mirror of
https://github.com/gitpod-io/gitpod.git
synced 2025-12-08 17:36:30 +00:00
188 lines
5.1 KiB
Go
188 lines
5.1 KiB
Go
// Copyright (c) 2020 Gitpod GmbH. All rights reserved.
|
|
// Licensed under the GNU Affero General Public License (AGPL).
|
|
// See License.AGPL.txt in the project root for license information.
|
|
|
|
package cmd
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"os"
|
|
"os/exec"
|
|
"syscall"
|
|
"time"
|
|
|
|
"golang.org/x/xerrors"
|
|
"google.golang.org/grpc/credentials/insecure"
|
|
|
|
"github.com/bombsimon/logrusr/v2"
|
|
"github.com/heptiolabs/healthcheck"
|
|
"github.com/prometheus/client_golang/prometheus"
|
|
"github.com/spf13/cobra"
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/credentials"
|
|
"google.golang.org/grpc/health/grpc_health_v1"
|
|
ctrl "sigs.k8s.io/controller-runtime"
|
|
|
|
"github.com/gitpod-io/gitpod/common-go/baseserver"
|
|
common_grpc "github.com/gitpod-io/gitpod/common-go/grpc"
|
|
"github.com/gitpod-io/gitpod/common-go/log"
|
|
"github.com/gitpod-io/gitpod/common-go/watch"
|
|
"github.com/gitpod-io/gitpod/ws-daemon/pkg/config"
|
|
"github.com/gitpod-io/gitpod/ws-daemon/pkg/daemon"
|
|
)
|
|
|
|
const grpcServerName = "wsdaemon"
|
|
|
|
// serveCmd represents the serve command
|
|
var runCmd = &cobra.Command{
|
|
Use: "run",
|
|
Short: "Connects to the messagebus and starts the workspace monitor",
|
|
|
|
Run: func(cmd *cobra.Command, args []string) {
|
|
cfg, err := config.Read(configFile)
|
|
if err != nil {
|
|
log.WithError(err).Fatal("Cannot read configuration. Maybe missing --config?")
|
|
}
|
|
|
|
createLVMDevices()
|
|
|
|
ctrl.SetLogger(logrusr.New(log.Log))
|
|
|
|
health := healthcheck.NewHandler()
|
|
srv, err := baseserver.New(grpcServerName,
|
|
baseserver.WithGRPC(&cfg.Service),
|
|
baseserver.WithHealthHandler(health),
|
|
baseserver.WithVersion(Version),
|
|
)
|
|
if err != nil {
|
|
log.WithError(err).Fatal("Cannot set up server.")
|
|
}
|
|
|
|
dmn, err := daemon.NewDaemon(cfg.Daemon, prometheus.WrapRegistererWithPrefix("gitpod_ws_daemon_", srv.MetricsRegistry()))
|
|
if err != nil {
|
|
log.WithError(err).Fatal("Cannot create daemon.")
|
|
}
|
|
|
|
health.AddReadinessCheck("grpc-server", grpcProbe(cfg.Service))
|
|
health.AddReadinessCheck("ws-daemon", dmn.ReadinessProbe())
|
|
health.AddReadinessCheck("disk-space", freeDiskSpace(cfg.Daemon))
|
|
|
|
dmn.Register(srv.GRPC())
|
|
|
|
err = dmn.Start()
|
|
if err != nil {
|
|
log.WithError(err).Fatal("Cannot start daemon.")
|
|
}
|
|
|
|
ctx, cancel := context.WithCancel(context.Background())
|
|
defer cancel()
|
|
|
|
err = watch.File(ctx, configFile, func() {
|
|
ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
|
|
defer cancel()
|
|
|
|
cfg, err := config.Read(configFile)
|
|
if err != nil {
|
|
log.WithError(err).Warn("Cannot reload configuration.")
|
|
return
|
|
}
|
|
|
|
err = dmn.ReloadConfig(ctx, &cfg.Daemon)
|
|
if err != nil {
|
|
log.WithError(err).Warn("Cannot reload configuration.")
|
|
}
|
|
})
|
|
if err != nil {
|
|
log.WithError(err).Fatal("Cannot start watch of configuration file.")
|
|
}
|
|
|
|
err = syscall.Setpriority(syscall.PRIO_PROCESS, os.Getpid(), -19)
|
|
if err != nil {
|
|
log.WithError(err).Error("cannot change ws-daemon priority")
|
|
}
|
|
|
|
err = srv.ListenAndServe()
|
|
if err != nil {
|
|
log.WithError(err).Fatal("Failed to listen and serve.")
|
|
}
|
|
},
|
|
}
|
|
|
|
func init() {
|
|
rootCmd.AddCommand(runCmd)
|
|
}
|
|
|
|
func grpcProbe(cfg baseserver.ServerConfiguration) func() error {
|
|
return func() error {
|
|
creds := insecure.NewCredentials()
|
|
if cfg.TLS != nil && cfg.TLS.CertPath != "" {
|
|
tlsConfig, err := common_grpc.ClientAuthTLSConfig(
|
|
cfg.TLS.CAPath, cfg.TLS.CertPath, cfg.TLS.KeyPath,
|
|
common_grpc.WithSetRootCAs(true),
|
|
common_grpc.WithServerName(grpcServerName),
|
|
)
|
|
if err != nil {
|
|
return fmt.Errorf("cannot load ws-daemon certificate: %w", err)
|
|
}
|
|
|
|
creds = credentials.NewTLS(tlsConfig)
|
|
}
|
|
|
|
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
|
defer cancel()
|
|
|
|
conn, err := grpc.DialContext(ctx, cfg.Address, grpc.WithTransportCredentials(creds))
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer conn.Close()
|
|
|
|
client := grpc_health_v1.NewHealthClient(conn)
|
|
check, err := client.Check(ctx, &grpc_health_v1.HealthCheckRequest{})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if check.Status == grpc_health_v1.HealthCheckResponse_SERVING {
|
|
return nil
|
|
}
|
|
|
|
return fmt.Errorf("grpc service not ready")
|
|
}
|
|
}
|
|
|
|
// createLVMDevices creates LVM logical volume special files missing when we run inside a container.
|
|
// Without this devices we cannot enforce disk quotas. In installations without LVM this is a NOOP.
|
|
func createLVMDevices() {
|
|
cmd := exec.Command("/usr/sbin/vgmknodes")
|
|
out, err := cmd.CombinedOutput()
|
|
if err != nil {
|
|
log.WithError(err).WithField("out", string(out)).Error("cannot recreate LVM files in /dev/mapper")
|
|
}
|
|
}
|
|
|
|
func freeDiskSpace(cfg daemon.Config) func() error {
|
|
return func() error {
|
|
var diskDiskAvailable uint64 = 1
|
|
for _, loc := range cfg.DiskSpaceGuard.Locations {
|
|
if loc.Path == cfg.Content.WorkingArea {
|
|
diskDiskAvailable = loc.MinBytesAvail
|
|
}
|
|
}
|
|
|
|
var stat syscall.Statfs_t
|
|
err := syscall.Statfs(cfg.Content.WorkingArea, &stat)
|
|
if err != nil {
|
|
return xerrors.Errorf("cannot get disk space details from path %s: %w", cfg.Content.WorkingArea, err)
|
|
}
|
|
|
|
diskAvailable := stat.Bavail * uint64(stat.Bsize) * (1024 * 1024 * 1024) // In GB
|
|
if diskAvailable < diskDiskAvailable {
|
|
return xerrors.Errorf("not enough disk available (%v)", diskAvailable)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
}
|