pilot/pkg/networking/grpcgen/grpcgen.go - dubbo-go-pixiu - Git at Google

 // Copyright Istio Authors
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package grpcgen

 import (
 	tls "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3"
 	matcher "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
 	istiolog "istio.io/pkg/log"
 )

 import (
 	"github.com/apache/dubbo-go-pixiu/pilot/pkg/model"
 	"github.com/apache/dubbo-go-pixiu/pilot/pkg/networking/util"
 	v3 "github.com/apache/dubbo-go-pixiu/pilot/pkg/xds/v3"
 	"github.com/apache/dubbo-go-pixiu/pkg/config/host"
 )

 // Support generation of 'ApiListener' LDS responses, used for native support of gRPC.
 // The same response can also be used by other apps using XDS directly.
 // GRPC proposal:
 // https://github.com/grpc/proposal/blob/master/A27-xds-global-load-balancing.md
 //
 // Note that this implementation is tested against gRPC, but it is generic - any other framework can
 // use this XDS mode to get load balancing info from Istio, including MC/VM/etc.
 // The corresponding RDS response is also generated - currently gRPC has special differences
 // and can't understand normal Istio RDS - in particular expects "" instead of "/" as
 // default prefix, and is expects just the route for one host.
 // handleAck will detect if the message is an ACK or NACK, and update/log/count
 // using the generic structures. "Classical" CDS/LDS/RDS/EDS use separate logic -
 // this is used for the API-based LDS and generic messages.
 var log = istiolog.RegisterScope("grpcgen", "xDS Generator for Proxyless gRPC", 0)

 type GrpcConfigGenerator struct{}

 func clusterKey(hostname string, port int) string {
 	return subsetClusterKey("", hostname, port)
 }

 func subsetClusterKey(subset, hostname string, port int) string {
 	return model.BuildSubsetKey(model.TrafficDirectionOutbound, subset, host.Name(hostname), port)
 }

 func (g *GrpcConfigGenerator) Generate(proxy *model.Proxy, w *model.WatchedResource, req *model.PushRequest) (model.Resources, model.XdsLogDetails, error) {
 	switch w.TypeUrl {
 	case v3.ListenerType:
 		return g.BuildListeners(proxy, req.Push, w.ResourceNames), model.DefaultXdsLogDetails, nil
 	case v3.ClusterType:
 		return g.BuildClusters(proxy, req.Push, w.ResourceNames), model.DefaultXdsLogDetails, nil
 	case v3.RouteType:
 		return g.BuildHTTPRoutes(proxy, req.Push, w.ResourceNames), model.DefaultXdsLogDetails, nil
 	}

 	return nil, model.DefaultXdsLogDetails, nil
 }

 // buildCommonTLSContext creates a TLS context that assumes 'default' name, and credentials/tls/certprovider/pemfile
 // (see grpc/xds/internal/client/xds.go securityConfigFromCluster).
 func buildCommonTLSContext(sans []string) *tls.CommonTlsContext {
 	var sanMatch []*matcher.StringMatcher
 	if len(sans) > 0 {
 		sanMatch = util.StringToExactMatch(sans)
 	}
 	return &tls.CommonTlsContext{
 		TlsCertificateCertificateProviderInstance: &tls.CommonTlsContext_CertificateProviderInstance{
 			InstanceName:    "default",
 			CertificateName: "default",
 		},
 		ValidationContextType: &tls.CommonTlsContext_CombinedValidationContext{
 			CombinedValidationContext: &tls.CommonTlsContext_CombinedCertificateValidationContext{
 				ValidationContextCertificateProviderInstance: &tls.CommonTlsContext_CertificateProviderInstance{
 					InstanceName:    "default",
 					CertificateName: "ROOTCA",
 				},
 				DefaultValidationContext: &tls.CertificateValidationContext{
 					MatchSubjectAltNames: sanMatch,
 				},
 			},
 		},
 	}
 }
	// Copyright Istio Authors
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package grpcgen

	import (
	tls "github.com/envoyproxy/go-control-plane/envoy/extensions/transport_sockets/tls/v3"
	matcher "github.com/envoyproxy/go-control-plane/envoy/type/matcher/v3"
	istiolog "istio.io/pkg/log"
	)

	import (
	"github.com/apache/dubbo-go-pixiu/pilot/pkg/model"
	"github.com/apache/dubbo-go-pixiu/pilot/pkg/networking/util"
	v3 "github.com/apache/dubbo-go-pixiu/pilot/pkg/xds/v3"
	"github.com/apache/dubbo-go-pixiu/pkg/config/host"
	)

	// Support generation of 'ApiListener' LDS responses, used for native support of gRPC.
	// The same response can also be used by other apps using XDS directly.
	// GRPC proposal:
	// https://github.com/grpc/proposal/blob/master/A27-xds-global-load-balancing.md
	//
	// Note that this implementation is tested against gRPC, but it is generic - any other framework can
	// use this XDS mode to get load balancing info from Istio, including MC/VM/etc.
	// The corresponding RDS response is also generated - currently gRPC has special differences
	// and can't understand normal Istio RDS - in particular expects "" instead of "/" as
	// default prefix, and is expects just the route for one host.
	// handleAck will detect if the message is an ACK or NACK, and update/log/count
	// using the generic structures. "Classical" CDS/LDS/RDS/EDS use separate logic -
	// this is used for the API-based LDS and generic messages.
	var log = istiolog.RegisterScope("grpcgen", "xDS Generator for Proxyless gRPC", 0)

	type GrpcConfigGenerator struct{}

	func clusterKey(hostname string, port int) string {
	return subsetClusterKey("", hostname, port)
	}

	func subsetClusterKey(subset, hostname string, port int) string {
	return model.BuildSubsetKey(model.TrafficDirectionOutbound, subset, host.Name(hostname), port)
	}

	func (g GrpcConfigGenerator) Generate(proxy model.Proxy, w model.WatchedResource, req model.PushRequest) (model.Resources, model.XdsLogDetails, error) {
	switch w.TypeUrl {
	case v3.ListenerType:
	return g.BuildListeners(proxy, req.Push, w.ResourceNames), model.DefaultXdsLogDetails, nil
	case v3.ClusterType:
	return g.BuildClusters(proxy, req.Push, w.ResourceNames), model.DefaultXdsLogDetails, nil
	case v3.RouteType:
	return g.BuildHTTPRoutes(proxy, req.Push, w.ResourceNames), model.DefaultXdsLogDetails, nil
	}

	return nil, model.DefaultXdsLogDetails, nil
	}

	// buildCommonTLSContext creates a TLS context that assumes 'default' name, and credentials/tls/certprovider/pemfile
	// (see grpc/xds/internal/client/xds.go securityConfigFromCluster).
	func buildCommonTLSContext(sans []string) *tls.CommonTlsContext {
	var sanMatch []*matcher.StringMatcher
	if len(sans) > 0 {
	sanMatch = util.StringToExactMatch(sans)
	}
	return &tls.CommonTlsContext{
	TlsCertificateCertificateProviderInstance: &tls.CommonTlsContext_CertificateProviderInstance{
	InstanceName: "default",
	CertificateName: "default",
	},
	ValidationContextType: &tls.CommonTlsContext_CombinedValidationContext{
	CombinedValidationContext: &tls.CommonTlsContext_CombinedCertificateValidationContext{
	ValidationContextCertificateProviderInstance: &tls.CommonTlsContext_CertificateProviderInstance{
	InstanceName: "default",
	CertificateName: "ROOTCA",
	},
	DefaultValidationContext: &tls.CertificateValidationContext{
	MatchSubjectAltNames: sanMatch,
	},
	},
	},
	}
	}