use of org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter in project ignite by apache.
the class GridTcpRouterImpl method startTcpServer.
/**
* Tries to start server with given parameters.
*
* @param hostAddr Host on which server should be bound.
* @param port Port on which server should be bound.
* @param lsnr Server message listener.
* @param parser Server message parser.
* @param tcpNoDelay Flag indicating whether TCP_NODELAY flag should be set for accepted connections.
* @param sslCtx SSL context in case if SSL is enabled.
* @param wantClientAuth Whether client will be requested for authentication.
* @param needClientAuth Whether client is required to be authenticated.
* @return {@code True} if server successfully started, {@code false} if port is used and
* server was unable to start.
*/
private boolean startTcpServer(InetAddress hostAddr, int port, GridNioServerListener<GridClientMessage> lsnr, GridNioParser parser, boolean tcpNoDelay, @Nullable SSLContext sslCtx, boolean wantClientAuth, boolean needClientAuth) {
try {
GridNioFilter codec = new GridNioCodecFilter(parser, log, false);
// This name is required to be unique in order to avoid collisions with
// ThreadWorkerGroups running in the same JVM by other routers/nodes.
String igniteInstanceName = "router-" + id;
GridNioFilter[] filters;
if (sslCtx != null) {
GridNioSslFilter sslFilter = new GridNioSslFilter(sslCtx, false, ByteOrder.nativeOrder(), log);
sslFilter.wantClientAuth(wantClientAuth);
sslFilter.needClientAuth(needClientAuth);
filters = new GridNioFilter[] { codec, sslFilter };
} else
filters = new GridNioFilter[] { codec };
srv = GridNioServer.<GridClientMessage>builder().address(hostAddr).port(port).listener(lsnr).logger(log).selectorCount(Runtime.getRuntime().availableProcessors()).igniteInstanceName(igniteInstanceName).serverName("router").tcpNoDelay(tcpNoDelay).directBuffer(false).byteOrder(ByteOrder.nativeOrder()).socketSendBufferSize(0).socketReceiveBufferSize(0).sendQueueLimit(0).filters(filters).idleTimeout(cfg.getIdleTimeout()).build();
srv.start();
return true;
} catch (IgniteCheckedException e) {
if (log.isDebugEnabled())
log.debug("Failed to start TCP router protocol on port " + port + ": " + e.getMessage());
srv = null;
return false;
}
}
use of org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter in project ignite by apache.
the class GridTcpRestProtocol method startTcpServer.
/**
* Tries to start server with given parameters.
*
* @param hostAddr Host on which server should be bound.
* @param port Port on which server should be bound.
* @param lsnr Server message listener.
* @param parser Server message parser.
* @param sslCtx SSL context in case if SSL is enabled.
* @param cfg Configuration for other parameters.
* @return {@code True} if server successfully started, {@code false} if port is used and
* server was unable to start.
*/
private boolean startTcpServer(InetAddress hostAddr, int port, GridNioServerListener<GridClientMessage> lsnr, GridNioParser parser, @Nullable SSLContext sslCtx, ConnectorConfiguration cfg) {
try {
GridNioFilter codec = new GridNioCodecFilter(parser, log, false);
GridNioFilter[] filters;
if (sslCtx != null) {
GridNioSslFilter sslFilter = new GridNioSslFilter(sslCtx, cfg.isDirectBuffer(), ByteOrder.nativeOrder(), log);
sslFilter.directMode(false);
boolean auth = cfg.isSslClientAuth();
sslFilter.wantClientAuth(auth);
sslFilter.needClientAuth(auth);
filters = new GridNioFilter[] { codec, sslFilter };
} else
filters = new GridNioFilter[] { codec };
srv = GridNioServer.<GridClientMessage>builder().address(hostAddr).port(port).listener(lsnr).logger(log).selectorCount(cfg.getSelectorCount()).igniteInstanceName(ctx.igniteInstanceName()).serverName("tcp-rest").tcpNoDelay(cfg.isNoDelay()).directBuffer(cfg.isDirectBuffer()).byteOrder(ByteOrder.nativeOrder()).socketSendBufferSize(cfg.getSendBufferSize()).socketReceiveBufferSize(cfg.getReceiveBufferSize()).sendQueueLimit(cfg.getSendQueueLimit()).filters(filters).directMode(false).build();
srv.idleTimeout(cfg.getIdleTimeout());
srv.start();
ctx.ports().registerPort(port, IgnitePortProtocol.TCP, getClass());
return true;
} catch (IgniteCheckedException e) {
if (log.isDebugEnabled())
log.debug("Failed to start " + name() + " protocol on port " + port + ": " + e.getMessage());
return false;
}
}
use of org.apache.ignite.internal.util.nio.ssl.GridNioSslFilter in project ignite by apache.
the class TcpCommunicationSpi method resetNioServer.
/**
* Recreates tpcSrvr socket instance.
*
* @return Server instance.
* @throws IgniteCheckedException Thrown if it's not possible to create server.
*/
private GridNioServer<Message> resetNioServer() throws IgniteCheckedException {
if (boundTcpPort >= 0)
throw new IgniteCheckedException("Tcp NIO server was already created on port " + boundTcpPort);
IgniteCheckedException lastEx = null;
// If configured TCP port is busy, find first available in range.
int lastPort = locPortRange == 0 ? locPort : locPort + locPortRange - 1;
for (int port = locPort; port <= lastPort; port++) {
try {
MessageFactory msgFactory = new MessageFactory() {
private MessageFactory impl;
@Nullable
@Override
public Message create(short type) {
if (impl == null)
impl = getSpiContext().messageFactory();
assert impl != null;
return impl.create(type);
}
};
GridNioMessageReaderFactory readerFactory = new GridNioMessageReaderFactory() {
private MessageFormatter formatter;
@Override
public MessageReader reader(GridNioSession ses, MessageFactory msgFactory) throws IgniteCheckedException {
if (formatter == null)
formatter = getSpiContext().messageFormatter();
assert formatter != null;
ConnectionKey key = ses.meta(CONN_IDX_META);
return key != null ? formatter.reader(key.nodeId(), msgFactory) : null;
}
};
GridNioMessageWriterFactory writerFactory = new GridNioMessageWriterFactory() {
private MessageFormatter formatter;
@Override
public MessageWriter writer(GridNioSession ses) throws IgniteCheckedException {
if (formatter == null)
formatter = getSpiContext().messageFormatter();
assert formatter != null;
ConnectionKey key = ses.meta(CONN_IDX_META);
return key != null ? formatter.writer(key.nodeId()) : null;
}
};
GridDirectParser parser = new GridDirectParser(log.getLogger(GridDirectParser.class), msgFactory, readerFactory);
IgnitePredicate<Message> skipRecoveryPred = new IgnitePredicate<Message>() {
@Override
public boolean apply(Message msg) {
return msg instanceof RecoveryLastReceivedMessage;
}
};
boolean clientMode = Boolean.TRUE.equals(ignite.configuration().isClientMode());
IgniteBiInClosure<GridNioSession, Integer> queueSizeMonitor = !clientMode && slowClientQueueLimit > 0 ? new CI2<GridNioSession, Integer>() {
@Override
public void apply(GridNioSession ses, Integer qSize) {
checkClientQueueSize(ses, qSize);
}
} : null;
GridNioFilter[] filters;
if (isSslEnabled()) {
GridNioSslFilter sslFilter = new GridNioSslFilter(ignite.configuration().getSslContextFactory().create(), true, ByteOrder.nativeOrder(), log);
sslFilter.directMode(true);
sslFilter.wantClientAuth(true);
sslFilter.needClientAuth(true);
filters = new GridNioFilter[] { new GridNioCodecFilter(parser, log, true), new GridConnectionBytesVerifyFilter(log), sslFilter };
} else
filters = new GridNioFilter[] { new GridNioCodecFilter(parser, log, true), new GridConnectionBytesVerifyFilter(log) };
GridNioServer<Message> srvr = GridNioServer.<Message>builder().address(locHost).port(port).listener(srvLsnr).logger(log).selectorCount(selectorsCnt).igniteInstanceName(igniteInstanceName).serverName("tcp-comm").tcpNoDelay(tcpNoDelay).directBuffer(directBuf).byteOrder(ByteOrder.nativeOrder()).socketSendBufferSize(sockSndBuf).socketReceiveBufferSize(sockRcvBuf).sendQueueLimit(msgQueueLimit).directMode(true).metricsListener(metricsLsnr).writeTimeout(sockWriteTimeout).selectorSpins(selectorSpins).filters(filters).writerFactory(writerFactory).skipRecoveryPredicate(skipRecoveryPred).messageQueueSizeListener(queueSizeMonitor).readWriteSelectorsAssign(usePairedConnections).build();
boundTcpPort = port;
// Ack Port the TCP server was bound to.
if (log.isInfoEnabled()) {
log.info("Successfully bound communication NIO server to TCP port " + "[port=" + boundTcpPort + ", locHost=" + locHost + ", selectorsCnt=" + selectorsCnt + ", selectorSpins=" + srvr.selectorSpins() + ", pairedConn=" + usePairedConnections + ']');
}
srvr.idleTimeout(idleConnTimeout);
return srvr;
} catch (IgniteCheckedException e) {
if (X.hasCause(e, SSLException.class))
throw new IgniteSpiException("Failed to create SSL context. SSL factory: " + ignite.configuration().getSslContextFactory() + '.', e);
lastEx = e;
if (log.isDebugEnabled())
log.debug("Failed to bind to local port (will try next port within range) [port=" + port + ", locHost=" + locHost + ']');
onException("Failed to bind to local port (will try next port within range) [port=" + port + ", locHost=" + locHost + ']', e);
}
}
// If free port wasn't found.
throw new IgniteCheckedException("Failed to bind to any port within range [startPort=" + locPort + ", portRange=" + locPortRange + ", locHost=" + locHost + ']', lastEx);
}
Aggregations