mirror of https://github.com/milvus-io/milvus.git
exia
GitHub
parent
1f0fe0e50f
commit
4ee78eb5ad
|
|
@ -0,0 +1,27 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEowIBAAKCAQEAwuH3vwsOYCgW/+S9Z+qH2Ly0AU7Z2Igct4K+oOTC/jXJNTdy
|
||||
4mYLxGu5ptfXoo8T3oEB/LtAGYXxDj+NSCQjXnU0mHb3pyKbw7p/jCOdnTZ0ZyJf
|
||||
IAXYRHyej8hlnSPjwJLEA/Ue9OE8SA/k5sjyCgP7pbvFJt6ZL5ZN1/Tx86O5BNH7
|
||||
3kD2rW6R0XO2KwiH3acyf292GF7R0uBbQQOMF/bFv7IkinIIjc3MT/Iaj3MoBczs
|
||||
d6FArdtS2kvRNSYuK9LNTNnlcIRSsYaqXykSOIyxTSAPbyZbnB+4UuUVNqftmvTQ
|
||||
TqoGJGq1Sg9MSFrXKB6GoysKmZ5JQZDDPJ4SYQIDAQABAoIBACv96nkbu9EE+7wk
|
||||
HIV6sdPBNTkeXZq9jw3126ZiPYo5BgSXUb29n2ZlkvEQxEKT3b5ajOJKOrwIOlQn
|
||||
EHN6hOlrt8W7BUibTWIvlV9DIu88PaaSYbrO1vUO1JRMfnOsiFsORmVGTgilV4BE
|
||||
5j0am1ibcZEGBAk0MoxFd6kKSBvhMiCw0i4jZ/LAvgfzH3Bv/ZvbPfPHCs2OOwtY
|
||||
1X86dTCcDbWcDrjTMnVdEPN8/SvW4JXf5EdVL35xiSrVSZxcZGks8oid+P6JSFdG
|
||||
uBnxSTt9q5V3Ya421/I1CG9VYIrJdpNAmog3Jbi+HZTmBaNX6Wf5GOKgKjIt5J6U
|
||||
qqaicOECgYEA94xfP/LiuEKuusB9CkGW/9Yep8fV8T3cjYBz7Fc+WGOuqaBnvIv4
|
||||
PBO16uz6Nze1x58z25Qatrm4pp9aTov/bRkKVaW6Ua/R0KcUbVjV/aN5cgjjLrIL
|
||||
0wYpufFFbGzSK4vzbRWOQbdZhgYSVk97VyXYCPrzr3s6S+JozA3+vqUCgYEAyYlJ
|
||||
QgLf4t/aXxDxj14MwBA9ccgFhb43OZnBCWetYk22/Yi2afxvbbV0jo791E7p6ReC
|
||||
SnTSYv2ijvHpTOttRfGALM1Js9xYRKKr1oCkWxEP8NLgutlniPLDqWBP0cMe7oSw
|
||||
X14Kmj1yz1j3wp+6oP4uzb8KLW3rbx8/EBPrlA0CgYBdWbgJm4RXy/2sOy5sEbPp
|
||||
oktJJhjNsnBbhBczButh1aVmHjFAbuAbd6tgfiEVdZK9RpH9ueohAgRaATnC6RRX
|
||||
hdvZ1Hdgmpbawkb3vUplLaJ8mFFjqIzA9VAC6LMvYhIXjd0sQ7aznXrLCbschTiT
|
||||
8pd3O3ttr2CagTTXzmdEaQKBgCfwqTAH2c7ghipo9TZwcR5vGX4/IbkLpW4o5nSy
|
||||
s03UEPvV6DDA8mRPnbXS6ML2kKy9F/khhcBQe7LQhmfUEGfYIIrAdGbMuEGB64Qr
|
||||
ImdZzkrvv9HH3Bjr45Lhn2/2t16VtU5xGLDQlLw66X8MoLPfK+9ieOXf7tSq4JiT
|
||||
GhDRAoGBAK9xYpqb070deaKk/EBZhbp8baz1/x/RmKd38GRvf4LbOJ1jd1ufFWih
|
||||
cMOjz8iO3CAU2BnvUqD72cTALVxjyv9PdIg7i84s56hZ9fjxF+fFK1zv5TO5snsL
|
||||
ocwYTD5n0FvzgpwJFnGMnfiPc0h1RnwRJrWrDZS/M6+89ptNWQla
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
|
@ -0,0 +1,22 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDpzCCAo+gAwIBAgIUXZen56S+MZE8UTb09jyM6szs/ukwDQYJKoZIhvcNAQEL
|
||||
BQAwYzELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdaMQswCQYDVQQHDAJHWjESMBAG
|
||||
A1UECgwJcm9uZXRoaW5nMRIwEAYDVQQLDAlyb25ldGhpbmcxEjAQBgNVBAMMCWxv
|
||||
Y2FsaG9zdDAeFw0yMjA1MDEwODU3MzRaFw0zMjA0MjgwODU3MzRaMGMxCzAJBgNV
|
||||
BAYTAkNOMQswCQYDVQQIDAJHWjELMAkGA1UEBwwCR1oxEjAQBgNVBAoMCXJvbmV0
|
||||
aGluZzESMBAGA1UECwwJcm9uZXRoaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEi
|
||||
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC4fe/Cw5gKBb/5L1n6ofYvLQB
|
||||
TtnYiBy3gr6g5ML+Nck1N3LiZgvEa7mm19eijxPegQH8u0AZhfEOP41IJCNedTSY
|
||||
dvenIpvDun+MI52dNnRnIl8gBdhEfJ6PyGWdI+PAksQD9R704TxID+TmyPIKA/ul
|
||||
u8Um3pkvlk3X9PHzo7kE0fveQPatbpHRc7YrCIfdpzJ/b3YYXtHS4FtBA4wX9sW/
|
||||
siSKcgiNzcxP8hqPcygFzOx3oUCt21LaS9E1Ji4r0s1M2eVwhFKxhqpfKRI4jLFN
|
||||
IA9vJlucH7hS5RU2p+2a9NBOqgYkarVKD0xIWtcoHoajKwqZnklBkMM8nhJhAgMB
|
||||
AAGjUzBRMB0GA1UdDgQWBBT8tV8mSqY4ujxUPTNNue7ty9ad8DAfBgNVHSMEGDAW
|
||||
gBT8tV8mSqY4ujxUPTNNue7ty9ad8DAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3
|
||||
DQEBCwUAA4IBAQCbaK5wizgoH3AS0AYgHRHbvVaLXEgihcmdsFGqszmkOS50dpcm
|
||||
bqs0wS0g7Ibgpv8bS9tn9gXhdTR04F08PrbbALBF0I1zIbT5F6rp2w7P78gWZDa7
|
||||
iPYCTYA1WRZEEVJD4eyFC4cM8uG0wVCbKuOFUJaUPONbdJ1S26xtBSJHy0g8JeNK
|
||||
3N70/xYa0AFk4D9EoX39oiCOnj1QWN2M0IjUJHUcu1Bm50dxDcpiaoWR6sCFJU4r
|
||||
gMlFpeZ9Sg6zh4sUs2X0YYusEp3ATz+0E0iRChEM0213yvBR3HwaJKSegBocflCZ
|
||||
SKrjAyIpRkscR0JKWUPICf+rr0B0mPeEYfgK
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -0,0 +1 @@
|
|||
342790CE3BD09229C9C14810E2AB86D28A4700BF
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIIC7jCCAdYCAQAwSTELMAkGA1UEBhMCQ04xEjAQBgNVBAoMCXJvbmV0aGluZzES
|
||||
MBAGA1UECwwJcm9uZXRoaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqG
|
||||
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwQ/qyS53J8XdpM26LcFGdtTMzjfzPoNtw
|
||||
nSdfqrMi2iMZeMwDPRkHoeHE9lyHYPssDbFuLNJPLibcBCfd5SeELLlyG3GDP+W0
|
||||
inUs3kE0voXbH4LmSOCKLnzw0GfblINWMB7aqgpHPtRTcdWHcPo+KJA66ZbD5cNI
|
||||
w77aBxcsDJa40GunzxVOKtGQopypjrj6mkpauVzT9DwhylYvMR+VL12pjozGCvST
|
||||
NSgJfP7DX2UwHTMEBbxiTNQ7F8w4X5d2xuS2HepLy0/+uWo1e7jDGAWN27Alr176
|
||||
6n2os3WClL06U6mmlT7HE2TvunhiBNjWnWafENaeH9W5rmVNDCmLAgMBAAGgYDBe
|
||||
BgkqhkiG9w0BCQ4xUTBPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMDUGA1UdEQQu
|
||||
MCyCCWxvY2FsaG9zdIIOKi5yb25ldGhpbmcuY26CDyoucm9uZXRoaW5nLmNvbTAN
|
||||
BgkqhkiG9w0BAQsFAAOCAQEAS+OhS9i+Cjy4VM+gXknoaOWHqI73eSq/ODzUe4M4
|
||||
7lg314CPbWHTrSP0yw2NZ9s/Nw7l8It3DMaXgAioAXOTlcRnH0JOmWuj53nTHnHY
|
||||
DVgnP0JLIcOeAiGfCV9rU4FR/eegE/bpHa4K1zz1l1S+Pk8227SnhqtjXvSm+TZr
|
||||
LwvsxpuMRQcj0vKtatPMhI1KhucNAYh3Aps/Lx0sGB18UnL12gMp9s82LQ2urRtF
|
||||
WrVFVtMG9o+59fPNB7Lxf1efMCc3LUxR3AaYGUaZWqgFeXrFmKj+VTGCQFPEAQxn
|
||||
ZwSHi5NA0ikYfgb9LxHc7nbgehHUPv5ztIq/lMPSad6xtw==
|
||||
-----END CERTIFICATE REQUEST-----
|
||||
|
|
@ -0,0 +1,28 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCwQ/qyS53J8Xdp
|
||||
M26LcFGdtTMzjfzPoNtwnSdfqrMi2iMZeMwDPRkHoeHE9lyHYPssDbFuLNJPLibc
|
||||
BCfd5SeELLlyG3GDP+W0inUs3kE0voXbH4LmSOCKLnzw0GfblINWMB7aqgpHPtRT
|
||||
cdWHcPo+KJA66ZbD5cNIw77aBxcsDJa40GunzxVOKtGQopypjrj6mkpauVzT9Dwh
|
||||
ylYvMR+VL12pjozGCvSTNSgJfP7DX2UwHTMEBbxiTNQ7F8w4X5d2xuS2HepLy0/+
|
||||
uWo1e7jDGAWN27Alr1766n2os3WClL06U6mmlT7HE2TvunhiBNjWnWafENaeH9W5
|
||||
rmVNDCmLAgMBAAECggEBAJLcUOh08EbtlRxl6djsAFRyQPLXfqhP0gYGKmQfCZok
|
||||
PdJfPzwDj/M4Aa/lxDpXp26RCiBN3/xw65etLrpGz6Hk0a4tB2rftjeylOaJV7Lm
|
||||
ewiTPLE6TztSeG78dUwSdUs+VLbDrkSmKKpN0idDDnzztxgev6sAqLDbxwxJlBjy
|
||||
EeERzCG4JCc4aZlFtz1oWgFGXr3lxxxXbfzdhY/M87IkenGNZges0iSRbcFsGq8z
|
||||
oVaFV9KkVZ6lxLCMXIIfen9E6g/nq01mnTXM+LHd9Laqj0q6wpULCi5X/v/igS5I
|
||||
1fsUT8V+s+LjpWMBu6Bd0uY2tr3Li4Fn46p+HvVe6cECgYEA3eqSfUowlEs3WLBl
|
||||
acfb6/Vo9GeRnJpmLeTdXAO3NeOX4qLISQFQEUopG2qOrXSo4t40o8xX0iMe6uIQ
|
||||
7BVFJgdE12kdx0cQGqFACIxAiM6VbeqfKt4i8EB1ld/8fXusdH71b/ZkudbQ8gUx
|
||||
S3HNsid7Y7qIgXlQ3zZel8+juakCgYEAy1Z8R6bnyF7W0D09SkVfpuMsMoFIi6ZP
|
||||
w+rrk/8E85S2Ag8LnbQtJICiMgBYWQSu5IoGMoBw6N0j9OhaSOsbNYZjwmC9UqWH
|
||||
8ZbPrAqt3q0B76i9f7+K75gIyXEhVQBtlKUw53wGd9dgUkq5o+YZxK4ABqji+r+2
|
||||
d1rj49PLkhMCgYANQpL2QZSdh9EKz59/rp2Jf+SBlh6xSNiKLX68nMw5wBu3QxrM
|
||||
ofNy1QeXx8o2ux3MUJK8pt0ohUi3qEJymOLE3vJSHMnWunxP2wrEd/zzL8TmCHry
|
||||
SMu1p2RfTD7+EIHBhESOKB7kq91YWM8VPvuXhZxt3RuDAQjADbOhRpr14QKBgGIy
|
||||
2D46SsGnm5JhoNHXgwQzvcp+SSy4GtmBAFgu1pNUBDomTfPRaeOxA6OmKwSCkHvq
|
||||
dGe7Q8wR0CWceM2yTSeiSVc8JPJe4rI3pP9vAN0DLGYzVaD2PgDLqaKvMeu9Ey6w
|
||||
QFfqu6zwpKHZWKHgpB0p8vVEZqm2IEav7FLAnBVlAoGBAI1KJJ0Z18lOQDqpZtH/
|
||||
tYYmCMlYLOkHOVJ5/Fi+UjLLwCk2yyXw3Tr5PqxNaI1va4wp5lt/VZqRZibFm9hW
|
||||
ecsBuCDVZFPcu5UUHNrwXxb3wwidjsjJso0PVxw7FI7d7rlTqRYm5dntjlxBHhtd
|
||||
IPkBc4ceeMp14AaItE9f1HE5
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -0,0 +1,21 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDizCCAnOgAwIBAgIUNCeQzjvQkinJwUgQ4quG0opHAL8wDQYJKoZIhvcNAQEL
|
||||
BQAwYzELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdaMQswCQYDVQQHDAJHWjESMBAG
|
||||
A1UECgwJcm9uZXRoaW5nMRIwEAYDVQQLDAlyb25ldGhpbmcxEjAQBgNVBAMMCWxv
|
||||
Y2FsaG9zdDAeFw0yMjA1MDEwODU3MzRaFw0zMjA0MjgwODU3MzRaMEkxCzAJBgNV
|
||||
BAYTAkNOMRIwEAYDVQQKDAlyb25ldGhpbmcxEjAQBgNVBAsMCXJvbmV0aGluZzES
|
||||
MBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
|
||||
AQEAsEP6skudyfF3aTNui3BRnbUzM438z6DbcJ0nX6qzItojGXjMAz0ZB6HhxPZc
|
||||
h2D7LA2xbizSTy4m3AQn3eUnhCy5chtxgz/ltIp1LN5BNL6F2x+C5kjgii588NBn
|
||||
25SDVjAe2qoKRz7UU3HVh3D6PiiQOumWw+XDSMO+2gcXLAyWuNBrp88VTirRkKKc
|
||||
qY64+ppKWrlc0/Q8IcpWLzEflS9dqY6Mxgr0kzUoCXz+w19lMB0zBAW8YkzUOxfM
|
||||
OF+Xdsbkth3qS8tP/rlqNXu4wxgFjduwJa9e+up9qLN1gpS9OlOpppU+xxNk77p4
|
||||
YgTY1p1mnxDWnh/Vua5lTQwpiwIDAQABo1EwTzAJBgNVHRMEAjAAMAsGA1UdDwQE
|
||||
AwIF4DA1BgNVHREELjAsgglsb2NhbGhvc3SCDioucm9uZXRoaW5nLmNugg8qLnJv
|
||||
bmV0aGluZy5jb20wDQYJKoZIhvcNAQELBQADggEBAHBmcrQBtOcY776CHfRnHkWG
|
||||
2JX595eY9cTEi+xB3n3q6Uo9GkGpGkg0T9U67dj68aB5ETm9+F8augS/5e2vbyJ/
|
||||
GfwtwbmJFkM4SVrSYpHLYQc72j6kG4oLauz8C3IZxirX4nAxGDEnHbpLrS2HIZ+l
|
||||
/G5YQeaYStxmleOD4CwrOOIUdRATMTaQgRu6pUJhuhC9Fm1v+ueg6b24RB9V+jvU
|
||||
FOFiR29PPRyyAm3UBEv4yyVSoW6RgD+5QpD/HTGbXumT1xASKDeLY7HBVU9FXxN+
|
||||
wojcbIyFkXNo3C+5P7zN7S1zJV6Fp4TeOJpIeQn8ARf7XFQYREVesf9QC7yHxPk=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
-----BEGIN CERTIFICATE REQUEST-----
|
||||
MIIC7jCCAdYCAQAwSTELMAkGA1UEBhMCQ04xEjAQBgNVBAoMCXJvbmV0aGluZzES
|
||||
MBAGA1UECwwJcm9uZXRoaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3QwggEiMA0GCSqG
|
||||
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyI7d/ni5FxZxdMclJtjMIL2Kjx24XTHGc
|
||||
cgSR7uyZg4AWY0OweuL/3jTlQ23Nylqcx9pJyTVx/84zmPMdkPIO8rdaxKjq4e3G
|
||||
fDdPx/wXA2h6dFkY9Q/Hv61icY0BJyc+Qw6J1dl/ZgoTCf9VAP3/eeay/4JsD5ho
|
||||
ctyq8ZeftqoNvpSPolrwTo7uP0TStviM0LSTvomXz7dGQdlObjl82pfJSZcq1YzL
|
||||
U6BjE0jT1jTKjgaBMTwqpO2NP6+6D+dC/dHBY8/3fJz0IcdHlmifXSPQI1n8LJvZ
|
||||
mLRIGdrKiNbya0vwyTK9+kMWkmAo8LmbuSCC6FQ3X3eURQ81UuhjAgMBAAGgYDBe
|
||||
BgkqhkiG9w0BCQ4xUTBPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMDUGA1UdEQQu
|
||||
MCyCCWxvY2FsaG9zdIIOKi5yb25ldGhpbmcuY26CDyoucm9uZXRoaW5nLmNvbTAN
|
||||
BgkqhkiG9w0BAQsFAAOCAQEAVKT51H3hzO5PRvHxek2QrvfetuAowCRxbh4Zg0gJ
|
||||
fxDVrZshabNmycEQ/GZX+tT6KMgB9es2TfM6lk8JXkhRcaxnE9FT5aIBcQDqFoKo
|
||||
nOjdG62wG5vRomK/V2xLBJzjRQYcWkm+KPuOxaEZEFTrhEjRFi1X7MlqXwRyZueq
|
||||
YnOvisR2v4dbShbV5qd+jBgtcHVlsSApSQLYoplL/cje85a9DhkaLityYH1PCRhs
|
||||
Gx5LToV6Photjk3ujmJBaxIHlV1nVQmTfejka5cwh66Jm8JrW7oytvwFxosKFEmP
|
||||
frd+UIbTf9iIRvyUHdJB2bEDHv8g32AmlDsUspEXQ0L9hA==
|
||||
-----END CERTIFICATE REQUEST-----
|
||||
|
|
@ -0,0 +1,28 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCyI7d/ni5FxZxd
|
||||
MclJtjMIL2Kjx24XTHGccgSR7uyZg4AWY0OweuL/3jTlQ23Nylqcx9pJyTVx/84z
|
||||
mPMdkPIO8rdaxKjq4e3GfDdPx/wXA2h6dFkY9Q/Hv61icY0BJyc+Qw6J1dl/ZgoT
|
||||
Cf9VAP3/eeay/4JsD5hoctyq8ZeftqoNvpSPolrwTo7uP0TStviM0LSTvomXz7dG
|
||||
QdlObjl82pfJSZcq1YzLU6BjE0jT1jTKjgaBMTwqpO2NP6+6D+dC/dHBY8/3fJz0
|
||||
IcdHlmifXSPQI1n8LJvZmLRIGdrKiNbya0vwyTK9+kMWkmAo8LmbuSCC6FQ3X3eU
|
||||
RQ81UuhjAgMBAAECggEAeKD9EnswBGlTgDxFfRfXKNTFq/hRUY+fY3xGIfgz2aSV
|
||||
qRNg8/HTI8b59MIbaf58K6yd4ddRzLeXj5MkFkJf18V+agXACQYi+ISHBAx9ZawW
|
||||
JM4Cw4a3P+FJbN9Nx5kW1u+bubTJSp7zdX8QmyRH26dVlKK3U6uf3iLh0RQ2Q5zR
|
||||
CcZADOfrw7xMN/jydF36m0mVAuOnpRHGmfeSudZkhBRecpjgCQl4zCcsBKJFYpNc
|
||||
7oK9ecy68mFuzZ2sSlroI5WZLsAUdC66u92ZMf6jVVHojCNANtKhptTsJzg7npDF
|
||||
5WPCftFT4wFCywqzk2Zr0PoJ0tTQwtCT87DLjdOvCQKBgQDn3t1vCUVhdSgnhkEy
|
||||
0cBlWwvVnUMxI0lFzoQPllR17Uht7KpeZY/zfNHXpK4ZAZokJF1PEGLRHciXGG18
|
||||
Xbj7ATfH3jUjcCumZaoEj353Q8JGcFgYZ2voEQ4SS6NN+ntxZBqMBWbek9lykDfc
|
||||
0nw8WXFGciH1YKykwCvXpDEEhwKBgQDErW7MechCRpHgg6JWV19q4fR+cRByTLPs
|
||||
h0xId8f/zeN/CiIuI8eq9d5TvhOKF+ENdb4bsyGbaaOTHhbLWUxkfKASXXeUrKGw
|
||||
GjsR59QquFCVqPZ0U3oz6RWFWEQ1lqXVD1pU8feLSsneAQj4yJ6Lz36G2Zh2HGQ6
|
||||
qmZG5tnQRQKBgHgEMVWB1Pmm7IvYv/KQAyfzQmLlLZxHiWuqg0yWIU2Q7kaHk3+c
|
||||
zi/X0b3urXagD6rZb7q23o8i/WrH6BPRZyf072xypcqcCtvsD16g73LIDczr5Y1s
|
||||
KrxJ56CsqfB40GBW0i7btO1MVecoouGXyVpraWhvNwiNa48zMP5DLGQNAoGABP/r
|
||||
qyMFZjnpB24ROGSsNklcL8KsClvMzxx5YfY5jVUsjVQynj2mm7/4UOSqFn6Y6ACw
|
||||
PoAFQLAkyl6fcbfpazyHzS+3FH529cUU71WXXSamVcefzEE7AArS0zr1MO+Nc6ca
|
||||
QsKL6mySSSR5l+lxrlgt/TuW1pnOKneedfr0WokCgYAwQv9dKgUXx0kvjYjPKsYg
|
||||
Eb0pwfGBO4mN441fvRrSAwai/n52mrzFWrQC8uwX+4rCU2sSFkoxASMMgdjM+7y2
|
||||
5P6byf/PZqVqXBMH8xEFGHzllauJSQnXOl1rRRd43GPcMotHwdfm8lkuMpqjqplN
|
||||
1F9Xby2SJ9GH6R9ibB51UA==
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -0,0 +1,21 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDizCCAnOgAwIBAgIUNCeQzjvQkinJwUgQ4quG0opHAL4wDQYJKoZIhvcNAQEL
|
||||
BQAwYzELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAkdaMQswCQYDVQQHDAJHWjESMBAG
|
||||
A1UECgwJcm9uZXRoaW5nMRIwEAYDVQQLDAlyb25ldGhpbmcxEjAQBgNVBAMMCWxv
|
||||
Y2FsaG9zdDAeFw0yMjA1MDEwODU3MzRaFw0zMjA0MjgwODU3MzRaMEkxCzAJBgNV
|
||||
BAYTAkNOMRIwEAYDVQQKDAlyb25ldGhpbmcxEjAQBgNVBAsMCXJvbmV0aGluZzES
|
||||
MBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
|
||||
AQEAsiO3f54uRcWcXTHJSbYzCC9io8duF0xxnHIEke7smYOAFmNDsHri/9405UNt
|
||||
zcpanMfaSck1cf/OM5jzHZDyDvK3WsSo6uHtxnw3T8f8FwNoenRZGPUPx7+tYnGN
|
||||
AScnPkMOidXZf2YKEwn/VQD9/3nmsv+CbA+YaHLcqvGXn7aqDb6Uj6Ja8E6O7j9E
|
||||
0rb4jNC0k76Jl8+3RkHZTm45fNqXyUmXKtWMy1OgYxNI09Y0yo4GgTE8KqTtjT+v
|
||||
ug/nQv3RwWPP93yc9CHHR5Zon10j0CNZ/Cyb2Zi0SBnayojW8mtL8MkyvfpDFpJg
|
||||
KPC5m7kgguhUN193lEUPNVLoYwIDAQABo1EwTzAJBgNVHRMEAjAAMAsGA1UdDwQE
|
||||
AwIF4DA1BgNVHREELjAsgglsb2NhbGhvc3SCDioucm9uZXRoaW5nLmNugg8qLnJv
|
||||
bmV0aGluZy5jb20wDQYJKoZIhvcNAQELBQADggEBAG18ss3sNJjLXMv9Wm+dBvMQ
|
||||
ekGFunZ3unN641RxGpUWjbUj963woXx8eiL6lJFKiU52aXrFR4+6BZ0tbRsLz4e4
|
||||
pmCdOz4mClmNSk6mSSz7W8tnhz+h1jqUzp5whAh1Gj5QdauTzgcLFxBw3PWTt8tp
|
||||
4xGIuZwAWyB9MHXMkBtsdiP/oUEoVXYC2SA+o7dWr0d9w0K6BA00TZR+OHscfpGS
|
||||
k0aD1Cu8fxiccnY7jcBMz/2vVg3LzoeUqL7TZbpan/jzO5FAMVoi21UFwEQbBYMb
|
||||
yUbPei060JQ/u7H6CR9OCCHKsDvtpIfgpeAmjcuFSCF+Q3cHTAstHrlZWaOCNO4=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -110,7 +110,7 @@ rootCoord:
|
|||
# Related configuration of proxy, used to validate client requests and reduce the returned results.
|
||||
proxy:
|
||||
port: 19530
|
||||
|
||||
internalPort: 19529
|
||||
http:
|
||||
enabled: true # Whether to enable the http server
|
||||
debug_mode: false # Whether to enable http server debug mode
|
||||
|
|
@ -234,6 +234,13 @@ grpc:
|
|||
keepAliveTime: 10000
|
||||
keepAliveTimeout: 3000
|
||||
|
||||
# Configure the proxy tls enable.
|
||||
tls:
|
||||
serverPemPath: configs/cert/server.pem
|
||||
serverKeyPath: configs/cert/server.key
|
||||
caPemPath: configs/cert/ca.pem
|
||||
|
||||
|
||||
common:
|
||||
# Channel name generation rule: ${namePrefix}-${ChannelIdx}
|
||||
chanNamePrefix:
|
||||
|
|
@ -277,3 +284,4 @@ common:
|
|||
|
||||
security:
|
||||
authorizationEnabled: false
|
||||
tlsEnabled: false
|
||||
|
|
|
|||
|
|
@ -18,14 +18,19 @@ package grpcproxy
|
|||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"fmt"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"net"
|
||||
"net/http"
|
||||
"strconv"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"google.golang.org/grpc/credentials"
|
||||
|
||||
grpc_auth "github.com/grpc-ecosystem/go-grpc-middleware/auth"
|
||||
|
||||
grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware"
|
||||
|
|
@ -72,11 +77,12 @@ var (
|
|||
|
||||
// Server is the Proxy Server
|
||||
type Server struct {
|
||||
ctx context.Context
|
||||
wg sync.WaitGroup
|
||||
proxy types.ProxyComponent
|
||||
grpcServer *grpc.Server
|
||||
httpServer *http.Server
|
||||
ctx context.Context
|
||||
wg sync.WaitGroup
|
||||
proxy types.ProxyComponent
|
||||
grpcInternalServer *grpc.Server
|
||||
grpcExternalServer *grpc.Server
|
||||
httpServer *http.Server
|
||||
// avoid race
|
||||
httpServerMtx sync.Mutex
|
||||
|
||||
|
|
@ -139,9 +145,14 @@ func (s *Server) startHTTPServer(port int) {
|
|||
}
|
||||
}
|
||||
|
||||
func (s *Server) startGrpcLoop(grpcPort int) {
|
||||
defer s.wg.Done()
|
||||
func (s *Server) startRPCServer(grpcPort, grpcInternalPort int) {
|
||||
s.wg.Add(2)
|
||||
go s.startInternalGrpc(grpcInternalPort)
|
||||
go s.startExternalGrpc(grpcPort)
|
||||
}
|
||||
|
||||
func (s *Server) startExternalGrpc(grpcPort int) {
|
||||
defer s.wg.Done()
|
||||
var kaep = keepalive.EnforcementPolicy{
|
||||
MinTime: 5 * time.Second, // If a client pings more than once every 5 seconds, terminate the connection
|
||||
PermitWithoutStream: true, // Allow pings even when there are no active streams
|
||||
|
|
@ -161,11 +172,93 @@ func (s *Server) startGrpcLoop(grpcPort int) {
|
|||
}
|
||||
log.Debug("Proxy server already listen on tcp", zap.Int("port", grpcPort))
|
||||
|
||||
ctx, cancel := context.WithCancel(s.ctx)
|
||||
defer cancel()
|
||||
opts := trace.GetInterceptorOpts()
|
||||
grpcOpts := []grpc.ServerOption{
|
||||
grpc.KeepaliveEnforcementPolicy(kaep),
|
||||
grpc.KeepaliveParams(kasp),
|
||||
grpc.MaxRecvMsgSize(Params.ServerMaxRecvSize),
|
||||
grpc.MaxSendMsgSize(Params.ServerMaxSendSize),
|
||||
grpc.UnaryInterceptor(grpc_middleware.ChainUnaryServer(
|
||||
ot.UnaryServerInterceptor(opts...),
|
||||
grpc_auth.UnaryServerInterceptor(proxy.AuthenticationInterceptor),
|
||||
)),
|
||||
grpc.StreamInterceptor(grpc_middleware.ChainStreamServer(
|
||||
ot.StreamServerInterceptor(opts...),
|
||||
grpc_auth.StreamServerInterceptor(proxy.AuthenticationInterceptor))),
|
||||
}
|
||||
|
||||
if Params.TLSEnabled {
|
||||
cert, err := tls.LoadX509KeyPair(Params.ServerPemPath, Params.ServerKeyPath)
|
||||
if err != nil {
|
||||
log.Warn("proxy cant load x509 key pair", zap.Error(err))
|
||||
panic(err)
|
||||
}
|
||||
|
||||
certPool := x509.NewCertPool()
|
||||
rootBuf, err := ioutil.ReadFile(Params.CaPemPath)
|
||||
if err != nil {
|
||||
log.Warn("failed read ca pem", zap.Error(err))
|
||||
panic(err)
|
||||
}
|
||||
if !certPool.AppendCertsFromPEM(rootBuf) {
|
||||
log.Warn("fail to append ca to cert")
|
||||
panic("fail to append ca to cert")
|
||||
}
|
||||
|
||||
tlsConf := &tls.Config{
|
||||
ClientAuth: tls.RequireAndVerifyClientCert,
|
||||
Certificates: []tls.Certificate{cert},
|
||||
ClientCAs: certPool,
|
||||
MinVersion: tls.VersionTLS13,
|
||||
}
|
||||
grpcOpts = append(grpcOpts, grpc.Creds(credentials.NewTLS(tlsConf)))
|
||||
}
|
||||
s.grpcExternalServer = grpc.NewServer(grpcOpts...)
|
||||
proxypb.RegisterProxyServer(s.grpcExternalServer, s)
|
||||
milvuspb.RegisterMilvusServiceServer(s.grpcExternalServer, s)
|
||||
grpc_health_v1.RegisterHealthServer(s.grpcExternalServer, s)
|
||||
log.Debug("create Proxy grpc server",
|
||||
zap.Any("enforcement policy", kaep),
|
||||
zap.Any("server parameters", kasp))
|
||||
|
||||
log.Debug("waiting for Proxy grpc server to be ready")
|
||||
go funcutil.CheckGrpcReady(ctx, s.grpcErrChan)
|
||||
|
||||
log.Debug("Proxy grpc server has been ready, serve grpc requests on listen")
|
||||
if err := s.grpcExternalServer.Serve(lis); err != nil {
|
||||
log.Warn("failed to serve on Proxy's listener", zap.Error(err))
|
||||
s.grpcErrChan <- err
|
||||
}
|
||||
}
|
||||
|
||||
func (s *Server) startInternalGrpc(grpcPort int) {
|
||||
defer s.wg.Done()
|
||||
var kaep = keepalive.EnforcementPolicy{
|
||||
MinTime: 5 * time.Second, // If a client pings more than once every 5 seconds, terminate the connection
|
||||
PermitWithoutStream: true, // Allow pings even when there are no active streams
|
||||
}
|
||||
|
||||
var kasp = keepalive.ServerParameters{
|
||||
Time: 60 * time.Second, // Ping the client if it is idle for 60 seconds to ensure the connection is still active
|
||||
Timeout: 10 * time.Second, // Wait 10 second for the ping ack before assuming the connection is dead
|
||||
}
|
||||
|
||||
log.Debug("Proxy internal server listen on tcp", zap.Int("port", grpcPort))
|
||||
lis, err := net.Listen("tcp", ":"+strconv.Itoa(grpcPort))
|
||||
if err != nil {
|
||||
log.Warn("Proxy internal server failed to listen on", zap.Error(err), zap.Int("port", grpcPort))
|
||||
s.grpcErrChan <- err
|
||||
return
|
||||
}
|
||||
log.Debug("Proxy internal server already listen on tcp", zap.Int("port", grpcPort))
|
||||
|
||||
ctx, cancel := context.WithCancel(s.ctx)
|
||||
defer cancel()
|
||||
|
||||
opts := trace.GetInterceptorOpts()
|
||||
s.grpcServer = grpc.NewServer(
|
||||
s.grpcInternalServer = grpc.NewServer(
|
||||
grpc.KeepaliveEnforcementPolicy(kaep),
|
||||
grpc.KeepaliveParams(kasp),
|
||||
grpc.MaxRecvMsgSize(Params.ServerMaxRecvSize),
|
||||
|
|
@ -179,19 +272,19 @@ func (s *Server) startGrpcLoop(grpcPort int) {
|
|||
grpc_auth.StreamServerInterceptor(proxy.AuthenticationInterceptor),
|
||||
)),
|
||||
)
|
||||
proxypb.RegisterProxyServer(s.grpcServer, s)
|
||||
milvuspb.RegisterMilvusServiceServer(s.grpcServer, s)
|
||||
grpc_health_v1.RegisterHealthServer(s.grpcServer, s)
|
||||
log.Debug("create Proxy grpc server",
|
||||
proxypb.RegisterProxyServer(s.grpcInternalServer, s)
|
||||
milvuspb.RegisterMilvusServiceServer(s.grpcInternalServer, s)
|
||||
grpc_health_v1.RegisterHealthServer(s.grpcInternalServer, s)
|
||||
log.Debug("create Proxy internal grpc server",
|
||||
zap.Any("enforcement policy", kaep),
|
||||
zap.Any("server parameters", kasp))
|
||||
|
||||
log.Debug("waiting for Proxy grpc server to be ready")
|
||||
log.Debug("waiting for Proxy internal grpc server to be ready")
|
||||
go funcutil.CheckGrpcReady(ctx, s.grpcErrChan)
|
||||
|
||||
log.Debug("Proxy grpc server has been ready, serve grpc requests on listen")
|
||||
if err := s.grpcServer.Serve(lis); err != nil {
|
||||
log.Warn("failed to serve on Proxy's listener", zap.Error(err))
|
||||
log.Debug("Proxy internal grpc server has been ready, serve grpc requests on listen")
|
||||
if err := s.grpcInternalServer.Serve(lis); err != nil {
|
||||
log.Warn("failed to internal serve on Proxy's listener", zap.Error(err))
|
||||
s.grpcErrChan <- err
|
||||
}
|
||||
}
|
||||
|
|
@ -227,8 +320,8 @@ func (s *Server) init() error {
|
|||
}
|
||||
|
||||
proxy.Params.InitOnce()
|
||||
proxy.Params.ProxyCfg.NetworkAddress = Params.GetAddress()
|
||||
log.Debug("init Proxy's parameter table done", zap.String("address", Params.GetAddress()))
|
||||
proxy.Params.ProxyCfg.NetworkAddress = Params.GetInternalAddress()
|
||||
log.Debug("init Proxy's parameter table done", zap.String("internal address", Params.GetInternalAddress()), zap.String("external address", Params.GetAddress()))
|
||||
|
||||
serviceName := fmt.Sprintf("Proxy ip: %s, port: %d", Params.IP, Params.Port)
|
||||
closer := trace.InitTracing(serviceName)
|
||||
|
|
@ -242,8 +335,7 @@ func (s *Server) init() error {
|
|||
}
|
||||
s.etcdCli = etcdCli
|
||||
s.proxy.SetEtcdClient(s.etcdCli)
|
||||
s.wg.Add(1)
|
||||
go s.startGrpcLoop(Params.Port)
|
||||
s.startRPCServer(Params.Port, Params.InternalPort)
|
||||
log.Debug("waiting for grpc server of Proxy to be started")
|
||||
if err := <-s.grpcErrChan; err != nil {
|
||||
log.Warn("failed to start Proxy's grpc server", zap.Error(err))
|
||||
|
|
@ -403,7 +495,7 @@ func (s *Server) start() error {
|
|||
|
||||
// Stop stop the Proxy Server
|
||||
func (s *Server) Stop() error {
|
||||
log.Debug("Proxy stop", zap.String("Address", Params.GetAddress()))
|
||||
log.Debug("Proxy stop", zap.String("internal address", Params.GetInternalAddress()), zap.String("external address", Params.GetInternalAddress()))
|
||||
var err error
|
||||
if s.closer != nil {
|
||||
if err = s.closer.Close(); err != nil {
|
||||
|
|
@ -426,23 +518,28 @@ func (s *Server) Stop() error {
|
|||
s.httpServer.Shutdown(context.TODO())
|
||||
}
|
||||
}()
|
||||
|
||||
gracefulWg.Add(1)
|
||||
go func() {
|
||||
defer gracefulWg.Done()
|
||||
if s.grpcServer != nil {
|
||||
log.Debug("Graceful stop grpc server...")
|
||||
s.grpcServer.GracefulStop()
|
||||
if s.grpcInternalServer != nil {
|
||||
log.Debug("Graceful stop grpc internal server...")
|
||||
s.grpcInternalServer.GracefulStop()
|
||||
}
|
||||
if s.grpcExternalServer != nil {
|
||||
log.Debug("Graceful stop grpc external server...")
|
||||
s.grpcExternalServer.GracefulStop()
|
||||
}
|
||||
}()
|
||||
gracefulWg.Wait()
|
||||
|
||||
s.wg.Wait()
|
||||
|
||||
err = s.proxy.Stop()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
s.wg.Wait()
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1199,3 +1199,26 @@ func Test_NewServer_HTTPServerDisabled(t *testing.T) {
|
|||
err = server.Stop()
|
||||
assert.Nil(t, err)
|
||||
}
|
||||
func Test_NewServer_TLS(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
server, err := NewServer(ctx, nil)
|
||||
assert.NotNil(t, server)
|
||||
assert.Nil(t, err)
|
||||
|
||||
server.proxy = &MockProxy{}
|
||||
server.rootCoordClient = &MockRootCoord{}
|
||||
server.indexCoordClient = &MockIndexCoord{}
|
||||
server.queryCoordClient = &MockQueryCoord{}
|
||||
server.dataCoordClient = &MockDataCoord{}
|
||||
|
||||
Params.TLSEnabled = true
|
||||
Params.ServerPemPath = "../../../configs/cert/server.pem"
|
||||
Params.ServerKeyPath = "../../../configs/cert/server.key"
|
||||
Params.CaPemPath = "../../../configs/cert/ca.pem"
|
||||
|
||||
err = server.Run()
|
||||
assert.Nil(t, err)
|
||||
assert.Nil(t, server.httpServer)
|
||||
err = server.Stop()
|
||||
assert.Nil(t, err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -42,6 +42,9 @@ const (
|
|||
DefaultDialTimeout = 5000 * time.Millisecond
|
||||
DefaultKeepAliveTime = 10000 * time.Millisecond
|
||||
DefaultKeepAliveTimeout = 3000 * time.Millisecond
|
||||
|
||||
ProxyInternalPort = 19529
|
||||
ProxyExternalPort = 19530
|
||||
)
|
||||
|
||||
///////////////////////////////////////////////////////////////////////////////
|
||||
|
|
@ -49,10 +52,15 @@ const (
|
|||
type grpcConfig struct {
|
||||
ServiceParam
|
||||
|
||||
once sync.Once
|
||||
Domain string
|
||||
IP string
|
||||
Port int
|
||||
once sync.Once
|
||||
Domain string
|
||||
IP string
|
||||
TLSEnabled bool
|
||||
Port int
|
||||
InternalPort int
|
||||
ServerPemPath string
|
||||
ServerKeyPath string
|
||||
CaPemPath string
|
||||
}
|
||||
|
||||
func (p *grpcConfig) init(domain string) {
|
||||
|
|
@ -62,6 +70,7 @@ func (p *grpcConfig) init(domain string) {
|
|||
p.LoadFromEnv()
|
||||
p.LoadFromArgs()
|
||||
p.initPort()
|
||||
p.initTLSPath()
|
||||
}
|
||||
|
||||
// LoadFromEnv is used to initialize configuration items from env.
|
||||
|
|
@ -75,7 +84,15 @@ func (p *grpcConfig) LoadFromArgs() {
|
|||
}
|
||||
|
||||
func (p *grpcConfig) initPort() {
|
||||
p.Port = p.ParseInt(p.Domain + ".port")
|
||||
p.Port = p.ParseIntWithDefault(p.Domain+".port", ProxyExternalPort)
|
||||
p.InternalPort = p.ParseIntWithDefault(p.Domain+".internalPort", ProxyInternalPort)
|
||||
}
|
||||
|
||||
func (p *grpcConfig) initTLSPath() {
|
||||
p.TLSEnabled = p.ParseBool("common.security.tlsEnabled", false)
|
||||
p.ServerPemPath = p.Get("tls.serverPemPath")
|
||||
p.ServerKeyPath = p.Get("tls.serverKeyPath")
|
||||
p.CaPemPath = p.Get("tls.caPemPath")
|
||||
}
|
||||
|
||||
// GetAddress return grpc address
|
||||
|
|
@ -83,6 +100,10 @@ func (p *grpcConfig) GetAddress() string {
|
|||
return p.IP + ":" + strconv.Itoa(p.Port)
|
||||
}
|
||||
|
||||
func (p *grpcConfig) GetInternalAddress() string {
|
||||
return p.IP + ":" + strconv.Itoa(p.InternalPort)
|
||||
}
|
||||
|
||||
// GrpcServerConfig is configuration for grpc server.
|
||||
type GrpcServerConfig struct {
|
||||
grpcConfig
|
||||
|
|
|
|||
Loading…
Reference in New Issue