Implement Java 11's HttpClient within RestClient [HZ-2460] #25654
Conversation
This is WIP and currently a first stage attempt; compiles/runs and KubernetesClient functions correctly (without an extra thread 🎉), but RestClientTest has 2 failures
With the old RestClient implementation, the connection formed in this test is never `HttpsURLConnection`, so the certificate was never used. In the new RestClient, the SSL context is created before the connection, so passing an invalid certificate breaks functionality. Since this test did not utilise the caCertificate value before, there should be no impact from removing it.
# Conflicts: # hazelcast/src/main/java/com/hazelcast/kubernetes/KubernetesClient.java # hazelcast/src/main/java/com/hazelcast/spi/utils/RestClient.java # hazelcast/src/test/java/com/hazelcast/kubernetes/StsMonitorTest.java # hazelcast/src/test/java/com/hazelcast/spi/utils/RestClientTest.java
JamesHazelcast
added
Type: Enhancement
Team: Core
Source: Internal
|
run-lab-run |
1 similar comment
|
run-lab-run |
| @@ -47,8 +47,7 @@ static String currentTimestamp(Clock clock) { | |||
|
|
|||
| static RestClient createRestClient(String url, AwsConfig awsConfig) { | |||
| return RestClient.create(url) | |||
| .withConnectTimeoutSeconds(awsConfig.getConnectionTimeoutSeconds()) | |||
| .withReadTimeoutSeconds(awsConfig.getReadTimeoutSeconds()) | |||
| .withPreferredTimeoutSeconds(awsConfig.getConnectionTimeoutSeconds(), awsConfig.getReadTimeoutSeconds()) | |||
There was a problem hiding this comment.
Due to the AWS config, It probably makes sense to have both - the timeout and the connectionTimeout (using HttpClient.Builder.connectTimeout(Duration)). If we want to support just one, we should improve the AWS config too.
There was a problem hiding this comment.
Also returns functionality where they were previously split values.
|
run-lab-run |
HttpClient in J11 will raise `java.lang.IllegalArgumentException: restricted header name: "Host"` if a "Host" header is provided - there are overrides for this in J12 onwards, but not possible in J11.
|
Aws API tests were failing due to the setting of "Host" header which is not allowed with HttpClient in Java 11 - there are override properties available in J12, but not with J11. I've removed the "Host" header definitions and tests are passing locally (the "Host" header is set to the @SeriyBg please let me know if this is a breaking change, and if so we may need to re-assess the viability of using HttpClient. |
|
The job Click to expand the log file---------ERRORS----------- -------------------------- [ERROR] Tests run: 1, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 1.180 s <<< FAILURE! -- in com.hazelcast.internal.metrics.jmx.MemberJmxMetricsTest -------------------------- [ERROR] com.hazelcast.internal.metrics.jmx.MemberJmxMetricsTest.testNoMBeanLeak -- Time elapsed: 1.179 s <<< FAILURE! -------------------------- [ERROR] Failures: -------------------------- [ERROR] MemberJmxMetricsTest.testNoMBeanLeak:64 expected:<0> but was:<1> -------------------------- [ERROR] Tests run: 4623, Failures: 1, Errors: 0, Skipped: 15 -------------------------- [ERROR] There are test failures. -------------------------- -------------------------- -------TEST FAILURE------- -------------------------- [INFO] Results: [INFO] [ERROR] Failures: [ERROR] MemberJmxMetricsTest.testNoMBeanLeak:64 expected:<0> but was:<1> [INFO] [ERROR] Tests run: 4623, Failures: 1, Errors: 0, Skipped: 15 [INFO] |
|
run-lab-run |
|
@JamesHazelcast, the changes don't seem to be breaking one, as the |
SeriyBg
added
run-discovery-tests
There was a problem hiding this comment.
LGTM - @JamesHazelcast can you make sure we run the kubernetes+persistence integration tests on EE side once this is merged to verify no regression?
SeriyBg
added
run-discovery-tests
|
@JamesHazelcast, it seems that the change is, in fact, breaking the AWS integration. It fails during the cluster formation with an exception: It seems that there is a fix for Java 12, but no workaround for Java 11: |
Trim `host` header at RestClient level, leaving it in place for all other usages during signing.
JamesHazelcast
added
run-discovery-tests
My latest commit appears to have resolved the issue for the AWS discovery tests - hopefully no more failures 🤞 |
|
Thanks for the reviews everyone, greatly appreciated :) |
…#25654) During the investigation of - and solution generation for - hazelcast#24613, it was noted that Java 11 provides the new `HttpClient` that features interruptible connections - the original solution was kept in place for 5.3, but with 5.4 we have now dropped JDK 8 support, so we can introduce this JDK 11 feature 🎉 This PR does exactly that, introducing `HttpClient` within the `RestClient` implementation we maintain as a Proof of Concept - this allows connections to be interrupted, as demonstrated in the `KubernetesClient` implementation, which is where the majority of focus for this PoC has been. Changes are generally fairly minimal outside of the `RestClient` itself and `KubernetesClient` implementation, with the main areas requiring changes being those that used `#withCaCertificates()` (now replaced by a separate constructor for clients using SSL), and timeout changes (connection/read timeouts are now unified). This PR now also includes a regression test for the original issue that was encountered, ensuring the `HttpClient` solution still resolves the issue.
During the investigation of - and solution generation for - #24613, it was noted that Java 11 provides the new
HttpClientthat features interruptible connections - the original solution was kept in place for 5.3, but with 5.4 we have now dropped JDK 8 support, so we can introduce this JDK 11 feature 🎉This PR does exactly that, introducing
HttpClientwithin theRestClientimplementation we maintain as a Proof of Concept - this allows connections to be interrupted, as demonstrated in theKubernetesClientimplementation, which is where the majority of focus for this PoC has been. Changes are generally fairly minimal outside of theRestClientitself andKubernetesClientimplementation, with the main areas requiring changes being those that used#withCaCertificates()(now replaced by a separate constructor for clients using SSL), and timeout changes (connection/read timeouts are now unified).This PR now also includes a regression test for the original issue that was encountered, ensuring the
HttpClientsolution still resolves the issue.