Example 1 with RaftServerSettingsConfig
use of com.jd.blockchain.consensus.raft.config.RaftServerSettingsConfig in project jdchain-core by blockchain-jd-com.
the class RaftNodeServerFactory method buildServerSettings.
@Override
public ServerSettings buildServerSettings(String realmName, ConsensusViewSettings viewSettings, String nodeAddress, SSLSecurity sslSecurity, Properties properties) {
if (!(viewSettings instanceof RaftConsensusSettings)) {
throw new IllegalStateException("view settings should be raft-consensus settings");
}
if (null == properties || properties.size() == 0) {
throw new IllegalStateException("Extra properties empty");
}
RaftServerSettingsConfig settingsConfig = new RaftServerSettingsConfig();
NodeSettings currentNodeSettings = null;
for (NodeSettings nodeSettings : viewSettings.getNodes()) {
if (nodeSettings.getAddress().equals(nodeAddress)) {
currentNodeSettings = nodeSettings;
break;
}
}
if (currentNodeSettings == null) {
throw new IllegalArgumentException("node address does not exist in view settings!");
}
settingsConfig.setRealmName(realmName);
settingsConfig.setConsensusSettings((RaftConsensusSettings) viewSettings);
settingsConfig.setReplicaSettings(currentNodeSettings);
settingsConfig.setExtraProperties(properties);
if (sslSecurity == null) {
return settingsConfig;
}
// TLS适配
boolean enableTLS = false;
RaftNodeSettings raftNodeConfig = (RaftNodeSettings) currentNodeSettings;
if (raftNodeConfig.getNetworkAddress().isSecure() && !Strings.isNullOrEmpty(sslSecurity.getKeyStore())) {
enableTLS = true;
GmSSLProvider.enableGMSupport(sslSecurity.getProtocol());
}
if (!enableTLS) {
return settingsConfig;
}
// Node节点作为服务端时, 配置私钥信息
setSystemProperty("bolt.ssl.protocol", sslSecurity.getProtocol());
setSystemProperty("bolt.server.ssl.enable", "true");
setSystemProperty("bolt.server.ssl.keystore", sslSecurity.getKeyStore());
setSystemProperty("bolt.server.ssl.keyalias", sslSecurity.getKeyAlias());
setSystemProperty("bolt.server.ssl.keystore.password", sslSecurity.getKeyStorePassword());
setSystemProperty("bolt.server.ssl.keystore.type", sslSecurity.getKeyStoreType());
if (sslSecurity.getEnabledProtocols() != null) {
setSystemProperty("bolt.ssl.enabled-protocols", String.join(",", sslSecurity.getEnabledProtocols()));
}
if (sslSecurity.getCiphers() != null) {
setSystemProperty("bolt.ssl.ciphers", String.join(",", sslSecurity.getCiphers()));
}
// raft共识服务端开启TLS后,raft连接客户端也需开启TLS请求
setSystemProperty("bolt.client.ssl.enable", "true");
// Node节点配置信任证书,以及作为客户端链接其他节点时的信任证书
if (!Strings.isNullOrEmpty(sslSecurity.getTrustStore())) {
// 服务端配置: 此时服务端有keystore, truststore, 此时开启双向认证
setSystemProperty("bolt.server.ssl.clientAuth", "true");
setSystemProperty("bolt.client.ssl.keystore", sslSecurity.getTrustStore());
setSystemProperty("bolt.client.ssl.keystore.password", sslSecurity.getTrustStorePassword());
setSystemProperty("bolt.client.ssl.keystore.type", sslSecurity.getTrustStoreType());
}
return settingsConfig;
}
Also used :
NodeSettings(com.jd.blockchain.consensus.NodeSettings)
RaftNodeSettings(com.jd.blockchain.consensus.raft.settings.RaftNodeSettings)
RaftNodeSettings(com.jd.blockchain.consensus.raft.settings.RaftNodeSettings)
RaftServerSettingsConfig(com.jd.blockchain.consensus.raft.config.RaftServerSettingsConfig)
RaftConsensusSettings(com.jd.blockchain.consensus.raft.settings.RaftConsensusSettings)
Aggregations
NodeSettings (com.jd.blockchain.consensus.NodeSettings)1
RaftServerSettingsConfig (com.jd.blockchain.consensus.raft.config.RaftServerSettingsConfig)1
RaftConsensusSettings (com.jd.blockchain.consensus.raft.settings.RaftConsensusSettings)1
RaftNodeSettings (com.jd.blockchain.consensus.raft.settings.RaftNodeSettings)1
