Merge branch 'master' into master

jaegertracing · Jul 31, 2020 · cc6dbad · cc6dbad
2 parents 27b0f28 + 9529bee
commit cc6dbad
Show file tree

Hide file tree

Showing 32 changed files with 476 additions and 365 deletions.
diff --git a/cmd/agent/app/builder.go b/cmd/agent/app/builder.go
@@ -87,9 +87,10 @@ type ProcessorConfiguration struct {
 
 // ServerConfiguration holds config for a server that receives spans from the network
 type ServerConfiguration struct {
-	QueueSize     int    `yaml:"queueSize"`
-	MaxPacketSize int    `yaml:"maxPacketSize"`
-	HostPort      string `yaml:"hostPort" validate:"nonzero"`
+	QueueSize        int    `yaml:"queueSize"`
+	MaxPacketSize    int    `yaml:"maxPacketSize"`
+	SocketBufferSize int    `yaml:"socketBufferSize"`
+	HostPort         string `yaml:"hostPort" validate:"nonzero"`
 }
 
 // HTTPServerConfiguration holds config for a server providing sampling strategies and baggage restrictions to clients
@@ -185,6 +186,7 @@ func (c *ProcessorConfiguration) applyDefaults() {
 func (c *ServerConfiguration) applyDefaults() {
 	c.QueueSize = defaultInt(c.QueueSize, defaultQueueSize)
 	c.MaxPacketSize = defaultInt(c.MaxPacketSize, defaultMaxPacketSize)
+	c.SocketBufferSize = defaultInt(c.SocketBufferSize, 0)
 }
 
 // getUDPServer gets a TBufferedServer backed server using the server configuration
@@ -198,6 +200,11 @@ func (c *ServerConfiguration) getUDPServer(mFactory metrics.Factory) (servers.Se
 	if err != nil {
 		return nil, fmt.Errorf("cannot create UDPServerTransport: %w", err)
 	}
+	if c.SocketBufferSize != 0 {
+		if err := transport.SetSocketBufferSize(c.SocketBufferSize); err != nil {
+			return nil, fmt.Errorf("cannot set UDP socket buffer size: %w", err)
+		}
+	}
 
 	return servers.NewTBufferedServer(transport, c.QueueSize, c.MaxPacketSize, mFactory)
 }

diff --git a/cmd/agent/app/builder_test.go b/cmd/agent/app/builder_test.go
@@ -54,6 +54,11 @@ processors:
       protocol: compact
       server:
         hostPort: 2.2.2.2:6831
+    - model: jaeger
+      protocol: compact
+      server:
+        hostPort: 3.3.3.3:6831 
+        socketBufferSize: 16384
     - model: jaeger
       protocol: binary
       workers: 20
@@ -70,7 +75,7 @@ func TestBuilderFromConfig(t *testing.T) {
 	cfg := Builder{}
 	err := yaml.Unmarshal([]byte(yamlConfig), &cfg)
 	require.NoError(t, err)
-	assert.Len(t, cfg.Processors, 3)
+	assert.Len(t, cfg.Processors, 4)
 	for i := range cfg.Processors {
 		cfg.Processors[i].applyDefaults()
 		cfg.Processors[i].Server.applyDefaults()
@@ -95,6 +100,17 @@ func TestBuilderFromConfig(t *testing.T) {
 			HostPort:      "2.2.2.2:6831",
 		},
 	}, cfg.Processors[1])
+	assert.Equal(t, ProcessorConfiguration{
+		Model:    jaegerModel,
+		Protocol: compactProtocol,
+		Workers:  10,
+		Server: ServerConfiguration{
+			QueueSize:        1000,
+			MaxPacketSize:    65000,
+			HostPort:         "3.3.3.3:6831",
+			SocketBufferSize: 16384,
+		},
+	}, cfg.Processors[2])
 	assert.Equal(t, ProcessorConfiguration{
 		Model:    jaegerModel,
 		Protocol: binaryProtocol,
@@ -104,7 +120,7 @@ func TestBuilderFromConfig(t *testing.T) {
 			MaxPacketSize: 65001,
 			HostPort:      "3.3.3.3:6832",
 		},
-	}, cfg.Processors[2])
+	}, cfg.Processors[3])
 	assert.Equal(t, "4.4.4.4:5778", cfg.HTTPServer.HostPort)
 }
 
@@ -125,7 +141,7 @@ func TestBuilderWithProcessorErrors(t *testing.T) {
 	}{
 		{protocol: Protocol("bad"), err: "cannot find protocol factory for protocol bad"},
 		{protocol: compactProtocol, model: Model("bad"), err: "cannot find agent processor for data model bad"},
-		{protocol: compactProtocol, model: jaegerModel, err: "no host:port provided for udp server: {QueueSize:1000 MaxPacketSize:65000 HostPort:}"},
+		{protocol: compactProtocol, model: jaegerModel, err: "no host:port provided for udp server: {QueueSize:1000 MaxPacketSize:65000 SocketBufferSize:0 HostPort:}"},
 		{protocol: compactProtocol, model: zipkinModel, hostPort: "bad-host-port", errContains: "bad-host-port"},
 	}
 	for _, tc := range testCases {

diff --git a/cmd/agent/app/flags.go b/cmd/agent/app/flags.go
@@ -26,10 +26,11 @@ import (
 )
 
 const (
-	suffixWorkers             = "workers"
-	suffixServerQueueSize     = "server-queue-size"
-	suffixServerMaxPacketSize = "server-max-packet-size"
-	suffixServerHostPort      = "server-host-port"
+	suffixWorkers                = "workers"
+	suffixServerQueueSize        = "server-queue-size"
+	suffixServerMaxPacketSize    = "server-max-packet-size"
+	suffixServerSocketBufferSize = "server-socket-buffer-size"
+	suffixServerHostPort         = "server-host-port"
 	// HTTPServerHostPort is the flag for HTTP endpoint
 	HTTPServerHostPort = "http-server.host-port"
 )
@@ -51,6 +52,7 @@ func AddFlags(flags *flag.FlagSet) {
 		flags.Int(prefix+suffixWorkers, defaultServerWorkers, "how many workers the processor should run")
 		flags.Int(prefix+suffixServerQueueSize, defaultQueueSize, "length of the queue for the UDP server")
 		flags.Int(prefix+suffixServerMaxPacketSize, defaultMaxPacketSize, "max packet size for the UDP server")
+		flags.Int(prefix+suffixServerSocketBufferSize, 0, "socket buffer size for UDP packets in bytes")
 		flags.String(prefix+suffixServerHostPort, ":"+strconv.Itoa(p.port), "host:port for the UDP server")
 	}
 	AddOTELFlags(flags)
@@ -72,6 +74,7 @@ func (b *Builder) InitFromViper(v *viper.Viper) *Builder {
 		p.Workers = v.GetInt(prefix + suffixWorkers)
 		p.Server.QueueSize = v.GetInt(prefix + suffixServerQueueSize)
 		p.Server.MaxPacketSize = v.GetInt(prefix + suffixServerMaxPacketSize)
+		p.Server.SocketBufferSize = v.GetInt(prefix + suffixServerSocketBufferSize)
 		p.Server.HostPort = portNumToHostPort(v.GetString(prefix + suffixServerHostPort))
 		b.Processors = append(b.Processors, *p)
 	}

diff --git a/cmd/agent/app/reporter/grpc/builder_test.go b/cmd/agent/app/reporter/grpc/builder_test.go
@@ -41,6 +41,8 @@ collectorHostPorts:
     - 127.0.0.1:14269
 `
 
+var testCertKeyLocation = "../../../../../pkg/config/tlscfg/testdata/"
+
 type noopNotifier struct{}
 
 func (noopNotifier) Register(chan<- []string) {}
@@ -151,7 +153,7 @@ func TestProxyBuilder(t *testing.T) {
 				CollectorHostPorts: []string{"localhost:0000"},
 				TLS: tlscfg.Options{
 					Enabled: true,
-					CAPath:  "testdata/not/valid",
+					CAPath:  testCertKeyLocation + "/not/valid",
 				},
 			},
 			expectError: true,
@@ -162,9 +164,9 @@ func TestProxyBuilder(t *testing.T) {
 				CollectorHostPorts: []string{"localhost:0000"},
 				TLS: tlscfg.Options{
 					Enabled:  true,
-					CAPath:   "testdata/testCA.pem",
-					CertPath: "testdata/client.jaeger.io-client.pem",
-					KeyPath:  "testdata/client.jaeger.io-client-key.pem",
+					CAPath:   testCertKeyLocation + "/wrong-CA-cert.pem",
+					CertPath: testCertKeyLocation + "/example-client-cert.pem",
+					KeyPath:  testCertKeyLocation + "/example-client-key.pem",
 				},
 			},
 			expectError: false,
@@ -210,88 +212,88 @@ func TestProxyClientTLS(t *testing.T) {
 			name: "should fail with TLS client to untrusted TLS server",
 			serverTLS: tlscfg.Options{
 				Enabled:  true,
-				CertPath: "testdata/server.jaeger.io.pem",
-				KeyPath:  "testdata/server.jaeger.io-key.pem",
+				CertPath: testCertKeyLocation + "/example-server-cert.pem",
+				KeyPath:  testCertKeyLocation + "/example-server-key.pem",
 			},
 			clientTLS: tlscfg.Options{
 				Enabled:    true,
-				ServerName: "server.jaeger.io",
+				ServerName: "example.com",
 			},
 			expectError: true,
 		},
 		{
 			name: "should fail with TLS client to trusted TLS server with incorrect hostname",
 			serverTLS: tlscfg.Options{
 				Enabled:  true,
-				CertPath: "testdata/server.jaeger.io.pem",
-				KeyPath:  "testdata/server.jaeger.io-key.pem",
+				CertPath: testCertKeyLocation + "/example-server-cert.pem",
+				KeyPath:  testCertKeyLocation + "/example-server-key.pem",
 			},
 			clientTLS: tlscfg.Options{
 				Enabled: true,
-				CAPath:  "testdata/rootCA.pem",
+				CAPath:  testCertKeyLocation + "/example-CA-cert.pem",
 			},
 			expectError: true,
 		},
 		{
 			name: "should pass with TLS client to trusted TLS server with correct hostname",
 			serverTLS: tlscfg.Options{
 				Enabled:  true,
-				CertPath: "testdata/server.jaeger.io.pem",
-				KeyPath:  "testdata/server.jaeger.io-key.pem",
+				CertPath: testCertKeyLocation + "/example-server-cert.pem",
+				KeyPath:  testCertKeyLocation + "/example-server-key.pem",
 			},
 			clientTLS: tlscfg.Options{
 				Enabled:    true,
-				CAPath:     "testdata/rootCA.pem",
-				ServerName: "server.jaeger.io",
+				CAPath:     testCertKeyLocation + "/example-CA-cert.pem",
+				ServerName: "example.com",
 			},
 			expectError: false,
 		},
 		{
 			name: "should fail with TLS client without cert to trusted TLS server requiring cert",
 			serverTLS: tlscfg.Options{
 				Enabled:      true,
-				CertPath:     "testdata/server.jaeger.io.pem",
-				KeyPath:      "testdata/server.jaeger.io-key.pem",
-				ClientCAPath: "testdata/rootCA.pem",
+				CertPath:     testCertKeyLocation + "/example-server-cert.pem",
+				KeyPath:      testCertKeyLocation + "/example-server-key.pem",
+				ClientCAPath: testCertKeyLocation + "/example-CA-cert.pem",
 			},
 			clientTLS: tlscfg.Options{
 				Enabled:    true,
-				CAPath:     "testdata/rootCA.pem",
-				ServerName: "server.jaeger.io",
+				CAPath:     testCertKeyLocation + "/example-CA-cert.pem",
+				ServerName: "example.com",
 			},
 			expectError: true,
 		},
 		{
 			name: "should fail with TLS client without cert to trusted TLS server requiring cert from a different CA",
 			serverTLS: tlscfg.Options{
 				Enabled:      true,
-				CertPath:     "testdata/server.jaeger.io.pem",
-				KeyPath:      "testdata/server.jaeger.io-key.pem",
-				ClientCAPath: "testdata/testCA.pem", // NB: wrong CA
+				CertPath:     testCertKeyLocation + "/example-server-cert.pem",
+				KeyPath:      testCertKeyLocation + "/example-server-key.pem",
+				ClientCAPath: testCertKeyLocation + "/wrong-CA-cert.pem", // NB: wrong CA
 			},
 			clientTLS: tlscfg.Options{
 				Enabled:    true,
-				CAPath:     "testdata/rootCA.pem",
-				ServerName: "server.jaeger.io",
-				CertPath:   "testdata/client.jaeger.io-client.pem",
-				KeyPath:    "testdata/client.jaeger.io-client-key.pem",
+				CAPath:     testCertKeyLocation + "/example-CA-cert.pem",
+				ServerName: "example.com",
+				CertPath:   testCertKeyLocation + "/example-client-cert.pem",
+				KeyPath:    testCertKeyLocation + "/example-client-key.pem",
 			},
 			expectError: true,
 		},
 		{
 			name: "should pass with TLS client with cert to trusted TLS server requiring cert",
 			serverTLS: tlscfg.Options{
 				Enabled:      true,
-				CertPath:     "testdata/server.jaeger.io.pem",
-				KeyPath:      "testdata/server.jaeger.io-key.pem",
-				ClientCAPath: "testdata/rootCA.pem",
+				CertPath:     testCertKeyLocation + "/example-server-cert.pem",
+				KeyPath:      testCertKeyLocation + "/example-server-key.pem",
+				ClientCAPath: testCertKeyLocation + "/example-CA-cert.pem",
 			},
 			clientTLS: tlscfg.Options{
 				Enabled:    true,
-				CAPath:     "testdata/rootCA.pem",
-				ServerName: "server.jaeger.io",
-				CertPath:   "testdata/client.jaeger.io-client.pem",
-				KeyPath:    "testdata/client.jaeger.io-client-key.pem",
+				CAPath:     testCertKeyLocation + "/example-CA-cert.pem",
+				ServerName: "example.com",
+				CertPath:   testCertKeyLocation + "/example-client-cert.pem",
+				KeyPath:    testCertKeyLocation + "/example-client-key.pem",
 			},
 			expectError: false,
 		},

diff --git a/cmd/agent/app/reporter/grpc/testdata/client.jaeger.io-client-key.pem b/cmd/agent/app/reporter/grpc/testdata/client.jaeger.io-client-key.pem
diff --git a/cmd/agent/app/reporter/grpc/testdata/client.jaeger.io-client.pem b/cmd/agent/app/reporter/grpc/testdata/client.jaeger.io-client.pem
diff --git a/cmd/agent/app/reporter/grpc/testdata/rootCA-key.pem b/cmd/agent/app/reporter/grpc/testdata/rootCA-key.pem
diff --git a/cmd/agent/app/reporter/grpc/testdata/rootCA.pem b/cmd/agent/app/reporter/grpc/testdata/rootCA.pem