Comments (9)
I think seems after 389 version, api "ui/api/stats" of health check became an internal api (meaning login is required).
so maybe necessary to modify code of http request in order to get login token.
here is just login demo:
public static String getTrinoClusterToken(String targetUrl, MonitorConfiguration monitorConfiguration){
HttpURLConnection loginConnection = null;
try{
URL loginUrl = new URL(String.format("%s/ui/login", targetUrl));
loginConnection = (HttpURLConnection) loginUrl.openConnection();
loginConnection.setRequestMethod("POST");
loginConnection.setDoOutput(true);
loginConnection.setInstanceFollowRedirects(false);
loginConnection.addRequestProperty("Content-Type", "application/x-www-form-urlencoded");
loginConnection.setRequestProperty("charset", "utf-8");
String password = "";
if(!Strings.isNullOrEmpty(monitorConfiguration.getMonitorPassword())){
password = monitorConfiguration.getMonitorPassword();
}
String loginData = String.format("username=%s&password=%s", monitorConfiguration.getMonitorUser(), password);
byte[] postData = loginData.getBytes( StandardCharsets.UTF_8);
loginConnection.connect();
DataOutputStream out = new DataOutputStream(loginConnection.getOutputStream());
out.write(postData);
String token = loginConnection.getHeaderField("Set-Cookie");
out.close();
// data simple: Trino-UI-Token=xx;Version=1;Path=/ui;HttpOnly
// so we need split by ;
return token.split(";")[0];
}catch (Exception e){
log.error("Error login trino cluster from {},reason is: {}", targetUrl, e);
}finally {
if (loginConnection != null) {
loginConnection.disconnect();
}
}
return "";
}
after obtain login token, change healthy check http request code:
public static String requestTrinoClusterStatsWithToken(String targetUrl, String token){
HttpURLConnection apiConnection = null;
try{
URL apiURL = new URL(String.format("%s/ui/api/stats", targetUrl));
apiConnection = (HttpURLConnection) apiURL.openConnection();
apiConnection.setRequestMethod("GET");
apiConnection.setRequestProperty("Cookie", token);
int responseCode = apiConnection.getResponseCode();
if (responseCode == HttpStatus.SC_OK) {
BufferedReader reader = new BufferedReader(new InputStreamReader((InputStream) apiConnection.getContent()));
StringBuilder sb = new StringBuilder();
String line;
while ((line = reader.readLine()) != null) {
sb.append(line).append("\n");
}
return sb.toString();
}
}catch (Exception e){
log.error("Error fetching cluster stats from [{}]", targetUrl, e);
}finally {
if (apiConnection != null){
apiConnection.disconnect();
}
}
return null;
}
and healthy check logic works.
from presto-gateway.
but if you just want to confirm that cluster is healthy. maybe only change url from "/ui/api/stats" to "/v1/status"
from presto-gateway.
This seems like something that should be supported, would be good for someone to validate this behavior if possible
from presto-gateway.
I've added an option to my fork to query system.runtime.nodes
and system.runtime.queries
via JDBC with JWT authn instead of using the /ui/api/stats
endpoint. In my case we require OAuth for the WebUI, so the gateway can't use any /ui/api
endpoints.
I'm happy to contribute back if it is of general interest.
from presto-gateway.
Trying to leverage ActiveClusterMonitor and met the same problem, I was thinking if only for health check purpose v1/status or v1/info/state should be enough, but if we want to get /ui/api/stats to work requires adding a certificate? Happy to discuss more.
from presto-gateway.
Hi @willmostly
Thanks for the info, and for offering to make you contributions available. This would definitely be of interest to me, and I suspect others in the community are using JWT auth too...
Austin
from presto-gateway.
Just a heads up @ccchenhe @ahackett, this issue has been fixed and uses /ui/api/stats
for jdbc/http in trinodb/trino-gateway trinodb/trino-gateway@11b2dd2#diff-a3a976d789379cd160fbc2e9281073d96aa6e682e9d9e9ab67883992acaeeab2
For http and jdbc it uses username/pwd set in backendStateConfiguration
from presto-gateway.
uhuh
from presto-gateway.
boobs
from presto-gateway.
Related Issues (20)
- Please help me understand how resourcegroup works here HOT 3
- Random "Error opening rules configuration file" when using Routing Rule Engine
- Utilization based load balancing support
- Getting '401 Unauthorized' in ActiveClusterMonitor HOT 2
- implement TLS/SSL support in the gw-server HOT 1
- why presto-gateway cache queryId?
- Example on how to use queue size based load balancer HOT 1
- Change the name to Trino HOT 3
- Why resource_group_id is varchar type in exact_match_source_selectors? HOT 1
- Gateway isn't able to pick routingRules property in gateway-ha-config.yml file HOT 1
- Field 'query_id' doesn't have a default value HOT 1
- Error opening rules configuration file, using routing group header as default
- proxying failure HOT 1
- Version compatibility
- How to run this project in Intellij debug mode?
- 500: Request header too large HOT 1
- gateway
- Incorrect parameter type in /presto/selector/read/{resourceGroupId}
- how do i exclude vulnerable cipher keys in lyft
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from presto-gateway.