marsevilspirit opened a new pull request, #2891:
URL: https://github.com/apache/dubbo-go/pull/2891
We plan to move TLSConfig from the config package to the global package, for
which we need TLSOptions. However, we cannot place TLSOptions in the global
package, otherwise it will cause circular dependencies, making global a second
config package. Therefore, it is necessary for us to create a tls directory.
How to pass TLSConfig is a question, and I handled it this way:
```go
common.WithAttribute(constant.TLSConfigKey, svcOpts.srvOpts.TLS)
```
Using the Attribute field in the URL to pass parameters, TLSConfig will not
appear in the URL string. The Attribute is designed to pass various
configurations, but very few people use it, so I plan to use Attribute to pass
TLSConfig.
The following samples have all been tested successfully.
Instance sample
```go
ins, err := dubbo.NewInstance(
dubbo.WithName("dubbo_instance_sample"),
dubbo.WithProtocol(
protocol.WithTriple(),
protocol.WithPort(20000),
),
dubbo.WithTLS(
tls.WithCACertFile("client_ca_cert.pem"),
tls.WithCertFile("server2_cert.pem"),
tls.WithKeyFile("server2_key.pem"),
tls.WithServerName("dubbogo.test.example.com"),
),
)
```
Server sample
```go
srv, err := server.NewServer(
server.WithServerProtocol(
protocol.WithPort(20000),
protocol.WithTriple(),
),
server.WithServerTLSOption(
tls.WithCACertFile("client_ca_cert.pem"),
tls.WithCertFile("server2_cert.pem"),
tls.WithKeyFile("server2_key.pem"),
tls.WithServerName("dubbogo.test.example.com"),
),
)
```
Client sample
```go
cli, err := client.NewClient(
client.WithClientURL("127.0.0.1:20000"),
client.WithClientTLSOption(
tls.WithCACertFile("server_ca_cert.pem"),
tls.WithCertFile("client2_cert.pem"),
tls.WithKeyFile("client2_key.pem"),
tls.WithServerName("dubbogo.test.example.com"),
),
)
```
dubbo.load server yaml file
```go
func main() {
greet.SetProviderGreetService(&GreetTripleServer{})
if err := dubbo.Load(); err != nil {
panic(err)
}
select {}
}
```
``` yaml
# dubbo server yaml configure file
dubbo:
registries:
demoZK:
protocol: zookeeper
timeout: 10s
address: 127.0.0.1:2181
protocols:
tripleProtocol:
name: tri
port: 20000
provider:
services:
GreetTripleServer:
interface: com.apache.dubbo.sample.Greeter
tls_config:
ca-cert-file: client_ca_cert.pem
tls-cert-file: server1_cert.pem
tls-key-file: server1_key.pem
tls-server-name: dubbogo.test.example.com
```
dubbo.load client yaml file
```go
func main() {
greet.SetConsumerGreetService(svc)
if err := dubbo.Load(); err != nil {
panic(err)
}
req, err := svc.Greet(context.Background(),
&greet.GreetRequest{Name: "name"})
if err != nil {
panic(err)
}
logger.Infof("Greeting: %v", req.Greeting)
}
```
```yaml
# dubbo client yaml configure file
dubbo:
registries:
demoZK:
protocol: zookeeper
timeout: 3s
address: 127.0.0.1:2181
consumer:
references:
GreetServiceImpl:
protocol: tri
interface: com.apache.dubbo.sample.Greeter
registry: demoZK
retries: 3
timeout: 3000
tls_config:
ca-cert-file: server_ca_cert.pem
tls-cert-file: client1_cert.pem
tls-key-file: client1_key.pem
tls-server-name: dubbogo.test.example.com
```
The benefits of this PR:
1. It enables the new API to fully support TLS.
2. It completely frees the TLS part of the remoting and protocol packages
from the circular dependency on the config package, preparing for the future
removal of the config package.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@dubbo.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscr...@dubbo.apache.org
For additional commands, e-mail: notifications-h...@dubbo.apache.org
