mirror of
https://github.com/siderolabs/talos.git
synced 2025-10-09 14:41:31 +02:00
389349c02b
Instead of doing our homegrown "try all the endpoints" method, use gRPC load-balancing across configured endpoints. Generalize load-balancer via gRPC resolver we had in Talos API client, use it in remote certificate generator code. Generalized resolver is still under `machinery/`, as `pkg/grpc` is not in `machinery/`, and we can't depend on Talos code from `machinery/`. Related to: #3068 Full fix for #3068 requires dynamic updates to control plane endpoints while apid is running, this is coming in the next PR. Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
42 lines
975 B
Go
42 lines
975 B
Go
// This Source Code Form is subject to the terms of the Mozilla Public
|
|
// License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
package basic
|
|
|
|
import (
|
|
"crypto/tls"
|
|
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/credentials"
|
|
)
|
|
|
|
// Credentials describes an authorization method.
|
|
type Credentials interface {
|
|
credentials.PerRPCCredentials
|
|
|
|
UnaryInterceptor() grpc.UnaryServerInterceptor
|
|
}
|
|
|
|
// NewConnection initializes a grpc.ClientConn configured for basic
|
|
// authentication.
|
|
func NewConnection(address string, creds credentials.PerRPCCredentials) (conn *grpc.ClientConn, err error) {
|
|
grpcOpts := []grpc.DialOption{}
|
|
|
|
grpcOpts = append(
|
|
grpcOpts,
|
|
grpc.WithTransportCredentials(
|
|
credentials.NewTLS(&tls.Config{
|
|
InsecureSkipVerify: true,
|
|
})),
|
|
grpc.WithPerRPCCredentials(creds),
|
|
)
|
|
|
|
conn, err = grpc.Dial(address, grpcOpts...)
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
return conn, nil
|
|
}
|