lgy1027 opened a new issue #648: URL: https://github.com/apache/apisix-ingress-controller/issues/648
目前使用helm安装apisix和controller,controller自己打的1.2.0镜像,现在想调试grpc问题 以下是响应信息  apisix日志信息  这边创建router全部使用编码形式创建,下面就是全部过程 ```` func Test_Client(t *testing.T) { //BuildCons() BuildApiSixUpStream() BuildApisixTls() BuildRoute() //DeleteRouter() } func BuildRoute() { w := int(100) v2b := &v2beta1.ApisixRoute{ TypeMeta: metav1.TypeMeta{ Kind:"ApisixRoute", APIVersion:"apisix.apache.org/v2beta1", }, ObjectMeta:metav1.ObjectMeta{ Name: "grpc-test", Namespace: "lgy", }, Spec: v2beta1.ApisixRouteSpec{ HTTP:[]v2beta1.ApisixRouteHTTP{ v2beta1.ApisixRouteHTTP{ Name: "grpc", Match: v2beta1.ApisixRouteHTTPMatch{ Hosts: []string{"test.grpc.com"}, Paths: []string{"/helloworld.Greeter/SayHello"}, }, Backend:v2alpha1.ApisixRouteHTTPBackend{ ServiceName: "grpc", ServicePort: intstr.IntOrString{ Type: intstr.Int, IntVal: 50051, }, Weight:&w, }, Authentication:v2beta1.ApisixRouteAuthentication{ Enable: false, Type: "keyAuth", }, }, }, }, } _, err := client.ApisixV2beta1().ApisixRoutes("lgy").Create(context.Background(),v2b,v1.CreateOptions{}) fmt.Println(err) } func BuildApisixTls() { crt := `-----BEGIN CERTIFICATE----- MIIC7DCCAdSgAwIBAgIRAJ7uP9Z8WqLYKSVypp5KGTUwDQYJKoZIhvcNAQELBQAw GDEWMBQGA1UEAxMNdGVzdC5ncnBjLmNvbTAeFw0yMTA4MjQwNzEzMzVaFw0yMjA4 MjQwNzEzMzVaMBgxFjAUBgNVBAMTDXRlc3QuZ3JwYy5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDIOsafOWgcI8h9KUFo9b1hHb+bZiy7QLZMs4yi GVc7RTvT+o7ZDnsQnpm2WrH+cz+DvihoYF+/gw1rnb12gEltMNjLa+r4XdCdljA9 +t8Wx8BSUXQ4AYHHlKvE5PMz6CZh3a+FokS4gIXbIFkAivpfE16rHXcxj/ETzPi9 245iSZ44uXj0sGz8A0WsvwhY+RSuZ3sBFE2kUGYMTFAW/4BY7erJs7v6wLuw2jVO CtvoMlZDAIzOj6peH/AfvkSAZwSyi7AfqbYXHruUshB5Pf8LFmTplFfaDSez9Bnh WbWXMhVS/pzTXGSRvmLOWs+237MyU0ooO2JctqvW4mYpL38tAgMBAAGjMTAvMA4G A1UdDwEB/wQEAwICpDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwEwDQYJ KoZIhvcNAQELBQADggEBAIZ2h0HHPgXAa4+OBCu+COXYeUUfD0cuOC2Te0qg8jBp p9sFebNtdBVTUVGAhje0gIXDa1GwPo3NXywrNyeJrFpQKKKYJ76otarSqp8sIA2W QsAMyxhy7hUfPXmfZgtMnemaoCvAwgHr/eXe7pZ8xtfw/T0EoFfywIfcA3pRniUN +IN1FvcpXhzjTZSP5+yEALcFXZMy55WaTUKy+psR3p1dEBkLuHBkVcqc6U06tkE+ JfK1WwE00v0s9SKvyFpTk2iGG5Gh2YFtJCutB8TCwozyabVV0iHyDnJUfscPv2Wz vr6B1T+fQT8Abn9ua/US0mujm8qWKwZIOtyE8GjEemg= -----END CERTIFICATE-----` key := `-----BEGIN RSA PRIVATE KEY----- MIIEpQIBAAKCAQEAyDrGnzloHCPIfSlBaPW9YR2/m2Ysu0C2TLOMohlXO0U70/qO 2Q57EJ6Ztlqx/nM/g74oaGBfv4MNa529doBJbTDYy2vq+F3QnZYwPfrfFsfAUlF0 OAGBx5SrxOTzM+gmYd2vhaJEuICF2yBZAIr6XxNeqx13MY/xE8z4vduOYkmeOLl4 9LBs/ANFrL8IWPkUrmd7ARRNpFBmDExQFv+AWO3qybO7+sC7sNo1Tgrb6DJWQwCM zo+qXh/wH75EgGcEsouwH6m2Fx67lLIQeT3/CxZk6ZRX2g0ns/QZ4Vm1lzIVUv6c 01xkkb5izlrPtt+zMlNKKDtiXLar1uJmKS9/LQIDAQABAoIBAQC+DXwGGjlFrHla w9QASnCNQ+1hFWSUAGKI/0wXeLIh4h9dn9ADGwmYxtHkEsYsXTwGUnKMUB3R7BTK 9xik6DPJ3rmIrFCFmpavXaVAz2T9fHCCMip8FoIW7Hj2FNL7i/kSn5dA4rsT3Xow ec3BBCmOIRaUmQ1QD+6l+sKHg2TsyIH61KReiHZ32FOudXGILnM7xluwRpMBfC6j bkm9xgLXD8l8zFYYA4/4kf4RmBbrHptsKtAF2zFqN3K2vazrzxJWLidFqEMYn82r FTi1FeoPYDeKHZ6Ge/g+t02zhBBmZMGBojh+1XyN1+SZ3TshaBE/D7Zpt1mNb7fi eRD/c1kJAoGBAOXWNCWJKGfKDyFXE6MWONh51vro09UB4XZKgB8fOf1UjEG4JN6b xzxNgRh1pbowjcBZXGUddX0CLD+EcCHgBofnEN35MBFhJdAefAwwUCtiosb7q31f XLZYCdIhRSEHrSH5PRh0hMZezU2geNYhnioVuUX15HsZQHo6kVZCUxbnAoGBAN8F xkcaIEjRQ6C/NzG/COoxi6NirEN/KwY+tANJgOoaOSWF2cCaaxLGZY4NYj2ZGcW2 pqXuiiBMqfaoUxmKuM+KlBugbn7z8A3Yls+S+FD1B3HvTdVeF/tzgZms7bDGDSLu R8SMnQSM++NJHmzq3fMPpHzvdSd+KG7J60y5hDrLAoGBAN7+n4Wzt/JLh7aPZ8wa KXlPbZfwAmdu9bPxwLFxeLAkMhkpcwxRFFOb1x9GNk+aAE6Z5R1uIanyS8As3Sbg 1zVQqXrU5SBXo3pzuWOSFJajks+BKvfvaGK6tHyeLxZG/mIyEmcB1jkpjgQ9KECK SY0HmsUYOGB/NaHh5VVN8JQNAoGAMZsGNDByd9/b6/g8HZuBLx4gEhJTgJvbhQMT ZRvHScrVZSw1d+qg4EcytXrynALewaRTwtqg7HhA4bUk7qx1WOxY7yArE5/MiDfh q3/kLZWit0vkAw5vxSU28WiOYeBbcaaQXf5sumNlb3OHCfDftz2Gd6eHZmZgNexB owosiCsCgYEAkkU/zEEpoxs5nrx3vmhwm2J22W9RC8ZQPQckiyxO+sSpo3xhuHT2 jOZlqvSrRw7UxQFsZsv8YJxFiOZUvEjbW9NaegCrF2bkuOaOw4YZMQLnS3JtV92T 30N5sLp4QYjHKP7/D4FozPiBiGFL0i3/wNjVRvtM5GEarajr3yJHe0E= -----END RSA PRIVATE KEY-----` certSecretData := make(map[string][]byte) certSecretData["cert"] = []byte(crt) certSecretData["key"] = []byte(key) secret := &corev1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: "grpc", }, Data: certSecretData, Type: corev1.SecretTypeOpaque, } result, err := clientset.CoreV1().Secrets("lgy").Create(context.TODO(),secret,v1.CreateOptions{}) fmt.Println(err) fmt.Println(result) cons := &apisixv1.ApisixTls{ ObjectMeta:metav1.ObjectMeta{ Name: "grpc", Namespace: "lgy", }, Spec:&apisixv1.ApisixTlsSpec{ Hosts: []apisixv1.HostType{ "test.grpc.com", }, Secret: apisixv1.ApisixSecret{ Name: "grpc", Namespace: "lgy", }, }, } results, err := client.ApisixV1().ApisixTlses("lgy").Create(context.TODO(),cons,v1.CreateOptions{}) fmt.Println(err) fmt.Println(results) } func BuildApiSixUpStream() { grpc := &apisixv1.ApisixUpstream{ ObjectMeta:metav1.ObjectMeta{ Name: "grpc", Namespace: "lgy", }, Spec: &apisixv1.ApisixUpstreamSpec{ PortLevelSettings:[]apisixv1.PortLevelSettings{ apisixv1.PortLevelSettings{ Port: 50051, ApisixUpstreamConfig:apisixv1.ApisixUpstreamConfig{ Scheme:"grpc", }, }, }, }, } result, err := client.ApisixV1().ApisixUpstreams("lgy").Create(context.TODO(),grpc,v1.CreateOptions{}) fmt.Println(err) fmt.Println(result) } func BuildCons() { cons := &v2alpha1.ApisixConsumer{ ObjectMeta:metav1.ObjectMeta{ Name: "grpc", Namespace: "lgy", }, Spec:v2alpha1.ApisixConsumerSpec{ AuthParameter:v2alpha1.ApisixConsumerAuthParameter{ KeyAuth:&v2alpha1.ApisixConsumerKeyAuth{ //Value: &v2alpha1.ApisixConsumerKeyAuthValue{ // Key: "lgy", //}, SecretRef:&corev1.LocalObjectReference{ Name: "mysecret", }, }, }, }, } result, err := client.ApisixV2alpha1().ApisixConsumers("lgy").Create(context.TODO(),cons,v1.CreateOptions{}) fmt.Println(err) fmt.Println(result) } ```` 生成证书的代码: ```` func CreatCert() { max := new(big.Int).Lsh(big.NewInt(1), 128) serialNumber, _ := rand.Int(rand.Reader, max) subject := pkix.Name{ CommonName: "test.grpc.com", } template := x509.Certificate{ SerialNumber: serialNumber, Subject: subject, NotBefore: time.Now(), NotAfter: time.Now().Add(365 * 24 * time.Hour), KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth,x509.ExtKeyUsageServerAuth}, } pk, _ := rsa.GenerateKey(rand.Reader, 2048) derBytes, _ := x509.CreateCertificate(rand.Reader, &template, &template, &pk.PublicKey, pk) certOut, _ := os.Create("server.pem") pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}) certOut.Close() keyOut, _ := os.Create("key.pem") pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(pk)}) keyOut.Close() } ```` 如果是单独访问grpc的svc可以访问通,如下;  -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
