Browse Source

filer tikv support tls

pull/3286/head
duanhongyi 3 years ago
parent
commit
1ceab96aba
  1. 8
      weed/command/scaffold/filer.toml
  2. 19
      weed/filer/tikv/tikv_store.go

8
weed/command/scaffold/filer.toml

@ -337,3 +337,11 @@ pdaddrs = "localhost:2379"
deleterange_concurrency = 1 deleterange_concurrency = 1
# Enable 1PC # Enable 1PC
enable_1pc = false enable_1pc = false
# Set the CA certificate path
ca_path=""
# Set the certificate path
cert_path=""
# Set the private key path
key_path=""
# The name list used to verify the cn name
verify_cn=""

19
weed/filer/tikv/tikv_store.go

@ -15,6 +15,7 @@ import (
"github.com/chrislusf/seaweedfs/weed/glog" "github.com/chrislusf/seaweedfs/weed/glog"
"github.com/chrislusf/seaweedfs/weed/pb/filer_pb" "github.com/chrislusf/seaweedfs/weed/pb/filer_pb"
"github.com/chrislusf/seaweedfs/weed/util" "github.com/chrislusf/seaweedfs/weed/util"
"github.com/tikv/client-go/v2/config"
"github.com/tikv/client-go/v2/txnkv" "github.com/tikv/client-go/v2/txnkv"
) )
@ -38,21 +39,25 @@ func (store *TikvStore) GetName() string {
} }
func (store *TikvStore) Initialize(config util.Configuration, prefix string) error { func (store *TikvStore) Initialize(config util.Configuration, prefix string) error {
pdAddrs := []string{}
pdAddrsStr := config.GetString(prefix + "pdaddrs")
for _, item := range strings.Split(pdAddrsStr, ",") {
pdAddrs = append(pdAddrs, strings.TrimSpace(item))
}
ca := config.GetString(prefix + "ca_path")
cert := config.GetString(prefix + "cert_path")
key := config.GetString(prefix + "key_path")
verify_cn := strings.Split(config.GetString(prefix+"verify_cn"), ",")
pdAddrs := strings.Split(config.GetString(prefix+"pdaddrs"), ",")
drc := config.GetInt(prefix + "deleterange_concurrency") drc := config.GetInt(prefix + "deleterange_concurrency")
if drc <= 0 { if drc <= 0 {
drc = 1 drc = 1
} }
store.onePC = config.GetBool(prefix + "enable_1pc") store.onePC = config.GetBool(prefix + "enable_1pc")
store.deleteRangeConcurrency = drc store.deleteRangeConcurrency = drc
return store.initialize(pdAddrs)
return store.initialize(ca, cert, key, verify_cn, pdAddrs)
} }
func (store *TikvStore) initialize(pdAddrs []string) error {
func (store *TikvStore) initialize(ca, cert, key string, verify_cn, pdAddrs []string) error {
config.UpdateGlobal(func(conf *config.Config) {
conf.Security = config.NewSecurity(ca, cert, key, verify_cn)
})
client, err := txnkv.NewClient(pdAddrs) client, err := txnkv.NewClient(pdAddrs)
store.client = client store.client = client
return err return err

Loading…
Cancel
Save