hoelee/cloudflared
1
0
Fork 0
mirror of https://github.com/cloudflare/cloudflared.git synced 2025-07-27 22:59:58 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

TUN-7553: Add flag to enable management diagnostic services

Browse Source 
With the new flag --management-diagnostics (an opt-in flag)
cloudflared's will be able to report additional diagnostic information
over the management.argotunnel.com request path.
Additions include the /metrics prometheus endpoint; which is already
bound to a local port via --metrics.
/debug/pprof/(goroutine|heap) are also provided to allow for remotely
retrieving heap information from a running cloudflared connector.
This commit is contained in:
Devin Carr
2023-07-05 13:28:30 -07:00
parent 39847a70f2
commit 8a3eade6d3
6 changed files with 77 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
management/service.go
View File

@@ -31,6 +31,17 @@ const (
reasonIdleLimitExceeded = "session was idle for too long"
)
var (
// CORS middleware required to allow dash to access management.argotunnel.com requests
corsHandler = cors.Handler(cors.Options{
// Allows for any subdomain of cloudflare.com
AllowedOrigins: []string{"https://*.cloudflare.com"},
// Required to present cookies or other authentication across origin boundries
AllowCredentials: true,
MaxAge: 300, // Maximum value not ignored by any of major browsers
})
)
type ManagementService struct {
// The management tunnel hostname
Hostname string
@@ -54,6 +65,7 @@ type ManagementService struct {
}
func New(managementHostname string,
enableDiagServices bool,
serviceIP string,
clientID uuid.UUID,
label string,
@@ -71,25 +83,21 @@ func New(managementHostname string,
}
r := chi.NewRouter()
r.Use(ValidateAccessTokenQueryMiddleware)
r.Get("/ping", ping)
r.Head("/ping", ping)
// Default management services
r.With(corsHandler).Get("/ping", ping)
r.With(corsHandler).Head("/ping", ping)
r.Get("/logs", s.logs)
r.Get("/metrics", s.metricsHandler.ServeHTTP)
r.With(corsHandler).Get("/host_details", s.getHostDetails)
// Supports only heap and goroutine
r.Get("/debug/pprof/{profile:heap|goroutine}", pprof.Index)
// Diagnostic management services
if enableDiagServices {
// Prometheus endpoint
r.With(corsHandler).Get("/metrics", s.metricsHandler.ServeHTTP)
// Supports only heap and goroutine
r.With(corsHandler).Get("/debug/pprof/{profile:heap|goroutine}", pprof.Index)
}
r.Route("/host_details", func(r chi.Router) {
// CORS middleware required to allow dash to access management.argotunnel.com requests
r.Use(cors.Handler(cors.Options{
// Allows for any subdomain of cloudflare.com
AllowedOrigins: []string{"https://*.cloudflare.com"},
// Required to present cookies or other authentication across origin boundries
AllowCredentials: true,
MaxAge: 300, // Maximum value not ignored by any of major browsers
}))
r.Get("/", s.getHostDetails)
})
s.router = r
return s
}