[pinpoint-apm#9882] Extract Grpc SSL Module

emeroad · Apr 20, 2023 · 8bf5657 · 8bf5657
1 parent 00299d3
commit 8bf5657
Show file tree

Hide file tree

Showing 19 changed files with 170 additions and 172 deletions.
diff --git a/collector/src/main/java/com/navercorp/pinpoint/collector/PinpointCollectorModule.java b/collector/src/main/java/com/navercorp/pinpoint/collector/PinpointCollectorModule.java
@@ -5,6 +5,7 @@
 import com.navercorp.pinpoint.collector.config.CollectorProperties;
 import com.navercorp.pinpoint.collector.config.FlinkContextModule;
 import com.navercorp.pinpoint.collector.config.MetricConfiguration;
+import com.navercorp.pinpoint.collector.grpc.ssl.GrpcSslModule;
 import com.navercorp.pinpoint.common.server.CommonsServerConfiguration;
 import com.navercorp.pinpoint.common.server.config.TypeLoaderConfiguration;
 import org.springframework.context.annotation.Bean;
@@ -33,6 +34,8 @@
         ClusterModule.class,
 
         MetricConfiguration.class,
+
+        GrpcSslModule.class
 })
 @ComponentScan(basePackages = {
         "com.navercorp.pinpoint.collector.handler",

diff --git a/...rpcAgentDataSslReceiverConfiguration.java → ...rpcAgentDataSslReceiverConfiguration.java b/...rpcAgentDataSslReceiverConfiguration.java → ...rpcAgentDataSslReceiverConfiguration.java
@@ -14,22 +14,20 @@
  * limitations under the License.
  */
 
-package com.navercorp.pinpoint.collector.grpc.config;
+package com.navercorp.pinpoint.collector.grpc.ssl;
 
 import com.navercorp.pinpoint.collector.receiver.BindAddress;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.core.env.Environment;
 
 /**
  * @author Taejin Koo
  */
 @Configuration
 public class GrpcAgentDataSslReceiverConfiguration {
 
-    static final String AGENT_SSL_PROPERTIES = "grpcAgentSslReceiverProperties";
-
     public static final String BIND_ADDRESS = "collector.receiver.grpc.agent.ssl.bindaddress";
 
     public static final String SSL = "collector.receiver.grpc.ssl";
@@ -51,16 +49,15 @@ public GrpcSslProperties.Builder newGrpcSslConfigurationBuilder() {
         return GrpcSslProperties.newBuilder();
     }
 
-    @Bean("grpcAgentSslReceiverProperties")
-    public GrpcSslReceiverProperties grpcAgentSslReceiverConfig(Environment environment) throws Exception {
-
-        boolean enable = environment.getProperty("collector.receiver.grpc.agent.ssl.enable", boolean.class, false);
+    @Bean
+    public GrpcSslReceiverProperties grpcAgentSslReceiverProperties(
+            @Qualifier(GrpcAgentDataSslReceiverConfiguration.SSL) GrpcSslProperties.Builder sslPropertiesBuilder) throws Exception {
 
         BindAddress bindAddress = newBindAddressBuilder().build();
 
-        GrpcSslProperties grpcSslConfiguration = newGrpcSslConfigurationBuilder().build();
+        GrpcSslProperties grpcSslConfiguration = sslPropertiesBuilder.build();
 
-        return new GrpcSslReceiverProperties(enable, bindAddress, grpcSslConfiguration);
+        return new GrpcSslReceiverProperties(bindAddress, grpcSslConfiguration);
     }
 
 }
diff --git a/...fig/GrpcSpanSslReceiverConfiguration.java → ...ssl/GrpcSpanSslReceiverConfiguration.java b/...fig/GrpcSpanSslReceiverConfiguration.java → ...ssl/GrpcSpanSslReceiverConfiguration.java
@@ -14,23 +14,20 @@
  * limitations under the License.
  */
 
-package com.navercorp.pinpoint.collector.grpc.config;
+package com.navercorp.pinpoint.collector.grpc.ssl;
 
 import com.navercorp.pinpoint.collector.receiver.BindAddress;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.core.env.Environment;
 
 /**
  * @author Taejin Koo
  */
 @Configuration
 public class GrpcSpanSslReceiverConfiguration {
 
-    static final String SPAN_SSL_PROPERTIES = "grpcSpanSslReceiverProperties";
-
     public static final String BIND_ADDRESS = "collector.receiver.grpc.span.ssl.bindaddress";
 
     public GrpcSpanSslReceiverConfiguration() {
@@ -44,18 +41,17 @@ public BindAddress.Builder newBindAddressBuilder() {
         return builder;
     }
 
-    @Bean(SPAN_SSL_PROPERTIES)
+    @Bean
     public GrpcSslReceiverProperties grpcSpanSslReceiverProperties(
-            Environment environment,
             @Qualifier(GrpcAgentDataSslReceiverConfiguration.SSL) GrpcSslProperties.Builder sslPropertiesBuilder) throws Exception {
 
-        boolean enable = environment.getProperty("collector.receiver.grpc.span.ssl.enable", boolean.class, false);
-
         BindAddress bindAddress = newBindAddressBuilder().build();
 
         GrpcSslProperties grpcSslConfiguration = sslPropertiesBuilder.build();
 
-        return new GrpcSslReceiverProperties(enable, bindAddress, grpcSslConfiguration);
+        return new GrpcSslReceiverProperties(bindAddress, grpcSslConfiguration);
     }
 
+
+
 }
diff --git a/collector/src/main/java/com/navercorp/pinpoint/collector/grpc/ssl/GrpcSslModule.java b/collector/src/main/java/com/navercorp/pinpoint/collector/grpc/ssl/GrpcSslModule.java
@@ -0,0 +1,105 @@
+package com.navercorp.pinpoint.collector.grpc.ssl;
+
+import com.navercorp.pinpoint.collector.grpc.config.GrpcReceiverProperties;
+import com.navercorp.pinpoint.collector.receiver.grpc.GrpcReceiver;
+import com.navercorp.pinpoint.common.server.util.AddressFilter;
+import com.navercorp.pinpoint.grpc.channelz.ChannelzRegistry;
+import com.navercorp.pinpoint.grpc.security.SslContextFactory;
+import com.navercorp.pinpoint.grpc.security.SslServerProperties;
+import io.grpc.ServerCallExecutorSupplier;
+import io.grpc.ServerInterceptor;
+import io.grpc.ServerServiceDefinition;
+import io.grpc.ServerTransportFilter;
+import io.netty.handler.ssl.SslContext;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+
+import javax.net.ssl.SSLException;
+import java.util.List;
+import java.util.concurrent.Executor;
+
+@Configuration
+@ConditionalOnProperty("pinpoint.modules.collector.grpc.ssl.enabled")
+@ComponentScan(basePackages = "com.navercorp.pinpoint.collector.grpc.ssl")
+public class GrpcSslModule {
+    private final Logger logger = LogManager.getLogger(this.getClass());
+
+    @Bean
+    public GrpcReceiver grpcAgentSslReceiver(@Qualifier("grpcAgentSslReceiverProperties") GrpcSslReceiverProperties properties,
+                                            @Qualifier("grpcAgentReceiverProperties") GrpcReceiverProperties grpcReceiverProperties,
+                                            AddressFilter addressFilter,
+                                            @Qualifier("agentServiceList") List<Object> serviceList,
+                                            @Qualifier("agentInterceptorList")List<ServerInterceptor> serverInterceptorList,
+                                            ChannelzRegistry channelzRegistry,
+                                            @Qualifier("grpcAgentServerExecutor") Executor executor,
+                                            @Qualifier("grpcAgentServerCallExecutorSupplier") ServerCallExecutorSupplier serverCallExecutorSupplier) throws SSLException {
+        GrpcReceiver receiver = createReceiver(properties, grpcReceiverProperties, addressFilter, serviceList, serverInterceptorList, channelzRegistry, executor);
+        receiver.setServerCallExecutorSupplier(serverCallExecutorSupplier);
+
+        return receiver;
+    }
+
+    @Bean
+    public GrpcReceiver grpcSpanSslReceiver(@Qualifier("grpcSpanSslReceiverProperties") GrpcSslReceiverProperties properties,
+                                            @Qualifier("grpcSpanReceiverProperties") GrpcReceiverProperties grpcReceiverProperties,
+                                            AddressFilter addressFilter,
+                                            @Qualifier("spanServiceList") List<ServerServiceDefinition> serviceList,
+                                            @Qualifier("spanInterceptorList") List<ServerInterceptor> serverInterceptorList,
+                                            ChannelzRegistry channelzRegistry,
+                                            @Qualifier("grpcSpanServerExecutor") Executor executor,
+                                            @Qualifier("serverTransportFilterList") List<ServerTransportFilter> transportFilterList) throws SSLException {
+        GrpcReceiver receiver = createReceiver(properties, grpcReceiverProperties, addressFilter, serviceList, serverInterceptorList, channelzRegistry, executor);
+        receiver.setTransportFilterList(transportFilterList);
+        return receiver;
+    }
+
+    @Bean
+    public GrpcReceiver grpcStatSslReceiver(@Qualifier("grpcStatSslReceiverProperties") GrpcSslReceiverProperties properties,
+                                            @Qualifier("grpcStatReceiverProperties") GrpcReceiverProperties grpcReceiverProperties,
+                                            AddressFilter addressFilter,
+                                            @Qualifier("statServiceList") List<ServerServiceDefinition> serviceList,
+                                            @Qualifier("statInterceptorList") List<ServerInterceptor> serverInterceptorList,
+                                            ChannelzRegistry channelzRegistry,
+                                            @Qualifier("grpcStatServerExecutor") Executor executor,
+                                            @Qualifier("serverTransportFilterList") List<ServerTransportFilter> transportFilterList) throws SSLException {
+        GrpcReceiver receiver = createReceiver(properties, grpcReceiverProperties, addressFilter, serviceList, serverInterceptorList, channelzRegistry, executor);
+        receiver.setTransportFilterList(transportFilterList);
+        return receiver;
+    }
+
+    private GrpcReceiver createReceiver(GrpcSslReceiverProperties properties,
+                                        GrpcReceiverProperties grpcReceiverProperties,
+                                        AddressFilter addressFilter,
+                                        List<?> serviceList,
+                                        List<ServerInterceptor> serverInterceptorList,
+                                        ChannelzRegistry channelzRegistry,
+                                        Executor executor) throws SSLException {
+        GrpcReceiver receiver = new GrpcReceiver();
+        receiver.setBindAddress(properties.getBindAddress());
+        receiver.setServerOption(grpcReceiverProperties.getServerOption());
+
+        receiver.setEnable(true);
+
+        receiver.setExecutor(executor);
+        receiver.setAddressFilter(addressFilter);
+        receiver.setBindableServiceList(serviceList);
+        receiver.setServerInterceptorList(serverInterceptorList);
+        receiver.setChannelzRegistry(channelzRegistry);
+
+        SslContext sslContext = newSslContext(properties);
+        receiver.setSslContext(sslContext);
+        return receiver;
+    }
+
+    private SslContext newSslContext(GrpcSslReceiverProperties properties) throws SSLException {
+        final SslServerProperties sslServerConfig = properties.getGrpcSslProperties().toSslServerProperties();
+        logger.debug("Enable sslConfig.({})", sslServerConfig);
+        return SslContextFactory.create(sslServerConfig);
+    }
+
+}
diff --git a/...lector/grpc/config/GrpcSslProperties.java → ...collector/grpc/ssl/GrpcSslProperties.java b/...lector/grpc/config/GrpcSslProperties.java → ...collector/grpc/ssl/GrpcSslProperties.java
@@ -14,8 +14,9 @@
  * limitations under the License.
  */
 
-package com.navercorp.pinpoint.collector.grpc.config;
+package com.navercorp.pinpoint.collector.grpc.ssl;
 
+import com.navercorp.pinpoint.collector.grpc.config.SpringResource;
 import com.navercorp.pinpoint.grpc.security.SslServerProperties;
 import org.springframework.core.io.Resource;
 
@@ -27,23 +28,17 @@
  */
 public class GrpcSslProperties {
 
-    private final boolean enable;
     private final String providerType;
     private final Resource keyResource;
     private final Resource keyCertChainResource;
 
-    private GrpcSslProperties(boolean enable, String providerType,
+    private GrpcSslProperties(String providerType,
                               Resource keyResource, Resource keyCertChainResource) {
-        this.enable = enable;
         this.providerType = providerType;
         this.keyResource = keyResource;
         this.keyCertChainResource = keyCertChainResource;
     }
 
-    public boolean isEnable() {
-        return enable;
-    }
-
     public String getProviderType() {
         return providerType;
     }
@@ -57,12 +52,8 @@ public Resource getKeyCertChainResource() {
     }
 
     public SslServerProperties toSslServerProperties() {
-        if (enable) {
-            return new SslServerProperties(enable, providerType,
+        return new SslServerProperties(providerType,
                     new SpringResource(keyResource), new SpringResource(keyCertChainResource));
-        } else {
-            return SslServerProperties.DISABLED_CONFIG;
-        }
     }
 
     public static Builder newBuilder() {
@@ -71,22 +62,13 @@ public static Builder newBuilder() {
 
     public static class Builder {
 
-        private boolean enable;
         private String providerType;
         private Resource keyFilePath;
         private Resource keyCertFilePath;
 
         private Builder() {
         }
 
-        public boolean isEnable() {
-            return enable;
-        }
-
-        public void setEnable(boolean enable) {
-            this.enable = enable;
-        }
-
         public String getProviderType() {
             return providerType;
         }
@@ -112,20 +94,15 @@ public void setKeyCertFilePath(Resource keyCertFilePath) {
         }
 
         public GrpcSslProperties build() throws IOException {
-            if (enable) {
-                Objects.requireNonNull(providerType);
-                return new GrpcSslProperties(this.enable, this.providerType, this.keyFilePath, this.keyCertFilePath);
-            } else {
-                return new GrpcSslProperties(this.enable, this.providerType, null, null);
-            }
+            Objects.requireNonNull(providerType);
+            return new GrpcSslProperties(this.providerType, this.keyFilePath, this.keyCertFilePath);
         }
     }
 
     @Override
     public String toString() {
         return "GrpcSslProperties{" +
-                "enable=" + enable +
-                ", providerType='" + providerType + '\'' +
+                "providerType='" + providerType + '\'' +
                 ", keyResource='" + keyResource + '\'' +
                 ", keyCertChainResource='" + keyCertChainResource + '\'' +
                 '}';

diff --git a/...rpc/config/GrpcSslReceiverProperties.java → ...r/grpc/ssl/GrpcSslReceiverProperties.java b/...rpc/config/GrpcSslReceiverProperties.java → ...r/grpc/ssl/GrpcSslReceiverProperties.java
@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package com.navercorp.pinpoint.collector.grpc.config;
+package com.navercorp.pinpoint.collector.grpc.ssl;
 
 import com.navercorp.pinpoint.collector.receiver.BindAddress;
 import org.apache.logging.log4j.LogManager;
@@ -31,30 +31,22 @@ public class GrpcSslReceiverProperties {
 
     protected final Logger logger = LogManager.getLogger(getClass());
 
-    private final boolean enable;
     private final BindAddress bindAddress;
     private final GrpcSslProperties grpcSslConfiguration;
 
-    GrpcSslReceiverProperties(boolean enable,
-                              BindAddress bindAddress,
+    GrpcSslReceiverProperties(BindAddress bindAddress,
                               GrpcSslProperties grpcSslConfiguration) {
-        this.enable = enable;
 
         this.bindAddress = Objects.requireNonNull(bindAddress, "bindAddress");
         this.grpcSslConfiguration = Objects.requireNonNull(grpcSslConfiguration, "grpcSslConfiguration");
     }
 
     @PostConstruct
     public void log() {
-        this.logger.info("enable:{}", this.enable);
         this.logger.info("bindAddress:{}", bindAddress);
         this.logger.info("grpcSslConfiguration:{}", grpcSslConfiguration);
     }
 
-    public boolean isEnable() {
-        return enable;
-    }
-
     public BindAddress getBindAddress() {
         return bindAddress;
     }
@@ -65,8 +57,8 @@ public GrpcSslProperties getGrpcSslProperties() {
 
     @Override
     public String toString() {
-        return "GrpcSslReceiverProperties{" + "enable=" + enable +
-                ", bindAddress=" + bindAddress +
+        return "GrpcSslReceiverProperties{" +
+                "bindAddress=" + bindAddress +
                 ", grpcSslConfiguration=" + grpcSslConfiguration +
                 '}';
     }