use of com.amazon.dataprepper.plugins.certificate.CertificateProvider in project data-prepper by opensearch-project.
the class OTelTraceSource method start.
@Override
public void start(Buffer<Record<ExportTraceServiceRequest>> buffer) {
if (buffer == null) {
throw new IllegalStateException("Buffer provided is null");
}
if (server == null) {
final OTelTraceGrpcService oTelTraceGrpcService = new OTelTraceGrpcService(oTelTraceSourceConfig.getRequestTimeoutInMillis(), buffer, pluginMetrics);
final List<ServerInterceptor> serverInterceptors = getAuthenticationInterceptor();
final GrpcServiceBuilder grpcServiceBuilder = GrpcService.builder().addService(ServerInterceptors.intercept(oTelTraceGrpcService, serverInterceptors)).useClientTimeoutHeader(false).useBlockingTaskExecutor(true);
if (oTelTraceSourceConfig.hasHealthCheck()) {
LOG.info("Health check is enabled");
grpcServiceBuilder.addService(new HealthGrpcService());
}
if (oTelTraceSourceConfig.hasProtoReflectionService()) {
LOG.info("Proto reflection service is enabled");
grpcServiceBuilder.addService(ProtoReflectionService.newInstance());
}
grpcServiceBuilder.enableUnframedRequests(oTelTraceSourceConfig.enableUnframedRequests());
final ServerBuilder sb = Server.builder();
sb.disableServerHeader();
sb.service(grpcServiceBuilder.build());
sb.requestTimeoutMillis(oTelTraceSourceConfig.getRequestTimeoutInMillis());
// ACM Cert for SSL takes preference
if (oTelTraceSourceConfig.isSsl() || oTelTraceSourceConfig.useAcmCertForSSL()) {
LOG.info("SSL/TLS is enabled.");
final CertificateProvider certificateProvider = certificateProviderFactory.getCertificateProvider();
final Certificate certificate = certificateProvider.getCertificate();
sb.https(oTelTraceSourceConfig.getPort()).tls(new ByteArrayInputStream(certificate.getCertificate().getBytes(StandardCharsets.UTF_8)), new ByteArrayInputStream(certificate.getPrivateKey().getBytes(StandardCharsets.UTF_8)));
} else {
LOG.warn("Creating otel_trace_source without SSL/TLS. This is not secure.");
LOG.warn("In order to set up TLS for the otel_trace_source, go here: https://github.com/opensearch-project/data-prepper/tree/main/data-prepper-plugins/otel-trace-source#ssl");
sb.http(oTelTraceSourceConfig.getPort());
}
sb.maxNumConnections(oTelTraceSourceConfig.getMaxConnectionCount());
sb.blockingTaskExecutor(Executors.newScheduledThreadPool(oTelTraceSourceConfig.getThreadCount()), true);
server = sb.build();
}
try {
server.start().get();
} catch (ExecutionException ex) {
if (ex.getCause() != null && ex.getCause() instanceof RuntimeException) {
throw (RuntimeException) ex.getCause();
} else {
throw new RuntimeException(ex);
}
} catch (InterruptedException ex) {
Thread.currentThread().interrupt();
throw new RuntimeException(ex);
}
LOG.info("Started otel_trace_source...");
}
use of com.amazon.dataprepper.plugins.certificate.CertificateProvider in project data-prepper by opensearch-project.
the class CertificateProviderFactoryTest method getCertificateProviderS3ProviderSuccess.
@Test
public void getCertificateProviderS3ProviderSuccess() {
final Map<String, Object> settingsMap = new HashMap<>();
settingsMap.put("ssl", true);
settingsMap.put("awsRegion", "us-east-1");
settingsMap.put("sslKeyCertChainFile", "s3://data/certificate/test_cert.crt");
settingsMap.put("sslKeyFile", "s3://data/certificate/test_decrypted_key.key");
final PluginSetting pluginSetting = new PluginSetting(null, settingsMap);
pluginSetting.setPipelineName("pipeline");
oTelTraceSourceConfig = OBJECT_MAPPER.convertValue(pluginSetting.getSettings(), OTelTraceSourceConfig.class);
oTelTraceSourceConfig.validateAndInitializeCertAndKeyFileInS3();
certificateProviderFactory = new CertificateProviderFactory(oTelTraceSourceConfig);
final CertificateProvider certificateProvider = certificateProviderFactory.getCertificateProvider();
assertThat(certificateProvider, IsInstanceOf.instanceOf(S3CertificateProvider.class));
}
use of com.amazon.dataprepper.plugins.certificate.CertificateProvider in project data-prepper by opensearch-project.
the class CertificateProviderFactoryTest method getCertificateProviderFileProviderSuccess.
@Test
public void getCertificateProviderFileProviderSuccess() {
final Map<String, Object> settingsMap = new HashMap<>();
settingsMap.put("ssl", true);
settingsMap.put("sslKeyCertChainFile", "data/certificate/test_cert.crt");
settingsMap.put("sslKeyFile", "data/certificate/test_decrypted_key.key");
final PluginSetting pluginSetting = new PluginSetting(null, settingsMap);
pluginSetting.setPipelineName("pipeline");
oTelTraceSourceConfig = OBJECT_MAPPER.convertValue(pluginSetting.getSettings(), OTelTraceSourceConfig.class);
certificateProviderFactory = new CertificateProviderFactory(oTelTraceSourceConfig);
final CertificateProvider certificateProvider = certificateProviderFactory.getCertificateProvider();
assertThat(certificateProvider, IsInstanceOf.instanceOf(FileCertificateProvider.class));
}
use of com.amazon.dataprepper.plugins.certificate.CertificateProvider in project data-prepper by opensearch-project.
the class CertificateProviderFactoryTest method getCertificateProviderAcmProviderSuccess.
@Test
public void getCertificateProviderAcmProviderSuccess() {
final Map<String, Object> settingsMap = new HashMap<>();
settingsMap.put("useAcmCertForSSL", true);
settingsMap.put("awsRegion", "us-east-1");
settingsMap.put("acmCertificateArn", "arn:aws:acm:us-east-1:account:certificate/1234-567-856456");
settingsMap.put("sslKeyCertChainFile", "data/certificate/test_cert.crt");
settingsMap.put("sslKeyFile", "data/certificate/test_decrypted_key.key");
final PluginSetting pluginSetting = new PluginSetting(null, settingsMap);
pluginSetting.setPipelineName("pipeline");
oTelTraceSourceConfig = OBJECT_MAPPER.convertValue(pluginSetting.getSettings(), OTelTraceSourceConfig.class);
certificateProviderFactory = new CertificateProviderFactory(oTelTraceSourceConfig);
final CertificateProvider certificateProvider = certificateProviderFactory.getCertificateProvider();
assertThat(certificateProvider, IsInstanceOf.instanceOf(ACMCertificateProvider.class));
}
use of com.amazon.dataprepper.plugins.certificate.CertificateProvider in project data-prepper by opensearch-project.
the class OTelMetricsSource method start.
@Override
public void start(Buffer<Record<ExportMetricsServiceRequest>> buffer) {
if (buffer == null) {
throw new IllegalStateException("Buffer provided is null");
}
if (server == null) {
final OTelMetricsGrpcService oTelMetricsGrpcService = new OTelMetricsGrpcService(oTelMetricsSourceConfig.getRequestTimeoutInMillis(), buffer, pluginMetrics);
final List<ServerInterceptor> serverInterceptors = getAuthenticationInterceptor();
final GrpcServiceBuilder grpcServiceBuilder = GrpcService.builder().addService(ServerInterceptors.intercept(oTelMetricsGrpcService, serverInterceptors)).useClientTimeoutHeader(false).useBlockingTaskExecutor(true);
if (oTelMetricsSourceConfig.hasHealthCheck()) {
LOG.info("Health check is enabled");
grpcServiceBuilder.addService(new HealthGrpcService());
}
if (oTelMetricsSourceConfig.hasProtoReflectionService()) {
LOG.info("Proto reflection service is enabled");
grpcServiceBuilder.addService(ProtoReflectionService.newInstance());
}
grpcServiceBuilder.enableUnframedRequests(oTelMetricsSourceConfig.enableUnframedRequests());
final ServerBuilder sb = Server.builder();
sb.disableServerHeader();
sb.service(grpcServiceBuilder.build());
sb.requestTimeoutMillis(oTelMetricsSourceConfig.getRequestTimeoutInMillis());
// ACM Cert for SSL takes preference
if (oTelMetricsSourceConfig.isSsl() || oTelMetricsSourceConfig.useAcmCertForSSL()) {
LOG.info("SSL/TLS is enabled.");
final CertificateProvider certificateProvider = certificateProviderFactory.getCertificateProvider();
final Certificate certificate = certificateProvider.getCertificate();
sb.https(oTelMetricsSourceConfig.getPort()).tls(new ByteArrayInputStream(certificate.getCertificate().getBytes(StandardCharsets.UTF_8)), new ByteArrayInputStream(certificate.getPrivateKey().getBytes(StandardCharsets.UTF_8)));
} else {
LOG.warn("Creating otel_metrics_source without SSL/TLS. This is not secure.");
LOG.warn("In order to set up TLS for the otel_metrics_source, go here: https://github.com/opensearch-project/data-prepper/tree/main/data-prepper-plugins/otel-metrics-source#ssl");
sb.http(oTelMetricsSourceConfig.getPort());
}
sb.maxNumConnections(oTelMetricsSourceConfig.getMaxConnectionCount());
sb.blockingTaskExecutor(Executors.newScheduledThreadPool(oTelMetricsSourceConfig.getThreadCount()), true);
server = sb.build();
}
try {
server.start().get();
} catch (ExecutionException ex) {
if (ex.getCause() != null && ex.getCause() instanceof RuntimeException) {
throw (RuntimeException) ex.getCause();
} else {
throw new RuntimeException(ex);
}
} catch (InterruptedException ex) {
Thread.currentThread().interrupt();
throw new RuntimeException(ex);
}
LOG.info("Started otel_metrics_source...");
}
Aggregations