Add service-loaded extension points for channel initialization #13565
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
chrisvest
requested review from
normanmaurer,
trustin,
ejona86,
violetagg and
idelpivnitskiy
|
FYI @vietj |
mostroverkhov
suggested changes
Aug 25, 2023
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtensions.java
Outdated
Show resolved
Hide resolved
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtension.java
Outdated
Show resolved
Hide resolved
normanmaurer
requested changes
Aug 25, 2023
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtension.java
Outdated
Show resolved
Hide resolved
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtension.java
Outdated
Show resolved
Hide resolved
|
@mostroverkhov @normanmaurer Addressed your comments. |
transport/src/main/java/io/netty/bootstrap/AbstractBootstrap.java
Outdated
Show resolved
Hide resolved
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtensions.java
Show resolved
Hide resolved
transport/src/main/java/io/netty/bootstrap/AbstractBootstrap.java
Outdated
Show resolved
Hide resolved
mostroverkhov
approved these changes
Aug 26, 2023
|
@mostroverkhov Did some more cleanup based on your comments. |
transport/src/main/java/io/netty/bootstrap/AbstractBootstrap.java
Outdated
Show resolved
Hide resolved
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtensions.java
Outdated
Show resolved
Hide resolved
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtensions.java
Show resolved
Hide resolved
| * | ||
| * @return The priority. | ||
| */ | ||
| public double priority() { |
There was a problem hiding this comment.
- Curious why
doubleinstead ofint/long? To allow users sneaking in any position, even if other extensions use0and1.0? - Usually, the recommended approach for
ServiceLoaderproviders to implement them in a way that order doesn't matter. Even if we addpriority, users can easily abuse it by always specifying highest/lowest priority for their extensions, resulting in the same undefined ordering asServiceLoaderprovides by default. Consider adding it later, if there is a use-case. As we learn how users use extensions, there might be a better approach instead of a double. For example, in the future we can add smth likebefore(Class)/after(Class)if there is a need to execute one extension before/after another.
There was a problem hiding this comment.
Usually, the recommended approach for ServiceLoader providers to implement them in a way that order doesn't matter.
That is still the recommended approach, hence a default implementation is provided, returning a default value.
For example, in the future we can add smth like
before(Class)/after(Class)if there is a need to execute one extension before/after another.
Such methods can create ambiguous partial orderings. A value with inherent total ordering cannot.
There was a problem hiding this comment.
@idelpivnitskiy does this work for you ?
There was a problem hiding this comment.
Don't have a strong opinion here, we can defer adding priorities or keep it as-is.
Such methods can create ambiguous partial orderings. A value with inherent total ordering cannot.
The total ordering requires developers to know what all other providers exist and even after they assign a priority value for their provider, it doesn't mean that the other provider can not change its priority later. With before/after it's easier to target explicit providers. For example, a security provider can always be after logging provider. On the other hand, before/after required explicit dependency on another provider to access its class. So, each approach has pros and cons.
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtension.java
Outdated
Show resolved
Hide resolved
normanmaurer
requested changes
Sep 5, 2023
transport/src/main/java/io/netty/bootstrap/AbstractBootstrap.java
Outdated
Show resolved
Hide resolved
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtension.java
Show resolved
Hide resolved
chrisvest
force-pushed
the
41-ch-init-ext
branch
from
86a8d22
to
76f1942
Compare
|
I had a discussion about this with @idelpivnitskiy and we realized that the whole deal with I have also extended the use of the system property to add support for a |
chrisvest
force-pushed
the
41-ch-init-ext
branch
from
e4fb319
to
579f800
Compare
idelpivnitskiy
approved these changes
Sep 7, 2023
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtension.java
Outdated
Show resolved
Hide resolved
chrisvest
force-pushed
the
41-ch-init-ext
branch
from
a7acd08
to
4e4866c
Compare
|
I have added a commit so the |
normanmaurer
requested changes
Sep 11, 2023
ejona86
reviewed
Sep 11, 2023
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtensions.java
Outdated
Show resolved
Hide resolved
chrisvest
force-pushed
the
41-ch-init-ext
branch
from
66beba1
to
02f8981
Compare
|
@ejona86 I followed what gRPC does with the class loader, while also having what I think is a reasonable default. Please take a look. |
ejona86
reviewed
Sep 15, 2023
transport/src/main/java/io/netty/bootstrap/ChannelInitializerExtensions.java
Outdated
Show resolved
Hide resolved
chrisvest
force-pushed
the
41-ch-init-ext
branch
from
02f8981
to
c213cca
Compare
|
@ejona86 @normanmaurer Addressed your comments. Please take a look, thanks! |
**Motivation:** Netty is used by many libraries and frameworks that (reasonably) hide the fact that they use Netty under the covers. When Netty is hidden, it is hard, or sometimes impossible, to modify the channel pipelines, attributes, or options, from the outside. It might not even be clear if a framework or library makes use of Netty at all. However, we sometimes want to apply some changes, or make some checks, to most or all channels that are initialized by Netty, regardless of the framework or library that is using Netty in the given case. Some examples of use-cases are: - Web application firewalls. - Server-side request forgery filters. - Intrusion detection. - Metrics gathering. To address these use-cases in a way that don't require integrators to somehow find every Netty usage in a process, we introduce a service-loaded extension point that hooks into the channel initialization process. **Modification:** A new interface, `ChannelInitializerExtension`, is added. By default, implementations of this interface are found and service-loaded at runtime by `AbstractBootstrap`, with the help of hte `ChannelInitializerExtensions` utility class. The interface offers three callback methods, one for the initialization of each of the different "kinds" of channels: - Server listener channels. - Server child channels. - Client channels. The extension also gets the opportunity to decide if it is applicable to a particular context or use-case, through the `isApplicable` method. The method takes an `ApplicableInfo` object, which is created by `AbstractBootstrap`. The `ApplicableInfo` is a parameter object, and a `final` class, which allow us to add information to it in the future by adding more methods to it, without breaking backwards compatibility. To begin with, we only expose the concrete bootstrap class through the `ApplicableInfo`, so extensions can tell if they are being considered for a server, or a client usage. By default, we service-load all extensions that are available at runtime. However, integrators can disable the use of extensions on a per-bootstrap basis with the new `disableChannelInitializerExtensions` method. Extensions can also be disabled for the entire JVM process by setting the `io.netty.bootstrap.extensions` system property to `empty` or `false`. This system property is intentionally defined as a string, so we can offer more controls in the future. For instance, we may wish to offer injecting different loader mechanisms, in which case the property could denote a class name. **Result:** We have extension points for use cases that are cutting-across different Netty uses, and require low-level Netty access. This makes it relatively easy to implement such use cases without requiring deep access to the Netty internals of arbitrary libraries and frameworks, and without even needing to know which libraries and frameworks are actually using Netty. The only restriction to this, is the use of shading with class-relocation, which in each case would require their own `META-INF/services` file. Thankfully, most libraries and frameworks that shade Netty, also offer non-shading versions.
…hould take a ServerChannel
Also remove ApplicableInfo, and add a logging value for the system property. This simplifies the code.
These are two cases where Netty itself might create Bootstrap instances, and extensions will likely want to be able to recognize those cases. This would otherwise be difficult to do, since the handles used might be internal types or hidden behind channel initializers.
…ic class loader However, also pick the loader for the (Server)Bootstrap loader as the default. The thread context class loader will be used as a fallback if no extensions are found by the first class loader.
chrisvest
force-pushed
the
41-ch-init-ext
branch
from
c213cca
to
6a918d8
Compare
|
@normanmaurer @ejona86 Rebased this. Please take a look. |
normanmaurer
approved these changes
Oct 19, 2023
|
Doesn't look like Eric has more comments, so I'm merging this. |
chrisvest
added a commit
that referenced
this pull request
Nov 2, 2023
**Motivation:** Netty is used by many libraries and frameworks that (reasonably) hide the fact that they use Netty under the covers. When Netty is hidden, it is hard, or sometimes impossible, to modify the channel pipelines, attributes, or options, from the outside. It might not even be clear if a framework or library makes use of Netty at all. However, we sometimes want to apply some changes, or make some checks, to most or all channels that are initialized by Netty, regardless of the framework or library that is using Netty in the given case. Some examples of use-cases are: - Web application firewalls. - Server-side request forgery filters. - Intrusion detection. - Metrics gathering. To address these use-cases in a way that don't require integrators to somehow find every Netty usage in a process, we introduce a service-loaded extension point that hooks into the channel initialization process. **Modification:** A new abstract class, `ChannelInitializerExtension`, is added. Implementations of this interface can be found and service-loaded at runtime by `AbstractBootstrap`, with the help of the `ChannelInitializerExtensions` utility class. The `ChannelInitializerExtension` class offers three callback methods, one for the initialization of each of the different "kinds" of channels: - Server listener channels. - Server child channels. - Client channels. The extensions are disabled by default for security reasons, and require opt in by setting the `io.netty5.bootstrap.extensions` system property to `serviceload`. To see what extensions are available, the system property can be set to `log`, and we will load and log (at INFO level) what extensions are available, but not actually run them. **Result:** We have extension points for use cases that are cutting-across different Netty uses, and require low-level Netty access. This makes it relatively easy to implement such use cases without requiring deep access to the Netty internals of arbitrary libraries and frameworks, and without even needing to know which libraries and frameworks are actually using Netty. The only restriction to this, is the use of shading with class-relocation, which in each case would require their own `META-INF/services` file. Thankfully, most libraries and frameworks that shade Netty, also offer non-shading versions.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation:
Netty is used by many libraries and frameworks that (reasonably) hide the fact that they use Netty under the covers. When Netty is hidden, it is hard, or sometimes impossible, to modify the channel pipelines, attributes, or options, from the outside. It might not even be clear if a framework or library makes use of Netty at all. However, we sometimes want to apply some changes, or make some checks, to most or all channels that are initialized by Netty, regardless of the framework or library that is using Netty in the given case.
Some examples of use-cases are:
To address these use-cases in a way that don't require integrators to somehow find every Netty usage in a process, we introduce a service-loaded extension point that hooks into the channel initialization process.
Modification:
A new abstract class,
ChannelInitializerExtension, is added. Implementations of this interface can be found and service-loaded at runtime byAbstractBootstrap, with the help of theChannelInitializerExtensionsutility class.The
ChannelInitializerExtensionclass offers three callback methods, one for the initialization of each of the different "kinds" of channels:The extensions are disabled by default for security reasons, and require opt in by setting the
io.netty.bootstrap.extensionssystem property toserviceload.To see what extensions are available, the system property can be set to
log, and we will load and log (at INFO level) what extensions are available, but not actually run them.Result:
We have extension points for use cases that are cutting-across different Netty uses, and require low-level Netty access. This makes it relatively easy to implement such use cases without requiring deep access to the Netty internals of arbitrary libraries and frameworks, and without even needing to know which libraries and frameworks are actually using Netty. The only restriction to this, is the use of shading with class-relocation, which in each case would require their own
META-INF/servicesfile. Thankfully, most libraries and frameworks that shade Netty, also offer non-shading versions.