[jira] [Work logged] (ARTEMIS-4709) Add a plugin to provide periodic expiry of connections on a per acceptor basis

Wed, 03 Apr 2024 03:34:03 -0700 


     [ 
https://issues.apache.org/jira/browse/ARTEMIS-4709?focusedWorklogId=912808&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-912808
 ]

ASF GitHub Bot logged work on ARTEMIS-4709:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 03/Apr/24 10:33
            Start Date: 03/Apr/24 10:33
    Worklog Time Spent: 10m 
      Work Description: gtully commented on code in PR #4871:
URL: https://github.com/apache/activemq-artemis/pull/4871#discussion_r1549442970


##########
artemis-server/src/main/java/org/apache/activemq/artemis/core/server/plugin/impl/ConnectionPeriodicExpiryPlugin.java:
##########
@@ -0,0 +1,130 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.activemq.artemis.core.server.plugin.impl;
+
+import java.util.Map;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.ScheduledFuture;
+import java.util.concurrent.TimeUnit;
+import java.util.regex.Pattern;
+
+import org.apache.activemq.artemis.api.core.ActiveMQDisconnectedException;
+import org.apache.activemq.artemis.core.remoting.impl.netty.NettyAcceptor;
+import 
org.apache.activemq.artemis.core.remoting.impl.netty.NettyServerConnection;
+import org.apache.activemq.artemis.core.remoting.server.RemotingService;
+import org.apache.activemq.artemis.core.server.ActiveMQServer;
+import org.apache.activemq.artemis.core.server.plugin.ActiveMQServerBasePlugin;
+import org.apache.activemq.artemis.spi.core.protocol.RemotingConnection;
+import org.apache.activemq.artemis.spi.core.remoting.Acceptor;
+import org.apache.activemq.artemis.utils.RandomUtil;
+
+public class ConnectionPeriodicExpiryPlugin implements 
ActiveMQServerBasePlugin {
+
+   private String name;
+   private long periodSeconds;
+   private int accuracyWindowSeconds;
+   private String acceptorMatchRegex;
+
+   private ScheduledExecutorService executor;
+   private RemotingService remotingService;
+   private Pattern matchPattern;
+   private ScheduledFuture<?> task;
+
+   public ConnectionPeriodicExpiryPlugin() {
+      periodSeconds = TimeUnit.MINUTES.toSeconds(15);
+      accuracyWindowSeconds = 30;
+      acceptorMatchRegex = ""; // no match
+   }
+
+   @Override
+   public void registered(ActiveMQServer server) {
+      executor = server.getScheduledPool();
+      remotingService = server.getRemotingService();
+      matchPattern = Pattern.compile(acceptorMatchRegex);
+
+      task = executor.scheduleWithFixedDelay(() -> {
+
+         final long currentTime = System.currentTimeMillis();
+         for (Acceptor acceptor : remotingService.getAcceptors().values()) {
+            if (matchPattern.matcher(acceptor.getName()).matches()) {
+               if (acceptor instanceof NettyAcceptor) {
+                  NettyAcceptor nettyAcceptor = (NettyAcceptor) acceptor;
+
+                  for (NettyServerConnection nettyServerConnection : 
nettyAcceptor.getConnections().values()) {
+                     RemotingConnection remotingConnection  = 
remotingService.getConnection(nettyServerConnection.getID());
+                     if  (currentTime > remotingConnection.getCreationTime() + 
periodSeconds ) {

Review Comment:
   good catch, thanks. fixed and some more tests added





Issue Time Tracking
-------------------

    Worklog Id:     (was: 912808)
    Time Spent: 40m  (was: 0.5h)

> Add a plugin to provide periodic expiry of connections on a per acceptor basis
> ------------------------------------------------------------------------------
>
>                 Key: ARTEMIS-4709
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-4709
>             Project: ActiveMQ Artemis
>          Issue Type: New Feature
>          Components: Broker
>    Affects Versions: 2.33.0
>            Reporter: Gary Tully
>            Assignee: Gary Tully
>            Priority: Major
>             Fix For: 2.34.0
>
>          Time Spent: 40m
>  Remaining Estimate: 0h
>
> When credential rotation needs to be enforced, active connections need to be 
> terminated on some timeline to ensure credentials are reevaluated. There are 
> management apis that can be used but these require some intervention.
> In addition to enforce some SLA around duration of connections, having an 
> easy way to limit connections to a given maximum period can be helpful.
> A plugin that will be applied on an per acceptor basis, that can be used to 
> disconnect connections that have lived for some period can provide a nice 
> building block for these use cases.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to