yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix(gen_rpc): ssl client port align with server port

This commit is contained in:
William Yang 2023-10-24 21:40:46 +02:00
parent 2a7d73e62c
commit 6346e0d28a
5 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/run_helm_tests.yaml vendored
View File

@ -76,8 +76,6 @@ jobs:
EMQX_RPC__CACERTFILE: /opt/emqx/etc/certs/cacert.pem EMQX_RPC__CACERTFILE: /opt/emqx/etc/certs/cacert.pem
EMQX_RPC__CIPHERS: TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256 EMQX_RPC__CIPHERS: TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256
EMQX_RPC__TLS_VERSIONS: "[tlsv1.3]" EMQX_RPC__TLS_VERSIONS: "[tlsv1.3]"
EMQX_RPC__SSL_SERVER_PRT: 5370
EMQX_RPC__PORT_DISCOVERY: manual
EOL EOL
- name: Prepare emqxConfig.EMQX_RPC using ssl1.2 - name: Prepare emqxConfig.EMQX_RPC using ssl1.2
working-directory: source working-directory: source
@ -91,7 +89,6 @@ jobs:
EMQX_RPC__CACERTFILE: /opt/emqx/etc/certs/cacert.pem EMQX_RPC__CACERTFILE: /opt/emqx/etc/certs/cacert.pem
EMQX_RPC__CIPHERS: TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256 EMQX_RPC__CIPHERS: TLS_AES_256_GCM_SHA384,TLS_AES_128_GCM_SHA256
EMQX_RPC__TLS_VERSIONS: "[tlsv1.2]" EMQX_RPC__TLS_VERSIONS: "[tlsv1.2]"
EMQX_RPC__SSL_SERVER_PRT: 5370
EMQX_RPC__PORT_DISCOVERY: manual EMQX_RPC__PORT_DISCOVERY: manual
EOL EOL
- name: run emqx on chart (k8s) - name: run emqx on chart (k8s)

4
apps/emqx_conf/src/emqx_conf_schema.erl
View File

@ -1151,6 +1151,7 @@ translation("emqx") ->
translation("gen_rpc") -> translation("gen_rpc") ->
[ [
{"default_client_driver", fun tr_gen_rpc_default_client_driver/1}, {"default_client_driver", fun tr_gen_rpc_default_client_driver/1},
{"ssl_client_port", fun tr_gen_rpc_ssl_client_port/1},
{"ssl_client_options", fun tr_gen_rpc_ssl_options/1}, {"ssl_client_options", fun tr_gen_rpc_ssl_options/1},
{"ssl_server_options", fun tr_gen_rpc_ssl_options/1}, {"ssl_server_options", fun tr_gen_rpc_ssl_options/1},
{"socket_ip", fun(Conf) -> {"socket_ip", fun(Conf) ->
@ -1226,6 +1227,9 @@ collector_enabled(disabled, _) -> [].
tr_gen_rpc_default_client_driver(Conf) -> tr_gen_rpc_default_client_driver(Conf) ->
conf_get("rpc.protocol", Conf). conf_get("rpc.protocol", Conf).
tr_gen_rpc_ssl_client_port(Conf) ->
conf_get("rpc.ssl_server_port", Conf).
tr_gen_rpc_ssl_options(Conf) -> tr_gen_rpc_ssl_options(Conf) ->
Ciphers = conf_get("rpc.ciphers", Conf), Ciphers = conf_get("rpc.ciphers", Conf),
Versions = conf_get("rpc.tls_versions", Conf), Versions = conf_get("rpc.tls_versions", Conf),

4
changes/ce/fix-11813.en.md Normal file
View File

@ -0,0 +1,4 @@
Fix schema: RPC client ssl port alighn with configured server port.
And ensure RPC ports are opened in helm chart.

4
deploy/charts/emqx-enterprise/templates/StatefulSet.yaml
View File

@ -121,9 +121,9 @@ spec:
{{- end }} {{- end }}
- name: ekka - name: ekka
containerPort: 4370 containerPort: 4370
- name: genrpc - name: genrpc-manual
containerPort: 5369 containerPort: 5369
- name: genrpc-ssl - name: genrpc2-auto
containerPort: 5370 containerPort: 5370
envFrom: envFrom:
- configMapRef: - configMapRef:

4
deploy/charts/emqx/templates/StatefulSet.yaml
View File

@ -121,9 +121,9 @@ spec:
{{- end }} {{- end }}
- name: ekka - name: ekka
containerPort: 4370 containerPort: 4370
- name: genrpc - name: genrpc-manual
containerPort: 5369 containerPort: 5369
- name: genrpc-ssl - name: genrpc2-auto
containerPort: 5370 containerPort: 5370
envFrom: envFrom:
- configMapRef: - configMapRef: