[GitHub] [arrow-rs] alamb commented on a diff in pull request #3388: Make FlightSQL Support HTTPs

Fri, 23 Dec 2022 04:26:22 -0800 


alamb commented on code in PR #3388:
URL: https://github.com/apache/arrow-rs/pull/3388#discussion_r1056306404


##########
arrow-flight/src/sql/client.rs:
##########
@@ -71,6 +74,43 @@ impl FlightSqlServiceClient {
             .http2_keep_alive_interval(Duration::from_secs(300))
             .keep_alive_timeout(Duration::from_secs(20))
             .keep_alive_while_idle(true);
+
+        let channel = endpoint.connect().await.map_err(|e| {
+            ArrowError::IoError(format!("Cannot connect to endpoint: {}", e))
+        })?;
+        Ok(Self::new(channel))
+    }
+
+    /// Creates a new HTTPs FlightSql Client that connects via TCP to a server

Review Comment:
   Very cool 👍 



##########
arrow-flight/src/sql/client.rs:
##########
@@ -71,6 +74,43 @@ impl FlightSqlServiceClient {
             .http2_keep_alive_interval(Duration::from_secs(300))
             .keep_alive_timeout(Duration::from_secs(20))
             .keep_alive_while_idle(true);
+
+        let channel = endpoint.connect().await.map_err(|e| {
+            ArrowError::IoError(format!("Cannot connect to endpoint: {}", e))
+        })?;
+        Ok(Self::new(channel))
+    }
+
+    /// Creates a new HTTPs FlightSql Client that connects via TCP to a server
+    #[cfg(feature = "tls")]
+    pub async fn new_with_endpoint(
+        client_ident: Identity,
+        server_ca: Certificate,
+        domain: &str,
+        host: &str,
+        port: u16,
+    ) -> Result<Self, ArrowError> {
+        let addr = format!("https://{}:{}";, host, port);
+
+        let endpoint = Endpoint::new(addr)
+            .map_err(|_| ArrowError::IoError("Cannot create 
endpoint".to_string()))?
+            .connect_timeout(Duration::from_secs(20))
+            .timeout(Duration::from_secs(20))
+            .tcp_nodelay(true) // Disable Nagle's Algorithm since we don't 
want packets to wait
+            .tcp_keepalive(Option::Some(Duration::from_secs(3600)))
+            .http2_keep_alive_interval(Duration::from_secs(300))
+            .keep_alive_timeout(Duration::from_secs(20))
+            .keep_alive_while_idle(true);
+
+        let tls_config = ClientTlsConfig::new()
+            .domain_name(domain)
+            .ca_certificate(server_ca)
+            .identity(client_ident);
+
+        let endpoint = endpoint
+            .tls_config(tls_config)
+            .map_err(|_| ArrowError::IoError("Cannot create 
endpoint".to_string()))?;
+
         let channel = endpoint.connect().await.map_err(|e| {

Review Comment:
   FWIW my eventual plan is to change the signature of the FlightSQL client to 
be `fn new(channel: Channel)` (thus leaving the TLS configuration / setup up to 
the caller. It is great to have an example implementation / test in arrow-rs  
however



##########
.github/workflows/arrow_flight.yml:
##########
@@ -59,6 +59,9 @@ jobs:
       - name: Test --examples
         run: |
           cargo test -p arrow-flight  --features=flight-sql-experimental 
--examples
+      - name: Test --examples with TLS

Review Comment:
   👨‍🍳 👌 
   
   Very nice -- thank you @viirya 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to