REAP-10 Allow setting up per-cluster TLS connections #1524
Conversation
|
No linked issues found. Please add the corresponding issues in the pull request description. |
rzvoncek
force-pushed
the
REAP-10-load-multiper-truststores
branch
4 times, most recently
from
1db0c5d
to
c01b9be
Compare
| if (config.getHttpManagement().isEnabled()) { | ||
| if (config.getHttpManagement().getTruststoresDir() != null) { | ||
| if (!Files.exists(Paths.get(config.getHttpManagement().getTruststoresDir()))) { | ||
| throw new RuntimeException(String.format( |
There was a problem hiding this comment.
issue: There's odd logic here. If getTrustStoresDir() is null, then we won't have any RuntimeException.
There was a problem hiding this comment.
Or do you rely on the truststore value to cause the RuntimeException somewhere else?
There was a problem hiding this comment.
Yeah I've added it here, in a checkConfiguration(), so that it fails early. Then the stacktrace is smaller and more obvious.
Otherwise, the RuntimeException would happen later, when it's trying to setup the watchers for changes, which in turn happens when actually adding a cluster. The stack traces at this point are incredibly long and nested.
rzvoncek
force-pushed
the
REAP-10-load-multiper-truststores
branch
7 times, most recently
from
6732873
to
f735732
Compare
.github/workflows/ci.yaml
Outdated
| @@ -507,6 +507,58 @@ jobs: | |||
|
|
|||
| - uses: codecov/codecov-action@v1 | |||
|
|
|||
| snapshot-release: | |||
There was a problem hiding this comment.
discussion/issue: I'm not a huge fan of releasing every PR's every commit as image. It really pollutes the Docker Hub. Merging on main is fine, but do we really need these for every PR commit? Especially since this will fail the PR build when a user uses a fork (which would be the default for most users).
If you just want the built image available as part of the PR, then you could use the upload-action so it would be available as download.
There was a problem hiding this comment.
I agree that poluting Dcker Hub is no good. I've got my image out and the related k8ssandra-operator PR is passing. I'm ok with dropping this entirely (pushed a commit doing so)
| boolean watchTruststoreDir = tsd != null && !tsd.isEmpty() && Files.isDirectory(Paths.get(tsd)); | ||
|
|
||
| try { | ||
| createSslWatcher(watchTruststore, watchKeystore, watchTruststoreDir); |
There was a problem hiding this comment.
issue: There's no if here to prevent creating ssl watcher. We would still always create the thread and use Filewatchers, just we wouldn't actually watch any events. If all of these are false, then we shouldn't call createSslWatcher() at all.
rzvoncek
force-pushed
the
REAP-10-load-multiper-truststores
branch
from
74783bd
to
ad7eff8
Compare
|
Squashed locally, merging. |
This PR allows Reaper to use cluster-specific trust/key-stores when using HTTP instead of JMX (meaning Reaper is talking to mgmt-api).
The Reaper's yaml file can now have a new
httpManagement.truststoresDirfield:This should point to a directory where per-cluster certificates will appear. The certs are expected to have format of
clusterName-truststore|keystore.jks.When adding a cluster, it is now necessary to specify the cluster name via the seed host, so the seed host becomes
seedHost@clusterName. TheclusterNameshould match the prefix of in the cert names intruststoresDir. If the cluster name is not provided, Reaper falls back to using the global keystores.Hot reloading of the cluster-specific stores works the same way as for the global ones.