From b9e525d6899989086424b2b6aae0b31266909199 Mon Sep 17 00:00:00 2001 From: Dan Upton Date: Wed, 13 Jul 2022 16:33:48 +0100 Subject: [PATCH] grpc: rename public/private directories to external/internal (#13721) Previously, public referred to gRPC services that are both exposed on the dedicated gRPC port and have their definitions in the proto-public directory (so were considered usable by 3rd parties). Whereas private referred to services on the multiplexed server port that are only usable by agents and other servers. Now, we're splitting these definitions, such that external/internal refers to the port and public/private refers to whether they can be used by 3rd parties. This is necessary because the peering replication API needs to be exposed on the dedicated port, but is not (yet) suitable for use by 3rd parties. --- agent/agent.go | 20 ++--- agent/consul/client_test.go | 4 +- agent/consul/grpc_integration_test.go | 8 +- agent/consul/leader_peering.go | 2 +- agent/consul/peering_backend.go | 2 +- agent/consul/rpc_test.go | 2 +- agent/consul/server.go | 65 +++++++------- agent/consul/server_test.go | 11 +-- agent/consul/subscribe_backend.go | 2 +- agent/consul/subscribe_backend_test.go | 4 +- .../{grpc/public => grpc-external}/forward.go | 2 +- .../{grpc/public => grpc-external}/server.go | 6 +- .../services/acl/login.go | 4 +- .../services/acl/login_test.go | 2 +- .../services/acl/logout.go | 4 +- .../services/acl/logout_test.go | 2 +- .../services/acl/mock_Login.go | 0 .../services/acl/mock_TokenWriter.go | 0 .../services/acl/mock_Validator.go | 0 .../services/acl/server.go | 0 .../services/acl/server_test.go | 0 .../services/connectca/mock_ACLResolver.go | 0 .../services/connectca/mock_CAManager.go | 0 .../services/connectca/server.go | 0 .../services/connectca/server_test.go | 2 +- .../services/connectca/sign.go | 8 +- .../services/connectca/sign_test.go | 2 +- .../services/connectca/watch_roots.go | 6 +- .../services/connectca/watch_roots_test.go | 12 +-- .../get_envoy_boostrap_params_test.go | 12 +-- .../dataplane/get_envoy_bootstrap_params.go | 6 +- .../dataplane/get_supported_features.go | 6 +- .../dataplane/get_supported_features_test.go | 10 +-- .../services/dataplane/mock_ACLResolver.go | 0 .../services/dataplane/server.go | 0 .../services/dataplane/server_test.go | 2 +- .../services/peerstream/health_snapshot.go | 0 .../peerstream/health_snapshot_test.go | 0 .../services/peerstream/mock_ACLResolver.go | 0 .../services/peerstream/replication.go | 0 .../services/peerstream/server.go | 0 .../services/peerstream/stream_resources.go | 4 +- .../services/peerstream/stream_test.go | 0 .../services/peerstream/stream_tracker.go | 0 .../peerstream/stream_tracker_test.go | 0 .../peerstream/subscription_blocking.go | 0 .../peerstream/subscription_manager.go | 0 .../peerstream/subscription_manager_test.go | 0 .../services/peerstream/subscription_state.go | 0 .../peerstream/subscription_state_test.go | 0 .../services/peerstream/subscription_view.go | 0 .../peerstream/subscription_view_test.go | 0 .../services/peerstream/testing.go | 0 .../serverdiscovery/mock_ACLResolver.go | 0 .../services/serverdiscovery/server.go | 0 .../services/serverdiscovery/server_test.go | 2 +- .../services/serverdiscovery/watch_servers.go | 17 ++-- .../serverdiscovery/watch_servers_test.go | 10 +-- .../public => grpc-external}/testutils/acl.go | 0 .../public => grpc-external}/testutils/fsm.go | 0 .../testutils/server.go | 0 agent/{grpc/public => grpc-external}/token.go | 2 +- agent/{grpc/public => grpc-external}/utils.go | 2 +- .../{grpc/private => grpc-internal}/client.go | 2 +- .../private => grpc-internal}/client_test.go | 24 +++--- .../private => grpc-internal}/handler.go | 4 +- .../private => grpc-internal}/handler_test.go | 8 +- .../internal/testservice/simple.pb.binary.go | 2 +- .../internal/testservice/simple.pb.go | 4 +- .../internal/testservice/simple.proto | 2 +- .../resolver/registry.go | 0 .../resolver/resolver.go | 0 .../private => grpc-internal}/server_test.go | 4 +- .../services/subscribe/logger.go | 0 .../services/subscribe/subscribe.go | 0 .../services/subscribe/subscribe_test.go | 2 +- .../{grpc/private => grpc-internal}/stats.go | 2 +- .../private => grpc-internal}/stats_test.go | 7 +- .../recovery.go | 0 agent/metadata/server.go | 86 +++++++++---------- agent/metadata/server_test.go | 28 +++--- agent/pool/pool.go | 2 +- agent/rpc/peering/service.go | 2 +- agent/rpc/peering/service_test.go | 12 +-- agent/setup.go | 4 +- agent/submatview/store_integration_test.go | 2 +- agent/xds/delta.go | 4 +- agent/xds/server.go | 4 +- docs/rpc/README.md | 61 ++++++++----- docs/rpc/streaming/README.md | 2 +- .../main.go | 2 +- 91 files changed, 269 insertions(+), 244 deletions(-) rename agent/{grpc/public => grpc-external}/forward.go (93%) rename agent/{grpc/public => grpc-external}/server.go (86%) rename agent/{grpc/public => grpc-external}/services/acl/login.go (95%) rename agent/{grpc/public => grpc-external}/services/acl/login_test.go (99%) rename agent/{grpc/public => grpc-external}/services/acl/logout.go (93%) rename agent/{grpc/public => grpc-external}/services/acl/logout_test.go (99%) rename agent/{grpc/public => grpc-external}/services/acl/mock_Login.go (100%) rename agent/{grpc/public => grpc-external}/services/acl/mock_TokenWriter.go (100%) rename agent/{grpc/public => grpc-external}/services/acl/mock_Validator.go (100%) rename agent/{grpc/public => grpc-external}/services/acl/server.go (100%) rename agent/{grpc/public => grpc-external}/services/acl/server_test.go (100%) rename agent/{grpc/public => grpc-external}/services/connectca/mock_ACLResolver.go (100%) rename agent/{grpc/public => grpc-external}/services/connectca/mock_CAManager.go (100%) rename agent/{grpc/public => grpc-external}/services/connectca/server.go (100%) rename agent/{grpc/public => grpc-external}/services/connectca/server_test.go (95%) rename agent/{grpc/public => grpc-external}/services/connectca/sign.go (93%) rename agent/{grpc/public => grpc-external}/services/connectca/sign_test.go (99%) rename agent/{grpc/public => grpc-external}/services/connectca/watch_roots.go (96%) rename agent/{grpc/public => grpc-external}/services/connectca/watch_roots_test.go (95%) rename agent/{grpc/public => grpc-external}/services/dataplane/get_envoy_boostrap_params_test.go (95%) rename agent/{grpc/public => grpc-external}/services/dataplane/get_envoy_bootstrap_params.go (94%) rename agent/{grpc/public => grpc-external}/services/dataplane/get_supported_features.go (92%) rename agent/{grpc/public => grpc-external}/services/dataplane/get_supported_features_test.go (89%) rename agent/{grpc/public => grpc-external}/services/dataplane/mock_ACLResolver.go (100%) rename agent/{grpc/public => grpc-external}/services/dataplane/server.go (100%) rename agent/{grpc/public => grpc-external}/services/dataplane/server_test.go (89%) rename agent/{grpc/public => grpc-external}/services/peerstream/health_snapshot.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/health_snapshot_test.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/mock_ACLResolver.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/replication.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/server.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/stream_resources.go (99%) rename agent/{grpc/public => grpc-external}/services/peerstream/stream_test.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/stream_tracker.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/stream_tracker_test.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/subscription_blocking.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/subscription_manager.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/subscription_manager_test.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/subscription_state.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/subscription_state_test.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/subscription_view.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/subscription_view_test.go (100%) rename agent/{grpc/public => grpc-external}/services/peerstream/testing.go (100%) rename agent/{grpc/public => grpc-external}/services/serverdiscovery/mock_ACLResolver.go (100%) rename agent/{grpc/public => grpc-external}/services/serverdiscovery/server.go (100%) rename agent/{grpc/public => grpc-external}/services/serverdiscovery/server_test.go (97%) rename agent/{grpc/public => grpc-external}/services/serverdiscovery/watch_servers.go (95%) rename agent/{grpc/public => grpc-external}/services/serverdiscovery/watch_servers_test.go (96%) rename agent/{grpc/public => grpc-external}/testutils/acl.go (100%) rename agent/{grpc/public => grpc-external}/testutils/fsm.go (100%) rename agent/{grpc/public => grpc-external}/testutils/server.go (100%) rename agent/{grpc/public => grpc-external}/token.go (97%) rename agent/{grpc/public => grpc-external}/utils.go (94%) rename agent/{grpc/private => grpc-internal}/client.go (99%) rename agent/{grpc/private => grpc-internal}/client_test.go (94%) rename agent/{grpc/private => grpc-internal}/handler.go (97%) rename agent/{grpc/private => grpc-internal}/handler_test.go (89%) rename agent/{grpc/private => grpc-internal}/internal/testservice/simple.pb.binary.go (91%) rename agent/{grpc/private => grpc-internal}/internal/testservice/simple.pb.go (98%) rename agent/{grpc/private => grpc-internal}/internal/testservice/simple.proto (76%) rename agent/{grpc/private => grpc-internal}/resolver/registry.go (100%) rename agent/{grpc/private => grpc-internal}/resolver/resolver.go (100%) rename agent/{grpc/private => grpc-internal}/server_test.go (98%) rename agent/{grpc/private => grpc-internal}/services/subscribe/logger.go (100%) rename agent/{grpc/private => grpc-internal}/services/subscribe/subscribe.go (100%) rename agent/{grpc/private => grpc-internal}/services/subscribe/subscribe_test.go (99%) rename agent/{grpc/private => grpc-internal}/stats.go (99%) rename agent/{grpc/private => grpc-internal}/stats_test.go (97%) rename agent/{grpc/middleware => grpc-middleware}/recovery.go (100%) rename tools/{private-grpc-proxy => internal-grpc-proxy}/main.go (95%) diff --git a/agent/agent.go b/agent/agent.go index 3265656888..3c0609a98a 100644 --- a/agent/agent.go +++ b/agent/agent.go @@ -38,7 +38,7 @@ import ( "github.com/hashicorp/consul/agent/config" "github.com/hashicorp/consul/agent/consul" "github.com/hashicorp/consul/agent/dns" - publicgrpc "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" "github.com/hashicorp/consul/agent/local" "github.com/hashicorp/consul/agent/proxycfg" proxycfgglue "github.com/hashicorp/consul/agent/proxycfg-glue" @@ -213,9 +213,9 @@ type Agent struct { // depending on the configuration delegate delegate - // publicGRPCServer is the gRPC server exposed on the dedicated gRPC port (as + // externalGRPCServer is the gRPC server exposed on the dedicated gRPC port (as // opposed to the multiplexed "server" port). - publicGRPCServer *grpc.Server + externalGRPCServer *grpc.Server // state stores a local representation of the node, // services and checks. Used for anti-entropy. @@ -539,7 +539,7 @@ func (a *Agent) Start(ctx context.Context) error { // This needs to happen after the initial auto-config is loaded, because TLS // can only be configured on the gRPC server at the point of creation. - a.buildPublicGRPCServer() + a.buildExternalGRPCServer() if err := a.startLicenseManager(ctx); err != nil { return err @@ -578,7 +578,7 @@ func (a *Agent) Start(ctx context.Context) error { // Setup either the client or the server. if c.ServerMode { - server, err := consul.NewServer(consulCfg, a.baseDeps.Deps, a.publicGRPCServer) + server, err := consul.NewServer(consulCfg, a.baseDeps.Deps, a.externalGRPCServer) if err != nil { return fmt.Errorf("Failed to start Consul server: %v", err) } @@ -760,13 +760,13 @@ func (a *Agent) Failed() <-chan struct{} { return a.apiServers.failed } -func (a *Agent) buildPublicGRPCServer() { +func (a *Agent) buildExternalGRPCServer() { // TLS is only enabled on the gRPC server if there's an HTTPS port configured. var tls *tlsutil.Configurator if a.config.HTTPSPort > 0 { tls = a.tlsConfigurator } - a.publicGRPCServer = publicgrpc.NewServer(a.logger.Named("grpc.public"), tls) + a.externalGRPCServer = external.NewServer(a.logger.Named("grpc.external"), tls) } func (a *Agent) listenAndServeGRPC() error { @@ -803,7 +803,7 @@ func (a *Agent) listenAndServeGRPC() error { }, a, ) - a.xdsServer.Register(a.publicGRPCServer) + a.xdsServer.Register(a.externalGRPCServer) ln, err := a.startListeners(a.config.GRPCAddrs) if err != nil { @@ -816,7 +816,7 @@ func (a *Agent) listenAndServeGRPC() error { "address", innerL.Addr().String(), "network", innerL.Addr().Network(), ) - err := a.publicGRPCServer.Serve(innerL) + err := a.externalGRPCServer.Serve(innerL) if err != nil { a.logger.Error("gRPC server failed", "error", err) } @@ -1494,7 +1494,7 @@ func (a *Agent) ShutdownAgent() error { } // Stop gRPC - a.publicGRPCServer.Stop() + a.externalGRPCServer.Stop() // Stop the proxy config manager if a.proxyConfig != nil { diff --git a/agent/consul/client_test.go b/agent/consul/client_test.go index e4dd39fb78..84135ee184 100644 --- a/agent/consul/client_test.go +++ b/agent/consul/client_test.go @@ -18,8 +18,8 @@ import ( msgpackrpc "github.com/hashicorp/consul-net-rpc/net-rpc-msgpackrpc" "github.com/hashicorp/consul/agent/consul/stream" - grpc "github.com/hashicorp/consul/agent/grpc/private" - "github.com/hashicorp/consul/agent/grpc/private/resolver" + grpc "github.com/hashicorp/consul/agent/grpc-internal" + "github.com/hashicorp/consul/agent/grpc-internal/resolver" "github.com/hashicorp/consul/agent/pool" "github.com/hashicorp/consul/agent/router" "github.com/hashicorp/consul/agent/rpc/middleware" diff --git a/agent/consul/grpc_integration_test.go b/agent/consul/grpc_integration_test.go index a963832851..c94156f96d 100644 --- a/agent/consul/grpc_integration_test.go +++ b/agent/consul/grpc_integration_test.go @@ -9,7 +9,7 @@ import ( "github.com/hashicorp/consul/agent/connect" "github.com/hashicorp/consul/agent/consul/authmethod/testauth" - "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" "github.com/hashicorp/consul/agent/structs" tokenStore "github.com/hashicorp/consul/agent/token" "github.com/hashicorp/consul/proto-public/pbacl" @@ -26,7 +26,7 @@ func TestGRPCIntegration_ConnectCA_Sign(t *testing.T) { // correctly wiring everything up in the server by: // // * Starting a cluster with multiple servers. - // * Making a request to a follower's public gRPC port. + // * Making a request to a follower's external gRPC port. // * Ensuring that the request is correctly forwarded to the leader. // * Ensuring we get a valid certificate back (so it went through the CAManager). server1, conn1, _ := testGRPCIntegrationServer(t, func(c *Config) { @@ -59,7 +59,7 @@ func TestGRPCIntegration_ConnectCA_Sign(t *testing.T) { ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) t.Cleanup(cancel) - ctx = public.ContextWithToken(ctx, TestDefaultInitialManagementToken) + ctx = external.ContextWithToken(ctx, TestDefaultInitialManagementToken) // This would fail if it wasn't forwarded to the leader. rsp, err := client.Sign(ctx, &pbconnectca.SignRequest{ @@ -96,7 +96,7 @@ func TestGRPCIntegration_ServerDiscovery_WatchServers(t *testing.T) { ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second) t.Cleanup(cancel) - ctx = public.ContextWithToken(ctx, TestDefaultInitialManagementToken) + ctx = external.ContextWithToken(ctx, TestDefaultInitialManagementToken) serverStream, err := client.WatchServers(ctx, &pbserverdiscovery.WatchServersRequest{Wan: false}) require.NoError(t, err) diff --git a/agent/consul/leader_peering.go b/agent/consul/leader_peering.go index a289412ea6..49369bbf74 100644 --- a/agent/consul/leader_peering.go +++ b/agent/consul/leader_peering.go @@ -17,7 +17,7 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/consul/state" - "github.com/hashicorp/consul/agent/grpc/public/services/peerstream" + "github.com/hashicorp/consul/agent/grpc-external/services/peerstream" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/api" "github.com/hashicorp/consul/logging" diff --git a/agent/consul/peering_backend.go b/agent/consul/peering_backend.go index 4447d962a5..4014bbdd28 100644 --- a/agent/consul/peering_backend.go +++ b/agent/consul/peering_backend.go @@ -8,7 +8,7 @@ import ( "sync" "github.com/hashicorp/consul/agent/consul/stream" - "github.com/hashicorp/consul/agent/grpc/public/services/peerstream" + "github.com/hashicorp/consul/agent/grpc-external/services/peerstream" "github.com/hashicorp/consul/agent/rpc/peering" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto/pbpeering" diff --git a/agent/consul/rpc_test.go b/agent/consul/rpc_test.go index 64da9a389e..1e9239d92b 100644 --- a/agent/consul/rpc_test.go +++ b/agent/consul/rpc_test.go @@ -32,7 +32,7 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/connect" "github.com/hashicorp/consul/agent/consul/state" - agent_grpc "github.com/hashicorp/consul/agent/grpc/private" + agent_grpc "github.com/hashicorp/consul/agent/grpc-internal" "github.com/hashicorp/consul/agent/pool" "github.com/hashicorp/consul/agent/structs" tokenStore "github.com/hashicorp/consul/agent/token" diff --git a/agent/consul/server.go b/agent/consul/server.go index 5a9b20b8a9..a5708e030f 100644 --- a/agent/consul/server.go +++ b/agent/consul/server.go @@ -17,7 +17,6 @@ import ( "time" "github.com/armon/go-metrics" - "github.com/hashicorp/consul-net-rpc/net/rpc" connlimit "github.com/hashicorp/go-connlimit" "github.com/hashicorp/go-hclog" "github.com/hashicorp/go-memdb" @@ -30,6 +29,8 @@ import ( "golang.org/x/time/rate" "google.golang.org/grpc" + "github.com/hashicorp/consul-net-rpc/net/rpc" + "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/consul/authmethod" "github.com/hashicorp/consul/agent/consul/authmethod/ssoauth" @@ -38,13 +39,13 @@ import ( "github.com/hashicorp/consul/agent/consul/stream" "github.com/hashicorp/consul/agent/consul/usagemetrics" "github.com/hashicorp/consul/agent/consul/wanfed" - agentgrpc "github.com/hashicorp/consul/agent/grpc/private" - "github.com/hashicorp/consul/agent/grpc/private/services/subscribe" - aclgrpc "github.com/hashicorp/consul/agent/grpc/public/services/acl" - "github.com/hashicorp/consul/agent/grpc/public/services/connectca" - "github.com/hashicorp/consul/agent/grpc/public/services/dataplane" - "github.com/hashicorp/consul/agent/grpc/public/services/peerstream" - "github.com/hashicorp/consul/agent/grpc/public/services/serverdiscovery" + aclgrpc "github.com/hashicorp/consul/agent/grpc-external/services/acl" + "github.com/hashicorp/consul/agent/grpc-external/services/connectca" + "github.com/hashicorp/consul/agent/grpc-external/services/dataplane" + "github.com/hashicorp/consul/agent/grpc-external/services/peerstream" + "github.com/hashicorp/consul/agent/grpc-external/services/serverdiscovery" + agentgrpc "github.com/hashicorp/consul/agent/grpc-internal" + "github.com/hashicorp/consul/agent/grpc-internal/services/subscribe" "github.com/hashicorp/consul/agent/metadata" "github.com/hashicorp/consul/agent/pool" "github.com/hashicorp/consul/agent/router" @@ -241,19 +242,19 @@ type Server struct { // is only ever closed. leaveCh chan struct{} - // publicACLServer serves the ACL service exposed on the public gRPC port. - // It is also exposed on the private multiplexed "server" port to enable + // externalACLServer serves the ACL service exposed on the external gRPC port. + // It is also exposed on the internal multiplexed "server" port to enable // RPC forwarding. - publicACLServer *aclgrpc.Server + externalACLServer *aclgrpc.Server - // publicConnectCAServer serves the Connect CA service exposed on the public - // gRPC port. It is also exposed on the private multiplexed "server" port to + // externalConnectCAServer serves the Connect CA service exposed on the external + // gRPC port. It is also exposed on the internal multiplexed "server" port to // enable RPC forwarding. - publicConnectCAServer *connectca.Server + externalConnectCAServer *connectca.Server - // publicGRPCServer is the gRPC server exposed on the dedicated gRPC port, as + // externalGRPCServer is the gRPC server exposed on the dedicated gRPC port, as // opposed to the multiplexed "server" port which is served by grpcHandler. - publicGRPCServer *grpc.Server + externalGRPCServer *grpc.Server // router is used to map out Consul servers in the WAN and in Consul // Enterprise user-defined areas. @@ -363,7 +364,7 @@ type Server struct { // this into the Deps struct and created it much earlier on. publisher *stream.EventPublisher - // peeringBackend is shared between the public and private gRPC services for peering + // peeringBackend is shared between the external and internal gRPC services for peering peeringBackend *PeeringBackend // peerStreamServer is a server used to handle peering streams @@ -383,7 +384,7 @@ type connHandler interface { // NewServer is used to construct a new Consul server from the configuration // and extra options, potentially returning an error. -func NewServer(config *Config, flat Deps, publicGRPCServer *grpc.Server) (*Server, error) { +func NewServer(config *Config, flat Deps, externalGRPCServer *grpc.Server) (*Server, error) { logger := flat.Logger if err := config.CheckProtocolVersion(); err != nil { return nil, err @@ -429,7 +430,7 @@ func NewServer(config *Config, flat Deps, publicGRPCServer *grpc.Server) (*Serve reconcileCh: make(chan serf.Member, reconcileChSize), router: flat.Router, tlsConfigurator: flat.TLSConfigurator, - publicGRPCServer: publicGRPCServer, + externalGRPCServer: externalGRPCServer, reassertLeaderCh: make(chan chan error), sessionTimers: NewSessionTimers(), tombstoneGC: gc, @@ -676,8 +677,8 @@ func NewServer(config *Config, flat Deps, publicGRPCServer *grpc.Server) (*Serve s.overviewManager = NewOverviewManager(s.logger, s.fsm, s.config.MetricsReportingInterval) go s.overviewManager.Run(&lib.StopChannelContext{StopCh: s.shutdownCh}) - // Initialize public gRPC server - register services on public gRPC server. - s.publicACLServer = aclgrpc.NewServer(aclgrpc.Config{ + // Initialize external gRPC server - register services on external gRPC server. + s.externalACLServer = aclgrpc.NewServer(aclgrpc.Config{ ACLsEnabled: s.config.ACLsEnabled, ForwardRPC: func(info structs.RPCInfo, fn func(*grpc.ClientConn) error) (bool, error) { return s.ForwardGRPC(s.grpcConnPool, info, fn) @@ -693,9 +694,9 @@ func NewServer(config *Config, flat Deps, publicGRPCServer *grpc.Server) (*Serve PrimaryDatacenter: s.config.PrimaryDatacenter, ValidateEnterpriseRequest: s.validateEnterpriseRequest, }) - s.publicACLServer.Register(s.publicGRPCServer) + s.externalACLServer.Register(s.externalGRPCServer) - s.publicConnectCAServer = connectca.NewServer(connectca.Config{ + s.externalConnectCAServer = connectca.NewServer(connectca.Config{ Publisher: s.publisher, GetStore: func() connectca.StateStore { return s.FSM().State() }, Logger: logger.Named("grpc-api.connect-ca"), @@ -706,20 +707,20 @@ func NewServer(config *Config, flat Deps, publicGRPCServer *grpc.Server) (*Serve }, ConnectEnabled: s.config.ConnectEnabled, }) - s.publicConnectCAServer.Register(s.publicGRPCServer) + s.externalConnectCAServer.Register(s.externalGRPCServer) dataplane.NewServer(dataplane.Config{ GetStore: func() dataplane.StateStore { return s.FSM().State() }, Logger: logger.Named("grpc-api.dataplane"), ACLResolver: s.ACLResolver, Datacenter: s.config.Datacenter, - }).Register(s.publicGRPCServer) + }).Register(s.externalGRPCServer) serverdiscovery.NewServer(serverdiscovery.Config{ Publisher: s.publisher, ACLResolver: s.ACLResolver, Logger: logger.Named("grpc-api.server-discovery"), - }).Register(s.publicGRPCServer) + }).Register(s.externalGRPCServer) s.peerStreamTracker = peerstream.NewTracker() s.peeringBackend = NewPeeringBackend(s) @@ -732,11 +733,11 @@ func NewServer(config *Config, flat Deps, publicGRPCServer *grpc.Server) (*Serve Datacenter: s.config.Datacenter, ConnectEnabled: s.config.ConnectEnabled, }) - s.peerStreamServer.Register(s.publicGRPCServer) + s.peerStreamServer.Register(s.externalGRPCServer) - // Initialize private gRPC server. + // Initialize internal gRPC server. // - // Note: some "public" gRPC services are also exposed on the private gRPC server + // Note: some "external" gRPC services are also exposed on the internal gRPC server // to enable RPC forwarding. s.grpcHandler = newGRPCHandlerFromConfig(flat, config, s) s.grpcLeaderForwarder = flat.LeaderForwarder @@ -803,10 +804,10 @@ func newGRPCHandlerFromConfig(deps Deps, config *Config, s *Server) connHandler s.peeringServer.Register(srv) s.registerEnterpriseGRPCServices(deps, srv) - // Note: these public gRPC services are also exposed on the private server to + // Note: these external gRPC services are also exposed on the internal server to // enable RPC forwarding. - s.publicACLServer.Register(srv) - s.publicConnectCAServer.Register(srv) + s.externalACLServer.Register(srv) + s.externalConnectCAServer.Register(srv) } return agentgrpc.NewHandler(deps.Logger, config.RPCAddr, register) diff --git a/agent/consul/server_test.go b/agent/consul/server_test.go index e165e979d2..77f761f683 100644 --- a/agent/consul/server_test.go +++ b/agent/consul/server_test.go @@ -14,7 +14,6 @@ import ( "github.com/armon/go-metrics" "github.com/google/tcpproxy" - "github.com/hashicorp/consul-net-rpc/net/rpc" "github.com/hashicorp/go-hclog" "github.com/hashicorp/go-uuid" "github.com/hashicorp/memberlist" @@ -23,6 +22,8 @@ import ( "golang.org/x/time/rate" "google.golang.org/grpc" + "github.com/hashicorp/consul-net-rpc/net/rpc" + "github.com/hashicorp/consul/agent/connect" "github.com/hashicorp/consul/agent/metadata" "github.com/hashicorp/consul/agent/rpc/middleware" @@ -241,14 +242,14 @@ func testServerWithConfig(t *testing.T, configOpts ...func(*Config)) (string, *S if srv.config.GRPCPort > 0 { // Normally the gRPC server listener is created at the agent level and // passed down into the Server creation. - publicGRPCAddr := fmt.Sprintf("127.0.0.1:%d", srv.config.GRPCPort) + externalGRPCAddr := fmt.Sprintf("127.0.0.1:%d", srv.config.GRPCPort) - ln, err := net.Listen("tcp", publicGRPCAddr) + ln, err := net.Listen("tcp", externalGRPCAddr) require.NoError(t, err) go func() { - _ = srv.publicGRPCServer.Serve(ln) + _ = srv.externalGRPCServer.Serve(ln) }() - t.Cleanup(srv.publicGRPCServer.Stop) + t.Cleanup(srv.externalGRPCServer.Stop) } return dir, srv diff --git a/agent/consul/subscribe_backend.go b/agent/consul/subscribe_backend.go index bddbb2e5fa..a82bb98c0b 100644 --- a/agent/consul/subscribe_backend.go +++ b/agent/consul/subscribe_backend.go @@ -5,7 +5,7 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/consul/stream" - "github.com/hashicorp/consul/agent/grpc/private/services/subscribe" + "github.com/hashicorp/consul/agent/grpc-internal/services/subscribe" "github.com/hashicorp/consul/agent/structs" ) diff --git a/agent/consul/subscribe_backend_test.go b/agent/consul/subscribe_backend_test.go index a6ac36ca23..b7ea7e2d3b 100644 --- a/agent/consul/subscribe_backend_test.go +++ b/agent/consul/subscribe_backend_test.go @@ -14,8 +14,8 @@ import ( "golang.org/x/sync/errgroup" gogrpc "google.golang.org/grpc" - grpc "github.com/hashicorp/consul/agent/grpc/private" - "github.com/hashicorp/consul/agent/grpc/private/resolver" + grpc "github.com/hashicorp/consul/agent/grpc-internal" + "github.com/hashicorp/consul/agent/grpc-internal/resolver" "github.com/hashicorp/consul/agent/router" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto/pbservice" diff --git a/agent/grpc/public/forward.go b/agent/grpc-external/forward.go similarity index 93% rename from agent/grpc/public/forward.go rename to agent/grpc-external/forward.go index 398d33d516..353490a593 100644 --- a/agent/grpc/public/forward.go +++ b/agent/grpc-external/forward.go @@ -1,4 +1,4 @@ -package public +package external import ( "context" diff --git a/agent/grpc/public/server.go b/agent/grpc-external/server.go similarity index 86% rename from agent/grpc/public/server.go rename to agent/grpc-external/server.go index c235fbd092..606dba642b 100644 --- a/agent/grpc/public/server.go +++ b/agent/grpc-external/server.go @@ -1,4 +1,4 @@ -package public +package external import ( middleware "github.com/grpc-ecosystem/go-grpc-middleware" @@ -6,11 +6,11 @@ import ( "google.golang.org/grpc" "google.golang.org/grpc/credentials" - agentmiddleware "github.com/hashicorp/consul/agent/grpc/middleware" + agentmiddleware "github.com/hashicorp/consul/agent/grpc-middleware" "github.com/hashicorp/consul/tlsutil" ) -// NewServer constructs a gRPC server for the public gRPC port, to which +// NewServer constructs a gRPC server for the external gRPC port, to which // handlers can be registered. func NewServer(logger agentmiddleware.Logger, tls *tlsutil.Configurator) *grpc.Server { recoveryOpts := agentmiddleware.PanicHandlerMiddlewareOpts(logger) diff --git a/agent/grpc/public/services/acl/login.go b/agent/grpc-external/services/acl/login.go similarity index 95% rename from agent/grpc/public/services/acl/login.go rename to agent/grpc-external/services/acl/login.go index 1a68b1eb2f..629ea093ec 100644 --- a/agent/grpc/public/services/acl/login.go +++ b/agent/grpc-external/services/acl/login.go @@ -10,14 +10,14 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/consul/auth" - "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" "github.com/hashicorp/consul/proto-public/pbacl" ) // Login exchanges the presented bearer token for a Consul ACL token using a // configured auth method. func (s *Server) Login(ctx context.Context, req *pbacl.LoginRequest) (*pbacl.LoginResponse, error) { - logger := s.Logger.Named("login").With("request_id", public.TraceID()) + logger := s.Logger.Named("login").With("request_id", external.TraceID()) logger.Trace("request received") if err := s.requireACLsEnabled(logger); err != nil { diff --git a/agent/grpc/public/services/acl/login_test.go b/agent/grpc-external/services/acl/login_test.go similarity index 99% rename from agent/grpc/public/services/acl/login_test.go rename to agent/grpc-external/services/acl/login_test.go index 84b2693f43..3c681945f6 100644 --- a/agent/grpc/public/services/acl/login_test.go +++ b/agent/grpc-external/services/acl/login_test.go @@ -16,7 +16,7 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/consul/authmethod" - "github.com/hashicorp/consul/agent/grpc/public/testutils" + "github.com/hashicorp/consul/agent/grpc-external/testutils" structs "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbacl" ) diff --git a/agent/grpc/public/services/acl/logout.go b/agent/grpc-external/services/acl/logout.go similarity index 93% rename from agent/grpc/public/services/acl/logout.go rename to agent/grpc-external/services/acl/logout.go index 4f7fc3767a..a9fa60673b 100644 --- a/agent/grpc/public/services/acl/logout.go +++ b/agent/grpc-external/services/acl/logout.go @@ -10,13 +10,13 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/consul/auth" - "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" "github.com/hashicorp/consul/proto-public/pbacl" ) // Logout destroys the given ACL token once the caller is done with it. func (s *Server) Logout(ctx context.Context, req *pbacl.LogoutRequest) (*pbacl.LogoutResponse, error) { - logger := s.Logger.Named("logout").With("request_id", public.TraceID()) + logger := s.Logger.Named("logout").With("request_id", external.TraceID()) logger.Trace("request received") if err := s.requireACLsEnabled(logger); err != nil { diff --git a/agent/grpc/public/services/acl/logout_test.go b/agent/grpc-external/services/acl/logout_test.go similarity index 99% rename from agent/grpc/public/services/acl/logout_test.go rename to agent/grpc-external/services/acl/logout_test.go index 461b6e249e..dfe998f319 100644 --- a/agent/grpc/public/services/acl/logout_test.go +++ b/agent/grpc-external/services/acl/logout_test.go @@ -15,7 +15,7 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/consul/auth" - "github.com/hashicorp/consul/agent/grpc/public/testutils" + "github.com/hashicorp/consul/agent/grpc-external/testutils" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbacl" ) diff --git a/agent/grpc/public/services/acl/mock_Login.go b/agent/grpc-external/services/acl/mock_Login.go similarity index 100% rename from agent/grpc/public/services/acl/mock_Login.go rename to agent/grpc-external/services/acl/mock_Login.go diff --git a/agent/grpc/public/services/acl/mock_TokenWriter.go b/agent/grpc-external/services/acl/mock_TokenWriter.go similarity index 100% rename from agent/grpc/public/services/acl/mock_TokenWriter.go rename to agent/grpc-external/services/acl/mock_TokenWriter.go diff --git a/agent/grpc/public/services/acl/mock_Validator.go b/agent/grpc-external/services/acl/mock_Validator.go similarity index 100% rename from agent/grpc/public/services/acl/mock_Validator.go rename to agent/grpc-external/services/acl/mock_Validator.go diff --git a/agent/grpc/public/services/acl/server.go b/agent/grpc-external/services/acl/server.go similarity index 100% rename from agent/grpc/public/services/acl/server.go rename to agent/grpc-external/services/acl/server.go diff --git a/agent/grpc/public/services/acl/server_test.go b/agent/grpc-external/services/acl/server_test.go similarity index 100% rename from agent/grpc/public/services/acl/server_test.go rename to agent/grpc-external/services/acl/server_test.go diff --git a/agent/grpc/public/services/connectca/mock_ACLResolver.go b/agent/grpc-external/services/connectca/mock_ACLResolver.go similarity index 100% rename from agent/grpc/public/services/connectca/mock_ACLResolver.go rename to agent/grpc-external/services/connectca/mock_ACLResolver.go diff --git a/agent/grpc/public/services/connectca/mock_CAManager.go b/agent/grpc-external/services/connectca/mock_CAManager.go similarity index 100% rename from agent/grpc/public/services/connectca/mock_CAManager.go rename to agent/grpc-external/services/connectca/mock_CAManager.go diff --git a/agent/grpc/public/services/connectca/server.go b/agent/grpc-external/services/connectca/server.go similarity index 100% rename from agent/grpc/public/services/connectca/server.go rename to agent/grpc-external/services/connectca/server.go diff --git a/agent/grpc/public/services/connectca/server_test.go b/agent/grpc-external/services/connectca/server_test.go similarity index 95% rename from agent/grpc/public/services/connectca/server_test.go rename to agent/grpc-external/services/connectca/server_test.go index 2d58bccb7a..824883fbd6 100644 --- a/agent/grpc/public/services/connectca/server_test.go +++ b/agent/grpc-external/services/connectca/server_test.go @@ -9,7 +9,7 @@ import ( "github.com/hashicorp/consul/agent/consul/state" "github.com/hashicorp/consul/agent/consul/stream" - "github.com/hashicorp/consul/agent/grpc/public/testutils" + "github.com/hashicorp/consul/agent/grpc-external/testutils" structs "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbconnectca" ) diff --git a/agent/grpc/public/services/connectca/sign.go b/agent/grpc-external/services/connectca/sign.go similarity index 93% rename from agent/grpc/public/services/connectca/sign.go rename to agent/grpc-external/services/connectca/sign.go index b3ace6d3d0..edd48fe58e 100644 --- a/agent/grpc/public/services/connectca/sign.go +++ b/agent/grpc-external/services/connectca/sign.go @@ -10,7 +10,7 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/connect" - "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbconnectca" ) @@ -22,10 +22,10 @@ func (s *Server) Sign(ctx context.Context, req *pbconnectca.SignRequest) (*pbcon return nil, err } - logger := s.Logger.Named("sign").With("request_id", public.TraceID()) + logger := s.Logger.Named("sign").With("request_id", external.TraceID()) logger.Trace("request received") - token := public.TokenFromContext(ctx) + token := external.TokenFromContext(ctx) if req.Csr == "" { return nil, status.Error(codes.InvalidArgument, "CSR is required") @@ -48,7 +48,7 @@ func (s *Server) Sign(ctx context.Context, req *pbconnectca.SignRequest) (*pbcon var rsp *pbconnectca.SignResponse handled, err := s.ForwardRPC(&rpcInfo, func(conn *grpc.ClientConn) error { logger.Trace("forwarding RPC") - ctx := public.ForwardMetadataContext(ctx) + ctx := external.ForwardMetadataContext(ctx) var err error rsp, err = pbconnectca.NewConnectCAServiceClient(conn).Sign(ctx, req) return err diff --git a/agent/grpc/public/services/connectca/sign_test.go b/agent/grpc-external/services/connectca/sign_test.go similarity index 99% rename from agent/grpc/public/services/connectca/sign_test.go rename to agent/grpc-external/services/connectca/sign_test.go index aa20458f89..6bba0c197e 100644 --- a/agent/grpc/public/services/connectca/sign_test.go +++ b/agent/grpc-external/services/connectca/sign_test.go @@ -16,7 +16,7 @@ import ( acl "github.com/hashicorp/consul/acl" resolver "github.com/hashicorp/consul/acl/resolver" "github.com/hashicorp/consul/agent/connect" - "github.com/hashicorp/consul/agent/grpc/public/testutils" + "github.com/hashicorp/consul/agent/grpc-external/testutils" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbconnectca" ) diff --git a/agent/grpc/public/services/connectca/watch_roots.go b/agent/grpc-external/services/connectca/watch_roots.go similarity index 96% rename from agent/grpc/public/services/connectca/watch_roots.go rename to agent/grpc-external/services/connectca/watch_roots.go index bf455ce278..9c61f8bdd3 100644 --- a/agent/grpc/public/services/connectca/watch_roots.go +++ b/agent/grpc-external/services/connectca/watch_roots.go @@ -15,7 +15,7 @@ import ( "github.com/hashicorp/consul/agent/connect" "github.com/hashicorp/consul/agent/consul/state" "github.com/hashicorp/consul/agent/consul/stream" - "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbconnectca" ) @@ -28,11 +28,11 @@ func (s *Server) WatchRoots(_ *pbconnectca.WatchRootsRequest, serverStream pbcon return err } - logger := s.Logger.Named("watch-roots").With("request_id", public.TraceID()) + logger := s.Logger.Named("watch-roots").With("request_id", external.TraceID()) logger.Trace("starting stream") defer logger.Trace("stream closed") - token := public.TokenFromContext(serverStream.Context()) + token := external.TokenFromContext(serverStream.Context()) // Serve the roots from an EventPublisher subscription. If the subscription is // closed due to an ACL change, we'll attempt to re-authorize and resume it to diff --git a/agent/grpc/public/services/connectca/watch_roots_test.go b/agent/grpc-external/services/connectca/watch_roots_test.go similarity index 95% rename from agent/grpc/public/services/connectca/watch_roots_test.go rename to agent/grpc-external/services/connectca/watch_roots_test.go index b65bc014bf..2491417bb9 100644 --- a/agent/grpc/public/services/connectca/watch_roots_test.go +++ b/agent/grpc-external/services/connectca/watch_roots_test.go @@ -17,8 +17,8 @@ import ( "github.com/hashicorp/consul/acl" resolver "github.com/hashicorp/consul/acl/resolver" "github.com/hashicorp/consul/agent/connect" - "github.com/hashicorp/consul/agent/grpc/public" - "github.com/hashicorp/consul/agent/grpc/public/testutils" + external "github.com/hashicorp/consul/agent/grpc-external" + "github.com/hashicorp/consul/agent/grpc-external/testutils" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbconnectca" "github.com/hashicorp/consul/sdk/testutil" @@ -56,7 +56,7 @@ func TestWatchRoots_Success(t *testing.T) { aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything). Return(testutils.TestAuthorizerServiceWriteAny(t), nil) - ctx := public.ContextWithToken(context.Background(), testACLToken) + ctx := external.ContextWithToken(context.Background(), testACLToken) server := NewServer(Config{ Publisher: publisher, @@ -104,7 +104,7 @@ func TestWatchRoots_InvalidACLToken(t *testing.T) { aclResolver.On("ResolveTokenAndDefaultMeta", mock.Anything, mock.Anything, mock.Anything). Return(resolver.Result{}, acl.ErrNotFound) - ctx := public.ContextWithToken(context.Background(), testACLToken) + ctx := external.ContextWithToken(context.Background(), testACLToken) server := NewServer(Config{ Publisher: publisher, @@ -142,7 +142,7 @@ func TestWatchRoots_ACLTokenInvalidated(t *testing.T) { aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything). Return(testutils.TestAuthorizerServiceWriteAny(t), nil).Twice() - ctx := public.ContextWithToken(context.Background(), testACLToken) + ctx := external.ContextWithToken(context.Background(), testACLToken) server := NewServer(Config{ Publisher: publisher, @@ -210,7 +210,7 @@ func TestWatchRoots_StateStoreAbandoned(t *testing.T) { aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything). Return(testutils.TestAuthorizerServiceWriteAny(t), nil) - ctx := public.ContextWithToken(context.Background(), testACLToken) + ctx := external.ContextWithToken(context.Background(), testACLToken) server := NewServer(Config{ Publisher: publisher, diff --git a/agent/grpc/public/services/dataplane/get_envoy_boostrap_params_test.go b/agent/grpc-external/services/dataplane/get_envoy_boostrap_params_test.go similarity index 95% rename from agent/grpc/public/services/dataplane/get_envoy_boostrap_params_test.go rename to agent/grpc-external/services/dataplane/get_envoy_boostrap_params_test.go index e3a9ce703c..c3b4fd1468 100644 --- a/agent/grpc/public/services/dataplane/get_envoy_boostrap_params_test.go +++ b/agent/grpc-external/services/dataplane/get_envoy_boostrap_params_test.go @@ -13,8 +13,8 @@ import ( acl "github.com/hashicorp/consul/acl" resolver "github.com/hashicorp/consul/acl/resolver" - "github.com/hashicorp/consul/agent/grpc/public" - "github.com/hashicorp/consul/agent/grpc/public/testutils" + external "github.com/hashicorp/consul/agent/grpc-external" + "github.com/hashicorp/consul/agent/grpc-external/testutils" structs "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbdataplane" "github.com/hashicorp/consul/types" @@ -78,7 +78,7 @@ func TestGetEnvoyBootstrapParams_Success(t *testing.T) { aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", testToken, mock.Anything, mock.Anything). Return(testutils.TestAuthorizerServiceRead(t, tc.registerReq.Service.ID), nil) - ctx := public.ContextWithToken(context.Background(), testToken) + ctx := external.ContextWithToken(context.Background(), testToken) server := NewServer(Config{ GetStore: func() StateStore { return store }, @@ -148,7 +148,7 @@ func TestGetEnvoyBootstrapParams_Error(t *testing.T) { aclResolver.On("ResolveTokenAndDefaultMeta", testToken, mock.Anything, mock.Anything). Return(testutils.TestAuthorizerServiceRead(t, proxyServiceID), nil) - ctx := public.ContextWithToken(context.Background(), testToken) + ctx := external.ContextWithToken(context.Background(), testToken) store := testutils.TestStateStore(t, nil) registerReq := testRegisterRequestProxy(t) @@ -218,7 +218,7 @@ func TestGetEnvoyBootstrapParams_Unauthenticated(t *testing.T) { aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", mock.Anything, mock.Anything, mock.Anything). Return(resolver.Result{}, acl.ErrNotFound) - ctx := public.ContextWithToken(context.Background(), testToken) + ctx := external.ContextWithToken(context.Background(), testToken) store := testutils.TestStateStore(t, nil) server := NewServer(Config{ GetStore: func() StateStore { return store }, @@ -237,7 +237,7 @@ func TestGetEnvoyBootstrapParams_PermissionDenied(t *testing.T) { aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", testToken, mock.Anything, mock.Anything). Return(testutils.TestAuthorizerDenyAll(t), nil) - ctx := public.ContextWithToken(context.Background(), testToken) + ctx := external.ContextWithToken(context.Background(), testToken) store := testutils.TestStateStore(t, nil) registerReq := structs.TestRegisterRequestProxy(t) proxyServiceID := "web-sidecar-proxy" diff --git a/agent/grpc/public/services/dataplane/get_envoy_bootstrap_params.go b/agent/grpc-external/services/dataplane/get_envoy_bootstrap_params.go similarity index 94% rename from agent/grpc/public/services/dataplane/get_envoy_bootstrap_params.go rename to agent/grpc-external/services/dataplane/get_envoy_bootstrap_params.go index 1b534672c5..bed302d12b 100644 --- a/agent/grpc/public/services/dataplane/get_envoy_bootstrap_params.go +++ b/agent/grpc-external/services/dataplane/get_envoy_bootstrap_params.go @@ -11,18 +11,18 @@ import ( acl "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/consul/state" - "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" structs "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbdataplane" ) func (s *Server) GetEnvoyBootstrapParams(ctx context.Context, req *pbdataplane.GetEnvoyBootstrapParamsRequest) (*pbdataplane.GetEnvoyBootstrapParamsResponse, error) { - logger := s.Logger.Named("get-envoy-bootstrap-params").With("service_id", req.GetServiceId(), "request_id", public.TraceID()) + logger := s.Logger.Named("get-envoy-bootstrap-params").With("service_id", req.GetServiceId(), "request_id", external.TraceID()) logger.Trace("Started processing request") defer logger.Trace("Finished processing request") - token := public.TokenFromContext(ctx) + token := external.TokenFromContext(ctx) var authzContext acl.AuthorizerContext entMeta := acl.NewEnterpriseMetaWithPartition(req.GetPartition(), req.GetNamespace()) authz, err := s.ACLResolver.ResolveTokenAndDefaultMeta(token, &entMeta, &authzContext) diff --git a/agent/grpc/public/services/dataplane/get_supported_features.go b/agent/grpc-external/services/dataplane/get_supported_features.go similarity index 92% rename from agent/grpc/public/services/dataplane/get_supported_features.go rename to agent/grpc-external/services/dataplane/get_supported_features.go index cb4eff1e77..79041aa04a 100644 --- a/agent/grpc/public/services/dataplane/get_supported_features.go +++ b/agent/grpc-external/services/dataplane/get_supported_features.go @@ -7,19 +7,19 @@ import ( "google.golang.org/grpc/status" acl "github.com/hashicorp/consul/acl" - "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" structs "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/proto-public/pbdataplane" ) func (s *Server) GetSupportedDataplaneFeatures(ctx context.Context, req *pbdataplane.GetSupportedDataplaneFeaturesRequest) (*pbdataplane.GetSupportedDataplaneFeaturesResponse, error) { - logger := s.Logger.Named("get-supported-dataplane-features").With("request_id", public.TraceID()) + logger := s.Logger.Named("get-supported-dataplane-features").With("request_id", external.TraceID()) logger.Trace("Started processing request") defer logger.Trace("Finished processing request") // Require the given ACL token to have `service:write` on any service - token := public.TokenFromContext(ctx) + token := external.TokenFromContext(ctx) var authzContext acl.AuthorizerContext entMeta := structs.WildcardEnterpriseMetaInPartition(structs.WildcardSpecifier) authz, err := s.ACLResolver.ResolveTokenAndDefaultMeta(token, entMeta, &authzContext) diff --git a/agent/grpc/public/services/dataplane/get_supported_features_test.go b/agent/grpc-external/services/dataplane/get_supported_features_test.go similarity index 89% rename from agent/grpc/public/services/dataplane/get_supported_features_test.go rename to agent/grpc-external/services/dataplane/get_supported_features_test.go index bdcd0d455d..822fd6b5b4 100644 --- a/agent/grpc/public/services/dataplane/get_supported_features_test.go +++ b/agent/grpc-external/services/dataplane/get_supported_features_test.go @@ -12,8 +12,8 @@ import ( "github.com/hashicorp/consul/acl" resolver "github.com/hashicorp/consul/acl/resolver" - "github.com/hashicorp/consul/agent/grpc/public" - "github.com/hashicorp/consul/agent/grpc/public/testutils" + external "github.com/hashicorp/consul/agent/grpc-external" + "github.com/hashicorp/consul/agent/grpc-external/testutils" "github.com/hashicorp/consul/proto-public/pbdataplane" ) @@ -24,7 +24,7 @@ func TestSupportedDataplaneFeatures_Success(t *testing.T) { aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything). Return(testutils.TestAuthorizerServiceWriteAny(t), nil) - ctx := public.ContextWithToken(context.Background(), testACLToken) + ctx := external.ContextWithToken(context.Background(), testACLToken) server := NewServer(Config{ Logger: hclog.NewNullLogger(), ACLResolver: aclResolver, @@ -53,7 +53,7 @@ func TestSupportedDataplaneFeatures_Unauthenticated(t *testing.T) { aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", mock.Anything, mock.Anything, mock.Anything). Return(resolver.Result{}, acl.ErrNotFound) - ctx := public.ContextWithToken(context.Background(), testACLToken) + ctx := external.ContextWithToken(context.Background(), testACLToken) server := NewServer(Config{ Logger: hclog.NewNullLogger(), ACLResolver: aclResolver, @@ -70,7 +70,7 @@ func TestSupportedDataplaneFeatures_PermissionDenied(t *testing.T) { aclResolver := &MockACLResolver{} aclResolver.On("ResolveTokenAndDefaultMeta", testACLToken, mock.Anything, mock.Anything). Return(testutils.TestAuthorizerDenyAll(t), nil) - ctx := public.ContextWithToken(context.Background(), testACLToken) + ctx := external.ContextWithToken(context.Background(), testACLToken) server := NewServer(Config{ Logger: hclog.NewNullLogger(), ACLResolver: aclResolver, diff --git a/agent/grpc/public/services/dataplane/mock_ACLResolver.go b/agent/grpc-external/services/dataplane/mock_ACLResolver.go similarity index 100% rename from agent/grpc/public/services/dataplane/mock_ACLResolver.go rename to agent/grpc-external/services/dataplane/mock_ACLResolver.go diff --git a/agent/grpc/public/services/dataplane/server.go b/agent/grpc-external/services/dataplane/server.go similarity index 100% rename from agent/grpc/public/services/dataplane/server.go rename to agent/grpc-external/services/dataplane/server.go diff --git a/agent/grpc/public/services/dataplane/server_test.go b/agent/grpc-external/services/dataplane/server_test.go similarity index 89% rename from agent/grpc/public/services/dataplane/server_test.go rename to agent/grpc-external/services/dataplane/server_test.go index fa0a24b91f..5ca346a6e1 100644 --- a/agent/grpc/public/services/dataplane/server_test.go +++ b/agent/grpc-external/services/dataplane/server_test.go @@ -4,7 +4,7 @@ import ( "context" "testing" - "github.com/hashicorp/consul/agent/grpc/public/testutils" + "github.com/hashicorp/consul/agent/grpc-external/testutils" "github.com/hashicorp/consul/proto-public/pbdataplane" "github.com/stretchr/testify/require" "google.golang.org/grpc" diff --git a/agent/grpc/public/services/peerstream/health_snapshot.go b/agent/grpc-external/services/peerstream/health_snapshot.go similarity index 100% rename from agent/grpc/public/services/peerstream/health_snapshot.go rename to agent/grpc-external/services/peerstream/health_snapshot.go diff --git a/agent/grpc/public/services/peerstream/health_snapshot_test.go b/agent/grpc-external/services/peerstream/health_snapshot_test.go similarity index 100% rename from agent/grpc/public/services/peerstream/health_snapshot_test.go rename to agent/grpc-external/services/peerstream/health_snapshot_test.go diff --git a/agent/grpc/public/services/peerstream/mock_ACLResolver.go b/agent/grpc-external/services/peerstream/mock_ACLResolver.go similarity index 100% rename from agent/grpc/public/services/peerstream/mock_ACLResolver.go rename to agent/grpc-external/services/peerstream/mock_ACLResolver.go diff --git a/agent/grpc/public/services/peerstream/replication.go b/agent/grpc-external/services/peerstream/replication.go similarity index 100% rename from agent/grpc/public/services/peerstream/replication.go rename to agent/grpc-external/services/peerstream/replication.go diff --git a/agent/grpc/public/services/peerstream/server.go b/agent/grpc-external/services/peerstream/server.go similarity index 100% rename from agent/grpc/public/services/peerstream/server.go rename to agent/grpc-external/services/peerstream/server.go diff --git a/agent/grpc/public/services/peerstream/stream_resources.go b/agent/grpc-external/services/peerstream/stream_resources.go similarity index 99% rename from agent/grpc/public/services/peerstream/stream_resources.go rename to agent/grpc-external/services/peerstream/stream_resources.go index f85da232f1..6113400827 100644 --- a/agent/grpc/public/services/peerstream/stream_resources.go +++ b/agent/grpc-external/services/peerstream/stream_resources.go @@ -14,7 +14,7 @@ import ( grpcstatus "google.golang.org/grpc/status" "github.com/hashicorp/consul/agent/connect" - "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" "github.com/hashicorp/consul/proto/pbpeering" "github.com/hashicorp/consul/proto/pbpeerstream" ) @@ -27,7 +27,7 @@ type BidirectionalStream interface { // StreamResources handles incoming streaming connections. func (s *Server) StreamResources(stream pbpeerstream.PeerStreamService_StreamResourcesServer) error { - logger := s.Logger.Named("stream-resources").With("request_id", public.TraceID()) + logger := s.Logger.Named("stream-resources").With("request_id", external.TraceID()) logger.Trace("Started processing request") defer logger.Trace("Finished processing request") diff --git a/agent/grpc/public/services/peerstream/stream_test.go b/agent/grpc-external/services/peerstream/stream_test.go similarity index 100% rename from agent/grpc/public/services/peerstream/stream_test.go rename to agent/grpc-external/services/peerstream/stream_test.go diff --git a/agent/grpc/public/services/peerstream/stream_tracker.go b/agent/grpc-external/services/peerstream/stream_tracker.go similarity index 100% rename from agent/grpc/public/services/peerstream/stream_tracker.go rename to agent/grpc-external/services/peerstream/stream_tracker.go diff --git a/agent/grpc/public/services/peerstream/stream_tracker_test.go b/agent/grpc-external/services/peerstream/stream_tracker_test.go similarity index 100% rename from agent/grpc/public/services/peerstream/stream_tracker_test.go rename to agent/grpc-external/services/peerstream/stream_tracker_test.go diff --git a/agent/grpc/public/services/peerstream/subscription_blocking.go b/agent/grpc-external/services/peerstream/subscription_blocking.go similarity index 100% rename from agent/grpc/public/services/peerstream/subscription_blocking.go rename to agent/grpc-external/services/peerstream/subscription_blocking.go diff --git a/agent/grpc/public/services/peerstream/subscription_manager.go b/agent/grpc-external/services/peerstream/subscription_manager.go similarity index 100% rename from agent/grpc/public/services/peerstream/subscription_manager.go rename to agent/grpc-external/services/peerstream/subscription_manager.go diff --git a/agent/grpc/public/services/peerstream/subscription_manager_test.go b/agent/grpc-external/services/peerstream/subscription_manager_test.go similarity index 100% rename from agent/grpc/public/services/peerstream/subscription_manager_test.go rename to agent/grpc-external/services/peerstream/subscription_manager_test.go diff --git a/agent/grpc/public/services/peerstream/subscription_state.go b/agent/grpc-external/services/peerstream/subscription_state.go similarity index 100% rename from agent/grpc/public/services/peerstream/subscription_state.go rename to agent/grpc-external/services/peerstream/subscription_state.go diff --git a/agent/grpc/public/services/peerstream/subscription_state_test.go b/agent/grpc-external/services/peerstream/subscription_state_test.go similarity index 100% rename from agent/grpc/public/services/peerstream/subscription_state_test.go rename to agent/grpc-external/services/peerstream/subscription_state_test.go diff --git a/agent/grpc/public/services/peerstream/subscription_view.go b/agent/grpc-external/services/peerstream/subscription_view.go similarity index 100% rename from agent/grpc/public/services/peerstream/subscription_view.go rename to agent/grpc-external/services/peerstream/subscription_view.go diff --git a/agent/grpc/public/services/peerstream/subscription_view_test.go b/agent/grpc-external/services/peerstream/subscription_view_test.go similarity index 100% rename from agent/grpc/public/services/peerstream/subscription_view_test.go rename to agent/grpc-external/services/peerstream/subscription_view_test.go diff --git a/agent/grpc/public/services/peerstream/testing.go b/agent/grpc-external/services/peerstream/testing.go similarity index 100% rename from agent/grpc/public/services/peerstream/testing.go rename to agent/grpc-external/services/peerstream/testing.go diff --git a/agent/grpc/public/services/serverdiscovery/mock_ACLResolver.go b/agent/grpc-external/services/serverdiscovery/mock_ACLResolver.go similarity index 100% rename from agent/grpc/public/services/serverdiscovery/mock_ACLResolver.go rename to agent/grpc-external/services/serverdiscovery/mock_ACLResolver.go diff --git a/agent/grpc/public/services/serverdiscovery/server.go b/agent/grpc-external/services/serverdiscovery/server.go similarity index 100% rename from agent/grpc/public/services/serverdiscovery/server.go rename to agent/grpc-external/services/serverdiscovery/server.go diff --git a/agent/grpc/public/services/serverdiscovery/server_test.go b/agent/grpc-external/services/serverdiscovery/server_test.go similarity index 97% rename from agent/grpc/public/services/serverdiscovery/server_test.go rename to agent/grpc-external/services/serverdiscovery/server_test.go index 2ad8e51201..c946adaa8c 100644 --- a/agent/grpc/public/services/serverdiscovery/server_test.go +++ b/agent/grpc-external/services/serverdiscovery/server_test.go @@ -12,7 +12,7 @@ import ( "github.com/hashicorp/consul/agent/consul/autopilotevents" "github.com/hashicorp/consul/agent/consul/state" "github.com/hashicorp/consul/agent/consul/stream" - "github.com/hashicorp/consul/agent/grpc/public/testutils" + "github.com/hashicorp/consul/agent/grpc-external/testutils" "github.com/hashicorp/consul/proto-public/pbserverdiscovery" ) diff --git a/agent/grpc/public/services/serverdiscovery/watch_servers.go b/agent/grpc-external/services/serverdiscovery/watch_servers.go similarity index 95% rename from agent/grpc/public/services/serverdiscovery/watch_servers.go rename to agent/grpc-external/services/serverdiscovery/watch_servers.go index 6ceda83ffe..1a119148cc 100644 --- a/agent/grpc/public/services/serverdiscovery/watch_servers.go +++ b/agent/grpc-external/services/serverdiscovery/watch_servers.go @@ -4,15 +4,16 @@ import ( "context" "errors" - "github.com/hashicorp/consul/acl" - "github.com/hashicorp/consul/agent/consul/autopilotevents" - "github.com/hashicorp/consul/agent/consul/stream" - "github.com/hashicorp/consul/agent/grpc/public" - "github.com/hashicorp/consul/agent/structs" - "github.com/hashicorp/consul/proto-public/pbserverdiscovery" "github.com/hashicorp/go-hclog" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" + + "github.com/hashicorp/consul/acl" + "github.com/hashicorp/consul/agent/consul/autopilotevents" + "github.com/hashicorp/consul/agent/consul/stream" + external "github.com/hashicorp/consul/agent/grpc-external" + "github.com/hashicorp/consul/agent/structs" + "github.com/hashicorp/consul/proto-public/pbserverdiscovery" ) // WatchServers provides a stream on which you can receive the list of servers @@ -20,12 +21,12 @@ import ( // current set of ready servers are sent immediately at the start of the // stream and new updates will be sent whenver the set of ready servers changes. func (s *Server) WatchServers(req *pbserverdiscovery.WatchServersRequest, serverStream pbserverdiscovery.ServerDiscoveryService_WatchServersServer) error { - logger := s.Logger.Named("watch-servers").With("request_id", public.TraceID()) + logger := s.Logger.Named("watch-servers").With("request_id", external.TraceID()) logger.Debug("starting stream") defer logger.Trace("stream closed") - token := public.TokenFromContext(serverStream.Context()) + token := external.TokenFromContext(serverStream.Context()) // Serve the ready servers from an EventPublisher subscription. If the subscription is // closed due to an ACL change, we'll attempt to re-authorize and resume it to diff --git a/agent/grpc/public/services/serverdiscovery/watch_servers_test.go b/agent/grpc-external/services/serverdiscovery/watch_servers_test.go similarity index 96% rename from agent/grpc/public/services/serverdiscovery/watch_servers_test.go rename to agent/grpc-external/services/serverdiscovery/watch_servers_test.go index a44520e558..1a73b06689 100644 --- a/agent/grpc/public/services/serverdiscovery/watch_servers_test.go +++ b/agent/grpc-external/services/serverdiscovery/watch_servers_test.go @@ -16,8 +16,8 @@ import ( resolver "github.com/hashicorp/consul/acl/resolver" "github.com/hashicorp/consul/agent/consul/autopilotevents" "github.com/hashicorp/consul/agent/consul/stream" - "github.com/hashicorp/consul/agent/grpc/public" - "github.com/hashicorp/consul/agent/grpc/public/testutils" + external "github.com/hashicorp/consul/agent/grpc-external" + "github.com/hashicorp/consul/agent/grpc-external/testutils" "github.com/hashicorp/consul/proto-public/pbserverdiscovery" "github.com/hashicorp/consul/proto/prototest" "github.com/hashicorp/consul/sdk/testutil" @@ -125,7 +125,7 @@ func TestWatchServers_StreamLifeCycle(t *testing.T) { Return(testutils.TestAuthorizerServiceWriteAny(t), nil).Twice() // add the token to the requests context - ctx := public.ContextWithToken(context.Background(), testACLToken) + ctx := external.ContextWithToken(context.Background(), testACLToken) // setup the server server := NewServer(Config{ @@ -198,7 +198,7 @@ func TestWatchServers_ACLToken_PermissionDenied(t *testing.T) { Return(testutils.TestAuthorizerDenyAll(t), nil).Once() // add the token to the requests context - ctx := public.ContextWithToken(context.Background(), testACLToken) + ctx := external.ContextWithToken(context.Background(), testACLToken) // setup the server server := NewServer(Config{ @@ -229,7 +229,7 @@ func TestWatchServers_ACLToken_Unauthenticated(t *testing.T) { Return(resolver.Result{}, acl.ErrNotFound).Once() // add the token to the requests context - ctx := public.ContextWithToken(context.Background(), testACLToken) + ctx := external.ContextWithToken(context.Background(), testACLToken) // setup the server server := NewServer(Config{ diff --git a/agent/grpc/public/testutils/acl.go b/agent/grpc-external/testutils/acl.go similarity index 100% rename from agent/grpc/public/testutils/acl.go rename to agent/grpc-external/testutils/acl.go diff --git a/agent/grpc/public/testutils/fsm.go b/agent/grpc-external/testutils/fsm.go similarity index 100% rename from agent/grpc/public/testutils/fsm.go rename to agent/grpc-external/testutils/fsm.go diff --git a/agent/grpc/public/testutils/server.go b/agent/grpc-external/testutils/server.go similarity index 100% rename from agent/grpc/public/testutils/server.go rename to agent/grpc-external/testutils/server.go diff --git a/agent/grpc/public/token.go b/agent/grpc-external/token.go similarity index 97% rename from agent/grpc/public/token.go rename to agent/grpc-external/token.go index 237317ee4c..68006b254e 100644 --- a/agent/grpc/public/token.go +++ b/agent/grpc-external/token.go @@ -1,4 +1,4 @@ -package public +package external import ( "context" diff --git a/agent/grpc/public/utils.go b/agent/grpc-external/utils.go similarity index 94% rename from agent/grpc/public/utils.go rename to agent/grpc-external/utils.go index 70d7d1abb5..c2c77ace64 100644 --- a/agent/grpc/public/utils.go +++ b/agent/grpc-external/utils.go @@ -1,4 +1,4 @@ -package public +package external import "github.com/hashicorp/go-uuid" diff --git a/agent/grpc/private/client.go b/agent/grpc-internal/client.go similarity index 99% rename from agent/grpc/private/client.go rename to agent/grpc-internal/client.go index 8d10edd175..451a5236ea 100644 --- a/agent/grpc/private/client.go +++ b/agent/grpc-internal/client.go @@ -1,4 +1,4 @@ -package private +package internal import ( "context" diff --git a/agent/grpc/private/client_test.go b/agent/grpc-internal/client_test.go similarity index 94% rename from agent/grpc/private/client_test.go rename to agent/grpc-internal/client_test.go index d414207abe..e36cd6aad6 100644 --- a/agent/grpc/private/client_test.go +++ b/agent/grpc-internal/client_test.go @@ -1,4 +1,4 @@ -package private +package internal import ( "context" @@ -14,8 +14,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "github.com/hashicorp/consul/agent/grpc/private/internal/testservice" - "github.com/hashicorp/consul/agent/grpc/private/resolver" + "github.com/hashicorp/consul/agent/grpc-internal/internal/testservice" + "github.com/hashicorp/consul/agent/grpc-internal/resolver" "github.com/hashicorp/consul/agent/metadata" "github.com/hashicorp/consul/ipaddr" "github.com/hashicorp/consul/sdk/freeport" @@ -145,9 +145,9 @@ func TestNewDialer_IntegrationWithTLSEnabledHandler(t *testing.T) { tlsConf, err := tlsutil.NewConfigurator(tlsutil.Config{ InternalRPC: tlsutil.ProtocolConfig{ VerifyIncoming: true, - CAFile: "../../../test/hostname/CertAuth.crt", - CertFile: "../../../test/hostname/Alice.crt", - KeyFile: "../../../test/hostname/Alice.key", + CAFile: "../../test/hostname/CertAuth.crt", + CertFile: "../../test/hostname/Alice.crt", + KeyFile: "../../test/hostname/Alice.key", VerifyOutgoing: true, }, }, hclog.New(nil)) @@ -192,9 +192,9 @@ func TestNewDialer_IntegrationWithTLSEnabledHandler_viaMeshGateway(t *testing.T) tlsConf, err := tlsutil.NewConfigurator(tlsutil.Config{ InternalRPC: tlsutil.ProtocolConfig{ VerifyIncoming: true, - CAFile: "../../../test/hostname/CertAuth.crt", - CertFile: "../../../test/hostname/Bob.crt", - KeyFile: "../../../test/hostname/Bob.key", + CAFile: "../../test/hostname/CertAuth.crt", + CertFile: "../../test/hostname/Bob.crt", + KeyFile: "../../test/hostname/Bob.key", VerifyOutgoing: true, VerifyServerHostname: true, }, @@ -222,9 +222,9 @@ func TestNewDialer_IntegrationWithTLSEnabledHandler_viaMeshGateway(t *testing.T) clientTLSConf, err := tlsutil.NewConfigurator(tlsutil.Config{ InternalRPC: tlsutil.ProtocolConfig{ VerifyIncoming: true, - CAFile: "../../../test/hostname/CertAuth.crt", - CertFile: "../../../test/hostname/Betty.crt", - KeyFile: "../../../test/hostname/Betty.key", + CAFile: "../../test/hostname/CertAuth.crt", + CertFile: "../../test/hostname/Betty.crt", + KeyFile: "../../test/hostname/Betty.key", VerifyOutgoing: true, VerifyServerHostname: true, }, diff --git a/agent/grpc/private/handler.go b/agent/grpc-internal/handler.go similarity index 97% rename from agent/grpc/private/handler.go rename to agent/grpc-internal/handler.go index 3cc103af28..b5e7d2573a 100644 --- a/agent/grpc/private/handler.go +++ b/agent/grpc-internal/handler.go @@ -1,11 +1,11 @@ -package private +package internal import ( "fmt" "net" "time" - agentmiddleware "github.com/hashicorp/consul/agent/grpc/middleware" + agentmiddleware "github.com/hashicorp/consul/agent/grpc-middleware" middleware "github.com/grpc-ecosystem/go-grpc-middleware" recovery "github.com/grpc-ecosystem/go-grpc-middleware/recovery" diff --git a/agent/grpc/private/handler_test.go b/agent/grpc-internal/handler_test.go similarity index 89% rename from agent/grpc/private/handler_test.go rename to agent/grpc-internal/handler_test.go index 6edf82195f..f538773019 100644 --- a/agent/grpc/private/handler_test.go +++ b/agent/grpc-internal/handler_test.go @@ -1,4 +1,4 @@ -package private +package internal import ( "bytes" @@ -13,8 +13,8 @@ import ( "google.golang.org/grpc/codes" "google.golang.org/grpc/status" - "github.com/hashicorp/consul/agent/grpc/private/internal/testservice" - "github.com/hashicorp/consul/agent/grpc/private/resolver" + "github.com/hashicorp/consul/agent/grpc-internal/internal/testservice" + "github.com/hashicorp/consul/agent/grpc-internal/resolver" ) func TestHandler_PanicRecoveryInterceptor(t *testing.T) { @@ -57,5 +57,5 @@ func TestHandler_PanicRecoveryInterceptor(t *testing.T) { // Checking the entire stack trace is not possible, let's // make sure that it contains a couple of expected strings. require.Contains(t, strLog, `[ERROR] panic serving grpc request: panic="panic from Something`) - require.Contains(t, strLog, `github.com/hashicorp/consul/agent/grpc/private.(*simplePanic).Something`) + require.Contains(t, strLog, `github.com/hashicorp/consul/agent/grpc-internal.(*simplePanic).Something`) } diff --git a/agent/grpc/private/internal/testservice/simple.pb.binary.go b/agent/grpc-internal/internal/testservice/simple.pb.binary.go similarity index 91% rename from agent/grpc/private/internal/testservice/simple.pb.binary.go rename to agent/grpc-internal/internal/testservice/simple.pb.binary.go index 2d65084bd8..fd2d7e13f1 100644 --- a/agent/grpc/private/internal/testservice/simple.pb.binary.go +++ b/agent/grpc-internal/internal/testservice/simple.pb.binary.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go-binary. DO NOT EDIT. -// source: agent/grpc/private/internal/testservice/simple.proto +// source: agent/grpc-internal/internal/testservice/simple.proto package testservice diff --git a/agent/grpc/private/internal/testservice/simple.pb.go b/agent/grpc-internal/internal/testservice/simple.pb.go similarity index 98% rename from agent/grpc/private/internal/testservice/simple.pb.go rename to agent/grpc-internal/internal/testservice/simple.pb.go index 4f12adeb9d..dfca35fa00 100644 --- a/agent/grpc/private/internal/testservice/simple.pb.go +++ b/agent/grpc-internal/internal/testservice/simple.pb.go @@ -2,7 +2,7 @@ // versions: // protoc-gen-go v1.23.0 // protoc v3.15.8 -// source: agent/grpc/private/internal/testservice/simple.proto +// source: agent/grpc-internal/internal/testservice/simple.proto package testservice @@ -376,5 +376,5 @@ var _Simple_serviceDesc = grpc.ServiceDesc{ ServerStreams: true, }, }, - Metadata: "agent/grpc/private/internal/testservice/simple.proto", + Metadata: "agent/grpc-internal/internal/testservice/simple.proto", } diff --git a/agent/grpc/private/internal/testservice/simple.proto b/agent/grpc-internal/internal/testservice/simple.proto similarity index 76% rename from agent/grpc/private/internal/testservice/simple.proto rename to agent/grpc-internal/internal/testservice/simple.proto index 31a53308fb..bcace657ac 100644 --- a/agent/grpc/private/internal/testservice/simple.proto +++ b/agent/grpc-internal/internal/testservice/simple.proto @@ -2,7 +2,7 @@ syntax = "proto3"; package testservice; -option go_package = "github.com/hashicorp/consul/agent/grpc/private/internal/testservice"; +option go_package = "github.com/hashicorp/consul/agent/grpc-internal/internal/testservice"; // Simple service is used to test gRPC plumbing. service Simple { diff --git a/agent/grpc/private/resolver/registry.go b/agent/grpc-internal/resolver/registry.go similarity index 100% rename from agent/grpc/private/resolver/registry.go rename to agent/grpc-internal/resolver/registry.go diff --git a/agent/grpc/private/resolver/resolver.go b/agent/grpc-internal/resolver/resolver.go similarity index 100% rename from agent/grpc/private/resolver/resolver.go rename to agent/grpc-internal/resolver/resolver.go diff --git a/agent/grpc/private/server_test.go b/agent/grpc-internal/server_test.go similarity index 98% rename from agent/grpc/private/server_test.go rename to agent/grpc-internal/server_test.go index c9873c2226..45e1ad59fd 100644 --- a/agent/grpc/private/server_test.go +++ b/agent/grpc-internal/server_test.go @@ -1,4 +1,4 @@ -package private +package internal import ( "context" @@ -15,7 +15,7 @@ import ( "golang.org/x/sync/errgroup" "google.golang.org/grpc" - "github.com/hashicorp/consul/agent/grpc/private/internal/testservice" + "github.com/hashicorp/consul/agent/grpc-internal/internal/testservice" "github.com/hashicorp/consul/agent/metadata" "github.com/hashicorp/consul/agent/pool" "github.com/hashicorp/consul/tlsutil" diff --git a/agent/grpc/private/services/subscribe/logger.go b/agent/grpc-internal/services/subscribe/logger.go similarity index 100% rename from agent/grpc/private/services/subscribe/logger.go rename to agent/grpc-internal/services/subscribe/logger.go diff --git a/agent/grpc/private/services/subscribe/subscribe.go b/agent/grpc-internal/services/subscribe/subscribe.go similarity index 100% rename from agent/grpc/private/services/subscribe/subscribe.go rename to agent/grpc-internal/services/subscribe/subscribe.go diff --git a/agent/grpc/private/services/subscribe/subscribe_test.go b/agent/grpc-internal/services/subscribe/subscribe_test.go similarity index 99% rename from agent/grpc/private/services/subscribe/subscribe_test.go rename to agent/grpc-internal/services/subscribe/subscribe_test.go index e5018ca386..26a8e148cb 100644 --- a/agent/grpc/private/services/subscribe/subscribe_test.go +++ b/agent/grpc-internal/services/subscribe/subscribe_test.go @@ -21,7 +21,7 @@ import ( "github.com/hashicorp/consul/acl" "github.com/hashicorp/consul/agent/consul/state" "github.com/hashicorp/consul/agent/consul/stream" - grpc "github.com/hashicorp/consul/agent/grpc/private" + grpc "github.com/hashicorp/consul/agent/grpc-internal" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/api" "github.com/hashicorp/consul/proto/pbcommon" diff --git a/agent/grpc/private/stats.go b/agent/grpc-internal/stats.go similarity index 99% rename from agent/grpc/private/stats.go rename to agent/grpc-internal/stats.go index 76293e8511..ab5226cee2 100644 --- a/agent/grpc/private/stats.go +++ b/agent/grpc-internal/stats.go @@ -1,4 +1,4 @@ -package private +package internal import ( "context" diff --git a/agent/grpc/private/stats_test.go b/agent/grpc-internal/stats_test.go similarity index 97% rename from agent/grpc/private/stats_test.go rename to agent/grpc-internal/stats_test.go index 0d7268e4e8..a32ea55251 100644 --- a/agent/grpc/private/stats_test.go +++ b/agent/grpc-internal/stats_test.go @@ -1,4 +1,4 @@ -package private +package internal import ( "context" @@ -14,9 +14,10 @@ import ( "golang.org/x/sync/errgroup" "google.golang.org/grpc" - "github.com/hashicorp/consul/agent/grpc/private/internal/testservice" - "github.com/hashicorp/consul/proto/prototest" "github.com/hashicorp/go-hclog" + + "github.com/hashicorp/consul/agent/grpc-internal/internal/testservice" + "github.com/hashicorp/consul/proto/prototest" ) func noopRegister(*grpc.Server) {} diff --git a/agent/grpc/middleware/recovery.go b/agent/grpc-middleware/recovery.go similarity index 100% rename from agent/grpc/middleware/recovery.go rename to agent/grpc-middleware/recovery.go diff --git a/agent/metadata/server.go b/agent/metadata/server.go index 8d8c00f100..83997f7cd1 100644 --- a/agent/metadata/server.go +++ b/agent/metadata/server.go @@ -23,26 +23,26 @@ func (k *Key) Equal(x *Key) bool { // Server is used to return details of a consul server type Server struct { - Name string // . - ShortName string // - ID string - Datacenter string - Segment string - Port int - SegmentAddrs map[string]string - SegmentPorts map[string]int - WanJoinPort int - LanJoinPort int - PublicGRPCPort int - Bootstrap bool - Expect int - Build version.Version - Version int - RaftVersion int - Addr net.Addr - Status serf.MemberStatus - ReadReplica bool - FeatureFlags map[string]int + Name string // . + ShortName string // + ID string + Datacenter string + Segment string + Port int + SegmentAddrs map[string]string + SegmentPorts map[string]int + WanJoinPort int + LanJoinPort int + ExternalGRPCPort int + Bootstrap bool + Expect int + Build version.Version + Version int + RaftVersion int + Addr net.Addr + Status serf.MemberStatus + ReadReplica bool + FeatureFlags map[string]int // If true, use TLS when connecting to this server UseTLS bool @@ -137,14 +137,14 @@ func IsConsulServer(m serf.Member) (bool, *Server) { } } - publicGRPCPort := 0 - publicGRPCPortStr, ok := m.Tags["grpc_port"] + externalGRPCPort := 0 + externalGRPCPortStr, ok := m.Tags["grpc_port"] if ok { - publicGRPCPort, err = strconv.Atoi(publicGRPCPortStr) + externalGRPCPort, err = strconv.Atoi(externalGRPCPortStr) if err != nil { return false, nil } - if publicGRPCPort < 1 { + if externalGRPCPort < 1 { return false, nil } } @@ -173,25 +173,25 @@ func IsConsulServer(m serf.Member) (bool, *Server) { addr := &net.TCPAddr{IP: m.Addr, Port: port} parts := &Server{ - Name: m.Name, - ShortName: strings.TrimSuffix(m.Name, "."+datacenter), - ID: m.Tags["id"], - Datacenter: datacenter, - Segment: segment, - Port: port, - SegmentAddrs: segmentAddrs, - SegmentPorts: segmentPorts, - WanJoinPort: wanJoinPort, - LanJoinPort: int(m.Port), - PublicGRPCPort: publicGRPCPort, - Bootstrap: bootstrap, - Expect: expect, - Addr: addr, - Build: *buildVersion, - Version: vsn, - RaftVersion: raftVsn, - Status: m.Status, - UseTLS: useTLS, + Name: m.Name, + ShortName: strings.TrimSuffix(m.Name, "."+datacenter), + ID: m.Tags["id"], + Datacenter: datacenter, + Segment: segment, + Port: port, + SegmentAddrs: segmentAddrs, + SegmentPorts: segmentPorts, + WanJoinPort: wanJoinPort, + LanJoinPort: int(m.Port), + ExternalGRPCPort: externalGRPCPort, + Bootstrap: bootstrap, + Expect: expect, + Addr: addr, + Build: *buildVersion, + Version: vsn, + RaftVersion: raftVsn, + Status: m.Status, + UseTLS: useTLS, // DEPRECATED - remove nonVoter check once support for that tag is removed ReadReplica: nonVoter || readReplica, FeatureFlags: featureFlags, diff --git a/agent/metadata/server_test.go b/agent/metadata/server_test.go index 373bad6822..2f56bd7fd4 100644 --- a/agent/metadata/server_test.go +++ b/agent/metadata/server_test.go @@ -82,19 +82,19 @@ func TestIsConsulServer(t *testing.T) { } expected := &metadata.Server{ - Name: "foo", - ShortName: "foo", - ID: "asdf", - Datacenter: "east-aws", - Segment: "", - Port: 10000, - SegmentAddrs: map[string]string{}, - SegmentPorts: map[string]int{}, - WanJoinPort: 1234, - LanJoinPort: 5454, - PublicGRPCPort: 9876, - Bootstrap: false, - Expect: 3, + Name: "foo", + ShortName: "foo", + ID: "asdf", + Datacenter: "east-aws", + Segment: "", + Port: 10000, + SegmentAddrs: map[string]string{}, + SegmentPorts: map[string]int{}, + WanJoinPort: 1234, + LanJoinPort: 5454, + ExternalGRPCPort: 9876, + Bootstrap: false, + Expect: 3, Addr: &net.TCPAddr{ IP: net.IP([]byte{127, 0, 0, 1}), Port: 10000, @@ -133,7 +133,7 @@ func TestIsConsulServer(t *testing.T) { expected.RaftVersion = 0 expected.Expect = 0 expected.WanJoinPort = 0 - expected.PublicGRPCPort = 0 + expected.ExternalGRPCPort = 0 case "feature-namespaces": m.Tags["ft_ns"] = "1" expected.FeatureFlags = map[string]int{"ns": 1} diff --git a/agent/pool/pool.go b/agent/pool/pool.go index acfe73065e..fa223790d2 100644 --- a/agent/pool/pool.go +++ b/agent/pool/pool.go @@ -451,7 +451,7 @@ func DialRPCViaMeshGateway( } if nextProto != ALPN_RPCGRPC { - // agent/grpc/private/client.go:dial() handles this in another way for gRPC + // agent/grpc-internal/client.go:dial() handles this in another way for gRPC if tcp, ok := rawConn.(*net.TCPConn); ok { _ = tcp.SetKeepAlive(true) _ = tcp.SetNoDelay(true) diff --git a/agent/rpc/peering/service.go b/agent/rpc/peering/service.go index e4d5c2a4e2..94b7d73a30 100644 --- a/agent/rpc/peering/service.go +++ b/agent/rpc/peering/service.go @@ -18,7 +18,7 @@ import ( "github.com/hashicorp/consul/agent/consul/state" "github.com/hashicorp/consul/agent/consul/stream" "github.com/hashicorp/consul/agent/dns" - "github.com/hashicorp/consul/agent/grpc/public/services/peerstream" + "github.com/hashicorp/consul/agent/grpc-external/services/peerstream" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/lib" "github.com/hashicorp/consul/proto/pbpeering" diff --git a/agent/rpc/peering/service_test.go b/agent/rpc/peering/service_test.go index 26aa84daa5..6a8f32915b 100644 --- a/agent/rpc/peering/service_test.go +++ b/agent/rpc/peering/service_test.go @@ -20,8 +20,8 @@ import ( "github.com/hashicorp/consul/agent/consul" "github.com/hashicorp/consul/agent/consul/state" "github.com/hashicorp/consul/agent/consul/stream" - grpc "github.com/hashicorp/consul/agent/grpc/private" - "github.com/hashicorp/consul/agent/grpc/private/resolver" + grpc "github.com/hashicorp/consul/agent/grpc-internal" + "github.com/hashicorp/consul/agent/grpc-internal/resolver" "github.com/hashicorp/consul/agent/pool" "github.com/hashicorp/consul/agent/router" "github.com/hashicorp/consul/agent/rpc/middleware" @@ -544,10 +544,10 @@ func newTestServer(t *testing.T, cb func(conf *consul.Config)) testingServer { conf.ACLResolverSettings.Datacenter = conf.Datacenter conf.ACLResolverSettings.EnterpriseMeta = *conf.AgentEnterpriseMeta() - publicGRPCServer := gogrpc.NewServer() + externalGRPCServer := gogrpc.NewServer() deps := newDefaultDeps(t, conf) - server, err := consul.NewServer(conf, deps, publicGRPCServer) + server, err := consul.NewServer(conf, deps, externalGRPCServer) require.NoError(t, err) t.Cleanup(func() { require.NoError(t, server.Shutdown()) @@ -560,9 +560,9 @@ func newTestServer(t *testing.T, cb func(conf *consul.Config)) testingServer { ln, err := net.Listen("tcp", grpcAddr) require.NoError(t, err) go func() { - _ = publicGRPCServer.Serve(ln) + _ = externalGRPCServer.Serve(ln) }() - t.Cleanup(publicGRPCServer.Stop) + t.Cleanup(externalGRPCServer.Stop) testrpc.WaitForLeader(t, server.RPC, conf.Datacenter) diff --git a/agent/setup.go b/agent/setup.go index 1e094f754d..9ac506ab67 100644 --- a/agent/setup.go +++ b/agent/setup.go @@ -18,8 +18,8 @@ import ( "github.com/hashicorp/consul/agent/consul/fsm" "github.com/hashicorp/consul/agent/consul/stream" "github.com/hashicorp/consul/agent/consul/usagemetrics" - grpc "github.com/hashicorp/consul/agent/grpc/private" - "github.com/hashicorp/consul/agent/grpc/private/resolver" + grpc "github.com/hashicorp/consul/agent/grpc-internal" + "github.com/hashicorp/consul/agent/grpc-internal/resolver" "github.com/hashicorp/consul/agent/local" "github.com/hashicorp/consul/agent/pool" "github.com/hashicorp/consul/agent/router" diff --git a/agent/submatview/store_integration_test.go b/agent/submatview/store_integration_test.go index 8804a5cbf2..775b6f0b66 100644 --- a/agent/submatview/store_integration_test.go +++ b/agent/submatview/store_integration_test.go @@ -22,7 +22,7 @@ import ( "github.com/hashicorp/consul/agent/cache" "github.com/hashicorp/consul/agent/consul/state" "github.com/hashicorp/consul/agent/consul/stream" - "github.com/hashicorp/consul/agent/grpc/private/services/subscribe" + "github.com/hashicorp/consul/agent/grpc-internal/services/subscribe" "github.com/hashicorp/consul/agent/rpcclient/health" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/agent/submatview" diff --git a/agent/xds/delta.go b/agent/xds/delta.go index cdc6e53d6d..701c04f2ed 100644 --- a/agent/xds/delta.go +++ b/agent/xds/delta.go @@ -21,7 +21,7 @@ import ( "google.golang.org/grpc/codes" "google.golang.org/grpc/status" - "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" "github.com/hashicorp/consul/agent/proxycfg" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/agent/xds/serverlessplugin" @@ -253,7 +253,7 @@ func (s *Server) processDelta(stream ADSDeltaStream, reqCh <-chan *envoy_discove // Start watching config for that proxy var err error - stateCh, watchCancel, err = s.CfgSrc.Watch(proxyID, nodeName, public.TokenFromContext(stream.Context())) + stateCh, watchCancel, err = s.CfgSrc.Watch(proxyID, nodeName, external.TokenFromContext(stream.Context())) if err != nil { return status.Errorf(codes.Internal, "failed to watch proxy service: %s", err) } diff --git a/agent/xds/server.go b/agent/xds/server.go index adbe9a62f7..cc27f3fde7 100644 --- a/agent/xds/server.go +++ b/agent/xds/server.go @@ -16,7 +16,7 @@ import ( "google.golang.org/grpc/status" "github.com/hashicorp/consul/acl" - "github.com/hashicorp/consul/agent/grpc/public" + external "github.com/hashicorp/consul/agent/grpc-external" "github.com/hashicorp/consul/agent/proxycfg" "github.com/hashicorp/consul/agent/structs" "github.com/hashicorp/consul/agent/xds/xdscommon" @@ -201,7 +201,7 @@ func (s *Server) authorize(ctx context.Context, cfgSnap *proxycfg.ConfigSnapshot return status.Errorf(codes.Unauthenticated, "unauthenticated: no config snapshot") } - authz, err := s.ResolveToken(public.TokenFromContext(ctx)) + authz, err := s.ResolveToken(external.TokenFromContext(ctx)) if acl.IsErrNotFound(err) { return status.Errorf(codes.Unauthenticated, "unauthenticated: %v", err) } else if acl.IsErrPermissionDenied(err) { diff --git a/docs/rpc/README.md b/docs/rpc/README.md index b10681e8fd..adfa19459f 100644 --- a/docs/rpc/README.md +++ b/docs/rpc/README.md @@ -1,26 +1,26 @@ # RPC -This section is a work in progress. +Consul uses two RPC systems for communication between components within the +cluster and with other clients such as Envoy: [gRPC](https://grpc.io/) +and Go's [`net/rpc`](https://pkg.go.dev/net/rpc) package. -The RPC subsystem is exclusicely in Server Agents. It is comprised of two main components: +Communication between client agents and servers uses a mix of both gRPC and +`net/rpc`. Generally, gRPC is preferred because it supports modern features +such as context deadlines/cancellation, streaming, and middleware - but Consul +has been around for a while so the majority of RPC endpoints still use `net/rpc`. -1. the "RPC Server" (for lack of a better term) handles multiplexing of many different - requests on a single TCP port. -2. RPC endpoints handle RPC requests and return responses. +## Multiplexed "Server" Port -The RPC subsystems handles requests from: +Most in-cluster communication happens over the multiplexed "server" TCP port +(default: 8300). Consul servers implement a custom protocol for serving +different kinds of traffic on the same port, whereby the first byte sent +indicates the protocol (e.g. gRPC, `net/rpc`, Raft). -1. Client Agents in the local DC -2. (if the server is a leader) other Server Agents in the local DC -3. Server Agents in other Datacenters -4. in-process requests from other components running in the same process (ex: the HTTP API - or DNS interface). +Servers also implement [TLS ALPN](https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation) +on this port, for situations where wrapping the real protocol with a byte prefix +isn't practical (e.g. cross-DC traffic over mesh gateways). -## Routing - -The "RPC Server" accepts requests to the [server port] and routes the requests based on -configuration of the Server and the the first byte in the request. The diagram below shows -all the possible routing flows. +The diagram below shows all the possible routing flows: [server port]: https://www.consul.io/docs/agent/config/config-files#server_rpc_port @@ -28,11 +28,10 @@ all the possible routing flows. [source](./routing.mmd) -The main entrypoint to RPC routing is `handleConn` in [agent/consul/rpc.go]. +The main entrypoint to connection routing is `handleConn` in [agent/consul/rpc.go]. [agent/consul/rpc.go]: https://github.com/hashicorp/consul/blob/main/agent/consul/rpc.go - ### Development Multiplexing several protocols over a single server port helps to reduce our @@ -44,13 +43,35 @@ development tools such as [grpcurl] difficult. You can get a "plain" TCP connection to the gRPC server using this proxy script: ``` -$ go run tools/private-grpc-proxy/main.go localhost:8300 -Proxying connections to Consul's private gRPC server +$ go run tools/internal-grpc-proxy/main.go localhost:8300 +Proxying connections to Consul's internal gRPC server Use this address: 127.0.0.1:64077 ``` Pass the returned proxy address to your tool of choice. +## Private vs Public vs Internal vs External +When working on Consul's gRPC endpoints you may notice we use private/public and +internal/external slightly differently. + +Private and public refer to whether an API is suitable for consumption by +clients other than Consul's core components. + +Private gRPC APIs are defined in the `proto` directory, and should only be used +by Consul servers and agents. Public gRPC APIs are defined in the `proto-public` +directory and may be used by 3rd-party applications. + +Internal and external refer to how the gRPC APIs are exposed. + +Internal gRPC APIs are exposed on the multiplexed "server" port, whereas +external APIs are exposed on a dedicated gRPC port (default: 8502). + +The reason for this differentiation is that some private APIs are exposed on the +external port, such as peer streaming/replication; this API isn't (yet) suitable +for consumption by 3rd-party applications but must be accessible from outside +the cluster, and present a TLS certificate signed by a public CA, which the +multiplexed port cannot. + ## RPC Endpoints This section is a work in progress, it will eventually cover topics like: diff --git a/docs/rpc/streaming/README.md b/docs/rpc/streaming/README.md index 3cd2ca6feb..dd6873cde8 100644 --- a/docs/rpc/streaming/README.md +++ b/docs/rpc/streaming/README.md @@ -34,7 +34,7 @@ and sent to any active subscriptions. [rpcclient/health.Health]: https://github.com/hashicorp/consul/blob/main/agent/rpcclient/health/health.go [StreamingHealthServices cache-type]: https://github.com/hashicorp/consul/blob/main/agent/cache-types/streaming_health_services.go [materialized view]: https://github.com/hashicorp/consul/blob/main/agent/submatview/materializer.go -[SubscribeEndpoint]: https://github.com/hashicorp/consul/blob/main/agent/grpc/private/services/subscribe/subscribe.go +[SubscribeEndpoint]: https://github.com/hashicorp/consul/blob/main/agent/grpc-internal/services/subscribe/subscribe.go [EventPublisher]: https://github.com/hashicorp/consul/blob/main/agent/consul/stream/event_publisher.go [state.Store commits]: https://github.com/hashicorp/consul/blob/main/agent/consul/state/memdb.go diff --git a/tools/private-grpc-proxy/main.go b/tools/internal-grpc-proxy/main.go similarity index 95% rename from tools/private-grpc-proxy/main.go rename to tools/internal-grpc-proxy/main.go index 32a7633f66..f134bfc50c 100644 --- a/tools/private-grpc-proxy/main.go +++ b/tools/internal-grpc-proxy/main.go @@ -24,7 +24,7 @@ func main() { } defer lis.Close() - fmt.Println("Proxying connections to Consul's private gRPC server") + fmt.Println("Proxying connections to Consul's internal gRPC server") fmt.Printf("Use this address: %s\n", lis.Addr()) for {