Enroll Node API doesn't return a cluster name (#74514)
During implementation we discovered that the clusters should not necessarily have a unique name and thus we don't need to convey this information in the response of the Enroll Node API.
This commit is contained in:
Ioannis Kakavas
GitHub
parent
49ca629b62
commit
74932503a6
|
|
@ -23,16 +23,14 @@ public class NodeEnrollmentResponse {
|
|||
private final String httpCaCert;
|
||||
private final String transportKey;
|
||||
private final String transportCert;
|
||||
private final String clusterName;
|
||||
private final List<String> nodesAddresses;
|
||||
|
||||
public NodeEnrollmentResponse(String httpCaKey, String httpCaCert, String transportKey, String transportCert, String clusterName,
|
||||
public NodeEnrollmentResponse(String httpCaKey, String httpCaCert, String transportKey, String transportCert,
|
||||
List<String> nodesAddresses){
|
||||
this.httpCaKey = httpCaKey;
|
||||
this.httpCaCert = httpCaCert;
|
||||
this.transportKey = transportKey;
|
||||
this.transportCert = transportCert;
|
||||
this.clusterName = clusterName;
|
||||
this.nodesAddresses = Collections.unmodifiableList(nodesAddresses);
|
||||
}
|
||||
|
||||
|
|
@ -52,10 +50,6 @@ public class NodeEnrollmentResponse {
|
|||
return transportCert;
|
||||
}
|
||||
|
||||
public String getClusterName() {
|
||||
return clusterName;
|
||||
}
|
||||
|
||||
public List<String> getNodesAddresses() {
|
||||
return nodesAddresses;
|
||||
}
|
||||
|
|
@ -64,7 +58,6 @@ public class NodeEnrollmentResponse {
|
|||
private static final ParseField HTTP_CA_CERT = new ParseField("http_ca_cert");
|
||||
private static final ParseField TRANSPORT_KEY = new ParseField("transport_key");
|
||||
private static final ParseField TRANSPORT_CERT = new ParseField("transport_cert");
|
||||
private static final ParseField CLUSTER_NAME = new ParseField("cluster_name");
|
||||
private static final ParseField NODES_ADDRESSES = new ParseField("nodes_addresses");
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
|
|
@ -75,9 +68,8 @@ public class NodeEnrollmentResponse {
|
|||
final String httpCaCert = (String) a[1];
|
||||
final String transportKey = (String) a[2];
|
||||
final String transportCert = (String) a[3];
|
||||
final String clusterName = (String) a[4];
|
||||
final List<String> nodesAddresses = (List<String>) a[5];
|
||||
return new NodeEnrollmentResponse(httpCaKey, httpCaCert, transportKey, transportCert, clusterName, nodesAddresses);
|
||||
final List<String> nodesAddresses = (List<String>) a[4];
|
||||
return new NodeEnrollmentResponse(httpCaKey, httpCaCert, transportKey, transportCert, nodesAddresses);
|
||||
});
|
||||
|
||||
static {
|
||||
|
|
@ -85,7 +77,6 @@ public class NodeEnrollmentResponse {
|
|||
PARSER.declareString(ConstructingObjectParser.constructorArg(), HTTP_CA_CERT);
|
||||
PARSER.declareString(ConstructingObjectParser.constructorArg(), TRANSPORT_KEY);
|
||||
PARSER.declareString(ConstructingObjectParser.constructorArg(), TRANSPORT_CERT);
|
||||
PARSER.declareString(ConstructingObjectParser.constructorArg(), CLUSTER_NAME);
|
||||
PARSER.declareStringArray(ConstructingObjectParser.constructorArg(), NODES_ADDRESSES);
|
||||
}
|
||||
|
||||
|
|
@ -98,11 +89,11 @@ public class NodeEnrollmentResponse {
|
|||
if (o == null || getClass() != o.getClass()) return false;
|
||||
NodeEnrollmentResponse that = (NodeEnrollmentResponse) o;
|
||||
return httpCaKey.equals(that.httpCaKey) && httpCaCert.equals(that.httpCaCert) && transportKey.equals(that.transportKey)
|
||||
&& transportCert.equals(that.transportCert) && clusterName.equals(that.clusterName)
|
||||
&& transportCert.equals(that.transportCert)
|
||||
&& nodesAddresses.equals(that.nodesAddresses);
|
||||
}
|
||||
|
||||
@Override public int hashCode() {
|
||||
return Objects.hash(httpCaKey, httpCaCert, transportKey, transportCert, clusterName, nodesAddresses);
|
||||
return Objects.hash(httpCaKey, httpCaCert, transportKey, transportCert, nodesAddresses);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2881,8 +2881,7 @@ public class SecurityDocumentationIT extends ESRestHighLevelClientTestCase {
|
|||
String httpCaCert = response.getHttpCaCert(); // <2>
|
||||
String transportKey = response.getTransportKey(); // <3>
|
||||
String transportCert = response.getTransportCert(); // <4>
|
||||
String clusterName = response.getClusterName(); // <5>
|
||||
List<String> nodesAddresses = response.getNodesAddresses(); // <6>
|
||||
List<String> nodesAddresses = response.getNodesAddresses(); // <5>
|
||||
// end::node-enrollment-response
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -37,8 +37,7 @@ for the HTTP layer, as a Base64 encoded string of the ASN.1 DER encoding of the
|
|||
encoded string of the ASN.1 DER encoding of the key.
|
||||
<4> The certificate that the node can use for TLS for its transport layer, as a Base64
|
||||
encoded string of the ASN.1 DER encoding of the certificate.
|
||||
<5> The name of the cluster the new node is joining
|
||||
<6> A list of transport addresses in the form of `host:port` for the nodes that are already
|
||||
<5> A list of transport addresses in the form of `host:port` for the nodes that are already
|
||||
members of the cluster.
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -39,8 +39,7 @@ The API returns a response such as
|
|||
"http_ca_cert" : "MIIJlAIBAzCCCVoGCSqGSIb3DQEHAaCCCUsEgglHMIIJQzCCA98GCSqGSIb3DQ....vsDfsA3UZBAjEPfhubpQysAICCAA=", <2>
|
||||
"transport_key" : "MIIEJgIBAzCCA98GCSqGSIb3DQEHAaCCA9AEggPMMIIDyDCCA8QGCSqGSIb3....YuEiOXvqZ6jxuVSQ0CAwGGoA==", <3>
|
||||
"transport_cert" : "MIIEJgIBAzCCA98GCSqGSIb3DQEHAaCCA9AEggPMMIIDyDCCA8QGCSqGSIb3....YuEiOXvqZ6jxuVSQ0CAwGGoA==", <4>
|
||||
"cluster_name" : "cluster-name", <5>
|
||||
"nodes_addresses" : [ <6>
|
||||
"nodes_addresses" : [ <5>
|
||||
"192.168.1.2:9300"
|
||||
]
|
||||
}
|
||||
|
|
@ -53,6 +52,5 @@ The API returns a response such as
|
|||
string of the ASN.1 DER encoding of the key.
|
||||
<4> The certificate that the node can use for TLS for its transport layer, as a Base64 encoded
|
||||
string of the ASN.1 DER encoding of the certificate.
|
||||
<5> The name of the cluster the new node is joining
|
||||
<6> A list of transport addresses in the form of `host:port` for the nodes that are already
|
||||
<5> A list of transport addresses in the form of `host:port` for the nodes that are already
|
||||
members of the cluster.
|
||||
|
|
|
|||
|
|
@ -25,14 +25,12 @@ public final class NodeEnrollmentResponse extends ActionResponse implements ToXC
|
|||
private static final ParseField HTTP_CA_CERT = new ParseField("http_ca_cert");
|
||||
private static final ParseField TRANSPORT_KEY = new ParseField("transport_key");
|
||||
private static final ParseField TRANSPORT_CERT = new ParseField("transport_cert");
|
||||
private static final ParseField CLUSTER_NAME = new ParseField("cluster_name");
|
||||
private static final ParseField NODES_ADDRESSES = new ParseField("nodes_addresses");
|
||||
|
||||
private final String httpCaKey;
|
||||
private final String httpCaCert;
|
||||
private final String transportKey;
|
||||
private final String transportCert;
|
||||
private final String clusterName;
|
||||
private final List<String> nodesAddresses;
|
||||
|
||||
public NodeEnrollmentResponse(StreamInput in) throws IOException {
|
||||
|
|
@ -41,17 +39,15 @@ public final class NodeEnrollmentResponse extends ActionResponse implements ToXC
|
|||
httpCaCert = in.readString();
|
||||
transportKey = in.readString();
|
||||
transportCert = in.readString();
|
||||
clusterName = in.readString();
|
||||
nodesAddresses = in.readStringList();
|
||||
}
|
||||
|
||||
public NodeEnrollmentResponse(String httpCaKey, String httpCaCert, String transportKey, String transportCert, String clusterName,
|
||||
public NodeEnrollmentResponse(String httpCaKey, String httpCaCert, String transportKey, String transportCert,
|
||||
List<String> nodesAddresses) {
|
||||
this.httpCaKey = httpCaKey;
|
||||
this.httpCaCert = httpCaCert;
|
||||
this.transportKey = transportKey;
|
||||
this.transportCert = transportCert;
|
||||
this.clusterName = clusterName;
|
||||
this.nodesAddresses = nodesAddresses;
|
||||
}
|
||||
|
||||
|
|
@ -71,10 +67,6 @@ public final class NodeEnrollmentResponse extends ActionResponse implements ToXC
|
|||
return transportCert;
|
||||
}
|
||||
|
||||
public String getClusterName() {
|
||||
return clusterName;
|
||||
}
|
||||
|
||||
public List<String> getNodesAddresses() {
|
||||
return nodesAddresses;
|
||||
}
|
||||
|
|
@ -84,7 +76,6 @@ public final class NodeEnrollmentResponse extends ActionResponse implements ToXC
|
|||
out.writeString(httpCaCert);
|
||||
out.writeString(transportKey);
|
||||
out.writeString(transportCert);
|
||||
out.writeString(clusterName);
|
||||
out.writeStringCollection(nodesAddresses);
|
||||
}
|
||||
|
||||
|
|
@ -94,7 +85,6 @@ public final class NodeEnrollmentResponse extends ActionResponse implements ToXC
|
|||
builder.field(HTTP_CA_CERT.getPreferredName(), httpCaCert);
|
||||
builder.field(TRANSPORT_KEY.getPreferredName(), transportKey);
|
||||
builder.field(TRANSPORT_CERT.getPreferredName(), transportCert);
|
||||
builder.field(CLUSTER_NAME.getPreferredName(), clusterName);
|
||||
builder.field(NODES_ADDRESSES.getPreferredName(), nodesAddresses);
|
||||
return builder.endObject();
|
||||
}
|
||||
|
|
@ -104,11 +94,11 @@ public final class NodeEnrollmentResponse extends ActionResponse implements ToXC
|
|||
if (o == null || getClass() != o.getClass()) return false;
|
||||
NodeEnrollmentResponse that = (NodeEnrollmentResponse) o;
|
||||
return httpCaKey.equals(that.httpCaKey) && httpCaCert.equals(that.httpCaCert) && transportKey.equals(that.transportKey)
|
||||
&& transportCert.equals(that.transportCert) && clusterName.equals(that.clusterName)
|
||||
&& transportCert.equals(that.transportCert)
|
||||
&& nodesAddresses.equals(that.nodesAddresses);
|
||||
}
|
||||
|
||||
@Override public int hashCode() {
|
||||
return Objects.hash(httpCaKey, httpCaCert, transportKey, transportCert, clusterName, nodesAddresses);
|
||||
return Objects.hash(httpCaKey, httpCaCert, transportKey, transportCert, nodesAddresses);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -31,7 +31,6 @@ public class NodeEnrollementResponseTests extends AbstractXContentTestCase<NodeE
|
|||
assertThat(response.getHttpCaCert(), is(serialized.getHttpCaCert()));
|
||||
assertThat(response.getTransportKey(), is(serialized.getTransportKey()));
|
||||
assertThat(response.getTransportCert(), is(serialized.getTransportCert()));
|
||||
assertThat(response.getClusterName(), is(serialized.getClusterName()));
|
||||
assertThat(response.getNodesAddresses(), is(serialized.getNodesAddresses()));
|
||||
}
|
||||
}
|
||||
|
|
@ -43,7 +42,6 @@ public class NodeEnrollementResponseTests extends AbstractXContentTestCase<NodeE
|
|||
randomAlphaOfLengthBetween(50, 100),
|
||||
randomAlphaOfLengthBetween(50, 100),
|
||||
randomAlphaOfLengthBetween(50, 100),
|
||||
randomAlphaOfLength(10),
|
||||
randomList(10, () -> buildNewFakeTransportAddress().toString()));
|
||||
}
|
||||
|
||||
|
|
@ -59,7 +57,6 @@ public class NodeEnrollementResponseTests extends AbstractXContentTestCase<NodeE
|
|||
private static final ParseField HTTP_CA_CERT = new ParseField("http_ca_cert");
|
||||
private static final ParseField TRANSPORT_KEY = new ParseField("transport_key");
|
||||
private static final ParseField TRANSPORT_CERT = new ParseField("transport_cert");
|
||||
private static final ParseField CLUSTER_NAME = new ParseField("cluster_name");
|
||||
private static final ParseField NODES_ADDRESSES = new ParseField("nodes_addresses");
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
|
|
@ -70,9 +67,8 @@ public class NodeEnrollementResponseTests extends AbstractXContentTestCase<NodeE
|
|||
final String httpCaCert = (String) a[1];
|
||||
final String transportKey = (String) a[2];
|
||||
final String transportCert = (String) a[3];
|
||||
final String clusterName = (String) a[4];
|
||||
final List<String> nodesAddresses = (List<String>) a[5];
|
||||
return new NodeEnrollmentResponse(httpCaKey, httpCaCert, transportKey, transportCert, clusterName, nodesAddresses);
|
||||
final List<String> nodesAddresses = (List<String>) a[4];
|
||||
return new NodeEnrollmentResponse(httpCaKey, httpCaCert, transportKey, transportCert, nodesAddresses);
|
||||
});
|
||||
|
||||
static {
|
||||
|
|
@ -80,7 +76,6 @@ public class NodeEnrollementResponseTests extends AbstractXContentTestCase<NodeE
|
|||
PARSER.declareString(ConstructingObjectParser.constructorArg(), HTTP_CA_CERT);
|
||||
PARSER.declareString(ConstructingObjectParser.constructorArg(), TRANSPORT_KEY);
|
||||
PARSER.declareString(ConstructingObjectParser.constructorArg(), TRANSPORT_CERT);
|
||||
PARSER.declareString(ConstructingObjectParser.constructorArg(), CLUSTER_NAME);
|
||||
PARSER.declareStringArray(ConstructingObjectParser.constructorArg(), NODES_ADDRESSES);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,6 @@ import org.elasticsearch.action.admin.cluster.node.info.NodesInfoRequest;
|
|||
import org.elasticsearch.action.support.ActionFilters;
|
||||
import org.elasticsearch.action.support.HandledTransportAction;
|
||||
import org.elasticsearch.client.Client;
|
||||
import org.elasticsearch.cluster.service.ClusterService;
|
||||
import org.elasticsearch.core.Tuple;
|
||||
import org.elasticsearch.common.inject.Inject;
|
||||
import org.elasticsearch.transport.TransportInfo;
|
||||
|
|
@ -42,16 +41,14 @@ import static org.elasticsearch.xpack.core.ClientHelper.executeAsyncWithOrigin;
|
|||
|
||||
public class TransportNodeEnrollmentAction extends HandledTransportAction<NodeEnrollmentRequest, NodeEnrollmentResponse> {
|
||||
private final Environment environment;
|
||||
private final ClusterService clusterService;
|
||||
private final SSLService sslService;
|
||||
private final Client client;
|
||||
|
||||
@Inject
|
||||
public TransportNodeEnrollmentAction(TransportService transportService, ClusterService clusterService, SSLService sslService,
|
||||
Client client, ActionFilters actionFilters, Environment environment) {
|
||||
public TransportNodeEnrollmentAction(TransportService transportService, SSLService sslService, Client client,
|
||||
ActionFilters actionFilters, Environment environment) {
|
||||
super(NodeEnrollmentAction.NAME, transportService, actionFilters, NodeEnrollmentRequest::new);
|
||||
this.environment = environment;
|
||||
this.clusterService = clusterService;
|
||||
this.sslService = sslService;
|
||||
this.client = client;
|
||||
}
|
||||
|
|
@ -115,7 +112,6 @@ public class TransportNodeEnrollmentAction extends HandledTransportAction<NodeEn
|
|||
httpCaCert,
|
||||
transportKey,
|
||||
transportCert,
|
||||
clusterService.getClusterName().value(),
|
||||
nodeList));
|
||||
} catch (CertificateEncodingException e) {
|
||||
listener.onFailure(new ElasticsearchException("Unable to enroll node", e));
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ import org.elasticsearch.action.support.PlainActionFuture;
|
|||
import org.elasticsearch.client.Client;
|
||||
import org.elasticsearch.cluster.ClusterName;
|
||||
import org.elasticsearch.cluster.node.DiscoveryNode;
|
||||
import org.elasticsearch.cluster.service.ClusterService;
|
||||
import org.elasticsearch.common.settings.MockSecureSettings;
|
||||
import org.elasticsearch.common.settings.Settings;
|
||||
import org.elasticsearch.common.transport.BoundTransportAddress;
|
||||
import org.elasticsearch.common.transport.TransportAddress;
|
||||
|
|
@ -75,21 +75,20 @@ public class TransportNodeEnrollmentActionTests extends ESTestCase {
|
|||
Files.copy(getDataPath("/org/elasticsearch/xpack/security/action/enrollment/transport.p12"), transportPath);
|
||||
when(env.configFile()).thenReturn(tempDir);
|
||||
final SSLService sslService = mock(SSLService.class);
|
||||
final MockSecureSettings secureSettings = new MockSecureSettings();
|
||||
secureSettings.setString("keystore.secure_password", "password");
|
||||
final Settings httpSettings = Settings.builder()
|
||||
.put("keystore.path", "httpCa.p12")
|
||||
.put("keystore.password", "password")
|
||||
.put("keystore.path", httpCaPath)
|
||||
.setSecureSettings(secureSettings)
|
||||
.build();
|
||||
final SSLConfiguration httpSslConfiguration = new SSLConfiguration(httpSettings);
|
||||
when(sslService.getHttpTransportSSLConfiguration()).thenReturn(httpSslConfiguration);
|
||||
final Settings transportSettings = Settings.builder()
|
||||
.put("keystore.path", "transport.p12")
|
||||
.put("keystore.path", transportPath)
|
||||
.put("keystore.password", "password")
|
||||
.build();
|
||||
final SSLConfiguration transportSslConfiguration = new SSLConfiguration(transportSettings);
|
||||
when(sslService.getTransportSSLConfiguration()).thenReturn(transportSslConfiguration);
|
||||
final ClusterService clusterService = mock(ClusterService.class);
|
||||
final String clusterName = randomAlphaOfLengthBetween(6, 10);
|
||||
when(clusterService.getClusterName()).thenReturn(new ClusterName(clusterName));
|
||||
final ThreadContext threadContext = new ThreadContext(Settings.EMPTY);
|
||||
final ThreadPool threadPool = mock(ThreadPool.class);
|
||||
when(threadPool.getThreadContext()).thenReturn(threadContext);
|
||||
|
|
@ -132,12 +131,11 @@ public class TransportNodeEnrollmentActionTests extends ESTestCase {
|
|||
Collections.emptySet());
|
||||
|
||||
final TransportNodeEnrollmentAction action =
|
||||
new TransportNodeEnrollmentAction(transportService, clusterService, sslService, client, mock(ActionFilters.class), env);
|
||||
new TransportNodeEnrollmentAction(transportService, sslService, client, mock(ActionFilters.class), env);
|
||||
final NodeEnrollmentRequest request = new NodeEnrollmentRequest();
|
||||
final PlainActionFuture<NodeEnrollmentResponse> future = new PlainActionFuture<>();
|
||||
action.doExecute(mock(Task.class), request, future);
|
||||
final NodeEnrollmentResponse response = future.get();
|
||||
assertThat(response.getClusterName(), equalTo(clusterName));
|
||||
assertSameCertificate(response.getHttpCaCert(), httpCaPath, "password".toCharArray(), true);
|
||||
assertSameCertificate(response.getTransportCert(), transportPath, "password".toCharArray(), false);
|
||||
assertThat(response.getNodesAddresses().size(), equalTo(numberOfNodes));
|
||||
|
|
|
|||
Loading…
Reference in New Issue