Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PIP-60] [Proxy-Client] Support SNI routing for Pulsar CPP client #373

Merged
merged 4 commits into from
Dec 19, 2023
Merged

[PIP-60] [Proxy-Client] Support SNI routing for Pulsar CPP client #373

merged 4 commits into from
Dec 19, 2023

Conversation

rdhabalia
Copy link
Contributor

Motivation

#8957 was added incorrectly and it was not supporting SNI routing for CPP client library.
This PR adds support of SNI roting to Pulsar CPP client library and allows users to connect with Pulsar broker using SNI Proxy.
User can configure Pulsar client lib to use SNI routing and proxy by adding below configuration

const std::string lookupUrl = "pulsar+ssl://broker-url:6651";
const std::string proxyUrl = "pulsar+ssl://sni-proxy-url:6651";
const std::string topicName = "persistent://pulsar/stg-use1/ns1/t1";
const std::string certFile = "/client-cert.pem";
const std::string keyFile = "/client-key.pem";
const std::string trustFile = "/trust-store.pem";

ClientConfiguration conf;
conf.setUseTls(true);
conf.setTlsAllowInsecureConnection(false);
conf.setTlsTrustCertsFilePath(trustFile);
conf.setAuth(AuthTls::create(std::move(certFile), std::move(keyFile)));
conf.setProxyServiceUrl(proxyUrl);
conf.setProxyProtocol(ClientConfiguration::SNI);

Client client(lookupUrl, conf);

Modifications

Added a support of SNI routing by adding new APIs to configure proxy URL and protocol.

ClientConfiguration::setProxyServiceUrl(..)
ClientConfiguration::setProxyProtocol(..)

Verifying this change

  • Make sure that the change passes the CI checks.

(Please pick either of the following options)

This change is a trivial rework / code cleanup without any test coverage.

(or)

This change is already covered by existing tests, such as (please describe tests).

(or)

This change added tests and can be verified as follows:

(example:)

  • Added integration tests for end-to-end deployment with large payloads (10MB)
  • Extended integration test for recovery after broker failure

Documentation

  • doc-required
    (Your PR needs to update docs and you will update later)

  • doc-not-needed
    (Please explain why)

  • doc
    (Your PR contains doc changes)

  • doc-complete
    (Docs have been already added)

@rdhabalia rdhabalia self-assigned this Dec 16, 2023
@rdhabalia rdhabalia force-pushed the sni branch 2 times, most recently from 218c751 to a5256b1 Compare December 16, 2023 03:32
@rdhabalia rdhabalia changed the title [PIP-60] [Proxy-Server] Support SNI routing for Pulsar CPP client [PIP-60] [Proxy-Client] Support SNI routing for Pulsar CPP client Dec 16, 2023
@BewareMyPower BewareMyPower added this to the 3.5.0 milestone Dec 16, 2023
BewareMyPower
BewareMyPower reviewed Dec 16, 2023
View reviewed changes
Copy link
Contributor

@BewareMyPower BewareMyPower left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall LGTM except the const use in the method signatures.

include/pulsar/ClientConfiguration.h Outdated Show resolved Hide resolved
include/pulsar/ClientConfiguration.h Outdated Show resolved Hide resolved
@rdhabalia rdhabalia merged commit 25ea451 into apache:main Dec 19, 2023
12 checks passed
@rdhabalia rdhabalia deleted the sni branch December 19, 2023 03:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BewareMyPower BewareMyPower BewareMyPower approved these changes

@merlimat merlimat Awaiting requested review from merlimat

@RobertIndie RobertIndie Awaiting requested review from RobertIndie

@shibd shibd Awaiting requested review from shibd

Assignees

@rdhabalia rdhabalia

Labels
None yet
Projects
None yet
Milestone
3.5.0
Development

Successfully merging this pull request may close these issues.
2 participants
@rdhabalia @BewareMyPower