Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tls rpc #1290

Merged
merged 2 commits into from
Aug 5, 2021
Merged

tls rpc #1290

merged 2 commits into from
Aug 5, 2021

Conversation

dantengsky
Copy link
Member

@dantengsky dantengsky commented Aug 4, 2021
edited
Loading

I hereby agree to the terms of the CLA available at: https://datafuse.rs/policies/cla/

Summary

TLS RPC for Query and Store services/clients

  • Add some config flags to indicate if tls rpc service/client should be enabled
    • Query Rpc Server
    • Query (flight) Client
    • Store Rpc Server
    • Store Client
    • Plain channel will NOT be co-exist if tls rpc is enabled for rpc server
  • Interface of query::RpcService is modified slightly to make unit test eaiser
  • Add make target stateless-cluster-test-tls
    • which will run scripts/ci/ci-run-stateless-tests-cluster.sh with all the tls rpc enabled

Note:

please rm _meta/ _logs/ before make stateless-cluster-test-tls

Changelog

  • Improvement

Related Issues

Fixes #599

Test Plan

Unit Tests

Stateless Tests

Tasks

  • TLS StoreClient: (and Store RPC server)
  • TLS QueryClient (and Query RPC server)
  • Tests

@databend-bot
Copy link
Member

Thanks for the contribution!
I have applied any labels matching special text in your PR Changelog.

Please review the labels and make any necessary changes.

@codecov-commenter
Copy link

codecov-commenter commented Aug 5, 2021
edited
Loading

Codecov Report

Merging #1290 (ab9f199) into master (1859152) will increase coverage by 0%.
The diff coverage is 81%.

Impacted file tree graph

@@           Coverage Diff           @@
##           master   #1290    +/-   ##
=======================================
  Coverage      72%     72%            
=======================================
  Files         475     478     +3     
  Lines       27558   27843   +285     
=======================================
+ Hits        19907   20170   +263     
- Misses       7651    7673    +22
Impacted Files Coverage Δ
fusequery/query/src/clusters/node.rs 70% <0%> (-5%) ⬇️
...query/query/src/interpreters/interpreter_select.rs 50% <0%> (ø)
...query/src/pipelines/transforms/transform_remote.rs 0% <0%> (ø)
fusestore/store/src/executor/meta_handlers.rs 80% <ø> (+<1%) ⬆️
common/flights/src/common.rs 60% <37%> (-17%) ⬇️
fusequery/query/src/configs/config.rs 61% <51%> (-4%) ⬇️
fusequery/query/src/api/rpc_service.rs 55% <77%> (+55%) ⬆️
...ery/query/src/datasources/remote/remote_factory.rs 91% <80%> (-4%) ⬇️
common/flights/src/dns_resolver.rs 63% <90%> (+10%) ⬆️
fusequery/query/src/api/rpc_service_test.rs 92% <92%> (ø)
... and 16 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1859152...ab9f199. Read the comment docs.

@dantengsky
tls rpc
308aec9 
rebase upstream
enable tls for query rpc
ut for tls store client
ut for tls query client
more ut for query
add scripts/ci/ci-run-stateless-tests-cluster-tls.sh
add make target stateless-cluster-test-tls
@dantengsky dantengsky marked this pull request as ready for review August 5, 2021 11:44
@databend-bot
Copy link
Member

Hello @dantengsky, 🎉 Thank you for opening the pull request! 🎉
Your pull request state is not in Draft, please add Reviewers or Re-request review again!
FuseQuery: @BohuTANG @sundy-li @zhang2014
FuseStore: @drmingdrmer @dantengsky
Or visit datafuse roadmap for some clues.

@BohuTANG
Copy link
Member

BohuTANG commented Aug 5, 2021

Great.
Perhaps @dantengsky can help(suggestion) us on this issue #1174
cc @ZhiHanZ

@dantengsky
Copy link
Member Author

roger, I will take a look into it

BohuTANG
BohuTANG approved these changes Aug 5, 2021
View reviewed changes
Copy link
Member

@BohuTANG BohuTANG left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@databend-bot
Copy link
Member

CI Passed
Reviewer Approved
Let's Merge

@databend-bot databend-bot merged commit 3ccde8c into databendlabs:master Aug 5, 2021
zhang2014
zhang2014 reviewed Aug 5, 2021
View reviewed changes
fusequery/query/src/api/rpc_service.rs
}

impl RpcService {
pub fn create(sessions: SessionManagerRef) -> Box<dyn FuseQueryServer> {
pub fn create(conf: Config, sessions: SessionManagerRef) -> Box<dyn FuseQueryServer> {
Copy link
Member

@zhang2014 zhang2014 Aug 5, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe change conf to sessions.get_conf() is better?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

right! I will expose get_conf from sessions

dantengsky
dantengsky commented Aug 5, 2021
View reviewed changes
Copy link
Member Author

@dantengsky dantengsky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

right! I will expose get_conf from sessions

fusequery/query/src/api/rpc_service.rs
}

impl RpcService {
pub fn create(sessions: SessionManagerRef) -> Box<dyn FuseQueryServer> {
pub fn create(conf: Config, sessions: SessionManagerRef) -> Box<dyn FuseQueryServer> {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

right! I will expose get_conf from sessions

@dantengsky dantengsky mentioned this pull request Aug 5, 2021
Closed
@dantengsky dantengsky deleted the fix-599 branch August 5, 2021 12:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zhang2014 zhang2014 zhang2014 left review comments

@BohuTANG BohuTANG BohuTANG approved these changes

@drmingdrmer drmingdrmer Awaiting requested review from drmingdrmer

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[security] flight: TLS support
5 participants
@dantengsky @databend-bot @codecov-commenter @BohuTANG @zhang2014