zookeeper-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From h...@apache.org
Subject [zookeeper] branch master updated: ZOOKEEPER-3846: Add a couple TLS related metrics
Date Thu, 28 May 2020 03:47:22 GMT
This is an automated email from the ASF dual-hosted git repository.

hanm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zookeeper.git


The following commit(s) were added to refs/heads/master by this push:
     new 0f182ab  ZOOKEEPER-3846: Add a couple TLS related metrics
0f182ab is described below

commit 0f182ab88dac2fda7f5821b7003092428b859164
Author: Jie Huang <jiehuang@fb.com>
AuthorDate: Wed May 27 20:47:09 2020 -0700

    ZOOKEEPER-3846: Add a couple TLS related metrics
    
    Author: Jie Huang <jiehuang@fb.com>
    
    Reviewers: Michael Han <hanm@apache.org>
    
    Closes #1366 from jhuan31/ZOOKEEPER-3846
---
 .../java/org/apache/zookeeper/server/NettyServerCnxnFactory.java | 1 +
 .../src/main/java/org/apache/zookeeper/server/ServerMetrics.java | 9 +++++++++
 .../apache/zookeeper/server/admin/UnifiedConnectionFactory.java  | 2 ++
 3 files changed, 12 insertions(+)

diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxnFactory.java
b/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxnFactory.java
index 5d236ee..55743ff 100644
--- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxnFactory.java
+++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxnFactory.java
@@ -441,6 +441,7 @@ public class NettyServerCnxnFactory extends ServerCnxnFactory {
                 addCnxn(cnxn);
             } else {
                 LOG.error("Unsuccessful handshake with session 0x{}", Long.toHexString(cnxn.getSessionId()));
+                ServerMetrics.getMetrics().UNSUCCESSFUL_HANDSHAKE.add(1);
                 cnxn.close(ServerCnxn.DisconnectReason.FAILED_HANDSHAKE);
             }
         }
diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/ServerMetrics.java
b/zookeeper-server/src/main/java/org/apache/zookeeper/server/ServerMetrics.java
index 4d71e51..7566cd2 100644
--- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/ServerMetrics.java
+++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/ServerMetrics.java
@@ -233,6 +233,8 @@ public final class ServerMetrics {
 
         DIGEST_MISMATCHES_COUNT = metricsContext.getCounter("digest_mismatches_count");
 
+        UNSUCCESSFUL_HANDSHAKE = metricsContext.getCounter("unsuccessful_handshake");
+        INSECURE_ADMIN = metricsContext.getCounter("insecure_admin_count");
         TLS_HANDSHAKE_EXCEEDED = metricsContext.getCounter("tls_handshake_exceeded");
 
         CNXN_CLOSED_WITHOUT_ZK_SERVER_RUNNING = metricsContext.getCounter("cnxn_closed_without_zk_server_running");
@@ -462,6 +464,13 @@ public final class ServerMetrics {
     // txns to data tree.
     public final Counter DIGEST_MISMATCHES_COUNT;
 
+    public final Counter UNSUCCESSFUL_HANDSHAKE;
+
+    /*
+     * Number of insecure connections to admin port
+     */
+    public final Counter INSECURE_ADMIN;
+
     public final Counter TLS_HANDSHAKE_EXCEEDED;
 
     public final Counter CNXN_CLOSED_WITHOUT_ZK_SERVER_RUNNING;
diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/UnifiedConnectionFactory.java
b/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/UnifiedConnectionFactory.java
index 71622df..2176c10 100644
--- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/UnifiedConnectionFactory.java
+++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/UnifiedConnectionFactory.java
@@ -20,6 +20,7 @@ package org.apache.zookeeper.server.admin;
 
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLSession;
+import org.apache.zookeeper.server.ServerMetrics;
 import org.eclipse.jetty.io.Connection;
 import org.eclipse.jetty.io.EndPoint;
 import org.eclipse.jetty.io.ssl.SslConnection;
@@ -94,6 +95,7 @@ public class UnifiedConnectionFactory extends AbstractConnectionFactory
{
         } else {
             sslConnection = null;
             plainEndpoint = aheadEndpoint;
+            ServerMetrics.getMetrics().INSECURE_ADMIN.add(1);
         }
 
         ConnectionFactory next = connector.getConnectionFactory(nextProtocol);


Mime
View raw message