mirror of https://github.com/hashicorp/consul
rename GRPC->XDS where appropriate
parent
13bd86527b
commit
7d73fd7ae5
|
@ -617,8 +617,7 @@ func (a *Agent) Start(ctx context.Context) error {
|
|||
a.apiServers.Start(srv)
|
||||
}
|
||||
|
||||
// Start gRPC server.
|
||||
if err := a.listenAndServeGRPC(); err != nil {
|
||||
if err := a.listenAndServeXDS(); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
|
@ -661,7 +660,7 @@ func (a *Agent) Failed() <-chan struct{} {
|
|||
return a.apiServers.failed
|
||||
}
|
||||
|
||||
func (a *Agent) listenAndServeGRPC() error {
|
||||
func (a *Agent) listenAndServeXDS() error {
|
||||
if len(a.config.GRPCAddrs) < 1 {
|
||||
return nil
|
||||
}
|
||||
|
@ -682,11 +681,7 @@ func (a *Agent) listenAndServeGRPC() error {
|
|||
if a.config.HTTPSPort <= 0 {
|
||||
tlsConfig = nil
|
||||
}
|
||||
var err error
|
||||
a.grpcServer, err = xdsServer.GRPCServer(tlsConfig)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
a.grpcServer = xds.NewGRPCServer(xdsServer, tlsConfig)
|
||||
|
||||
ln, err := a.startListeners(a.config.GRPCAddrs)
|
||||
if err != nil {
|
||||
|
|
|
@ -543,14 +543,15 @@ func tokenFromContext(ctx context.Context) string {
|
|||
return ""
|
||||
}
|
||||
|
||||
// GRPCServer returns a server instance that can handle xDS requests.
|
||||
func (s *Server) GRPCServer(tlsConfigurator *tlsutil.Configurator) (*grpc.Server, error) {
|
||||
// NewGRPCServer creates a grpc.Server, registers the Server, and then returns
|
||||
// the grpc.Server.
|
||||
func NewGRPCServer(s *Server, tlsConfigurator *tlsutil.Configurator) *grpc.Server {
|
||||
opts := []grpc.ServerOption{
|
||||
grpc.MaxConcurrentStreams(2048),
|
||||
}
|
||||
if tlsConfigurator != nil {
|
||||
if tlsConfigurator.Cert() != nil {
|
||||
creds := credentials.NewTLS(tlsConfigurator.IncomingGRPCConfig())
|
||||
creds := credentials.NewTLS(tlsConfigurator.IncomingXDSConfig())
|
||||
opts = append(opts, grpc.Creds(creds))
|
||||
}
|
||||
}
|
||||
|
@ -560,8 +561,7 @@ func (s *Server) GRPCServer(tlsConfigurator *tlsutil.Configurator) (*grpc.Server
|
|||
if !s.DisableV2Protocol {
|
||||
envoy_discovery_v2.RegisterAggregatedDiscoveryServiceServer(srv, &adsServerV2Shim{srv: s})
|
||||
}
|
||||
|
||||
return srv, nil
|
||||
return srv
|
||||
}
|
||||
|
||||
func (s *Server) checkStreamACLs(streamCtx context.Context, cfgSnap *proxycfg.ConfigSnapshot) error {
|
||||
|
|
|
@ -604,9 +604,9 @@ func (c *Configurator) VerifyServerHostname() bool {
|
|||
return c.base.VerifyServerHostname || c.autoTLS.verifyServerHostname
|
||||
}
|
||||
|
||||
// IncomingGRPCConfig generates a *tls.Config for incoming GRPC connections.
|
||||
func (c *Configurator) IncomingGRPCConfig() *tls.Config {
|
||||
c.log("IncomingGRPCConfig")
|
||||
// IncomingXDSConfig generates a *tls.Config for incoming xDS connections.
|
||||
func (c *Configurator) IncomingXDSConfig() *tls.Config {
|
||||
c.log("IncomingXDSConfig")
|
||||
|
||||
// false has the effect that this config doesn't require a client cert
|
||||
// verification. This is because there is no verify_incoming_grpc
|
||||
|
@ -615,7 +615,7 @@ func (c *Configurator) IncomingGRPCConfig() *tls.Config {
|
|||
// effect on the grpc server.
|
||||
config := c.commonTLSConfig(false)
|
||||
config.GetConfigForClient = func(*tls.ClientHelloInfo) (*tls.Config, error) {
|
||||
return c.IncomingGRPCConfig(), nil
|
||||
return c.IncomingXDSConfig(), nil
|
||||
}
|
||||
return config
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue