Documentation
¶
Index ¶
- Constants
- func AddressString[T WithAddress](addresses ...T) string
- func BuildCertPool(rootCAs ...[]byte) (*x509.CertPool, error)
- func CalcMaxAttempts(initialInterval, maxInterval, multiplier, maxElapsedTime float64) int
- func CloseConnections[T io.Closer](connections ...T) error
- func CloseConnectionsLog[T io.Closer](connections ...T)
- func ExtendCertPool(certPool *x509.CertPool, rootCAs ...[]byte) bool
- func FilterStreamRPCError(rpcErr error) error
- func MakeGrpcRetryPolicyJSON(p *retry.Profile) string
- func NewClientGRPCTransportCredentials(c *TLSCredentials) (credentials.TransportCredentials, error)
- func NewConnection(p ClientParameters) (*grpc.ClientConn, error)
- func NewConnectionPerEndpoint(config *MultiClientConfig) ([]*grpc.ClientConn, error)
- func NewLoadBalancedConnection(config *MultiClientConfig) (*grpc.ClientConn, error)
- func NewServerGRPCTransportCredentials(c *TLSCredentials) (credentials.TransportCredentials, error)
- func NewSingleConnection(config *ClientConfig) (*grpc.ClientConn, error)
- func RunHealthCheck(ctx context.Context, endpoint Endpoint, tlsConfig TLSConfig) error
- type ClientConfig
- type ClientParameters
- type DialInfo
- type Endpoint
- type MultiClientConfig
- type TLSConfig
- type TLSCredentials
- type WithAddress
Constants ¶
const ( // Connected indicates that the connection to the service is currently established. Connected = 1.0 // Disconnected indicates that the connection to the service is currently not established. Disconnected = 0 // TODO: All services including the orderer must use the same default maximum message size. // Hence, we need to move this constant to fabric-x-common. // MaxMsgSize is set to 100MB. MaxMsgSize = 100 * 1024 * 1024 )
const ( UnmentionedTLSMode = "" NoneTLSMode = "none" OneSideTLSMode = "tls" MutualTLSMode = "mtls" DefaultTLSMode = NoneTLSMode // DefaultTLSMinVersion is the minimum version required to achieve secure connections. DefaultTLSMinVersion = tls.VersionTLS12 )
usage: TLS configuration modes.
const DefaultHost = "localhost"
DefaultHost is the default hostname used for service endpoints.
Variables ¶
This section is empty.
Functions ¶
func AddressString ¶
func AddressString[T WithAddress](addresses ...T) string
AddressString returns the addresses as a string with comma as a separator between them.
func BuildCertPool ¶ added in v1.0.0
BuildCertPool creates a new x509 certificate pool from the given root CA certificates. If no root CA certificates are provided, an error is returned. If any of the root CA certificates cannot be parsed, an error is returned. Otherwise, the function returns the created certificate pool.
func CalcMaxAttempts ¶ added in v0.2.0
CalcMaxAttempts calculates the number of attempts given the following parameters: - initialInterval > 0 - maxInterval >= i - multiplier > 1 - maxElapsedTime > i.
func CloseConnections ¶
CloseConnections calls [closer.Close()] for all the given connections and return the close errors.
func CloseConnectionsLog ¶
CloseConnectionsLog calls [closer.Close()] for all the given connections and log the close errors.
func ExtendCertPool ¶ added in v1.0.0
ExtendCertPool appends the given root CA certificates to the given certificate pool. If any of the root CA certificates cannot be parsed, the function returns false. Otherwise, the function returns true.
func FilterStreamRPCError ¶
FilterStreamRPCError filters RPC errors that caused due to ending stream.
func MakeGrpcRetryPolicyJSON ¶ added in v0.2.0
MakeGrpcRetryPolicyJSON defines the retry policy for a gRPC client connection. The retry policy applies to all subsequent gRPC calls made through the client connection. Our GRPC retry policy is applicable only for the following status codes:
(1) UNAVAILABLE The service is currently unavailable (e.g., transient network issue, server down). (2) DEADLINE_EXCEEDED Operation took too long (deadline passed). (3) RESOURCE_EXHAUSTED Some resource (e.g., quota) has been exhausted; the operation cannot proceed.
func NewClientGRPCTransportCredentials ¶ added in v1.0.0
func NewClientGRPCTransportCredentials(c *TLSCredentials) (credentials.TransportCredentials, error)
NewClientGRPCTransportCredentials returns the gRPC transport credentials to be used by a client, based on the provided TLS credentials.
func NewConnection ¶ added in v0.1.7
func NewConnection(p ClientParameters) (*grpc.ClientConn, error)
NewConnection creates a connection with the given parameters. It will not attempt to create a connection with the remote.
func NewConnectionPerEndpoint ¶ added in v0.1.7
func NewConnectionPerEndpoint(config *MultiClientConfig) ([]*grpc.ClientConn, error)
NewConnectionPerEndpoint creates a list of connections; one for each endpoint in the given config.
func NewLoadBalancedConnection ¶ added in v0.1.7
func NewLoadBalancedConnection(config *MultiClientConfig) (*grpc.ClientConn, error)
NewLoadBalancedConnection creates a connection with load balancing between the endpoints in the given config.
func NewServerGRPCTransportCredentials ¶ added in v1.0.0
func NewServerGRPCTransportCredentials(c *TLSCredentials) (credentials.TransportCredentials, error)
NewServerGRPCTransportCredentials returns the gRPC transport credentials to be used by a server, based on the provided TLS credentials.
func NewSingleConnection ¶ added in v0.1.7
func NewSingleConnection(config *ClientConfig) (*grpc.ClientConn, error)
NewSingleConnection creates a single connection given a client config.
Types ¶
type ClientConfig ¶
type ClientConfig struct {
Endpoint *Endpoint `mapstructure:"endpoint"`
TLS TLSConfig `mapstructure:"tls"`
Retry *retry.Profile `mapstructure:"reconnect"`
}
ClientConfig contains a single endpoint, TLS config, and retry profile.
type ClientParameters ¶ added in v0.1.9
type ClientParameters struct {
Address string
Creds credentials.TransportCredentials
Retry *retry.Profile
AdditionalOpts []grpc.DialOption
}
ClientParameters contain connection parameters.
type DialInfo ¶ added in v1.0.0
type DialInfo struct {
Endpoints []*Endpoint
TLS TLSCredentials
Retry *retry.Profile
}
DialInfo contains the parameters to dial a connection.
func NewDialInfo ¶ added in v1.0.0
func NewDialInfo(config *MultiClientConfig) (*DialInfo, error)
NewDialInfo creates dial info from a client config.
func (*DialInfo) NewConnectionPerEndpoint ¶ added in v1.0.0
func (d *DialInfo) NewConnectionPerEndpoint() ([]*grpc.ClientConn, error)
NewConnectionPerEndpoint creates a list of connections; one for each endpoint.
func (*DialInfo) NewLoadBalancedConnection ¶ added in v1.0.0
func (d *DialInfo) NewLoadBalancedConnection() (*grpc.ClientConn, error)
NewLoadBalancedConnection creates a connection with load balancing between the endpoints.
type Endpoint ¶
Endpoint describes a remote endpoint.
type MultiClientConfig ¶ added in v0.1.7
type MultiClientConfig struct {
Endpoints []*Endpoint `mapstructure:"endpoints"`
TLS TLSConfig `mapstructure:"tls"`
Retry *retry.Profile `mapstructure:"reconnect"`
}
MultiClientConfig contains the endpoints, TLS config, and retry profile. This config allows the support of number of different endpoints to multiple service instances.
type TLSConfig ¶ added in v0.1.7
type TLSConfig struct {
Mode string `mapstructure:"mode" validate:"omitempty,oneof=tls mtls none"`
// CertPath is the path to the certificate file (public key).
CertPath string `mapstructure:"cert-path"`
// KeyPath is the path to the key file (private key).
KeyPath string `mapstructure:"key-path"`
CACertPaths []string `mapstructure:"ca-cert-paths"`
}
TLSConfig holds the TLS options and certificate paths used for secure communication between servers and clients. Credentials are built based on the configuration mode. For example, If only server-side TLS is required, the certificate pool (certPool) is not built (for a server), since the relevant certificates paths are defined in the YAML according to the selected mode.
func (TLSConfig) ClientCredentials ¶ added in v0.1.7
func (c TLSConfig) ClientCredentials() (credentials.TransportCredentials, error)
ClientCredentials converts TLSConfig into a TLSCredentials struct and generates client creds.
func (TLSConfig) ServerCredentials ¶ added in v0.1.7
func (c TLSConfig) ServerCredentials() (credentials.TransportCredentials, error)
ServerCredentials converts TLSConfig into a TLSCredentials struct and generates server creds.
type TLSCredentials ¶ added in v1.0.0
TLSCredentials holds the loaded runtime TLS credentials (certificate, key, CA certs).
func NewClientTLSCredentials ¶ added in v1.0.0
func NewClientTLSCredentials(c TLSConfig) (*TLSCredentials, error)
NewClientTLSCredentials converts a client TLSConfig with path fields into a struct that holds the actual bytes of the certificates.
Certificate loading behavior by mode:
- none/unmentioned: No certificates loaded
- tls (one-way): Loads CA certs only for server verification (client cert + key NOT loaded)
- mtls (mutual): Loads CA certs + client cert + key for mutual authentication
func NewServerTLSCredentials ¶ added in v1.0.0
func NewServerTLSCredentials(c TLSConfig) (*TLSCredentials, error)
NewServerTLSCredentials converts a server TLSConfig with path fields into a struct that holds the actual bytes of the certificates.
Certificate loading behavior by mode:
- none/unmentioned: No certificates loaded
- tls (one-way): Loads server cert + key only (CA certs NOT loaded)
- mtls (mutual): Loads server cert + key + CA certs for client verification
func (*TLSCredentials) CreateClientTLSConfig ¶ added in v1.0.0
func (c *TLSCredentials) CreateClientTLSConfig() (*tls.Config, error)
CreateClientTLSConfig returns a TLS config to be used by a client.
func (*TLSCredentials) CreateServerTLSConfig ¶ added in v1.0.0
func (c *TLSCredentials) CreateServerTLSConfig() (*tls.Config, error)
CreateServerTLSConfig returns a TLS config to be used by a server.
type WithAddress ¶
type WithAddress interface {
Address() string
}
WithAddress represents any type that can generate an address.
Source Files