Merge pull request #78 from Dstack-TEE/wdg-tappd

tappd: No hardcoded port for watchdog
Dstack-TEE · Dec 23, 2024 · 2f1d6ee · 2f1d6ee
2 parents b909335 + 039d77a
commit 2f1d6ee
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 7 deletions.
diff --git a/tappd/src/config.rs b/tappd/src/config.rs
@@ -8,6 +8,11 @@ pub fn load_config_figment(config_file: Option<&str>) -> Figment {
     load_config("tappd", DEFAULT_CONFIG, config_file, true)
 }
 
+#[derive(Debug, Clone, Copy, Deserialize)]
+pub struct BindAddr {
+    pub port: u16,
+}
+
 #[derive(Debug, Clone, Deserialize)]
 pub struct Config {
     pub app_name: String,

diff --git a/tappd/src/main.rs b/tappd/src/main.rs
@@ -2,6 +2,7 @@ use std::{fs::Permissions, future::pending, os::unix::fs::PermissionsExt};
 
 use anyhow::{anyhow, Context, Result};
 use clap::Parser;
+use config::BindAddr;
 use guest_api_service::GuestApiHandler;
 use rocket::{
     fairing::AdHoc,
@@ -102,7 +103,7 @@ async fn run_guest_api(state: AppState, figment: Figment) -> Result<()> {
     Ok(())
 }
 
-async fn run_watchdog() {
+async fn run_watchdog(port: u16) {
     let mut watchdog_usec = 0;
     let enabled = sd_notify::watchdog_enabled(false, &mut watchdog_usec);
     if !enabled {
@@ -123,15 +124,12 @@ async fn run_watchdog() {
     // Create HTTP client for health checks
     let client = reqwest::Client::new();
 
+    let probe_url = format!("http://localhost:{port}/prpc/Worker.Version");
     loop {
         interval.tick().await;
 
         // Perform health check
-        match client
-            .get("http://localhost:8090/prpc/Worker.Version")
-            .send()
-            .await
-        {
+        match client.get(&probe_url).send().await {
             Ok(response) if response.status().is_success() => {
                 // Only notify systemd if health check passes
                 if let Err(err) = sd_notify(false, &[NotifyState::Watchdog]) {
@@ -161,6 +159,9 @@ async fn main() -> Result<()> {
         AppState::new(figment.focus("core").extract()?).context("Failed to create app state")?;
     let internal_figment = figment.clone().select("internal");
     let external_figment = figment.clone().select("external");
+    let bind_addr: BindAddr = external_figment
+        .extract()
+        .context("Failed to extract bind address")?;
     let external_https_figment = figment.clone().select("external-https");
     let guest_api_figment = figment.select("guest-api");
     tokio::select!(
@@ -170,7 +171,7 @@ async fn main() -> Result<()> {
         res = run_guest_api(state.clone(), guest_api_figment) => res?,
         _ = async {
             if args.watchdog {
-                run_watchdog().await;
+                run_watchdog(bind_addr.port).await;
             } else {
                 pending::<()>().await;
             }