Infinispan Server: remote protocols improvements

A couple of weeks ago, Infinispan 5.3.0.Beta1 was released, which brought a slew of improvements to two of the remoting protocols: Hot Rod and REST. This week’s 5.3.0.Beta2 brings even more goodies: the ability to expose the same container over multiple Hot Rod endpoints and the integration of the WebSocket endpoint. We’ve also been working on fleshing out the documentation for the server.

Hot Rod SSL

Hot Rod, Infinispan’s own high-performance, topology aware protocol, has gained the ability to encrypt the communication using SSL and optionally require client certificate authentication. While this is still not the full-blown authentication/authorization infrastructure we will be implementing for Infinispan 6.0, it is the first step in that direction. In the context of the Infinispan Server, setting this up is quite simple. Download the Infinispan Server distribution from http://www.jboss.org/infinispan/downloads and unzip it. Next create a keystore with a self-signed certificate:

$ keytool -genkey -alias hotrod -keyalg RSA -keystore keystore.jks -keysize 2048 Enter keystore password:  secret Re-enter new password: secret What is your first and last name?   [Unknown]:  HotRod What is the name of your organizational unit?   [Unknown]:  Infinispan What is the name of your organization?   [Unknown]:  JBoss What is the name of your City or Locality?   [Unknown]:  Red Hat What is the name of your State or Province?   [Unknown]:  World What is the two-letter country code for this unit?   [Unknown]:  WW Is CN=HotRod, OU=Infinispan, O=JBoss, L=Red Hat, ST=World, C=WW correct?   [no]:  yes

Enter key password for <hotrod>     (RETURN if same as keystore password):

Put the keystore in the standalone/configuration directory together with the standalone-hotrod-ssl.xml from the docs/examples/configs directory. Now start the server using bin/standalone.sh -c standalone-hotrod-ssl.xml This will start a server with a HotRod endpoint on port 11222 which will only accept SSL connections.

Now we need a client:

This client needs to find the keystore.jks file you generated above.

Hot Rod container sharing

Another feature added to the Hot Rod endpoint is the ability to share the same container between multiple endpoints, and exposing them on different interfaces. This could be used to offer an unencrypted backend endpoint to be used by "internal" servers to populate the cache and an encrypted frontend endpoint to be used by "external" applications. With the future addition of authorization, this will offer the ability to handle many types of security scenarios.

REST Extended Headers

The REST endpoint now returns the Expires header for mortal entries. It will also return additional headers when the extended query parameter is added, e.g. GET /cacheName/cacheKey?extended will return the following custom headers:

  • Cluster-Primary-Owner: the node name of the primary owner for this key

  • Cluster-Node-Name: the JGroups node name of the server that has handled the request

  • Cluster-Physical-Address: the physical JGroups address of the server that has handled the request.

With the introduction of custom metadata, courtesy of ISPN-2281, we will also allow returning that information too.

REST Collections

Another improvement made to the REST endpoint is the ability to retrieve all keys in a cache, by simply invoking a GET /cacheName This will return a list of keys present in the given cacheName as the body of the response. The format of the response can be controlled via the Accept header as follows:

  • application/xml - the list of keys will be returned in XML format.

  • application/json - the list of keys will be return in JSON format.

  • text/html - the list of keys will be returned in HTML format.

  • text/plain - the list of keys will be returned in plain text format, one key per line

If the cache identified by cacheName is distributed, only the keys owned by the node handling the request will be returned. To return all keys, append the "global" parameter to the query, as follows: GET /cacheName?global

WebSocket endpoint

The WebSocket endpoint is now finally part of the new Infinispan Server package. Bear in mind that this is just a pure WebSocket server. When we will be able to upgrade our base from AS 7.x to WildFly 8 we will be able to take advantage of the new Undertow web server which has native support for WebSockets.

News

Tags

JUGs alpha as7 asymmetric clusters asynchronous beta c++ cdi chat clustering community conference configuration console data grids data-as-a-service database devoxx distributed executors docker event functional grouping and aggregation hotrod infinispan java 8 jboss cache jcache jclouds jcp jdg jpa judcon kubernetes listeners meetup minor release off-heap openshift performance presentations product protostream radargun radegast recruit release release 8.2 9.0 final release candidate remote query replication queue rest query security spring streams transactions vert.x workshop 8.1.0 API DSL Hibernate-Search Ickle Infinispan Query JP-QL JSON JUGs JavaOne LGPL License NoSQL Open Source Protobuf SCM administration affinity algorithms alpha amazon anchored keys annotations announcement archetype archetypes as5 as7 asl2 asynchronous atomic maps atomic objects availability aws beer benchmark benchmarks berkeleydb beta beta release blogger book breizh camp buddy replication bugfix c# c++ c3p0 cache benchmark framework cache store cache stores cachestore cassandra cdi cep certification cli cloud storage clustered cache configuration clustered counters clustered locks codemotion codename colocation command line interface community comparison compose concurrency conference conferences configuration console counter cpp-client cpu creative cross site replication csharp custom commands daas data container data entry data grids data structures data-as-a-service deadlock detection demo deployment dev-preview development devnation devoxx distributed executors distributed queries distribution docker documentation domain mode dotnet-client dzone refcard ec2 ehcache embedded embedded query equivalence event eviction example externalizers failover faq final fine grained flags flink full-text functional future garbage collection geecon getAll gigaspaces git github gke google graalvm greach conf gsoc hackergarten hadoop hbase health hibernate hibernate ogm hibernate search hot rod hotrod hql http/2 ide index indexing india infinispan infinispan 8 infoq internationalization interoperability interview introduction iteration javascript jboss as 5 jboss asylum jboss cache jbossworld jbug jcache jclouds jcp jdbc jdg jgroups jopr jpa js-client jsr 107 jsr 347 jta judcon kafka kubernetes lambda language learning leveldb license listeners loader local mode lock striping locking logging lucene mac management map reduce marshalling maven memcached memory migration minikube minishift minor release modules mongodb monitoring multi-tenancy nashorn native near caching netty node.js nodejs non-blocking nosqlunit off-heap openshift operator oracle osgi overhead paas paid support partition handling partitioning performance persistence podcast presentation presentations protostream public speaking push api putAll python quarkus query quick start radargun radegast react reactive red hat redis rehashing releaase release release candidate remote remote events remote query replication rest rest query roadmap rocksdb ruby s3 scattered cache scripting second level cache provider security segmented server shell site snowcamp spark split brain spring spring boot spring-session stable standards state transfer statistics storage store store by reference store by value streams substratevm synchronization syntax highlighting tdc testing tomcat transactions tutorial uneven load user groups user guide vagrant versioning vert.x video videos virtual nodes vote voxxed voxxed days milano wallpaper websocket websockets wildfly workshop xsd xsite yarn zulip
Posted by Tristan Tarrant on 2013-05-17
Tags:
back to top