[xDS] A65 mTLS credentials in bootstrap #12255
Conversation
ejona86
added
the
kokoro:run
grpc-kokoro
removed
the
kokoro:run
|
@ejona86 Could you please review this PR when you get a chance? Thanks! |
ejona86
added
the
kokoro:run
grpc-kokoro
removed
the
kokoro:run
Zgoda91
force-pushed
the
A65_mtls_creds_in_bootstrap
branch
from
8248816 to
faaa15c
Compare
| if (rootCertPath != null) { | ||
| try { | ||
| AdvancedTlsX509TrustManager trustManager = AdvancedTlsX509TrustManager.newBuilder().build(); | ||
| trustManager.updateTrustCredentials( |
There was a problem hiding this comment.
This and the keymanager are returning Closeable, which needs to be called when the credentials are no longer being used. The biggest problem for this feature is managing the lifetime of the ChannelCredentials so you can call Closeable when it is no longer used. Without really looking at the code (so I could be wildly off), I'd expect the ChannelCredentials to have the same lifetime as the XdsClientImpl or the GrpcXdsTransportFactory. The trouble will be propagating through the layers, so when we shut down the transport factory we can close the Closeables created here.
Although, actually digging in some, things are actually worse because the value here (via GrpcBootstrapperImpl) is getting included in a BootstrapInfo object which in SharedXdsClientPoolProvider clearly has a longer lifetime than XdsClientImpl.
There was a problem hiding this comment.
okay, got it. Thanks for the explanation. I will dig into this
| new File(rootCertPath), | ||
| refreshIntervalSeconds, | ||
| TimeUnit.SECONDS, | ||
| scheduledExecutorServiceFactory.create()); |
There was a problem hiding this comment.
We should be shutting down the executors as well, when no longer needed. We also shouldn't create two executors here; we can trivially share between the key and trust managers.
implementing gRFC A65 grpc/proposal/pull/372