Skip to content

Commit

Permalink
[Backport 2.x] Improve serialization speeds (#2802) (#3444)
Browse files Browse the repository at this point in the history
Signed-off-by: Paras Jain <parasjaz@amazon.com>
Signed-off-by: Peter Nied <peternied@hotmail.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Co-authored-by: Paras Jain <parasjaz@amazon.com>
Co-authored-by: Peter Nied <peternied@hotmail.com>
  • Loading branch information
3 people authored Oct 3, 2023
1 parent 163bfe4 commit 5195d5e
Show file tree
Hide file tree
Showing 29 changed files with 1,815 additions and 446 deletions.
4 changes: 4 additions & 0 deletions bwc-test/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ buildscript {
opensearch_version = System.getProperty("opensearch.version", "2.11.0-SNAPSHOT")
opensearch_group = "org.opensearch"
common_utils_version = System.getProperty("common_utils.version", '2.9.0.0-SNAPSHOT')
jackson_version = System.getProperty("jackson_version", "2.15.2")
}
repositories {
mavenLocal()
Expand All @@ -72,6 +73,9 @@ dependencies {
testImplementation "org.opensearch.test:framework:${opensearch_version}"
testImplementation "org.apache.logging.log4j:log4j-core:${versions.log4j}"
testImplementation "org.opensearch:common-utils:${common_utils_version}"
testImplementation "com.fasterxml.jackson.core:jackson-databind:${jackson_version}"
testImplementation "com.fasterxml.jackson.core:jackson-annotations:${jackson_version}"

}

loggerUsageCheck.enabled = false
Expand Down
179 changes: 0 additions & 179 deletions bwc-test/src/test/java/SecurityBackwardsCompatibilityIT.java
Original file line number Diff line number Diff line change
@@ -1,180 +1 @@
/*
* SPDX-License-Identifier: Apache-2.0
*
* The OpenSearch Contributors require contributions made to
* this file be licensed under the Apache-2.0 license or a
* compatible open source license.
*/
package org.opensearch.security.bwc;

import java.io.IOException;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;

import org.apache.http.Header;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.message.BasicHeader;
import org.apache.http.ssl.SSLContextBuilder;
import org.junit.Assume;
import org.junit.Before;
import org.opensearch.common.settings.Settings;
import org.opensearch.common.util.concurrent.ThreadContext;
import org.opensearch.test.rest.OpenSearchRestTestCase;

import org.opensearch.Version;

import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.hasItem;

import org.opensearch.client.RestClient;
import org.opensearch.client.RestClientBuilder;

import org.junit.Assert;

public class SecurityBackwardsCompatibilityIT extends OpenSearchRestTestCase {

private ClusterType CLUSTER_TYPE;
private String CLUSTER_NAME;

@Before
private void testSetup() {
final String bwcsuiteString = System.getProperty("tests.rest.bwcsuite");
Assume.assumeTrue("Test cannot be run outside the BWC gradle task 'bwcTestSuite' or its dependent tasks", bwcsuiteString != null);
CLUSTER_TYPE = ClusterType.parse(bwcsuiteString);
CLUSTER_NAME = System.getProperty("tests.clustername");
}

@Override
protected final boolean preserveClusterUponCompletion() {
return true;
}

@Override
protected final boolean preserveIndicesUponCompletion() {
return true;
}

@Override
protected final boolean preserveReposUponCompletion() {
return true;
}

@Override
protected boolean preserveTemplatesUponCompletion() {
return true;
}

@Override
protected String getProtocol() {
return "https";
}

@Override
protected final Settings restClientSettings() {
return Settings.builder()
.put(super.restClientSettings())
// increase the timeout here to 90 seconds to handle long waits for a green
// cluster health. the waits for green need to be longer than a minute to
// account for delayed shards
.put(OpenSearchRestTestCase.CLIENT_SOCKET_TIMEOUT, "90s")
.build();
}

@Override
protected RestClient buildClient(Settings settings, HttpHost[] hosts) throws IOException {
RestClientBuilder builder = RestClient.builder(hosts);
configureHttpsClient(builder, settings);
boolean strictDeprecationMode = settings.getAsBoolean("strictDeprecationMode", true);
builder.setStrictDeprecationMode(strictDeprecationMode);
return builder.build();
}

protected static void configureHttpsClient(RestClientBuilder builder, Settings settings) throws IOException {
Map<String, String> headers = ThreadContext.buildDefaultHeaders(settings);
Header[] defaultHeaders = new Header[headers.size()];
int i = 0;
for (Map.Entry<String, String> entry : headers.entrySet()) {
defaultHeaders[i++] = new BasicHeader(entry.getKey(), entry.getValue());
}
builder.setDefaultHeaders(defaultHeaders);
builder.setHttpClientConfigCallback(httpClientBuilder -> {
String userName = Optional.ofNullable(System.getProperty("tests.opensearch.username"))
.orElseThrow(() -> new RuntimeException("user name is missing"));
String password = Optional.ofNullable(System.getProperty("tests.opensearch.password"))
.orElseThrow(() -> new RuntimeException("password is missing"));
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(userName, password));
try {
return httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider)
// disable the certificate since our testing cluster just uses the default security configuration
.setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
.setSSLContext(SSLContextBuilder.create().loadTrustMaterial(null, (chains, authType) -> true).build());
} catch (Exception e) {
throw new RuntimeException(e);
}
});
}

public void testBasicBackwardsCompatibility() throws Exception {
String round = System.getProperty("tests.rest.bwcsuite_round");

if (round.equals("first") || round.equals("old")) {
assertPluginUpgrade("_nodes/" + CLUSTER_NAME + "-0/plugins");
} else if (round.equals("second")) {
assertPluginUpgrade("_nodes/" + CLUSTER_NAME + "-1/plugins");
} else if (round.equals("third")) {
assertPluginUpgrade("_nodes/" + CLUSTER_NAME + "-2/plugins");
}
}

@SuppressWarnings("unchecked")
public void testWhoAmI() throws Exception {
Map<String, Object> responseMap = (Map<String, Object>) getAsMap("_plugins/_security/whoami");
Assert.assertTrue(responseMap.containsKey("dn"));
}

private enum ClusterType {
OLD,
MIXED,
UPGRADED;

public static ClusterType parse(String value) {
switch (value) {
case "old_cluster":
return OLD;
case "mixed_cluster":
return MIXED;
case "upgraded_cluster":
return UPGRADED;
default:
throw new AssertionError("unknown cluster type: " + value);
}
}
}

@SuppressWarnings("unchecked")
private void assertPluginUpgrade(String uri) throws Exception {
Map<String, Map<String, Object>> responseMap = (Map<String, Map<String, Object>>) getAsMap(uri).get("nodes");
for (Map<String, Object> response : responseMap.values()) {
List<Map<String, Object>> plugins = (List<Map<String, Object>>) response.get("plugins");
Set<String> pluginNames = plugins.stream().map(map -> (String) map.get("name")).collect(Collectors.toSet());

final Version minNodeVersion = this.minimumNodeVersion();

if (minNodeVersion.major <= 1) {
assertThat(pluginNames, hasItem("opensearch_security"));
} else {
assertThat(pluginNames, hasItem("opensearch-security"));
}

}
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
/*
* SPDX-License-Identifier: Apache-2.0
*
* The OpenSearch Contributors require contributions made to
* this file be licensed under the Apache-2.0 license or a
* compatible open source license.
*/

package org.opensearch.security.bwc;

public enum ClusterType {
OLD,
MIXED,
UPGRADED;

public static ClusterType parse(String value) {
switch (value) {
case "old_cluster":
return OLD;
case "mixed_cluster":
return MIXED;
case "upgraded_cluster":
return UPGRADED;
default:
throw new AssertionError("unknown cluster type: " + value);
}
}
}
Loading

0 comments on commit 5195d5e

Please sign in to comment.