SOLR-9604: Ensure SSL connections are re-used

This commit is contained in:
Alan Woodward 2016-10-05 10:22:22 +01:00
parent d398617be8
commit 0eb6b1c823
15 changed files with 182 additions and 41 deletions

View File

@ -156,6 +156,9 @@ Bug Fixes
at a node before its local state had updated with the new collection data
(Alan Woodward)
* SOLR-9604: Pooled SSL connections were not being re-used (Alan Woodward,
Mikhail Khludnev, hossman)
Optimizations
----------------------

View File

@ -16,8 +16,11 @@
*/
package org.apache.solr.security;
import static java.nio.charset.StandardCharsets.UTF_8;
import javax.servlet.FilterChain;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.io.IOException;
import java.lang.invoke.MethodHandles;
import java.nio.ByteBuffer;
@ -27,12 +30,6 @@ import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.FilterChain;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.http.HttpException;
import org.apache.http.HttpRequest;
import org.apache.http.HttpRequestInterceptor;
@ -58,6 +55,8 @@ import org.apache.solr.util.CryptoKeys;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import static java.nio.charset.StandardCharsets.UTF_8;
public class PKIAuthenticationPlugin extends AuthenticationPlugin implements HttpClientBuilderPlugin {
private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
@ -198,7 +197,8 @@ public class PKIAuthenticationPlugin extends AuthenticationPlugin implements Htt
try {
String uri = url + PATH + "?wt=json&omitHeader=true";
log.debug("Fetching fresh public key from : {}",uri);
HttpResponse rsp = cores.getUpdateShardHandler().getHttpClient().execute(new HttpGet(uri), HttpClientUtil.createNewHttpClientRequestContext());
HttpResponse rsp = cores.getUpdateShardHandler().getHttpClient()
.execute(new HttpGet(uri), HttpClientUtil.createNewHttpClientRequestContext(this));
byte[] bytes = EntityUtils.toByteArray(rsp.getEntity());
Map m = (Map) Utils.fromJSON(bytes);
String key = (String) m.get("key");

View File

@ -558,7 +558,8 @@ public class HttpSolrCall {
method.removeHeaders(CONTENT_LENGTH_HEADER);
}
final HttpResponse response = solrDispatchFilter.httpClient.execute(method, HttpClientUtil.createNewHttpClientRequestContext());
final HttpResponse response
= solrDispatchFilter.httpClient.execute(method, HttpClientUtil.createNewHttpClientRequestContext(cores));
int httpStatus = response.getStatusLine().getStatusCode();
httpEntity = response.getEntity();

View File

@ -647,7 +647,7 @@ public class SolrCLI {
// ensure we're requesting JSON back from Solr
HttpGet httpGet = new HttpGet(new URIBuilder(getUrl).setParameter(CommonParams.WT, CommonParams.JSON).build());
// make the request and get back a parsed JSON object
Map<String,Object> json = httpClient.execute(httpGet, new SolrResponseHandler(), HttpClientUtil.createNewHttpClientRequestContext());
Map<String,Object> json = httpClient.execute(httpGet, new SolrResponseHandler(), HttpClientUtil.createNewHttpClientRequestContext(null));
// check the response JSON from Solr to see if it is an error
Long statusCode = asLong("/responseHeader/status", json);
if (statusCode == -1) {

View File

@ -90,7 +90,7 @@ public class TestAuthorizationFramework extends AbstractFullDistribZkTestBase {
List<String> hierarchy = StrUtils.splitSmart(objPath, '/');
for (int i = 0; i < count; i++) {
HttpGet get = new HttpGet(url);
s = EntityUtils.toString(cl.execute(get, HttpClientUtil.createNewHttpClientRequestContext()).getEntity());
s = EntityUtils.toString(cl.execute(get, HttpClientUtil.createNewHttpClientRequestContext(null)).getEntity());
Map m = (Map) Utils.fromJSONString(s);
Object actual = Utils.getObjectByPath(m, true, hierarchy);

View File

@ -320,7 +320,8 @@ public class ConcurrentUpdateSolrClient extends SolrClient {
method.addHeader("User-Agent", HttpSolrClient.AGENT);
method.addHeader("Content-Type", contentType);
response = client.getHttpClient().execute(method, HttpClientUtil.createNewHttpClientRequestContext());
response = client.getHttpClient()
.execute(method, HttpClientUtil.createNewHttpClientRequestContext(scheduler));
rspBody = response.getEntity().getContent();
int statusCode = response.getStatusLine().getStatusCode();
if (statusCode != HttpStatus.SC_OK) {

View File

@ -198,7 +198,12 @@ public class HttpClientUtil {
* configuration (no additional configuration) is created.
*/
public static CloseableHttpClient createClient(SolrParams params) {
return createClient(params, new PoolingHttpClientConnectionManager(schemaRegistryProvider.getSchemaRegistry()));
return createClient(params, createPoolingConnectionManager());
}
/** test usage subject to change @lucene.experimental */
static PoolingHttpClientConnectionManager createPoolingConnectionManager() {
return new PoolingHttpClientConnectionManager(schemaRegistryProvider.getSchemaRegistry());
}
public static CloseableHttpClient createClient(SolrParams params, PoolingHttpClientConnectionManager cm) {
@ -396,10 +401,25 @@ public class HttpClientUtil {
}
/**
*
* @deprecated Use {@link #createNewHttpClientRequestContext(Object)}
*/
@Deprecated
public static HttpClientContext createNewHttpClientRequestContext() {
return httpClientRequestContextBuilder.createContext();
return httpClientRequestContextBuilder.createContext(null);
}
/**
* Create a HttpClientContext object
*
* If the client is going to be re-used, then you should pass in an object that
* can be used by internal connection pools as a cache key. This is particularly
* important if client authentication is enabled, as SSL connections will not
* be re-used if no cache key is provided.
*
* @param cacheKey an Object to be used as a cache key for pooling connections
*/
public static HttpClientContext createNewHttpClientRequestContext(Object cacheKey) {
return httpClientRequestContextBuilder.createContext(cacheKey);
}
public static Builder createDefaultRequestConfigBuilder() {

View File

@ -47,6 +47,7 @@ import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.conn.HttpClientConnectionManager;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.InputStreamEntity;
@ -508,7 +509,8 @@ public class HttpSolrClient extends SolrClient {
boolean shouldClose = true;
try {
// Execute the method.
final HttpResponse response = httpClient.execute(method, HttpClientUtil.createNewHttpClientRequestContext());
HttpClientContext httpClientRequestContext = HttpClientUtil.createNewHttpClientRequestContext(this);
final HttpResponse response = httpClient.execute(method, httpClientRequestContext);
int httpStatus = response.getStatusLine().getStatusCode();
// Read the contents

View File

@ -77,7 +77,15 @@ public class SolrHttpClientContextBuilder {
return credentialsProviderProvider;
}
/**
* @deprecated use {@link #createContext(Object)}
*/
@Deprecated
public HttpClientContext createContext() {
return createContext(null);
}
public HttpClientContext createContext(Object userToken) {
HttpClientContext context = new HttpClientContext();
if (getCredentialsProviderProvider() != null) {
context.setCredentialsProvider(getCredentialsProviderProvider().getCredentialsProvider());
@ -90,6 +98,8 @@ public class SolrHttpClientContextBuilder {
context.setCookieSpecRegistry(getCookieSpecRegistryProvider().getCookieSpecRegistry());
}
context.setUserToken(userToken);
return context;
}

View File

@ -16,6 +16,14 @@
*/
package org.apache.solr.client.solrj;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.OutputStreamWriter;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Properties;
import org.apache.commons.io.FileUtils;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
@ -32,14 +40,6 @@ import org.apache.solr.util.ExternalPaths;
import org.junit.BeforeClass;
import org.junit.Test;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.OutputStreamWriter;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import java.util.Properties;
public class SolrSchemalessExampleTest extends SolrExampleTestsBase {
@BeforeClass
@ -80,7 +80,7 @@ public class SolrSchemalessExampleTest extends SolrExampleTestsBase {
HttpPost post = new HttpPost(client.getBaseURL() + "/update/json/docs");
post.setHeader("Content-Type", "application/json");
post.setEntity(new InputStreamEntity(new ByteArrayInputStream(json.getBytes("UTF-8")), -1));
HttpResponse response = httpClient.execute(post, HttpClientUtil.createNewHttpClientRequestContext());
HttpResponse response = httpClient.execute(post, HttpClientUtil.createNewHttpClientRequestContext(null));
Utils.consumeFully(response.getEntity());
assertEquals(200, response.getStatusLine().getStatusCode());
client.commit();

View File

@ -111,7 +111,7 @@ public class JettyWebappTest extends SolrTestCaseJ4
HttpClient client = HttpClients.createDefault();
HttpRequestBase m = new HttpGet(adminPath);
HttpResponse response = client.execute(m, HttpClientUtil.createNewHttpClientRequestContext());
HttpResponse response = client.execute(m, HttpClientUtil.createNewHttpClientRequestContext(null));
assertEquals(200, response.getStatusLine().getStatusCode());
Header header = response.getFirstHeader("X-Frame-Options");
assertEquals("DENY", header.getValue().toUpperCase(Locale.ROOT));

View File

@ -16,6 +16,9 @@
*/
package org.apache.solr.client.solrj.embedded;
import java.io.ByteArrayInputStream;
import java.util.Map;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
@ -32,9 +35,6 @@ import org.junit.BeforeClass;
import org.junit.Test;
import org.noggit.ObjectBuilder;
import java.io.ByteArrayInputStream;
import java.util.Map;
/**
* TODO? perhaps use:
* http://docs.codehaus.org/display/JETTY/ServletTester
@ -76,7 +76,7 @@ public class SolrExampleJettyTest extends SolrExampleTests {
HttpPost post = new HttpPost(client.getBaseURL() + "/update/json/docs");
post.setHeader("Content-Type", "application/json");
post.setEntity(new InputStreamEntity(new ByteArrayInputStream(json.getBytes("UTF-8")), -1));
HttpResponse response = httpClient.execute(post, HttpClientUtil.createNewHttpClientRequestContext());
HttpResponse response = httpClient.execute(post, HttpClientUtil.createNewHttpClientRequestContext(null));
assertEquals(200, response.getStatusLine().getStatusCode());
client.commit();
QueryResponse rsp = getSolrClient().query(new SolrQuery("*:*"));

View File

@ -565,7 +565,7 @@ public class BasicHttpSolrClientTest extends SolrJettyTestBase {
CloseableHttpClient httpclient = HttpClientUtil.createClient(params);
HttpEntity entity = null;
try {
HttpResponse response = httpclient.execute(get, HttpClientUtil.createNewHttpClientRequestContext());
HttpResponse response = httpclient.execute(get, HttpClientUtil.createNewHttpClientRequestContext(null));
entity = response.getEntity();
Header ceheader = entity.getContentEncoding();
assertNotNull(Arrays.asList(response.getAllHeaders()).toString(), ceheader);

View File

@ -0,0 +1,104 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.solr.client.solrj.impl;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.conn.PoolingHttpClientConnectionManager;
import org.apache.http.pool.PoolStats;
import org.apache.solr.SolrJettyTestBase;
import org.apache.solr.client.solrj.SolrQuery;
import org.apache.solr.client.solrj.SolrServerException;
import org.apache.solr.client.solrj.embedded.JettySolrRunner;
import org.apache.solr.common.SolrInputDocument;
import org.apache.solr.common.params.ModifiableSolrParams;
import org.apache.solr.util.RandomizeSSL;
import org.junit.AfterClass;
import org.junit.BeforeClass;
@RandomizeSSL(1.0)
public class HttpSolrClientSSLAuthConPoolTest extends SolrJettyTestBase {
private static JettySolrRunner yetty;
@BeforeClass
public static void beforeTest() throws Exception {
createJetty(legacyExampleCollection1SolrHome());
// stealing the first made jetty
yetty = jetty;
createJetty(legacyExampleCollection1SolrHome());
}
@AfterClass
public static void stopYetty() throws Exception {
yetty.stop();
yetty = null;
}
public void testPoolSize() throws SolrServerException, IOException {
PoolingHttpClientConnectionManager pool = HttpClientUtil.createPoolingConnectionManager();
final HttpSolrClient client1 ;
final String fooUrl;
{
fooUrl = jetty.getBaseUrl().toString() + "/" + "collection1";
CloseableHttpClient httpClient = HttpClientUtil.createClient(new ModifiableSolrParams(), pool,
false /* let client shutdown it*/);
client1 = getHttpSolrClient(fooUrl, httpClient);
client1.setConnectionTimeout(DEFAULT_CONNECTION_TIMEOUT);
}
final String barUrl = yetty.getBaseUrl().toString() + "/" + "collection1";
List<String> urls = new ArrayList<>();
for(int i=0; i<17; i++) {
urls.add(fooUrl);
}
for(int i=0; i<31; i++) {
urls.add(barUrl);
}
Collections.shuffle(urls, random());
try {
int i=0;
for (String url : urls) {
if (!client1.getBaseURL().equals(url)) {
client1.setBaseURL(url);
}
client1.add(new SolrInputDocument("id", ""+(i++)));
}
client1.setBaseURL(fooUrl);
client1.commit();
assertEquals(17, client1.query(new SolrQuery("*:*")).getResults().getNumFound());
client1.setBaseURL(barUrl);
client1.commit();
assertEquals(31, client1.query(new SolrQuery("*:*")).getResults().getNumFound());
PoolStats stats = pool.getTotalStats();
assertEquals("oh "+stats, 2, stats.getAvailable());
} finally {
for (HttpSolrClient c : new HttpSolrClient []{ client1}) {
HttpClientUtil.close(c.getHttpClient());
c.close();
}
}
}
}

View File

@ -15,6 +15,13 @@
* limitations under the License.
*/
package org.apache.solr.util;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import java.io.Closeable;
import java.io.IOException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpGet;
@ -28,13 +35,6 @@ import org.apache.http.util.EntityUtils;
import org.apache.solr.client.solrj.impl.HttpClientUtil;
import org.apache.solr.common.params.ModifiableSolrParams;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import java.io.Closeable;
import java.io.IOException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
/**
* Facilitates testing Solr's REST API via a provided embedded Jetty
*/
@ -204,7 +204,7 @@ public class RestTestHarness extends BaseTestHarness implements Closeable {
private String getResponse(HttpUriRequest request) throws IOException {
HttpEntity entity = null;
try {
entity = httpClient.execute(request, HttpClientUtil.createNewHttpClientRequestContext()).getEntity();
entity = httpClient.execute(request, HttpClientUtil.createNewHttpClientRequestContext(this)).getEntity();
return EntityUtils.toString(entity, StandardCharsets.UTF_8);
} finally {
EntityUtils.consumeQuietly(entity);