mirror of
https://github.com/linka-cloud/grpc.git
synced 2025-06-22 09:12:28 +00:00
add proxy protocol support
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
This commit is contained in:
@ -67,6 +67,9 @@ type Options interface {
|
||||
|
||||
// TODO(adphi): metrics + tracing
|
||||
|
||||
WithoutCmux() bool
|
||||
ProxyProtocol() bool
|
||||
|
||||
Default()
|
||||
}
|
||||
|
||||
@ -341,6 +344,13 @@ func WithoutCmux() Option {
|
||||
}
|
||||
}
|
||||
|
||||
func WithProxyProtocol(addrs ...string) Option {
|
||||
return func(o *options) {
|
||||
o.proxyProtocol = true
|
||||
o.proxyProtocolAddrs = addrs
|
||||
}
|
||||
}
|
||||
|
||||
type options struct {
|
||||
ctx context.Context
|
||||
name string
|
||||
@ -386,9 +396,11 @@ type options struct {
|
||||
reactUISubPath string
|
||||
hasReactUI bool
|
||||
|
||||
error error
|
||||
gatewayPrefix string
|
||||
withoutCmux bool
|
||||
error error
|
||||
gatewayPrefix string
|
||||
withoutCmux bool
|
||||
proxyProtocol bool
|
||||
proxyProtocolAddrs []string
|
||||
}
|
||||
|
||||
func (o *options) Name() string {
|
||||
@ -511,6 +523,10 @@ func (o *options) WithoutCmux() bool {
|
||||
return o.withoutCmux
|
||||
}
|
||||
|
||||
func (o *options) ProxyProtocol() bool {
|
||||
return o.proxyProtocol
|
||||
}
|
||||
|
||||
func (o *options) parseTLSConfig() error {
|
||||
if o.tlsConfig != nil {
|
||||
return nil
|
||||
|
||||
@ -18,6 +18,7 @@ import (
|
||||
"github.com/google/uuid"
|
||||
grpcmiddleware "github.com/grpc-ecosystem/go-grpc-middleware"
|
||||
"github.com/justinas/alice"
|
||||
"github.com/pires/go-proxyproto"
|
||||
"github.com/rs/cors"
|
||||
"github.com/soheilhy/cmux"
|
||||
"go.uber.org/multierr"
|
||||
@ -172,6 +173,34 @@ func (s *service) start() (*errgroup.Group, error) {
|
||||
s.opts.address = s.opts.lis.Addr().String()
|
||||
}
|
||||
|
||||
if s.opts.proxyProtocol {
|
||||
p := func(upstream net.Addr) (proxyproto.Policy, error) {
|
||||
u, _, err := net.SplitHostPort(upstream.String())
|
||||
if err != nil {
|
||||
return proxyproto.REJECT, err
|
||||
}
|
||||
ip := net.ParseIP(u)
|
||||
if ip == nil {
|
||||
return proxyproto.REJECT, fmt.Errorf("proxyproto: invalid IP address")
|
||||
}
|
||||
if ip.IsPrivate() || ip.IsLoopback() {
|
||||
return proxyproto.USE, nil
|
||||
}
|
||||
return proxyproto.REJECT, nil
|
||||
}
|
||||
if len(s.opts.proxyProtocolAddrs) > 0 {
|
||||
var err error
|
||||
p, err = proxyproto.StrictWhiteListPolicy(s.opts.proxyProtocolAddrs)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
s.opts.lis = &proxyproto.Listener{
|
||||
Listener: s.opts.lis,
|
||||
Policy: p,
|
||||
}
|
||||
}
|
||||
|
||||
for i := range s.opts.beforeStart {
|
||||
if err := s.opts.beforeStart[i](); err != nil {
|
||||
return nil, err
|
||||
|
||||
Reference in New Issue
Block a user