From c51e96582b8b9b70e9875f6068984e640122f244 Mon Sep 17 00:00:00 2001 From: yue9944882 <291271447@qq.com> Date: Tue, 10 May 2022 15:28:10 +0800 Subject: [PATCH] basing onto ANP upstream's connection leakage fix Signed-off-by: yue9944882 <291271447@qq.com> --- Makefile | 2 +- cmd/addon-manager/Dockerfile | 1 - cmd/apiserver/Dockerfile | 1 - .../konnectivity-client/pkg/client/client.go | 234 -------------- .../pkg/client/client_test.go | 295 ------------------ forked/konnectivity-client/pkg/client/conn.go | 168 ---------- go.mod | 6 +- go.sum | 16 +- pkg/apis/cluster/v1alpha1/transport.go | 2 +- 9 files changed, 16 insertions(+), 709 deletions(-) delete mode 100644 forked/konnectivity-client/pkg/client/client.go delete mode 100644 forked/konnectivity-client/pkg/client/client_test.go delete mode 100644 forked/konnectivity-client/pkg/client/conn.go diff --git a/Makefile b/Makefile index f1f8f8a6..d4e82c60 100644 --- a/Makefile +++ b/Makefile @@ -21,7 +21,7 @@ all: manager # Run tests test: generate fmt vet manifests - go test ./pkg/... ./forked/... -coverprofile cover.out + go test ./pkg/... -coverprofile cover.out # Build manager binary manager: generate fmt vet diff --git a/cmd/addon-manager/Dockerfile b/cmd/addon-manager/Dockerfile index 25d4e77f..67c49eee 100644 --- a/cmd/addon-manager/Dockerfile +++ b/cmd/addon-manager/Dockerfile @@ -17,7 +17,6 @@ RUN go mod download # Copy the go source COPY cmd/ cmd/ COPY pkg/ pkg/ -COPY forked/ forked/ COPY hack/ hack/ # Build diff --git a/cmd/apiserver/Dockerfile b/cmd/apiserver/Dockerfile index 957e2bf9..db4f4043 100644 --- a/cmd/apiserver/Dockerfile +++ b/cmd/apiserver/Dockerfile @@ -16,7 +16,6 @@ RUN go mod download # Copy the go source COPY cmd/ cmd/ COPY pkg/ pkg/ -COPY forked/ forked/ COPY hack/ hack/ ARG API_GROUP_NAME=cluster.core.oam.dev diff --git a/forked/konnectivity-client/pkg/client/client.go b/forked/konnectivity-client/pkg/client/client.go deleted file mode 100644 index f2872104..00000000 --- a/forked/konnectivity-client/pkg/client/client.go +++ /dev/null @@ -1,234 +0,0 @@ -/* -Copyright 2019 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package client - -import ( - "context" - "errors" - "fmt" - "io" - "math/rand" - "net" - "sync" - "time" - - "google.golang.org/grpc" - "k8s.io/klog/v2" - "sigs.k8s.io/apiserver-network-proxy/konnectivity-client/proto/client" -) - -// Tunnel provides ability to dial a connection through a tunnel. -type Tunnel interface { - // Dial connects to the address on the named network, similar to - // what net.Dial does. The only supported protocol is tcp. - DialContext(ctx context.Context, protocol, address string) (net.Conn, error) -} - -type dialResult struct { - err string - connid int64 -} - -// grpcTunnel implements Tunnel -type grpcTunnel struct { - stream client.ProxyService_ProxyClient - pendingDial map[int64]chan<- dialResult - conns map[int64]*conn - pendingDialLock sync.RWMutex - connsLock sync.RWMutex - - // The tunnel will be closed if the caller fails to read via conn.Read() - // more than readTimeoutSeconds after a packet has been received. - readTimeoutSeconds int -} - -type clientConn interface { - Close() error -} - -var _ clientConn = &grpc.ClientConn{} - -// CreateSingleUseGrpcTunnel creates a Tunnel to dial to a remote server through a -// gRPC based proxy service. -// Currently, a single tunnel supports a single connection, and the tunnel is closed when the connection is terminated -// The Dial() method of the returned tunnel should only be called once -func CreateSingleUseGrpcTunnel(ctx context.Context, address string, opts ...grpc.DialOption) (Tunnel, error) { - c, err := grpc.DialContext(ctx, address, opts...) - if err != nil { - return nil, err - } - - grpcClient := client.NewProxyServiceClient(c) - - stream, err := grpcClient.Proxy(ctx) - if err != nil { - return nil, err - } - - tunnel := &grpcTunnel{ - stream: stream, - pendingDial: make(map[int64]chan<- dialResult), - conns: make(map[int64]*conn), - readTimeoutSeconds: 10, - } - - go tunnel.serve(c) - - return tunnel, nil -} - -func (t *grpcTunnel) serve(c clientConn) { - defer c.Close() - - for { - pkt, err := t.stream.Recv() - if err == io.EOF { - return - } - if err != nil || pkt == nil { - klog.ErrorS(err, "stream read failure") - return - } - - klog.V(5).InfoS("[tracing] recv packet", "type", pkt.Type) - - switch pkt.Type { - case client.PacketType_DIAL_RSP: - resp := pkt.GetDialResponse() - t.pendingDialLock.RLock() - ch, ok := t.pendingDial[resp.Random] - t.pendingDialLock.RUnlock() - - if !ok { - klog.V(1).Infoln("DialResp not recognized; dropped") - } else { - result := dialResult{ - err: resp.Error, - connid: resp.ConnectID, - } - select { - case ch <- result: - default: - klog.ErrorS(fmt.Errorf("blocked pending channel"), "Received second dial response for connection request", "connectionID", resp.ConnectID, "dialID", resp.Random) - // On multiple dial responses, avoid leaking serve goroutine. - return - } - } - - if resp.Error != "" { - // On dial error, avoid leaking serve goroutine. - return - } - - case client.PacketType_DATA: - resp := pkt.GetData() - // TODO: flow control - t.connsLock.RLock() - conn, ok := t.conns[resp.ConnectID] - t.connsLock.RUnlock() - - if ok { - timer := time.NewTimer((time.Duration)(t.readTimeoutSeconds) * time.Second) - select { - case conn.readCh <- resp.Data: - timer.Stop() - case <-timer.C: - klog.ErrorS(fmt.Errorf("timeout"), "readTimeout has been reached, the grpc connection to the proxy server will be closed", "connectionID", conn.connID, "readTimeoutSeconds", t.readTimeoutSeconds) - return - } - } else { - klog.V(1).InfoS("connection not recognized", "connectionID", resp.ConnectID) - } - case client.PacketType_CLOSE_RSP: - resp := pkt.GetCloseResponse() - t.connsLock.RLock() - conn, ok := t.conns[resp.ConnectID] - t.connsLock.RUnlock() - - if ok { - close(conn.readCh) - conn.closeCh <- resp.Error - close(conn.closeCh) - t.connsLock.Lock() - delete(t.conns, resp.ConnectID) - t.connsLock.Unlock() - return - } - klog.V(1).InfoS("connection not recognized", "connectionID", resp.ConnectID) - } - } -} - -// Dial connects to the address on the named network, similar to -// what net.Dial does. The only supported protocol is tcp. -func (t *grpcTunnel) DialContext(ctx context.Context, protocol, address string) (net.Conn, error) { - if protocol != "tcp" { - return nil, errors.New("protocol not supported") - } - - random := rand.Int63() /* #nosec G404 */ - resCh := make(chan dialResult, 1) - t.pendingDialLock.Lock() - t.pendingDial[random] = resCh - t.pendingDialLock.Unlock() - defer func() { - t.pendingDialLock.Lock() - delete(t.pendingDial, random) - t.pendingDialLock.Unlock() - }() - - req := &client.Packet{ - Type: client.PacketType_DIAL_REQ, - Payload: &client.Packet_DialRequest{ - DialRequest: &client.DialRequest{ - Protocol: protocol, - Address: address, - Random: random, - }, - }, - } - klog.V(5).InfoS("[tracing] send packet", "type", req.Type) - - err := t.stream.Send(req) - if err != nil { - return nil, err - } - - klog.V(5).Infoln("DIAL_REQ sent to proxy server") - - c := &conn{stream: t.stream, random: random} - - select { - case res := <-resCh: - if res.err != "" { - return nil, errors.New(res.err) - } - c.connID = res.connid - c.readCh = make(chan []byte, 10) - c.closeCh = make(chan string, 1) - c.finishedCh = make(chan bool, 1) - t.connsLock.Lock() - t.conns[res.connid] = c - t.connsLock.Unlock() - case <-time.After(30 * time.Second): - return nil, errors.New("dial timeout, backstop") - case <-ctx.Done(): - return nil, errors.New("dial timeout, context") - } - - return c, nil -} diff --git a/forked/konnectivity-client/pkg/client/client_test.go b/forked/konnectivity-client/pkg/client/client_test.go deleted file mode 100644 index d809a929..00000000 --- a/forked/konnectivity-client/pkg/client/client_test.go +++ /dev/null @@ -1,295 +0,0 @@ -/* -Copyright 2019 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package client - -import ( - "bytes" - "context" - "errors" - "testing" - "time" - - "google.golang.org/grpc" - "k8s.io/klog/v2" - "sigs.k8s.io/apiserver-network-proxy/konnectivity-client/proto/client" -) - -func TestDial(t *testing.T) { - ctx := context.Background() - s, ps := pipe() - ts := testServer(ps, 100) - - defer ps.Close() - defer s.Close() - - tunnel := &grpcTunnel{ - stream: s, - pendingDial: make(map[int64]chan<- dialResult), - conns: make(map[int64]*conn), - } - - go tunnel.serve(&fakeConn{}) - go ts.serve() - - _, err := tunnel.DialContext(ctx, "tcp", "127.0.0.1:80") - if err != nil { - t.Fatalf("expect nil; got %v", err) - } - - if ts.packets[0].Type != client.PacketType_DIAL_REQ { - t.Fatalf("expect packet.type %v; got %v", client.PacketType_CLOSE_REQ, ts.packets[0].Type) - } - - if ts.packets[0].GetDialRequest().Address != "127.0.0.1:80" { - t.Errorf("expect packet.address %v; got %v", "127.0.0.1:80", ts.packets[0].GetDialRequest().Address) - } -} - -func TestData(t *testing.T) { - ctx := context.Background() - s, ps := pipe() - ts := testServer(ps, 100) - - defer ps.Close() - defer s.Close() - - tunnel := &grpcTunnel{ - stream: s, - pendingDial: make(map[int64]chan<- dialResult), - conns: make(map[int64]*conn), - } - - go tunnel.serve(&fakeConn{}) - go ts.serve() - - conn, err := tunnel.DialContext(ctx, "tcp", "127.0.0.1:80") - if err != nil { - t.Fatalf("expect nil; got %v", err) - } - - datas := [][]byte{ - []byte("hello"), - []byte(", "), - []byte("world."), - } - - // send data using conn.Write - for _, data := range datas { - n, err := conn.Write(data) - if err != nil { - t.Error(err) - } - if n != len(data) { - t.Errorf("expect n=%d len(%q); got %d", len(data), string(data), n) - } - } - - // test server should echo data back - var buf [64]byte - for _, data := range datas { - n, err := conn.Read(buf[:]) - if err != nil { - t.Error(err) - } - - if string(buf[:n]) != "echo: "+string(data) { - t.Errorf("expect 'echo: %s'; got %s", string(data), string(buf[:n])) - } - } - - // verify test server received data - if ts.data.String() != "hello, world." { - t.Errorf("expect server received %v; got %v", "hello, world.", ts.data.String()) - } -} - -func TestClose(t *testing.T) { - ctx := context.Background() - s, ps := pipe() - ts := testServer(ps, 100) - - defer ps.Close() - defer s.Close() - - tunnel := &grpcTunnel{ - stream: s, - pendingDial: make(map[int64]chan<- dialResult), - conns: make(map[int64]*conn), - } - - go tunnel.serve(&fakeConn{}) - go ts.serve() - - conn, err := tunnel.DialContext(ctx, "tcp", "127.0.0.1:8080") - if err != nil { - t.Fatalf("expect nil; got %v", err) - } - - if err := conn.Close(); err != nil { - t.Error(err) - } - - if ts.packets[1].Type != client.PacketType_CLOSE_REQ { - t.Fatalf("expect packet.type %v; got %v", client.PacketType_CLOSE_REQ, ts.packets[1].Type) - } - if ts.packets[1].GetCloseRequest().ConnectID != 100 { - t.Errorf("expect connectID=100; got %d", ts.packets[1].GetCloseRequest().ConnectID) - } -} - -// TODO: Move to common testing library - -// fakeStream implements ProxyService_ProxyClient -type fakeStream struct { - grpc.ClientStream - r <-chan *client.Packet - w chan<- *client.Packet -} - -type fakeConn struct { -} - -func (f *fakeConn) Close() error { - return nil -} - -var _ clientConn = &fakeConn{} - -var _ client.ProxyService_ProxyClient = &fakeStream{} - -func pipe() (*fakeStream, *fakeStream) { - r, w := make(chan *client.Packet, 2), make(chan *client.Packet, 2) - s1, s2 := &fakeStream{}, &fakeStream{} - s1.r, s1.w = r, w - s2.r, s2.w = w, r - return s1, s2 -} - -func (s *fakeStream) Send(packet *client.Packet) error { - klog.V(4).InfoS("[DEBUG] send", "packet", packet) - if packet == nil { - return nil - } - s.w <- packet - return nil -} - -func (s *fakeStream) Recv() (*client.Packet, error) { - select { - case pkt := <-s.r: - klog.V(4).InfoS("[DEBUG] recv", "packet", pkt) - return pkt, nil - case <-time.After(5 * time.Second): - return nil, errors.New("timeout recv") - } -} - -func (s *fakeStream) Close() { - close(s.w) -} - -type proxyServer struct { - t testing.T - s client.ProxyService_ProxyClient - handlers map[client.PacketType]handler - connid int64 - data bytes.Buffer - packets []*client.Packet -} - -func testServer(s client.ProxyService_ProxyClient, connid int64) *proxyServer { - server := &proxyServer{ - s: s, - connid: connid, - handlers: make(map[client.PacketType]handler), - packets: []*client.Packet{}, - } - - server.handlers[client.PacketType_CLOSE_REQ] = server.handleClose - server.handlers[client.PacketType_DIAL_REQ] = server.handleDial - server.handlers[client.PacketType_DATA] = server.handleData - - return server -} - -func (s *proxyServer) serve() { - for { - pkt, err := s.s.Recv() - if err != nil { - s.t.Error(err) - return - } - - if pkt == nil { - return - } - - if handler, ok := s.handlers[pkt.Type]; ok { - if err := s.s.Send(handler(pkt)); err != nil { - s.t.Error(err) - } - } - } - -} - -func (s *proxyServer) handle(t client.PacketType, h handler) *proxyServer { - s.handlers[t] = h - return s -} - -type handler func(pkt *client.Packet) *client.Packet - -func (s *proxyServer) handleDial(pkt *client.Packet) *client.Packet { - s.packets = append(s.packets, pkt) - return &client.Packet{ - Type: client.PacketType_DIAL_RSP, - Payload: &client.Packet_DialResponse{ - DialResponse: &client.DialResponse{ - Random: pkt.GetDialRequest().Random, - ConnectID: s.connid, - }, - }, - } -} - -func (s *proxyServer) handleClose(pkt *client.Packet) *client.Packet { - s.packets = append(s.packets, pkt) - return &client.Packet{ - Type: client.PacketType_CLOSE_RSP, - Payload: &client.Packet_CloseResponse{ - CloseResponse: &client.CloseResponse{ - ConnectID: pkt.GetCloseRequest().ConnectID, - }, - }, - } -} - -func (s *proxyServer) handleData(pkt *client.Packet) *client.Packet { - s.packets = append(s.packets, pkt) - s.data.Write(pkt.GetData().Data) - - return &client.Packet{ - Type: client.PacketType_DATA, - Payload: &client.Packet_Data{ - Data: &client.Data{ - ConnectID: pkt.GetData().ConnectID, - Data: append([]byte("echo: "), pkt.GetData().Data...), - }, - }, - } -} diff --git a/forked/konnectivity-client/pkg/client/conn.go b/forked/konnectivity-client/pkg/client/conn.go deleted file mode 100644 index 64df35b9..00000000 --- a/forked/konnectivity-client/pkg/client/conn.go +++ /dev/null @@ -1,168 +0,0 @@ -/* -Copyright 2019 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package client - -import ( - "errors" - "fmt" - "io" - "net" - "time" - - "k8s.io/klog/v2" - "sigs.k8s.io/apiserver-network-proxy/konnectivity-client/proto/client" -) - -// CloseTimeout is the timeout to wait CLOSE_RSP packet after a -// successful delivery of CLOSE_REQ. -const CloseTimeout = 10 * time.Second - -// conn is an implementation of net.Conn, where the data is transported -// over an established tunnel defined by a gRPC service ProxyService. -type conn struct { - stream client.ProxyService_ProxyClient - connID int64 - random int64 - finishedCh chan bool - readCh chan []byte - closeCh chan string - - rdata []byte -} - -var _ net.Conn = &conn{} - -// Write sends the data thru the connection over proxy service -func (c *conn) Write(data []byte) (n int, err error) { - req := &client.Packet{ - Type: client.PacketType_DATA, - Payload: &client.Packet_Data{ - Data: &client.Data{ - ConnectID: c.connID, - Data: data, - }, - }, - } - - klog.V(5).InfoS("[tracing] send req", "type", req.Type) - - err = c.stream.Send(req) - if err != nil { - return 0, err - } - return len(data), err -} - -// Read receives data from the connection over proxy service -func (c *conn) Read(b []byte) (n int, err error) { - var data []byte - - if c.rdata != nil { - data = c.rdata - } else { - readChannel: - for { - select { - case data = <-c.readCh: - break readChannel - case <-c.finishedCh: - // channel already closed - return 0, fmt.Errorf("channel closed unexpectedly") - } - } - } - - if data == nil { - return 0, io.EOF - } - - if len(data) > len(b) { - copy(b, data[:len(b)]) - c.rdata = data[len(b):] - return len(b), nil - } - - c.rdata = nil - copy(b, data) - - return len(data), nil -} - -func (c *conn) LocalAddr() net.Addr { - return nil -} - -func (c *conn) RemoteAddr() net.Addr { - return nil -} - -func (c *conn) SetDeadline(t time.Time) error { - return errors.New("not implemented") -} - -func (c *conn) SetReadDeadline(t time.Time) error { - return errors.New("not implemented") -} - -func (c *conn) SetWriteDeadline(t time.Time) error { - return errors.New("not implemented") -} - -// Close closes the connection. It also sends CLOSE_REQ packet over -// proxy service to notify remote to drop the connection. -func (c *conn) Close() error { - klog.V(4).Infoln("closing connection") - defer close(c.finishedCh) - var req *client.Packet - if c.connID != 0 { - req = &client.Packet{ - Type: client.PacketType_CLOSE_REQ, - Payload: &client.Packet_CloseRequest{ - CloseRequest: &client.CloseRequest{ - ConnectID: c.connID, - }, - }, - } - } else { - // Never received a DIAL response so no connection ID. - req = &client.Packet{ - Type: client.PacketType_DIAL_CLS, - Payload: &client.Packet_CloseDial{ - CloseDial: &client.CloseDial{ - Random: c.random, - }, - }, - } - } - - klog.V(5).InfoS("[tracing] send req", "type", req.Type) - - if err := c.stream.Send(req); err != nil { - return err - } - - select { - case errMsg := <-c.closeCh: - if errMsg != "" { - return errors.New(errMsg) - } - return nil - case <-time.After(CloseTimeout): - } - - return errors.New("close timeout") -} diff --git a/go.mod b/go.mod index f8382259..ec29cb66 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/spf13/cobra v1.2.1 github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.7.0 - google.golang.org/grpc v1.40.0 + google.golang.org/grpc v1.42.0 k8s.io/api v0.23.1 k8s.io/apimachinery v0.23.1 k8s.io/apiserver v0.23.1 @@ -24,7 +24,7 @@ require ( open-cluster-management.io/addon-framework v0.2.1-0.20220317063747-100a0230a883 open-cluster-management.io/api v0.5.1-0.20220112073018-2d280a97a052 open-cluster-management.io/managed-serviceaccount v0.1.0 - sigs.k8s.io/apiserver-network-proxy v0.0.24 + sigs.k8s.io/apiserver-network-proxy v0.0.30 sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.25 sigs.k8s.io/apiserver-runtime v1.1.0 sigs.k8s.io/controller-runtime v0.11.0 @@ -118,4 +118,4 @@ require ( sigs.k8s.io/yaml v1.3.0 // indirect ) -replace sigs.k8s.io/apiserver-network-proxy/konnectivity-client => sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.24 +replace sigs.k8s.io/apiserver-network-proxy/konnectivity-client => sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.31-0.20220502234555-5308cea56b78 diff --git a/go.sum b/go.sum index d835ff07..c472845e 100644 --- a/go.sum +++ b/go.sum @@ -202,7 +202,11 @@ github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDk github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= github.com/cockroachdb/datadriven v0.0.0-20200714090401-bf6692d28da5/go.mod h1:h6jFvWxBdQXxjopDMZyH2UVceIRfR84bdzbkoKrsWNo= github.com/cockroachdb/errors v1.2.4/go.mod h1:rQD95gz6FARkaKkQXUksEje/d9a6wBJoCr5oaCLELYA= @@ -380,6 +384,7 @@ github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5y github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= +github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/protoc-gen-validate v0.0.14/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/esimonov/ifshort v1.0.2/go.mod h1:yZqNJUrNn20K8Q9n2CrjTKYyVEmX209Hgu+M1LBpeZE= @@ -1864,8 +1869,9 @@ google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAG google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM= -google.golang.org/grpc v1.40.0 h1:AGJ0Ih4mHjSeibYkFGh1dD9KJ/eOtZ93I6hoHhukQ5Q= google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34= +google.golang.org/grpc v1.42.0 h1:XT2/MFpuPFsEX2fWh3YQtHkZ+WYZFQRfaUgLZYj/p6A= +google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -2140,10 +2146,10 @@ rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8 rsc.io/letsencrypt v0.0.3/go.mod h1:buyQKZ6IXrRnB7TdkHP0RyEybLx18HHyOSoTyoOLqNY= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy v0.0.24 h1:yaswrAqidc2XdLK2GRacVEBb55g4dg91f/B7b0SYliY= -sigs.k8s.io/apiserver-network-proxy v0.0.24/go.mod h1:z/U9KltvRVSMttVl3cdQo8cPuXEjr+Qn3A5sUJR55XI= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.24 h1:bCO6TN9VG1bK3nCG5ghQ5httx1HpsG5MD8XtRDySHDM= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.24/go.mod h1:LEScyzhFmoF5pso/YSeBstl57mOzx9xlU9n85RGrDQg= +sigs.k8s.io/apiserver-network-proxy v0.0.30 h1:Zr5Zqd2GymcYUwijHUDEaQ1I3Dx0giTIWaD80N6j2mE= +sigs.k8s.io/apiserver-network-proxy v0.0.30/go.mod h1:0wSWl5ohhp7kYl5XOP0w1IZSWTHhe9TojjDGityZxnc= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.31-0.20220502234555-5308cea56b78 h1:ugxEWU436yHfjtNTtiKebUfNRyl1RZSHNEu+1i/6ekA= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.31-0.20220502234555-5308cea56b78/go.mod h1:fEO7lRTdivWO2qYVCVG7dEADOMo/MLDCVr8So2g88Uw= sigs.k8s.io/apiserver-runtime v1.1.0 h1:0U0EgW9b5wuU0K1NS1u8n2OjmXyC72P6PnKxoZOsr3c= sigs.k8s.io/apiserver-runtime v1.1.0/go.mod h1:cmahVEn9R791yUnSiFMFdwTqi2dOe5WQRNwcY6jb7l0= sigs.k8s.io/cli-utils v0.16.0/go.mod h1:9Jqm9K2W6ShhCxsEuaz6HSRKKOXigPUx3ZfypGgxBLY= diff --git a/pkg/apis/cluster/v1alpha1/transport.go b/pkg/apis/cluster/v1alpha1/transport.go index ef8b1630..34a7b5a7 100644 --- a/pkg/apis/cluster/v1alpha1/transport.go +++ b/pkg/apis/cluster/v1alpha1/transport.go @@ -7,7 +7,6 @@ import ( "strconv" "time" - konnectivity "github.com/oam-dev/cluster-gateway/forked/konnectivity-client/pkg/client" "github.com/oam-dev/cluster-gateway/pkg/config" "github.com/pkg/errors" "google.golang.org/grpc" @@ -15,6 +14,7 @@ import ( "google.golang.org/grpc/keepalive" k8snet "k8s.io/apimachinery/pkg/util/net" restclient "k8s.io/client-go/rest" + konnectivity "sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client" "sigs.k8s.io/apiserver-network-proxy/pkg/util" )