This is an automated email from the ASF dual-hosted git repository.
bschuchardt pushed a commit to branch feature/GEODE-7852doc
in repository https://gitbox.apache.org/repos/asf/geode.git
commit 276582533c885092d8e1d076d426a4c9f2e0b908
Author: Bruce Schuchardt <bschucha...@pivotal.io>
AuthorDate: Tue Apr 7 14:27:38 2020 -0700
GEODE-7852: SNI extension support
Modified SNISocketFactory so it can be used in cache.xml
Added a test for the new cache.xml element.
Updated docs for cache.xml and updated client configuration
instructions.
---
.../geode/client/sni/ClientSNIAcceptanceTest.java | 1 +
.../cache/client/ClientCacheFactoryJUnitTest.java | 10 ++++++++-
.../ClientCacheFactoryJUnitTest_single_pool.xml | 9 ++++++++
.../geode/cache/client/proxy/SniSocketFactory.java | 20 ++++++++++++++---
.../topics/client-cache-elements-list.html.md.erb | 1 +
.../reference/topics/client-cache.html.md.erb | 26 ++++++++++++++++++++++
.../setting_up_a_client_server_system.html.md.erb | 17 ++++++++++++--
.../geode/test/dunit/internal/ProcessManager.java | 6 +++--
8 files changed, 82 insertions(+), 8 deletions(-)
diff --git
a/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/ClientSNIAcceptanceTest.java
b/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/ClientSNIAcceptanceTest.java
index 69aa5d8..4f47fd0 100644
---
a/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/ClientSNIAcceptanceTest.java
+++
b/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/ClientSNIAcceptanceTest.java
@@ -97,5 +97,6 @@ public class ClientSNIAcceptanceTest {
region.destroy("hello");
region.put("hello", "world");
assertThat(region.get("hello")).isEqualTo("world");
+ assertThat(region.get("foo")).isEqualTo("bar");
}
}
diff --git
a/geode-core/src/integrationTest/java/org/apache/geode/cache/client/ClientCacheFactoryJUnitTest.java
b/geode-core/src/integrationTest/java/org/apache/geode/cache/client/ClientCacheFactoryJUnitTest.java
index 9074473..e5147df 100644
---
a/geode-core/src/integrationTest/java/org/apache/geode/cache/client/ClientCacheFactoryJUnitTest.java
+++
b/geode-core/src/integrationTest/java/org/apache/geode/cache/client/ClientCacheFactoryJUnitTest.java
@@ -32,6 +32,7 @@ import java.io.IOException;
import java.io.PrintWriter;
import java.net.InetAddress;
import java.net.InetSocketAddress;
+import java.net.Socket;
import java.net.URL;
import java.nio.charset.Charset;
import java.util.Collections;
@@ -52,6 +53,7 @@ import org.apache.geode.DataSerializer;
import org.apache.geode.cache.RegionService;
import org.apache.geode.cache.client.internal.ProxyCache;
import org.apache.geode.cache.client.internal.UserAttributes;
+import org.apache.geode.cache.client.proxy.SniSocketFactory;
import org.apache.geode.cache.server.CacheServer;
import org.apache.geode.distributed.DistributedSystem;
import org.apache.geode.distributed.internal.InternalDistributedSystem;
@@ -62,6 +64,7 @@ import org.apache.geode.internal.cache.GemFireCacheImpl;
import org.apache.geode.internal.cache.tier.sockets.ClientProxyMembershipID;
import org.apache.geode.internal.cache.xmlcache.CacheXmlGenerator;
import org.apache.geode.internal.cache.xmlcache.ClientCacheCreation;
+import org.apache.geode.internal.inet.LocalHostUtil;
import org.apache.geode.internal.serialization.Version;
import org.apache.geode.internal.serialization.VersionedDataInputStream;
import org.apache.geode.pdx.ReflectionBasedAutoSerializer;
@@ -127,7 +130,7 @@ public class ClientCacheFactoryJUnitTest {
}
@Test
- public void test001FindDefaultFromXML() throws Exception {
+ public void test001FindDefaultPoolFromXML() throws Exception {
File cacheXmlFile =
temporaryFolder.newFile("ClientCacheFactoryJUnitTest.xml");
URL url = ClientCacheFactoryJUnitTest.class
.getResource("ClientCacheFactoryJUnitTest_single_pool.xml");
@@ -149,6 +152,11 @@ public class ClientCacheFactoryJUnitTest {
.isEqualTo(PoolFactory.DEFAULT_SOCKET_CONNECT_TIMEOUT);
assertThat(defPool.getServers()).isEqualTo(
Collections.singletonList(new InetSocketAddress("localhost",
CacheServer.DEFAULT_PORT)));
+
+
assertThat(defPool.getSocketFactory()).isInstanceOf(SniSocketFactory.class);
+ Socket socket = defPool.getSocketFactory().createSocket();
+ assertThat(socket.getPort()).isEqualTo(12345);
+
assertThat(socket.getInetAddress()).isEqualTo(LocalHostUtil.getLocalHost());
}
/**
diff --git
a/geode-core/src/test/resources/org/apache/geode/cache/client/ClientCacheFactoryJUnitTest_single_pool.xml
b/geode-core/src/integrationTest/resources/org/apache/geode/cache/client/ClientCacheFactoryJUnitTest_single_pool.xml
similarity index 82%
rename from
geode-core/src/test/resources/org/apache/geode/cache/client/ClientCacheFactoryJUnitTest_single_pool.xml
rename to
geode-core/src/integrationTest/resources/org/apache/geode/cache/client/ClientCacheFactoryJUnitTest_single_pool.xml
index f139459..82666d9 100644
---
a/geode-core/src/test/resources/org/apache/geode/cache/client/ClientCacheFactoryJUnitTest_single_pool.xml
+++
b/geode-core/src/integrationTest/resources/org/apache/geode/cache/client/ClientCacheFactoryJUnitTest_single_pool.xml
@@ -27,5 +27,14 @@
version="1.0">
<pool name="my_pool_name" multiuser-authentication="true">
<server host="localhost" port="40404"/>
+ <socket-factory>
+
<class-name>org.apache.geode.cache.client.proxy.SniSocketFactory</class-name>
+ <parameter name="hostname">
+ <string>localhost</string>
+ </parameter>
+ <parameter name="port">
+ <string>40404</string>
+ </parameter>
+ </socket-factory>
</pool>
</client-cache>
diff --git
a/geode-core/src/main/java/org/apache/geode/cache/client/proxy/SniSocketFactory.java
b/geode-core/src/main/java/org/apache/geode/cache/client/proxy/SniSocketFactory.java
index 584a405..f7ee5c3 100644
---
a/geode-core/src/main/java/org/apache/geode/cache/client/proxy/SniSocketFactory.java
+++
b/geode-core/src/main/java/org/apache/geode/cache/client/proxy/SniSocketFactory.java
@@ -18,24 +18,38 @@ package org.apache.geode.cache.client.proxy;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Socket;
+import java.util.Properties;
+import org.apache.geode.cache.Cache;
+import org.apache.geode.cache.Declarable;
import org.apache.geode.cache.client.SocketFactory;
+import org.apache.geode.internal.DistributionLocator;
/**
* A {@link SocketFactory} that connects a client to locators and servers
* through a SNI proxy.
*/
-public class SniSocketFactory implements SocketFactory {
+public class SniSocketFactory implements SocketFactory, Declarable {
- private final String hostname;
- private final int port;
+ private String hostname;
+ private int port;
+
+ public SniSocketFactory() {} // required by Declarable
public SniSocketFactory(String hostname, int port) {
this.hostname = hostname;
this.port = port;
}
+ @Override // Declarable
+ public void initialize(Cache cache, Properties properties) {
+ this.hostname = properties.getProperty("hostname");
+ String portString =
+ properties.getProperty("port", "" +
DistributionLocator.DEFAULT_LOCATOR_PORT);
+ this.port = Integer.parseInt(portString);
+ }
+
@Override
public Socket createSocket() throws IOException {
return new SniProxySocket(new InetSocketAddress(hostname, port));
diff --git a/geode-docs/reference/topics/client-cache-elements-list.html.md.erb
b/geode-docs/reference/topics/client-cache-elements-list.html.md.erb
index 0d26303..edb6f6d 100644
--- a/geode-docs/reference/topics/client-cache-elements-list.html.md.erb
+++ b/geode-docs/reference/topics/client-cache-elements-list.html.md.erb
@@ -31,6 +31,7 @@ For details, see [<client-cache> Element
Reference.](client-cache.html)
<pool>
<locator>
<server>
+ <socket-factory>
<disk-store>
<disk-dirs>
<disk-dir>
diff --git a/geode-docs/reference/topics/client-cache.html.md.erb
b/geode-docs/reference/topics/client-cache.html.md.erb
index 0db531b..a221e3e 100644
--- a/geode-docs/reference/topics/client-cache.html.md.erb
+++ b/geode-docs/reference/topics/client-cache.html.md.erb
@@ -338,6 +338,32 @@ Provide a server list or `locator` list, but not both.
port="123456"/>
</pool>
```
+## <a id="cc-socket-factory" class="no-quick-link"></a><socket-factory>
+
+Defines a factory to create socket connections to locators and servers. A
typical use of this element is to redirect connections to an ingress gateway
such as Istio or HAProxy in a cluster where the TLS (SSL) Server Name Extension
field is set to indicate the actual locator or server the client is trying to
reach. This allows you to expose only the gateway hostname:port without the
client needing to be able to resolve the names of the locator and server
machines.
+
+**Note:**
+This setting may be used with either a Server list or a Locator list. It will
be used to form connections to either.
+
+**Default:**
+
+**API:** `org.apache.geode.cache.client.proxy.ProxySocketFactories`
+
+**Example:**
+
+``` pre
+<pool ...>
+ <socket-factory>
+
<class-name>org.apache.geode.cache.client.proxy.SniSocketFactory</class-name>
+ <parameter name="hostname">
+ <string>my-haproxy-address</string>
+ </parameter>
+ <parameter name="port">
+ <string>12345</string>
+ </parameter>
+ </socket-factory>
+</pool>
+```
## <a id="cc-disk-store" class="no-quick-link"></a><disk-store>
diff --git
a/geode-docs/topologies_and_comm/cs_configuration/setting_up_a_client_server_system.html.md.erb
b/geode-docs/topologies_and_comm/cs_configuration/setting_up_a_client_server_system.html.md.erb
index 7bdeaa5..c032cac 100644
---
a/geode-docs/topologies_and_comm/cs_configuration/setting_up_a_client_server_system.html.md.erb
+++
b/geode-docs/topologies_and_comm/cs_configuration/setting_up_a_client_server_system.html.md.erb
@@ -53,8 +53,8 @@ Configure your server and client processes and data regions
to run your client/s
<client-cache>
<pool name="publisher" subscription-enabled="true">
- <locator host="lucy" port="41111"/>
- <locator host="lucy" port="41111"/>
+ <locator host="lucy1" port="41111"/>
+ <locator host="lucy2" port="41111"/>
</pool>
...
<region name="clientRegion" ...
@@ -62,6 +62,19 @@ Configure your server and client processes and data regions
to run your client/s
You do not need to provide the complete list of locators to the clients at
startup, but you should provide as complete a list as possible. The locators
maintain a dynamic list of locators and servers and provide the information to
the clients as needed.
+ When TLS (SSL) is used clients can also be directed to go through a SNI
gateway such as Istio or HAProxy to reach locators and servers. To do this add
the following to your cache.xml pool configuration:
+ <pool... >
+ <socket-factory>
+
<class-name>org.apache.geode.cache.client.proxy.SniSocketFactory</class-name>
+ <parameter name="hostname">
+ <string>my-gateway-address</string>
+ </parameter>
+ <parameter name="port">
+ <string>my-gateway-port-number</string>
+ </parameter>
+ </socket-factory>
+ </pool>
+
3.
Configure the server data regions for client/server work, following these
guidelines. These do not need to be performed in this order.
diff --git
a/geode-dunit/src/main/java/org/apache/geode/test/dunit/internal/ProcessManager.java
b/geode-dunit/src/main/java/org/apache/geode/test/dunit/internal/ProcessManager.java
index bee2551..73af9dd 100755
---
a/geode-dunit/src/main/java/org/apache/geode/test/dunit/internal/ProcessManager.java
+++
b/geode-dunit/src/main/java/org/apache/geode/test/dunit/internal/ProcessManager.java
@@ -258,8 +258,10 @@ class ProcessManager implements ChildVMLauncher {
// remove current-version product classes and resources from the
classpath
dunitClasspath =
removeModulesFromPath(dunitClasspath, "geode-common", "geode-core",
"geode-cq",
- "geode-http-service", "geode-json", "geode-log4j",
"geode-lucene",
- "geode-serialization", "geode-wan", "geode-gfsh");
+ "geode-http-service", "geode-json", "geode-log4j",
"geode-lucene", "geode-tcp-server",
+ "geode-membership", "geode-management", "geode-logging",
"geode-web",
+ "geode-rebalancer",
+ "geode-serialization", "geode-wan", "geode-gfsh",
"geode-lucene");
classPath = versionManager.getClasspath(version) + File.pathSeparator +
dunitClasspath;
}
