Example 26 with SSLConfig
use of com.github.ambry.config.SSLConfig in project ambry by linkedin.
the class ServerSSLTokenTest method initializeTests.
@Before
public void initializeTests() throws Exception {
trustStoreFile = File.createTempFile("truststore", ".jks");
clientSSLConfig = new SSLConfig(TestSSLUtils.createSslProps("DC2,DC3", SSLFactory.Mode.CLIENT, trustStoreFile, "client1"));
serverSSLProps = new Properties();
TestSSLUtils.addSSLProperties(serverSSLProps, "DC1,DC2,DC3", SSLFactory.Mode.SERVER, trustStoreFile, "server");
TestSSLUtils.addHttp2Properties(serverSSLProps, SSLFactory.Mode.SERVER, true);
routerProps = new Properties();
routerProps.setProperty("kms.default.container.key", TestUtils.getRandomKey(32));
TestSSLUtils.addSSLProperties(routerProps, "DC1,DC2,DC3", SSLFactory.Mode.CLIENT, trustStoreFile, "router-client");
sslCluster = new MockCluster(serverSSLProps, false, SystemTime.getInstance());
notificationSystem = new MockNotificationSystem(sslCluster.getClusterMap());
sslCluster.initializeServers(notificationSystem);
sslCluster.startServers();
// client
sslFactory = SSLFactory.getNewInstance(clientSSLConfig);
SSLContext sslContext = sslFactory.getSSLContext();
clientSSLSocketFactory = sslContext.getSocketFactory();
}
Also used :
SSLConfig(com.github.ambry.config.SSLConfig)
SSLContext(javax.net.ssl.SSLContext)
Properties(java.util.Properties)
Before(org.junit.Before)
Example 27 with SSLConfig
use of com.github.ambry.config.SSLConfig in project ambry by linkedin.
the class ServerSSLTest method initializeTests.
@Before
public void initializeTests() throws Exception {
trustStoreFile = File.createTempFile("truststore", ".jks");
clientSSLConfig1 = new SSLConfig(TestSSLUtils.createSslProps("DC2,DC3", SSLFactory.Mode.CLIENT, trustStoreFile, "client1"));
clientSSLConfig2 = new SSLConfig(TestSSLUtils.createSslProps("DC1,DC3", SSLFactory.Mode.CLIENT, trustStoreFile, "client2"));
clientSSLConfig3 = new SSLConfig(TestSSLUtils.createSslProps("DC1,DC2", SSLFactory.Mode.CLIENT, trustStoreFile, "client3"));
serverSSLProps = new Properties();
TestSSLUtils.addSSLProperties(serverSSLProps, "DC1,DC2,DC3", SSLFactory.Mode.SERVER, trustStoreFile, "server");
TestSSLUtils.addHttp2Properties(serverSSLProps, SSLFactory.Mode.SERVER, true);
routerProps = new Properties();
routerProps.setProperty("kms.default.container.key", TestUtils.getRandomKey(32));
routerProps.setProperty("clustermap.default.partition.class", MockClusterMap.DEFAULT_PARTITION_CLASS);
TestSSLUtils.addSSLProperties(routerProps, "DC1,DC2,DC3", SSLFactory.Mode.CLIENT, trustStoreFile, "router-client");
sslCluster = new MockCluster(serverSSLProps, false, new MockTime(SystemTime.getInstance().milliseconds()));
notificationSystem = new MockNotificationSystem(sslCluster.getClusterMap());
sslCluster.initializeServers(notificationSystem);
// client
sslFactory = SSLFactory.getNewInstance(clientSSLConfig1);
SSLContext sslContext = sslFactory.getSSLContext();
clientSSLSocketFactory1 = sslContext.getSocketFactory();
sslFactory = SSLFactory.getNewInstance(clientSSLConfig2);
sslContext = sslFactory.getSSLContext();
clientSSLSocketFactory2 = sslContext.getSocketFactory();
sslFactory = SSLFactory.getNewInstance(clientSSLConfig3);
sslContext = sslFactory.getSSLContext();
clientSSLSocketFactory3 = sslContext.getSocketFactory();
}
Also used :
SSLConfig(com.github.ambry.config.SSLConfig)
SSLContext(javax.net.ssl.SSLContext)
Properties(java.util.Properties)
MockTime(com.github.ambry.utils.MockTime)
Before(org.junit.Before)
Example 28 with SSLConfig
use of com.github.ambry.config.SSLConfig in project ambry by linkedin.
the class SafeServerShutdownTool method main.
public static void main(String[] args) throws Exception {
VerifiableProperties verifiableProperties = ToolUtils.getVerifiableProperties(args);
SafeServerShutdownToolConfig config = new SafeServerShutdownToolConfig(verifiableProperties);
ClusterMapConfig clusterMapConfig = new ClusterMapConfig(verifiableProperties);
try (ClusterMap clusterMap = ((ClusterAgentsFactory) Utils.getObj(clusterMapConfig.clusterMapClusterAgentsFactory, clusterMapConfig, config.hardwareLayoutFilePath, config.partitionLayoutFilePath)).getClusterMap()) {
SSLFactory sslFactory = !clusterMapConfig.clusterMapSslEnabledDatacenters.isEmpty() ? SSLFactory.getNewInstance(new SSLConfig(verifiableProperties)) : null;
try (ServerAdminTool serverAdminTool = new ServerAdminTool(clusterMap, sslFactory, verifiableProperties)) {
DataNodeId dataNodeId = clusterMap.getDataNodeId(config.hostname, config.port);
if (dataNodeId == null) {
throw new IllegalArgumentException("Could not find a data node corresponding to " + config.hostname + ":" + config.port);
}
SafeServerShutdownTool safeServerShutdownTool = new SafeServerShutdownTool(serverAdminTool, SystemTime.getInstance());
int exitStatus = safeServerShutdownTool.prepareServerForShutdown(dataNodeId, config.logGrowthPauseLagThresholdBytes, config.numReplicasCaughtUpPerPartition, config.timeoutSecs, config.checkRepeatDelaySecs) ? 0 : 1;
System.exit(exitStatus);
}
}
}
Also used :
ClusterMap(com.github.ambry.clustermap.ClusterMap)
SSLConfig(com.github.ambry.config.SSLConfig)
SSLFactory(com.github.ambry.commons.SSLFactory)
VerifiableProperties(com.github.ambry.config.VerifiableProperties)
ClusterAgentsFactory(com.github.ambry.clustermap.ClusterAgentsFactory)
DataNodeId(com.github.ambry.clustermap.DataNodeId)
ClusterMapConfig(com.github.ambry.config.ClusterMapConfig)
Example 29 with SSLConfig
use of com.github.ambry.config.SSLConfig in project ambry by linkedin.
the class ServerWritePerformance method main.
public static void main(String[] args) {
FileWriter blobIdsWriter = null;
FileWriter performanceWriter = null;
ConnectionPool connectionPool = null;
try {
OptionParser parser = new OptionParser();
ArgumentAcceptingOptionSpec<String> hardwareLayoutOpt = parser.accepts("hardwareLayout", "The path of the hardware layout file").withRequiredArg().describedAs("hardware_layout").ofType(String.class);
ArgumentAcceptingOptionSpec<String> partitionLayoutOpt = parser.accepts("partitionLayout", "The path of the partition layout file").withRequiredArg().describedAs("partition_layout").ofType(String.class);
ArgumentAcceptingOptionSpec<Integer> numberOfWritersOpt = parser.accepts("numberOfWriters", "The number of writers that issue put request").withRequiredArg().describedAs("The number of writers").ofType(Integer.class).defaultsTo(4);
ArgumentAcceptingOptionSpec<Integer> minBlobSizeOpt = parser.accepts("minBlobSizeInBytes", "The minimum size of the blob that can be put").withRequiredArg().describedAs("The minimum blob size in bytes").ofType(Integer.class).defaultsTo(51200);
ArgumentAcceptingOptionSpec<Integer> maxBlobSizeOpt = parser.accepts("maxBlobSizeInBytes", "The maximum size of the blob that can be put").withRequiredArg().describedAs("The maximum blob size in bytes").ofType(Integer.class).defaultsTo(4194304);
ArgumentAcceptingOptionSpec<Integer> writesPerSecondOpt = parser.accepts("writesPerSecond", "The rate at which writes need to be performed").withRequiredArg().describedAs("The number of writes per second").ofType(Integer.class).defaultsTo(1000);
ArgumentAcceptingOptionSpec<Long> measurementIntervalOpt = parser.accepts("measurementInterval", "The interval in second to report performance result").withOptionalArg().describedAs("The CPU time spent for putting blobs, not wall time").ofType(Long.class).defaultsTo(300L);
ArgumentAcceptingOptionSpec<Boolean> verboseLoggingOpt = parser.accepts("enableVerboseLogging", "Enables verbose logging").withOptionalArg().describedAs("Enable verbose logging").ofType(Boolean.class).defaultsTo(false);
ArgumentAcceptingOptionSpec<String> sslEnabledDatacentersOpt = parser.accepts("sslEnabledDatacenters", "Datacenters to which ssl should be enabled").withOptionalArg().describedAs("Comma separated list").ofType(String.class).defaultsTo("");
ArgumentAcceptingOptionSpec<String> sslKeystorePathOpt = parser.accepts("sslKeystorePath", "SSL key store path").withOptionalArg().describedAs("The file path of SSL key store").defaultsTo("").ofType(String.class);
ArgumentAcceptingOptionSpec<String> sslKeystoreTypeOpt = parser.accepts("sslKeystoreType", "SSL key store type").withOptionalArg().describedAs("The type of SSL key store").defaultsTo("").ofType(String.class);
ArgumentAcceptingOptionSpec<String> sslTruststorePathOpt = parser.accepts("sslTruststorePath", "SSL trust store path").withOptionalArg().describedAs("The file path of SSL trust store").defaultsTo("").ofType(String.class);
ArgumentAcceptingOptionSpec<String> sslKeystorePasswordOpt = parser.accepts("sslKeystorePassword", "SSL key store password").withOptionalArg().describedAs("The password of SSL key store").defaultsTo("").ofType(String.class);
ArgumentAcceptingOptionSpec<String> sslKeyPasswordOpt = parser.accepts("sslKeyPassword", "SSL key password").withOptionalArg().describedAs("The password of SSL private key").defaultsTo("").ofType(String.class);
ArgumentAcceptingOptionSpec<String> sslTruststorePasswordOpt = parser.accepts("sslTruststorePassword", "SSL trust store password").withOptionalArg().describedAs("The password of SSL trust store").defaultsTo("").ofType(String.class);
ArgumentAcceptingOptionSpec<String> sslCipherSuitesOpt = parser.accepts("sslCipherSuites", "SSL enabled cipher suites").withOptionalArg().describedAs("Comma separated list").defaultsTo("TLS_RSA_WITH_AES_128_CBC_SHA").ofType(String.class);
OptionSet options = parser.parse(args);
ArrayList<OptionSpec> listOpt = new ArrayList<>();
listOpt.add(hardwareLayoutOpt);
listOpt.add(partitionLayoutOpt);
ToolUtils.ensureOrExit(listOpt, options, parser);
long measurementIntervalNs = options.valueOf(measurementIntervalOpt) * SystemTime.NsPerSec;
ToolUtils.validateSSLOptions(options, parser, sslEnabledDatacentersOpt, sslKeystorePathOpt, sslKeystoreTypeOpt, sslTruststorePathOpt, sslKeystorePasswordOpt, sslKeyPasswordOpt, sslTruststorePasswordOpt);
String sslEnabledDatacenters = options.valueOf(sslEnabledDatacentersOpt);
Properties sslProperties;
if (sslEnabledDatacenters.length() != 0) {
sslProperties = ToolUtils.createSSLProperties(sslEnabledDatacenters, options.valueOf(sslKeystorePathOpt), options.valueOf(sslKeystoreTypeOpt), options.valueOf(sslKeystorePasswordOpt), options.valueOf(sslKeyPasswordOpt), options.valueOf(sslTruststorePathOpt), options.valueOf(sslTruststorePasswordOpt), options.valueOf(sslCipherSuitesOpt));
} else {
sslProperties = new Properties();
}
ToolUtils.addClusterMapProperties(sslProperties);
int numberOfWriters = options.valueOf(numberOfWritersOpt);
int writesPerSecond = options.valueOf(writesPerSecondOpt);
boolean enableVerboseLogging = options.has(verboseLoggingOpt) ? true : false;
int minBlobSize = options.valueOf(minBlobSizeOpt);
int maxBlobSize = options.valueOf(maxBlobSizeOpt);
if (enableVerboseLogging) {
System.out.println("Enabled verbose logging");
}
final AtomicLong totalTimeTaken = new AtomicLong(0);
final AtomicLong totalWrites = new AtomicLong(0);
String hardwareLayoutPath = options.valueOf(hardwareLayoutOpt);
String partitionLayoutPath = options.valueOf(partitionLayoutOpt);
ClusterMapConfig clusterMapConfig = new ClusterMapConfig(new VerifiableProperties(sslProperties));
ClusterMap map = ((ClusterAgentsFactory) Utils.getObj(clusterMapConfig.clusterMapClusterAgentsFactory, clusterMapConfig, hardwareLayoutPath, partitionLayoutPath)).getClusterMap();
File logFile = new File(System.getProperty("user.dir"), "writeperflog");
blobIdsWriter = new FileWriter(logFile);
File performanceFile = new File(System.getProperty("user.dir"), "writeperfresult");
performanceWriter = new FileWriter(performanceFile);
final CountDownLatch latch = new CountDownLatch(numberOfWriters);
final AtomicBoolean shutdown = new AtomicBoolean(false);
// attach shutdown handler to catch control-c
Runtime.getRuntime().addShutdownHook(new Thread() {
public void run() {
try {
System.out.println("Shutdown invoked");
shutdown.set(true);
latch.await();
System.out.println("Total writes : " + totalWrites.get() + " Total time taken : " + totalTimeTaken.get() + " Nano Seconds Average time taken per write " + ((double) totalTimeTaken.get()) / SystemTime.NsPerSec / totalWrites.get() + " Seconds");
} catch (Exception e) {
System.out.println("Error while shutting down " + e);
}
}
});
Throttler throttler = new Throttler(writesPerSecond, 100, true, SystemTime.getInstance());
Thread[] threadIndexPerf = new Thread[numberOfWriters];
ConnectionPoolConfig connectionPoolConfig = new ConnectionPoolConfig(new VerifiableProperties(new Properties()));
VerifiableProperties vProps = new VerifiableProperties(sslProperties);
SSLConfig sslConfig = new SSLConfig(vProps);
clusterMapConfig = new ClusterMapConfig(vProps);
connectionPool = new BlockingChannelConnectionPool(connectionPoolConfig, sslConfig, clusterMapConfig, new MetricRegistry());
connectionPool.start();
for (int i = 0; i < numberOfWriters; i++) {
threadIndexPerf[i] = new Thread(new ServerWritePerfRun(i, throttler, shutdown, latch, minBlobSize, maxBlobSize, blobIdsWriter, performanceWriter, totalTimeTaken, totalWrites, measurementIntervalNs, enableVerboseLogging, map, connectionPool));
threadIndexPerf[i].start();
}
for (int i = 0; i < numberOfWriters; i++) {
threadIndexPerf[i].join();
}
} catch (Exception e) {
System.err.println("Error on exit " + e);
} finally {
if (blobIdsWriter != null) {
try {
blobIdsWriter.close();
} catch (Exception e) {
System.out.println("Error when closing the blob id writer");
}
}
if (performanceWriter != null) {
try {
performanceWriter.close();
} catch (Exception e) {
System.out.println("Error when closing the performance writer");
}
}
if (connectionPool != null) {
connectionPool.shutdown();
}
}
}
Also used :
BlockingChannelConnectionPool(com.github.ambry.network.BlockingChannelConnectionPool)
ConnectionPool(com.github.ambry.network.ConnectionPool)
OptionSpec(joptsimple.OptionSpec)
ArgumentAcceptingOptionSpec(joptsimple.ArgumentAcceptingOptionSpec)
ClusterMap(com.github.ambry.clustermap.ClusterMap)
ConnectionPoolConfig(com.github.ambry.config.ConnectionPoolConfig)
FileWriter(java.io.FileWriter)
ArrayList(java.util.ArrayList)
BlobProperties(com.github.ambry.messageformat.BlobProperties)
Properties(java.util.Properties)
VerifiableProperties(com.github.ambry.config.VerifiableProperties)
OptionParser(joptsimple.OptionParser)
ClusterAgentsFactory(com.github.ambry.clustermap.ClusterAgentsFactory)
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
Throttler(com.github.ambry.utils.Throttler)
SSLConfig(com.github.ambry.config.SSLConfig)
VerifiableProperties(com.github.ambry.config.VerifiableProperties)
MetricRegistry(com.codahale.metrics.MetricRegistry)
CountDownLatch(java.util.concurrent.CountDownLatch)
ClusterMapConfig(com.github.ambry.config.ClusterMapConfig)
UnexpectedException(java.rmi.UnexpectedException)
BlockingChannelConnectionPool(com.github.ambry.network.BlockingChannelConnectionPool)
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
AtomicLong(java.util.concurrent.atomic.AtomicLong)
AtomicLong(java.util.concurrent.atomic.AtomicLong)
OptionSet(joptsimple.OptionSet)
File(java.io.File)
Example 30 with SSLConfig
use of com.github.ambry.config.SSLConfig in project ambry by linkedin.
the class BlobValidator method main.
/**
* Runs the BlobValidator
* @param args associated arguments.
* @throws Exception
*/
public static void main(String[] args) throws Exception {
VerifiableProperties verifiableProperties = ToolUtils.getVerifiableProperties(args);
BlobValidatorConfig config = new BlobValidatorConfig(verifiableProperties);
ClusterMapConfig clusterMapConfig = new ClusterMapConfig(verifiableProperties);
ClusterMap clusterMap = ((ClusterAgentsFactory) Utils.getObj(clusterMapConfig.clusterMapClusterAgentsFactory, clusterMapConfig, config.hardwareLayoutFilePath, config.partitionLayoutFilePath)).getClusterMap();
List<BlobId> blobIds = getBlobIds(config, clusterMap);
SSLFactory sslFactory = !clusterMapConfig.clusterMapSslEnabledDatacenters.isEmpty() ? SSLFactory.getNewInstance(new SSLConfig(verifiableProperties)) : null;
StoreKeyFactory storeKeyFactory = new BlobIdFactory(clusterMap);
BlobValidator validator = new BlobValidator(clusterMap, config.replicasToContactPerSec, sslFactory, verifiableProperties);
LOGGER.info("Validation starting");
switch(config.typeOfOperation) {
case ValidateBlobOnAllReplicas:
Map<BlobId, List<String>> mismatchDetailsMap = validator.validateBlobsOnAllReplicas(blobIds, config.getOption, clusterMap, storeKeyFactory);
logMismatches(mismatchDetailsMap);
break;
case ValidateBlobOnDatacenter:
if (config.datacenter.isEmpty() || !clusterMap.hasDatacenter(config.datacenter)) {
throw new IllegalArgumentException("Please provide a valid datacenter");
}
mismatchDetailsMap = validator.validateBlobsOnDatacenter(config.datacenter, blobIds, config.getOption, clusterMap, storeKeyFactory);
logMismatches(mismatchDetailsMap);
break;
case ValidateBlobOnReplica:
DataNodeId dataNodeId = clusterMap.getDataNodeId(config.hostname, config.port);
if (dataNodeId == null) {
throw new IllegalArgumentException("Could not find a data node corresponding to " + config.hostname + ":" + config.port);
}
List<ServerErrorCode> validErrorCodes = Arrays.asList(ServerErrorCode.No_Error, ServerErrorCode.Blob_Deleted, ServerErrorCode.Blob_Expired);
Map<BlobId, ServerErrorCode> blobIdToErrorCode = validator.validateBlobsOnReplica(dataNodeId, blobIds, config.getOption, clusterMap, storeKeyFactory);
for (Map.Entry<BlobId, ServerErrorCode> entry : blobIdToErrorCode.entrySet()) {
ServerErrorCode errorCode = entry.getValue();
if (!validErrorCodes.contains(errorCode)) {
LOGGER.error("[{}] received error code: {}", entry.getKey(), errorCode);
}
}
break;
default:
throw new IllegalStateException("Recognized but unsupported operation: " + config.typeOfOperation);
}
LOGGER.info("Validation complete");
validator.close();
clusterMap.close();
}
Also used :
ClusterMap(com.github.ambry.clustermap.ClusterMap)
SSLConfig(com.github.ambry.config.SSLConfig)
SSLFactory(com.github.ambry.commons.SSLFactory)
VerifiableProperties(com.github.ambry.config.VerifiableProperties)
ClusterMapConfig(com.github.ambry.config.ClusterMapConfig)
ServerErrorCode(com.github.ambry.server.ServerErrorCode)
BlobIdFactory(com.github.ambry.commons.BlobIdFactory)
StoreKeyFactory(com.github.ambry.store.StoreKeyFactory)
ArrayList(java.util.ArrayList)
List(java.util.List)
ClusterAgentsFactory(com.github.ambry.clustermap.ClusterAgentsFactory)
BlobId(com.github.ambry.commons.BlobId)
DataNodeId(com.github.ambry.clustermap.DataNodeId)
HashMap(java.util.HashMap)
Map(java.util.Map)
ClusterMap(com.github.ambry.clustermap.ClusterMap)
Aggregations
SSLConfig (com.github.ambry.config.SSLConfig)30
VerifiableProperties (com.github.ambry.config.VerifiableProperties)16
File (java.io.File)15
ClusterMapConfig (com.github.ambry.config.ClusterMapConfig)13
Properties (java.util.Properties)13
ArrayList (java.util.ArrayList)10
BlobProperties (com.github.ambry.messageformat.BlobProperties)9
ClusterMap (com.github.ambry.clustermap.ClusterMap)8
DataNodeId (com.github.ambry.clustermap.DataNodeId)8
BlobId (com.github.ambry.commons.BlobId)8
SSLFactory (com.github.ambry.commons.SSLFactory)8
ClusterAgentsFactory (com.github.ambry.clustermap.ClusterAgentsFactory)7
ConnectionPoolConfig (com.github.ambry.config.ConnectionPoolConfig)7
BlockingChannelConnectionPool (com.github.ambry.network.BlockingChannelConnectionPool)7
MetricRegistry (com.codahale.metrics.MetricRegistry)6
AccountService (com.github.ambry.account.AccountService)6
Port (com.github.ambry.network.Port)6
IOException (java.io.IOException)6
MockClusterMap (com.github.ambry.clustermap.MockClusterMap)5
PartitionId (com.github.ambry.clustermap.PartitionId)5
