From 1707a9682770ac065a8034a780665f6221e57959 Mon Sep 17 00:00:00 2001 From: "Wang, Fei" Date: Wed, 25 Dec 2024 13:21:06 -0800 Subject: [PATCH] Show ssl keystore expiration --- .../service/TBinaryFrontendService.scala | 7 ------- .../kyuubi/metrics/MetricsConstants.scala | 2 ++ .../server/KyuubiTBinaryFrontendService.scala | 19 +++++++++++++++++-- 3 files changed, 19 insertions(+), 9 deletions(-) diff --git a/kyuubi-common/src/main/scala/org/apache/kyuubi/service/TBinaryFrontendService.scala b/kyuubi-common/src/main/scala/org/apache/kyuubi/service/TBinaryFrontendService.scala index d98d46756ea..f90396a4736 100644 --- a/kyuubi-common/src/main/scala/org/apache/kyuubi/service/TBinaryFrontendService.scala +++ b/kyuubi-common/src/main/scala/org/apache/kyuubi/service/TBinaryFrontendService.scala @@ -97,13 +97,6 @@ abstract class TBinaryFrontendService(name: String) s"${FRONTEND_SSL_KEYSTORE_PASSWORD.key} not configured for SSL connection") } - getKeyStoreExpirationTime() match { - case Some(expiration) => - info( - s"SSL Serve KeyStore will expire after: ${Utils.getDateFromTimestamp(expiration)}") - case _ => - } - getServerSSLSocket( keyStorePath.get, keyStorePassword.get, diff --git a/kyuubi-metrics/src/main/scala/org/apache/kyuubi/metrics/MetricsConstants.scala b/kyuubi-metrics/src/main/scala/org/apache/kyuubi/metrics/MetricsConstants.scala index 336060e8f70..6e17dcbcc8a 100644 --- a/kyuubi-metrics/src/main/scala/org/apache/kyuubi/metrics/MetricsConstants.scala +++ b/kyuubi-metrics/src/main/scala/org/apache/kyuubi/metrics/MetricsConstants.scala @@ -37,6 +37,8 @@ object MetricsConstants { final private val THRIFT_BINARY_CONN = KYUUBI + "thrift.binary.connection." final private val REST_CONN = KYUUBI + "rest.connection." + final val SSL_CERT_EXPIRATION = KYUUBI + "ssl.cert.expiration" + final val CONN_OPEN: String = CONN + "opened" final val CONN_FAIL: String = CONN + "failed" final val CONN_TOTAL: String = CONN + "total" diff --git a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/KyuubiTBinaryFrontendService.scala b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/KyuubiTBinaryFrontendService.scala index 278aa67feda..c10d5031ad0 100644 --- a/kyuubi-server/src/main/scala/org/apache/kyuubi/server/KyuubiTBinaryFrontendService.scala +++ b/kyuubi-server/src/main/scala/org/apache/kyuubi/server/KyuubiTBinaryFrontendService.scala @@ -21,14 +21,14 @@ import java.util.Base64 import org.apache.hadoop.conf.Configuration -import org.apache.kyuubi.KyuubiSQLException +import org.apache.kyuubi.{KyuubiSQLException, Utils} import org.apache.kyuubi.cli.Handle import org.apache.kyuubi.config.KyuubiConf import org.apache.kyuubi.config.KyuubiConf.KYUUBI_SERVER_THRIFT_RESULTSET_DEFAULT_FETCH_SIZE import org.apache.kyuubi.config.KyuubiReservedKeys._ import org.apache.kyuubi.ha.client.{KyuubiServiceDiscovery, ServiceDiscovery} +import org.apache.kyuubi.metrics.{MetricsConstants, MetricsSystem} import org.apache.kyuubi.metrics.MetricsConstants._ -import org.apache.kyuubi.metrics.MetricsSystem import org.apache.kyuubi.service.{Serverable, Service, TBinaryFrontendService} import org.apache.kyuubi.service.TFrontendService.{CURRENT_SERVER_CONTEXT, FeServiceServerContext, OK_STATUS} import org.apache.kyuubi.session.KyuubiSessionImpl @@ -122,4 +122,19 @@ final class KyuubiTBinaryFrontendService( resp.setStatus(notSupportTokenErrorStatus) resp } + + override def start(): Unit = { + super.start() + getKeyStoreExpirationTime() match { + case Some(expiration) => + info(s"SSL Serve KeyStore will expire at: ${Utils.getDateFromTimestamp(expiration)}") + MetricsSystem.tracing { ms => + ms.registerGauge( + MetricsConstants.SSL_CERT_EXPIRATION, + expiration - System.currentTimeMillis(), + 0L) + } + case None => + } + } }