3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-30 06:51:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

xds: use ALPN Auto config for upstream protocol when possible (#1995)

Browse source
This commit is contained in:
Caleb Doxsey 2021-03-18 14:25:00 -06:00 committed by GitHub
parent 76016ea67a
commit 21d87f8fdc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 167 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

60
internal/controlplane/xds_protocols.go Normal file
View file

@ -0,0 +1,60 @@
package controlplane
import (
"encoding/json"
envoy_config_core_v3 "github.com/envoyproxy/go-control-plane/envoy/config/core/v3"
envoy_extensions_upstreams_http_v3 "github.com/envoyproxy/go-control-plane/envoy/extensions/upstreams/http/v3"
"github.com/pomerium/pomerium/internal/log"
)
func buildUpstreamProtocolOptions(endpoints []Endpoint, forceHTTP2 bool) *envoy_extensions_upstreams_http_v3.HttpProtocolOptions {
// if forcing http/2, use that explicitly
if forceHTTP2 {
return &envoy_extensions_upstreams_http_v3.HttpProtocolOptions{
UpstreamProtocolOptions: &envoy_extensions_upstreams_http_v3.HttpProtocolOptions_ExplicitHttpConfig_{
ExplicitHttpConfig: &envoy_extensions_upstreams_http_v3.HttpProtocolOptions_ExplicitHttpConfig{
ProtocolConfig: &envoy_extensions_upstreams_http_v3.HttpProtocolOptions_ExplicitHttpConfig_Http2ProtocolOptions{
Http2ProtocolOptions: &envoy_config_core_v3.Http2ProtocolOptions{
AllowConnect: true,
},
},
},
},
}
}
// when using TLS use ALPN auto config
tlsCount := 0
for _, e := range endpoints {
if e.transportSocket != nil {
tlsCount++
}
}
if tlsCount > 0 && tlsCount == len(endpoints) {
for _, e := range endpoints {
bs, _ := json.Marshal(e.transportSocket)
log.Info().
Str("url", e.url.String()).
Str("endpoints", string(bs)).
Msg("<<<USE AUTO>>>")
}
return &envoy_extensions_upstreams_http_v3.HttpProtocolOptions{
UpstreamProtocolOptions: &envoy_extensions_upstreams_http_v3.HttpProtocolOptions_AutoConfig{
AutoConfig: &envoy_extensions_upstreams_http_v3.HttpProtocolOptions_AutoHttpConfig{},
},
}
}
// otherwise only use http/1.1
return &envoy_extensions_upstreams_http_v3.HttpProtocolOptions{
UpstreamProtocolOptions: &envoy_extensions_upstreams_http_v3.HttpProtocolOptions_ExplicitHttpConfig_{
ExplicitHttpConfig: &envoy_extensions_upstreams_http_v3.HttpProtocolOptions_ExplicitHttpConfig{
ProtocolConfig: &envoy_extensions_upstreams_http_v3.HttpProtocolOptions_ExplicitHttpConfig_HttpProtocolOptions{
HttpProtocolOptions: &envoy_config_core_v3.Http1ProtocolOptions{},
},
},
},
}
}