Does KPL support proxy configurations? - amazon-kinesis-kpl

I have Spring beans configured in a microservice as follows that I'm using to connect to Kinesis:
#Bean
// ClientConfiguration has proxy protocol, proxy host, and proxy port set
public AmazonKinesisAsync amazonKinesisAsync(ClientConfiguration clientConfiguration, AppProperties properties) {
return AmazonKinesisAsyncClientBuilder.standard().
withClientConfiguration(clientConfiguration).withRegion(properties.getRegion()).build();
}
#Bean
public KinesisProducerConfiguration kinesisProducerConfiguration(AppProperties properties) {
return new KinesisProducerConfiguration()
.setRegion(properties.getRegion());
}
This GH issue states that the KPL doesn't support proxy configuration, but I'm hoping there is a way to utilize KPL behind a firewall. So, my main question is whether or not KPL supports proxy configuration, and if not, how can I use KPL/KCL behind a corporate firewall? I've read about AWS Kinesis VPC Endpoints here, so would this be the only alternative we would have if we can't use KPL with a proxy configuration?

Related

How to configure spring-boot application to use custom HostnameVerifier?

I have a system of several spring-boot 2.1.x applications, communicating over https. The hostnames are generated at runtime, according to a naming schema, with variable suffixes - and the IP addresses are also generated at runtime, in an OpenShift environment. The idea is that the certificate CNs don't match the runtime hostnames.
The http client that I am using in these applications is netty.
I want to be able to use my custom implementation of the HostnameVerifier interface - or any other similar method, but I don't know how to get a handle on the netty client configuration from Spring environment:
public class TrustAllHostnames implements HostnameVerifier {
#Override
public boolean verify(String hostname, SSLSession sslSession) {
// incomplete
return true;
}
}

How to call external non REST API from a spring cloud micro-service that use eureka to call other internal micro-service?

In our project we use Spring cloud + Eureka as service registry.
When we use the ribbon client to call internal micro-services, all URL are resolved via Eureka ... that's a problem to call external URLs.
As external API are old fashioned usage of Feign doesn't seem to be good choice.
What's the best way to call an external URL from such a service ?
Thanks in advance
Patrice
One way working:
Use two configurations.
Declare your RestTemplate Bean to call external services like this:
#Primary
#Qualifier("withoutEureka")
#Bean
public RestTemplate restTemplate(){
...
}
Inject this reference in your client this way
#Bean
public MyClientForExtCall myClientForExtCall(#Qualifier("withoutEureka")RestTemplate restTemplate)
In the other configuration use the restTemplate as usual, but don't forget to use another qualifier
#LoadBalanced
#Bean
#Qualifier("withEureka")
public RestTemplate loadBalancedEureka(){
...
}
#Bean
public MyClientForInternal myClientForInternal(#Qualifier("withoutEureka")RestTemplate restTemplate)
Patrice
You can use Ribbon without Eureka. For external APIs where you cannot configure in Eureka to abstract the discover. You can hard code their URLs in client and configure server list. The Ribbon client defaults to a configured server list, and you can supply the configuration like this:
stores:
ribbon:
listOfServers: example.com, google.com

Have ribbon use a custom SSLContext

I have a spring boot app with zuul and ribbon (no eureka) and I need to forward all traffic over https with mutual tls. The keystore and password are all automatically generated by an internal framework. At the end I end up with an SSLContext spring bean which I would like ribbon to use when forwarding zuul requests. Now my question is how do I force ribbon to use my SSLContext?
Thanks in advance!
I figured it out. You need to register your own SSLSocketFactory and initialize it with your own SSLContext. Then set the ribbon property ribbon.CustomSSLSocketFactoryClassName: full-path-to-your-CustomSslSocketFactory
public class CustomSslSocketFactory extends SSLSocketFactory {
public CustomSslSocketFactory() throws Exception {
super(SSLContextConfig.createSSLContext());
}
}

How to pass binary data between microservices in Spring Cloud?

I'd like to ask. How to pass binary data between microservices in Spring Cloud?
Should (Can) I use #FeignClient or #RibbonClient ? How it should be? I've already read that #FeignClient is not deal with this issue What else? OkHttp?
Thx in advance
Spring Cloud integrates with some http clients, like you mentioned. Ribbon has some non-http clients/transports built in, but I haven't used that and AFIAK, netflix doesn't use them either.
You can use the Spring Cloud LoadBalancerClient interface directly. It gives you access to a host and port, then you can use any client you want.
public class MyClass {
#Autowired
private LoadBalancerClient loadBalancer;
public void doStuff() {
ServiceInstance instance = loadBalancer.choose("myService");
String host = instance.getHost();
int port = instance.getPort();
// ... do something with the host and port
}
}
I also did a sample integration with OkHttp.

How to use Spring Cloud with ElasticMQ

We want to use Spring Cloud for AWS SQS, but it seems to me that it only allows us to specify region. Can we fake it so that it uses ElasticMQ (on localhost:9320 for instance)? I didn't find an easy way to do this without editing hosts file and putting certificates on localhost
I found a way after some research.
You should set an endpoint after AmazonSQS instance is injected in order to override the already set endpoint, as so:
#Autowired
public void setAmazonSqs(AmazonSQS amazonSqs)
{
this.amazonSqs = amazonSqs;
// use elasticMQ if spring default profile is used; no active profiles
if (environment.getActiveProfiles().length == 0)
{
amazonSqs.setEndpoint("http://localhost:9320");
}
}
it is up to you if you're going to use QueueMessagingTemplate, anyway you should modify the injected AmazonSQS instance.

Resources