diff options
author | Harald Musum <musum@verizonmedia.com> | 2019-11-15 12:32:01 +0100 |
---|---|---|
committer | Harald Musum <musum@verizonmedia.com> | 2019-11-15 12:32:01 +0100 |
commit | 363025ca088139cdc5b0671ddb36e68963677198 (patch) | |
tree | ed24c91954aa395f2ba434ce6316ca9dd1ca58de /zookeeper-server | |
parent | 3d55bbd557d8f81664c342c4ce65490c7b8e07de (diff) |
Use environment variable for ZooKeeper TLS config if set
Diffstat (limited to 'zookeeper-server')
-rw-r--r-- | zookeeper-server/zookeeper-server-3.5/src/main/java/com/yahoo/vespa/zookeeper/VespaZooKeeperServerImpl.java | 32 |
1 files changed, 21 insertions, 11 deletions
diff --git a/zookeeper-server/zookeeper-server-3.5/src/main/java/com/yahoo/vespa/zookeeper/VespaZooKeeperServerImpl.java b/zookeeper-server/zookeeper-server-3.5/src/main/java/com/yahoo/vespa/zookeeper/VespaZooKeeperServerImpl.java index 4b4923cfcc7..c4e1f8130a1 100644 --- a/zookeeper-server/zookeeper-server-3.5/src/main/java/com/yahoo/vespa/zookeeper/VespaZooKeeperServerImpl.java +++ b/zookeeper-server/zookeeper-server-3.5/src/main/java/com/yahoo/vespa/zookeeper/VespaZooKeeperServerImpl.java @@ -13,6 +13,7 @@ import java.io.File; import java.io.FileWriter; import java.io.IOException; import java.util.List; +import java.util.Optional; import java.util.Set; import java.util.TreeSet; import java.util.stream.Collectors; @@ -79,11 +80,12 @@ public class VespaZooKeeperServerImpl extends AbstractComponent implements Runna sb.append("serverCnxnFactory=org.apache.zookeeper.server.NettyServerCnxnFactory").append("\n"); ensureThisServerIsRepresented(config.myid(), config.server()); config.server().forEach(server -> addServerToCfg(sb, server)); - sb.append(createTlsQuorumConfig(config)); + sb.append(createTlsQuorumConfig(getEnvironmentVariable("VESPA_TLS_FOR_ZOOKEEPER_QUORUM_COMMUNICATION") + .orElse(config.tlsForQuorumCommunication().name()))); return sb.toString(); } - private String createTlsQuorumConfig(ZookeeperServerConfig config) { + private String createTlsQuorumConfig(String tlsSetting) { StringBuilder sb = new StringBuilder(); // Common config @@ -93,26 +95,29 @@ public class VespaZooKeeperServerImpl extends AbstractComponent implements Runna sb.append("ssl.quorum.enabledProtocols=").append(String.join(",", new TreeSet<>(TlsContext.ALLOWED_PROTOCOLS))).append("\n"); sb.append("ssl.quorum.protocol=TLS\n"); - String tlsSetting = config.tlsForQuorumCommunication().name(); + boolean sslQuorum; + boolean portUnification; switch (tlsSetting) { case "OFF": - sb.append("sslQuorum=false\n"); - sb.append("portUnification=false\n"); + sslQuorum = false; + portUnification = false; break; case "PORT_UNIFICATION": - sb.append("sslQuorum=false\n"); - sb.append("portUnification=true\n"); + sslQuorum = false; + portUnification = true; break; case "TLS_WITH_PORT_UNIFICATION": - sb.append("sslQuorum=true\n"); - sb.append("portUnification=true\n"); + sslQuorum = true; + portUnification = true; break; case "TLS_ONLY": - sb.append("sslQuorum=true\n"); - sb.append("portUnification=false\n"); + sslQuorum = true; + portUnification = false; break; default: throw new IllegalArgumentException("Unknown value of config setting tlsForQuorumCommunication: " + tlsSetting); } + sb.append("sslQuorum=").append(sslQuorum).append("\n"); + sb.append("portUnification=").append(portUnification).append("\n"); return sb.toString(); } @@ -170,4 +175,9 @@ public class VespaZooKeeperServerImpl extends AbstractComponent implements Runna return zookeeperServerConfig.server().stream().map(ZookeeperServerConfig.Server::hostname).collect(Collectors.toSet()); } + private static Optional<String> getEnvironmentVariable(String variableName) { + return Optional.ofNullable(System.getenv().get(variableName)) + .filter(var -> !var.isEmpty()); + } + } |