Skip to content
This repository has been archived by the owner on Oct 28, 2024. It is now read-only.

Anil db/v0.39 #39

Merged
merged 2 commits into from
Sep 27, 2024
Merged

Anil db/v0.39 #39

merged 2 commits into from
Sep 27, 2024
+26 −7

Conversation

anil-db
Copy link
Collaborator

@anil-db anil-db commented Sep 27, 2024
edited
Loading

an upstream pull has also been created vectordotdev#21365

we have a usecase where server is behind a reverse proxy and it selects the right backend based on SNI provided.

This PR adds options to set SNI which sending to other IP/domain. this unblocks the nephos use case where we can use local envoy to connect VA.

test configuration:

{
    "sinks": {
	    "grpc_aggregator": {
            "address": "https://127.0.0.1:443",
            "inputs": [
                "http"
            ],
            "tls": {
	        "ca_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/testCA.pem",
                "crt_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/localhostcrt.pem",
                "key_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/localhostkey.pem",	    
                "enabled": true,
                "verify_certificate": true,
                "verify_hostname": false,
		"server_name": "www.example.com"
            },
            "type": "vector"
        },
	    "aggregator": {
            "uri": "https://127.0.0.1:444",
	    "encoding": {
                  "codec": "json"             },
            "inputs": [
                "http"
            ],
            "tls": {
                "ca_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/testCA.pem",
                "crt_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/localhostcrt.pem",
                "key_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/localhostkey.pem",
                "verify_certificate": true,
                "verify_hostname": false,
		"server_name": "www.example.com"
            },
            "type": "http"
        },
	"print": {
            "encoding": {
                "codec": "json"
            },
            "inputs": [
                "http2",
		"agent"
            ],
            "type": "console"
        }
    },
    "sources": {
	"agent": {
            "address": "0.0.0.0:443",
            "tls": {
                "alpn_protocols": [
                    "h2"
                ],
		"ca_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/testCA.pem",
                "crt_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/localhostcrt.pem",
                "enabled": true,
                "key_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/localhostkey.pem",
                "verify_certificate": true,
                "verify_hostname": false
            },
            "type": "vector"
        },
        "http": {
            "address": "0.0.0.0:6000",
            "framing": {
                "method": "bytes"
            },
            "headers": [

            ],
            "keepalive": {
                "max_connection_age_secs": 300
            },
            "strict_path": false,
            "tls": {
                "alpn_protocols": [
                    "h2"
                ],
                "ca_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/testCA.pem",
                "crt_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/localhostcrt.pem",
                "enabled": true,
                "key_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/localhostkey.pem",
                "verify_certificate": false
            },
            "type": "http_server"
        },
	"http2": {
            "address": "0.0.0.0:444",
            "framing": {
                "method": "bytes"
            },
            "headers": [

            ],
            "keepalive": {
                "max_connection_age_secs": 300
            },
            "strict_path": false,
            "tls": {
                "alpn_protocols": [
                    "h2"
                ],
                "ca_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/testCA.pem",
                "crt_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/localhostcrt.pem",
                "enabled": true,
                "key_file": "/Users/anil.gupta/universe/woodchuck/regtests/resources/localhostkey.pem",
                "verify_certificate": false
            },
            "type": "http_server"
        }
    }
}

sent log data to http source using curl -k "https://localhost:6000" -d "hi"
and captured client hello frame from wrieshark on triggered by http sink and other triggered by vector sink

Screenshot 2024-09-26 at 10 34 13 PM Screenshot 2024-09-26 at 10 34 19 PM

@anil-db anil-db merged commit e4c8e6d into databricks:v0.39 Sep 27, 2024
39 of 43 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@flaviofcruz flaviofcruz flaviofcruz approved these changes

@andrewma2 andrewma2 Awaiting requested review from andrewma2

Assignees
No one assigned
Labels
domain: core
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@anil-db @flaviofcruz