Feat registry consul (#445)

Co-authored-by: johnlanni <zty98751@alibaba-inc.com>
2026-05-28 14:47:29 +08:00 · 2023-08-01 16:16:28 +08:00
parent e5105a4d71
commit 9b88c6bb40
16 changed files with 1049 additions and 84 deletions
--- a/registry/reconcile/reconcile.go
+++ b/registry/reconcile/reconcile.go
@@ -15,7 +15,9 @@
 package reconcile

 import (
+	"context"
 	"errors"
+	"fmt"
 	"path"
 	"reflect"
 	"sync"
@@ -24,12 +26,15 @@ import (

 	apiv1 "github.com/alibaba/higress/api/networking/v1"
 	v1 "github.com/alibaba/higress/client/pkg/apis/networking/v1"
+	"github.com/alibaba/higress/pkg/kube"
 	. "github.com/alibaba/higress/registry"
+	"github.com/alibaba/higress/registry/consul"
 	"github.com/alibaba/higress/registry/direct"
 	"github.com/alibaba/higress/registry/memory"
 	"github.com/alibaba/higress/registry/nacos"
 	nacosv2 "github.com/alibaba/higress/registry/nacos/v2"
 	"github.com/alibaba/higress/registry/zookeeper"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )

 type Reconciler struct {
@@ -37,14 +42,18 @@ type Reconciler struct {
 	registries    map[string]*apiv1.RegistryConfig
 	watchers      map[string]Watcher
 	serviceUpdate func()
+	client        kube.Client
+	namespace     string
 }

-func NewReconciler(serviceUpdate func()) *Reconciler {
+func NewReconciler(serviceUpdate func(), client kube.Client, namespace string) *Reconciler {
 	return &Reconciler{
 		Cache:         memory.NewCache(),
 		registries:    make(map[string]*apiv1.RegistryConfig),
 		watchers:      make(map[string]Watcher),
 		serviceUpdate: serviceUpdate,
+		client:        client,
+		namespace:     namespace,
 	}
 }

@@ -123,6 +132,11 @@ func (r *Reconciler) generateWatcherFromRegistryConfig(registry *apiv1.RegistryC
 	var watcher Watcher
 	var err error

+	authOption, err := r.getAuthOption(registry)
+	if err != nil {
+		return nil, err
+	}
+
 	switch registry.Type {
 	case string(Nacos):
 		watcher, err = nacos.NewWatcher(
@@ -135,6 +149,7 @@ func (r *Reconciler) generateWatcherFromRegistryConfig(registry *apiv1.RegistryC
 			nacos.WithNacosNamespace(registry.NacosNamespace),
 			nacos.WithNacosGroups(registry.NacosGroups),
 			nacos.WithNacosRefreshInterval(registry.NacosRefreshInterval),
+			nacos.WithAuthOption(authOption),
 		)
 	case string(Nacos2):
 		watcher, err = nacosv2.NewWatcher(
@@ -150,6 +165,7 @@ func (r *Reconciler) generateWatcherFromRegistryConfig(registry *apiv1.RegistryC
 			nacosv2.WithNacosNamespace(registry.NacosNamespace),
 			nacosv2.WithNacosGroups(registry.NacosGroups),
 			nacosv2.WithNacosRefreshInterval(registry.NacosRefreshInterval),
+			nacosv2.WithAuthOption(authOption),
 		)
 	case string(Zookeeper):
 		watcher, err = zookeeper.NewWatcher(
@@ -160,6 +176,18 @@ func (r *Reconciler) generateWatcherFromRegistryConfig(registry *apiv1.RegistryC
 			zookeeper.WithPort(registry.Port),
 			zookeeper.WithZkServicesPath(registry.ZkServicesPath),
 		)
+	case string(Consul):
+		watcher, err = consul.NewWatcher(
+			r.Cache,
+			consul.WithType(registry.Type),
+			consul.WithName(registry.Name),
+			consul.WithDomain(registry.Domain),
+			consul.WithPort(registry.Port),
+			consul.WithDatacenter(registry.ConsulDatacenter),
+			consul.WithServiceTag(registry.ConsulServiceTag),
+			consul.WithRefreshInterval(registry.ConsulRefreshInterval),
+			consul.WithAuthOption(authOption),
+		)
 	case string(Static), string(DNS):
 		watcher, err = direct.NewWatcher(
 			r.Cache,
@@ -190,3 +218,39 @@ func (r *Reconciler) generateWatcherFromRegistryConfig(registry *apiv1.RegistryC

 	return watcher, nil
 }
+
+func (r *Reconciler) getAuthOption(registry *apiv1.RegistryConfig) (AuthOption, error) {
+	authOption := AuthOption{}
+	authSecretName := registry.AuthSecretName
+
+	if len(authSecretName) == 0 {
+		return authOption, nil
+	}
+
+	authSecret, err := r.client.CoreV1().Secrets(r.namespace).Get(context.Background(), authSecretName, metav1.GetOptions{})
+	if err != nil {
+		return authOption, errors.New(fmt.Sprintf("get auth secret %s in namespace %s error:%v", authSecretName, r.namespace, err))
+	}
+
+	if nacosUsername, ok := authSecret.Data[AuthNacosUsernameKey]; ok {
+		authOption.NacosUsername = string(nacosUsername)
+	}
+
+	if nacosPassword, ok := authSecret.Data[AuthNacosPasswordKey]; ok {
+		authOption.NacosPassword = string(nacosPassword)
+	}
+
+	if consulToken, ok := authSecret.Data[AuthConsulTokenKey]; ok {
+		authOption.ConsulToken = string(consulToken)
+	}
+
+	if etcdUsername, ok := authSecret.Data[AuthEtcdUsernameKey]; ok {
+		authOption.EtcdUsername = string(etcdUsername)
+	}
+
+	if etcdPassword, ok := authSecret.Data[AuthEtcdPasswordKey]; ok {
+		authOption.EtcdPassword = string(etcdPassword)
+	}
+
+	return authOption, nil
+}