diff --git a/pkg/server/router.go b/pkg/server/router.go index 84242e9b0dcb..d9209cf0294b 100644 --- a/pkg/server/router.go +++ b/pkg/server/router.go @@ -143,7 +143,7 @@ func cacerts(serverCA string) http.Handler { var err error ca, err = os.ReadFile(serverCA) if err != nil { - sendError(err, resp) + sendError(err, resp, req) return } } @@ -218,13 +218,13 @@ func servingKubeletCert(server *config.Control, keyFile string, auth nodePassBoo nodeName, errCode, err := auth(req) if err != nil { - sendError(err, resp, errCode) + sendError(err, resp, req, errCode) return } caCerts, caKey, key, err := getCACertAndKeys(server.Runtime.ServerCA, server.Runtime.ServerCAKey, server.Runtime.ServingKubeletKey) if err != nil { - sendError(err, resp) + sendError(err, resp, req) return } @@ -234,7 +234,7 @@ func servingKubeletCert(server *config.Control, keyFile string, auth nodePassBoo for _, v := range strings.Split(nodeIP, ",") { ip := net.ParseIP(v) if ip == nil { - sendError(fmt.Errorf("invalid IP address %s", ip), resp) + sendError(fmt.Errorf("invalid node IP address %s", ip), resp, req) return } ips = append(ips, ip) @@ -250,7 +250,7 @@ func servingKubeletCert(server *config.Control, keyFile string, auth nodePassBoo }, }, key, caCerts[0], caKey) if err != nil { - sendError(err, resp) + sendError(err, resp, req) return } @@ -274,13 +274,13 @@ func clientKubeletCert(server *config.Control, keyFile string, auth nodePassBoot nodeName, errCode, err := auth(req) if err != nil { - sendError(err, resp, errCode) + sendError(err, resp, req, errCode) return } caCerts, caKey, key, err := getCACertAndKeys(server.Runtime.ClientCA, server.Runtime.ClientCAKey, server.Runtime.ClientKubeletKey) if err != nil { - sendError(err, resp) + sendError(err, resp, req) return } @@ -290,7 +290,7 @@ func clientKubeletCert(server *config.Control, keyFile string, auth nodePassBoot Usages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}, }, key, caCerts[0], caKey) if err != nil { - sendError(err, resp) + sendError(err, resp, req) return } @@ -400,7 +400,7 @@ func serveStatic(urlPrefix, staticDir string) http.Handler { return http.StripPrefix(urlPrefix, http.FileServer(http.Dir(staticDir))) } -func sendError(err error, resp http.ResponseWriter, status ...int) { +func sendError(err error, resp http.ResponseWriter, req *http.Request, status ...int) { var code int if len(status) == 1 { code = status[0] @@ -408,9 +408,11 @@ func sendError(err error, resp http.ResponseWriter, status ...int) { if code == 0 || code == http.StatusOK { code = http.StatusInternalServerError } - logrus.Error(err) - resp.WriteHeader(code) - resp.Write([]byte(err.Error())) + logrus.Errorf("Sending HTTP %d response to %s: %v", code, req.RemoteAddr, err) + responsewriters.ErrorNegotiated( + apierrors.NewGenericServerResponse(code, req.Method, schema.GroupResource{}, req.URL.Path, err.Error(), 0, true), + scheme.Codecs.WithoutConversion(), schema.GroupVersion{}, resp, req, + ) } // nodePassBootstrapper returns a node name, or http error code and error