This is an automated email from the ASF dual-hosted git repository.
hanm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zookeeper.git
The following commit(s) were added to refs/heads/master by this push:
new 0f182ab ZOOKEEPER-3846: Add a couple TLS related metrics
0f182ab is described below
commit 0f182ab88dac2fda7f5821b7003092428b859164
Author: Jie Huang <jiehuang@fb.com>
AuthorDate: Wed May 27 20:47:09 2020 -0700
ZOOKEEPER-3846: Add a couple TLS related metrics
Author: Jie Huang <jiehuang@fb.com>
Reviewers: Michael Han <hanm@apache.org>
Closes #1366 from jhuan31/ZOOKEEPER-3846
---
.../java/org/apache/zookeeper/server/NettyServerCnxnFactory.java | 1 +
.../src/main/java/org/apache/zookeeper/server/ServerMetrics.java | 9 +++++++++
.../apache/zookeeper/server/admin/UnifiedConnectionFactory.java | 2 ++
3 files changed, 12 insertions(+)
diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxnFactory.java
b/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxnFactory.java
index 5d236ee..55743ff 100644
--- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxnFactory.java
+++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/NettyServerCnxnFactory.java
@@ -441,6 +441,7 @@ public class NettyServerCnxnFactory extends ServerCnxnFactory {
addCnxn(cnxn);
} else {
LOG.error("Unsuccessful handshake with session 0x{}", Long.toHexString(cnxn.getSessionId()));
+ ServerMetrics.getMetrics().UNSUCCESSFUL_HANDSHAKE.add(1);
cnxn.close(ServerCnxn.DisconnectReason.FAILED_HANDSHAKE);
}
}
diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/ServerMetrics.java
b/zookeeper-server/src/main/java/org/apache/zookeeper/server/ServerMetrics.java
index 4d71e51..7566cd2 100644
--- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/ServerMetrics.java
+++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/ServerMetrics.java
@@ -233,6 +233,8 @@ public final class ServerMetrics {
DIGEST_MISMATCHES_COUNT = metricsContext.getCounter("digest_mismatches_count");
+ UNSUCCESSFUL_HANDSHAKE = metricsContext.getCounter("unsuccessful_handshake");
+ INSECURE_ADMIN = metricsContext.getCounter("insecure_admin_count");
TLS_HANDSHAKE_EXCEEDED = metricsContext.getCounter("tls_handshake_exceeded");
CNXN_CLOSED_WITHOUT_ZK_SERVER_RUNNING = metricsContext.getCounter("cnxn_closed_without_zk_server_running");
@@ -462,6 +464,13 @@ public final class ServerMetrics {
// txns to data tree.
public final Counter DIGEST_MISMATCHES_COUNT;
+ public final Counter UNSUCCESSFUL_HANDSHAKE;
+
+ /*
+ * Number of insecure connections to admin port
+ */
+ public final Counter INSECURE_ADMIN;
+
public final Counter TLS_HANDSHAKE_EXCEEDED;
public final Counter CNXN_CLOSED_WITHOUT_ZK_SERVER_RUNNING;
diff --git a/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/UnifiedConnectionFactory.java
b/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/UnifiedConnectionFactory.java
index 71622df..2176c10 100644
--- a/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/UnifiedConnectionFactory.java
+++ b/zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/UnifiedConnectionFactory.java
@@ -20,6 +20,7 @@ package org.apache.zookeeper.server.admin;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSession;
+import org.apache.zookeeper.server.ServerMetrics;
import org.eclipse.jetty.io.Connection;
import org.eclipse.jetty.io.EndPoint;
import org.eclipse.jetty.io.ssl.SslConnection;
@@ -94,6 +95,7 @@ public class UnifiedConnectionFactory extends AbstractConnectionFactory
{
} else {
sslConnection = null;
plainEndpoint = aheadEndpoint;
+ ServerMetrics.getMetrics().INSECURE_ADMIN.add(1);
}
ConnectionFactory next = connector.getConnectionFactory(nextProtocol);
|