Browse Source

add white list to both master and volume servers

prepare for v0.41
pull/2/head
Chris Lu 12 years ago
parent
commit
e45c6b5e21
  1. 24
      go/weed/master.go
  2. 2
      go/weed/version.go
  3. 20
      go/weed/volume.go
  4. 19
      go/weed/weed.go

24
go/weed/master.go

@ -2,13 +2,13 @@ package main
import ( import (
"bytes" "bytes"
"code.google.com/p/weed-fs/go/glog"
"code.google.com/p/weed-fs/go/operation" "code.google.com/p/weed-fs/go/operation"
"code.google.com/p/weed-fs/go/replication" "code.google.com/p/weed-fs/go/replication"
"code.google.com/p/weed-fs/go/storage" "code.google.com/p/weed-fs/go/storage"
"code.google.com/p/weed-fs/go/topology" "code.google.com/p/weed-fs/go/topology"
"encoding/json" "encoding/json"
"errors" "errors"
"code.google.com/p/weed-fs/go/glog"
"net/http" "net/http"
"runtime" "runtime"
"strconv" "strconv"
@ -40,6 +40,9 @@ var (
mReadTimeout = cmdMaster.Flag.Int("readTimeout", 3, "connection read timeout in seconds") mReadTimeout = cmdMaster.Flag.Int("readTimeout", 3, "connection read timeout in seconds")
mMaxCpu = cmdMaster.Flag.Int("maxCpu", 0, "maximum number of CPUs. 0 means all available CPUs") mMaxCpu = cmdMaster.Flag.Int("maxCpu", 0, "maximum number of CPUs. 0 means all available CPUs")
garbageThreshold = cmdMaster.Flag.String("garbageThreshold", "0.3", "threshold to vacuum and reclaim spaces") garbageThreshold = cmdMaster.Flag.String("garbageThreshold", "0.3", "threshold to vacuum and reclaim spaces")
masterWhiteListOption = cmdMaster.Flag.String("whiteList", "", "comma separated Ip addresses having write permission. No limit if empty.")
masterWhiteList []string
) )
var topo *topology.Topology var topo *topology.Topology
@ -202,6 +205,9 @@ func runMaster(cmd *Command, args []string) bool {
*mMaxCpu = runtime.NumCPU() *mMaxCpu = runtime.NumCPU()
} }
runtime.GOMAXPROCS(*mMaxCpu) runtime.GOMAXPROCS(*mMaxCpu)
if *masterWhiteListOption != "" {
masterWhiteList = strings.Split(*masterWhiteListOption, ",")
}
var e error var e error
if topo, e = topology.NewTopology("topo", *confFile, *metaFolder, "weed", if topo, e = topology.NewTopology("topo", *confFile, *metaFolder, "weed",
uint64(*volumeSizeLimitMB)*1024*1024, *mpulse); e != nil { uint64(*volumeSizeLimitMB)*1024*1024, *mpulse); e != nil {
@ -209,15 +215,15 @@ func runMaster(cmd *Command, args []string) bool {
} }
vg = replication.NewDefaultVolumeGrowth() vg = replication.NewDefaultVolumeGrowth()
glog.V(0).Infoln("Volume Size Limit is", *volumeSizeLimitMB, "MB") glog.V(0).Infoln("Volume Size Limit is", *volumeSizeLimitMB, "MB")
http.HandleFunc("/dir/assign", dirAssignHandler)
http.HandleFunc("/dir/lookup", dirLookupHandler)
http.HandleFunc("/dir/join", dirJoinHandler)
http.HandleFunc("/dir/status", dirStatusHandler)
http.HandleFunc("/vol/grow", volumeGrowHandler)
http.HandleFunc("/vol/status", volumeStatusHandler)
http.HandleFunc("/vol/vacuum", volumeVacuumHandler)
http.HandleFunc("/dir/assign", secure(masterWhiteList, dirAssignHandler))
http.HandleFunc("/dir/lookup", secure(masterWhiteList, dirLookupHandler))
http.HandleFunc("/dir/join", secure(masterWhiteList, dirJoinHandler))
http.HandleFunc("/dir/status", secure(masterWhiteList, dirStatusHandler))
http.HandleFunc("/vol/grow", secure(masterWhiteList, volumeGrowHandler))
http.HandleFunc("/vol/status", secure(masterWhiteList, volumeStatusHandler))
http.HandleFunc("/vol/vacuum", secure(masterWhiteList, volumeVacuumHandler))
http.HandleFunc("/submit", submitFromMasterServerHandler)
http.HandleFunc("/submit", secure(masterWhiteList, submitFromMasterServerHandler))
http.HandleFunc("/", redirectHandler) http.HandleFunc("/", redirectHandler)
topo.StartRefreshWritableVolumes(*garbageThreshold) topo.StartRefreshWritableVolumes(*garbageThreshold)

2
go/weed/version.go

@ -6,7 +6,7 @@ import (
) )
const ( const (
VERSION = "0.40"
VERSION = "0.41"
) )
var cmdVersion = &Command{ var cmdVersion = &Command{

20
go/weed/volume.go

@ -7,7 +7,6 @@ import (
"code.google.com/p/weed-fs/go/storage" "code.google.com/p/weed-fs/go/storage"
"math/rand" "math/rand"
"mime" "mime"
"net"
"net/http" "net/http"
"os" "os"
"path/filepath" "path/filepath"
@ -385,22 +384,3 @@ func runVolume(cmd *Command, args []string) bool {
} }
return true return true
} }
func secure(whiteList []string, f func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
if len(whiteList) == 0 {
f(w, r)
return
}
host, _, err := net.SplitHostPort(r.RemoteAddr)
if err == nil {
for _, ip := range whiteList {
if ip == host {
f(w, r)
return
}
}
}
writeJsonQuiet(w, r, map[string]interface{}{"error": "No write permisson from " + host})
}
}

19
go/weed/weed.go

@ -7,6 +7,7 @@ import (
"fmt" "fmt"
"io" "io"
"math/rand" "math/rand"
"net"
"net/http" "net/http"
"os" "os"
"strings" "strings"
@ -223,3 +224,21 @@ func debug(params ...interface{}) {
glog.V(0).Infoln(params) glog.V(0).Infoln(params)
} }
} }
func secure(whiteList []string, f func(w http.ResponseWriter, r *http.Request)) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
if len(whiteList) == 0 {
f(w, r)
return
}
host, _, err := net.SplitHostPort(r.RemoteAddr)
if err == nil {
for _, ip := range whiteList {
if ip == host {
f(w, r)
return
}
}
}
writeJsonQuiet(w, r, map[string]interface{}{"error": "No write permisson from " + host})
}
}
Loading…
Cancel
Save