apucher commented on a change in pull request #6822:
URL: https://github.com/apache/incubator-pinot/pull/6822#discussion_r617101040
##########
File path:
pinot-core/src/main/java/org/apache/pinot/core/util/ListenerConfigUtil.java
##########
@@ -143,6 +143,27 @@ private ListenerConfigUtil() {
return listeners;
}
+ public static List<ListenerConfig>
buildMinionAdminConfigs(PinotConfiguration minionConf) {
+ List<ListenerConfig> listeners = new ArrayList<>();
+
+ String adminApiPortString =
minionConf.getProperty(CommonConstants.Minion.CONFIG_OF_ADMIN_API_PORT);
+ if (adminApiPortString != null) {
+ listeners.add(new ListenerConfig(CommonConstants.HTTP_PROTOCOL,
DEFAULT_HOST, Integer.parseInt(adminApiPortString),
+ CommonConstants.HTTP_PROTOCOL, new TlsConfig()));
+ }
+
+ TlsConfig tlsDefaults = TlsUtils.extractTlsConfig(minionConf,
CommonConstants.Minion.MINION_TLS_PREFIX);
+ listeners.addAll(buildListenerConfigs(minionConf, "pinot.minion.adminapi",
tlsDefaults));
+
+ // support legacy behavior < 0.7.0
+ if (listeners.isEmpty()) {
Review comment:
We'll have move to ListenerSpecs anyways. Otherwise, SSL will forever be
off by default and any pinot user will be non-compliant with the GDPRs (and
knock-offs)
listener spec examples:
https://docs.pinot.apache.org/operators/tutorials/configuring-tls-ssl
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
