From d47963a858642bdcc3ab9eaa90c323b12182c534 Mon Sep 17 00:00:00 2001 From: xiang Date: Tue, 8 Sep 2020 20:24:07 +0800 Subject: [PATCH 1/2] fix --- dm/master/server.go | 5 +---- tests/_dmctl_tools/check_master_online_http.go | 2 +- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/dm/master/server.go b/dm/master/server.go index 9695292306..d5fe4036ad 100644 --- a/dm/master/server.go +++ b/dm/master/server.go @@ -172,11 +172,8 @@ func (s *Server) Start(ctx context.Context) (err error) { if err != nil { return terror.ErrMasterTLSConfigNotValid.Delegate(err) } - if tls2 != nil && tls2.TLSConfig() != nil { - tls2.TLSConfig().InsecureSkipVerify = true - } - apiHandler, err := getHTTPAPIHandler(ctx, s.cfg.MasterAddr, tls2.ToGRPCDialOption()) + apiHandler, err := getHTTPAPIHandler(ctx, s.cfg.AdvertiseAddr, tls2.ToGRPCDialOption()) if err != nil { return } diff --git a/tests/_dmctl_tools/check_master_online_http.go b/tests/_dmctl_tools/check_master_online_http.go index ea126db44e..1f7b4a9b1d 100644 --- a/tests/_dmctl_tools/check_master_online_http.go +++ b/tests/_dmctl_tools/check_master_online_http.go @@ -49,7 +49,7 @@ func main() { client := &http.Client{Transport: transport} - resp, err := client.Get("https://" + addr + "/status") + resp, err := client.Get("https://" + addr + "/apis/v1alpha1/members") if err != nil { utils.ExitWithError(err) } From 90fead36da410fcaa70b2b3bb26e67ccc7d3ba96 Mon Sep 17 00:00:00 2001 From: xiang Date: Mon, 14 Sep 2020 16:20:29 +0800 Subject: [PATCH 2/2] add a new file to check http api --- tests/_dmctl_tools/check_master_http_apis.go | 62 +++++++++++++++++++ .../_dmctl_tools/check_master_online_http.go | 2 +- tests/tls/run.sh | 3 +- 3 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 tests/_dmctl_tools/check_master_http_apis.go diff --git a/tests/_dmctl_tools/check_master_http_apis.go b/tests/_dmctl_tools/check_master_http_apis.go new file mode 100644 index 0000000000..1f7b4a9b1d --- /dev/null +++ b/tests/_dmctl_tools/check_master_http_apis.go @@ -0,0 +1,62 @@ +// Copyright 2020 PingCAP, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "fmt" + "io/ioutil" + "net/http" + "os" + + "github.com/pingcap/dm/tests/utils" + + toolutils "github.com/pingcap/tidb-tools/pkg/utils" +) + +// use show-ddl-locks request to test DM-master is online +func main() { + addr := os.Args[1] + sslCA := "" + sslCert := "" + sslKey := "" + transport := http.DefaultTransport.(*http.Transport).Clone() + + if len(os.Args) == 5 { + sslCA = os.Args[2] + sslCert = os.Args[3] + sslKey = os.Args[4] + + tls, err := toolutils.NewTLS(sslCA, sslCert, sslKey, "", nil) + if err != nil { + utils.ExitWithError(err) + } + + tlsCfg := tls.TLSConfig() + tlsCfg.InsecureSkipVerify = true + transport.TLSClientConfig = tlsCfg + } + + client := &http.Client{Transport: transport} + + resp, err := client.Get("https://" + addr + "/apis/v1alpha1/members") + if err != nil { + utils.ExitWithError(err) + } + defer resp.Body.Close() + body, err := ioutil.ReadAll(resp.Body) + if err != nil { + utils.ExitWithError(err) + } + fmt.Println(string(body)) +} diff --git a/tests/_dmctl_tools/check_master_online_http.go b/tests/_dmctl_tools/check_master_online_http.go index 1f7b4a9b1d..ea126db44e 100644 --- a/tests/_dmctl_tools/check_master_online_http.go +++ b/tests/_dmctl_tools/check_master_online_http.go @@ -49,7 +49,7 @@ func main() { client := &http.Client{Transport: transport} - resp, err := client.Get("https://" + addr + "/apis/v1alpha1/members") + resp, err := client.Get("https://" + addr + "/status") if err != nil { utils.ExitWithError(err) } diff --git a/tests/tls/run.sh b/tests/tls/run.sh index 2f4303ed4c..e3a71fb92b 100644 --- a/tests/tls/run.sh +++ b/tests/tls/run.sh @@ -90,8 +90,9 @@ function run() { "query-status test" \ "\"result\": true" 2 - echo "test http interface" + echo "test http and api interface" check_rpc_alive $cur/../bin/check_master_online_http 127.0.0.1:$MASTER_PORT1 "$cur/conf/ca.pem" "$cur/conf/dm.pem" "$cur/conf/dm.key" + check_rpc_alive $cur/../bin/check_master_http_apis 127.0.0.1:$MASTER_PORT1 "$cur/conf/ca.pem" "$cur/conf/dm.pem" "$cur/conf/dm.key" echo "use common name not in 'cert-allowed-cn' should not request success" check_rpc_alive $cur/../bin/check_master_online_http 127.0.0.1:$MASTER_PORT1 "$cur/conf/ca.pem" "$cur/conf/other.pem" "$cur/conf/other.key" && exit 1 || true