-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathserver.go
219 lines (188 loc) · 6.18 KB
/
server.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
package api
import (
"context"
"crypto/tls"
"crypto/x509"
"errors"
"fmt"
"net"
"net/http"
"path"
"strings"
"sync"
"time"
"golang.org/x/net/http2"
"golang.org/x/net/http2/h2c"
"google.golang.org/grpc"
"google.golang.org/grpc/examples/helloworld/helloworld"
)
const (
Address = "localhost:56789"
)
const (
healthCheckPath = "/health"
defaultTickInterval = time.Millisecond * 5
)
var (
Certificate = []byte(`-----BEGIN CERTIFICATE-----
MIIC/jCCAeagAwIBAgIJAPGpe7jZ+B9JMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
BAMMCWxvY2FsaG9zdDAeFw0xOTAxMDYwMzM5MDZaFw0yOTAxMDMwMzM5MDZaMBQx
EjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMdmso6OeDGKvUvdW7n3pkht2G/QlsIf3VUcVGpM6gItoTgHmj/8I9LXAiKf
o1KVfQ7BfokI+DbKlUHfQ5Pa8thHIdOFV8XGRfJFfHxoZMGBVCwr/4NMBjBollfi
rBzqkdKsL9bQH8bmEmqJY2J5MUzg2gQaxhMCXWxDflFHpw7zmjHKaP13LSl0G3hF
zyxYPFb58k/3D2GjYy+zULXDLT9DCV9BfEXveKNJaDUy2OfmoDRDx/BGXxIdipzn
LgN4wr4gvSRPq3Jo/ElOcM7wguMgBRpCH/uKVZqLggHc9q2P+iCOZ6lqfpNNnfI8
LXqrwCFMv1K3Hx6Y4K2MwVDoVf8CAwEAAaNTMFEwHQYDVR0OBBYEFM3D5zeZf58b
UCtlLPsC3bqiNokXMB8GA1UdIwQYMBaAFM3D5zeZf58bUCtlLPsC3bqiNokXMA8G
A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAEtdLAuc/RryzzGMjLub
LHjAvBp9b16Fd7k/SJbI2qq4KIOh2PUCcA944/nCrecv0csucMujE5ZnuiTnI/up
OoBAHunlxDAJfs5k62m4LSOLEZM6JcbepNIjQV/cEcf7mBzLw9BWA6KU/LenoLaM
79mDNgJniECr8r+I5hMqBLFoZqUiRrkLOgvrNmVwA3qGUPK3ZhpBEuXxrKBjFl7K
MOIqal+RwsT20zIjbKnBiFppnqIW1ntCUk9fRkd7ZHptpJnBDaqyFGV45lFen3Ai
4HBz397Xk1Tsw9wl4pmG0cedcN2GMk7LaMXnItaECmACSVTJlqPdQT8AvsZ53kgi
w9o=
-----END CERTIFICATE-----`)
Key = []byte(`-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAx2ayjo54MYq9S91bufemSG3Yb9CWwh/dVRxUakzqAi2hOAea
P/wj0tcCIp+jUpV9DsF+iQj4NsqVQd9Dk9ry2Ech04VXxcZF8kV8fGhkwYFULCv/
g0wGMGiWV+KsHOqR0qwv1tAfxuYSaoljYnkxTODaBBrGEwJdbEN+UUenDvOaMcpo
/XctKXQbeEXPLFg8VvnyT/cPYaNjL7NQtcMtP0MJX0F8Re94o0loNTLY5+agNEPH
8EZfEh2KnOcuA3jCviC9JE+rcmj8SU5wzvCC4yAFGkIf+4pVmouCAdz2rY/6II5n
qWp+k02d8jwteqvAIUy/UrcfHpjgrYzBUOhV/wIDAQABAoIBAQCZj859GN0ZkjY8
AapNappFd0rSuboQoAeNLzcXckpZCRj6lGhHVH+mNO0xCu31gKiBv6QaFq1JTPRr
eWyKpniU9Rro0e0Jo6tka/z1tlO57kaLigrJ67dsem8mGavgzQkmTHK/JSMDw1V1
dH70bE76XMOpm5DlPNIDuWrDX8IZMUcbPqTMvrRUphqgBYOV9x32Jnvc36BzTw88
corWZ7RINXSlgvz6K27HtVHbJL7orJv8v2hNMue5chtbZy2oag8mHQgNFSxn6/0T
wQ32Ms87X5xZTkpGv+u3kAFCv0u1YirLxnxVpgIN7eBG/RN3/fh1xJkDmjv/qwqs
6trRvcOZAoGBAO4FaTPMpaGefpX7rdxmZBH7un5rKS+iYBm4RIbThViBTNdA9LZp
JtwduIVwD40tLbQ+tOB65jb50iVMfE61rW8xchzOHYi13SaPgEjAXXysWLf+fVsy
C+1XqUHupFqvSHjFmgkC9Rcgu/6u6fri7N5sVlrt0llqvY0+VdREAadVAoGBANZ2
fwrXPEohMi3Aerv9qIyWuPKQyRRBS/fFUqllfhuXW74KcF4EoQCxOiSXBKjK1tgu
SfuJTaYCzzf7Knw3DpIs5HEVVMbG1Kgfbn7wDQTk7xloYub/vsgRZo9ez0HM+lxq
I62B4Y9/g3RRMmcTHXDWCw633ms29AAiMf32leADAoGBAJdYyXQuhIMoDMXBquOi
F693qTYJXb70OLch/DDe/sMwNHQK0Y/LfPIp09LFVp4mRBGAbfLvMsNyRrWA1OoX
i5hQkIbQaOcs/NowFRotd0R3MlKMd5ktUXgxbWaHH+qp2iMxQqjIQJ/cKK3g+taU
xJkJuj9HSaGhxbWyFVFLjOGhAoGALdsmbO36sSsJ7Kh0Vc/2AyGTKCJ3LEKN+MuT
Ui8mWMXzUt4uipvYxSof8YTs9R5x88VqAkOoe6+sGR82RVsMXYsFyXwzJVGMVOpr
mO7BCePdkAQ26YeThnnaARvXmw02Fx6GxGm6DhHIzM0zxsBaki7iLGJ6R1h3sbOe
FtxrzXsCgYEA0S0lYtmv4QOQq3mLf2lfroDCirqR6f5iXsyd3KhnkH/mnm56Bv4R
gTtaIFtkFS/s+lwNYSfQC/3uVPAbGcrZKRtmh9EaJk+jnjt72TRjldBnpxkXxGlz
svOxtwq93kqwiXrvckgvX+F/8D0fUpL0TyI5NY2qhPIT0tHW/yzSWiw=
-----END RSA PRIVATE KEY-----`)
)
type Server struct {
lock *sync.Mutex
server *http.Server
tlsConfig *tls.Config
}
func NewServer() *Server {
grpcServer := grpc.NewServer()
helloworld.RegisterGreeterServer(grpcServer, greeterServer{})
httpServer := &http.Server{
Handler: h2c.NewHandler(http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
if strings.HasPrefix(req.Header.Get("Content-Type"), "application/grpc") {
if req.ProtoMajor == 2 {
grpcServer.ServeHTTP(res, req)
} else {
res.WriteHeader(http.StatusUpgradeRequired)
}
} else if req.URL.Path == healthCheckPath {
res.WriteHeader(http.StatusOK)
} else {
res.WriteHeader(http.StatusNotFound)
}
}), &http2.Server{}),
}
return &Server{
lock: &sync.Mutex{},
server: httpServer,
}
}
func (s *Server) Serve() error {
s.lock.Lock()
l, err := net.Listen("tcp", Address)
if err != nil {
return err
}
s.lock.Unlock()
return s.server.Serve(l)
}
func (s *Server) ServeTLS() error {
s.lock.Lock()
cert, err := tls.X509KeyPair(Certificate, Key)
if err != nil {
return err
}
s.tlsConfig = &tls.Config{
// Specify protocols explicitly.
// This is done by `http.Server#ServeTLS` but not by other mechanisms,
// such as providing a TLS listener to `http.Server#Serve`.
// Without `h2`, the server won't handle the ALPN negotation and so
// requests that *start* with HTTP/1.1 won't get upgraded.
NextProtos: []string{"h2", "http/1.1"},
Certificates: []tls.Certificate{cert},
}
l, err := tls.Listen("tcp", Address, s.tlsConfig)
if err != nil {
return err
}
s.lock.Unlock()
return s.server.Serve(l)
}
func (s *Server) Shutdown(ctx context.Context) error {
return s.server.Shutdown(ctx)
}
func (s *Server) TLSConfig() *tls.Config {
return s.tlsConfig
}
func (s *Server) BlockUntilRunning(timeout time.Duration) error {
interval := defaultTickInterval
if timeout < interval {
interval = timeout
}
ticker := time.NewTicker(interval)
defer ticker.Stop()
done := make(chan bool)
timer := time.AfterFunc(timeout, func() {
done <- true
})
for {
select {
case <-done:
return errors.New("timed out before server passed health check")
case <-ticker.C:
protocol := "http"
client := http.DefaultClient
if s.tlsConfig != nil {
protocol = "https"
certPool := x509.NewCertPool()
if ok := certPool.AppendCertsFromPEM(Certificate); !ok {
return errors.New("failed to create root CA pool")
}
client = &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
RootCAs: certPool,
},
},
}
}
u := fmt.Sprintf("%s://%s", protocol, path.Join(Address, healthCheckPath))
res, err := client.Get(u)
if err != nil {
return err
}
if res.StatusCode == http.StatusOK {
timer.Stop()
return nil
}
}
}
}
type greeterServer struct{}
func (s greeterServer) SayHello(ctx context.Context, req *helloworld.HelloRequest) (*helloworld.HelloReply, error) {
return &helloworld.HelloReply{
Message: fmt.Sprintf("Hello %s", req.Name),
}, nil
}