Skip to content

Commit

Permalink
Maint/hazelcast properties (#206)
Browse files Browse the repository at this point in the history 
* ♻️ gateway refactor hazelcast properties

* 📝 gateway document hazelcast properties

* 📝 gateway document hazelcast module java properties

* 📝 gateway document hazelcast kubernetes

* 🎨 gateway sportless format

* ♻️ gateway rm hazelcast kubernetes namespace as auto discovered

* ♻️ gateway refactor properties load

* ♻️ gateway refactor properties load
  • Loading branch information
@simonhir
simonhir authored Oct 15, 2024
1 parent 7a9e350 commit 46aa999
Show file tree
Hide file tree
Showing 4 changed files with 74 additions and 32 deletions.
46 changes: 36 additions & 10 deletions refarch-gateway/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,16 +41,17 @@ Beside the default behaviour there are some special route prefixes which are han

## Configuration

| Var | Description | Example |
|----------------------------------------------------------|----------------------------------------------------|-------------------------------------------------------------------------|
| `SPRING_PROFILES_ACTIVE` | See profiles | `local,hazelcast-local` |
| `SPRING_CLOUD_GATEWAY_ROUTES_<index>_ID` | Id of a route definition. | `backend` |
| `SPRING_CLOUD_GATEWAY_ROUTES_<index>_URI` | The uri to route to if this route matches. | `http://backend-service:8080/` |
| `SPRING_CLOUD_GATEWAY_ROUTES_<index>_PREDICATES_<index>` | Route predicates i.e. matcher. | `Path=/api/backend-service/**` |
| `SPRING_CLOUD_GATEWAY_ROUTES_<index>_FILTERS_<index>` | List of filters applied to the route. | `RewritePath=/api/backend-service/(?<urlsegments>.*), /$\{urlsegments}` |
| `ALLOWED_ORIGINS_PUBLIC` (optional) | List of urls allowed as origin for public routes. | `https://*.example.com,http://localhost:*` |
| `ALLOWED_ORIGINS_CLIENTS` (optional) | List of urls allowed as origin for clients routes. | `https://*.example.com,http://localhost:*` |
| `REFARCH_SECURITY_CSRFWHITELISTED_<index>` (optional) | List of routes to disable csrf protection for. | `/example/**` |
| Var | Description | Example |
|----------------------------------------------------------|-------------------------------------------------------------------|-------------------------------------------------------------------------|
| `SPRING_PROFILES_ACTIVE` | See profiles | `local,hazelcast-local` |
| `SPRING_CLOUD_GATEWAY_ROUTES_<index>_ID` | Id of a route definition. | `backend` |
| `SPRING_CLOUD_GATEWAY_ROUTES_<index>_URI` | The uri to route to if this route matches. | `http://backend-service:8080/` |
| `SPRING_CLOUD_GATEWAY_ROUTES_<index>_PREDICATES_<index>` | Route predicates i.e. matcher. | `Path=/api/backend-service/**` |
| `SPRING_CLOUD_GATEWAY_ROUTES_<index>_FILTERS_<index>` | List of filters applied to the route. | `RewritePath=/api/backend-service/(?<urlsegments>.*), /$\{urlsegments}` |
| `REFARCH_HAZELCAST_SERVICENAME` | Kubernetes service name for when using profile `hazelcast-k8s`. | |
| `ALLOWED_ORIGINS_PUBLIC` (optional) | List of urls allowed as origin for public routes. | `https://*.example.com,http://localhost:*` |
| `ALLOWED_ORIGINS_CLIENTS` (optional) | List of urls allowed as origin for clients routes. | `https://*.example.com,http://localhost:*` |
| `REFARCH_SECURITY_CSRFWHITELISTED_<index>` (optional) | List of routes to disable csrf protection for. | `/example/**` |

### Security

Expand Down Expand Up @@ -78,3 +79,28 @@ spring:
# needed for userInfo endpoint
scope: profile, openid
```
### Hazelcast
Beside the already mentioned properties Hazelcast also has the following requirements.
#### Modular java
See https://docs.hazelcast.com/hazelcast/5.5/getting-started/install-hazelcast#using-modular-java
Following Java options need to be set.
For the gateway image this can be done with `JAVA_OPTS_APPEND`.
```
--add-modules java.se \
--add-exports java.base/jdk.internal.ref=ALL-UNNAMED \
--add-opens java.base/java.lang=ALL-UNNAMED \
--add-opens java.base/java.nio=ALL-UNNAMED \
--add-opens java.base/sun.nio.ch=ALL-UNNAMED \
--add-opens java.management/sun.management=ALL-UNNAMED \
--add-opens jdk.management/com.ibm.lang.management.internal=ALL-UNNAMED \
--add-opens jdk.management/com.sun.management.internal=ALL-UNNAMED
```
#### Kubernetes
For running Hazelcast with profile `hazelcast-k8s` in Kubernetes port `5701` needs to be accessible.
This need to be configured for the Service and Deployment.
5 changes: 2 additions & 3 deletions refarch-gateway/src/main/java/de/muenchen/refarch/gateway/ApiGatewayApplication.java
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
package de.muenchen.refarch.gateway;

import de.muenchen.refarch.gateway.configuration.SecurityProperties;
import jakarta.annotation.PostConstruct;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.context.properties.ConfigurationPropertiesScan;
import reactor.core.publisher.Hooks;

/**
Expand All @@ -30,7 +29,7 @@
* "https://cloud.spring.io/spring-cloud-gateway/reference/html/">https://cloud.spring.io/spring-cloud-gateway/reference/html/</a>
*/
@SpringBootApplication
@EnableConfigurationProperties(SecurityProperties.class)
@ConfigurationPropertiesScan
public class ApiGatewayApplication {

public static void main(final String[] args) {
Expand Down
27 changes: 27 additions & 0 deletions ...-gateway/src/main/java/de/muenchen/refarch/gateway/configuration/HazelcastProperties.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
package de.muenchen.refarch.gateway.configuration;

import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.RequiredArgsConstructor;
import org.springframework.boot.context.properties.ConfigurationProperties;

@Getter
@RequiredArgsConstructor
@AllArgsConstructor
@ConfigurationProperties("refarch.hazelcast")
@SuppressWarnings("PMD.ImmutableField")
public class HazelcastProperties {
/**
* Name of the hazelcast cluster.
*/
private String clusterName = "session_replication_group";
/**
* Name of the hazelcast instance.
*/
private String instanceName = "hazl_instance";
/**
* Kubernetes service name.
* Required for running hazelcast inside kubernetes.
*/
private String serviceName;
}
28 changes: 9 additions & 19 deletions ...onfiguration/WebSessionConfiguration.java → ...ion/WebSessionHazelcastConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
import com.hazelcast.core.Hazelcast;
import com.hazelcast.core.HazelcastInstance;
import com.hazelcast.map.IMap;
import lombok.RequiredArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
Expand All @@ -28,19 +29,10 @@
@Configuration
@EnableSpringWebSession
@Profile({ "hazelcast-local", "hazelcast-k8s" })
public class WebSessionConfiguration {
@RequiredArgsConstructor
public class WebSessionHazelcastConfiguration {

@Value("${hazelcast.instance:hazl_instance}")
public String hazelcastInstanceName;

@Value("${hazelcast.group-name:session_replication_group}")
public String groupConfigName;

@Value("${app.spring-session-hazelcast.namespace:my_namespace}")
public String openshiftNamespace;

@Value("${hazelcast.openshift-service-name:apigateway}")
public String openshiftServiceName;
private final HazelcastProperties hazelcastProperties;

@Bean
public ServerOAuth2AuthorizedClientRepository authorizedClientRepository() {
Expand All @@ -64,8 +56,8 @@ public Config localConfig(@Value(
"${spring.session.timeout}"
) final int timeout) {
final Config hazelcastConfig = new Config();
hazelcastConfig.setInstanceName(hazelcastInstanceName);
hazelcastConfig.setClusterName(groupConfigName);
hazelcastConfig.setClusterName(hazelcastProperties.getClusterName());
hazelcastConfig.setInstanceName(hazelcastProperties.getInstanceName());

addSessionTimeoutToHazelcastConfig(hazelcastConfig, timeout);

Expand All @@ -84,17 +76,15 @@ public Config localConfig(@Value(
@Profile({ "hazelcast-k8s" })
public Config config(@Value("${spring.session.timeout}") final int timeout) {
final Config hazelcastConfig = new Config();
hazelcastConfig.setInstanceName(hazelcastInstanceName);
hazelcastConfig.setClusterName(groupConfigName);
hazelcastConfig.setClusterName(hazelcastProperties.getClusterName());
hazelcastConfig.setInstanceName(hazelcastProperties.getInstanceName());

addSessionTimeoutToHazelcastConfig(hazelcastConfig, timeout);

hazelcastConfig.getNetworkConfig().getJoin().getMulticastConfig().setEnabled(false);
hazelcastConfig.getNetworkConfig().getJoin().getKubernetesConfig().setEnabled(true)
// explicitly configure namespace because default env lookup is not always correct
.setProperty("namespace", openshiftNamespace)
//If we don't set a specific name, it would call -all- services within a namespace
.setProperty("service-name", openshiftServiceName);
.setProperty("service-name", hazelcastProperties.getServiceName());

return hazelcastConfig;
}
Expand Down

0 comments on commit 46aa999

Please sign in to comment.