Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ISSUE #4847] HTTPS/(m)TLSv1.3 support for HTTP Admin Server #4848

Merged
merged 10 commits into from
Jun 2, 2024
Original file line number Diff line number Diff line change
Expand Up @@ -200,6 +200,8 @@ public class Constants {

public static final String GRPC = "GRPC";

public static final String ADMIN = "ADMIN";

public static final String OS_NAME_KEY = "os.name";

public static final String OS_WIN_PREFIX = "win";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@

package org.apache.eventmesh.common.utils;

import static org.apache.eventmesh.common.Constants.ADMIN;
import static org.apache.eventmesh.common.Constants.GRPC;
import static org.apache.eventmesh.common.Constants.HTTP;
import static org.apache.eventmesh.common.Constants.TCP;
Expand All @@ -36,7 +37,7 @@ public class ConfigurationContextUtil {

private static final ConcurrentHashMap<String, CommonConfiguration> CONFIGURATION_MAP = new ConcurrentHashMap<>();

public static final List<String> KEYS = Lists.newArrayList(HTTP, TCP, GRPC);
public static final List<String> KEYS = Lists.newArrayList(HTTP, TCP, GRPC, ADMIN);

/**
* Save http, tcp, grpc configuration at startup for global use.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,6 @@ data:
# HTTP Admin Server
eventMesh.server.admin.http.port=10106
########################## eventMesh tcp configuration ############################
eventMesh.server.tcp.enabled=true
eventMesh.server.tcp.readerIdleSeconds=120
eventMesh.server.tcp.writerIdleSeconds=120
eventMesh.server.tcp.allIdleSeconds=120
Expand Down
Binary file added eventmesh-runtime/conf/admin-server.jks
Binary file not shown.
24 changes: 21 additions & 3 deletions eventmesh-runtime/conf/eventmesh.properties
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,9 @@ eventMesh.sysid=0000
eventMesh.server.tcp.port=10000
eventMesh.server.http.port=10105
eventMesh.server.grpc.port=10205
# HTTP Admin Server
eventMesh.server.admin.http.port=10106

########################## EventMesh TCP Configuration ##########################
eventMesh.server.tcp.enabled=true
########################## EventMesh Network Configuration ##########################
eventMesh.server.tcp.readerIdleSeconds=120
eventMesh.server.tcp.writerIdleSeconds=120
eventMesh.server.tcp.allIdleSeconds=120
Expand Down Expand Up @@ -64,10 +62,30 @@ eventMesh.server.retry.plugin.type=default
eventMesh.server.gracefulShutdown.sleepIntervalInMills=1000
eventMesh.server.rebalanceRedirect.sleepIntervalInMills=200

# TLS
eventMesh.server.useTls.enabled=false
eventMesh.server.ssl.protocol=TLSv1.1
eventMesh.server.ssl.cer=sChat2.jks
eventMesh.server.ssl.pass=sNetty

# ip address blacklist
eventMesh.server.blacklist.ipv4=0.0.0.0/8,127.0.0.0/8,169.254.0.0/16,255.255.255.255/32
eventMesh.server.blacklist.ipv6=::/128,::1/128,ff00::/8

########################## EventMesh HTTP Admin Configuration ##########################
# thread pool
eventMesh.server.admin.threads.num=2

# TLS
eventMesh.server.admin.useTls.enabled=false
eventMesh.server.admin.ssl.protocol=TLSv1.3
eventMesh.server.admin.ssl.cer=admin-server.jks
eventMesh.server.admin.ssl.pass=eventmesh-admin-server

# ip address blacklist
eventMesh.server.admin.blacklist.ipv4=0.0.0.0/8,127.0.0.0/8,169.254.0.0/16,255.255.255.255/32
eventMesh.server.admin.blacklist.ipv6=::/128,::1/128,ff00::/8

########################## EventMesh Plugin Configuration ##########################
# storage plugin
eventMesh.storage.plugin.type=standalone
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
import org.apache.eventmesh.runtime.configuration.EventMeshGrpcConfiguration;
import org.apache.eventmesh.runtime.configuration.EventMeshHTTPConfiguration;
import org.apache.eventmesh.runtime.configuration.EventMeshTCPConfiguration;
import org.apache.eventmesh.runtime.constants.EventMeshVersion;
import org.apache.eventmesh.runtime.util.HttpRequestUtil;

import java.lang.reflect.Field;
Expand Down Expand Up @@ -126,7 +127,7 @@ protected void get(HttpRequest httpRequest, ChannelHandlerContext ctx) {
eventMeshTCPConfiguration,
eventMeshHTTPConfiguration,
eventMeshGrpcConfiguration,
"v1.10.0-release" // TODO get version number after merging https://github.com/apache/eventmesh/pull/4055
EventMeshVersion.getCurrentVersionDesc()
);
String json = JSON.toJSONString(Result.success(getConfigurationResponse), filters.toArray(new Filter[0]));
writeJson(ctx, json);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,8 @@
import io.netty.util.ReferenceCountUtil;
import io.opentelemetry.api.trace.Span;

import lombok.Getter;
import lombok.Setter;
import lombok.extern.slf4j.Slf4j;

/**
Expand All @@ -96,6 +98,8 @@ public abstract class AbstractHTTPServer extends AbstractRemotingServer {

private final transient EventMeshHTTPConfiguration eventMeshHttpConfiguration;

@Getter
@Setter
private EventMeshHttpMetricsManager eventMeshHttpMetricsManager;

private static final DefaultHttpDataFactory DEFAULT_HTTP_DATA_FACTORY = new DefaultHttpDataFactory(false);
Expand All @@ -105,8 +109,14 @@ public abstract class AbstractHTTPServer extends AbstractRemotingServer {
}

protected final transient AtomicBoolean started = new AtomicBoolean(false);

@Getter
private final transient boolean useTLS;

@Getter
@Setter
private Boolean useTrace = false; // Determine whether trace is enabled

private static final int MAX_CONNECTIONS = 20_000;

/**
Expand All @@ -118,10 +128,13 @@ public abstract class AbstractHTTPServer extends AbstractRemotingServer {
private HttpConnectionHandler httpConnectionHandler;
private HttpDispatcher httpDispatcher;

@Setter
@Getter
private HandlerService handlerService;
private final transient ThreadPoolExecutor asyncContextCompleteHandler =
ThreadPoolFactory.createThreadPoolExecutor(10, 10, "EventMesh-http-asyncContext");

@Getter
private final HTTPThreadPoolGroup httpThreadPoolGroup;

public AbstractHTTPServer(final int port, final boolean useTLS,
Expand Down Expand Up @@ -523,32 +536,4 @@ protected void initChannel(final SocketChannel channel) {
httpDispatcher);
}
}

public void setUseTrace(final Boolean useTrace) {
this.useTrace = useTrace;
}

public Boolean getUseTrace() {
return useTrace;
}

public EventMeshHttpMetricsManager getEventMeshHttpMetricsManager() {
return eventMeshHttpMetricsManager;
}

public void setEventMeshHttpMetricsManager(final EventMeshHttpMetricsManager eventMeshHttpMetricsManager) {
this.eventMeshHttpMetricsManager = eventMeshHttpMetricsManager;
}

public HTTPThreadPoolGroup getHttpThreadPoolGroup() {
return httpThreadPoolGroup;
}

public HandlerService getHandlerService() {
return handlerService;
}

public void setHandlerService(HandlerService handlerService) {
this.handlerService = handlerService;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@
import org.apache.eventmesh.common.utils.ThreadUtils;
import org.apache.eventmesh.runtime.core.protocol.producer.ProducerManager;

import java.util.Objects;
import java.util.concurrent.TimeUnit;

import io.netty.channel.EventLoopGroup;
Expand All @@ -31,22 +30,32 @@
import io.netty.channel.nio.NioEventLoopGroup;
import io.netty.util.concurrent.EventExecutorGroup;

import lombok.Getter;
import lombok.Setter;
import lombok.extern.slf4j.Slf4j;

/**
* The most basic server
*/
@Slf4j
@Getter
public abstract class AbstractRemotingServer implements RemotingServer {

private static final int MAX_THREADS = Runtime.getRuntime().availableProcessors();
private static final int DEFAULT_SLEEP_SECONDS = 30;

@Setter
private EventLoopGroup bossGroup;

@Setter
private EventLoopGroup ioGroup;

@Setter
private EventExecutorGroup workerGroup;

protected ProducerManager producerManager;

@Setter
private int port;

protected void buildBossGroup(final String threadPrefix) {
Expand Down Expand Up @@ -75,10 +84,6 @@ protected void initProducerManager() throws Exception {
producerManager.init();
}

public ProducerManager getProducerManager() {
return producerManager;
}

public void init(final String threadPrefix) throws Exception {
buildBossGroup(threadPrefix);
buildIOGroup(threadPrefix);
Expand All @@ -94,16 +99,16 @@ public void shutdown() throws Exception {
bossGroup.shutdownGracefully();
log.info("shutdown bossGroup");
}
if (Objects.isNull(producerManager)) {
if (producerManager != null) {
producerManager.shutdown();
}

ThreadUtils.randomPause(TimeUnit.SECONDS.toMillis(DEFAULT_SLEEP_SECONDS));

if (ioGroup != null) {
ioGroup.shutdownGracefully();
log.info("shutdown ioGroup");
}

if (workerGroup != null) {
workerGroup.shutdownGracefully();

Expand All @@ -114,36 +119,4 @@ public void shutdown() throws Exception {
protected boolean useEpoll() {
return SystemUtils.isLinuxPlatform() && Epoll.isAvailable();
}

public EventLoopGroup getBossGroup() {
return bossGroup;
}

public void setBossGroup(final EventLoopGroup bossGroup) {
this.bossGroup = bossGroup;
}

public EventLoopGroup getIoGroup() {
return ioGroup;
}

public void setIoGroup(final EventLoopGroup ioGroup) {
this.ioGroup = ioGroup;
}

public EventExecutorGroup getWorkerGroup() {
return workerGroup;
}

public void setWorkerGroup(final EventExecutorGroup workerGroup) {
this.workerGroup = workerGroup;
}

public int getPort() {
return port;
}

public void setPort(final int port) {
this.port = port;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -17,31 +17,45 @@

package org.apache.eventmesh.runtime.boot;

import static org.apache.eventmesh.common.Constants.ADMIN;

import org.apache.eventmesh.common.config.ConfigService;
import org.apache.eventmesh.common.utils.ConfigurationContextUtil;
import org.apache.eventmesh.runtime.configuration.EventMeshAdminConfiguration;

import lombok.Getter;

public class EventMeshAdminBootstrap implements EventMeshBootstrap {

@Getter
private EventMeshAdminServer eventMeshAdminServer;

private EventMeshServer eventMeshServer;
private final EventMeshAdminConfiguration eventMeshAdminConfiguration;

private final EventMeshServer eventMeshServer;

public EventMeshAdminBootstrap(EventMeshServer eventMeshServer) {
this.eventMeshServer = eventMeshServer;

ConfigService configService = ConfigService.getInstance();
this.eventMeshAdminConfiguration = configService.buildConfigInstance(EventMeshAdminConfiguration.class);

ConfigurationContextUtil.putIfAbsent(ADMIN, eventMeshAdminConfiguration);
}

@Override
public void init() throws Exception {
if (eventMeshServer != null) {
eventMeshAdminServer = new EventMeshAdminServer(eventMeshServer);
eventMeshAdminServer = new EventMeshAdminServer(eventMeshServer, eventMeshAdminConfiguration);
eventMeshAdminServer.init();
}

}

@Override
public void start() throws Exception {
if (eventMeshAdminServer != null) {
eventMeshAdminServer.start();
}

}

@Override
Expand Down
Loading
Loading