You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pinot.apache.org by GitBox <gi...@apache.org> on 2022/07/27 23:28:40 UTC

[GitHub] [pinot] mqliang opened a new pull request, #8163: Put Netty Channel handlers and Tls context creation logic at same place

mqliang opened a new pull request, #8163:
URL: https://github.com/apache/pinot/pull/8163

   ## Description
   <!-- Add a description of your PR here.
   A good description should include pointers to an issue or design document, etc.
   -->
   
   Netty Channel handlers creation logic and Tls context creation logic are scattered at different places, which makes code hard to read.
   
   Please note that the method `initChannel` is called for every new connection that is opened, anything that requires unique state should be constructed inside this method. Thus we should use the factory pattern to get a new object for all the handlers whenever `initChannel` is called.
   
   
   ## Upgrade Notes
   Does this PR prevent a zero down-time upgrade? (Assume upgrade order: Controller, Broker, Server, Minion)
   * [ ] Yes (Please label as **<code>backward-incompat</code>**, and complete the section below on Release Notes)
   
   Does this PR fix a zero-downtime upgrade introduced earlier?
   * [ ] Yes (Please label this as **<code>backward-incompat</code>**, and complete the section below on Release Notes)
   
   Does this PR otherwise need attention when creating release notes? Things to consider:
   - New configuration options
   - Deprecation of configurations
   - Signature changes to public methods/interfaces
   - New plugins added or old plugins removed
   * [ ] Yes (Please label this PR as **<code>release-notes</code>** and complete the section on Release Notes)
   ## Release Notes
   <!-- If you have tagged this as either backward-incompat or release-notes,
   you MUST add text here that you would like to see appear in release notes of the
   next release. -->
   
   <!-- If you have a series of commits adding or enabling a feature, then
   add this section only in final commit that marks the feature completed.
   Refer to earlier release notes to see examples of text.
   -->
   ## Documentation
   <!-- If you have introduced a new feature or configuration, please add it to the documentation as well.
   See https://docs.pinot.apache.org/developers/developers-and-contributors/update-document
   -->
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] apucher commented on a diff in pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

apucher commented on code in PR #8163:
URL: https://github.com/apache/pinot/pull/8163#discussion_r934752758


##########
pinot-common/src/main/java/org/apache/pinot/common/utils/TlsUtils.java:
##########
@@ -339,4 +343,49 @@ public Socket createSocket(String host, int port)
       return _sslSocketFactory.createSocket(host, port);
     }
   }
+
+  /**
+   * Builds client side SslContext based on a given TlsConfig.
+   *
+   * @param tlsConfig TLS config
+   */
+  public static SslContext buildClientContext(TlsConfig tlsConfig) {
+    SslContextBuilder sslContextBuilder =
+        SslContextBuilder.forClient().sslProvider(SslProvider.valueOf(tlsConfig.getSslProvider()));
+    if (tlsConfig.getKeyStorePath() != null) {
+      sslContextBuilder.keyManager(TlsUtils.createKeyManagerFactory(tlsConfig));

Review Comment:
   should be no need for the `TlsUtils.` prefix since its the same class file now



##########
pinot-common/src/main/java/org/apache/pinot/common/utils/TlsUtils.java:
##########
@@ -339,4 +343,49 @@ public Socket createSocket(String host, int port)
       return _sslSocketFactory.createSocket(host, port);
     }
   }
+
+  /**
+   * Builds client side SslContext based on a given TlsConfig.
+   *
+   * @param tlsConfig TLS config
+   */
+  public static SslContext buildClientContext(TlsConfig tlsConfig) {
+    SslContextBuilder sslContextBuilder =
+        SslContextBuilder.forClient().sslProvider(SslProvider.valueOf(tlsConfig.getSslProvider()));
+    if (tlsConfig.getKeyStorePath() != null) {
+      sslContextBuilder.keyManager(TlsUtils.createKeyManagerFactory(tlsConfig));

Review Comment:
   same below a few times



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] apucher commented on pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

apucher commented on PR #8163:
URL: https://github.com/apache/pinot/pull/8163#issuecomment-1201499125

   Hi folks, would you mind sharing same additional background on why some of the QueryServer code is being factored out into a separate class? I understand the desire for readability, although this can be achieved without adding yet another static helper class.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] apucher commented on pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

apucher commented on PR #8163:
URL: https://github.com/apache/pinot/pull/8163#issuecomment-1201511781

   The factory class is entirely static, i.e. it's a utility. The factory/utility methods themselves are only being used within QueryServer. Do you expect to use the factory methods anywhere else?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] mqliang closed pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

mqliang closed pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place
URL: https://github.com/apache/pinot/pull/8163


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] mqliang commented on pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

mqliang commented on PR #8163:
URL: https://github.com/apache/pinot/pull/8163#issuecomment-1201570215

   > The factory/utility methods themselves are only being used within QueryServer
   
   Not exactly. They are get used both server side (QueryServer) and client side (ServerChannels)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] jasperjiaguo commented on pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

jasperjiaguo commented on PR #8163:
URL: https://github.com/apache/pinot/pull/8163#issuecomment-1201489334

   @apucher could you please take a look? Thanks.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] mqliang closed pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

mqliang closed pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place
URL: https://github.com/apache/pinot/pull/8163


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] mqliang commented on pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

mqliang commented on PR #8163:
URL: https://github.com/apache/pinot/pull/8163#issuecomment-1198568314

   @jasperjiaguo Could you please take a look when you get a chance. It's a refactoring over your SSL change


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] mqliang closed pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

mqliang closed pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place
URL: https://github.com/apache/pinot/pull/8163


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] Jackie-Jiang merged pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

Jackie-Jiang merged PR #8163:
URL: https://github.com/apache/pinot/pull/8163


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org

[GitHub] [pinot] mqliang commented on pull request #8163: Put Netty Channel handlers and Tls context creation logic at same place

Posted by GitBox <gi...@apache.org>.

mqliang commented on PR #8163:
URL: https://github.com/apache/pinot/pull/8163#issuecomment-1201506981

   > why some of the QueryServer code is being factored out into a separate class? I understand the desire for readability, although this can be achieved without adding yet another static helper class.
   
   For readability:
   - factor out all ChannelHandlers code into class ChannelHandlerFactory
   - factor out the `attachSSLHandler` functions (both Client side and Server side) into 
   
   Why add another static helper class:
   - the method initChannel is called for every new connection that is opened, anything that requires unique state should be constructed inside this method. Thus we should use the factory pattern to get a new object for all the handlers whenever initChannel is called.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org