Clarify log messages in controller pkg
This commit is contained in:
Antoine Cotten
parent
92474ed1ac
commit
472dcb371b
11 changed files with 168 additions and 138 deletions
|
|
@ -219,7 +219,7 @@ func (n *NGINXController) getStreamServices(configmapName string, proto apiv1.Pr
|
|||
|
||||
configmap, err := n.store.GetConfigMap(configmapName)
|
||||
if err != nil {
|
||||
glog.Errorf("Error reading ConfigMap %q: %v", configmapName, err)
|
||||
glog.Errorf("Error getting ConfigMap %q: %v", configmapName, err)
|
||||
return []ingress.L4Service{}
|
||||
}
|
||||
|
||||
|
|
@ -236,7 +236,7 @@ func (n *NGINXController) getStreamServices(configmapName string, proto apiv1.Pr
|
|||
}
|
||||
reserverdPorts := sets.NewInt(rp...)
|
||||
|
||||
// svcRef format: <(str)namespace>/<(str)service>:<(intstr)port>[:<(bool)decode>:<(bool)encode>]
|
||||
// svcRef format: <(str)namespace>/<(str)service>:<(intstr)port>[:<("PROXY")decode>:<("PROXY")encode>]
|
||||
for port, svcRef := range configmap.Data {
|
||||
externalPort, err := strconv.Atoi(port)
|
||||
if err != nil {
|
||||
|
|
@ -278,7 +278,7 @@ func (n *NGINXController) getStreamServices(configmapName string, proto apiv1.Pr
|
|||
|
||||
svc, err := n.store.GetService(nsName)
|
||||
if err != nil {
|
||||
glog.Warningf("Error getting Service %q from local store: %v", nsName, err)
|
||||
glog.Warningf("Error getting Service %q: %v", nsName, err)
|
||||
continue
|
||||
}
|
||||
|
||||
|
|
@ -339,7 +339,7 @@ func (n *NGINXController) getDefaultUpstream() *ingress.Backend {
|
|||
svcKey := n.cfg.DefaultService
|
||||
svc, err := n.store.GetService(svcKey)
|
||||
if err != nil {
|
||||
glog.Warningf("Unexpected error getting default backend %q from local store: %v", n.cfg.DefaultService, err)
|
||||
glog.Warningf("Error getting default backend %q: %v", svcKey, err)
|
||||
upstream.Endpoints = append(upstream.Endpoints, n.DefaultEndpoint())
|
||||
return upstream
|
||||
}
|
||||
|
|
@ -364,9 +364,11 @@ func (n *NGINXController) getBackendServers(ingresses []*extensions.Ingress) ([]
|
|||
servers := n.createServers(ingresses, upstreams, du)
|
||||
|
||||
for _, ing := range ingresses {
|
||||
anns, err := n.store.GetIngressAnnotations(ing)
|
||||
ingKey := k8s.MetaNamespaceKey(ing)
|
||||
|
||||
anns, err := n.store.GetIngressAnnotations(ingKey)
|
||||
if err != nil {
|
||||
glog.Errorf("Unexpected error reading annotations for Ingress %q from local store: %v", ing.Name, err)
|
||||
glog.Errorf("Error getting Ingress annotations %q: %v", ingKey, err)
|
||||
}
|
||||
|
||||
for _, rule := range ing.Spec.Rules {
|
||||
|
|
@ -381,7 +383,7 @@ func (n *NGINXController) getBackendServers(ingresses []*extensions.Ingress) ([]
|
|||
|
||||
if rule.HTTP == nil &&
|
||||
host != defServerName {
|
||||
glog.V(3).Infof("Ingress \"%v/%v\" does not contain any HTTP rule, using default backend.", ing.Namespace, ing.Name)
|
||||
glog.V(3).Infof("Ingress %q does not contain any HTTP rule, using default backend", ingKey)
|
||||
continue
|
||||
}
|
||||
|
||||
|
|
@ -392,10 +394,12 @@ func (n *NGINXController) getBackendServers(ingresses []*extensions.Ingress) ([]
|
|||
if server.CertificateAuth.CAFileName == "" {
|
||||
server.CertificateAuth = anns.CertificateAuth
|
||||
if server.CertificateAuth.Secret != "" && server.CertificateAuth.CAFileName == "" {
|
||||
glog.V(3).Infof("Secret %q does not contain 'ca.crt' key, mutual authentication disabled for Ingress \"%v/%v\"", server.CertificateAuth.Secret, ing.Namespace, ing.Name)
|
||||
glog.V(3).Infof("Secret %q has no 'ca.crt' key, mutual authentication disabled for Ingress %q",
|
||||
server.CertificateAuth.Secret, ingKey)
|
||||
}
|
||||
} else {
|
||||
glog.V(3).Infof("Server %v is already configured for mutual authentication (Ingress \"%v/%v\")", server.Hostname, ing.Namespace, ing.Name)
|
||||
glog.V(3).Infof("Server %q is already configured for mutual authentication (Ingress %q)",
|
||||
server.Hostname, ingKey)
|
||||
}
|
||||
|
||||
for _, path := range rule.HTTP.Paths {
|
||||
|
|
@ -417,11 +421,14 @@ func (n *NGINXController) getBackendServers(ingresses []*extensions.Ingress) ([]
|
|||
addLoc = false
|
||||
|
||||
if !loc.IsDefBackend {
|
||||
glog.V(3).Infof("Location %q already configured for server %q with upstream %q (Ingress \"%v/%v\")", loc.Path, server.Hostname, loc.Backend, ing.Namespace, ing.Name)
|
||||
glog.V(3).Infof("Location %q already configured for server %q with upstream %q (Ingress %q)",
|
||||
loc.Path, server.Hostname, loc.Backend, ingKey)
|
||||
break
|
||||
}
|
||||
|
||||
glog.V(3).Infof("Replacing location %q for server %q with upstream %q to use upstream %q (Ingress \"%v/%v\")", loc.Path, server.Hostname, loc.Backend, ups.Name, ing.Namespace, ing.Name)
|
||||
glog.V(3).Infof("Replacing location %q for server %q with upstream %q to use upstream %q (Ingress %q)",
|
||||
loc.Path, server.Hostname, loc.Backend, ups.Name, ingKey)
|
||||
|
||||
loc.Backend = ups.Name
|
||||
loc.IsDefBackend = false
|
||||
loc.Port = ups.Port
|
||||
|
|
@ -457,7 +464,9 @@ func (n *NGINXController) getBackendServers(ingresses []*extensions.Ingress) ([]
|
|||
|
||||
// new location
|
||||
if addLoc {
|
||||
glog.V(3).Infof("Adding location %q for server %q with upstream %q (Ingress \"%v/%v\")", nginxPath, server.Hostname, ups.Name, ing.Namespace, ing.Name)
|
||||
glog.V(3).Infof("Adding location %q for server %q with upstream %q (Ingress %q)",
|
||||
nginxPath, server.Hostname, ups.Name, ingKey)
|
||||
|
||||
loc := &ingress.Location{
|
||||
Path: nginxPath,
|
||||
Backend: ups.Name,
|
||||
|
|
@ -520,7 +529,8 @@ func (n *NGINXController) getBackendServers(ingresses []*extensions.Ingress) ([]
|
|||
for _, location := range server.Locations {
|
||||
if upstream.Name == location.Backend {
|
||||
if len(upstream.Endpoints) == 0 {
|
||||
glog.V(3).Infof("Upstream %q does not have any active endpoints.", upstream.Name)
|
||||
glog.V(3).Infof("Upstream %q has no active Endpoint", upstream.Name)
|
||||
|
||||
location.Backend = "" // for nginx.tmpl checking
|
||||
|
||||
// check if the location contains endpoints and a custom default backend
|
||||
|
|
@ -530,6 +540,7 @@ func (n *NGINXController) getBackendServers(ingresses []*extensions.Ingress) ([]
|
|||
if len(endps) > 0 {
|
||||
glog.V(3).Infof("Using custom default backend for location %q in server %q (Service \"%v/%v\")",
|
||||
location.Path, server.Hostname, location.DefaultBackend.Namespace, location.DefaultBackend.Name)
|
||||
|
||||
nb := upstream.DeepCopy()
|
||||
name := fmt.Sprintf("custom-default-backend-%v", upstream.Name)
|
||||
nb.Name = name
|
||||
|
|
@ -592,9 +603,11 @@ func (n *NGINXController) createUpstreams(data []*extensions.Ingress, du *ingres
|
|||
upstreams[defUpstreamName] = du
|
||||
|
||||
for _, ing := range data {
|
||||
anns, err := n.store.GetIngressAnnotations(ing)
|
||||
ingKey := k8s.MetaNamespaceKey(ing)
|
||||
|
||||
anns, err := n.store.GetIngressAnnotations(ingKey)
|
||||
if err != nil {
|
||||
glog.Errorf("Error reading Ingress annotations: %v", err)
|
||||
glog.Errorf("Error getting Ingress annotations %q: %v", ingKey, err)
|
||||
}
|
||||
|
||||
var defBackend string
|
||||
|
|
@ -736,7 +749,7 @@ func (n *NGINXController) getServiceClusterEndpoint(svcKey string, backend *exte
|
|||
}
|
||||
}
|
||||
if port == -1 {
|
||||
return endpoint, fmt.Errorf("service %q does not have a port named %q", svc.Name, backend.ServicePort)
|
||||
return endpoint, fmt.Errorf("Service %q does not have a port named %q", svc.Name, backend.ServicePort)
|
||||
}
|
||||
endpoint.Port = fmt.Sprintf("%d", port)
|
||||
} else {
|
||||
|
|
@ -754,7 +767,7 @@ func (n *NGINXController) serviceEndpoints(svcKey, backendPort string,
|
|||
|
||||
var upstreams []ingress.Endpoint
|
||||
if err != nil {
|
||||
return upstreams, fmt.Errorf("error getting Service %q from local store: %v", svcKey, err)
|
||||
return upstreams, err
|
||||
}
|
||||
|
||||
glog.V(3).Infof("Obtaining ports information for Service %q", svcKey)
|
||||
|
|
@ -875,9 +888,11 @@ func (n *NGINXController) createServers(data []*extensions.Ingress,
|
|||
|
||||
// initialize all other servers
|
||||
for _, ing := range data {
|
||||
anns, err := n.store.GetIngressAnnotations(ing)
|
||||
ingKey := k8s.MetaNamespaceKey(ing)
|
||||
|
||||
anns, err := n.store.GetIngressAnnotations(ingKey)
|
||||
if err != nil {
|
||||
glog.Errorf("Error reading Ingress %q annotations from local store: %v", ing.Name, err)
|
||||
glog.Errorf("Error getting Ingress annotations %q: %v", ingKey, err)
|
||||
}
|
||||
|
||||
// default upstream name
|
||||
|
|
@ -893,7 +908,8 @@ func (n *NGINXController) createServers(data []*extensions.Ingress,
|
|||
// special "catch all" case, Ingress with a backend but no rule
|
||||
defLoc := servers[defServerName].Locations[0]
|
||||
if defLoc.IsDefBackend && len(ing.Spec.Rules) == 0 {
|
||||
glog.Infof("Ingress \"%v/%v\" defines a backend but no rule. Using it to configure the catch-all server %q", ing.Namespace, ing.Name, defServerName)
|
||||
glog.Infof("Ingress %q defines a backend but no rule. Using it to configure the catch-all server %q",
|
||||
ingKey, defServerName)
|
||||
|
||||
defLoc.IsDefBackend = false
|
||||
defLoc.Backend = backendUpstream.Name
|
||||
|
|
@ -919,7 +935,8 @@ func (n *NGINXController) createServers(data []*extensions.Ingress,
|
|||
defLoc.LuaRestyWAF = anns.LuaRestyWAF
|
||||
defLoc.InfluxDB = anns.InfluxDB
|
||||
} else {
|
||||
glog.V(3).Infof("Ingress \"%v/%v\" defines both a backend and rules. Using its backend as default upstream for all its rules.", ing.Namespace, ing.Name)
|
||||
glog.V(3).Infof("Ingress %q defines both a backend and rules. Using its backend as default upstream for all its rules.",
|
||||
ingKey)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -953,9 +970,11 @@ func (n *NGINXController) createServers(data []*extensions.Ingress,
|
|||
|
||||
// configure default location, alias, and SSL
|
||||
for _, ing := range data {
|
||||
anns, err := n.store.GetIngressAnnotations(ing)
|
||||
ingKey := k8s.MetaNamespaceKey(ing)
|
||||
|
||||
anns, err := n.store.GetIngressAnnotations(ingKey)
|
||||
if err != nil {
|
||||
glog.Errorf("Error reading Ingress %q annotations from local store: %v", ing.Name, err)
|
||||
glog.Errorf("Error getting Ingress annotations %q: %v", ingKey, err)
|
||||
}
|
||||
|
||||
for _, rule := range ing.Spec.Rules {
|
||||
|
|
@ -971,8 +990,8 @@ func (n *NGINXController) createServers(data []*extensions.Ingress,
|
|||
aliases["Alias"] = host
|
||||
}
|
||||
} else {
|
||||
glog.Warningf("Aliases already configured for server %q, skipping (Ingress \"%v/%v\")",
|
||||
host, ing.Namespace, ing.Name)
|
||||
glog.Warningf("Aliases already configured for server %q, skipping (Ingress %q)",
|
||||
host, ingKey)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -980,8 +999,8 @@ func (n *NGINXController) createServers(data []*extensions.Ingress,
|
|||
if servers[host].ServerSnippet == "" {
|
||||
servers[host].ServerSnippet = anns.ServerSnippet
|
||||
} else {
|
||||
glog.Warningf("Server snippet already configured for server %q, skipping (Ingress \"%v/%v\")",
|
||||
host, ing.Namespace, ing.Name)
|
||||
glog.Warningf("Server snippet already configured for server %q, skipping (Ingress %q)",
|
||||
host, ingKey)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -996,7 +1015,7 @@ func (n *NGINXController) createServers(data []*extensions.Ingress,
|
|||
}
|
||||
|
||||
if len(ing.Spec.TLS) == 0 {
|
||||
glog.V(3).Infof("Ingress \"%v/%v\" does not contains a TLS section.", ing.Namespace, ing.Name)
|
||||
glog.V(3).Infof("Ingress %q does not contains a TLS section.", ingKey)
|
||||
continue
|
||||
}
|
||||
|
||||
|
|
@ -1009,22 +1028,23 @@ func (n *NGINXController) createServers(data []*extensions.Ingress,
|
|||
continue
|
||||
}
|
||||
|
||||
key := fmt.Sprintf("%v/%v", ing.Namespace, tlsSecretName)
|
||||
cert, err := n.store.GetLocalSSLCert(key)
|
||||
secrKey := fmt.Sprintf("%v/%v", ing.Namespace, tlsSecretName)
|
||||
cert, err := n.store.GetLocalSSLCert(secrKey)
|
||||
if err != nil {
|
||||
glog.Warningf("SSL certificate %q does not exist in local store.", key)
|
||||
glog.Warningf("Error getting SSL certificate %q: %v", secrKey, err)
|
||||
continue
|
||||
}
|
||||
|
||||
err = cert.Certificate.VerifyHostname(host)
|
||||
if err != nil {
|
||||
glog.Warningf("Unexpected error validating SSL certificate %q for server %q: %v", key, host, err)
|
||||
glog.Warningf("Unexpected error validating SSL certificate %q for server %q: %v", secrKey, host, err)
|
||||
glog.Warning("Validating certificate against DNS names. This will be deprecated in a future version.")
|
||||
// check the Common Name field
|
||||
// https://github.com/golang/go/issues/22922
|
||||
err := verifyHostname(host, cert.Certificate)
|
||||
if err != nil {
|
||||
glog.Warningf("SSL certificate %q does not contain a Common Name or Subject Alternative Name for server %q: %v", key, host, err)
|
||||
glog.Warningf("SSL certificate %q does not contain a Common Name or Subject Alternative Name for server %q: %v",
|
||||
secrKey, host, err)
|
||||
continue
|
||||
}
|
||||
}
|
||||
|
|
@ -1065,10 +1085,11 @@ func extractTLSSecretName(host string, ing *extensions.Ingress,
|
|||
|
||||
// no TLS host matching host name, try each TLS host for matching SAN or CN
|
||||
for _, tls := range ing.Spec.TLS {
|
||||
key := fmt.Sprintf("%v/%v", ing.Namespace, tls.SecretName)
|
||||
cert, err := getLocalSSLCert(key)
|
||||
secrKey := fmt.Sprintf("%v/%v", ing.Namespace, tls.SecretName)
|
||||
|
||||
cert, err := getLocalSSLCert(secrKey)
|
||||
if err != nil {
|
||||
glog.Warningf("SSL certificate %q does not exist in local store.", key)
|
||||
glog.Warningf("Error getting SSL certificate %q: %v", secrKey, err)
|
||||
continue
|
||||
}
|
||||
|
||||
|
|
@ -1080,7 +1101,7 @@ func extractTLSSecretName(host string, ing *extensions.Ingress,
|
|||
if err != nil {
|
||||
continue
|
||||
}
|
||||
glog.V(3).Infof("Found SSL certificate matching host %q: %q", host, key)
|
||||
glog.V(3).Infof("Found SSL certificate matching host %q: %q", host, secrKey)
|
||||
return tls.SecretName
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue