Merge pull request #122176 from slashpai/disable_http2_flag
Expose DisableHTTP2 flag in SecureServingOptions Kubernetes-commit: dfcb44758a634ca68cc0cf733e83503d22f241c8
This commit is contained in:
Kubernetes Publisher
commit
548de40f32
2
go.mod
2
go.mod
|
|
@ -46,7 +46,7 @@ require (
|
|||
gopkg.in/square/go-jose.v2 v2.6.0
|
||||
k8s.io/api v0.0.0-20240508202814-7ccc2456a96f
|
||||
k8s.io/apimachinery v0.0.0-20240503202409-c9c3e94f52f0
|
||||
k8s.io/client-go v0.0.0-20240509003152-8a8d0731deec
|
||||
k8s.io/client-go v0.0.0-20240509043313-62f959700d55
|
||||
k8s.io/component-base v0.0.0-20240509004100-482591e4108c
|
||||
k8s.io/klog/v2 v2.120.1
|
||||
k8s.io/kms v0.0.0-20240507203920-200fd0923998
|
||||
|
|
|
|||
4
go.sum
4
go.sum
|
|
@ -377,8 +377,8 @@ k8s.io/api v0.0.0-20240508202814-7ccc2456a96f h1:JD5C6Ov1+pP7Ze8s7O/+0YfhlAH2Nrk
|
|||
k8s.io/api v0.0.0-20240508202814-7ccc2456a96f/go.mod h1:63wOlHLR6A1SAeEfLi6u/gVTKmQklvs6IL52WjMSKn0=
|
||||
k8s.io/apimachinery v0.0.0-20240503202409-c9c3e94f52f0 h1:7WYV6yFZ33GBiOXTMsfUjlaZvdWfda0JRXrn/xxekAY=
|
||||
k8s.io/apimachinery v0.0.0-20240503202409-c9c3e94f52f0/go.mod h1:+hpAhBheGa7Ub4X6JfKqjEeACgGYZqZv+ILGzigzVGU=
|
||||
k8s.io/client-go v0.0.0-20240509003152-8a8d0731deec h1:akBU/J0mAZMXVFEuYiQa8XHJWPft/OYFUo1XamPuLzM=
|
||||
k8s.io/client-go v0.0.0-20240509003152-8a8d0731deec/go.mod h1:j5TdCy1D4o/8Hw6VjFwXsPxANdrTKVHisxrjVF4tc7A=
|
||||
k8s.io/client-go v0.0.0-20240509043313-62f959700d55 h1:TTHuyPSIxllgHDQzFvkYJ9Iewk3/Balim0/HUvKCWwI=
|
||||
k8s.io/client-go v0.0.0-20240509043313-62f959700d55/go.mod h1:j5TdCy1D4o/8Hw6VjFwXsPxANdrTKVHisxrjVF4tc7A=
|
||||
k8s.io/component-base v0.0.0-20240509004100-482591e4108c h1:dsvBpyLyEc10p5ARPS+9ZZgYIu8W89k2T9oNWvgxEmQ=
|
||||
k8s.io/component-base v0.0.0-20240509004100-482591e4108c/go.mod h1:iQnJj8brojGA7iHRX01Yx9zVMeAuOGBVhQ0UpOm7vTw=
|
||||
k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
|
||||
|
|
|
|||
|
|
@ -44,6 +44,8 @@ type SecureServingOptions struct {
|
|||
// BindNetwork is the type of network to bind to - defaults to "tcp", accepts "tcp",
|
||||
// "tcp4", and "tcp6".
|
||||
BindNetwork string
|
||||
// DisableHTTP2Serving indicates that http2 serving should not be enabled.
|
||||
DisableHTTP2Serving bool
|
||||
// Required set to true means that BindPort cannot be zero.
|
||||
Required bool
|
||||
// ExternalAddress is the address advertised, even if BindAddress is a loopback. By default this
|
||||
|
|
@ -163,6 +165,9 @@ func (s *SecureServingOptions) AddFlags(fs *pflag.FlagSet) {
|
|||
}
|
||||
fs.IntVar(&s.BindPort, "secure-port", s.BindPort, desc)
|
||||
|
||||
fs.BoolVar(&s.DisableHTTP2Serving, "disable-http2-serving", s.DisableHTTP2Serving,
|
||||
"If true, HTTP2 serving will be disabled [default=false]")
|
||||
|
||||
fs.StringVar(&s.ServerCert.CertDirectory, "cert-dir", s.ServerCert.CertDirectory, ""+
|
||||
"The directory where the TLS certs are located. "+
|
||||
"If --tls-cert-file and --tls-private-key-file are provided, this flag will be ignored.")
|
||||
|
|
@ -256,6 +261,7 @@ func (s *SecureServingOptions) ApplyTo(config **server.SecureServingInfo) error
|
|||
*config = &server.SecureServingInfo{
|
||||
Listener: s.Listener,
|
||||
HTTP2MaxStreamsPerConnection: s.HTTP2MaxStreamsPerConnection,
|
||||
DisableHTTP2: s.DisableHTTP2Serving,
|
||||
}
|
||||
c := *config
|
||||
|
||||
|
|
|
|||
|
|
@ -290,7 +290,8 @@ func TestServerRunWithSNI(t *testing.T) {
|
|||
KeyFile: serverKeyFile,
|
||||
},
|
||||
},
|
||||
SNICertKeys: namedCertKeys,
|
||||
DisableHTTP2Serving: true,
|
||||
SNICertKeys: namedCertKeys,
|
||||
}).WithLoopback()
|
||||
// use a random free port
|
||||
ln, err := net.Listen("tcp", "127.0.0.1:0")
|
||||
|
|
|
|||
Loading…
Reference in New Issue