Merge pull request apache#213 from zhaoyadong00/ver_https

Add gateway support for HTTPS Former-commit-id: 21d1957
tydhot · Aug 8, 2021 · a5dd44b · a5dd44b
2 parents c407377 + b83ff71
commit a5dd44b
Show file tree

Hide file tree

Showing 11 changed files with 122 additions and 62 deletions.
diff --git a/.gitignore b/.gitignore
@@ -13,3 +13,6 @@ pkg/registry/zookeeper-4unittest/contrib/fatjar
 coverage.txt
 
 /vendor/
+
+/*.exe
+test
diff --git a/configs/conf.yaml b/configs/conf.yaml
@@ -24,54 +24,66 @@ static_resources:
         socket_address:
           protocol_type: "HTTP"
           address: "0.0.0.0"
-          port: 8888
-      filter_chains:
-        - filter_chain_match:
-            domains:
-              - api.dubbo.com
-              - api.pixiu.com
-          filters:
-            - name: dgp.filters.http_connect_manager
-              config:
-                route_config:
-                  routes:
-                    - match:
-                        prefix: "/api/v1"
-                        headers:
-                          - name: "X-DGP-WAY"
-                            value: "dubbo"
-                      route:
-                        cluster: "test-dubbo"
-                        cluster_not_found_response_code: 505
-                        cors:
-                          allow_origin:
-                            - "*"
-                          enabled: true
-                  authority_config:
-                    authority_rules:
-                      - strategy: "Blacklist"
-                        limit: "IP"
-                        items:
-                          - "127.0.0.1"
-                      - strategy: "Whitelist"
-                        limit: "App"
-                        items:
-                          - "test_dubbo"
-                http_filters:
-                  - name: dgp.filters.http.authority_filter
-                    config:
-                  - name: dgp.filters.http.api
-                    config:
-                  - name: dgp.filters.http.router
-                    config:
-                  - name: dgp.filters.remote_call
-                    config:
-                server_name: "test_http_dubbo"
-                generate_request_id: false
+          port: 80
+        filter_chains:
+            - filter_chain_match:
+              domains:
+                - api.dubbo.com
+                - api.pixiu.com
+              filters:
+                - name: dgp.filters.http_connect_manager
+                  config:
+                    route_config:
+                      routes:
+                        - match:
+                            prefix: "/api/v1"
+                            headers:
+                              - name: "X-DGP-WAY"
+                                value: "dubbo"
+                          route:
+                            cluster: "test-dubbo"
+                            cluster_not_found_response_code: 505
+                            cors:
+                              allow_origin:
+                                - "*"
+                              enabled: true
+                      authority_config:
+                        authority_rules:
+                          - strategy: "Blacklist"
+                            limit: "IP"
+                            items:
+                              - "127.0.0.1"
+                          - strategy: "Whitelist"
+                            limit: "App"
+                            items:
+                              - "test_dubbo"
+                    http_filters:
+                      - name: dgp.filters.http.authority_filter
+                        config:
+                      - name: dgp.filters.http.api
+                        config:
+                      - name: dgp.filters.http.router
+                        config:
+                      - name: dgp.filters.remote_call
+                        config:
+                    server_name: "test_http_dubbo"
+                    generate_request_id: false
       config:
         idle_timeout: 5s
         read_timeout: 5s
         write_timeout: 5s
+    - name: "net/http"
+      address:
+        socket_address:
+          protocol_type: "HTTPS"
+          address: "0.0.0.0"
+          port: 4430
+      config:
+        idle_timeout: 5s
+        read_timeout: 5s
+        write_timeout: 5s
+        cert_file: configs/ca/server.crt
+        key_file: configs/ca/server.key
   clusters:
     - name: "test_dubbo"
       lb_policy: "RoundRobin"
@@ -97,7 +109,7 @@ static_resources:
         port: 6060
   accessLog:
     enable: true
-    outputpath: C:\Users\60125\Desktop\dubbo-go\logs\dubbo-go-pixiu-access
+    outputpath: logs/dubbo-go-pixiu-access
 metric:
   enable: true
   prometheus_port: 2222
diff --git a/go.mod b/go.mod
@@ -15,6 +15,7 @@ require (
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/google/uuid v1.2.0 // indirect
 	github.com/hashicorp/consul/api v1.5.0
+	github.com/mitchellh/mapstructure v1.4.1
 	github.com/pkg/errors v0.9.1
 	github.com/prometheus/common v0.29.0 // indirect
 	github.com/shirou/gopsutil v3.21.3+incompatible // indirect

diff --git a/pkg/config/conf_test.yaml b/pkg/config/conf_test.yaml
@@ -22,9 +22,9 @@ static_resources:
     - name: "net/http"
       address:
         socket_address:
-          protocol_type: "HTTP"
+          protocol_type: "HTTPS"
           address: "0.0.0.0"
-          port: 8888
+          port: 443
       filter_chains:
         - filter_chain_match:
             domains:

diff --git a/pkg/config/config_load.go b/pkg/config/config_load.go
@@ -125,6 +125,7 @@ func GetHttpConfig(cfg *model.Bootstrap) (err error) {
 		hc := &model.HttpConfig{}
 		if l.Config != nil {
 			if v, ok := l.Config.(map[string]interface{}); ok {
+				logger.Info("http config:", v, ok)
 				switch l.Name {
 				case constant.DefaultHTTPType:
 					if err := mapstructure.Decode(v, hc); err != nil {

diff --git a/pkg/config/config_load_test.go b/pkg/config/config_load_test.go
@@ -38,14 +38,14 @@ func TestMain(m *testing.M) {
 	log.Println("Prepare Bootstrap")
 	b = model.Bootstrap{
 		StaticResources: model.StaticResources{
-			Listeners: []model.Listener{
+			Listeners: []*model.Listener{
 				{
 					Name: "net/http",
 					Address: model.Address{
 						SocketAddress: model.SocketAddress{
-							ProtocolStr: "HTTP",
+							ProtocolStr: "HTTPS",
 							Address:     "0.0.0.0",
-							Port:        8888,
+							Port:        443,
 						},
 					},
 					Config: model.HttpConfig{
@@ -160,6 +160,7 @@ func TestLoad(t *testing.T) {
 	conf := Load("conf_test.yaml")
 	assert.Equal(t, 1, len(conf.StaticResources.Listeners))
 	assert.Equal(t, 1, len(conf.StaticResources.Clusters))
+	Adapter(&b)
 	assert.Equal(t, *conf, b)
 }
 

diff --git a/pkg/model/base.go b/pkg/model/base.go
@@ -56,20 +56,23 @@ const (
 	HTTP ProtocolType = 0 + iota // support for 1.0
 	TCP
 	UDP
+	HTTPS
 )
 
 // ProtocolTypeName
 var ProtocolTypeName = map[int32]string{
 	0: "HTTP",
 	1: "TCP",
 	2: "UDP",
+	3: "HTTPS",
 }
 
 // ProtocolTypeValue
 var ProtocolTypeValue = map[string]int32{
-	"HTTP": 0,
-	"TCP":  1,
-	"UDP":  2,
+	"HTTP":  0,
+	"TCP":   1,
+	"UDP":   2,
+	"HTTPS": 3,
 }
 
 // Address the address

diff --git a/pkg/model/bootstrap.go b/pkg/model/bootstrap.go
@@ -26,7 +26,7 @@ type Bootstrap struct {
 }
 
 // GetListeners
-func (bs *Bootstrap) GetListeners() []Listener {
+func (bs *Bootstrap) GetListeners() []*Listener {
 	return bs.StaticResources.Listeners
 }
 
@@ -55,7 +55,7 @@ func (bs *Bootstrap) ExistCluster(name string) bool {
 
 // StaticResources
 type StaticResources struct {
-	Listeners       []Listener      `yaml:"listeners" json:"listeners" mapstructure:"listeners"`
+	Listeners       []*Listener     `yaml:"listeners" json:"listeners" mapstructure:"listeners"`
 	Clusters        []*Cluster      `yaml:"clusters" json:"clusters" mapstructure:"clusters"`
 	TimeoutConfig   TimeoutConfig   `yaml:"timeout_config" json:"timeout_config" mapstructure:"timeout_config"`
 	ShutdownConfig  *ShutdownConfig `yaml:"shutdown_config" json:"shutdown_config" mapstructure:"shutdown_config"`

diff --git a/pkg/model/http.go b/pkg/model/http.go
@@ -17,6 +17,11 @@
 
 package model
 
+import (
+	"github.com/apache/dubbo-go-pixiu/pkg/logger"
+	"github.com/mitchellh/mapstructure"
+)
+
 // HttpConnectionManager
 type HttpConnectionManager struct {
 	RouteConfig       RouteConfiguration     `yaml:"route_config" json:"route_config" mapstructure:"route_config"`
@@ -88,4 +93,16 @@ type HttpConfig struct {
 	ReadTimeoutStr  string `json:"read_timeout,omitempty" yaml:"read_timeout,omitempty" mapstructure:"read_timeout"`
 	WriteTimeoutStr string `json:"write_timeout,omitempty" yaml:"write_timeout,omitempty" mapstructure:"write_timeout"`
 	MaxHeaderBytes  int    `json:"max_header_bytes,omitempty" yaml:"max_header_bytes,omitempty" mapstructure:"max_header_bytes"`
+	CertFile        string `yaml:"cert_file" json:"cert_file" mapstructure:"cert_file"`
+	KeyFile         string `yaml:"key_file" json:"key_file" mapstructure:"key_file"`
+}
+
+func MapInStruct(cfg interface{}) *HttpConfig {
+	var hc *HttpConfig
+	if cfg != nil {
+		if ok := mapstructure.Decode(cfg, &hc); ok != nil {
+			logger.Error("Config error", ok)
+		}
+	}
+	return hc
 }
diff --git a/pkg/pixiu/listener.go b/pkg/pixiu/listener.go
@@ -55,24 +55,46 @@ func (l *ListenerService) Start() {
 	switch l.Address.SocketAddress.Protocol {
 	case model.HTTP:
 		l.httpListener()
+	case model.HTTPS:
+		l.httpsListener()
 	default:
 		panic("unsupported protocol start: " + l.Address.SocketAddress.ProtocolStr)
 	}
 }
+func (l *ListenerService) httpsListener() {
+	hl := NewDefaultHttpListener()
+	hl.pool.New = func() interface{} {
+		return l.allocateContext()
+	}
+	// user customize http config
+	var hc *model.HttpConfig
+	hc = model.MapInStruct(l.Config)
+
+	mux := http.NewServeMux()
+	mux.HandleFunc("/", hl.ServeHTTP)
+
+	srv := http.Server{
+		Addr:           resolveAddress(l.Address.SocketAddress.Address + ":" + strconv.Itoa(l.Address.SocketAddress.Port)),
+		Handler:        mux,
+		ReadTimeout:    resolveStr2Time(hc.ReadTimeoutStr, 20*time.Second),
+		WriteTimeout:   resolveStr2Time(hc.WriteTimeoutStr, 20*time.Second),
+		IdleTimeout:    resolveStr2Time(hc.IdleTimeoutStr, 20*time.Second),
+		MaxHeaderBytes: resolveInt2IntProp(hc.MaxHeaderBytes, 1<<20),
+	}
 
+	logger.Infof("[dubbo-go-pixiu] httpsListener start at : %s", srv.Addr)
+	err := srv.ListenAndServeTLS(hc.CertFile, hc.KeyFile)
+	logger.Info("[dubbo-go-pixiu] httpsListener result:", err)
+}
 func (l *ListenerService) httpListener() {
 	hl := NewDefaultHttpListener()
 	hl.pool.New = func() interface{} {
 		return l.allocateContext()
 	}
 
 	// user customize http config
-	var hc model.HttpConfig
-	if l.Config != nil {
-		if c, ok := l.Config.(*model.HttpConfig); ok {
-			hc = *c
-		}
-	}
+	var hc *model.HttpConfig
+	hc = model.MapInStruct(l.Config)
 
 	mux := http.NewServeMux()
 	mux.HandleFunc("/", hl.ServeHTTP)

diff --git a/pkg/pixiu/pixiu_start.go b/pkg/pixiu/pixiu_start.go
@@ -59,7 +59,7 @@ func (p *PX) Start() {
 	listeners := conf.GetListeners()
 
 	for _, s := range listeners {
-		ls := ListenerService{Listener: &s}
+		ls := ListenerService{Listener: s}
 		go ls.Start()
 	}
-Original file line number
+Diff line change
@@ Expand Up / @@ -13,3 +13,6 @@ pkg/registry/zookeeper-4unittest/contrib/fatjar @@
     coverage.txt
     /vendor/
+    /*.exe
+    test