ARO-RP/cmd/aro/rp.go

180 строки
4.7 KiB
Go

package main
// Copyright (c) Microsoft Corporation.
// Licensed under the Apache License 2.0.
import (
"context"
"fmt"
"os"
"os/signal"
"syscall"
"github.com/Azure/go-autorest/tracing"
"github.com/sirupsen/logrus"
kmetrics "k8s.io/client-go/tools/metrics"
"github.com/Azure/ARO-RP/pkg/api"
_ "github.com/Azure/ARO-RP/pkg/api/admin"
_ "github.com/Azure/ARO-RP/pkg/api/v20191231preview"
_ "github.com/Azure/ARO-RP/pkg/api/v20200430"
_ "github.com/Azure/ARO-RP/pkg/api/v20210901preview"
"github.com/Azure/ARO-RP/pkg/backend"
"github.com/Azure/ARO-RP/pkg/database"
"github.com/Azure/ARO-RP/pkg/env"
"github.com/Azure/ARO-RP/pkg/frontend"
"github.com/Azure/ARO-RP/pkg/frontend/adminactions"
"github.com/Azure/ARO-RP/pkg/metrics/statsd"
"github.com/Azure/ARO-RP/pkg/metrics/statsd/azure"
"github.com/Azure/ARO-RP/pkg/metrics/statsd/golang"
"github.com/Azure/ARO-RP/pkg/metrics/statsd/k8s"
"github.com/Azure/ARO-RP/pkg/util/clusterdata"
"github.com/Azure/ARO-RP/pkg/util/encryption"
)
func rp(ctx context.Context, log, audit *logrus.Entry) error {
stop := make(chan struct{})
_env, err := env.NewEnv(ctx, log)
if err != nil {
return err
}
var keys []string
if _env.IsLocalDevelopmentMode() {
keys = []string{
"PULL_SECRET",
}
} else {
keys = []string{
"ACR_RESOURCE_ID",
"ADMIN_API_CLIENT_CERT_COMMON_NAME",
"MDM_ACCOUNT",
"MDM_NAMESPACE",
}
if _, found := os.LookupEnv("PULL_SECRET"); found {
return fmt.Errorf(`environment variable "PULL_SECRET" set`)
}
}
for _, key := range keys {
if _, found := os.LookupEnv(key); !found {
return fmt.Errorf("environment variable %q unset", key)
}
}
err = _env.InitializeAuthorizers()
if err != nil {
return err
}
m := statsd.New(ctx, log.WithField("component", "metrics"), _env, os.Getenv("MDM_ACCOUNT"), os.Getenv("MDM_NAMESPACE"))
g, err := golang.NewMetrics(log.WithField("component", "metrics"), m)
if err != nil {
return err
}
go g.Run()
tracing.Register(azure.New(m))
kmetrics.Register(kmetrics.RegisterOpts{
RequestResult: k8s.NewResult(m),
RequestLatency: k8s.NewLatency(m),
})
msiAuthorizer, err := _env.NewMSIAuthorizer(env.MSIContextRP, _env.Environment().ResourceManagerEndpoint)
if err != nil {
return err
}
dbKey, err := _env.ServiceKeyvault().GetBase64Secret(ctx, env.EncryptionSecretName)
if err != nil {
return err
}
aead, err := encryption.NewXChaCha20Poly1305(ctx, dbKey)
if err != nil {
return err
}
dbAuthorizer, err := database.NewMasterKeyAuthorizer(ctx, _env, msiAuthorizer)
if err != nil {
return err
}
dbc, err := database.NewDatabaseClient(log.WithField("component", "database"), _env, dbAuthorizer, m, aead)
if err != nil {
return err
}
dbAsyncOperations, err := database.NewAsyncOperations(ctx, _env.IsLocalDevelopmentMode(), dbc)
if err != nil {
return err
}
dbBilling, err := database.NewBilling(ctx, _env.IsLocalDevelopmentMode(), dbc)
if err != nil {
return err
}
dbGateway, err := database.NewGateway(ctx, _env.IsLocalDevelopmentMode(), dbc)
if err != nil {
return err
}
dbOpenShiftClusters, err := database.NewOpenShiftClusters(ctx, _env.IsLocalDevelopmentMode(), dbc)
if err != nil {
return err
}
dbSubscriptions, err := database.NewSubscriptions(ctx, _env.IsLocalDevelopmentMode(), dbc)
if err != nil {
return err
}
go database.EmitMetrics(ctx, log, dbOpenShiftClusters, m)
feKey, err := _env.ServiceKeyvault().GetBase64Secret(ctx, env.FrontendEncryptionSecretName)
if err != nil {
return err
}
feAead, err := encryption.NewXChaCha20Poly1305(ctx, feKey)
if err != nil {
return err
}
f, err := frontend.NewFrontend(ctx, audit, log.WithField("component", "frontend"), _env, dbAsyncOperations, dbOpenShiftClusters, dbSubscriptions, api.APIs, m, feAead, adminactions.NewKubeActions, adminactions.NewAzureActions, clusterdata.NewBestEffortEnricher)
if err != nil {
return err
}
b, err := backend.NewBackend(ctx, log.WithField("component", "backend"), _env, dbAsyncOperations, dbBilling, dbGateway, dbOpenShiftClusters, dbSubscriptions, aead, m)
if err != nil {
return err
}
// This part of the code orchestrates shutdown sequence. When sigterm is
// received, it will trigger backend to stop accepting new documents and
// finish old ones. Frontend will stop advertising itself to the loadbalancer.
// When shutdown completes for frontend and backend "/healthz" endpoint
// will go dark and external observer will know that shutdown sequence is finished
sigterm := make(chan os.Signal, 1)
doneF := make(chan struct{})
doneB := make(chan struct{})
signal.Notify(sigterm, syscall.SIGTERM)
log.Print("listening")
go b.Run(ctx, stop, doneB)
go f.Run(ctx, stop, doneF)
<-sigterm
log.Print("received SIGTERM")
close(stop)
<-doneB
<-doneF
return nil
}