in grpc-xds/control-plane-go/pkg/xds/lds/socket_listener.go [36:84]
func createSocketListener(listenerName string, host string, port uint32, httpConnectionManager *http_connection_managerv3.HttpConnectionManager, enableTLS bool, requireClientCerts bool) (*listenerv3.Listener, error) {
anyWrappedHTTPConnectionManager, err := anypb.New(httpConnectionManager)
if err != nil {
return nil, fmt.Errorf("could not marshall HttpConnectionManager +%v into Any instance: %w", httpConnectionManager, err)
}
isIPv6 := strings.Count(host, ":") >= 2
serverListener := listenerv3.Listener{
Name: listenerName,
Address: &corev3.Address{
Address: &corev3.Address_SocketAddress{
SocketAddress: &corev3.SocketAddress{
Address: host,
PortSpecifier: &corev3.SocketAddress_PortValue{
PortValue: port,
},
Protocol: corev3.SocketAddress_TCP,
Ipv4Compat: isIPv6,
},
},
},
FilterChains: []*listenerv3.FilterChain{
{
Filters: []*listenerv3.Filter{
{
Name: envoyHTTPConnectionManagerName, // must be the last filter
ConfigType: &listenerv3.Filter_TypedConfig{
TypedConfig: anyWrappedHTTPConnectionManager,
},
},
},
},
},
TrafficDirection: corev3.TrafficDirection_INBOUND,
EnableReusePort: wrapperspb.Bool(true),
}
if enableTLS {
downstreamTLSContext := tls.CreateDownstreamTLSContext(requireClientCerts)
transportSocket, err := tls.CreateTransportSocket(downstreamTLSContext)
if err != nil {
return nil, err
}
// Assume that HttpConnectionManager is the first (and only) filter in the Listener's filter chain:
serverListener.FilterChains[0].TransportSocket = transportSocket
}
return &serverListener, nil
}