Skip to content

Commit

Permalink
fix:unix socket listen (#73)
Browse files Browse the repository at this point in the history
  • Loading branch information
@chuntaojun
chuntaojun authored Jan 6, 2024
1 parent 34153fb commit 6f17b8e
Show file tree
Hide file tree
Showing 6 changed files with 29 additions and 6 deletions.
2 changes: 1 addition & 1 deletion bootstrap/config/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -231,7 +231,7 @@ func (s *SidecarConfig) mergeEnv() {
s.PolarisConfig.Adddresses = getEnvStringsValue(EnvPolarisAddress, s.PolarisConfig.Adddresses)
s.MTLS.Enable = getEnvBoolValue(EnvSidecarMtlsEnable, s.MTLS.Enable)
s.MTLS.CAServer = getEnvStringValue(EnvSidecarMtlsCAServer, s.MTLS.CAServer)
s.RateLimit.Enable = getEnvBoolValue(EnvSidecarRLSEnable, s.MTLS.Enable)
s.RateLimit.Enable = getEnvBoolValue(EnvSidecarRLSEnable, s.RateLimit.Enable)
s.Recurse.Enable = getEnvBoolValue(EnvSidecarRecurseEnable, s.Recurse.Enable)
s.Recurse.TimeoutSec = getEnvIntValue(EnvSidecarRecurseTimeout, s.Recurse.TimeoutSec)
s.Logger.RotateOutputPath = getEnvStringValue(EnvSidecarLogRotateOutputPath, s.Logger.RotateOutputPath)
Expand Down
12 changes: 9 additions & 3 deletions envoy/rls/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,19 @@ package rls

type Config struct {
Enable bool `yaml:"enable"`
Network string `yaml:"-"`
Address string `yaml"-"`
Network string `yaml:"network"`
Address string `yaml:"address"`
BindPort uint32 `yaml:"port"`
TLSInfo *TLSInfo `yaml:"tls_info"`
}

const DefaultRLSAddress = "/var/run/polaris/ratelimit/rls.sock"
func (c *Config) init() {
if c.Network == "unix" && c.Address == "" {
c.Address = DefaultRLSAddress
}
}

const DefaultRLSAddress = "/tmp/polaris-sidecar/ratelimit/rls.sock"

// TLSInfo tls 配置信息
type TLSInfo struct {
Expand Down
10 changes: 9 additions & 1 deletion envoy/rls/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@ package rls
import (
"context"
"net"
"os"
"path/filepath"
"strings"

v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/common/ratelimit/v3"
Expand All @@ -34,6 +36,7 @@ import (
)

func New(namespace string, conf *Config) (*RateLimitServer, error) {
conf.init()
return &RateLimitServer{
namespace: namespace,
conf: conf,
Expand All @@ -49,6 +52,11 @@ type RateLimitServer struct {
}

func (svr *RateLimitServer) Run(ctx context.Context) error {
if svr.conf.Network == "unix" {
if err := os.MkdirAll(filepath.Dir(svr.conf.Address), os.ModePerm); err != nil {
return err
}
}
ln, err := net.Listen(svr.conf.Network, svr.conf.Address)
if err != nil {
return err
Expand Down Expand Up @@ -150,6 +158,6 @@ func (svr *RateLimitServer) buildQuotaRequest(domain string, acquireQuota uint32
req.SetNamespace(svr.namespace)
req.SetService(domain)
req.SetToken(acquireQuota)

log.Info("[envoy-rls] build polaris quota request", zap.Any("param", req))
return req, nil
}
1 change: 1 addition & 0 deletions polaris-sidecar.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ metrics:
type: pull
metricPort: 0
ratelimit:
enable: true
network: unix
resolvers:
- name: dnsagent
Expand Down
8 changes: 8 additions & 0 deletions security/mtls/agent/agent.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ package agent
import (
"context"
"net"
"os"
"path/filepath"

"google.golang.org/grpc"

Expand Down Expand Up @@ -35,6 +37,12 @@ func New(opt Option) (*Agent, error) {
a.rotator = rotator.New(opt.RotatePeriod, opt.FailedRetryDelay)
a.sds = sds.New(opt.CryptombPollDelay)

if opt.Network == "unix" {
if err := os.MkdirAll(filepath.Dir(opt.Address), os.ModePerm); err != nil {
return nil, err
}
}

cli, err := caclient.NewWithRootCA(opt.CAServer, caclient.ServiceAccountToken(), defaultCAPath)
if err != nil {
return nil, err
Expand Down
2 changes: 1 addition & 1 deletion security/mtls/agent/option.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ func EnvDefaultInt(name string, val int, def int) int {
return def
}

const DefaultSDSAddress = "/var/run/polaris/mtls/sds.sock"
const DefaultSDSAddress = "/tmp/polaris-sidecar/mtls/sds.sock"

// init options with enviroment variables
func (opt *Option) init() error {
Expand Down

0 comments on commit 6f17b8e

Please sign in to comment.