You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by bu...@apache.org on 2020/04/10 00:28:17 UTC
[geode] 01/01: Revert "GEODE-7852: test SNI client against a geode
(2-node) cluster (#4925)"
This is an automated email from the ASF dual-hosted git repository.
burcham pushed a commit to branch revert-4925-feature/GEODE-7852-test-cluster
in repository https://gitbox.apache.org/repos/asf/geode.git
commit 13cb5523e16783b2c2bf16d31b3b7ec427641889
Author: Bill Burcham <bi...@gmail.com>
AuthorDate: Thu Apr 9 17:27:53 2020 -0700
Revert "GEODE-7852: test SNI client against a geode (2-node) cluster (#4925)"
This reverts commit 4f2a6047d5b272982595e3b7e71c624d61c69415.
---
...tanceTest.java => ClientSNIAcceptanceTest.java} | 17 +--
.../client/sni/DualServerSNIAcceptanceTest.java | 169 ---------------------
.../client/sni/geode-config/locator-keystore.jks | Bin 0 -> 2028 bytes
.../sni/geode-config/locator-maeve-keystore.jks | Bin 2048 -> 0 bytes
.../geode-config/server-clementine-keystore.jks | Bin 2059 -> 0 bytes
.../sni/geode-config/server-dolores-keystore.jks | Bin 2050 -> 0 bytes
.../client/sni/geode-config/server-keystore.jks | Bin 0 -> 2025 bytes
.../geode/client/sni/geode-config/truststore.jks | Bin 8095 -> 6023 bytes
.../org/apache/geode/client/sni/haproxy.cfg | 14 +-
.../geode/client/sni/scripts/geode-starter-2.gfsh | 23 ---
.../geode/client/sni/scripts/geode-starter.gfsh | 4 +-
11 files changed, 11 insertions(+), 216 deletions(-)
diff --git a/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/SingleServerSNIAcceptanceTest.java b/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/ClientSNIAcceptanceTest.java
similarity index 84%
rename from geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/SingleServerSNIAcceptanceTest.java
rename to geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/ClientSNIAcceptanceTest.java
index bb7de3d..8c8f397 100644
--- a/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/SingleServerSNIAcceptanceTest.java
+++ b/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/ClientSNIAcceptanceTest.java
@@ -43,19 +43,10 @@ import org.apache.geode.cache.client.ClientRegionShortcut;
import org.apache.geode.cache.client.proxy.ProxySocketFactories;
import org.apache.geode.test.junit.rules.IgnoreOnWindowsRule;
-/**
- * This test runs against a 1-server, 1-locator Geode cluster. The server and locator run inside
- * a (single) Docker container and are not route-able from the host (where this JUnit test is
- * running). Another Docker container is running the HAProxy image and it's set up as an SNI
- * gateway. The test connects to the gateway via SNI and the gateway (in one Docker container)
- * forwards traffic to Geode members (running in the other Docker container).
- *
- * This test connects to the server and verifies it can write and read data in the region.
- */
-public class SingleServerSNIAcceptanceTest {
+public class ClientSNIAcceptanceTest {
private static final URL DOCKER_COMPOSE_PATH =
- SingleServerSNIAcceptanceTest.class.getResource("docker-compose.yml");
+ ClientSNIAcceptanceTest.class.getResource("docker-compose.yml");
// Docker compose does not work on windows in CI. Ignore this test on windows
// Using a RuleChain to make sure we ignore the test before the rule comes into play
@@ -73,7 +64,7 @@ public class SingleServerSNIAcceptanceTest {
@Before
public void before() throws IOException, InterruptedException {
trustStorePath =
- createTempFileFromResource(SingleServerSNIAcceptanceTest.class,
+ createTempFileFromResource(ClientSNIAcceptanceTest.class,
"geode-config/truststore.jks")
.getAbsolutePath();
docker.exec(options("-T"), "geode",
@@ -96,7 +87,7 @@ public class SingleServerSNIAcceptanceTest {
.port(15443)
.getExternalPort();
ClientCache cache = new ClientCacheFactory(gemFireProps)
- .addPoolLocator("locator-maeve", 10334)
+ .addPoolLocator("locator", 10334)
.setPoolSocketFactory(ProxySocketFactories.sni("localhost",
proxyPort))
.create();
diff --git a/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/DualServerSNIAcceptanceTest.java b/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/DualServerSNIAcceptanceTest.java
deleted file mode 100644
index a94b16d..0000000
--- a/geode-assembly/src/acceptanceTest/java/org/apache/geode/client/sni/DualServerSNIAcceptanceTest.java
+++ /dev/null
@@ -1,169 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
- * agreements. See the NOTICE file distributed with this work for additional information regarding
- * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance with the License. You may obtain a
- * copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software distributed under the License
- * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
- * or implied. See the License for the specific language governing permissions and limitations under
- * the License.
- */
-package org.apache.geode.client.sni;
-
-import static com.palantir.docker.compose.execution.DockerComposeExecArgument.arguments;
-import static com.palantir.docker.compose.execution.DockerComposeExecOption.options;
-import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENABLED_COMPONENTS;
-import static org.apache.geode.distributed.ConfigurationProperties.SSL_ENDPOINT_IDENTIFICATION_ENABLED;
-import static org.apache.geode.distributed.ConfigurationProperties.SSL_KEYSTORE_TYPE;
-import static org.apache.geode.distributed.ConfigurationProperties.SSL_REQUIRE_AUTHENTICATION;
-import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE;
-import static org.apache.geode.distributed.ConfigurationProperties.SSL_TRUSTSTORE_PASSWORD;
-import static org.apache.geode.test.util.ResourceUtils.createTempFileFromResource;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.assertThatThrownBy;
-
-import java.io.IOException;
-import java.net.URL;
-import java.util.Properties;
-
-import com.palantir.docker.compose.DockerComposeRule;
-import org.junit.After;
-import org.junit.BeforeClass;
-import org.junit.ClassRule;
-import org.junit.Test;
-import org.junit.rules.TestRule;
-
-import org.apache.geode.cache.Region;
-import org.apache.geode.cache.RegionDestroyedException;
-import org.apache.geode.cache.client.ClientCache;
-import org.apache.geode.cache.client.ClientCacheFactory;
-import org.apache.geode.cache.client.ClientRegionShortcut;
-import org.apache.geode.cache.client.proxy.ProxySocketFactories;
-import org.apache.geode.test.junit.rules.IgnoreOnWindowsRule;
-
-/**
- * These tests run against a 2-server, 1-locator Geode cluster. The servers and locator run inside
- * a (single) Docker container and are not route-able from the host (where this JUnit test is
- * running). Another Docker container is running the HAProxy image and it's set up as an SNI
- * gateway. The test connects to the gateway via SNI and the gateway (in one Docker container)
- * forwards traffic to Geode members (running in the other Docker container).
- *
- * The two servers, server-dolores, and server-clementine, each are members of their own distinct
- * groups: group-dolores, and group-clementine, respectively. Also each server has a separate
- * REPLICATE region on it: region-dolores, and region-clementine, respectively.
- *
- * This test creates a connection pool to each group in turn. For that group, the test verifies
- * it can update data to the region of interest. There's also a pair of negative tests that verify
- * the correct exception is thrown when an attempt is made to operate on an unreachable region.
- */
-public class DualServerSNIAcceptanceTest {
-
- private static final URL DOCKER_COMPOSE_PATH =
- SingleServerSNIAcceptanceTest.class.getResource("docker-compose.yml");
-
- // Docker compose does not work on windows in CI. Ignore this test on windows
- // Using a RuleChain to make sure we ignore the test before the rule comes into play
- @ClassRule
- public static TestRule ignoreOnWindowsRule = new IgnoreOnWindowsRule();
-
- @ClassRule
- public static DockerComposeRule docker = DockerComposeRule.builder()
- .file(DOCKER_COMPOSE_PATH.getPath())
- .build();
-
- private static Properties gemFireProps;
- private ClientCache cache;
-
- @BeforeClass
- public static void beforeClass() throws IOException, InterruptedException {
- docker.exec(options("-T"), "geode",
- arguments("gfsh", "run", "--file=/geode/scripts/geode-starter-2.gfsh"));
-
- final String trustStorePath =
- createTempFileFromResource(SingleServerSNIAcceptanceTest.class,
- "geode-config/truststore.jks")
- .getAbsolutePath();
-
- gemFireProps = new Properties();
- gemFireProps.setProperty(SSL_ENABLED_COMPONENTS, "all");
- gemFireProps.setProperty(SSL_KEYSTORE_TYPE, "jks");
- gemFireProps.setProperty(SSL_REQUIRE_AUTHENTICATION, "false");
-
- gemFireProps.setProperty(SSL_TRUSTSTORE, trustStorePath);
- gemFireProps.setProperty(SSL_TRUSTSTORE_PASSWORD, "geode");
- gemFireProps.setProperty(SSL_ENDPOINT_IDENTIFICATION_ENABLED, "true");
- }
-
- @After
- public void after() {
- ensureCacheClosed();
- }
-
- @Test
- public void successfulRoutingTest() {
- verifyPutAndGet("group-dolores", "region-dolores");
- }
-
- @Test
- public void successfulRoutingTest2() {
- verifyPutAndGet("group-clementine", "region-clementine");
- }
-
- @Test
- public void unreachabilityTest() {
- verifyUnreachable("group-dolores", "region-clementine");
- }
-
- @Test
- public void unreachabilityTest2() {
- verifyUnreachable("group-clementine", "region-dolores");
- }
-
- private void verifyUnreachable(final String groupName, final String regionName) {
- final Region<String, String> region = getRegion(groupName, regionName);
- assertThatThrownBy(() -> region.destroy("hello"))
- .hasCauseInstanceOf(RegionDestroyedException.class)
- .hasStackTraceContaining("was not found during destroy request");
- }
-
- private void verifyPutAndGet(final String groupName, final String regionName) {
- final Region<String, String> region = getRegion(groupName, regionName);
- region.destroy("hello");
- region.put("hello", "world");
- assertThat(region.get("hello")).isEqualTo("world");
- }
-
- /**
- * modifies cache field as a side-effect
- */
- private Region<String, String> getRegion(final String groupName, final String regionName) {
- final int proxyPort = docker.containers()
- .container("haproxy")
- .port(15443)
- .getExternalPort();
- ensureCacheClosed();
- cache = new ClientCacheFactory(gemFireProps)
- .addPoolLocator("locator-maeve", 10334)
- .setPoolServerGroup(groupName)
- .setPoolSocketFactory(ProxySocketFactories.sni("localhost",
- proxyPort))
- .create();
- return cache.<String, String>createClientRegionFactory(ClientRegionShortcut.PROXY)
- .create(regionName);
- }
-
- /**
- * modifies cache field as a side-effect
- */
- private void ensureCacheClosed() {
- if (cache != null) {
- cache.close();
- cache = null;
- }
- }
-
-}
diff --git a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/locator-keystore.jks b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/locator-keystore.jks
new file mode 100644
index 0000000..c19eb1e
Binary files /dev/null and b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/locator-keystore.jks differ
diff --git a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/locator-maeve-keystore.jks b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/locator-maeve-keystore.jks
deleted file mode 100644
index a29cf0f..0000000
Binary files a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/locator-maeve-keystore.jks and /dev/null differ
diff --git a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/server-clementine-keystore.jks b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/server-clementine-keystore.jks
deleted file mode 100644
index 380de6c..0000000
Binary files a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/server-clementine-keystore.jks and /dev/null differ
diff --git a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/server-dolores-keystore.jks b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/server-dolores-keystore.jks
deleted file mode 100644
index cb2c4c5..0000000
Binary files a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/server-dolores-keystore.jks and /dev/null differ
diff --git a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/server-keystore.jks b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/server-keystore.jks
new file mode 100644
index 0000000..5672ea8
Binary files /dev/null and b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/server-keystore.jks differ
diff --git a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/truststore.jks b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/truststore.jks
index ffcdaf3..cd95d77 100644
Binary files a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/truststore.jks and b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/geode-config/truststore.jks differ
diff --git a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/haproxy.cfg b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/haproxy.cfg
index c451ef6..3ffa2c1 100644
--- a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/haproxy.cfg
+++ b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/haproxy.cfg
@@ -25,20 +25,16 @@ frontend sniproxy
mode tcp
tcp-request inspect-delay 5s
tcp-request content accept if { req_ssl_hello_type 1 }
- use_backend locators-maeve if { req.ssl_sni -i locator-maeve }
- use_backend servers-dolores if { req.ssl_sni -i server-dolores }
- use_backend servers-clementine if { req.ssl_sni -i server-clementine }
- default_backend locators-maeve
+ use_backend locators if { req.ssl_sni -i locator }
+ use_backend servers if { req.ssl_sni -i server }
+ default_backend locators
log stdout format raw local0 debug
-backend locators-maeve
+backend locators
mode tcp
server locator1 geode:10334
-backend servers-dolores
+backend servers
mode tcp
server server1 geode:40404
-backend servers-clementine
- mode tcp
- server server1 geode:40405
diff --git a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/scripts/geode-starter-2.gfsh b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/scripts/geode-starter-2.gfsh
deleted file mode 100644
index 38600aa..0000000
--- a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/scripts/geode-starter-2.gfsh
+++ /dev/null
@@ -1,23 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-start locator --name=locator-maeve --hostname-for-clients=locator-maeve --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/locator-maeve-keystore.jks
-start server --name=server-dolores --group=group-dolores --hostname-for-clients=server-dolores --locators=localhost[10334] --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/server-dolores-keystore.jks
-start server --name=server-clementine --group=group-clementine --hostname-for-clients=server-clementine --server-port=40405 --locators=localhost[10334] --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/server-clementine-keystore.jks
-connect --locator=localhost[10334] --use-ssl=true --security-properties-file=/geode/config/gfsecurity.properties
-create region --name=region-dolores --group=group-dolores --type=REPLICATE
-create region --name=region-clementine --group=group-clementine --type=REPLICATE
diff --git a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/scripts/geode-starter.gfsh b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/scripts/geode-starter.gfsh
index 30e57f7..5b9fc80 100644
--- a/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/scripts/geode-starter.gfsh
+++ b/geode-assembly/src/acceptanceTest/resources/org/apache/geode/client/sni/scripts/geode-starter.gfsh
@@ -15,8 +15,8 @@
# limitations under the License.
#
-start locator --name=locator-maeve --hostname-for-clients=locator-maeve --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/locator-maeve-keystore.jks
-start server --name=server-dolores --hostname-for-clients=server-dolores --locators=localhost[10334] --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/server-dolores-keystore.jks
+start locator --name=locator --hostname-for-clients=locator --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/locator-keystore.jks
+start server --name=server --hostname-for-clients=server --locators=localhost[10334] --properties-file=/geode/config/gemfire.properties --security-properties-file=/geode/config/gfsecurity.properties --J=-Dgemfire.ssl-keystore=/geode/config/server-keystore.jks
connect --locator=localhost[10334] --use-ssl=true --security-properties-file=/geode/config/gfsecurity.properties
create region --name=jellyfish --type=REPLICATE
put --key=foo --value=bar --region=jellyfish