diff options
| author | chrislu <chris.lu@gmail.com> | 2022-07-08 00:29:41 -0700 |
|---|---|---|
| committer | chrislu <chris.lu@gmail.com> | 2022-07-08 00:29:41 -0700 |
| commit | 185332b91f5c3dd8f32dd8573eec843dda9c29c2 (patch) | |
| tree | 59d0fcf38d1e84ea6ba6d3be3e2b98e2966a5dc9 | |
| parent | 28add5a53451aa0be30cc03c2fda22c4056d602b (diff) | |
| parent | d6a544139183b9703a2ebc175d89012a3f390270 (diff) | |
| download | seaweedfs-185332b91f5c3dd8f32dd8573eec843dda9c29c2.tar.xz seaweedfs-185332b91f5c3dd8f32dd8573eec843dda9c29c2.zip | |
Merge branch 'master' of https://github.com/chrislusf/seaweedfs
| -rw-r--r-- | weed/command/scaffold/filer.toml | 8 | ||||
| -rw-r--r-- | weed/filer/tikv/tikv_store.go | 19 |
2 files changed, 20 insertions, 7 deletions
diff --git a/weed/command/scaffold/filer.toml b/weed/command/scaffold/filer.toml index c82de8da0..860d8b291 100644 --- a/weed/command/scaffold/filer.toml +++ b/weed/command/scaffold/filer.toml @@ -337,3 +337,11 @@ pdaddrs = "localhost:2379" deleterange_concurrency = 1 # Enable 1PC enable_1pc = false +# Set the CA certificate path +ca_path="" +# Set the certificate path +cert_path="" +# Set the private key path +key_path="" +# The name list used to verify the cn name +verify_cn=""
\ No newline at end of file diff --git a/weed/filer/tikv/tikv_store.go b/weed/filer/tikv/tikv_store.go index f8932663d..ca6794f9c 100644 --- a/weed/filer/tikv/tikv_store.go +++ b/weed/filer/tikv/tikv_store.go @@ -15,6 +15,7 @@ import ( "github.com/chrislusf/seaweedfs/weed/glog" "github.com/chrislusf/seaweedfs/weed/pb/filer_pb" "github.com/chrislusf/seaweedfs/weed/util" + "github.com/tikv/client-go/v2/config" "github.com/tikv/client-go/v2/txnkv" ) @@ -38,21 +39,25 @@ func (store *TikvStore) GetName() string { } func (store *TikvStore) Initialize(config util.Configuration, prefix string) error { - pdAddrs := []string{} - pdAddrsStr := config.GetString(prefix + "pdaddrs") - for _, item := range strings.Split(pdAddrsStr, ",") { - pdAddrs = append(pdAddrs, strings.TrimSpace(item)) - } + ca := config.GetString(prefix + "ca_path") + cert := config.GetString(prefix + "cert_path") + key := config.GetString(prefix + "key_path") + verify_cn := strings.Split(config.GetString(prefix+"verify_cn"), ",") + pdAddrs := strings.Split(config.GetString(prefix+"pdaddrs"), ",") + drc := config.GetInt(prefix + "deleterange_concurrency") if drc <= 0 { drc = 1 } store.onePC = config.GetBool(prefix + "enable_1pc") store.deleteRangeConcurrency = drc - return store.initialize(pdAddrs) + return store.initialize(ca, cert, key, verify_cn, pdAddrs) } -func (store *TikvStore) initialize(pdAddrs []string) error { +func (store *TikvStore) initialize(ca, cert, key string, verify_cn, pdAddrs []string) error { + config.UpdateGlobal(func(conf *config.Config) { + conf.Security = config.NewSecurity(ca, cert, key, verify_cn) + }) client, err := txnkv.NewClient(pdAddrs) store.client = client return err |