[GitHub] [knox] moresandeep opened a new pull request #380: KNOX-843 - Client side HA

[GitBox <gi...@apache.org>]

moresandeep opened a new pull request #380:
URL: https://github.com/apache/knox/pull/380


   ## What changes were proposed in this pull request?
   This PR introduces a way for Knox to load balance backend clients. This is done by introducing a parameter `cookieHaEnabled=true` in `HaProvider` e.g.
   
   ```
        <provider>
               <role>ha</role>
               <name>HaProvider</name>
               <enabled>true</enabled>
               <param>
                   <name>WHOAMI</name>
                   <value>enabled=true;maxFailoverAttempts=3;failoverSleep=1000;cookieHaEnabled=true</value>
               </param>
           </provider>
   ```
   When enabled, knox dispatch will round-robin requests to the URLs listed in the HA configuration unlike previously where knox only chooses other URL after a failover. 
   The sessions are sticky so same session requests will always end up dispatching to the same backend.
   
   ## How was this patch tested?
   This patch was manually tested using 
   
   1. curl for multiple different sessions
   ```
   (base) ➜  temp curl -iku admin:admin-password  "https://localhost:8443/gateway/test/whoami/"
   HTTP/1.1 200 OK
   Date: Mon, 05 Oct 2020 19:20:03 GMT
   Set-Cookie: KNOXSESSIONID=node0flaeprbtixj919ozympe23muc2.node0; Path=/gateway/test; Secure; HttpOnly
   Expires: Thu, 01 Jan 1970 00:00:00 GMT
   Set-Cookie: rememberMe=deleteMe; Path=/gateway/test; Max-Age=0; Expires=Sun, 04-Oct-2020 19:20:04 GMT
   Set-Cookie: KNOX_BACKEND-WHOAMI=4336ad0a09ba5de5c19d294a6e1be4bd5b0aa62bc0537b2c1951ad50b1aca033; Path=/gateway/test; Secure; HttpOnly
   Content-Length: 10
   
    SERVER 1
   (base) ➜  temp curl -iku admin:admin-password  "https://localhost:8443/gateway/test/whoami/"
   HTTP/1.1 200 OK
   Date: Mon, 05 Oct 2020 19:20:05 GMT
   Set-Cookie: KNOXSESSIONID=node01bynsokjpm43t1ag2zogir8wht3.node0; Path=/gateway/test; Secure; HttpOnly
   Expires: Thu, 01 Jan 1970 00:00:00 GMT
   Set-Cookie: rememberMe=deleteMe; Path=/gateway/test; Max-Age=0; Expires=Sun, 04-Oct-2020 19:20:05 GMT
   Set-Cookie: KNOX_BACKEND-WHOAMI=d2eea4def3bbb002420943cc4d7983627cf7132b6154a400597c379a1254189b; Path=/gateway/test; Secure; HttpOnly
   Content-Length: 10
   
    SERVER 2
   ```
   2. curl for sticky sessions
   ```
   (base) ➜  temp curl -iku admin:admin-password -c cookies.txt -b cookies.txt "https://localhost:8443/gateway/test/whoami/"
   
   HTTP/1.1 200 OK
   Date: Mon, 05 Oct 2020 19:22:05 GMT
   Set-Cookie: KNOXSESSIONID=node0117mojjq6uevh1p1nl2v5iumgo5.node0; Path=/gateway/test; Secure; HttpOnly
   Expires: Thu, 01 Jan 1970 00:00:00 GMT
   Set-Cookie: rememberMe=deleteMe; Path=/gateway/test; Max-Age=0; Expires=Sun, 04-Oct-2020 19:22:06 GMT
   Set-Cookie: KNOX_BACKEND-WHOAMI=d2eea4def3bbb002420943cc4d7983627cf7132b6154a400597c379a1254189b; Path=/gateway/test; Secure; HttpOnly
   Content-Length: 10
   
    SERVER 2
   (base) ➜  temp curl -iku admin:admin-password -c cookies.txt -b cookies.txt "https://localhost:8443/gateway/test/whoami/"
   
   HTTP/1.1 200 OK
   Date: Mon, 05 Oct 2020 19:22:06 GMT
   Content-Length: 10
   
    SERVER 2
   (base) ➜  temp curl -iku admin:admin-password -c cookies.txt -b cookies.txt "https://localhost:8443/gateway/test/whoami/"
   
   HTTP/1.1 200 OK
   Date: Mon, 05 Oct 2020 19:22:07 GMT
   Content-Length: 10
   
    SERVER 2
   ```
   
   3. Browser
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [knox] moresandeep commented on pull request #380: KNOX-843 - Client side HA

[GitBox <gi...@apache.org>]

moresandeep commented on pull request #380:
URL: https://github.com/apache/knox/pull/380#issuecomment-714715769


   @lmccay I updated the PR with requested changes go through it and let me know what you think. I had to do some refactoring because I realized that we have a ton of custom HA implementations (e.g. Atlas) which would not get this feature because of how they just extended DefaultHADispatch. I did some refactoring so that custom dispatches should be able to use these flags.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [knox] moresandeep merged pull request #380: KNOX-843 - Client side HA

[GitBox <gi...@apache.org>]

moresandeep merged pull request #380:
URL: https://github.com/apache/knox/pull/380


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org