Browse code
split function out of command description scope
Signed-off-by: allencloud <allen.sun@daocloud.io>
allencloud authored on 2016/11/21 19:22:22Showing 3 changed files
| ... | ... |
@@ -12,92 +12,107 @@ import ( |
| 12 | 12 |
"golang.org/x/net/context" |
| 13 | 13 |
) |
| 14 | 14 |
|
| 15 |
+type joinTokenOptions struct {
|
|
| 16 |
+ role string |
|
| 17 |
+ rotate bool |
|
| 18 |
+ quiet bool |
|
| 19 |
+} |
|
| 20 |
+ |
|
| 15 | 21 |
func newJoinTokenCommand(dockerCli *command.DockerCli) *cobra.Command {
|
| 16 |
- var rotate, quiet bool |
|
| 22 |
+ opts := joinTokenOptions{}
|
|
| 17 | 23 |
|
| 18 | 24 |
cmd := &cobra.Command{
|
| 19 | 25 |
Use: "join-token [OPTIONS] (worker|manager)", |
| 20 | 26 |
Short: "Manage join tokens", |
| 21 | 27 |
Args: cli.ExactArgs(1), |
| 22 | 28 |
RunE: func(cmd *cobra.Command, args []string) error {
|
| 23 |
- worker := args[0] == "worker" |
|
| 24 |
- manager := args[0] == "manager" |
|
| 25 |
- |
|
| 26 |
- if !worker && !manager {
|
|
| 27 |
- return errors.New("unknown role " + args[0])
|
|
| 28 |
- } |
|
| 29 |
- |
|
| 30 |
- client := dockerCli.Client() |
|
| 31 |
- ctx := context.Background() |
|
| 32 |
- |
|
| 33 |
- if rotate {
|
|
| 34 |
- var flags swarm.UpdateFlags |
|
| 35 |
- |
|
| 36 |
- swarm, err := client.SwarmInspect(ctx) |
|
| 37 |
- if err != nil {
|
|
| 38 |
- return err |
|
| 39 |
- } |
|
| 40 |
- |
|
| 41 |
- flags.RotateWorkerToken = worker |
|
| 42 |
- flags.RotateManagerToken = manager |
|
| 43 |
- |
|
| 44 |
- err = client.SwarmUpdate(ctx, swarm.Version, swarm.Spec, flags) |
|
| 45 |
- if err != nil {
|
|
| 46 |
- return err |
|
| 47 |
- } |
|
| 48 |
- if !quiet {
|
|
| 49 |
- fmt.Fprintf(dockerCli.Out(), "Successfully rotated %s join token.\n\n", args[0]) |
|
| 50 |
- } |
|
| 51 |
- } |
|
| 52 |
- |
|
| 53 |
- swarm, err := client.SwarmInspect(ctx) |
|
| 54 |
- if err != nil {
|
|
| 55 |
- return err |
|
| 56 |
- } |
|
| 57 |
- |
|
| 58 |
- if quiet {
|
|
| 59 |
- if worker {
|
|
| 60 |
- fmt.Fprintln(dockerCli.Out(), swarm.JoinTokens.Worker) |
|
| 61 |
- } else {
|
|
| 62 |
- fmt.Fprintln(dockerCli.Out(), swarm.JoinTokens.Manager) |
|
| 63 |
- } |
|
| 64 |
- } else {
|
|
| 65 |
- info, err := client.Info(ctx) |
|
| 66 |
- if err != nil {
|
|
| 67 |
- return err |
|
| 68 |
- } |
|
| 69 |
- return printJoinCommand(ctx, dockerCli, info.Swarm.NodeID, worker, manager) |
|
| 70 |
- } |
|
| 71 |
- return nil |
|
| 29 |
+ opts.role = args[0] |
|
| 30 |
+ return runJoinToken(dockerCli, opts) |
|
| 72 | 31 |
}, |
| 73 | 32 |
} |
| 74 | 33 |
|
| 75 | 34 |
flags := cmd.Flags() |
| 76 |
- flags.BoolVar(&rotate, flagRotate, false, "Rotate join token") |
|
| 77 |
- flags.BoolVarP(&quiet, flagQuiet, "q", false, "Only display token") |
|
| 35 |
+ flags.BoolVar(&opts.rotate, flagRotate, false, "Rotate join token") |
|
| 36 |
+ flags.BoolVarP(&opts.quiet, flagQuiet, "q", false, "Only display token") |
|
| 78 | 37 |
|
| 79 | 38 |
return cmd |
| 80 | 39 |
} |
| 81 | 40 |
|
| 82 |
-func printJoinCommand(ctx context.Context, dockerCli *command.DockerCli, nodeID string, worker bool, manager bool) error {
|
|
| 41 |
+func runJoinToken(dockerCli *command.DockerCli, opts joinTokenOptions) error {
|
|
| 42 |
+ worker := opts.role == "worker" |
|
| 43 |
+ manager := opts.role == "manager" |
|
| 44 |
+ |
|
| 45 |
+ if !worker && !manager {
|
|
| 46 |
+ return errors.New("unknown role " + opts.role)
|
|
| 47 |
+ } |
|
| 48 |
+ |
|
| 83 | 49 |
client := dockerCli.Client() |
| 50 |
+ ctx := context.Background() |
|
| 51 |
+ |
|
| 52 |
+ if opts.rotate {
|
|
| 53 |
+ flags := swarm.UpdateFlags{
|
|
| 54 |
+ RotateWorkerToken: worker, |
|
| 55 |
+ RotateManagerToken: manager, |
|
| 56 |
+ } |
|
| 57 |
+ |
|
| 58 |
+ sw, err := client.SwarmInspect(ctx) |
|
| 59 |
+ if err != nil {
|
|
| 60 |
+ return err |
|
| 61 |
+ } |
|
| 62 |
+ |
|
| 63 |
+ if err := client.SwarmUpdate(ctx, sw.Version, sw.Spec, flags); err != nil {
|
|
| 64 |
+ return err |
|
| 65 |
+ } |
|
| 66 |
+ |
|
| 67 |
+ if !opts.quiet {
|
|
| 68 |
+ fmt.Fprintf(dockerCli.Out(), "Successfully rotated %s join token.\n\n", opts.role) |
|
| 69 |
+ } |
|
| 70 |
+ } |
|
| 71 |
+ |
|
| 72 |
+ // second SwarmInspect in this function, |
|
| 73 |
+ // this is necessary since SwarmUpdate after first changes the join tokens |
|
| 74 |
+ sw, err := client.SwarmInspect(ctx) |
|
| 75 |
+ if err != nil {
|
|
| 76 |
+ return err |
|
| 77 |
+ } |
|
| 78 |
+ |
|
| 79 |
+ if opts.quiet && worker {
|
|
| 80 |
+ fmt.Fprintln(dockerCli.Out(), sw.JoinTokens.Worker) |
|
| 81 |
+ return nil |
|
| 82 |
+ } |
|
| 83 |
+ |
|
| 84 |
+ if opts.quiet && manager {
|
|
| 85 |
+ fmt.Fprintln(dockerCli.Out(), sw.JoinTokens.Manager) |
|
| 86 |
+ return nil |
|
| 87 |
+ } |
|
| 84 | 88 |
|
| 85 |
- swarm, err := client.SwarmInspect(ctx) |
|
| 89 |
+ info, err := client.Info(ctx) |
|
| 86 | 90 |
if err != nil {
|
| 87 | 91 |
return err |
| 88 | 92 |
} |
| 89 | 93 |
|
| 94 |
+ return printJoinCommand(ctx, dockerCli, info.Swarm.NodeID, worker, manager) |
|
| 95 |
+} |
|
| 96 |
+ |
|
| 97 |
+func printJoinCommand(ctx context.Context, dockerCli *command.DockerCli, nodeID string, worker bool, manager bool) error {
|
|
| 98 |
+ client := dockerCli.Client() |
|
| 99 |
+ |
|
| 90 | 100 |
node, _, err := client.NodeInspectWithRaw(ctx, nodeID) |
| 91 | 101 |
if err != nil {
|
| 92 | 102 |
return err |
| 93 | 103 |
} |
| 94 | 104 |
|
| 105 |
+ sw, err := client.SwarmInspect(ctx) |
|
| 106 |
+ if err != nil {
|
|
| 107 |
+ return err |
|
| 108 |
+ } |
|
| 109 |
+ |
|
| 95 | 110 |
if node.ManagerStatus != nil {
|
| 96 | 111 |
if worker {
|
| 97 |
- fmt.Fprintf(dockerCli.Out(), "To add a worker to this swarm, run the following command:\n\n docker swarm join \\\n --token %s \\\n %s\n\n", swarm.JoinTokens.Worker, node.ManagerStatus.Addr) |
|
| 112 |
+ fmt.Fprintf(dockerCli.Out(), "To add a worker to this swarm, run the following command:\n\n docker swarm join \\\n --token %s \\\n %s\n\n", sw.JoinTokens.Worker, node.ManagerStatus.Addr) |
|
| 98 | 113 |
} |
| 99 | 114 |
if manager {
|
| 100 |
- fmt.Fprintf(dockerCli.Out(), "To add a manager to this swarm, run the following command:\n\n docker swarm join \\\n --token %s \\\n %s\n\n", swarm.JoinTokens.Manager, node.ManagerStatus.Addr) |
|
| 115 |
+ fmt.Fprintf(dockerCli.Out(), "To add a manager to this swarm, run the following command:\n\n docker swarm join \\\n --token %s \\\n %s\n\n", sw.JoinTokens.Manager, node.ManagerStatus.Addr) |
|
| 101 | 116 |
} |
| 102 | 117 |
} |
| 103 | 118 |
|
| ... | ... |
@@ -16,44 +16,52 @@ import ( |
| 16 | 16 |
"golang.org/x/net/context" |
| 17 | 17 |
) |
| 18 | 18 |
|
| 19 |
+type unlockOptions struct{}
|
|
| 20 |
+ |
|
| 19 | 21 |
func newUnlockCommand(dockerCli *command.DockerCli) *cobra.Command {
|
| 22 |
+ opts := unlockOptions{}
|
|
| 23 |
+ |
|
| 20 | 24 |
cmd := &cobra.Command{
|
| 21 | 25 |
Use: "unlock", |
| 22 | 26 |
Short: "Unlock swarm", |
| 23 |
- Args: cli.ExactArgs(0), |
|
| 27 |
+ Args: cli.NoArgs, |
|
| 24 | 28 |
RunE: func(cmd *cobra.Command, args []string) error {
|
| 25 |
- client := dockerCli.Client() |
|
| 26 |
- ctx := context.Background() |
|
| 29 |
+ return runUnlock(dockerCli, opts) |
|
| 30 |
+ }, |
|
| 31 |
+ } |
|
| 32 |
+ |
|
| 33 |
+ return cmd |
|
| 34 |
+} |
|
| 27 | 35 |
|
| 28 |
- // First see if the node is actually part of a swarm, and if it's is actually locked first. |
|
| 29 |
- // If it's in any other state than locked, don't ask for the key. |
|
| 30 |
- info, err := client.Info(ctx) |
|
| 31 |
- if err != nil {
|
|
| 32 |
- return err |
|
| 33 |
- } |
|
| 36 |
+func runUnlock(dockerCli *command.DockerCli, opts unlockOptions) error {
|
|
| 37 |
+ client := dockerCli.Client() |
|
| 38 |
+ ctx := context.Background() |
|
| 34 | 39 |
|
| 35 |
- switch info.Swarm.LocalNodeState {
|
|
| 36 |
- case swarm.LocalNodeStateInactive: |
|
| 37 |
- return errors.New("Error: This node is not part of a swarm")
|
|
| 38 |
- case swarm.LocalNodeStateLocked: |
|
| 39 |
- break |
|
| 40 |
- default: |
|
| 41 |
- return errors.New("Error: swarm is not locked")
|
|
| 42 |
- } |
|
| 40 |
+ // First see if the node is actually part of a swarm, and if it's is actually locked first. |
|
| 41 |
+ // If it's in any other state than locked, don't ask for the key. |
|
| 42 |
+ info, err := client.Info(ctx) |
|
| 43 |
+ if err != nil {
|
|
| 44 |
+ return err |
|
| 45 |
+ } |
|
| 43 | 46 |
|
| 44 |
- key, err := readKey(dockerCli.In(), "Please enter unlock key: ") |
|
| 45 |
- if err != nil {
|
|
| 46 |
- return err |
|
| 47 |
- } |
|
| 48 |
- req := swarm.UnlockRequest{
|
|
| 49 |
- UnlockKey: key, |
|
| 50 |
- } |
|
| 47 |
+ switch info.Swarm.LocalNodeState {
|
|
| 48 |
+ case swarm.LocalNodeStateInactive: |
|
| 49 |
+ return errors.New("Error: This node is not part of a swarm")
|
|
| 50 |
+ case swarm.LocalNodeStateLocked: |
|
| 51 |
+ break |
|
| 52 |
+ default: |
|
| 53 |
+ return errors.New("Error: swarm is not locked")
|
|
| 54 |
+ } |
|
| 51 | 55 |
|
| 52 |
- return client.SwarmUnlock(ctx, req) |
|
| 53 |
- }, |
|
| 56 |
+ key, err := readKey(dockerCli.In(), "Please enter unlock key: ") |
|
| 57 |
+ if err != nil {
|
|
| 58 |
+ return err |
|
| 59 |
+ } |
|
| 60 |
+ req := swarm.UnlockRequest{
|
|
| 61 |
+ UnlockKey: key, |
|
| 54 | 62 |
} |
| 55 | 63 |
|
| 56 |
- return cmd |
|
| 64 |
+ return client.SwarmUnlock(ctx, req) |
|
| 57 | 65 |
} |
| 58 | 66 |
|
| 59 | 67 |
func readKey(in *command.InStream, prompt string) (string, error) {
|
| ... | ... |
@@ -12,68 +12,76 @@ import ( |
| 12 | 12 |
"golang.org/x/net/context" |
| 13 | 13 |
) |
| 14 | 14 |
|
| 15 |
+type unlockKeyOptions struct {
|
|
| 16 |
+ rotate bool |
|
| 17 |
+ quiet bool |
|
| 18 |
+} |
|
| 19 |
+ |
|
| 15 | 20 |
func newUnlockKeyCommand(dockerCli *command.DockerCli) *cobra.Command {
|
| 16 |
- var rotate, quiet bool |
|
| 21 |
+ opts := unlockKeyOptions{}
|
|
| 17 | 22 |
|
| 18 | 23 |
cmd := &cobra.Command{
|
| 19 | 24 |
Use: "unlock-key [OPTIONS]", |
| 20 | 25 |
Short: "Manage the unlock key", |
| 21 | 26 |
Args: cli.NoArgs, |
| 22 | 27 |
RunE: func(cmd *cobra.Command, args []string) error {
|
| 23 |
- client := dockerCli.Client() |
|
| 24 |
- ctx := context.Background() |
|
| 25 |
- |
|
| 26 |
- if rotate {
|
|
| 27 |
- flags := swarm.UpdateFlags{RotateManagerUnlockKey: true}
|
|
| 28 |
- |
|
| 29 |
- swarm, err := client.SwarmInspect(ctx) |
|
| 30 |
- if err != nil {
|
|
| 31 |
- return err |
|
| 32 |
- } |
|
| 33 |
- |
|
| 34 |
- if !swarm.Spec.EncryptionConfig.AutoLockManagers {
|
|
| 35 |
- return errors.New("cannot rotate because autolock is not turned on")
|
|
| 36 |
- } |
|
| 37 |
- |
|
| 38 |
- err = client.SwarmUpdate(ctx, swarm.Version, swarm.Spec, flags) |
|
| 39 |
- if err != nil {
|
|
| 40 |
- return err |
|
| 41 |
- } |
|
| 42 |
- if !quiet {
|
|
| 43 |
- fmt.Fprintf(dockerCli.Out(), "Successfully rotated manager unlock key.\n\n") |
|
| 44 |
- } |
|
| 45 |
- } |
|
| 46 |
- |
|
| 47 |
- unlockKeyResp, err := client.SwarmGetUnlockKey(ctx) |
|
| 48 |
- if err != nil {
|
|
| 49 |
- return errors.Wrap(err, "could not fetch unlock key") |
|
| 50 |
- } |
|
| 51 |
- |
|
| 52 |
- if unlockKeyResp.UnlockKey == "" {
|
|
| 53 |
- return errors.New("no unlock key is set")
|
|
| 54 |
- } |
|
| 55 |
- |
|
| 56 |
- if quiet {
|
|
| 57 |
- fmt.Fprintln(dockerCli.Out(), unlockKeyResp.UnlockKey) |
|
| 58 |
- } else {
|
|
| 59 |
- printUnlockCommand(ctx, dockerCli, unlockKeyResp.UnlockKey) |
|
| 60 |
- } |
|
| 61 |
- return nil |
|
| 28 |
+ return runUnlockKey(dockerCli, opts) |
|
| 62 | 29 |
}, |
| 63 | 30 |
} |
| 64 | 31 |
|
| 65 | 32 |
flags := cmd.Flags() |
| 66 |
- flags.BoolVar(&rotate, flagRotate, false, "Rotate unlock key") |
|
| 67 |
- flags.BoolVarP(&quiet, flagQuiet, "q", false, "Only display token") |
|
| 33 |
+ flags.BoolVar(&opts.rotate, flagRotate, false, "Rotate unlock key") |
|
| 34 |
+ flags.BoolVarP(&opts.quiet, flagQuiet, "q", false, "Only display token") |
|
| 68 | 35 |
|
| 69 | 36 |
return cmd |
| 70 | 37 |
} |
| 71 | 38 |
|
| 72 |
-func printUnlockCommand(ctx context.Context, dockerCli *command.DockerCli, unlockKey string) {
|
|
| 73 |
- if len(unlockKey) == 0 {
|
|
| 74 |
- return |
|
| 39 |
+func runUnlockKey(dockerCli *command.DockerCli, opts unlockKeyOptions) error {
|
|
| 40 |
+ client := dockerCli.Client() |
|
| 41 |
+ ctx := context.Background() |
|
| 42 |
+ |
|
| 43 |
+ if opts.rotate {
|
|
| 44 |
+ flags := swarm.UpdateFlags{RotateManagerUnlockKey: true}
|
|
| 45 |
+ |
|
| 46 |
+ sw, err := client.SwarmInspect(ctx) |
|
| 47 |
+ if err != nil {
|
|
| 48 |
+ return err |
|
| 49 |
+ } |
|
| 50 |
+ |
|
| 51 |
+ if !sw.Spec.EncryptionConfig.AutoLockManagers {
|
|
| 52 |
+ return errors.New("cannot rotate because autolock is not turned on")
|
|
| 53 |
+ } |
|
| 54 |
+ |
|
| 55 |
+ if err := client.SwarmUpdate(ctx, sw.Version, sw.Spec, flags); err != nil {
|
|
| 56 |
+ return err |
|
| 57 |
+ } |
|
| 58 |
+ |
|
| 59 |
+ if !opts.quiet {
|
|
| 60 |
+ fmt.Fprintf(dockerCli.Out(), "Successfully rotated manager unlock key.\n\n") |
|
| 61 |
+ } |
|
| 62 |
+ } |
|
| 63 |
+ |
|
| 64 |
+ unlockKeyResp, err := client.SwarmGetUnlockKey(ctx) |
|
| 65 |
+ if err != nil {
|
|
| 66 |
+ return errors.Wrap(err, "could not fetch unlock key") |
|
| 67 |
+ } |
|
| 68 |
+ |
|
| 69 |
+ if unlockKeyResp.UnlockKey == "" {
|
|
| 70 |
+ return errors.New("no unlock key is set")
|
|
| 71 |
+ } |
|
| 72 |
+ |
|
| 73 |
+ if opts.quiet {
|
|
| 74 |
+ fmt.Fprintln(dockerCli.Out(), unlockKeyResp.UnlockKey) |
|
| 75 |
+ return nil |
|
| 75 | 76 |
} |
| 76 | 77 |
|
| 77 |
- fmt.Fprintf(dockerCli.Out(), "To unlock a swarm manager after it restarts, run the `docker swarm unlock`\ncommand and provide the following key:\n\n %s\n\nPlease remember to store this key in a password manager, since without it you\nwill not be able to restart the manager.\n", unlockKey) |
|
| 78 |
+ printUnlockCommand(ctx, dockerCli, unlockKeyResp.UnlockKey) |
|
| 79 |
+ return nil |
|
| 80 |
+} |
|
| 81 |
+ |
|
| 82 |
+func printUnlockCommand(ctx context.Context, dockerCli *command.DockerCli, unlockKey string) {
|
|
| 83 |
+ if len(unlockKey) > 0 {
|
|
| 84 |
+ fmt.Fprintf(dockerCli.Out(), "To unlock a swarm manager after it restarts, run the `docker swarm unlock`\ncommand and provide the following key:\n\n %s\n\nPlease remember to store this key in a password manager, since without it you\nwill not be able to restart the manager.\n", unlockKey) |
|
| 85 |
+ } |
|
| 78 | 86 |
return |
| 79 | 87 |
} |