Ah, then ManagedChannelBuilder.overrideAuthority() seems to be what you want. Linkerd is acting as a reverse proxy, so it "is" the server as far as gRPC is concerned. Your environment could have been configured by overriding DNS to point to linkerd; that's functionally similar to using overrideAuthority.
On Thu, Aug 10, 2017 at 1:37 PM, <vadim.iva...@gmail.com> wrote: > I use https://linkerd.io/ for the proxy - it performs load balancing and > name resolution. It is HTTP/2 aware and uses authority header by default to > resolve names. > > Yes, I use insecure channels and need to route certain connections only > through the proxy, so setting global http proxy will not work. > > On Thursday, August 10, 2017 at 3:31:29 PM UTC-4, Eric Anderson wrote: >> >> On Wed, Aug 9, 2017 at 1:56 PM, <vadim....@gmail.com> wrote: >> >>> What's the right way to override authority for a channel or stub? >>> >>> I see there is withAuthority method in CallOptions, but there is no >>> withAuthority method in AbstractStub and I cannot pass CallOptions to >>> generated stubs. >>> >> >> The withAuthority in CallOptions is a bit dangerous because it doesn't >> currently verify the TLS certificate when being used. >> >> There is overrideAuthority method in ManagedChannelBuilder class, but the >>> comment says "Should only used by tests". >>> >>> In gRPC C# I can do something like that: >>> >>> var channel = new Channel( >>> "myproxy:4140", >>> ChannelCredentials.Insecure, >>> new []{new ChannelOption(ChannelOptions.DefaultAuthority, >>> "original-authority")}); >>> >> >> The equivalent of that in Java is ManagedChannelBuilder.overrideAuthority(). >> The only reason that works though is because you are using insecure. I'm >> assuming that the proxy is a TCP-level proxy that knows nothing of HTTP/2. >> >> How does the proxy know where to proxy to? Normally we'd expect to see an >> HTTPS proxy and we'd use HTTP's CONNECT to form a connection. >> > -- > You received this message because you are subscribed to the Google Groups " > grpc.io" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to grpc-io+unsubscr...@googlegroups.com. > To post to this group, send email to grpc-io@googlegroups.com. > Visit this group at https://groups.google.com/group/grpc-io. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/grpc-io/446c1de1-11c6-4fef-9480-fbaec7d6fcb5%40googlegroups.com > <https://groups.google.com/d/msgid/grpc-io/446c1de1-11c6-4fef-9480-fbaec7d6fcb5%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+unsubscr...@googlegroups.com. To post to this group, send email to grpc-io@googlegroups.com. Visit this group at https://groups.google.com/group/grpc-io. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/CA%2B4M1oOjUcGpnwUHOOqVyLX-GoAc193-eYiPatTdMjvx0eVY-A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
smime.p7s
Description: S/MIME Cryptographic Signature
