Improve error response logging

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
brandond · Jun 5, 2023 · 5170bc5 · 5170bc5
1 parent 45d8c1a
commit 5170bc5
Showing 1 changed file with 14 additions and 12 deletions.
diff --git a/pkg/server/router.go b/pkg/server/router.go
@@ -143,7 +143,7 @@ func cacerts(serverCA string) http.Handler {
 			var err error
 			ca, err = os.ReadFile(serverCA)
 			if err != nil {
-				sendError(err, resp)
+				sendError(err, resp, req)
 				return
 			}
 		}
@@ -218,13 +218,13 @@ func servingKubeletCert(server *config.Control, keyFile string, auth nodePassBoo
 
 		nodeName, errCode, err := auth(req)
 		if err != nil {
-			sendError(err, resp, errCode)
+			sendError(err, resp, req, errCode)
 			return
 		}
 
 		caCerts, caKey, key, err := getCACertAndKeys(server.Runtime.ServerCA, server.Runtime.ServerCAKey, server.Runtime.ServingKubeletKey)
 		if err != nil {
-			sendError(err, resp)
+			sendError(err, resp, req)
 			return
 		}
 
@@ -234,7 +234,7 @@ func servingKubeletCert(server *config.Control, keyFile string, auth nodePassBoo
 			for _, v := range strings.Split(nodeIP, ",") {
 				ip := net.ParseIP(v)
 				if ip == nil {
-					sendError(fmt.Errorf("invalid IP address %s", ip), resp)
+					sendError(fmt.Errorf("invalid node IP address %s", ip), resp, req)
 					return
 				}
 				ips = append(ips, ip)
@@ -250,7 +250,7 @@ func servingKubeletCert(server *config.Control, keyFile string, auth nodePassBoo
 			},
 		}, key, caCerts[0], caKey)
 		if err != nil {
-			sendError(err, resp)
+			sendError(err, resp, req)
 			return
 		}
 
@@ -274,13 +274,13 @@ func clientKubeletCert(server *config.Control, keyFile string, auth nodePassBoot
 
 		nodeName, errCode, err := auth(req)
 		if err != nil {
-			sendError(err, resp, errCode)
+			sendError(err, resp, req, errCode)
 			return
 		}
 
 		caCerts, caKey, key, err := getCACertAndKeys(server.Runtime.ClientCA, server.Runtime.ClientCAKey, server.Runtime.ClientKubeletKey)
 		if err != nil {
-			sendError(err, resp)
+			sendError(err, resp, req)
 			return
 		}
 
@@ -290,7 +290,7 @@ func clientKubeletCert(server *config.Control, keyFile string, auth nodePassBoot
 			Usages:       []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
 		}, key, caCerts[0], caKey)
 		if err != nil {
-			sendError(err, resp)
+			sendError(err, resp, req)
 			return
 		}
 
@@ -400,17 +400,19 @@ func serveStatic(urlPrefix, staticDir string) http.Handler {
 	return http.StripPrefix(urlPrefix, http.FileServer(http.Dir(staticDir)))
 }
 
-func sendError(err error, resp http.ResponseWriter, status ...int) {
+func sendError(err error, resp http.ResponseWriter, req *http.Request, status ...int) {
 	var code int
 	if len(status) == 1 {
 		code = status[0]
 	}
 	if code == 0 || code == http.StatusOK {
 		code = http.StatusInternalServerError
 	}
-	logrus.Error(err)
-	resp.WriteHeader(code)
-	resp.Write([]byte(err.Error()))
+	logrus.Errorf("Sending HTTP %d response to %s: %v", code, req.RemoteAddr, err)
+	responsewriters.ErrorNegotiated(
+		apierrors.NewGenericServerResponse(code, req.Method, schema.GroupResource{}, req.URL.Path, err.Error(), 0, true),
+		scheme.Codecs.WithoutConversion(), schema.GroupVersion{}, resp, req,
+	)
 }
 
 // nodePassBootstrapper returns a node name, or http error code and error