This is an automated email from the ASF dual-hosted git repository. rxl pushed a commit to branch branch-2.6 in repository https://gitbox.apache.org/repos/asf/pulsar.git
commit 85c5979dc079ac285767050664c25b39577943d5 Author: Yang Yang <yy...@streamnative.io> AuthorDate: Thu Jul 2 12:58:00 2020 +0800 [pulsar-perf] Supports `tlsAllowInsecureConnection` in pulsar-perf produce/consume/read. (#7300) ### Motivation Add support of `tlsAllowInsecureConnection` config to the command-line tool `pulsar-perf`, to support `produce/consume/read` performance tests to clusters with insecure tls connections. ### Modifications Parse option `tlsAllowInsecureConnection` from program arguments or the config file when executing `produce/consume/read` performance tests. (cherry picked from commit 9b178c8160cb2d0819ad09c758c3a27adafaf17f) --- .../apache/pulsar/testclient/PerformanceConsumer.java | 15 ++++++++++++++- .../apache/pulsar/testclient/PerformanceProducer.java | 18 +++++++++++++++--- .../apache/pulsar/testclient/PerformanceReader.java | 13 +++++++++++++ site2/docs/reference-cli-tools.md | 4 +++- 4 files changed, 45 insertions(+), 5 deletions(-) diff --git a/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceConsumer.java b/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceConsumer.java index 61b027d..196c557 100644 --- a/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceConsumer.java +++ b/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceConsumer.java @@ -141,6 +141,10 @@ public class PerformanceConsumer { "--trust-cert-file" }, description = "Path for the trusted TLS certificate file") public String tlsTrustCertsFilePath = ""; + @Parameter(names = { + "--tls-allow-insecure" }, description = "Allow insecure TLS connection") + public Boolean tlsAllowInsecureConnection = null; + @Parameter(names = { "-k", "--encryption-key-name" }, description = "The private key name to decrypt payload") public String encKeyName = null; @@ -205,6 +209,11 @@ public class PerformanceConsumer { if (isBlank(arguments.tlsTrustCertsFilePath)) { arguments.tlsTrustCertsFilePath = prop.getProperty("tlsTrustCertsFilePath", ""); } + + if (arguments.tlsAllowInsecureConnection == null) { + arguments.tlsAllowInsecureConnection = Boolean.parseBoolean(prop + .getProperty("tlsAllowInsecureConnection", "")); + } } // Dump config variables @@ -254,6 +263,10 @@ public class PerformanceConsumer { clientBuilder.authentication(arguments.authPluginClassName, arguments.authParams); } + if (arguments.tlsAllowInsecureConnection != null) { + clientBuilder.allowTlsInsecureConnection(arguments.tlsAllowInsecureConnection); + } + PulsarClient pulsarClient = clientBuilder.build(); class EncKeyReader implements CryptoKeyReader { @@ -390,4 +403,4 @@ public class PerformanceConsumer { } private static final Logger log = LoggerFactory.getLogger(PerformanceConsumer.class); -} \ No newline at end of file +} diff --git a/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceProducer.java b/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceProducer.java index 9e9d0e8..d24b9b9 100644 --- a/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceProducer.java +++ b/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceProducer.java @@ -164,7 +164,7 @@ public class PerformanceProducer { @Parameter(names = { "-b", "--batch-time-window" }, description = "Batch messages in 'x' ms window (Default: 1ms)") public double batchTimeMillis = 1.0; - + @Parameter(names = { "-bm", "--batch-max-messages" }, description = "Maximum number of messages per batch") @@ -186,6 +186,10 @@ public class PerformanceProducer { "--trust-cert-file" }, description = "Path for the trusted TLS certificate file") public String tlsTrustCertsFilePath = ""; + @Parameter(names = { + "--tls-allow-insecure" }, description = "Allow insecure TLS connection") + public Boolean tlsAllowInsecureConnection = null; + @Parameter(names = { "-k", "--encryption-key-name" }, description = "The public key name to encrypt payload") public String encKeyName = null; @@ -196,7 +200,7 @@ public class PerformanceProducer { @Parameter(names = { "-d", "--delay" }, description = "Mark messages with a given delay in seconds") public long delay = 0; - + @Parameter(names = { "-ef", "--exit-on-failure" }, description = "Exit from the process on publish failure (default: disable)") public boolean exitOnFailure = false; @@ -281,6 +285,10 @@ public class PerformanceProducer { if (isBlank(arguments.tlsTrustCertsFilePath)) { arguments.tlsTrustCertsFilePath = prop.getProperty("tlsTrustCertsFilePath", ""); } + if (arguments.tlsAllowInsecureConnection == null) { + arguments.tlsAllowInsecureConnection = Boolean.parseBoolean(prop + .getProperty("tlsAllowInsecureConnection", "")); + } } // Dump config variables @@ -416,6 +424,10 @@ public class PerformanceProducer { clientBuilder.authentication(arguments.authPluginClassName, arguments.authParams); } + if (arguments.tlsAllowInsecureConnection != null) { + clientBuilder.allowTlsInsecureConnection(arguments.tlsAllowInsecureConnection); + } + client = clientBuilder.build(); ProducerBuilder<byte[]> producerBuilder = client.newProducer() // .sendTimeout(0, TimeUnit.SECONDS) // @@ -587,4 +599,4 @@ public class PerformanceProducer { static final DecimalFormat dec = new PaddingDecimalFormat("0.000", 7); static final DecimalFormat totalFormat = new DecimalFormat("0.000"); private static final Logger log = LoggerFactory.getLogger(PerformanceProducer.class); -} \ No newline at end of file +} diff --git a/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceReader.java b/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceReader.java index 9e5480e..218ea30 100644 --- a/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceReader.java +++ b/pulsar-testclient/src/main/java/org/apache/pulsar/testclient/PerformanceReader.java @@ -107,6 +107,10 @@ public class PerformanceReader { "--trust-cert-file" }, description = "Path for the trusted TLS certificate file") public String tlsTrustCertsFilePath = ""; + @Parameter(names = { + "--tls-allow-insecure" }, description = "Allow insecure TLS connection") + public Boolean tlsAllowInsecureConnection = null; + @Parameter(names = { "-time", "--test-duration" }, description = "Test duration in secs. If 0, it will keep consuming") public long testTime = 0; @@ -168,6 +172,11 @@ public class PerformanceReader { if (isBlank(arguments.tlsTrustCertsFilePath)) { arguments.tlsTrustCertsFilePath = prop.getProperty("tlsTrustCertsFilePath", ""); } + + if (arguments.tlsAllowInsecureConnection == null) { + arguments.tlsAllowInsecureConnection = Boolean.parseBoolean(prop + .getProperty("tlsAllowInsecureConnection", "")); + } } // Dump config variables @@ -207,6 +216,10 @@ public class PerformanceReader { clientBuilder.authentication(arguments.authPluginClassName, arguments.authParams); } + if (arguments.tlsAllowInsecureConnection != null) { + clientBuilder.allowTlsInsecureConnection(arguments.tlsAllowInsecureConnection); + } + PulsarClient pulsarClient = clientBuilder.build(); List<CompletableFuture<Reader<byte[]>>> futures = Lists.newArrayList(); diff --git a/site2/docs/reference-cli-tools.md b/site2/docs/reference-cli-tools.md index 9a87c8c..eb3a989 100644 --- a/site2/docs/reference-cli-tools.md +++ b/site2/docs/reference-cli-tools.md @@ -431,6 +431,7 @@ Options |`-st`, `--subscription-type`|Subscriber type. Possible values are Exclusive, Shared, Failover, Key_Shared.|Exclusive| |`-sp`, `--subscription-position`|Subscriber position. Possible values are Latest, Earliest.|Latest| |`--trust-cert-file`|Path for the trusted TLS certificate file|| +|`--tls-allow-insecure`|Allow insecure TLS connection|| ### `produce` @@ -468,6 +469,7 @@ Options |`-time`, `--test-duration`|Test duration in secs. If set to 0, it will keep publishing.|0| |`--trust-cert-file`|Path for the trusted TLS certificate file|| |`--warmup-time`|Warm-up time in seconds|1| +|`--tls-allow-insecure`|Allow insecure TLS connection|| ### `read` @@ -494,7 +496,7 @@ Options |`-i`, `--stats-interval-seconds`|Statistics interval seconds. If 0, statistics will be disabled.|0| |`--trust-cert-file`|Path for the trusted TLS certificate file|| |`--use-tls`|Use TLS encryption on the connection|false| - +|`--tls-allow-insecure`|Allow insecure TLS connection|| ### `websocket-producer` Run a websocket producer