[
https://issues.apache.org/jira/browse/ARTEMIS-3915?focusedWorklogId=800753&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-800753
]
ASF GitHub Bot logged work on ARTEMIS-3915:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 15/Aug/22 22:36
Start Date: 15/Aug/22 22:36
Worklog Time Spent: 10m
Work Description: rtista opened a new pull request, #4179:
URL: https://github.com/apache/activemq-artemis/pull/4179
Hey guys,
As discussed in a thread on the developers mailing list, I've created
[ARTEMIS-3915](https://issues.apache.org/jira/browse/ARTEMIS-3915) and have
started developing support for HAProxy PROXY protocol on Artemis acceptors.
I think I've modified all the right places, and the changes are fairly
simple to review, I'm a bit unsure about the channel pipeline modification, but
I think it makes sense for the PROXY protocol handler, if configured, to be the
first in the pipeline as it represents the frontier protocol, sicne any other
handler will need the packets to first be decoded from PROXY protocol into
something else that they understand.
My work is mostly based on the [examples from
Netty](https://github.com/netty/netty/blob/4.1/example/src/main/java/io/netty/example/haproxy/HAProxyServer.java#L59).
However I have some doubts:
1. Is there any way to run the broker locally, so I can test the workflow
with an HAProxy local instance (i.e. docker)?
2. Which kind of tests should I develop for this change? I've noticed the
NettyAcceptorTest.java class (and the createServer() function) which I think
allows me to start a broker instance with PROXY protocol enabled configured
acceptors, but I'm unsure of how to send PROXY protocol encoded messages to
each of the acceptors and validate the correct operation of the broker. Below
is a sketch of what I've locally added to the test class:
```java
@Test
public void testHAProxyProxyProtocolConfiguration() throws Exception {
// Create ActiveMQ Server
ActiveMQServer server = createServer(false, createDefaultInVMConfig());
// Add all supported acceptors with proxy protocol option enabled
server.getConfiguration().addAcceptorConfiguration("mqtt",
"tcp://127.0.0.1:1883?proxyProtocolEnabled=true");
server.getConfiguration().addAcceptorConfiguration("hornetq",
"tcp://127.0.0.1:5445?proxyProtocolEnabled=true");
server.getConfiguration().addAcceptorConfiguration("amqp",
"tcp://127.0.0.1:5672?proxyProtocolEnabled=true");
server.getConfiguration().addAcceptorConfiguration("stomp",
"tcp://127.0.0.1:61613?proxyProtocolEnabled=true");
server.getConfiguration().addAcceptorConfiguration("openwire",
"tcp://127.0.0.1:61616?proxyProtocolEnabled=true");
// Start the server
server.start();
// TODO: Send packets into each of the configured protocol acceptors
}
```
I still intend to add some documentation about the this theme, and maybe an
example of a cluster deployed with an HAProxy instance which should be of great
aid to new users which require a robust high availability solution, but I'd
like to first close the implementation details.
Issue Time Tracking
-------------------
Worklog Id: (was: 800753)
Remaining Estimate: 0h
Time Spent: 10m
> Support Proxy protocol (HAProxy) on Artemis acceptors
> -----------------------------------------------------
>
> Key: ARTEMIS-3915
> URL: https://issues.apache.org/jira/browse/ARTEMIS-3915
> Project: ActiveMQ Artemis
> Issue Type: Improvement
> Components: Broker
> Reporter: João Santos
> Priority: Minor
> Time Spent: 10m
> Remaining Estimate: 0h
>
> [HAProxy|http://www.haproxy.org/] is a widely known and used TCP Load
> Balancer and especially useful for an ActiveMQ Artemis clustered environment.
> Although possible to functionally implement with both products current
> features, Artemis does not support the PROXY protocol, which prevents it's
> broker nodes from inferring the real remote client IP address when behind an
> HAProxy instance.
> Since Netty sockets implementation already seems to support this protocol
> (discussed w/ [~jbertram] on DEV mailing list), it shouldn't be a big leap to
> adding support for the protocol on Artemis acceptors, thus improving the
> deployment of the use case at hand.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
