Examples with FilterChainSelector io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector used on opensource projects

Search in sources :

Example 11 with FilterChainSelector

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method destPrefixRangeIpv6_moreSpecificWins.

@Test
public void destPrefixRangeIpv6_moreSpecificWins() throws Exception {
    EnvoyServerProtoData.DownstreamTlsContext tlsContextLessSpecific = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    EnvoyServerProtoData.FilterChainMatch filterChainMatchLessSpecific = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(EnvoyServerProtoData.CidrRange.create("FE80:0:0:0:0:0:0:0", 60)), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChainLessSpecific = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatchLessSpecific, HTTP_CONNECTION_MANAGER, tlsContextLessSpecific, tlsContextManager);
    EnvoyServerProtoData.DownstreamTlsContext tlsContextMoreSpecific = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "VA2");
    EnvoyServerProtoData.FilterChainMatch filterChainMatchMoreSpecific = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(EnvoyServerProtoData.CidrRange.create("FE80:0000:0000:0000:0202:0:0:0", 80)), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChainMoreSpecific = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", filterChainMatchMoreSpecific, HTTP_CONNECTION_MANAGER, tlsContextMoreSpecific, tlsContextManager);
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-baz", DEFAULT_FILTER_CHAIN_MATCH, HTTP_CONNECTION_MANAGER, null, tlsContextManager);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChainLessSpecific, randomConfig("no-match"), filterChainMoreSpecific, noopConfig), defaultFilterChain.sslContextProviderSupplier(), randomConfig("default")));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel("FE80:0000:0000:0000:0202:B3FF:FE1E:8329", "2001:DB8::8:800:200C:417A", 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.get()).isEqualTo(filterChainMoreSpecific.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext()).isSameInstanceAs(tlsContextMoreSpecific);
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Example 12 with FilterChainSelector

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector in project grpc-java by grpc.

the class XdsClientWrapperForServerSdsTestMisc method emptyFilterChain_expectNull.

@Test
public void emptyFilterChain_expectNull() throws Exception {
    InetAddress ipLocalAddress = InetAddress.getByName("10.1.2.3");
    final InetSocketAddress localAddress = new InetSocketAddress(ipLocalAddress, PORT);
    InetAddress ipRemoteAddress = InetAddress.getByName("10.4.5.6");
    final InetSocketAddress remoteAddress = new InetSocketAddress(ipRemoteAddress, 1234);
    channel = new EmbeddedChannel() {

        @Override
        public SocketAddress localAddress() {
            return localAddress;
        }

        @Override
        public SocketAddress remoteAddress() {
            return remoteAddress;
        }
    };
    pipeline = channel.pipeline();
    final SettableFuture<Server> start = SettableFuture.create();
    Executors.newSingleThreadExecutor().execute(new Runnable() {

        @Override
        public void run() {
            try {
                start.set(xdsServerWrapper.start());
            } catch (Exception ex) {
                start.setException(ex);
            }
        }
    });
    String ldsWatched = xdsClient.ldsResource.get(5, TimeUnit.SECONDS);
    assertThat(ldsWatched).isEqualTo("grpc/server?udpa.resource.listening_address=0.0.0.0:" + PORT);
    EnvoyServerProtoData.Listener listener = EnvoyServerProtoData.Listener.create("listener1", "10.1.2.3", ImmutableList.of(), null);
    LdsUpdate listenerUpdate = LdsUpdate.forTcpListener(listener);
    xdsClient.ldsWatcher.onChanged(listenerUpdate);
    start.get(5, TimeUnit.SECONDS);
    FilterChainSelector selector = selectorManager.getSelectorToUpdateSelector();
    assertThat(getSslContextProviderSupplier(selector)).isNull();
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) Server(io.grpc.Server) InetSocketAddress(java.net.InetSocketAddress) EmbeddedChannel(io.netty.channel.embedded.EmbeddedChannel) TimeoutException(java.util.concurrent.TimeoutException) SocketAddress(java.net.SocketAddress) InProcessSocketAddress(io.grpc.inprocess.InProcessSocketAddress) InetSocketAddress(java.net.InetSocketAddress) LdsUpdate(io.grpc.xds.XdsClient.LdsUpdate) InetAddress(java.net.InetAddress) Test(org.junit.Test)

Example 13 with FilterChainSelector

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method dest0LengthPrefixRange.

@Test
public void dest0LengthPrefixRange() throws Exception {
    EnvoyServerProtoData.DownstreamTlsContext tlsContext0Length = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    // 10.2.2.0/24 doesn't match LOCAL_IP
    EnvoyServerProtoData.FilterChainMatch filterChainMatch0Length = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(EnvoyServerProtoData.CidrRange.create("10.2.2.0", 0)), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChain0Length = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatch0Length, HTTP_CONNECTION_MANAGER, tlsContext0Length, tlsContextManager);
    EnvoyServerProtoData.DownstreamTlsContext tlsContextForDefaultFilterChain = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "VA2");
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", DEFAULT_FILTER_CHAIN_MATCH, HTTP_CONNECTION_MANAGER, tlsContextForDefaultFilterChain, tlsContextManager);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChain0Length, noopConfig), defaultFilterChain.sslContextProviderSupplier(), new AtomicReference<ServerRoutingConfig>()));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.get()).isEqualTo(filterChain0Length.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext()).isSameInstanceAs(tlsContext0Length);
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) AtomicReference(java.util.concurrent.atomic.AtomicReference) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Example 14 with FilterChainSelector

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method singleFilterChainWithoutAlpn.

@Test
public void singleFilterChainWithoutAlpn() throws Exception {
    EnvoyServerProtoData.FilterChainMatch filterChainMatch = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.DownstreamTlsContext tlsContext = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    EnvoyServerProtoData.FilterChain filterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatch, HTTP_CONNECTION_MANAGER, tlsContext, tlsContextManager);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChain, noopConfig), null, new AtomicReference<ServerRoutingConfig>()));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.isDone()).isTrue();
    assertThat(sslSet.get()).isEqualTo(filterChain.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext()).isSameInstanceAs(tlsContext);
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) AtomicReference(java.util.concurrent.atomic.AtomicReference) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Example 15 with FilterChainSelector

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method filterChainMatch_unsupportedMatchers.

@Test
@SuppressWarnings("deprecation")
public void filterChainMatch_unsupportedMatchers() throws Exception {
    EnvoyServerProtoData.DownstreamTlsContext tlsContext1 = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "ROOTCA");
    EnvoyServerProtoData.DownstreamTlsContext tlsContext2 = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "ROOTCA");
    EnvoyServerProtoData.DownstreamTlsContext tlsContext3 = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT3", "ROOTCA");
    EnvoyServerProtoData.FilterChainMatch filterChainMatch1 = EnvoyServerProtoData.FilterChainMatch.create(0, /* destinationPort */
    ImmutableList.of(EnvoyServerProtoData.CidrRange.create("10.1.0.0", 16)), /* prefixRange */
    ImmutableList.of("managed-mtls", "h2"), /* applicationProtocol */
    ImmutableList.of(), /* sourcePrefixRanges */
    EnvoyServerProtoData.ConnectionSourceType.ANY, /* sourceType */
    ImmutableList.of(), /* sourcePorts */
    ImmutableList.of("server1", "server2"), /* serverNames */
    "tls");
    EnvoyServerProtoData.FilterChainMatch filterChainMatch2 = EnvoyServerProtoData.FilterChainMatch.create(0, /* destinationPort */
    ImmutableList.of(EnvoyServerProtoData.CidrRange.create("10.0.0.0", 8)), /* prefixRange */
    ImmutableList.of(), /* applicationProtocol */
    ImmutableList.of(), /* sourcePrefixRanges */
    EnvoyServerProtoData.ConnectionSourceType.ANY, /* sourceType */
    ImmutableList.of(), /* sourcePorts */
    ImmutableList.of(), /* serverNames */
    "");
    EnvoyServerProtoData.FilterChainMatch defaultFilterChainMatch = EnvoyServerProtoData.FilterChainMatch.create(0, /* destinationPort */
    ImmutableList.of(), /* prefixRange */
    ImmutableList.of(), /* applicationProtocol */
    ImmutableList.of(), /* sourcePrefixRanges */
    EnvoyServerProtoData.ConnectionSourceType.ANY, /* sourceType */
    ImmutableList.of(), /* sourcePorts */
    ImmutableList.of(), /* serverNames */
    "");
    EnvoyServerProtoData.FilterChain filterChain1 = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatch1, HTTP_CONNECTION_MANAGER, tlsContext1, mock(TlsContextManager.class));
    EnvoyServerProtoData.FilterChain filterChain2 = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", filterChainMatch2, HTTP_CONNECTION_MANAGER, tlsContext2, mock(TlsContextManager.class));
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-baz", defaultFilterChainMatch, HTTP_CONNECTION_MANAGER, tlsContext3, mock(TlsContextManager.class));
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChain1, randomConfig("1"), filterChain2, randomConfig("2")), defaultFilterChain.sslContextProviderSupplier(), noopConfig));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.get()).isEqualTo(defaultFilterChain.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext().getCommonTlsContext().getTlsCertificateCertificateProviderInstance().getCertificateName()).isEqualTo("CERT3");
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Aggregations

FilterChainSelector (io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector)21 Test (org.junit.Test)21 FilterChainMatchingHandler (io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler)20 ChannelHandler (io.netty.channel.ChannelHandler)19 DownstreamTlsContext (io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext)17 FilterChain (io.grpc.xds.EnvoyServerProtoData.FilterChain)17 ServerRoutingConfig (io.grpc.xds.XdsServerWrapper.ServerRoutingConfig)4 HashMap (java.util.HashMap)4 AtomicReference (java.util.concurrent.atomic.AtomicReference)4 ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)2 ChannelInboundHandlerAdapter (io.netty.channel.ChannelInboundHandlerAdapter)2 Server (io.grpc.Server)1 InProcessSocketAddress (io.grpc.inprocess.InProcessSocketAddress)1 InternalProtocolNegotiationEvent (io.grpc.netty.InternalProtocolNegotiationEvent)1 ProtocolNegotiationEvent (io.grpc.netty.ProtocolNegotiationEvent)1 LdsUpdate (io.grpc.xds.XdsClient.LdsUpdate)1 SslContextProviderSupplier (io.grpc.xds.internal.sds.SslContextProviderSupplier)1 EmbeddedChannel (io.netty.channel.embedded.EmbeddedChannel)1 InetAddress (java.net.InetAddress)1 InetSocketAddress (java.net.InetSocketAddress)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial