You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
163 lines
6.1 KiB
163 lines
6.1 KiB
grpc Examples
|
|
==============================================
|
|
|
|
The examples require grpc-java to already be built. You are strongly encouraged
|
|
to check out a git release tag, since there will already be a build of grpc
|
|
available. Otherwise you must follow [COMPILING](../COMPILING.md).
|
|
|
|
You may want to read through the
|
|
[Quick Start Guide](https://grpc.io/docs/quickstart/java.html)
|
|
before trying out the examples.
|
|
|
|
To build the examples, run in this directory:
|
|
|
|
```
|
|
$ ./gradlew installDist
|
|
```
|
|
|
|
This creates the scripts `hello-world-server`, `hello-world-client`,
|
|
`hello-world-tls-server`, `hello-world-tls-client`,
|
|
`route-guide-server`, and `route-guide-client` in the
|
|
`build/install/examples/bin/` directory that run the examples. Each
|
|
example requires the server to be running before starting the client.
|
|
|
|
For example, to try the hello world example first run:
|
|
|
|
```
|
|
$ ./build/install/examples/bin/hello-world-server
|
|
```
|
|
|
|
And in a different terminal window run:
|
|
|
|
```
|
|
$ ./build/install/examples/bin/hello-world-client
|
|
```
|
|
|
|
### Hello World with TLS
|
|
|
|
Running the hello world with TLS is the same as the normal hello world, but takes additional args:
|
|
|
|
**hello-world-tls-server**:
|
|
|
|
```text
|
|
USAGE: HelloWorldServerTls host port certChainFilePath privateKeyFilePath [trustCertCollectionFilePath]
|
|
Note: You only need to supply trustCertCollectionFilePath if you want to enable Mutual TLS.
|
|
```
|
|
|
|
**hello-world-tls-client**:
|
|
|
|
```text
|
|
USAGE: HelloWorldClientTls host port [trustCertCollectionFilePath] [clientCertChainFilePath] [clientPrivateKeyFilePath]
|
|
Note: clientCertChainFilePath and clientPrivateKeyFilePath are only needed if mutual auth is desired. And if you specify clientCertChainFilePath you must also specify clientPrivateKeyFilePath
|
|
```
|
|
|
|
#### Generating self-signed certificates for use with grpc
|
|
|
|
You can use the following script to generate self-signed certificates for grpc-java including the hello world with TLS examples:
|
|
|
|
```bash
|
|
# Changes these CN's to match your hosts in your environment if needed.
|
|
SERVER_CN=localhost
|
|
CLIENT_CN=localhost # Used when doing mutual TLS
|
|
|
|
echo Generate CA key:
|
|
openssl genrsa -passout pass:1111 -des3 -out ca.key 4096
|
|
echo Generate CA certificate:
|
|
# Generates ca.crt which is the trustCertCollectionFile
|
|
openssl req -passin pass:1111 -new -x509 -days 365 -key ca.key -out ca.crt -subj "/CN=${SERVER_CN}"
|
|
echo Generate server key:
|
|
openssl genrsa -passout pass:1111 -des3 -out server.key 4096
|
|
echo Generate server signing request:
|
|
openssl req -passin pass:1111 -new -key server.key -out server.csr -subj "/CN=${SERVER_CN}"
|
|
echo Self-signed server certificate:
|
|
# Generates server.crt which is the certChainFile for the server
|
|
openssl x509 -req -passin pass:1111 -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
|
|
echo Remove passphrase from server key:
|
|
openssl rsa -passin pass:1111 -in server.key -out server.key
|
|
echo Generate client key
|
|
openssl genrsa -passout pass:1111 -des3 -out client.key 4096
|
|
echo Generate client signing request:
|
|
openssl req -passin pass:1111 -new -key client.key -out client.csr -subj "/CN=${CLIENT_CN}"
|
|
echo Self-signed client certificate:
|
|
# Generates client.crt which is the clientCertChainFile for the client (need for mutual TLS only)
|
|
openssl x509 -passin pass:1111 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt
|
|
echo Remove passphrase from client key:
|
|
openssl rsa -passin pass:1111 -in client.key -out client.key
|
|
echo Converting the private keys to X.509:
|
|
# Generates client.pem which is the clientPrivateKeyFile for the Client (needed for mutual TLS only)
|
|
openssl pkcs8 -topk8 -nocrypt -in client.key -out client.pem
|
|
# Generates server.pem which is the privateKeyFile for the Server
|
|
openssl pkcs8 -topk8 -nocrypt -in server.key -out server.pem
|
|
```
|
|
|
|
#### Hello world example with TLS (no mutual auth):
|
|
|
|
```bash
|
|
# Server
|
|
./build/install/examples/bin/hello-world-server-tls mate 50440 ~/Downloads/sslcert/server.crt ~/Downloads/sslcert/server.pem
|
|
# Client
|
|
./build/install/examples/bin/hello-world-client-tls mate 50440 ~/Downloads/sslcert/ca.crt
|
|
```
|
|
|
|
#### Hello world example with TLS with mutual auth:
|
|
|
|
```bash
|
|
# Server
|
|
./build/install/examples/bin/hello-world-server-tls mate 54440 ~/Downloads/sslcert/server.crt ~/Downloads/sslcert/server.pem ~/Downloads/sslcert/ca.crt
|
|
# Client
|
|
./build/install/examples/bin/hello-world-client-tls mate 54440 ~/Downloads/sslcert/ca.crt ~/Downloads/sslcert/client.crt ~/Downloads/sslcert/client.pem
|
|
```
|
|
|
|
That's it!
|
|
|
|
Please refer to gRPC Java's [README](../README.md) and
|
|
[tutorial](https://grpc.io/docs/tutorials/basic/java.html) for more
|
|
information.
|
|
|
|
## Maven
|
|
|
|
If you prefer to use Maven:
|
|
```
|
|
$ mvn verify
|
|
$ # Run the server
|
|
$ mvn exec:java -Dexec.mainClass=io.grpc.examples.helloworld.HelloWorldServer
|
|
$ # In another terminal run the client
|
|
$ mvn exec:java -Dexec.mainClass=io.grpc.examples.helloworld.HelloWorldClient
|
|
```
|
|
|
|
## Bazel
|
|
|
|
If you prefer to use Bazel:
|
|
```
|
|
(With Bazel v0.8.0 or above.)
|
|
$ bazel build :hello-world-server :hello-world-client
|
|
$ # Run the server:
|
|
$ bazel-bin/hello-world-server
|
|
$ # In another terminal run the client
|
|
$ bazel-bin/hello-world-client
|
|
```
|
|
|
|
Unit test examples
|
|
==============================================
|
|
|
|
Examples for unit testing gRPC clients and servers are located in [examples/src/test](src/test).
|
|
|
|
In general, we DO NOT allow overriding the client stub.
|
|
We encourage users to leverage `InProcessTransport` as demonstrated in the examples to
|
|
write unit tests. `InProcessTransport` is light-weight and runs the server
|
|
and client in the same process without any socket/TCP connection.
|
|
|
|
For testing a gRPC client, create the client with a real stub
|
|
using an
|
|
[InProcessChannel](../core/src/main/java/io/grpc/inprocess/InProcessChannelBuilder.java),
|
|
and test it against an
|
|
[InProcessServer](../core/src/main/java/io/grpc/inprocess/InProcessServerBuilder.java)
|
|
with a mock/fake service implementation.
|
|
|
|
For testing a gRPC server, create the server as an InProcessServer,
|
|
and test it against a real client stub with an InProcessChannel.
|
|
|
|
The gRPC-java library also provides a JUnit rule,
|
|
[GrpcServerRule](../testing/src/main/java/io/grpc/testing/GrpcCleanupRule.java), to do the graceful
|
|
shutdown boilerplate for you.
|