use of com.amazon.dataprepper.plugins.certificate.CertificateProvider in project data-prepper by opensearch-project.
the class OTelTraceSource method start.
@Override
public void start(Buffer<Record<Object>> buffer) {
if (buffer == null) {
throw new IllegalStateException("Buffer provided is null");
}
if (server == null) {
final OTelTraceGrpcService oTelTraceGrpcService = new OTelTraceGrpcService(oTelTraceSourceConfig.getRequestTimeoutInMillis(), oTelTraceSourceConfig.getRecordType(), new OTelProtoCodec.OTelProtoDecoder(), buffer, pluginMetrics);
final List<ServerInterceptor> serverInterceptors = getAuthenticationInterceptor();
final GrpcServiceBuilder grpcServiceBuilder = GrpcService.builder().addService(ServerInterceptors.intercept(oTelTraceGrpcService, serverInterceptors)).useClientTimeoutHeader(false).useBlockingTaskExecutor(true);
if (oTelTraceSourceConfig.hasHealthCheck()) {
LOG.info("Health check is enabled");
grpcServiceBuilder.addService(new HealthGrpcService());
}
if (oTelTraceSourceConfig.hasProtoReflectionService()) {
LOG.info("Proto reflection service is enabled");
grpcServiceBuilder.addService(ProtoReflectionService.newInstance());
}
grpcServiceBuilder.enableUnframedRequests(oTelTraceSourceConfig.enableUnframedRequests());
final ServerBuilder sb = Server.builder();
sb.disableServerHeader();
sb.service(grpcServiceBuilder.build());
sb.requestTimeoutMillis(oTelTraceSourceConfig.getRequestTimeoutInMillis());
// ACM Cert for SSL takes preference
if (oTelTraceSourceConfig.isSsl() || oTelTraceSourceConfig.useAcmCertForSSL()) {
LOG.info("SSL/TLS is enabled.");
final CertificateProvider certificateProvider = certificateProviderFactory.getCertificateProvider();
final Certificate certificate = certificateProvider.getCertificate();
sb.https(oTelTraceSourceConfig.getPort()).tls(new ByteArrayInputStream(certificate.getCertificate().getBytes(StandardCharsets.UTF_8)), new ByteArrayInputStream(certificate.getPrivateKey().getBytes(StandardCharsets.UTF_8)));
} else {
LOG.warn("Creating otel_trace_source without SSL/TLS. This is not secure.");
LOG.warn("In order to set up TLS for the otel_trace_source, go here: https://github.com/opensearch-project/data-prepper/tree/main/data-prepper-plugins/otel-trace-source#ssl");
sb.http(oTelTraceSourceConfig.getPort());
}
sb.maxNumConnections(oTelTraceSourceConfig.getMaxConnectionCount());
sb.blockingTaskExecutor(Executors.newScheduledThreadPool(oTelTraceSourceConfig.getThreadCount()), true);
server = sb.build();
}
try {
server.start().get();
} catch (ExecutionException ex) {
if (ex.getCause() != null && ex.getCause() instanceof RuntimeException) {
throw (RuntimeException) ex.getCause();
} else {
throw new RuntimeException(ex);
}
} catch (InterruptedException ex) {
Thread.currentThread().interrupt();
throw new RuntimeException(ex);
}
LOG.info("Started otel_trace_source on port " + oTelTraceSourceConfig.getPort() + "...");
}
Aggregations