You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 46 Next »

IDIEP-79
Author Pavel Pereslegin 
Sponsor
Created13 Oct 2021
StatusDRAFT


Motivation

When implementing microservices, users are often face with the task of separating the business logic from the common "middleware" logic.

An example of a typical “middleware” task is auditing calls to business service methods (the system must understand which user called which methods and with what result).

Modern frameworks such as gRPC and Apache Thrift provide a very flexible API for implementing request interceptors, with which you can solve almost any middleware task.

Apache Ignite does not provide any mechanisms for solving such problems in general. The user needs to implement it himself, which often results in a lot of boilerplate code. 

Description

The Ignite Service Grid must support the following capabilities:

  1. Ability to pass custom context from caller to service (similar to HTTP request headers).
  2. Ability to define custom interceptors for service calls.

Suggested design

New public API entities

  • ServiceCallContext -  immutable map of custom parameters to be implicitly passed to the service.
  • ServiceCallInterceptor  - intercepts service method calls.
  • ServiceInterceptorContext -  extended mutable version of caller context (interceptor obtains method call parameters from it and can use it to update the caller context).
  • ServiceInterceptException - unchecked exception that is used to highlight the exception that occurred during method interception (not execution).

Java API

ServiceCallInterceptor 
public interface ServiceCallInterceptor extends Serializable {
    public default void onInvoke(ServiceInterceptorContext ctx) throws ServiceInterceptException {
        // No-op.
    }

    public default void onComplete(@Nullable Object res, ServiceInterceptorContext ctx) throws ServiceInterceptException {
        // No-op.
    }

    public default void onError(Throwable err, ServiceInterceptorContext ctx) {
        // No-op.
    }
}
ServiceCallContext 
public interface ServiceCallContext {
    public String attribute(String name);

    public byte[] binaryAttribute(String name);
}
ServiceInterceptorContext 
public interface ServiceInterceptorContext extends ServiceCallContext {
    public String method();

    public @Nullable Object[] arguments();

    public void attribute(String name, String val);

    public void binaryAttribute(String name, byte[] val);
}

Usage example

Diagram

Code

example usage in Java 
        ServiceCallInterceptor security = new ServiceCallInterceptor() {
            @Override public void onInvoke(ServiceInterceptorContext ctx) throws ServiceInterceptException {
                // Check permission before execution of the method.
                if (!CustomSecurityProvider.get().access(ctx.method(), ctx.attribute("sessionId")))
                    throw new SecurityException("Method invocation is not permitted");
            }
        }

        ServiceCallInterceptor audit = new ServiceCallInterceptor() {
            @Override public void onInvoke(ServiceInterceptorContext ctx) {
                // Record an event before execution of the method.
                AuditProvider.get().recordStartEvent(ctx.method(), ctx.attribute("sessionId"));
            }

            @Override public void onComplete(@Nullable Object res, ServiceInterceptorContext ctx) {
                AuditProvider.get().recordFinishEvent(ctx.method(), ctx.attribute("sessionId"));
            }

            @Override public void onError(Throwable err, ServiceInterceptorContext ctx) {
                AuditProvider.get().recordError(ctx.method(), ctx.attribute("sessionId"), err.getMessage());
            }
        }

        // Set context parameters for service proxy.
        ServiceCallContext ctx = ServiceCallContext.builder().put("sessionId", sessionId).build();

        ServiceConfiguration svcCfg = new ServiceConfiguration()
            .setName("service")
            .setService(new MyServiceImpl())
            .setMaxPerNodeCount(1)
            .setInterceptors(security, audit);

        // Deploy service.
        ignite.services().deploy(svcCfg);

        MyService proxy = ignite.services().serviceProxy("service", MyService.class, false, ctx, 0);

        // A business method call to be intercepted.
        proxy.placeOrder(order1);
        proxy.placeOrder(order2);

Implementation notes

Interceptor only applies to user-defined business methods and does not apply to service lifecycle methods - init, execute and cancel,

Interceptor can modify ServiceCallContext, but Service methods can only read it.

If an interceptor has been specified, but the user has not passed the caller context through the proxy, it will be created dynamically.

Deployment

One service can have several interceptors. They are defined using the service configuration and deployed with the service.

Interceptor is located and executed where the service is implemented (for Java service - on Java side, for .NET-service on .NET side without any additional serialization).

To add/remove interceptor - service should be redeployed.

Resource injection and lifecycle

Interceptor must support ignite instance resource injection.

(question) Interceptor should be LifeCycleAware

Exception handling

// todo  ServiceInterceptException

(question) If an interceptor throws an exception, then processing is aborted, but the exception is passed to all listed interceptors (onError)

Passing Context in the Service Chain

// todo explain forwardCallerContext


Limitations


Risks and Assumptions


Discussion Links

https://lists.apache.org/thread.html/r4236c1f23e524dc969bc55057467a2bbe7f9a59a6db7c7fcdc1b7d37%40%3Cdev.ignite.apache.org%3E

Reference Links


Tickets

key summary type created updated due assignee reporter priority status resolution

JQL and issue key arguments for this macro require at least one Jira application link to be configured

  • No labels

Apache Ignite