mirror of
https://github.com/mainflux/mainflux.git
synced 2025-04-24 13:48:49 +08:00
8b185d205b
* feat(docker): add trace ration and max conn This adds a new environment variable `MF_JAEGER_TRACE_RATIO` to the `docker/.env` file. The variable is used to set the ratio of requests traced. Additionally, this commit also adds a new environment variable `MF_POSTGRES_MAX_CONNECTIONS` for configuring the maximum number of connections for the Postgres database. These changes are made to enhance the configuration and scalability of the core services. Signed-off-by: Rodney Osodo <28790446+rodneyosodo@users.noreply.github.com> * Remove comment to trace ratio Signed-off-by: rodneyosodo <blackd0t@protonmail.com> * Reduce postgres max connection to 100 Signed-off-by: rodneyosodo <blackd0t@protonmail.com> --------- Signed-off-by: Rodney Osodo <28790446+rodneyosodo@users.noreply.github.com> Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
181 lines
5.7 KiB
Go
181 lines
5.7 KiB
Go
// Copyright (c) Mainflux
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
// Package main contains certs main function to start the certs service.
|
|
package main
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"log"
|
|
"os"
|
|
|
|
"github.com/jmoiron/sqlx"
|
|
chclient "github.com/mainflux/callhome/pkg/client"
|
|
"github.com/mainflux/mainflux"
|
|
"github.com/mainflux/mainflux/certs"
|
|
"github.com/mainflux/mainflux/certs/api"
|
|
vault "github.com/mainflux/mainflux/certs/pki"
|
|
certspg "github.com/mainflux/mainflux/certs/postgres"
|
|
"github.com/mainflux/mainflux/certs/tracing"
|
|
"github.com/mainflux/mainflux/internal"
|
|
authclient "github.com/mainflux/mainflux/internal/clients/grpc/auth"
|
|
jaegerclient "github.com/mainflux/mainflux/internal/clients/jaeger"
|
|
pgclient "github.com/mainflux/mainflux/internal/clients/postgres"
|
|
"github.com/mainflux/mainflux/internal/env"
|
|
"github.com/mainflux/mainflux/internal/postgres"
|
|
"github.com/mainflux/mainflux/internal/server"
|
|
httpserver "github.com/mainflux/mainflux/internal/server/http"
|
|
mflog "github.com/mainflux/mainflux/logger"
|
|
mfsdk "github.com/mainflux/mainflux/pkg/sdk/go"
|
|
"github.com/mainflux/mainflux/pkg/uuid"
|
|
"go.opentelemetry.io/otel/trace"
|
|
"golang.org/x/sync/errgroup"
|
|
)
|
|
|
|
const (
|
|
svcName = "certs"
|
|
envPrefixDB = "MF_CERTS_DB_"
|
|
envPrefixHTTP = "MF_CERTS_HTTP_"
|
|
defDB = "certs"
|
|
defSvcHTTPPort = "9019"
|
|
)
|
|
|
|
type config struct {
|
|
LogLevel string `env:"MF_CERTS_LOG_LEVEL" envDefault:"info"`
|
|
CertsURL string `env:"MF_SDK_CERTS_URL" envDefault:"http://localhost"`
|
|
ThingsURL string `env:"MF_THINGS_URL" envDefault:"http://things:9000"`
|
|
JaegerURL string `env:"MF_JAEGER_URL" envDefault:"http://jaeger:14268/api/traces"`
|
|
SendTelemetry bool `env:"MF_SEND_TELEMETRY" envDefault:"true"`
|
|
InstanceID string `env:"MF_CERTS_INSTANCE_ID" envDefault:""`
|
|
TraceRatio float64 `env:"MF_JAEGER_TRACE_RATIO" envDefault:"1.0"`
|
|
|
|
// Sign and issue certificates without 3rd party PKI
|
|
SignCAPath string `env:"MF_CERTS_SIGN_CA_PATH" envDefault:"ca.crt"`
|
|
SignCAKeyPath string `env:"MF_CERTS_SIGN_CA_KEY_PATH" envDefault:"ca.key"`
|
|
|
|
// 3rd party PKI API access settings
|
|
PkiHost string `env:"MF_CERTS_VAULT_HOST" envDefault:""`
|
|
PkiPath string `env:"MF_VAULT_PKI_INT_PATH" envDefault:"pki_int"`
|
|
PkiRole string `env:"MF_VAULT_CA_ROLE_NAME" envDefault:"mainflux"`
|
|
PkiToken string `env:"MF_VAULT_TOKEN" envDefault:""`
|
|
}
|
|
|
|
func main() {
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
g, ctx := errgroup.WithContext(ctx)
|
|
|
|
cfg := config{}
|
|
if err := env.Parse(&cfg); err != nil {
|
|
log.Fatalf("failed to load %s configuration : %s", svcName, err)
|
|
}
|
|
|
|
logger, err := mflog.New(os.Stdout, cfg.LogLevel)
|
|
if err != nil {
|
|
log.Fatalf("failed to init logger: %s", err)
|
|
}
|
|
|
|
var exitCode int
|
|
defer mflog.ExitWithError(&exitCode)
|
|
|
|
if cfg.InstanceID == "" {
|
|
if cfg.InstanceID, err = uuid.New().ID(); err != nil {
|
|
logger.Error(fmt.Sprintf("failed to generate instanceID: %s", err))
|
|
exitCode = 1
|
|
return
|
|
}
|
|
}
|
|
|
|
if cfg.PkiHost == "" {
|
|
logger.Error("No host specified for PKI engine")
|
|
exitCode = 1
|
|
return
|
|
}
|
|
|
|
pkiclient, err := vault.NewVaultClient(cfg.PkiToken, cfg.PkiHost, cfg.PkiPath, cfg.PkiRole)
|
|
if err != nil {
|
|
logger.Error("failed to configure client for PKI engine")
|
|
exitCode = 1
|
|
return
|
|
}
|
|
|
|
dbConfig := pgclient.Config{Name: defDB}
|
|
if err := dbConfig.LoadEnv(envPrefixDB); err != nil {
|
|
logger.Fatal(fmt.Sprintf("failed to load %s database configuration : %s", svcName, err))
|
|
}
|
|
db, err := pgclient.SetupWithConfig(envPrefixDB, *certspg.Migration(), dbConfig)
|
|
if err != nil {
|
|
logger.Error(err.Error())
|
|
exitCode = 1
|
|
return
|
|
}
|
|
defer db.Close()
|
|
|
|
auth, authHandler, err := authclient.Setup(svcName)
|
|
if err != nil {
|
|
logger.Error(err.Error())
|
|
exitCode = 1
|
|
return
|
|
}
|
|
defer authHandler.Close()
|
|
|
|
logger.Info("Successfully connected to auth grpc server " + authHandler.Secure())
|
|
|
|
tp, err := jaegerclient.NewProvider(svcName, cfg.JaegerURL, cfg.InstanceID, cfg.TraceRatio)
|
|
if err != nil {
|
|
logger.Error(fmt.Sprintf("failed to init Jaeger: %s", err))
|
|
exitCode = 1
|
|
return
|
|
}
|
|
defer func() {
|
|
if err := tp.Shutdown(ctx); err != nil {
|
|
logger.Error(fmt.Sprintf("error shutting down tracer provider: %v", err))
|
|
}
|
|
}()
|
|
tracer := tp.Tracer(svcName)
|
|
|
|
svc := newService(auth, db, tracer, logger, cfg, dbConfig, pkiclient)
|
|
|
|
httpServerConfig := server.Config{Port: defSvcHTTPPort}
|
|
if err := env.Parse(&httpServerConfig, env.Options{Prefix: envPrefixHTTP}); err != nil {
|
|
logger.Error(fmt.Sprintf("failed to load %s HTTP server configuration : %s", svcName, err))
|
|
exitCode = 1
|
|
return
|
|
}
|
|
hs := httpserver.New(ctx, cancel, svcName, httpServerConfig, api.MakeHandler(svc, logger, cfg.InstanceID), logger)
|
|
|
|
if cfg.SendTelemetry {
|
|
chc := chclient.New(svcName, mainflux.Version, logger, cancel)
|
|
go chc.CallHome(ctx)
|
|
}
|
|
|
|
g.Go(func() error {
|
|
return hs.Start()
|
|
})
|
|
|
|
g.Go(func() error {
|
|
return server.StopSignalHandler(ctx, cancel, logger, svcName, hs)
|
|
})
|
|
|
|
if err := g.Wait(); err != nil {
|
|
logger.Error(fmt.Sprintf("Certs service terminated: %s", err))
|
|
}
|
|
}
|
|
|
|
func newService(auth mainflux.AuthServiceClient, db *sqlx.DB, tracer trace.Tracer, logger mflog.Logger, cfg config, dbConfig pgclient.Config, pkiAgent vault.Agent) certs.Service {
|
|
database := postgres.NewDatabase(db, dbConfig, tracer)
|
|
certsRepo := certspg.NewRepository(database, logger)
|
|
config := mfsdk.Config{
|
|
CertsURL: cfg.CertsURL,
|
|
ThingsURL: cfg.ThingsURL,
|
|
}
|
|
sdk := mfsdk.NewSDK(config)
|
|
svc := certs.New(auth, certsRepo, sdk, pkiAgent)
|
|
svc = api.LoggingMiddleware(svc, logger)
|
|
counter, latency := internal.MakeMetrics(svcName, "api")
|
|
svc = api.MetricsMiddleware(svc, counter, latency)
|
|
svc = tracing.New(svc, tracer)
|
|
|
|
return svc
|
|
}
|