Git Product home page Git Product logo

hawk-apiserver's Introduction

Hawk API Server

GoDoc Go Report Card

HTTPS API server / minimalist web proxy for Hawk.

Table of content

Rationale

This project currently provides a minimalistic web server which handles SSL certificate termination, proxying and static file serving for HAWK

The primary goal for this project is to provide the minimal web server needed by Hawk while consuming as few system resources as possible. Second, it provides the /monitor API endpoint which handles long-lived connections from the frontend to enable instant updates of the interface on cluster events, leveraged by go-pacemaker

The API server is still under its basic development phase.

Devel

Dependencies:

  • following pkgs: libqb-devel libpacemaker-devel.
  • Use make to interact with the standards dev lifecycle.

Generating an SSL certificates:

SSLGEN_KEY=hawk.key SSLGEN_CERT=hawk.pem ./tools/generate-ssl-cert

Usage:

The hawk-api-server is used currently mainly for hawk usage purposes, and in future as API-server.

Configuration

Pass -config <config> as an argument to give the server a configuration file. The format is a json dictionary with key / value pairs.

The available configuration values are described below. If a value is set both in the configuration file and in a command line argument, the command line argument takes precedence.

  • key: Path to SSL key. (argument: -key)

  • cert: Path to SSL certificate. (argument: -cert)

  • port: TCP port to listen to for connections. (argument: -port)

  • route: List of json maps that configure the routing table.

The route format is very limited and adapted to serving hawk, but enable reconfiguration of the exact paths to certificates, files and sockets.

Example:

{
  "key": "/etc/hawk/hawk.key",
  "cert": "/etc/hawk/hawk.pem",
  "port": 7630,
  "route": [
    {
      "handler": "monitor",
      "path": "/monitor"
    },
    {
      "handler": "file",
      "path": "/",
      "target": "/usr/share/hawk/public"
    },
    {
      "handler": "proxy",
      "path": "/",
      "target": "unix:///var/run/hawk/app.sock"
    }
  ]
}

Features:

  • HTTPS server
  • reverse proxy
  • /monitor API endpoint which handles long-lived connections from the frontend to enable instant updates of the interface on cluster events.

Authentication

  • Basic auth: Get user:password from HTTP headers. Map to system user. Verify that system user is a member of the haclient group.

  • Cookie auth (cookie created by hawk rails app): If a valid cookie is found in the HTTP headers, this is accepted as authentication. Session cookie is stored in attrd.

hawk-apiserver's People

Contributors

aleksei-burlakov avatar ayoub-belarbi avatar diegoakechi avatar krig avatar liangxin1300 avatar mallozup avatar nick-wang avatar petrpavlu avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

hawk-apiserver's Issues

[Discussion] Keep url path for short

About PR #5
From my opinion, "/configuration/" prefix is not necessary.
I think keep the url path short and simple is fine.

"Method Path" like these is easy to remeber:

GET/POST/PUT/DELETE  api/v1/nodes
GET/POST/PUT/DELETE  api/v1/resources

Instead of:

GET/POST/PUT/DELETE  api/v1/configuration/nodes
GET/POST/PUT/DELETE  api/v1/configuration/resources

If we do not have some necessary reason like short path will have namespace or name conflict problem,
I suggest keep it for short

The duplicate warning/error will output for every 5 seconds.

Will output "Failed to connect to Pacemaker: -107: ENOTCONN Transport endpoint is not connected" for every 5 secs if pacemaker is stopped. Similar issues like "Failed to query CIB" and "Failed to subscribe"

Unnecessary to output the duplicate warning, or have a threshold for the numbers.

go get fails

Maybe some problems with the submodule config?

$ go get github.com/ClusterLabs/hawk-apiserver/
# cd /home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver; git submodule update --init --recursive
Submodule 'vendor/github.com/krig/go-pacemaker' ([email protected]:krig/go-pacemaker) registered for path 'vendor/github.com/krig/go-pacemaker'
Submodule 'vendor/github.com/sirupsen/logrus' ([email protected]:sirupsen/logrus) registered for path 'vendor/github.com/sirupsen/logrus'
Submodule 'vendor/golang.org/x/crypto' ([email protected]:golang/crypto) registered for path 'vendor/golang.org/x/crypto'
Submodule 'vendor/golang.org/x/net' ([email protected]:golang/net) registered for path 'vendor/golang.org/x/net'
Submodule 'vendor/golang.org/x/sys' ([email protected]:golang/sys) registered for path 'vendor/golang.org/x/sys'
Submodule 'vendor/gopkg.in/xmlpath.v2' ([email protected]:go-xmlpath/xmlpath.git) registered for path 'vendor/gopkg.in/xmlpath.v2'
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/github.com/krig/go-pacemaker'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:krig/go-pacemaker' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/github.com/krig/go-pacemaker' failed
Failed to clone 'vendor/github.com/krig/go-pacemaker'. Retry scheduled
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/github.com/sirupsen/logrus'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:sirupsen/logrus' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/github.com/sirupsen/logrus' failed
Failed to clone 'vendor/github.com/sirupsen/logrus'. Retry scheduled
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/sys'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:golang/sys' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/sys' failed
Failed to clone 'vendor/golang.org/x/sys'. Retry scheduled
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/crypto'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:golang/crypto' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/crypto' failed
Failed to clone 'vendor/golang.org/x/crypto'. Retry scheduled
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/net'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:golang/net' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/net' failed
Failed to clone 'vendor/golang.org/x/net'. Retry scheduled
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/net'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:golang/net' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/net' failed
Failed to clone 'vendor/golang.org/x/net' a second time, aborting
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/gopkg.in/xmlpath.v2'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:go-xmlpath/xmlpath.git' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/gopkg.in/xmlpath.v2' failed
Failed to clone 'vendor/gopkg.in/xmlpath.v2'. Retry scheduled
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/github.com/sirupsen/logrus'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:sirupsen/logrus' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/github.com/sirupsen/logrus' failed
Failed to clone 'vendor/github.com/sirupsen/logrus' a second time, aborting
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/github.com/krig/go-pacemaker'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:krig/go-pacemaker' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/github.com/krig/go-pacemaker' failed
Failed to clone 'vendor/github.com/krig/go-pacemaker' a second time, aborting
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/sys'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:golang/sys' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/sys' failed
Failed to clone 'vendor/golang.org/x/sys' a second time, aborting
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/crypto'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:golang/crypto' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/golang.org/x/crypto' failed
Failed to clone 'vendor/golang.org/x/crypto' a second time, aborting
Cloning into '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/gopkg.in/xmlpath.v2'...
[email protected]: Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.
fatal: clone of '[email protected]:go-xmlpath/xmlpath.git' into submodule path '/home/vvidic/go/src/github.com/ClusterLabs/hawk-apiserver/vendor/gopkg.in/xmlpath.v2' failed
Failed to clone 'vendor/gopkg.in/xmlpath.v2' a second time, aborting
package github.com/ClusterLabs/hawk-apiserver: exit status 1

event subscription

Event subscription

There should be some way to subscribe to CIB events via the API.

Exactly what form this should take (WebSockets, long polling, etc.)
remains to be decided.

setup ci

Setting up CI for Hawk-apiserver and Hawk ci when possible

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.