zeroflag opened a new pull request, #670:
URL: https://github.com/apache/knox/pull/670
## What changes were proposed in this pull request?
This is a similar implementation as the existing zookeeper based monitor,
but it uses the SQL DB. Zookeeper is not always available and the DB is already
used by the token state service.
The purpose of this monitor is to periodically check the DB for
shared-providers and descriptors and update the local file system with the
changes from the DB.
1. If a provider/descriptor is deleted from the db but exists on the file
system the monitor is going to delete it from the file system
2. If a provider/descriptor exists in the DB but missing from the file
system the monitor is going to download it from the DB to the FS.
3. If a provider/descriptor has a different content than the corresponding
local file, then the monitor is going to update the local file with the content
from he DB.
The provider logic is implementeed in DbRemoteConfigurationMonitor.
## How was this patch tested?
gateway-site.xml
```
<property>
<name>gateway.service.remoteconfigurationmonitor.impl</name>
<value>org.apache.knox.gateway.topology.monitor.db.DbRemoteConfigurationMonitor</value>
</property>
<property>
<name>gateway.database.type</name>
<value>mysql</value>
</property>
<property>
<name>gateway.database.connection.url</name>
<value>jdbc:mysql://root:root@localhost:3306/knox</value>
</property>
```
Creating provider with curl:
```bash
$ curl -X PUT -H "Content-Type: application/json" -v -k -u
admin:admin-password -d "{'x':'y'}"
https://localhost:8443/gateway/admin/api/v1/providerconfig/newprov
```
Checking the DB:
```
mysql> select * from knox_providers;
+--------------+-----------+---------------------+
| name | content | last_modified_time |
+--------------+-----------+---------------------+
| newprov.json | {'x':'y'} | 2022-11-09 09:45:28 |
+--------------+-----------+---------------------+
1 row in set (0.00 sec)
```
Checking the local FS:
```bash
$ cat conf/shared-providers/newprov.json
{'x':'y'}
```
Creating descriptor with curl:
```bash
$ curl -X PUT -H "Content-Type: application/json" -v -k -u
admin:admin-password -d "{'x':'y'}"
https://localhost:8443/gateway/admin/api/v1/descriptors/newdesc
```
Checking the DB:
```
mysql> select * from knox_descriptors;
+--------------+---------------+---------------------+
| name | content | last_modified_time |
+--------------+---------------+---------------------+
| newdesc.json | {'abc':'def'} | 2022-11-09 09:47:06 |
+--------------+---------------+---------------------+
```
Checking the local FS:
```bash
$ cat conf/descriptors/newdesc.json
{'abc':'def'}
```
Deleting provider with curl:
```bash
$ curl -X DELETE -H "Content-Type: application/json" -v -k -u
admin:admin-password
https://localhost:8443/gateway/admin/api/v1/providerconfig/newprov.json
```
Checking the DB and FS:
```bash
$ ls conf/shared-providers/
mysql> select * from knox_providers;
Empty set (0.00 sec)
```
Deleting descriptor with curl:
```bash
$ curl -X DELETE -H "Content-Type: application/json" -v -k -u
admin:admin-password
https://localhost:8443/gateway/admin/api/v1/descriptors/newdesc.json
```
Checking the DB and FS:
```bash
$ cat conf/descriptors/newdesc.json
mysql> select * from knox_descriptors;
Empty set (0.00 sec)
```
Repeated the same tests using the Admin UI.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
