Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding https support for backend service #486

Merged
merged 3 commits into from
Apr 4, 2024
Merged

Adding https support for backend service #486

merged 3 commits into from
Apr 4, 2024

Conversation

gurleen-gks
Copy link
Contributor

@gurleen-gks gurleen-gks commented Aug 30, 2022
edited
Loading

Motivation:

With tls enabled, admin instance was getting created with the wrong URL, leading to a 401 error for all the requests from the manager backend service

Manager log
Create Pulsar Admin instance. url=http://localhost:8080/, authPlugin=org.apache.pulsar.client.impl.auth.AuthenticationTls, authParams=tlsCertFile:client-cert.pem,tlsKeyFile:client-key.pem, tlsAllowInsecureConnection=false, tlsTrustCertsFilePath=cacert.pem, tlsEnableHostnameVerification=false

Broker log
2022-08-26T00:29:55,864-0700 [pulsar-web-42-22] INFO org.apache.pulsar.broker.PulsarService - created admin with url http://localhost:8080/

Modifications

  1. When tls enabled, getting the tls service URL.
  2. Modifying the HTTP broker URL to use the protocol and port from the original service URL.

@gurleen-gks gurleen-gks force-pushed the https branch 2 times, most recently from e2cad9a to f460815 Compare September 1, 2022 22:39
rdhabalia
rdhabalia reviewed Sep 2, 2022
View reviewed changes
src/main/java/org/apache/pulsar/manager/service/impl/BrokerStatsServiceImpl.java Outdated
@@ -124,13 +129,22 @@ private void scheduleCollectStats() {
clusterLists.forEach((clusterMap) -> {
String cluster = (String) clusterMap.get("cluster");
Pair<String, String> envCluster = Pair.of(env.getName(), cluster);
String webServiceUrl = (String) clusterMap.get("serviceUrl");

String webServiceUrl = (String) (tlsEnabled && clusterMap.containsKey("serviceUrlTls") && StringUtils.isNotBlank((String) clusterMap.get("serviceUrlTls")) ?
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

String serviceUrlTls = clusterMap.get("serviceUrlTls");
tlsEnabled = tlsEnabled && StringUtils.isNotBlank(serviceUrlTls);
String webServiceUrl = tlsEnabled ? serviceUrlTls : clusterMap.get("serviceUrl");

at line#140
if(!url.startsWith("http") {
   url = (tlsEnabled ? "https://" : "http://") + url;
}

we can remove line#144

@nodece
Copy link
Member

nodece commented Nov 23, 2022

We can check the schema of the serviceUrl to use the HTTP/HTTPS.

lhotari
lhotari approved these changes Apr 4, 2024
View reviewed changes
Copy link
Member

@lhotari lhotari left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@lhotari lhotari merged commit e013e9d into apache:master Apr 4, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rdhabalia rdhabalia rdhabalia left review comments

@lhotari lhotari lhotari approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@gurleen-gks @nodece @lhotari @rdhabalia