egg-cluster icon indicating copy to clipboard operation
egg-cluster copied to clipboard
verified publisher icon eggjs

feat: read https config from app:config

Open waitingsong opened this issue 7 years ago • 25 comments

@TOFIX log print http not https cause master.js@Line469 use this.options.https

Checklist
  • [ ] npm test passes
  • [ ] tests and/or benchmarks are included
  • [ ] documentation is changed or added
  • [ ] commit message follows commit guidelines
Affected core subsystem(s)
Description of change

waitingsong avatar Aug 29 '18 12:08 waitingsong

问题在这儿 https://cnodejs.org/topic/5b7ac9c7c52ad1482eb940bf#5b8675012a585e4e2f26ffc0 这个 PR 存在问题是以 https 启动成功后日志里面显示的还是 http://.... 问题出在 master.js https://github.com/eggjs/egg-cluster/blob/master/lib/master.js#L468

    address.protocal = this.options.https ? 'https' : 'http';
    address.port = this.options.sticky ? this[REALPORT] : address.port;
    this[APP_ADDRESS] = getAddress(address);

这儿用的是 this.options.https 做判断而没有考虑到 app.config.cluster . 看怎么解决

waitingsong avatar Aug 29 '18 12:08 waitingsong

Codecov Report

Merging #75 into master will increase coverage by 0.3%. The diff coverage is 97.22%.

Impacted file tree graph

@@            Coverage Diff            @@
##           master      #75     +/-   ##
=========================================
+ Coverage   98.35%   98.66%   +0.3%     
=========================================
  Files           7        8      +1     
  Lines         425      448     +23     
=========================================
+ Hits          418      442     +24     
+ Misses          7        6      -1
Impacted Files Coverage Δ
lib/utils/options.js 100% <ø> (ø) :arrow_up:
lib/app_worker.js 100% <100%> (+3.92%) :arrow_up:
lib/utils/tls_options.js 96.87% <96.87%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 0de0021...3fbca88. Read the comment docs.

codecov[bot] avatar Aug 29 '18 13:08 codecov[bot]

你的 master 太旧了,要 rebase

atian25 avatar Aug 29 '18 13:08 atian25

新pull了才开的分支啊。。。

waitingsong avatar Aug 29 '18 15:08 waitingsong

看下 GitHub 帮助里面,如何 sync upstream,或者删掉重新 fork (原代码要注意)

atian25 avatar Aug 29 '18 15:08 atian25

看了下,和 upstream 就差一个提交 b0c8d19e08495 。 倒是 upstream 的版本tag没有同步下来

waitingsong avatar Aug 30 '18 01:08 waitingsong

master.js 如何获取到 app.config.cluster 配置值 这个不知道如何处理

waitingsong avatar Aug 30 '18 02:08 waitingsong

@atian25 咨询个 egg 在 vsc debug的配置问题 断点时间长了会遇上 cluster-client 爆超时

2018-08-30 11:10:07,836 ERROR 932 nodejs.ClusterClientNoResponseError: client no response in 75299ms exceeding maxIdleTime 60000ms, maybe the connection is close on other side.
    at Timeout.Leader._heartbeatTimer.setInterval [as _onTimeout] (E:\project\node_modules\cluster-client\lib\leader.js:75:23)

修改 vsc 配置 launch.json

    {
      "name": "Egg Debug",
      "type": "node",
      "request": "launch",
      "runtimeExecutable": "npm",
      "runtimeArgs": [
        "run",
        "debug",
        "--",
        "--inspect-brk"
      ],
      "args": [
        "--heartbeatInterval", "30000", // <----------这儿
      ],
      "console": "integratedTerminal",
      "restart": true,
      "protocol": "auto",
      "port": 9229,
      "autoAttachChildProcesses": true
    },

egg/lib/agent.js 初始化时此参数值为期望值,但是走到 cluster-client/lib/leader.js 初始化时参数变成默认的 20000 了。 该如何传参覆盖默认值呢?

得空还是考虑用TS重写下egg吧,调试起来效率真不高,一个参数不知道在哪儿会被修改……

waitingsong avatar Aug 30 '18 03:08 waitingsong

master.js 如何获取到 app.config.cluster 配置值 这个不知道如何处理

master 不需要获取

咨询个 egg 在 vsc debug的配置问题

非相关问题可以其他渠道沟通

得空还是考虑用TS重写下egg吧,调试起来效率真不高,一个参数不知道在哪儿会被修改……

TS 解决不了问题,也没计划考虑重写。

atian25 avatar Sep 07 '18 01:09 atian25

image

顺便改下这个 typo

atian25 avatar Sep 07 '18 07:09 atian25

protocol 那个,@popomore 有什么建议?

atian25 avatar Sep 07 '18 14:09 atian25

  1. 删除了 options.key|cert 参数支持。仅支持 https.key|cert 参数
  2. egg-mock 不支持测试 https (会抛异常), 故没写完整的自签发证书启动服务用例。如果在启动 https 时 egg-mock 不抛异常,我可以补上相关用例。
  describe('options with https', () => {
    let app;
    before(() => {
      app = utils.cluster('apps/options', {
        framework: path.dirname(require.resolve('egg')),
        https: {
          key: '/key.unsecure',
          cert: '/02.crt',
        },
        port: 7701,
      });
      return app.ready();
    });
    after(() => app.close());
    it('should be passed through', () => {
      return app.httpRequest()
        .get('/')
        .expect('true');
    });
  });

egg-mock 异常

POST http://127.0.0.1:7701/__egg_mock_call_function error, method: mockRestore, args: []
  1. 使用配置参数(非命令行)传入 https 参数,启动系统后日志显示为不正确的 protocol: http://

waitingsong avatar Sep 10 '18 11:09 waitingsong

重构处理证书逻辑: 先合并参数,最后启动app_worker 时再验证、加载证书。适用于当配置的证书(文件)无效(不存在、过期等)时可在不修改代码情况下临时通过命令行指定有效的证书文件路径启动服务的情况。

waitingsong avatar Sep 11 '18 08:09 waitingsong

没人看看?

waitingsong avatar Nov 13 '18 12:11 waitingsong

@dead-horse @popomore 瞅瞅?

atian25 avatar Nov 14 '18 09:11 atian25

所以这里是有解决从config读https配置了吗?还是说还是只能 `egg-scripts start --daemon --https.key='path' --https.cert='path'?

catherinessssss avatar Jan 28 '19 07:01 catherinessssss

所以这里是有解决从config读https配置了吗?

这个问题应该没解决: https://github.com/eggjs/egg-cluster/pull/75#issuecomment-416937180

waitingsong avatar Jan 28 '19 07:01 waitingsong

所以这里是有解决从config读https配置了吗?

这个问题应该没解决: #75 (comment)

那这里是解决了什么问题?

catherinessssss avatar Jan 28 '19 07:01 catherinessssss

所以这里是有解决从config读https配置了吗?

这个问题应该没解决: #75 (comment)

那这里是解决了什么问题?

从 package.json 读取证书配置没问题,就是日志显示 protocol 不正常

waitingsong avatar Jan 28 '19 07:01 waitingsong

所以这里是有解决从config读https配置了吗?

这个问题应该没解决: #75 (comment)

那这里是解决了什么问题?

从 package.json 读取证书配置没问题,就是日志显示 protocol 不正常

谢谢!之后会支持通过配置去开启https吗?而不是通过package.json

catherinessssss avatar Jan 28 '19 07:01 catherinessssss

从 package.json 读取证书配置没问题,就是日志显示 protocol 不正常

谢谢!之后会支持通过配置去开启https吗?而不是通过package.json

按道理在命令行启动时额外传入证书参数也是可行的。这个我没测试。

waitingsong avatar Jan 28 '19 07:01 waitingsong

从 package.json 读取证书配置没问题,就是日志显示 protocol 不正常

谢谢!之后会支持通过配置去开启https吗?而不是通过package.json

按道理在命令行启动时额外传入证书参数也是可行的。这个我没测试。

可以支持类似配置吗? config.cluster = { listen: { port: process.env.PORT || 7001, hostname: '0.0.0.0', }, https: { key: process.env.PORT || '.key', cert: process.env.PORT || '.crt', } };

catherinessssss avatar Jan 28 '19 08:01 catherinessssss

@catherinessssss 支持 process.env.PORT || '.crt' 这个文件需要在项目根目录下存在

waitingsong avatar Jan 29 '19 14:01 waitingsong

supertest 里面检测 protocol 用了下面的代码:

// lib/test.js
protocol = app instanceof https.Server ? 'https' : 'http';

egg-mock 里返回的 app 是这样:

// lib/cluster.js

let clusterApp = new ClusterApplication(options);
clusterApp = new Proxy(clusterApp, {
  //...
});
return clusterApp;

https 方式访问 https://127.0.0.1:8443 证书会有问题,用 urllib 会方便一点。

thonatos avatar May 16 '19 07:05 thonatos

这样实现貌似也可以?

// lib/app_worker.js
// ...L25
const httpsOptions = Object.assign({}, clusterConfig.https, options.https);
const protocal = (httpsOptions.key && httpsOptions.cert) ? 'https' : 'http';

process.send({
  to: 'master',
  action: 'realprotocal',
  data: protocal,
});


// lib/master.js
const REALPROTOCAL = Symbol('Master#realprotocal');

class Master extends EventEmitter {
  constructor(options) {
    this[REALPORT] = undefined;
   // ...
    this.on('realprotocal', protocal => {
      if (protocal) this[REALPROTOCAL] = protocal;
    });
  }
}

// L586
address.protocal = this[REALPROTOCAL] || (this.options.https ? 'https' : 'http');

thonatos avatar May 16 '19 13:05 thonatos