feat: support tls config.
This commit is contained in:
tx7do
182
rpc/grpc.go
182
rpc/grpc.go
@@ -2,13 +2,15 @@ package rpc
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"google.golang.org/grpc"
|
||||
|
||||
"github.com/go-kratos/aegis/ratelimit"
|
||||
"github.com/go-kratos/aegis/ratelimit/bbr"
|
||||
|
||||
"google.golang.org/grpc"
|
||||
|
||||
"github.com/go-kratos/kratos/v2/log"
|
||||
"github.com/go-kratos/kratos/v2/registry"
|
||||
|
||||
@@ -21,42 +23,33 @@ import (
|
||||
kratosGrpc "github.com/go-kratos/kratos/v2/transport/grpc"
|
||||
|
||||
conf "github.com/tx7do/kratos-bootstrap/api/gen/go/conf/v1"
|
||||
"github.com/tx7do/kratos-bootstrap/utils"
|
||||
)
|
||||
|
||||
const defaultTimeout = 5 * time.Second
|
||||
|
||||
// CreateGrpcClient 创建GRPC客户端
|
||||
func CreateGrpcClient(ctx context.Context, r registry.Discovery, serviceName string, cfg *conf.Bootstrap, m ...middleware.Middleware) grpc.ClientConnInterface {
|
||||
endpoint := "discovery:///" + serviceName
|
||||
func CreateGrpcClient(ctx context.Context, r registry.Discovery, serviceName string, cfg *conf.Bootstrap, opts ...kratosGrpc.ClientOption) grpc.ClientConnInterface {
|
||||
|
||||
var ms []middleware.Middleware
|
||||
timeout := defaultTimeout
|
||||
if cfg.Client != nil && cfg.Client.Grpc != nil {
|
||||
if cfg.Client.Grpc.Timeout != nil {
|
||||
timeout = cfg.Client.Grpc.Timeout.AsDuration()
|
||||
}
|
||||
var options []kratosGrpc.ClientOption
|
||||
|
||||
if cfg.Client.Grpc.Middleware != nil {
|
||||
if cfg.Client.Grpc.Middleware.GetEnableRecovery() {
|
||||
ms = append(ms, recovery.Recovery())
|
||||
}
|
||||
if cfg.Client.Grpc.Middleware.GetEnableTracing() {
|
||||
ms = append(ms, tracing.Client())
|
||||
}
|
||||
if cfg.Client.Grpc.Middleware.GetEnableValidate() {
|
||||
ms = append(ms, validate.Validator())
|
||||
}
|
||||
}
|
||||
if opts != nil {
|
||||
options = append(options, opts...)
|
||||
}
|
||||
ms = append(ms, m...)
|
||||
|
||||
conn, err := kratosGrpc.DialInsecure(
|
||||
ctx,
|
||||
kratosGrpc.WithEndpoint(endpoint),
|
||||
kratosGrpc.WithDiscovery(r),
|
||||
kratosGrpc.WithTimeout(timeout),
|
||||
kratosGrpc.WithMiddleware(ms...),
|
||||
)
|
||||
options = append(options, kratosGrpc.WithDiscovery(r))
|
||||
|
||||
var endpoint string
|
||||
if strings.HasPrefix(serviceName, "discovery:///") {
|
||||
endpoint = serviceName
|
||||
} else {
|
||||
endpoint = "discovery:///" + serviceName
|
||||
}
|
||||
options = append(options, kratosGrpc.WithEndpoint(endpoint))
|
||||
|
||||
options = append(options, initGrpcClientConfig(cfg)...)
|
||||
|
||||
conn, err := kratosGrpc.DialInsecure(ctx, options...)
|
||||
if err != nil {
|
||||
log.Fatalf("dial grpc client [%s] failed: %s", serviceName, err.Error())
|
||||
}
|
||||
@@ -64,12 +57,89 @@ func CreateGrpcClient(ctx context.Context, r registry.Discovery, serviceName str
|
||||
return conn
|
||||
}
|
||||
|
||||
// CreateGrpcServer 创建GRPC服务端
|
||||
func CreateGrpcServer(cfg *conf.Bootstrap, m ...middleware.Middleware) *kratosGrpc.Server {
|
||||
var opts []kratosGrpc.ServerOption
|
||||
func initGrpcClientConfig(cfg *conf.Bootstrap) []kratosGrpc.ClientOption {
|
||||
if cfg.Client == nil || cfg.Client.Grpc == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
var options []kratosGrpc.ClientOption
|
||||
|
||||
timeout := defaultTimeout
|
||||
if cfg.Client.Grpc.Timeout != nil {
|
||||
timeout = cfg.Client.Grpc.Timeout.AsDuration()
|
||||
}
|
||||
options = append(options, kratosGrpc.WithTimeout(timeout))
|
||||
|
||||
if cfg.Client.Grpc.Middleware != nil {
|
||||
var ms []middleware.Middleware
|
||||
|
||||
if cfg.Client.Grpc.Middleware.GetEnableRecovery() {
|
||||
ms = append(ms, recovery.Recovery())
|
||||
}
|
||||
if cfg.Client.Grpc.Middleware.GetEnableTracing() {
|
||||
ms = append(ms, tracing.Client())
|
||||
}
|
||||
if cfg.Client.Grpc.Middleware.GetEnableValidate() {
|
||||
ms = append(ms, validate.Validator())
|
||||
}
|
||||
}
|
||||
|
||||
if cfg.Client.Grpc.Tls != nil {
|
||||
var tlsCfg *tls.Config
|
||||
var err error
|
||||
|
||||
if cfg.Client.Grpc.Tls.File != nil {
|
||||
if tlsCfg, err = utils.LoadClientTlsConfigFile(
|
||||
cfg.Client.Grpc.Tls.File.GetKeyPath(),
|
||||
cfg.Client.Grpc.Tls.File.GetCertPath(),
|
||||
cfg.Client.Grpc.Tls.File.GetCaPath(),
|
||||
); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
if tlsCfg == nil && cfg.Client.Grpc.Tls.Config != nil {
|
||||
if tlsCfg, err = utils.LoadClientTlsConfig(
|
||||
cfg.Client.Grpc.Tls.Config.GetKeyPem(),
|
||||
cfg.Client.Grpc.Tls.Config.GetCertPem(),
|
||||
cfg.Client.Grpc.Tls.Config.GetCaPem(),
|
||||
); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
if tlsCfg != nil {
|
||||
options = append(options, kratosGrpc.WithTLSConfig(tlsCfg))
|
||||
}
|
||||
}
|
||||
|
||||
return options
|
||||
}
|
||||
|
||||
// CreateGrpcServer 创建GRPC服务端
|
||||
func CreateGrpcServer(cfg *conf.Bootstrap, opts ...kratosGrpc.ServerOption) *kratosGrpc.Server {
|
||||
var options []kratosGrpc.ServerOption
|
||||
|
||||
if opts != nil {
|
||||
options = append(options, opts...)
|
||||
}
|
||||
|
||||
options = append(options, initGrpcServerConfig(cfg)...)
|
||||
|
||||
srv := kratosGrpc.NewServer(options...)
|
||||
|
||||
return srv
|
||||
}
|
||||
|
||||
func initGrpcServerConfig(cfg *conf.Bootstrap) []kratosGrpc.ServerOption {
|
||||
if cfg.Server == nil || cfg.Server.Grpc == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
var options []kratosGrpc.ServerOption
|
||||
|
||||
if cfg.Server.Grpc.Middleware != nil {
|
||||
var ms []middleware.Middleware
|
||||
|
||||
var ms []middleware.Middleware
|
||||
if cfg.Server != nil && cfg.Server.Grpc != nil && cfg.Server.Grpc.Middleware != nil {
|
||||
if cfg.Server.Grpc.Middleware.GetEnableRecovery() {
|
||||
ms = append(ms, recovery.Recovery())
|
||||
}
|
||||
@@ -89,21 +159,49 @@ func CreateGrpcServer(cfg *conf.Bootstrap, m ...middleware.Middleware) *kratosGr
|
||||
}
|
||||
ms = append(ms, midRateLimit.Server(midRateLimit.WithLimiter(limiter)))
|
||||
}
|
||||
|
||||
options = append(options, kratosGrpc.Middleware(ms...))
|
||||
}
|
||||
|
||||
if cfg.Server.Grpc.Tls != nil {
|
||||
var tlsCfg *tls.Config
|
||||
var err error
|
||||
|
||||
if cfg.Server.Grpc.Tls.File != nil {
|
||||
if tlsCfg, err = utils.LoadServerTlsConfigFile(
|
||||
cfg.Server.Grpc.Tls.File.GetKeyPath(),
|
||||
cfg.Server.Grpc.Tls.File.GetCertPath(),
|
||||
cfg.Server.Grpc.Tls.File.GetCaPath(),
|
||||
cfg.Server.Grpc.Tls.InsecureSkipVerify,
|
||||
); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
if tlsCfg == nil && cfg.Server.Grpc.Tls.Config != nil {
|
||||
if tlsCfg, err = utils.LoadServerTlsConfig(
|
||||
cfg.Server.Grpc.Tls.Config.GetKeyPem(),
|
||||
cfg.Server.Grpc.Tls.Config.GetCertPem(),
|
||||
cfg.Server.Grpc.Tls.Config.GetCaPem(),
|
||||
cfg.Server.Grpc.Tls.InsecureSkipVerify,
|
||||
); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
if tlsCfg != nil {
|
||||
options = append(options, kratosGrpc.TLSConfig(tlsCfg))
|
||||
}
|
||||
}
|
||||
ms = append(ms, m...)
|
||||
opts = append(opts, kratosGrpc.Middleware(ms...))
|
||||
|
||||
if cfg.Server.Grpc.Network != "" {
|
||||
opts = append(opts, kratosGrpc.Network(cfg.Server.Grpc.Network))
|
||||
options = append(options, kratosGrpc.Network(cfg.Server.Grpc.Network))
|
||||
}
|
||||
if cfg.Server.Grpc.Addr != "" {
|
||||
opts = append(opts, kratosGrpc.Address(cfg.Server.Grpc.Addr))
|
||||
options = append(options, kratosGrpc.Address(cfg.Server.Grpc.Addr))
|
||||
}
|
||||
if cfg.Server.Grpc.Timeout != nil {
|
||||
opts = append(opts, kratosGrpc.Timeout(cfg.Server.Grpc.Timeout.AsDuration()))
|
||||
options = append(options, kratosGrpc.Timeout(cfg.Server.Grpc.Timeout.AsDuration()))
|
||||
}
|
||||
|
||||
srv := kratosGrpc.NewServer(opts...)
|
||||
|
||||
return srv
|
||||
return options
|
||||
}
|
||||
|
||||
85
rpc/rest.go
85
rpc/rest.go
@@ -1,8 +1,11 @@
|
||||
package rpc
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"net/http/pprof"
|
||||
|
||||
"github.com/gorilla/handlers"
|
||||
|
||||
"github.com/go-kratos/aegis/ratelimit"
|
||||
"github.com/go-kratos/aegis/ratelimit/bbr"
|
||||
|
||||
@@ -14,23 +17,47 @@ import (
|
||||
|
||||
kratosRest "github.com/go-kratos/kratos/v2/transport/http"
|
||||
|
||||
"github.com/gorilla/handlers"
|
||||
|
||||
conf "github.com/tx7do/kratos-bootstrap/api/gen/go/conf/v1"
|
||||
"github.com/tx7do/kratos-bootstrap/utils"
|
||||
)
|
||||
|
||||
// CreateRestServer 创建REST服务端
|
||||
func CreateRestServer(cfg *conf.Bootstrap, m ...middleware.Middleware) *kratosRest.Server {
|
||||
var opts = []kratosRest.ServerOption{
|
||||
kratosRest.Filter(handlers.CORS(
|
||||
func CreateRestServer(cfg *conf.Bootstrap, opts ...kratosRest.ServerOption) *kratosRest.Server {
|
||||
var options []kratosRest.ServerOption
|
||||
|
||||
if opts != nil {
|
||||
options = append(options, opts...)
|
||||
}
|
||||
|
||||
options = append(options, initRestConfig(cfg)...)
|
||||
|
||||
srv := kratosRest.NewServer(options...)
|
||||
|
||||
if cfg.Server != nil && cfg.Server.Rest != nil && cfg.Server.Rest.GetEnablePprof() {
|
||||
registerHttpPprof(srv)
|
||||
}
|
||||
|
||||
return srv
|
||||
}
|
||||
|
||||
func initRestConfig(cfg *conf.Bootstrap) []kratosRest.ServerOption {
|
||||
if cfg.Server == nil || cfg.Server.Rest == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
var options []kratosRest.ServerOption
|
||||
|
||||
if cfg.Server.Rest.Cors != nil {
|
||||
options = append(options, kratosRest.Filter(handlers.CORS(
|
||||
handlers.AllowedHeaders(cfg.Server.Rest.Cors.Headers),
|
||||
handlers.AllowedMethods(cfg.Server.Rest.Cors.Methods),
|
||||
handlers.AllowedOrigins(cfg.Server.Rest.Cors.Origins),
|
||||
)),
|
||||
)))
|
||||
}
|
||||
|
||||
var ms []middleware.Middleware
|
||||
if cfg.Server != nil && cfg.Server.Rest != nil && cfg.Server.Rest.Middleware != nil {
|
||||
if cfg.Server.Rest.Middleware != nil {
|
||||
var ms []middleware.Middleware
|
||||
|
||||
if cfg.Server.Rest.Middleware.GetEnableRecovery() {
|
||||
ms = append(ms, recovery.Recovery())
|
||||
}
|
||||
@@ -50,27 +77,51 @@ func CreateRestServer(cfg *conf.Bootstrap, m ...middleware.Middleware) *kratosRe
|
||||
}
|
||||
ms = append(ms, midRateLimit.Server(midRateLimit.WithLimiter(limiter)))
|
||||
}
|
||||
|
||||
options = append(options, kratosRest.Middleware(ms...))
|
||||
}
|
||||
ms = append(ms, m...)
|
||||
opts = append(opts, kratosRest.Middleware(ms...))
|
||||
|
||||
if cfg.Server.Rest.Network != "" {
|
||||
opts = append(opts, kratosRest.Network(cfg.Server.Rest.Network))
|
||||
options = append(options, kratosRest.Network(cfg.Server.Rest.Network))
|
||||
}
|
||||
if cfg.Server.Rest.Addr != "" {
|
||||
opts = append(opts, kratosRest.Address(cfg.Server.Rest.Addr))
|
||||
options = append(options, kratosRest.Address(cfg.Server.Rest.Addr))
|
||||
}
|
||||
if cfg.Server.Rest.Timeout != nil {
|
||||
opts = append(opts, kratosRest.Timeout(cfg.Server.Rest.Timeout.AsDuration()))
|
||||
options = append(options, kratosRest.Timeout(cfg.Server.Rest.Timeout.AsDuration()))
|
||||
}
|
||||
|
||||
srv := kratosRest.NewServer(opts...)
|
||||
if cfg.Server.Rest.Tls != nil {
|
||||
var tlsCfg *tls.Config
|
||||
var err error
|
||||
|
||||
if cfg.Server.Rest.GetEnablePprof() {
|
||||
registerHttpPprof(srv)
|
||||
if cfg.Server.Rest.Tls.File != nil {
|
||||
if tlsCfg, err = utils.LoadServerTlsConfigFile(
|
||||
cfg.Server.Rest.Tls.File.GetKeyPath(),
|
||||
cfg.Server.Rest.Tls.File.GetCertPath(),
|
||||
cfg.Server.Rest.Tls.File.GetCaPath(),
|
||||
cfg.Server.Rest.Tls.InsecureSkipVerify,
|
||||
); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
if tlsCfg == nil && cfg.Server.Rest.Tls.Config != nil {
|
||||
if tlsCfg, err = utils.LoadServerTlsConfig(
|
||||
cfg.Server.Rest.Tls.Config.GetKeyPem(),
|
||||
cfg.Server.Rest.Tls.Config.GetCertPem(),
|
||||
cfg.Server.Rest.Tls.Config.GetCaPem(),
|
||||
cfg.Server.Rest.Tls.InsecureSkipVerify,
|
||||
); err != nil {
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
|
||||
if tlsCfg != nil {
|
||||
options = append(options, kratosRest.TLSConfig(tlsCfg))
|
||||
}
|
||||
}
|
||||
|
||||
return srv
|
||||
return options
|
||||
}
|
||||
|
||||
func registerHttpPprof(s *kratosRest.Server) {
|
||||
|
||||
Reference in New Issue
Block a user