英文:
Connect to service in Traefik based on HostSNI with gRPC
问题
public class GrpcClient {
public GrpcClient(String host, int port) {
this(ManagedChannelBuilder.forAddress(host, port).usePlaintext());
}
public GrpcClient(ManagedChannelBuilder<?> channelBuilder) {
channel = channelBuilder.build();
blockingStub = ServiceGrpc.newBlockingStub(channel);
asyncStub = ServiceGrpc.newStub(channel);
}
public void shutdown() throws InterruptedException {
channel.shutdown().awaitTermination(5, TimeUnit.SECONDS);
}
}
英文:
I want to have 1 entrypoint in Traefik, and then two different routers that routes based on HostSNI. I don't really know how I can access these different services based on the HostSNI
My entrypoint is :5160
.
Two different routers that goes to two different services.
One has the rule HostSNI('service-1.local')
, the other one has the rule HostSNI('service-2.local')
.
How can I with gRPC in Java connect to these services?
My client so far:
public class GrpcClient {
public GrpcClient(String host, int port) {
this(ManagedChannelBuilder.forAddress(host, port).usePlaintext());
}
public GrpcClient(ManagedChannelBuilder<?> channelBuilder) {
channel = channelBuilder.build();
blockingStub = ServiceGPRC.newBlockingStub(channel);
asyncStub = ServiceGRPC.newStub(channel);
}
public void shutdown() throws InterruptedException {
channel.shutdown().awaitTermination(5, TimeUnit.SECONDS);
}
}
</details>
# 答案1
**得分**: 1
SNI 是 TLS 扩展,因此需要使用 TLS。另请参阅 https://docs.traefik.io/routing/routers/#rule_1。
在您的 GrpcClient 中,您不能使用明文,而必须使用 TLS 通道。请参阅示例 https://github.com/grpc/grpc-java/tree/master/examples/example-tls。SNI 是从授权中设置的,您可以使用 ManagedChannelBuilder#overrideAuthority 进行覆盖。
<details>
<summary>英文:</summary>
SNI is a TLS extension so requires use of TLS. Also see https://docs.traefik.io/routing/routers/#rule_1 .
In your GrpcClient you then cannot use plaintext but have to use a TLS channel. See the example https://github.com/grpc/grpc-java/tree/master/examples/example-tls. The SNI is set up from the authority which you can override with ManagedChannelBuilder#overrideAuthority.
</details>
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论