From 00dd66d7beca1e5376d9440af303691fe133b01d Mon Sep 17 00:00:00 2001 From: Katia Aresti Date: Thu, 22 Dec 2022 16:49:08 +0100 Subject: [PATCH] Infinispan Configuration enchancements * Deprecate serverList for hosts (consistency with other extensions) * Deprecate authUsername for username * Deprecate authPassowrd for password * Provide uri connection configuration * Provide ssl provider, protocol and ciphers --- docs/src/main/asciidoc/infinispan-client.adoc | 37 +++++++++-- docs/src/main/asciidoc/kogito.adoc | 2 +- .../InfinispanDevServiceProcessor.java | 17 +++--- .../runtime/InfinispanClientProducer.java | 56 ++++++++++++++--- .../InfinispanClientRuntimeConfig.java | 61 +++++++++++++++++++ .../client/InfinispanTestResource.java | 2 +- 6 files changed, 152 insertions(+), 23 deletions(-) diff --git a/docs/src/main/asciidoc/infinispan-client.adoc b/docs/src/main/asciidoc/infinispan-client.adoc index a09fb6f755a2d..051f350f5ec8e 100644 --- a/docs/src/main/asciidoc/infinispan-client.adoc +++ b/docs/src/main/asciidoc/infinispan-client.adoc @@ -61,14 +61,14 @@ If you modify `application.properties` or `hotrod-client.properties`, you must r == Connecting to Infinispan clusters -Add the following properties to connect to Infinispan Server: +If you are running an Infinispan Server add the following properties to connect: [source,properties] ---- -quarkus.infinispan-client.server-list=localhost:11222 <1> +quarkus.infinispan-client.hosts=localhost:11222 <1> -quarkus.infinispan-client.auth-username=admin <2> -quarkus.infinispan-client.auth-password=password <3> +quarkus.infinispan-client.username=admin <2> +quarkus.infinispan-client.password=password <3> quarkus.infinispan-client.client-intelligence=BASIC <4> ---- @@ -77,6 +77,20 @@ quarkus.infinispan-client.client-intelligence=BASIC <4> <3> Sets the authentication password <4> Sets the client intelligence. Use BASIC as a workaround if using Docker for Mac. +Alternatively, you can use uri connection by providing a single connection property +[source,properties] +---- +quarkus.infinispan-client.uri=hotrod://admin:password@localhost:11222 <1> +quarkus.infinispan-client.client-intelligence=BASIC <2> +---- +<1> Sets Infinispan URI connection. The following properties will be ignored: hosts, username and password. +<2> Sets the client intelligence. Use BASIC as a workaround if using Docker for Mac + +[TIP] +==== +Use Infinispan Dev Services to run a server and connect without configuration. +==== + .Running Infinispan Server To use the Infinispan client extension, you need at least one running instance of Infinispan Server. @@ -93,6 +107,14 @@ Infinispan Server also enables authentication and security authorization by defa $ ./bin/cli.sh user create admin -p password ---- +=== Infinispan Health Check +If you are using the quarkus-smallrye-health extension, the Infinispan client extensions will automatically add a readiness health check to validate the connection. + +When you access the `/q/health/ready` endpoint of your application you will have information about the server connection and available caches. + +This behavior can be disabled via the property `quarkus.infinispan-client.health.enabled`. + + === Creating caches from the client When a cache is accessed from the client, if the cache does not exist in the Infinispan Server and you want @@ -483,8 +505,10 @@ You need to register the generated Protobuf schemas with Infinispan Server to pe `Protobuf` to other media types such as `JSON`. [TIP] +==== You can check the schemas that exist under the `Schemas` tab by logging into Infinispan Console at `http://localhost:11222` +==== By default, Protobuf schemas generated this way will be registered by this extension when the client first connects. However, it might be required to handle the registration manually as a schema may evolve over time when used in @@ -691,11 +715,12 @@ When you use the infinispan-client extension in dev mode or in test, Quarkus aut Dev Services for Infinispan is automatically enabled unless: - `quarkus.infinispan-client.devservices.enabled` is set to `false` -- the `quarkus.infinispan-client.server-list` is configured +- the `quarkus.infinispan-client.hosts` is configured +- the `quarkus.infinispan-client.uri` is configured Dev Services for Infinispan relies on Docker to start the broker. If your environment does not support Docker, you will need to start the broker manually, or connect to an already running broker. -You can configure the broker address using `quarkus.infinispan-client.server-list`. +You can configure the broker address using `quarkus.infinispan-client.hosts`. == Shared server diff --git a/docs/src/main/asciidoc/kogito.adoc b/docs/src/main/asciidoc/kogito.adoc index 2b5ea56935012..3a523aa0c4501 100644 --- a/docs/src/main/asciidoc/kogito.adoc +++ b/docs/src/main/asciidoc/kogito.adoc @@ -407,7 +407,7 @@ Add following into the src/main/resources/application.properties file (create th [source,plain] ---- -quarkus.infinispan-client.server-list=localhost:11222 +quarkus.infinispan-client.hosts=localhost:11222 ---- NOTE: Adjust the host and port number according to your Infinispan server installation. diff --git a/extensions/infinispan-client/deployment/src/main/java/io/quarkus/infinispan/client/deployment/devservices/InfinispanDevServiceProcessor.java b/extensions/infinispan-client/deployment/src/main/java/io/quarkus/infinispan/client/deployment/devservices/InfinispanDevServiceProcessor.java index 5d3f862c4486f..43dfe64330fd8 100644 --- a/extensions/infinispan-client/deployment/src/main/java/io/quarkus/infinispan/client/deployment/devservices/InfinispanDevServiceProcessor.java +++ b/extensions/infinispan-client/deployment/src/main/java/io/quarkus/infinispan/client/deployment/devservices/InfinispanDevServiceProcessor.java @@ -103,7 +103,7 @@ public List startInfinispanContainers(LaunchModeBuil } newDevServices.add(devService); log.infof("The infinispan server is ready to accept connections on %s", - devService.getConfig().get(getConfigPrefix() + "server-list")); + devService.getConfig().get(getConfigPrefix() + "hosts")); compressor.close(); } catch (Throwable t) { compressor.closeAndDumpCaptured(); @@ -144,14 +144,17 @@ private RunningDevService startContainer(DockerStatusBuildItem dockerStatusBuild String configPrefix = getConfigPrefix(); - boolean needToStart = !ConfigUtils.isPropertyPresent(configPrefix + "server-list"); + boolean needToStart = !ConfigUtils.isPropertyPresent(configPrefix + "hosts") + && !ConfigUtils.isPropertyPresent(configPrefix + "server-list"); + if (!needToStart) { - log.debug("Not starting devservices for Infinispan as 'server-list' have been provided"); + log.debug("Not starting devservices for Infinispan as 'hosts', 'uri' or 'server-list' have been provided"); return null; } if (!dockerStatusBuildItem.isDockerAvailable()) { - log.warn("Please configure 'quarkus.infinispan-client.server-list' or get a working docker instance"); + log.warn( + "Please configure 'quarkus.infinispan-client.hosts' or 'quarkus.infinispan-client.uri' or get a working docker instance"); return null; } @@ -176,10 +179,10 @@ private RunningDevService startContainer(DockerStatusBuildItem dockerStatusBuild private RunningDevService getRunningDevService(String containerId, Closeable closeable, String serverList, String username, String password) { Map config = new HashMap<>(); - config.put(getConfigPrefix() + "server-list", serverList); + config.put(getConfigPrefix() + "hosts", serverList); config.put(getConfigPrefix() + "client-intelligence", "BASIC"); - config.put(getConfigPrefix() + "auth-username", username); - config.put(getConfigPrefix() + "auth-password", password); + config.put(getConfigPrefix() + "username", username); + config.put(getConfigPrefix() + "password", password); return new RunningDevService(Feature.INFINISPAN_CLIENT.getName(), containerId, closeable, config); } diff --git a/extensions/infinispan-client/runtime/src/main/java/io/quarkus/infinispan/client/runtime/InfinispanClientProducer.java b/extensions/infinispan-client/runtime/src/main/java/io/quarkus/infinispan/client/runtime/InfinispanClientProducer.java index 16e1bfa30f575..ed542925fb323 100644 --- a/extensions/infinispan-client/runtime/src/main/java/io/quarkus/infinispan/client/runtime/InfinispanClientProducer.java +++ b/extensions/infinispan-client/runtime/src/main/java/io/quarkus/infinispan/client/runtime/InfinispanClientProducer.java @@ -180,8 +180,38 @@ private ConfigurationBuilder builderFromProperties(Properties properties) { } InfinispanClientRuntimeConfig infinispanClientRuntimeConfig = this.infinispanClientRuntimeConfig.get(); - if (infinispanClientRuntimeConfig.serverList.isPresent()) { - properties.put(ConfigurationProperties.SERVER_LIST, infinispanClientRuntimeConfig.serverList.get()); + if (infinispanClientRuntimeConfig.uri.isPresent()) { + properties.put(ConfigurationProperties.URI, infinispanClientRuntimeConfig.uri.get()); + } else { + if (infinispanClientRuntimeConfig.serverList.isPresent()) { + log.warn( + "Use 'quarkus.infinispan-client.hosts' instead of the deprecated 'quarkus.infinispan-client.server-list'"); + properties.put(ConfigurationProperties.SERVER_LIST, infinispanClientRuntimeConfig.serverList.get()); + } + + if (infinispanClientRuntimeConfig.hosts.isPresent()) { + properties.put(ConfigurationProperties.SERVER_LIST, infinispanClientRuntimeConfig.hosts.get()); + } + + if (infinispanClientRuntimeConfig.authUsername.isPresent()) { + log.warn( + "Use 'quarkus.infinispan-client.username' instead of the deprecated 'quarkus.infinispan-client.auth-username'"); + properties.put(ConfigurationProperties.AUTH_USERNAME, infinispanClientRuntimeConfig.authUsername.get()); + } + + if (infinispanClientRuntimeConfig.username.isPresent()) { + properties.put(ConfigurationProperties.AUTH_USERNAME, infinispanClientRuntimeConfig.username.get()); + } + + if (infinispanClientRuntimeConfig.authPassword.isPresent()) { + log.warn( + "Use 'quarkus.infinispan-client.password' instead of the deprecated 'quarkus.infinispan-client.auth-password'"); + properties.put(ConfigurationProperties.AUTH_PASSWORD, infinispanClientRuntimeConfig.authPassword.get()); + } + + if (infinispanClientRuntimeConfig.password.isPresent()) { + properties.put(ConfigurationProperties.AUTH_PASSWORD, infinispanClientRuntimeConfig.password.get()); + } } if (infinispanClientRuntimeConfig.clientIntelligence.isPresent()) { @@ -191,21 +221,19 @@ private ConfigurationBuilder builderFromProperties(Properties properties) { if (infinispanClientRuntimeConfig.useAuth.isPresent()) { properties.put(ConfigurationProperties.USE_AUTH, infinispanClientRuntimeConfig.useAuth.get()); } - if (infinispanClientRuntimeConfig.authUsername.isPresent()) { - properties.put(ConfigurationProperties.AUTH_USERNAME, infinispanClientRuntimeConfig.authUsername.get()); - } - if (infinispanClientRuntimeConfig.authPassword.isPresent()) { - properties.put(ConfigurationProperties.AUTH_PASSWORD, infinispanClientRuntimeConfig.authPassword.get()); - } + if (infinispanClientRuntimeConfig.authRealm.isPresent()) { properties.put(ConfigurationProperties.AUTH_REALM, infinispanClientRuntimeConfig.authRealm.get()); } + if (infinispanClientRuntimeConfig.authServerName.isPresent()) { properties.put(ConfigurationProperties.AUTH_SERVER_NAME, infinispanClientRuntimeConfig.authServerName.get()); } + if (infinispanClientRuntimeConfig.authClientSubject.isPresent()) { properties.put(ConfigurationProperties.AUTH_CLIENT_SUBJECT, infinispanClientRuntimeConfig.authClientSubject.get()); } + if (infinispanClientRuntimeConfig.authCallbackHandler.isPresent()) { properties.put(ConfigurationProperties.AUTH_CALLBACK_HANDLER, infinispanClientRuntimeConfig.authCallbackHandler.get()); @@ -226,6 +254,18 @@ private ConfigurationBuilder builderFromProperties(Properties properties) { properties.put(ConfigurationProperties.TRUST_STORE_TYPE, infinispanClientRuntimeConfig.trustStoreType.get()); } + if (infinispanClientRuntimeConfig.sslProvider.isPresent()) { + properties.put(ConfigurationProperties.SSL_PROVIDER, infinispanClientRuntimeConfig.sslProvider.get()); + } + + if (infinispanClientRuntimeConfig.sslProtocol.isPresent()) { + properties.put(ConfigurationProperties.SSL_PROTOCOL, infinispanClientRuntimeConfig.sslProtocol.get()); + } + + if (infinispanClientRuntimeConfig.sslCiphers.isPresent()) { + properties.put(ConfigurationProperties.SSL_CIPHERS, infinispanClientRuntimeConfig.sslCiphers.get().toArray()); + } + builder.withProperties(properties); for (Map.Entry cache : infinispanClientRuntimeConfig.cache diff --git a/extensions/infinispan-client/runtime/src/main/java/io/quarkus/infinispan/client/runtime/InfinispanClientRuntimeConfig.java b/extensions/infinispan-client/runtime/src/main/java/io/quarkus/infinispan/client/runtime/InfinispanClientRuntimeConfig.java index 6bb6e4562bb43..0062fc4c0aeba 100644 --- a/extensions/infinispan-client/runtime/src/main/java/io/quarkus/infinispan/client/runtime/InfinispanClientRuntimeConfig.java +++ b/extensions/infinispan-client/runtime/src/main/java/io/quarkus/infinispan/client/runtime/InfinispanClientRuntimeConfig.java @@ -1,6 +1,7 @@ package io.quarkus.infinispan.client.runtime; import java.util.HashMap; +import java.util.List; import java.util.Map; import java.util.Optional; @@ -21,10 +22,31 @@ @ConfigRoot(name = "infinispan-client", phase = ConfigPhase.RUN_TIME) public class InfinispanClientRuntimeConfig { + // @formatter:off + /** + * Sets the URI of the running Infinispan server to connect to. hotrod://localhost:11222@admin:password + * If provided {@link #hosts}, {@link #username} and {@link #password} will be ignored. + */ + // @formatter:on + @ConfigItem + public Optional uri; + + // @formatter:off /** * Sets the host name/port to connect to. Each one is separated by a semicolon (eg. host1:11222;host2:11222). */ + // @formatter:on @ConfigItem + public Optional hosts; + + // @formatter:off + /** + * Sets the host name/port to connect to. Each one is separated by a semicolon (eg. host1:11222;host2:11222). + * @deprecated {@link #hosts} should be used to configure the list or uri for an uri connection string. + */ + // @formatter:on + @ConfigItem + @Deprecated public Optional serverList; // @formatter:off @@ -66,12 +88,30 @@ public class InfinispanClientRuntimeConfig { * Sets username used by authentication. */ @ConfigItem + Optional username; + + /** + * Sets username used by authentication. + * + * @deprecated {@link #username} should be used to configure the credentials username. + */ + @ConfigItem + @Deprecated Optional authUsername; + /** + * Sets password used by authentication. + */ + @ConfigItem + Optional password; + /** * Sets password used by authentication + * + * @deprecated {@link #password} should be used to configure the credentials password. */ @ConfigItem + @Deprecated Optional authPassword; /** @@ -133,6 +173,27 @@ public class InfinispanClientRuntimeConfig { @ConfigItem Optional trustStoreType; + /** + * Configures the secure socket protocol. + * Setting this property implicitly enables SSL/TLS. + */ + @ConfigItem + Optional sslProtocol; + + /** + * Sets the ssl provider. For example BCFIPS + * Setting this implicitly enables SSL/TLS. + */ + @ConfigItem + Optional sslProvider; + + /** + * Configures the ciphers. + * Setting this property implicitly enables SSL/TLS. + */ + @ConfigItem + Optional> sslCiphers; + /** * Configures caches from the client with the provided configuration. */ diff --git a/test-framework/infinispan-client/src/main/java/io/quarkus/test/infinispan/client/InfinispanTestResource.java b/test-framework/infinispan-client/src/main/java/io/quarkus/test/infinispan/client/InfinispanTestResource.java index 881d438351106..1898f79c46d53 100644 --- a/test-framework/infinispan-client/src/main/java/io/quarkus/test/infinispan/client/InfinispanTestResource.java +++ b/test-framework/infinispan-client/src/main/java/io/quarkus/test/infinispan/client/InfinispanTestResource.java @@ -48,7 +48,7 @@ public Map start() { INFINISPAN.start(); final String hosts = INFINISPAN.getHost() + ":" + INFINISPAN.getMappedPort(HOTROD_PORT); - return Collections.singletonMap("quarkus.infinispan-client.server-list", hosts); + return Collections.singletonMap("quarkus.infinispan-client.hosts", hosts); } @Override