mirror of https://github.com/grpc/grpc-go.git
211 lines
6.5 KiB
Go
211 lines
6.5 KiB
Go
/*
|
|
*
|
|
* Copyright 2021 gRPC authors.
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*
|
|
*/
|
|
|
|
// Package googledirectpath implements a resolver that configures xds to make
|
|
// cloud to prod directpath connection.
|
|
//
|
|
// It's a combo of DNS and xDS resolvers. It delegates to DNS if
|
|
// - not on GCE, or
|
|
// - xDS bootstrap env var is set (so this client needs to do normal xDS, not
|
|
// direct path, and clients with this scheme is not part of the xDS mesh).
|
|
package googledirectpath
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
rand "math/rand/v2"
|
|
"net/url"
|
|
"sync"
|
|
"time"
|
|
|
|
"google.golang.org/grpc/grpclog"
|
|
"google.golang.org/grpc/internal/envconfig"
|
|
"google.golang.org/grpc/internal/googlecloud"
|
|
internalgrpclog "google.golang.org/grpc/internal/grpclog"
|
|
"google.golang.org/grpc/internal/xds/bootstrap"
|
|
"google.golang.org/grpc/resolver"
|
|
"google.golang.org/grpc/xds/internal/xdsclient"
|
|
|
|
_ "google.golang.org/grpc/xds" // To register xds resolvers and balancers.
|
|
)
|
|
|
|
const (
|
|
c2pScheme = "google-c2p"
|
|
c2pAuthority = "traffic-director-c2p.xds.googleapis.com"
|
|
|
|
defaultUniverseDomain = "googleapis.com"
|
|
zoneURL = "http://metadata.google.internal/computeMetadata/v1/instance/zone"
|
|
ipv6URL = "http://metadata.google.internal/computeMetadata/v1/instance/network-interfaces/0/ipv6s"
|
|
ipv6CapableMetadataName = "TRAFFICDIRECTOR_DIRECTPATH_C2P_IPV6_CAPABLE"
|
|
httpReqTimeout = 10 * time.Second
|
|
|
|
logPrefix = "[google-c2p-resolver]"
|
|
dnsName, xdsName = "dns", "xds"
|
|
)
|
|
|
|
var (
|
|
logger = internalgrpclog.NewPrefixLogger(grpclog.Component("directpath"), logPrefix)
|
|
universeDomainMu sync.Mutex
|
|
universeDomain = ""
|
|
// For overriding in unittests.
|
|
onGCE = googlecloud.OnGCE
|
|
randInt = rand.Int
|
|
xdsClientPool = xdsclient.DefaultPool
|
|
)
|
|
|
|
func init() {
|
|
resolver.Register(c2pResolverBuilder{})
|
|
}
|
|
|
|
// SetUniverseDomain informs the gRPC library of the universe domain
|
|
// in which the process is running (for example, "googleapis.com").
|
|
// It is the caller's responsibility to ensure that the domain is correct.
|
|
//
|
|
// This setting is used by the "google-c2p" resolver (the resolver used
|
|
// for URIs with the "google-c2p" scheme) to configure its dependencies.
|
|
//
|
|
// If a gRPC channel is created with the "google-c2p" URI scheme and this
|
|
// function has NOT been called, then gRPC configures the universe domain as
|
|
// "googleapis.com".
|
|
//
|
|
// Returns nil if either:
|
|
//
|
|
// a) The universe domain has not yet been configured.
|
|
// b) The universe domain has been configured and matches the provided value.
|
|
//
|
|
// Otherwise, returns an error.
|
|
func SetUniverseDomain(domain string) error {
|
|
universeDomainMu.Lock()
|
|
defer universeDomainMu.Unlock()
|
|
if domain == "" {
|
|
return fmt.Errorf("universe domain cannot be empty")
|
|
}
|
|
if universeDomain == "" {
|
|
universeDomain = domain
|
|
return nil
|
|
}
|
|
if universeDomain != domain {
|
|
return fmt.Errorf("universe domain cannot be set to %s, already set to different value: %s", domain, universeDomain)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func getXdsServerURI() string {
|
|
universeDomainMu.Lock()
|
|
defer universeDomainMu.Unlock()
|
|
if universeDomain == "" {
|
|
universeDomain = defaultUniverseDomain
|
|
}
|
|
// Put env var override logic after default value logic so
|
|
// that tests still run the default value logic.
|
|
if envconfig.C2PResolverTestOnlyTrafficDirectorURI != "" {
|
|
return envconfig.C2PResolverTestOnlyTrafficDirectorURI
|
|
}
|
|
return fmt.Sprintf("dns:///directpath-pa.%s", universeDomain)
|
|
}
|
|
|
|
type c2pResolverBuilder struct{}
|
|
|
|
func (c2pResolverBuilder) Build(t resolver.Target, cc resolver.ClientConn, opts resolver.BuildOptions) (resolver.Resolver, error) {
|
|
if t.URL.Host != "" {
|
|
return nil, fmt.Errorf("google-c2p URI scheme does not support authorities")
|
|
}
|
|
|
|
if !runDirectPath() {
|
|
// If not xDS, fallback to DNS.
|
|
t.URL.Scheme = dnsName
|
|
return resolver.Get(dnsName).Build(t, cc, opts)
|
|
}
|
|
|
|
// Note that the following calls to getZone() and getIPv6Capable() does I/O,
|
|
// and has 10 seconds timeout each.
|
|
//
|
|
// This should be fine in most of the cases. In certain error cases, this
|
|
// could block Dial() for up to 10 seconds (each blocking call has its own
|
|
// goroutine).
|
|
zoneCh, ipv6CapableCh := make(chan string), make(chan bool)
|
|
go func() { zoneCh <- getZone(httpReqTimeout) }()
|
|
go func() { ipv6CapableCh <- getIPv6Capable(httpReqTimeout) }()
|
|
|
|
xdsServerURI := getXdsServerURI()
|
|
nodeCfg := newNodeConfig(<-zoneCh, <-ipv6CapableCh)
|
|
xdsServerCfg := newXdsServerConfig(xdsServerURI)
|
|
authoritiesCfg := newAuthoritiesConfig(xdsServerCfg)
|
|
|
|
cfg := map[string]any{
|
|
"xds_servers": []any{xdsServerCfg},
|
|
"client_default_listener_resource_name_template": "%s",
|
|
"authorities": authoritiesCfg,
|
|
"node": nodeCfg,
|
|
}
|
|
cfgJSON, err := json.Marshal(cfg)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to marshal bootstrap configuration: %v", err)
|
|
}
|
|
config, err := bootstrap.NewConfigFromContents(cfgJSON)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to parse bootstrap contents: %s, %v", string(cfgJSON), err)
|
|
}
|
|
xdsClientPool.SetFallbackBootstrapConfig(config)
|
|
|
|
t = resolver.Target{
|
|
URL: url.URL{
|
|
Scheme: xdsName,
|
|
Host: c2pAuthority,
|
|
Path: t.URL.Path,
|
|
},
|
|
}
|
|
return resolver.Get(xdsName).Build(t, cc, opts)
|
|
}
|
|
|
|
func (b c2pResolverBuilder) Scheme() string {
|
|
return c2pScheme
|
|
}
|
|
|
|
func newNodeConfig(zone string, ipv6Capable bool) map[string]any {
|
|
node := map[string]any{
|
|
"id": fmt.Sprintf("C2P-%d", randInt()),
|
|
"locality": map[string]any{"zone": zone},
|
|
}
|
|
if ipv6Capable {
|
|
node["metadata"] = map[string]any{ipv6CapableMetadataName: true}
|
|
}
|
|
return node
|
|
}
|
|
|
|
func newAuthoritiesConfig(serverCfg map[string]any) map[string]any {
|
|
return map[string]any{
|
|
c2pAuthority: map[string]any{"xds_servers": []any{serverCfg}},
|
|
}
|
|
}
|
|
|
|
func newXdsServerConfig(uri string) map[string]any {
|
|
return map[string]any{
|
|
"server_uri": uri,
|
|
"channel_creds": []map[string]any{{"type": "google_default"}},
|
|
"server_features": []any{"ignore_resource_deletion"},
|
|
}
|
|
}
|
|
|
|
// runDirectPath returns whether this resolver should use direct path.
|
|
//
|
|
// direct path is enabled if this client is running on GCE.
|
|
func runDirectPath() bool {
|
|
return onGCE()
|
|
}
|