Move credentials settings merging out of RemoteClusterService
#135491
Conversation
Addresses a second settings cleanup request comment from PR 133834, moving the settings merging and creation of a LinkedProjectConfig out of RemoteClusterService and into TransportReloadRemoteClusterCredentialsAction. This is one step closer to eliminating the Settings based code in RemoteClusterService so it operates on LinkedProjectConfig objects only. Resolves: ES-12864
JeremyDahlgren
added
:Distributed Coordination/Network
| public synchronized void updateRemoteClusterCredentials(Supplier<Settings> settingsSupplier, ActionListener<Void> listener) { | ||
| /** | ||
| * Rebuilds linked project connections as needed for updated remote cluster credentials. | ||
| * @param settingsSupplier A {@link Supplier} for the updated credentials {@link Settings}. | ||
| * @param configFunction A function that builds a {@link LinkedProjectConfig} for an alias, static settings, and new settings. | ||
| * @param listener An {@link ActionListener} invoked once all connection modifications have been completed. | ||
| */ | ||
| public synchronized void updateRemoteClusterCredentials( | ||
| Supplier<Settings> settingsSupplier, | ||
| TriFunction<String, Settings, Settings, LinkedProjectConfig> configFunction, | ||
| ActionListener<Void> listener |
There was a problem hiding this comment.
I'm not fond of the way this PR turned out. I think I would prefer moving the code in updateRemoteClusterCredentials() into TransportReloadRemoteClusterCredentialsAction, and have TransportReloadRemoteClusterCredentialsAction call RemoteClusterService. maybeRebuildConnectionOnCredentialsChange() with a LinkedProjectConfig as needed. We could add a getter on RemoteClusterService for the RemoteClusterCredentialsManager.
Yang's comment discusses using ClusterSettingsLinkedProjectConfigService, but we aren't aware of or have access to one, or a LinkedProjectConfigService here. I may be misunderstanding what he is suggesting to do here.
There was a problem hiding this comment.
I haven't wrapped my head around this and what the cleanest approach here would be but in case this is useful:
We can easily expose LinkedProjectConfigService to TransportReloadRemoteClusterCredentialsAction by injecting it during node construction:
final var linkedProjectConfigService = pluginsService.loadSingletonServiceProvider(
LinkedProjectConfigService.class,
() -> new ClusterSettingsLinkedProjectConfigService(settings, clusterService.getClusterSettings(), projectResolver)
);
modules.bindToInstance(LinkedProjectConfigService.class, linkedProjectConfigService);exposes it to all TransportActions:
@Inject
public TransportReloadRemoteClusterCredentialsAction(
TransportService transportService,
ClusterService clusterService,
ActionFilters actionFilters,
LinkedProjectConfigService linkedProjectConfigService
)
There was a problem hiding this comment.
@JeremyDahlgren
My previous comment was indeed a bit vague. It took me a while to remember what I was thinking. 🤦 Sorry for the confusion.
My main point is to remove "settings usage for remote cluster config" as much as possible from RemoteClusterService since we now have the unified LinkedProjectConfig object. Hence I mostly like to see us removing maybeRebuildConnectionOnCredentialsChange from RemoteClusterService or at least it should not take Settings but instead LinkedProjectConfig as input.
For concrete changes:
- I think "add a getter on RemoteClusterService for the RemoteClusterCredentialsManager" seems a reasonable near term option. I assume this means we call
RemoteClusterCredentialsManager#updateClusterCredentialswithin the transport action. Conceptually this makes sense since with the unified config object,RemoteClusterServiceshould remove itself from dealing with these lower level updates and in long term,RemoteClusterCredentialsManagermight need to be managed independently and injected to places. One thing to note is that this means the process of "updating credentials and rebuilding connection" will be performed in twosynchronizedblocks instead of one. It feels OK to me sinceclusterCredentialsis updated as a volatile field and should not have any visible intermediate state. - You are right that
LinkedProjectConfigServiceis not accessible inRemoteClusterService. If we go with your suggestion of moving the logic to the transport action, we should be able to keep the code mostly as is exception in a different class.
Addresses a second settings cleanup request comment from #133834, moving the settings merging and creation of a
LinkedProjectConfigout ofRemoteClusterServiceand intoTransportReloadRemoteClusterCredentialsAction.This is one step closer to eliminating the
Settingsbased code inRemoteClusterServiceso it operates onLinkedProjectConfigobjects only.Resolves: ES-12864