M apisix/cli/snippet.lua

M apisix/core/etcd.lua M t/bin/gen_snippet.lua M t/deployment/grpc/mtls.t A t/lib/etcd.proto Signed-off-by: spacewander <spacewanderlzx@gmail.com>
apache · Dec 9, 2022 · e3e2f5d · e3e2f5d
1 parent 7ad7b44
commit e3e2f5d
Show file tree

Hide file tree

Showing 6 changed files with 61 additions and 7 deletions.
diff --git a/apisix/cli/snippet.lua b/apisix/cli/snippet.lua
@@ -36,7 +36,11 @@ lua_ssl_trusted_certificate {* trusted_ca_cert *};
 
 server {
     {% if control_plane then %}
+    {% if directive_prefix == "grpc" then %}
+    listen {* control_plane.listen *} ssl http2;
+    {% else %}
     listen {* control_plane.listen *} ssl;
+    {% end %}
     ssl_certificate {* control_plane.cert *};
     ssl_certificate_key {* control_plane.cert_key *};
 
@@ -45,9 +49,13 @@ server {
     ssl_client_certificate {* control_plane.client_ca_cert *};
     {% end %}
 
+    {% else %}
+    {% if directive_prefix == "grpc" then %}
+    listen unix:{* home *}/conf/config_listen.sock http2;
     {% else %}
     listen unix:{* home *}/conf/config_listen.sock;
     {% end %}
+    {% end %}
 
     access_log off;
 

diff --git a/apisix/core/etcd.lua b/apisix/core/etcd.lua
@@ -124,9 +124,6 @@ local function new()
     end
 
     local etcd_conf = clone_tab(local_conf.etcd)
-    if etcd_conf.use_grpc then
-        return new_without_proxy()
-    end
 
     if local_conf.apisix.ssl and local_conf.apisix.ssl.ssl_trusted_certificate then
         etcd_conf.trusted_ca = local_conf.apisix.ssl.ssl_trusted_certificate
@@ -202,6 +199,10 @@ _M.new = new
 
 
 local function switch_proxy()
+    if ngx_get_phase() == "init" or ngx_get_phase() == "init_worker" then
+        return new_without_proxy()
+    end
+
     local etcd_cli, prefix, err = new()
     if not etcd_cli or err then
         return etcd_cli, prefix, err

diff --git a/t/bin/gen_snippet.lua b/t/bin/gen_snippet.lua
@@ -29,6 +29,7 @@ package.path  = pkg_path .. pkg_path_org
 local file = require("apisix.cli.file")
 local schema = require("apisix.cli.schema")
 local snippet = require("apisix.cli.snippet")
+local util = require("apisix.cli.util")
 local yaml_conf, err = file.read_yaml_conf("t/servroot")
 if not yaml_conf then
     error(err)
@@ -45,10 +46,23 @@ if not ok then
     error(err)
 end
 
+local or_info, err = util.execute_cmd("openresty -V 2>&1")
+if not or_info then
+    error("failed to exec cmd \'openresty -V 2>&1\', err: " .. err)
+end
+
+local use_apisix_base = true
+if not or_info:find("apisix-nginx-module", 1, true) then
+    use_apisix_base = false
+end
+
 local res, err
 if arg[1] == "conf_server" then
     res, err = snippet.generate_conf_server(
-        {apisix_home = "t/servroot/"},
+        {
+            apisix_home = "t/servroot/",
+            use_apisix_base = use_apisix_base,
+        },
         yaml_conf)
 end
 

diff --git a/t/deployment/grpc/conf_server.t b/t/deployment/grpc/conf_server.t
@@ -214,7 +214,6 @@ Receive SNI: x.com
 
 
 === TEST 5: ipv6
---- ONLY
 --- config
     location /t {
         content_by_lua_block {

diff --git a/t/deployment/grpc/mtls.t b/t/deployment/grpc/mtls.t
@@ -40,9 +40,9 @@ __DATA__
 
 === TEST 1: mTLS for control plane
 --- exec
-curl --cert t/certs/mtls_client.crt --key t/certs/mtls_client.key -k https://localhost:12345/version
+grpcurl -import-path ./t/lib -proto etcd.proto -d '{}' -cert t/certs/mtls_client.crt -key t/certs/mtls_client.key -insecure localhost:12345 etcdserverpb.Maintenance.Status
 --- response_body eval
-qr/"etcdserver":/
+qr/"version":/
 --- yaml_config
 deployment:
     role: control_plane

diff --git a/t/lib/etcd.proto b/t/lib/etcd.proto
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+syntax = "proto3";
+package etcdserverpb;
+
+message StatusRequest {
+}
+
+message StatusResponse {
+  // version is the cluster protocol version used by the responding member.
+  string version = 2;
+}
+
+service Maintenance {
+  // Status gets the status of the member.
+  rpc Status(StatusRequest) returns (StatusResponse) {}
+}