You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@servicecomb.apache.org by ma...@apache.org on 2019/09/05 06:53:32 UTC
[servicecomb-service-center] branch master updated: Support for tls
certificates when loading instance data from servicecenter
This is an automated email from the ASF dual-hosted git repository.
mabin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/servicecomb-service-center.git
The following commit(s) were added to refs/heads/master by this push:
new 1860a4e Support for tls certificates when loading instance data from servicecenter
new 3acea19 Merge pull request #580 from ChinX/syncer
1860a4e is described below
commit 1860a4e2977bac79044f1ee905da70200a720125
Author: chinx <c5...@126.com>
AuthorDate: Tue Aug 27 10:31:22 2019 +0800
Support for tls certificates when loading instance data from servicecenter
---
syncer/cmd/daemon.go | 4 +-
syncer/config/config.go | 69 +++++++++++++------
syncer/pkg/mock/mockplugin/servicecenter.go | 2 +-
syncer/plugins/eureka/eureka.go | 4 +-
syncer/plugins/option.go | 78 ++++++++++++++++++++++
syncer/plugins/plugin_test.go | 2 +-
syncer/plugins/servicecenter.go | 2 +-
syncer/plugins/servicecenter/servicecenter.go | 4 +-
syncer/plugins/servicecenter/servicecenter_test.go | 3 +-
syncer/server/server.go | 5 +-
syncer/servicecenter/servicecenter.go | 4 +-
syncer/servicecenter/servicecenter_test.go | 13 ++--
12 files changed, 151 insertions(+), 39 deletions(-)
diff --git a/syncer/cmd/daemon.go b/syncer/cmd/daemon.go
index 898d6af..8596a41 100644
--- a/syncer/cmd/daemon.go
+++ b/syncer/cmd/daemon.go
@@ -54,7 +54,7 @@ func init() {
syncerCmd.Flags().StringVar(&conf.JoinAddr, "join-addr", conf.JoinAddr,
"address to join the cluster by specifying at least one existing member")
- syncerCmd.Flags().StringVar(&conf.SCAddr, "sc-addr", conf.SCAddr,
+ syncerCmd.Flags().StringVar(&conf.SC.Addr, "sc-addr", conf.SC.Addr,
"address to monitor the service-center")
syncerCmd.Flags().StringVar(&conf.ClusterName, "cluster-name", conf.ClusterName,
@@ -63,7 +63,7 @@ func init() {
syncerCmd.Flags().IntVar(&conf.ClusterPort, "cluster-port", conf.ClusterPort,
"port to communicate between cluster members")
- syncerCmd.Flags().StringVar(&conf.ServicecenterPlugin, "sc-plugin", conf.ServicecenterPlugin,
+ syncerCmd.Flags().StringVar(&conf.SC.Plugin, "sc-plugin", conf.SC.Plugin,
"plugin name of servicecenter")
syncerCmd.Flags().StringVar(&configFile, "config", "",
diff --git a/syncer/config/config.go b/syncer/config/config.go
index cc86dc8..969e6d7 100644
--- a/syncer/config/config.go
+++ b/syncer/config/config.go
@@ -26,6 +26,7 @@ import (
"github.com/apache/servicecomb-service-center/pkg/log"
"github.com/apache/servicecomb-service-center/syncer/etcd"
"github.com/apache/servicecomb-service-center/syncer/pkg/utils"
+ "github.com/apache/servicecomb-service-center/syncer/plugins"
_ "github.com/apache/servicecomb-service-center/syncer/plugins/eureka"
"github.com/apache/servicecomb-service-center/syncer/plugins/servicecenter"
"github.com/apache/servicecomb-service-center/syncer/serf"
@@ -37,6 +38,9 @@ var (
DefaultClusterPort = 30192
DefaultTickerInterval = 30
DefaultConfigPath = "./conf/config.yaml"
+
+ syncerName = ""
+ servicecenterName = "servicecenter"
)
// Config is the configuration that can be set for Syncer. Some of these
@@ -49,18 +53,24 @@ type Config struct {
Etcd *etcd.Config
LogFile string `yaml:"log_file"`
- // SCAddr servicecenter address, which is the service registry address.
- // Cluster mode is supported, and multiple addresses are separated by an English ",".
- SCAddr string `yaml:"dc_addr"`
-
// JoinAddr The management address of one gossip pool member.
- JoinAddr string `yaml:"join_addr"`
- TickerInterval int `yaml:"ticker_interval"`
- Profile string `yaml:"profile"`
- EnableCompression bool `yaml:"enable_compression"`
- AutoSync bool `yaml:"auto_sync"`
- TLSConfig *TLSConfig `yaml:"tls_config"`
- ServicecenterPlugin string `yaml:"servicecenter_plugin"`
+ JoinAddr string `yaml:"join_addr"`
+ TickerInterval int `yaml:"ticker_interval"`
+ Profile string `yaml:"profile"`
+ EnableCompression bool `yaml:"enable_compression"`
+ AutoSync bool `yaml:"auto_sync"`
+ TLSConfig *TLSConfig `yaml:"tls_config"`
+ SC *ServiceCenter `yaml:"servicecenter"`
+}
+
+// ServiceCenter configuration
+type ServiceCenter struct {
+ // Addr servicecenter address, which is the service registry address.
+ // Cluster mode is supported, and multiple addresses are separated by an English ",".
+ Addr string `yaml:"addr"`
+ Plugin string `yaml:"plugin"`
+ TLSConfig *TLSConfig `yaml:"tls_config"`
+ Endpoints []string `yaml:"-"`
}
// DefaultConfig returns the default config
@@ -75,12 +85,15 @@ func DefaultConfig() *Config {
serfConf.NodeName = hostname
etcdConf.Name = hostname
return &Config{
- SCAddr: fmt.Sprintf("127.0.0.1:%d", DefaultDCPort),
- TickerInterval: DefaultTickerInterval,
- Config: serfConf,
- Etcd: etcdConf,
- TLSConfig: DefaultTLSConfig(),
- ServicecenterPlugin: servicecenter.PluginName,
+ TickerInterval: DefaultTickerInterval,
+ Config: serfConf,
+ Etcd: etcdConf,
+ TLSConfig: DefaultTLSConfig(),
+ SC: &ServiceCenter{
+ Addr: fmt.Sprintf("127.0.0.1:%d", DefaultDCPort),
+ Plugin: servicecenter.PluginName,
+ TLSConfig: NewTLSConfig(servicecenterName),
+ },
}
}
@@ -112,7 +125,8 @@ func LoadConfig(filepath string) (*Config, error) {
// Merge other configuration into the current configuration
func (c *Config) Merge(other *Config) {
- c.TLSConfig.Merge("", other.TLSConfig)
+ c.TLSConfig.Merge(syncerName, other.TLSConfig)
+ c.SC.TLSConfig.Merge(servicecenterName, other.SC.TLSConfig)
}
// Verify Provide config verification
@@ -139,11 +153,28 @@ func (c *Config) Verify() error {
}
if c.ClusterName == "" {
- c.ClusterName = fmt.Sprintf("%x", md5.Sum([]byte(c.SCAddr)))
+ c.ClusterName = fmt.Sprintf("%x", md5.Sum([]byte(c.SC.Addr)))
}
c.TLSEnabled = c.TLSConfig.Enabled
+ c.SC.Endpoints = strings.Split(c.SC.Addr, ",")
+
c.Etcd.SetName(c.NodeName)
return nil
}
+
+func (sc *ServiceCenter) SCConfigOps() []plugins.SCConfigOption {
+ opts := []plugins.SCConfigOption{plugins.WithEndpoints(strings.Split(sc.Addr, ","))}
+ if sc.TLSConfig.Enabled {
+ opts = append(opts,
+ plugins.WithTLSEnabled(sc.TLSConfig.Enabled),
+ plugins.WithTLSVerifyPeer(sc.TLSConfig.VerifyPeer),
+ plugins.WithTLSPassphrase(sc.TLSConfig.Passphrase),
+ plugins.WithTLSCAFile(sc.TLSConfig.CAFile),
+ plugins.WithTLSCertFile(sc.TLSConfig.CertFile),
+ plugins.WithTLSKeyFile(sc.TLSConfig.KeyFile),
+ )
+ }
+ return opts
+}
diff --git a/syncer/pkg/mock/mockplugin/servicecenter.go b/syncer/pkg/mock/mockplugin/servicecenter.go
index 4e01074..91259e6 100644
--- a/syncer/pkg/mock/mockplugin/servicecenter.go
+++ b/syncer/pkg/mock/mockplugin/servicecenter.go
@@ -48,7 +48,7 @@ func New() plugins.PluginInstance {
return &adaptor{}
}
-func (*adaptor) New(endpoints []string) (plugins.Servicecenter, error) {
+func (*adaptor) New(opts ...plugins.SCConfigOption) (plugins.Servicecenter, error) {
return &mockPlugin{}, nil
}
diff --git a/syncer/plugins/eureka/eureka.go b/syncer/plugins/eureka/eureka.go
index 71039e2..403f692 100644
--- a/syncer/plugins/eureka/eureka.go
+++ b/syncer/plugins/eureka/eureka.go
@@ -51,8 +51,8 @@ func New() plugins.PluginInstance {
}
// New repository with endpoints
-func (*adaptor) New(endpoints []string) (plugins.Servicecenter, error) {
- cfg := sc.Config{Endpoints: endpoints}
+func (*adaptor) New(opts ...plugins.SCConfigOption) (plugins.Servicecenter, error) {
+ cfg := plugins.ToSCConfig(opts...)
client, err := sc.NewLBClient(cfg.Endpoints, cfg.Merge())
if err != nil {
return nil, err
diff --git a/syncer/plugins/option.go b/syncer/plugins/option.go
new file mode 100644
index 0000000..0f0bdf1
--- /dev/null
+++ b/syncer/plugins/option.go
@@ -0,0 +1,78 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package plugins
+
+import (
+ "github.com/apache/servicecomb-service-center/pkg/client/sc"
+)
+
+type scOption struct {
+ endpoints []string
+ tlsEnabled bool
+ tlsVerifyPeer bool
+ tlsPassphrase string
+ tlsCAFile string
+ tlsCertFile string
+ tlsKeyFile string
+}
+
+type SCConfigOption func(*scOption)
+
+func WithEndpoints(endpoints []string) SCConfigOption {
+ return func(c *scOption) { c.endpoints = endpoints }
+}
+
+func WithTLSEnabled(tlsEnabled bool) SCConfigOption {
+ return func(c *scOption) { c.tlsEnabled = tlsEnabled }
+}
+
+func WithTLSVerifyPeer(tlsVerifyPeer bool) SCConfigOption {
+ return func(c *scOption) { c.tlsVerifyPeer = tlsVerifyPeer }
+}
+
+func WithTLSPassphrase(tlsPassphrase string) SCConfigOption {
+ return func(c *scOption) { c.tlsPassphrase = tlsPassphrase }
+}
+
+func WithTLSCAFile(tlsCAFile string) SCConfigOption {
+ return func(c *scOption) { c.tlsCAFile = tlsCAFile }
+}
+
+func WithTLSCertFile(tlsCertFile string) SCConfigOption {
+ return func(c *scOption) { c.tlsCertFile = tlsCertFile }
+}
+
+func WithTLSKeyFile(tlsKeyFile string) SCConfigOption {
+ return func(c *scOption) { c.tlsKeyFile = tlsKeyFile }
+}
+
+func ToSCConfig(opts ...SCConfigOption) sc.Config {
+ op := scOption{}
+ for _, opt := range opts {
+ opt(&op)
+ }
+ conf := sc.Config{Endpoints: op.endpoints}
+ if op.tlsEnabled {
+ conf.VerifyPeer = op.tlsVerifyPeer
+ conf.CAFile = op.tlsCAFile
+ conf.CertFile = op.tlsCertFile
+ conf.CertKeyFile = op.tlsKeyFile
+ conf.CertKeyPWD = op.tlsPassphrase
+ }
+ return conf
+}
diff --git a/syncer/plugins/plugin_test.go b/syncer/plugins/plugin_test.go
index f4bd53e..c39262b 100644
--- a/syncer/plugins/plugin_test.go
+++ b/syncer/plugins/plugin_test.go
@@ -30,7 +30,7 @@ func newAdaptor() PluginInstance { return &mockAdaptor{} }
type mockAdaptor struct{}
-func (*mockAdaptor) New(endpoints []string) (Servicecenter, error) {
+func (*mockAdaptor) New(opts ...SCConfigOption) (Servicecenter, error) {
return &mockRepository{}, nil
}
diff --git a/syncer/plugins/servicecenter.go b/syncer/plugins/servicecenter.go
index e528c52..fa22994 100644
--- a/syncer/plugins/servicecenter.go
+++ b/syncer/plugins/servicecenter.go
@@ -24,7 +24,7 @@ import (
// Adaptor the plugin adaptor of repository
type Adaptor interface {
- New(endpoints []string) (Servicecenter, error)
+ New(opts ...SCConfigOption) (Servicecenter, error)
}
// Servicecenter servicecenter interface
diff --git a/syncer/plugins/servicecenter/servicecenter.go b/syncer/plugins/servicecenter/servicecenter.go
index bfc9af2..2c799bc 100644
--- a/syncer/plugins/servicecenter/servicecenter.go
+++ b/syncer/plugins/servicecenter/servicecenter.go
@@ -42,8 +42,8 @@ func New() plugins.PluginInstance {
}
// New repository with endpoints
-func (*adaptor) New(endpoints []string) (plugins.Servicecenter, error) {
- cli, err := sc.NewSCClient(sc.Config{Endpoints: endpoints})
+func (*adaptor) New(opts ...plugins.SCConfigOption) (plugins.Servicecenter, error) {
+ cli, err := sc.NewSCClient(plugins.ToSCConfig(opts...))
if err != nil {
return nil, err
}
diff --git a/syncer/plugins/servicecenter/servicecenter_test.go b/syncer/plugins/servicecenter/servicecenter_test.go
index 7b82fca..73a6ca1 100644
--- a/syncer/plugins/servicecenter/servicecenter_test.go
+++ b/syncer/plugins/servicecenter/servicecenter_test.go
@@ -49,7 +49,8 @@ func newServiceCenter(t *testing.T) (*httptest.Server, plugins.Servicecenter) {
if svr == nil {
t.Error("new httptest server failed")
}
- repo, err := adaptor.New([]string{svr.URL})
+
+ repo, err := adaptor.New(plugins.WithEndpoints([]string{svr.URL}))
if err != nil {
t.Errorf("new repository %s failed, error: %s", PluginName, err)
}
diff --git a/syncer/server/server.go b/syncer/server/server.go
index 58e62c8..8df56f6 100644
--- a/syncer/server/server.go
+++ b/syncer/server/server.go
@@ -21,7 +21,6 @@ import (
"errors"
"net/url"
"strconv"
- "strings"
"syscall"
"github.com/apache/servicecomb-service-center/pkg/gopool"
@@ -184,7 +183,7 @@ func (s *Server) initialization() (err error) {
s.tick = ticker.NewTaskTicker(s.conf.TickerInterval, s.tickHandler)
- s.servicecenter, err = servicecenter.NewServicecenter(strings.Split(s.conf.SCAddr, ","))
+ s.servicecenter, err = servicecenter.NewServicecenter(s.conf.SC.SCConfigOps()...)
if err != nil {
log.Error("create servicecenter failed", err)
return
@@ -201,7 +200,7 @@ func (s *Server) initialization() (err error) {
// initPlugin Initialize the plugin and load the external plugin according to the configuration
func (s *Server) initPlugin() {
- plugins.SetPluginConfig(plugins.PluginServicecenter.String(), s.conf.ServicecenterPlugin)
+ plugins.SetPluginConfig(plugins.PluginServicecenter.String(), s.conf.SC.Plugin)
plugins.LoadPlugins()
}
diff --git a/syncer/servicecenter/servicecenter.go b/syncer/servicecenter/servicecenter.go
index c8a288a..84e3d8c 100644
--- a/syncer/servicecenter/servicecenter.go
+++ b/syncer/servicecenter/servicecenter.go
@@ -41,8 +41,8 @@ type servicecenter struct {
}
// NewServicecenter new store with endpoints
-func NewServicecenter(endpoints []string) (Servicecenter, error) {
- dc, err := plugins.Plugins().Servicecenter().New(endpoints)
+func NewServicecenter(opts ...plugins.SCConfigOption) (Servicecenter, error) {
+ dc, err := plugins.Plugins().Servicecenter().New(opts...)
if err != nil {
return nil, err
}
diff --git a/syncer/servicecenter/servicecenter_test.go b/syncer/servicecenter/servicecenter_test.go
index cef2040..5b8c4a5 100644
--- a/syncer/servicecenter/servicecenter_test.go
+++ b/syncer/servicecenter/servicecenter_test.go
@@ -36,12 +36,14 @@ func TestNewServicecenter(t *testing.T) {
t.Log(err)
}
}()
- _, err := servicecenter.NewServicecenter([]string{"127.0.0.1:30100"})
+ _, err := servicecenter.NewServicecenter(
+ plugins.WithEndpoints([]string{"127.0.0.1:30100"}))
if err != nil {
t.Log(err)
}
- _, err = servicecenter.NewServicecenter([]string{"127.0.0.1:30100"})
+ _, err = servicecenter.NewServicecenter(
+ plugins.WithEndpoints([]string{"127.0.0.1:30100"}))
if err != nil {
t.Fatal(err)
return
@@ -50,9 +52,10 @@ func TestNewServicecenter(t *testing.T) {
func TestOnEvent(t *testing.T) {
conf := config.DefaultConfig()
- conf.ServicecenterPlugin = mockplugin.PluginName
+ conf.SC.Plugin = mockplugin.PluginName
initPlugin(conf)
- dc, err := servicecenter.NewServicecenter([]string{"http://127.0.0.1:30100"})
+ dc, err := servicecenter.NewServicecenter(
+ plugins.WithEndpoints([]string{"127.0.0.1:30100"}))
if err != nil {
t.Fatal(err)
return
@@ -117,5 +120,5 @@ func TestOnEvent(t *testing.T) {
}
func initPlugin(conf *config.Config) {
- plugins.SetPluginConfig(plugins.PluginServicecenter.String(), conf.ServicecenterPlugin)
+ plugins.SetPluginConfig(plugins.PluginServicecenter.String(), conf.SC.Plugin)
}