2023-03-28 18:39:22 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
2023-08-11 13:12:13 +00:00
|
|
|
// SPDX-License-Identifier: BUSL-1.1
|
2023-03-28 18:39:22 +00:00
|
|
|
|
2022-07-13 15:33:48 +00:00
|
|
|
package internal
|
2020-07-22 23:57:29 +00:00
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"net"
|
2021-02-16 15:17:54 +00:00
|
|
|
"time"
|
2020-07-22 23:57:29 +00:00
|
|
|
|
2022-10-11 22:00:32 +00:00
|
|
|
"github.com/armon/go-metrics"
|
2022-12-13 15:01:56 +00:00
|
|
|
|
2022-07-13 15:33:48 +00:00
|
|
|
agentmiddleware "github.com/hashicorp/consul/agent/grpc-middleware"
|
2021-08-07 12:21:12 +00:00
|
|
|
|
2021-10-16 17:02:03 +00:00
|
|
|
middleware "github.com/grpc-ecosystem/go-grpc-middleware"
|
|
|
|
recovery "github.com/grpc-ecosystem/go-grpc-middleware/recovery"
|
2022-03-22 12:40:24 +00:00
|
|
|
"google.golang.org/grpc"
|
|
|
|
"google.golang.org/grpc/keepalive"
|
2023-04-04 16:30:06 +00:00
|
|
|
|
|
|
|
"github.com/hashicorp/consul/agent/consul/rate"
|
2020-07-22 23:57:29 +00:00
|
|
|
)
|
|
|
|
|
2022-10-11 22:00:32 +00:00
|
|
|
var (
|
|
|
|
metricsLabels = []metrics.Label{{
|
|
|
|
Name: "server_type",
|
|
|
|
Value: "internal",
|
|
|
|
}}
|
|
|
|
)
|
|
|
|
|
2020-08-28 23:23:40 +00:00
|
|
|
// NewHandler returns a gRPC server that accepts connections from Handle(conn).
|
2024-01-12 16:54:07 +00:00
|
|
|
func NewHandler(logger Logger, addr net.Addr, metricsObj *metrics.Metrics, rateLimiter rate.RequestLimitsHandler) *Handler {
|
2022-10-11 22:00:32 +00:00
|
|
|
if metricsObj == nil {
|
|
|
|
metricsObj = metrics.Default()
|
|
|
|
}
|
2021-10-16 17:02:03 +00:00
|
|
|
|
2021-10-16 17:05:32 +00:00
|
|
|
// We don't need to pass tls.Config to the server since it's multiplexed
|
|
|
|
// behind the RPC listener, which already has TLS configured.
|
2022-03-22 12:40:24 +00:00
|
|
|
recoveryOpts := agentmiddleware.PanicHandlerMiddlewareOpts(logger)
|
2021-10-16 17:02:03 +00:00
|
|
|
|
|
|
|
opts := []grpc.ServerOption{
|
2023-01-04 16:07:02 +00:00
|
|
|
grpc.InTapHandle(agentmiddleware.ServerRateLimiterMiddleware(rateLimiter, agentmiddleware.NewPanicHandler(logger), logger)),
|
2022-10-11 22:00:32 +00:00
|
|
|
grpc.StatsHandler(agentmiddleware.NewStatsHandler(metricsObj, metricsLabels)),
|
2021-08-07 12:21:12 +00:00
|
|
|
middleware.WithUnaryServerChain(
|
2021-08-22 18:06:26 +00:00
|
|
|
// Add middlware interceptors to recover in case of panics.
|
|
|
|
recovery.UnaryServerInterceptor(recoveryOpts...),
|
2021-08-07 12:21:12 +00:00
|
|
|
),
|
|
|
|
middleware.WithStreamServerChain(
|
2021-08-22 18:06:26 +00:00
|
|
|
// Add middlware interceptors to recover in case of panics.
|
|
|
|
recovery.StreamServerInterceptor(recoveryOpts...),
|
2022-10-11 22:00:32 +00:00
|
|
|
agentmiddleware.NewActiveStreamCounter(metricsObj, metricsLabels).Intercept,
|
2021-08-07 12:21:12 +00:00
|
|
|
),
|
2021-02-16 15:17:54 +00:00
|
|
|
grpc.KeepaliveEnforcementPolicy(keepalive.EnforcementPolicy{
|
|
|
|
MinTime: 15 * time.Second,
|
|
|
|
}),
|
2021-10-16 17:02:03 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// We don't need to pass tls.Config to the server since it's multiplexed
|
|
|
|
// behind the RPC listener, which already has TLS configured.
|
|
|
|
srv := grpc.NewServer(opts...)
|
2020-07-22 23:57:29 +00:00
|
|
|
|
2023-04-04 16:30:06 +00:00
|
|
|
return &Handler{srv: srv, listener: NewListener(addr)}
|
2020-07-22 23:57:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Handler implements a handler for the rpc server listener, and the
|
|
|
|
// agent.Component interface for managing the lifecycle of the grpc.Server.
|
|
|
|
type Handler struct {
|
|
|
|
srv *grpc.Server
|
2023-04-04 16:30:06 +00:00
|
|
|
listener *Listener
|
2020-07-22 23:57:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Handle the connection by sending it to a channel for the grpc.Server to receive.
|
|
|
|
func (h *Handler) Handle(conn net.Conn) {
|
2020-08-28 23:23:40 +00:00
|
|
|
h.listener.conns <- conn
|
2020-07-22 23:57:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (h *Handler) Run() error {
|
|
|
|
return h.srv.Serve(h.listener)
|
|
|
|
}
|
|
|
|
|
2024-01-12 16:54:07 +00:00
|
|
|
// Implements the grpc.ServiceRegistrar interface to allow registering services
|
|
|
|
// with the Handler.
|
|
|
|
func (h *Handler) RegisterService(svc *grpc.ServiceDesc, impl any) {
|
|
|
|
h.srv.RegisterService(svc, impl)
|
|
|
|
}
|
|
|
|
|
2020-07-22 23:57:29 +00:00
|
|
|
func (h *Handler) Shutdown() error {
|
|
|
|
h.srv.Stop()
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// NoOpHandler implements the same methods as Handler, but performs no handling.
|
|
|
|
// It may be used in place of Handler to disable the grpc server.
|
|
|
|
type NoOpHandler struct {
|
|
|
|
Logger Logger
|
|
|
|
}
|
|
|
|
|
|
|
|
type Logger interface {
|
|
|
|
Error(string, ...interface{})
|
2023-01-04 16:07:02 +00:00
|
|
|
Warn(string, ...interface{})
|
2020-07-22 23:57:29 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (h NoOpHandler) Handle(conn net.Conn) {
|
|
|
|
h.Logger.Error("gRPC conn opened but gRPC RPC is disabled, closing",
|
|
|
|
"conn", logConn(conn))
|
|
|
|
_ = conn.Close()
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h NoOpHandler) Run() error {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (h NoOpHandler) Shutdown() error {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// logConn is a local copy of github.com/hashicorp/memberlist.LogConn, to avoid
|
|
|
|
// a large dependency for a minor formatting function.
|
|
|
|
// logConn is used to keep log formatting consistent.
|
|
|
|
func logConn(conn net.Conn) string {
|
|
|
|
if conn == nil {
|
|
|
|
return "from=<unknown address>"
|
|
|
|
}
|
|
|
|
addr := conn.RemoteAddr()
|
|
|
|
if addr == nil {
|
|
|
|
return "from=<unknown address>"
|
|
|
|
}
|
|
|
|
|
|
|
|
return fmt.Sprintf("from=%s", addr.String())
|
|
|
|
}
|