(publicListener, publicVolumeMux); e != nil {
|
||||
glog.Fatalf("Volume server fail to serve public: %v", e)
|
||||
}
|
||||
}()
|
||||
}
|
||||
@@ -145,7 +145,7 @@ func runVolume(cmd *Command, args []string) bool {
|
||||
volumeServer.Shutdown()
|
||||
})
|
||||
|
||||
if e := http.Serve(listener, publicMux); e != nil {
|
||||
if e := http.Serve(listener, volumeMux); e != nil {
|
||||
glog.Fatalf("Volume server fail to serve: %v", e)
|
||||
}
|
||||
return true
|
||||
|
||||
@@ -23,8 +23,8 @@ type VolumeServer struct {
|
||||
FixJpgOrientation bool
|
||||
}
|
||||
|
||||
func NewVolumeServer(publicMux, adminMux *http.ServeMux, ip string,
|
||||
port, adminPort int, publicUrl string,
|
||||
func NewVolumeServer(adminMux, publicMux *http.ServeMux, ip string,
|
||||
port int, publicUrl string,
|
||||
folders []string, maxCounts []int,
|
||||
masterNode string, pulseSeconds int,
|
||||
dataCenter string, rack string,
|
||||
@@ -37,7 +37,7 @@ func NewVolumeServer(publicMux, adminMux *http.ServeMux, ip string,
|
||||
FixJpgOrientation: fixJpgOrientation,
|
||||
}
|
||||
vs.SetMasterNode(masterNode)
|
||||
vs.store = storage.NewStore(port, adminPort, ip, publicUrl, folders, maxCounts)
|
||||
vs.store = storage.NewStore(port, ip, publicUrl, folders, maxCounts)
|
||||
|
||||
vs.guard = security.NewGuard(whiteList, "")
|
||||
|
||||
@@ -56,8 +56,7 @@ func NewVolumeServer(publicMux, adminMux *http.ServeMux, ip string,
|
||||
adminMux.HandleFunc("/delete", vs.guard.WhiteList(vs.batchDeleteHandler))
|
||||
adminMux.HandleFunc("/", vs.privateStoreHandler)
|
||||
}
|
||||
publicMux.HandleFunc("/delete", vs.guard.Secure(vs.batchDeleteHandler))
|
||||
publicMux.HandleFunc("/", vs.publicStoreHandler)
|
||||
publicMux.HandleFunc("/", vs.publicReadOnlyHandler)
|
||||
|
||||
go func() {
|
||||
connected := true
|
||||
|
||||
@@ -8,19 +8,17 @@ import (
|
||||
|
||||
/*
|
||||
|
||||
Public port supports reads. Writes on public port can have one of the 3
|
||||
If volume server is started with a separated public port, the public port will
|
||||
be more "secure".
|
||||
|
||||
Public port currently only supports reads.
|
||||
|
||||
Later writes on public port can have one of the 3
|
||||
security settings:
|
||||
1. not secured
|
||||
2. secured by white list
|
||||
3. secured by JWT(Json Web Token)
|
||||
|
||||
If volume server is started with a separated admin port, the admin port will
|
||||
have less "security" for easier implementation.
|
||||
Admin port always supports reads. Writes on admin port can have one of
|
||||
the 2 security settings:
|
||||
1. not secured
|
||||
2. secured by white list
|
||||
|
||||
*/
|
||||
|
||||
func (vs *VolumeServer) privateStoreHandler(w http.ResponseWriter, r *http.Request) {
|
||||
@@ -43,7 +41,7 @@ func (vs *VolumeServer) privateStoreHandler(w http.ResponseWriter, r *http.Reque
|
||||
}
|
||||
}
|
||||
|
||||
func (vs *VolumeServer) publicStoreHandler(w http.ResponseWriter, r *http.Request) {
|
||||
func (vs *VolumeServer) publicReadOnlyHandler(w http.ResponseWriter, r *http.Request) {
|
||||
switch r.Method {
|
||||
case "GET":
|
||||
stats.ReadRequest()
|
||||
@@ -51,14 +49,5 @@ func (vs *VolumeServer) publicStoreHandler(w http.ResponseWriter, r *http.Reques
|
||||
case "HEAD":
|
||||
stats.ReadRequest()
|
||||
vs.GetOrHeadHandler(w, r)
|
||||
case "DELETE":
|
||||
stats.DeleteRequest()
|
||||
vs.guard.Secure(vs.DeleteHandler)(w, r)
|
||||
case "PUT":
|
||||
stats.WriteRequest()
|
||||
vs.guard.Secure(vs.PostHandler)(w, r)
|
||||
case "POST":
|
||||
stats.WriteRequest()
|
||||
vs.guard.Secure(vs.PostHandler)(w, r)
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user