talos

kms.go
70 строк · 1.6 Кб
Перенос по словам
1
// This Source Code Form is subject to the terms of the Mozilla Public
2
// License, v. 2.0. If a copy of the MPL was not distributed with this
3
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
4

5
package vm
6

7
import (
8
	"crypto/rand"
9
	"encoding/base64"
10
	"fmt"
11
	"io"
12
	"os"
13
	"os/exec"
14
	"strconv"
15
	"syscall"
16

17
	"github.com/siderolabs/talos/pkg/provision"
18
)
19

20
const (
21
	kmsPid = "kms.pid"
22
	kmsLog = "kms.log"
23
)
24

25
// CreateKMS creates KMS server.
26
func (p *Provisioner) CreateKMS(state *State, clusterReq provision.ClusterRequest, options provision.Options) error {
27
	pidPath := state.GetRelativePath(kmsPid)
28

29
	logFile, err := os.OpenFile(state.GetRelativePath(kmsLog), os.O_APPEND|os.O_CREATE|os.O_RDWR, 0o666)
30
	if err != nil {
31
		return err
32
	}
33

34
	defer logFile.Close() //nolint:errcheck
35

36
	key := make([]byte, 32)
37
	if _, err = io.ReadFull(rand.Reader, key); err != nil {
38
		return err
39
	}
40

41
	args := []string{
42
		"kms-launch",
43
		"--kms-addr", options.KMSEndpoint,
44
		"--kms-key", base64.StdEncoding.EncodeToString(key),
45
	}
46

47
	cmd := exec.Command(clusterReq.SelfExecutable, args...)
48
	cmd.Stdout = logFile
49
	cmd.Stderr = logFile
50
	cmd.SysProcAttr = &syscall.SysProcAttr{
51
		Setsid: true, // daemonize
52
	}
53

54
	if err = cmd.Start(); err != nil {
55
		return err
56
	}
57

58
	if err = os.WriteFile(pidPath, []byte(strconv.Itoa(cmd.Process.Pid)), os.ModePerm); err != nil {
59
		return fmt.Errorf("error writing LB PID file: %w", err)
60
	}
61

62
	return nil
63
}
64

65
// DestroyKMS destroys KMS server.
66
func (p *Provisioner) DestroyKMS(state *State) error {
67
	pidPath := state.GetRelativePath(kmsPid)
68

69
	return StopProcessByPidfile(pidPath)
70
}
71
talos

Использование cookies
