diff options
| author | Wataru Ishida <ishida.wataru@lab.ntt.co.jp> | 2017-04-02 10:35:44 -0400 |
|---|---|---|
| committer | FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> | 2017-04-17 22:28:24 +0900 |
| commit | d87960be708a65031c1fffac0a9848acc3700bfc (patch) | |
| tree | 98cf3884c32ad125fa222addb541b51a55dc19cc /gobgpd/main.go | |
| parent | 70e12e08693967c04565e0d84b4da7f65fee4219 (diff) | |
cli: tls support
Diffstat (limited to 'gobgpd/main.go')
| -rw-r--r-- | gobgpd/main.go | 32 |
1 files changed, 23 insertions, 9 deletions
diff --git a/gobgpd/main.go b/gobgpd/main.go index 68afcb23..91e98f6c 100644 --- a/gobgpd/main.go +++ b/gobgpd/main.go @@ -16,6 +16,14 @@ package main import ( + "io/ioutil" + "net/http" + _ "net/http/pprof" + "os" + "os/signal" + "runtime" + "syscall" + log "github.com/Sirupsen/logrus" "github.com/jessevdk/go-flags" p "github.com/kr/pretty" @@ -24,13 +32,8 @@ import ( "github.com/osrg/gobgp/packet/bgp" "github.com/osrg/gobgp/server" "github.com/osrg/gobgp/table" - "io/ioutil" - "net/http" - _ "net/http/pprof" - "os" - "os/signal" - "runtime" - "syscall" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" ) func main() { @@ -51,6 +54,9 @@ func main() { Dry bool `short:"d" long:"dry-run" description:"check configuration"` PProfHost string `long:"pprof-host" description:"specify the host that gobgpd listens on for pprof" default:"localhost:6060"` PProfDisable bool `long:"pprof-disable" description:"disable pprof profiling"` + TLS bool `long:"tls" description:"enable TLS authentication for gRPC API"` + TLSCertFile string `long:"tls-cert-file" description:"The TLS cert file"` + TLSKeyFile string `long:"tls-key-file" description:"The TLS key file"` } _, err := flags.Parse(&opts) if err != nil { @@ -118,10 +124,18 @@ func main() { bgpServer := server.NewBgpServer() go bgpServer.Serve() + var grpcOpts []grpc.ServerOption + if opts.TLS { + creds, err := credentials.NewServerTLSFromFile(opts.TLSCertFile, opts.TLSKeyFile) + if err != nil { + log.Fatalf("Failed to generate credentials: %v", err) + } + grpcOpts = []grpc.ServerOption{grpc.Creds(creds)} + } // start grpc Server - grpcServer := api.NewGrpcServer(bgpServer, opts.GrpcHosts) + apiServer := api.NewServer(bgpServer, grpc.NewServer(grpcOpts...), opts.GrpcHosts) go func() { - if err := grpcServer.Serve(); err != nil { + if err := apiServer.Serve(); err != nil { log.Fatalf("failed to listen grpc port: %s", err) } }() |