Remove VSM package dependency, so non-native builds are possible.

- Controller uses varnishapi Admin.Listen to listen for the admin connection from varnishd. - varnishd is invoked with the -M option, to connect to the listen port. - Controller also creates the Varnish secret file, using go crypto/rand. - So VSM does not have to inspected for the management port and location of the secret file. - The only dependency is varnishapi Admin package, which is limited to the CLI network protocol, and requires no native code.

Remove VSM package dependency, so non-native builds are possible.
- Controller uses varnishapi Admin.Listen to listen for the admin connection from varnishd. - varnishd is invoked with the -M option, to connect to the listen port. - Controller also creates the Varnish secret file, using go crypto/rand. - So VSM does not have to inspected for the management port and location of the secret file. - The only dependency is varnishapi Admin package, which is limited to the CLI network protocol, and requires no native code.
71253d40 · Geoff Simmons · 63002ddd · 71253d40 · 71253d40
Commit 71253d40 authored Nov 19, 2018 by Geoff Simmons
Hide whitespace changes
Inline Side-by-side

Showing with 33 additions and 39 deletions

Makefile Makefile +1 -2

varnish.go varnish/varnish.go +32 -37

No files found.
--- a/Makefile
+++ b/Makefile
@@ -47,8 +47,7 @@ PACKAGES = \
 	k8s.io/apimachinery/pkg/labels \
 	k8s.io/apimachinery/pkg/util/intstr \
 	k8s.io/apimachinery/pkg/util/wait \
-	code.uplex.de/uplex-varnish/varnishapi/pkg/admin \
+	code.uplex.de/uplex-varnish/varnishapi/pkg/admin
-	code.uplex.de/uplex-varnish/varnishapi/pkg/vsm
 k8s-ingress:
 	go get ${PACKAGES}

--- a/varnish/varnish.go
+++ b/varnish/varnish.go
@@ -40,7 +40,7 @@ package varnish
 import (
 	"bufio"
-	"errors"
+	"crypto/rand"
 	"fmt"
 	"io/ioutil"
 	"log"
@@ -56,7 +56,6 @@ import (
 	"code.uplex.de/uplex-varnish/k8s-ingress/varnish/vcl"
 	"code.uplex.de/uplex-varnish/varnishapi/pkg/admin"
-	"code.uplex.de/uplex-varnish/varnishapi/pkg/vsm"
 )
 // XXX timeout for getting Admin connection (waiting for varnishd start)
@@ -66,6 +65,8 @@ const (
 	vclFile      = "ingress.vcl"
 	varnishLsn   = ":80"
 	varnishdPath = "/usr/sbin/varnishd"
+	admConn      = "localhost:6081"
+	secretFile   = "_.secret"
 	notFoundVCL  = `vcl 4.0;
 backend default { .host = "192.0.2.255"; .port = "80"; }
@@ -79,11 +80,15 @@ sub vcl_recv {
 var (
 	vclPath     = filepath.Join(vclDir, vclFile)
 	tmpPath     = filepath.Join(os.TempDir(), vclFile)
-	varnishArgs = []string{"-a", varnishLsn, "-f", vclPath, "-F"}
+	secretPath  = filepath.Join(vclDir, secretFile)
-	vcacheUID   int
+	varnishArgs = []string{
-	varnishGID  int
+		"-a", varnishLsn, "-f", vclPath, "-F", "-S", secretPath,
-	currentIng  string
+		"-M", admConn,
-	configCtr   = uint64(0)
+	}
+	vcacheUID  int
+	varnishGID int
+	currentIng string
+	configCtr  = uint64(0)
 )
 type VarnishController struct {
@@ -121,61 +126,51 @@ func (vc *VarnishController) Start(errChan chan error) {
 		return
 	}
-	notFoundBytes := []byte(notFoundVCL)
+	secret := make([]byte, 32)
-	if err := ioutil.WriteFile(vclPath, notFoundBytes, 0644); err != nil {
+	_, err = rand.Read(secret)
+	if err != nil {
 		vc.errChan <- err
 		return
 	}
-	if err := os.Chown(vclPath, vcacheUID, varnishGID); err != nil {
+	if err := ioutil.WriteFile(secretPath, secret, 0400); err != nil {
 		vc.errChan <- err
 		return
 	}
-	log.Print("Wrote initial VCL file")
+	if err := os.Chown(secretPath, vcacheUID, varnishGID); err != nil {
-	vc.varnishdCmd = exec.Command(varnishdPath, varnishArgs...)
-	if err := vc.varnishdCmd.Start(); err != nil {
 		vc.errChan <- err
 		return
 	}
-	log.Print("Launched varnishd")
+	log.Print("Wrote secret file")
-	// XXX config the timeout
+	notFoundBytes := []byte(notFoundVCL)
-	vsm := vsm.New()
+	if err := ioutil.WriteFile(vclPath, notFoundBytes, 0644); err != nil {
-	if vsm == nil {
-		vc.errChan <- errors.New("Cannot initiate attachment to " +
-			"Varnish shared memory")
-		return
-	}
-	defer vsm.Destroy()
-	if err := vsm.Attach(""); err != nil {
-		vc.errChan <- err
-		return
-	}
-	addr, err := vsm.GetMgmtAddr()
-	if err != nil {
 		vc.errChan <- err
 		return
 	}
-	spath, err := vsm.GetSecretPath()
+	if err := os.Chown(vclPath, vcacheUID, varnishGID); err != nil {
-	if err != nil {
 		vc.errChan <- err
 		return
 	}
-	sfile, err := os.Open(spath)
+	log.Print("Wrote initial VCL file")
-	if err != nil {
+	if vc.adm, err = admin.Listen(admConn); err != nil {
 		vc.errChan <- err
 		return
 	}
-	secret, err := ioutil.ReadAll(sfile)
+	log.Print("Opened port to listen for Varnish adm connection")
-	if err != nil {
+	vc.varnishdCmd = exec.Command(varnishdPath, varnishArgs...)
+	if err := vc.varnishdCmd.Start(); err != nil {
 		vc.errChan <- err
 		return
 	}
-	if vc.adm, err = admin.Dial(addr, secret, 10*time.Second); err != nil {
+	log.Print("Launched varnishd")
+	if err := vc.adm.Accept(secret); err != nil {
 		vc.errChan <- err
 		return
 	}
-	log.Print("Got varnish admin connection")
+	log.Print("Accepted varnish admin connection")
 }
 func (vc *VarnishController) Update(key string, spec vcl.Spec) error {