You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pinot.apache.org by xi...@apache.org on 2024/02/05 18:44:23 UTC
(pinot) branch master updated: log information about SSLFactory renewal (#12357)
This is an automated email from the ASF dual-hosted git repository.
xiangfu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pinot.git
The following commit(s) were added to refs/heads/master by this push:
new 3cefed570b log information about SSLFactory renewal (#12357)
3cefed570b is described below
commit 3cefed570b663cf66d799f752985262bcd6bd954
Author: Haitao Zhang <ha...@startree.ai>
AuthorDate: Mon Feb 5 10:44:17 2024 -0800
log information about SSLFactory renewal (#12357)
* log infomation about SSLFactory renewal
* update log
* fix typo
---
.../src/main/java/org/apache/pinot/common/utils/TlsUtils.java | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/pinot-common/src/main/java/org/apache/pinot/common/utils/TlsUtils.java b/pinot-common/src/main/java/org/apache/pinot/common/utils/TlsUtils.java
index 11084efcc6..e905f7aafa 100644
--- a/pinot-common/src/main/java/org/apache/pinot/common/utils/TlsUtils.java
+++ b/pinot-common/src/main/java/org/apache/pinot/common/utils/TlsUtils.java
@@ -433,6 +433,8 @@ public final class TlsUtils {
String trustStoreType, String trustStorePath, String trustStorePassword,
String sslContextProtocol, SecureRandom secureRandom)
throws IOException, URISyntaxException, InterruptedException {
+ LOGGER.info("Enable auto renewal of SSLFactory {} when key store {} or trust store {} changes",
+ baseSslFactory, keyStorePath, trustStorePath);
WatchService watchService = FileSystems.getDefault().newWatchService();
Map<WatchKey, Set<Path>> watchKeyPathMap = new HashMap<>();
registerFile(watchService, watchKeyPathMap, keyStorePath);
@@ -442,10 +444,15 @@ public final class TlsUtils {
for (WatchEvent<?> event : key.pollEvents()) {
Path changedFile = (Path) event.context();
if (watchKeyPathMap.get(key).contains(changedFile)) {
+ LOGGER.info("Detected change in file: {}, try to renew SSLFactory {} "
+ + "(built from key store {} and truststore {})",
+ changedFile, baseSslFactory, keyStorePath, trustStorePath);
SSLFactory updatedSslFactory = createSSLFactory(
keyStoreType, keyStorePath, keyStorePassword, trustStoreType, trustStorePath, trustStorePassword,
sslContextProtocol, secureRandom, false);
SSLFactoryUtils.reload(baseSslFactory, updatedSslFactory);
+ LOGGER.info("Successfully renewed SSLFactory {} (built from key store {} and truststore {}) "
+ + "on file {} changes", baseSslFactory, keyStorePath, trustStorePath, changedFile);
}
}
key.reset();
@@ -514,6 +521,9 @@ public final class TlsUtils {
if (trustStoreStream != null) {
trustStoreStream.close();
}
+ LOGGER.info("Successfully created SSLFactory {} with key store {} and trust store {}. "
+ + "Key and trust material swappable: {}",
+ sslFactory, keyStorePath, trustStorePath, keyAndTrustMaterialSwappable);
return sslFactory;
} catch (Exception e) {
throw new IllegalStateException(e);
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org