Fix the other half of simulation requiring a TLS Plugin.
This commit: 1. Restores --tls_plugin as a way to provide the path to the TLS plugin when running in simulation. 2. Removes the TLS Plugin as being required for 5% of tests. 3. Standardizes on 'sslEnabled' as a variable name. And is a fix/improvement upon commitf7733d1b. (1) previously didn't work, because we would create multiple new TLSOptions instances and run init_plugin multiple times. Only the first call would use the argument specified on the command line. To fix this, the TLSOptions derived from the command line is threaded through all the simulation code that needs it. (2) was an oversight inf7733d1b, which didn't actually make "should we be TLS" dependant on if the TLS plugin was available or not. (3) is just nice for trying to grep around in the codebase.
This commit is contained in:
Alex Miller
parent
b359e57e78
commit
bc8e6acbe8
|
|
@ -250,6 +250,8 @@ void TLSOptions::set_verify_peers( std::string const& verify_peers ) {
|
|||
}
|
||||
|
||||
void TLSOptions::register_network() {
|
||||
// Simulation relies upon being able to call this multiple times, and have it override g_network
|
||||
// each time it's called.
|
||||
new TLSNetworkConnections( Reference<TLSOptions>::addRef( this ) );
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -124,7 +124,7 @@ private:
|
|||
#define TLS_VERIFY_PEERS_FLAG "--tls_verify_peers"
|
||||
|
||||
#define TLS_OPTION_FLAGS \
|
||||
{ TLSOptions::OPT_TLS_PLUGIN, TLS_PLUGIN_FLAG, SO_REQ_SEP }, \
|
||||
{ TLSOptions::OPT_TLS_PLUGIN, TLS_PLUGIN_FLAG, SO_OPT }, \
|
||||
{ TLSOptions::OPT_TLS_CERTIFICATES, TLS_CERTIFICATE_FILE_FLAG, SO_REQ_SEP }, \
|
||||
{ TLSOptions::OPT_TLS_KEY, TLS_KEY_FILE_FLAG, SO_REQ_SEP }, \
|
||||
{ TLSOptions::OPT_TLS_VERIFY_PEERS, TLS_VERIFY_PEERS_FLAG, SO_REQ_SEP },
|
||||
|
|
|
|||
|
|
@ -116,11 +116,10 @@ T simulate( const T& in ) {
|
|||
return out;
|
||||
}
|
||||
|
||||
static void simInitTLS() {
|
||||
Reference<TLSOptions> options( new TLSOptions );
|
||||
options->set_cert_data( certBytes );
|
||||
options->set_key_data( certBytes );
|
||||
options->register_network();
|
||||
static void simInitTLS(Reference<TLSOptions> tlsOptions) {
|
||||
tlsOptions->set_cert_data( certBytes );
|
||||
tlsOptions->set_key_data( certBytes );
|
||||
tlsOptions->register_network();
|
||||
}
|
||||
|
||||
ACTOR Future<Void> runBackup( Reference<ClusterConnectionFile> connFile ) {
|
||||
|
|
@ -198,7 +197,8 @@ ACTOR Future<Void> runDr( Reference<ClusterConnectionFile> connFile ) {
|
|||
ACTOR Future<ISimulator::KillType> simulatedFDBDRebooter(
|
||||
Reference<ClusterConnectionFile> connFile,
|
||||
uint32_t ip,
|
||||
bool useSSL,
|
||||
bool sslEnabled,
|
||||
Reference<TLSOptions> tlsOptions,
|
||||
uint16_t port,
|
||||
LocalityData localities,
|
||||
ProcessClass processClass,
|
||||
|
|
@ -233,7 +233,7 @@ ACTOR Future<ISimulator::KillType> simulatedFDBDRebooter(
|
|||
.detailext("DataHall", localities.dataHallId())
|
||||
.detail("Address", process->address.toString())
|
||||
.detail("Excluded", process->excluded)
|
||||
.detail("UsingSSL", useSSL);
|
||||
.detail("UsingSSL", sslEnabled);
|
||||
TraceEvent("ProgramStart").detail("Cycles", cycles).detail("RandomId", randomId)
|
||||
.detail("SourceVersion", getHGVersion())
|
||||
.detail("Version", FDB_VT_VERSION)
|
||||
|
|
@ -250,10 +250,10 @@ ACTOR Future<ISimulator::KillType> simulatedFDBDRebooter(
|
|||
//SOMEDAY: test lower memory limits, without making them too small and causing the database to stop making progress
|
||||
FlowTransport::createInstance(1);
|
||||
Sim2FileSystem::newFileSystem();
|
||||
if (useSSL) {
|
||||
simInitTLS();
|
||||
if (sslEnabled) {
|
||||
tlsOptions->register_network();
|
||||
}
|
||||
NetworkAddress n(ip, port, true, useSSL);
|
||||
NetworkAddress n(ip, port, true, sslEnabled);
|
||||
Future<Void> listen = FlowTransport::transport().bind( n, n );
|
||||
Future<Void> fd = fdbd( connFile, localities, processClass, *dataFolder, *coordFolder, 500e6, "", "");
|
||||
Future<Void> backup = runBackupAgents ? runBackup(connFile) : Future<Void>(Never());
|
||||
|
|
@ -361,6 +361,7 @@ ACTOR Future<Void> simulatedMachine(
|
|||
ClusterConnectionString connStr,
|
||||
std::vector<uint32_t> ips,
|
||||
bool sslEnabled,
|
||||
Reference<TLSOptions> tlsOptions,
|
||||
LocalityData localities,
|
||||
ProcessClass processClass,
|
||||
std::string baseFolder,
|
||||
|
|
@ -407,7 +408,7 @@ ACTOR Future<Void> simulatedMachine(
|
|||
for( int i = 0; i < ips.size(); i++ ) {
|
||||
std::string path = joinPath(myFolders[i], "fdb.cluster");
|
||||
Reference<ClusterConnectionFile> clusterFile(useSeedFile ? new ClusterConnectionFile(path, connStr.toString()) : new ClusterConnectionFile(path));
|
||||
processes.push_back(simulatedFDBDRebooter(clusterFile, ips[i], sslEnabled, i + 1, localities, processClass, &myFolders[i], &coordFolders[i], baseFolder, connStr, useSeedFile, runBackupAgents));
|
||||
processes.push_back(simulatedFDBDRebooter(clusterFile, ips[i], sslEnabled, tlsOptions, i + 1, localities, processClass, &myFolders[i], &coordFolders[i], baseFolder, connStr, useSeedFile, runBackupAgents));
|
||||
TraceEvent("SimulatedMachineProcess", randomId).detail("Address", NetworkAddress(ips[i], i+1, true, false)).detailext("ZoneId", localities.zoneId()).detailext("DataHall", localities.dataHallId()).detail("Folder", myFolders[i]);
|
||||
}
|
||||
|
||||
|
|
@ -593,8 +594,9 @@ ACTOR Future<Void> simulatedMachine(
|
|||
|
||||
#include "fdbclient/MonitorLeader.h"
|
||||
|
||||
ACTOR Future<Void> restartSimulatedSystem(vector<Future<Void>> *systemActors, std::string baseFolder,
|
||||
int* pTesterCount, Optional<ClusterConnectionString> *pConnString, int extraDB) {
|
||||
ACTOR Future<Void> restartSimulatedSystem(
|
||||
vector<Future<Void>> *systemActors, std::string baseFolder, int* pTesterCount,
|
||||
Optional<ClusterConnectionString> *pConnString, Reference<TLSOptions> tlsOptions, int extraDB) {
|
||||
CSimpleIni ini;
|
||||
ini.SetUnicode();
|
||||
ini.LoadFile(joinPath(baseFolder, "restartInfo.ini").c_str());
|
||||
|
|
@ -647,7 +649,7 @@ ACTOR Future<Void> restartSimulatedSystem(vector<Future<Void>> *systemActors, st
|
|||
|
||||
// SOMEDAY: parse backup agent from test file
|
||||
systemActors->push_back( reportErrors( simulatedMachine(
|
||||
conn, ipAddrs, usingSSL, localities, processClass, baseFolder, true, i == useSeedForMachine, enableExtraDB ),
|
||||
conn, ipAddrs, usingSSL, tlsOptions, localities, processClass, baseFolder, true, i == useSeedForMachine, enableExtraDB ),
|
||||
processClass == ProcessClass::TesterClass ? "SimulatedTesterMachine" : "SimulatedMachine") );
|
||||
}
|
||||
|
||||
|
|
@ -891,8 +893,8 @@ void SimulationConfig::generateNormalConfig(int minimumReplication) {
|
|||
}
|
||||
|
||||
void setupSimulatedSystem( vector<Future<Void>> *systemActors, std::string baseFolder,
|
||||
int* pTesterCount, Optional<ClusterConnectionString> *pConnString,
|
||||
Standalone<StringRef> *pStartingConfiguration, int extraDB, int minimumReplication)
|
||||
int* pTesterCount, Optional<ClusterConnectionString> *pConnString,
|
||||
Standalone<StringRef> *pStartingConfiguration, int extraDB, int minimumReplication, Reference<TLSOptions> tlsOptions)
|
||||
{
|
||||
// SOMEDAY: this does not test multi-interface configurations
|
||||
SimulationConfig simconfig(extraDB, minimumReplication);
|
||||
|
|
@ -958,7 +960,7 @@ void setupSimulatedSystem( vector<Future<Void>> *systemActors, std::string baseF
|
|||
bool assignClasses = machineCount - dataCenters > 4 && g_random->random01() < 0.5;
|
||||
|
||||
// Use SSL 5% of the time
|
||||
bool sslEnabled = g_random->random01() < 0.05;
|
||||
bool sslEnabled = g_random->random01() < 0.05 && tlsOptions->enabled();
|
||||
TEST( sslEnabled ); // SSL enabled
|
||||
TEST( !sslEnabled ); // SSL disabled
|
||||
|
||||
|
|
@ -1033,7 +1035,7 @@ void setupSimulatedSystem( vector<Future<Void>> *systemActors, std::string baseF
|
|||
// check the sslEnablementMap using only one ip(
|
||||
LocalityData localities(Optional<Standalone<StringRef>>(), zoneId, zoneId, dcUID);
|
||||
localities.set(LiteralStringRef("data_hall"), dcUID);
|
||||
systemActors->push_back(reportErrors(simulatedMachine(conn, ips, sslEnabled,
|
||||
systemActors->push_back(reportErrors(simulatedMachine(conn, ips, sslEnabled, tlsOptions,
|
||||
localities, processClass, baseFolder, false, machine == useSeedForMachine, true ), "SimulatedMachine"));
|
||||
|
||||
if (extraDB && g_simulator.extraDB->toString() != conn.toString()) {
|
||||
|
|
@ -1045,7 +1047,7 @@ void setupSimulatedSystem( vector<Future<Void>> *systemActors, std::string baseF
|
|||
Standalone<StringRef> newZoneId = Standalone<StringRef>(g_random->randomUniqueID().toString());
|
||||
LocalityData localities(Optional<Standalone<StringRef>>(), newZoneId, newZoneId, dcUID);
|
||||
localities.set(LiteralStringRef("data_hall"), dcUID);
|
||||
systemActors->push_back(reportErrors(simulatedMachine(*g_simulator.extraDB, extraIps, sslEnabled,
|
||||
systemActors->push_back(reportErrors(simulatedMachine(*g_simulator.extraDB, extraIps, sslEnabled, tlsOptions,
|
||||
localities,
|
||||
processClass, baseFolder, false, machine == useSeedForMachine, false ), "SimulatedMachine"));
|
||||
}
|
||||
|
|
@ -1073,7 +1075,7 @@ void setupSimulatedSystem( vector<Future<Void>> *systemActors, std::string baseF
|
|||
Standalone<StringRef> newZoneId = Standalone<StringRef>(g_random->randomUniqueID().toString());
|
||||
LocalityData localities(Optional<Standalone<StringRef>>(), newZoneId, newZoneId, Optional<Standalone<StringRef>>());
|
||||
systemActors->push_back( reportErrors( simulatedMachine(
|
||||
conn, ips, sslEnabled,
|
||||
conn, ips, sslEnabled, tlsOptions,
|
||||
localities, ProcessClass(ProcessClass::TesterClass, ProcessClass::CommandLineSource),
|
||||
baseFolder, false, i == useSeedForMachine, false ),
|
||||
"SimulatedTesterMachine") );
|
||||
|
|
@ -1142,7 +1144,7 @@ void checkExtraDB(const char *testFile, int &extraDB, int &minimumReplication) {
|
|||
ifs.close();
|
||||
}
|
||||
|
||||
ACTOR void setupAndRun(std::string dataFolder, const char *testFile, bool rebooting, bool useSSL ) {
|
||||
ACTOR void setupAndRun(std::string dataFolder, const char *testFile, bool rebooting, Reference<TLSOptions> tlsOptions ) {
|
||||
state vector<Future<Void>> systemActors;
|
||||
state Optional<ClusterConnectionString> connFile;
|
||||
state Standalone<StringRef> startingConfiguration;
|
||||
|
|
@ -1155,8 +1157,8 @@ ACTOR void setupAndRun(std::string dataFolder, const char *testFile, bool reboot
|
|||
"TestSystem", 0x01010101, 1, LocalityData(Optional<Standalone<StringRef>>(), Standalone<StringRef>(g_random->randomUniqueID().toString()), Optional<Standalone<StringRef>>(), Optional<Standalone<StringRef>>()), ProcessClass(ProcessClass::TesterClass, ProcessClass::CommandLineSource), "", "" ), TaskDefaultYield ) );
|
||||
Sim2FileSystem::newFileSystem();
|
||||
FlowTransport::createInstance(1);
|
||||
if (useSSL) {
|
||||
simInitTLS();
|
||||
if (tlsOptions->enabled()) {
|
||||
simInitTLS(tlsOptions);
|
||||
}
|
||||
|
||||
TEST(true); // Simulation start
|
||||
|
|
@ -1164,11 +1166,11 @@ ACTOR void setupAndRun(std::string dataFolder, const char *testFile, bool reboot
|
|||
try {
|
||||
//systemActors.push_back( startSystemMonitor(dataFolder) );
|
||||
if (rebooting) {
|
||||
Void _ = wait( timeoutError( restartSimulatedSystem( &systemActors, dataFolder, &testerCount, &connFile, extraDB), 100.0 ) );
|
||||
Void _ = wait( timeoutError( restartSimulatedSystem( &systemActors, dataFolder, &testerCount, &connFile, tlsOptions, extraDB), 100.0 ) );
|
||||
}
|
||||
else {
|
||||
g_expect_full_pointermap = 1;
|
||||
setupSimulatedSystem( &systemActors, dataFolder, &testerCount, &connFile, &startingConfiguration, extraDB, minimumReplication );
|
||||
setupSimulatedSystem( &systemActors, dataFolder, &testerCount, &connFile, &startingConfiguration, extraDB, minimumReplication, tlsOptions );
|
||||
Void _ = wait( delay(1.0) ); // FIXME: WHY!!! //wait for machines to boot
|
||||
}
|
||||
std::string clusterFileDir = joinPath( dataFolder, g_random->randomUniqueID().toString() );
|
||||
|
|
|
|||
|
|
@ -18,10 +18,12 @@
|
|||
* limitations under the License.
|
||||
*/
|
||||
|
||||
#include "fdbrpc/TLSConnection.h"
|
||||
|
||||
#ifndef FDBSERVER_SIMULATEDCLUSTER_H
|
||||
#define FDBSERVER_SIMULATEDCLUSTER_H
|
||||
#pragma once
|
||||
|
||||
void setupAndRun(std::string const& dataFolder, const char* const& testFile, bool const& rebooting, bool const& useSSL);
|
||||
void setupAndRun(std::string const& dataFolder, const char* const& testFile, bool const& rebooting, Reference<TLSOptions> const& useSSL);
|
||||
|
||||
#endif
|
||||
|
|
|
|||
|
|
@ -1192,7 +1192,8 @@ int main(int argc, char* argv[]) {
|
|||
break;
|
||||
case TLSOptions::OPT_TLS_PLUGIN:
|
||||
try {
|
||||
tlsOptions->set_plugin_name_or_path( args.OptionArg() );
|
||||
const char* plugin_path = args.OptionArg();
|
||||
tlsOptions->set_plugin_name_or_path( plugin_path ? plugin_path : "" );
|
||||
} catch (Error& e) {
|
||||
fprintf(stderr, "ERROR: cannot load TLS plugin `%s' (%s)\n", args.OptionArg(), e.what());
|
||||
printHelpTeaser(argv[0]);
|
||||
|
|
@ -1471,8 +1472,7 @@ int main(int argc, char* argv[]) {
|
|||
if ( tlsVerifyPeers.size() )
|
||||
tlsOptions->set_verify_peers( tlsVerifyPeers );
|
||||
|
||||
if (tlsOptions->get_policy())
|
||||
tlsOptions->register_network();
|
||||
tlsOptions->register_network();
|
||||
|
||||
if (role == FDBD || role == NetworkTestServer) {
|
||||
try {
|
||||
|
|
@ -1586,7 +1586,7 @@ int main(int argc, char* argv[]) {
|
|||
platform::createDirectory( dataFolder );
|
||||
}
|
||||
|
||||
setupAndRun( dataFolder, testFile, restarting, tlsOptions->enabled() );
|
||||
setupAndRun( dataFolder, testFile, restarting, tlsOptions );
|
||||
g_simulator.run();
|
||||
} else if (role == FDBD) {
|
||||
ASSERT( connectionFile );
|
||||
|
|
|
|||
Loading…
Reference in New Issue