yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: add pem cache CLI

This commit is contained in:
Zaiming (Stone) Shi 2022-02-13 22:10:58 +01:00
parent 2a5de6a872
commit f6ca64c76d
5 changed files with 57 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGES-4.3.md
View File

@ -10,6 +10,15 @@ File format:
- One list item per change topic - One list item per change topic
Change log ends with a list of github PRs Change log ends with a list of github PRs
## v4.3.13
### Enhancements
* CLI `emqx_ctl pem_cache clean` to force purge x509 certificate cache,
to force an immediate reload of all certificates after the files are updated on disk.
### Bug fixes
## v4.3.12 ## v4.3.12
### Important changes ### Important changes

2
apps/emqx_management/src/emqx_management.app.src
View File

@ -1,6 +1,6 @@
{application, emqx_management, {application, emqx_management,
[{description, "EMQ X Management API and CLI"}, [{description, "EMQ X Management API and CLI"},
{vsn, "4.3.10"}, % strict semver, bump manually! {vsn, "4.3.11"}, % strict semver, bump manually!
{modules, []}, {modules, []},
{registered, [emqx_management_sup]}, {registered, [emqx_management_sup]},
{applications, [kernel,stdlib,minirest]}, {applications, [kernel,stdlib,minirest]},

21
apps/emqx_management/src/emqx_mgmt.erl
View File

@ -51,6 +51,10 @@
, set_quota_policy/2 , set_quota_policy/2
]). ]).
-export([ clean_pem_cache/0
, clean_pem_cache/1
]).
%% Internal funcs %% Internal funcs
-export([call_client/3]). -export([call_client/3]).
@ -254,15 +258,17 @@ clean_acl_cache(Node, ClientId) ->
rpc_call(Node, clean_acl_cache, [Node, ClientId]). rpc_call(Node, clean_acl_cache, [Node, ClientId]).
clean_acl_cache_all() -> clean_acl_cache_all() ->
Results = [{Node, clean_acl_cache_all(Node)} || Node <- ekka_mnesia:running_nodes()], for_nodes(fun clean_acl_cache_all/1).
case lists:filter(fun({_Node, Item}) -> Item =/= ok end, Results) of
for_nodes(F) ->
Results = [{Node, F(Node)} || Node <- ekka_mnesia:running_nodes()],
case lists:filter(fun({_Node, Res}) -> Res =/= ok end, Results) of
[] -> ok; [] -> ok;
BadNodes -> {error, BadNodes} BadNodes -> {error, BadNodes}
end. end.
clean_acl_cache_all(Node) when Node =:= node() -> clean_acl_cache_all(Node) when Node =:= node() ->
emqx_acl_cache:drain_cache(); emqx_acl_cache:drain_cache();
clean_acl_cache_all(Node) -> clean_acl_cache_all(Node) ->
rpc_call(Node, clean_acl_cache_all, [Node]). rpc_call(Node, clean_acl_cache_all, [Node]).
@ -272,6 +278,15 @@ set_ratelimit_policy(ClientId, Policy) ->
set_quota_policy(ClientId, Policy) -> set_quota_policy(ClientId, Policy) ->
call_client(ClientId, {quota, Policy}). call_client(ClientId, {quota, Policy}).
clean_pem_cache() ->
for_nodes(fun clean_pem_cache/1).
clean_pem_cache(Node) when Node =:= node() ->
_ = ssl_pem_cache:clear(),
ok;
clean_pem_cache(Node) ->
rpc_call(Node, ?FUNCTION_NAME, [Node]).
%% @private %% @private
call_client(ClientId, Req) -> call_client(ClientId, Req) ->
Results = [call_client(Node, ClientId, Req) || Node <- ekka_mnesia:running_nodes()], Results = [call_client(Node, ClientId, Req) || Node <- ekka_mnesia:running_nodes()],

29
apps/emqx_management/src/emqx_mgmt_cli.erl
View File

@ -40,6 +40,7 @@
, mgmt/1 , mgmt/1
, data/1 , data/1
, acl/1 , acl/1
, pem_cache/1
]). ]).
-define(PROC_INFOKEYS, [status, -define(PROC_INFOKEYS, [status,
@ -576,7 +577,7 @@ data(_) ->
%% @doc acl Command %% @doc acl Command
acl(["cache-clean", "node", Node]) -> acl(["cache-clean", "node", Node]) ->
case emqx_mgmt:clean_acl_cache_all(erlang:list_to_existing_atom(Node)) of case for_node(fun emqx_mgmt:clean_acl_cache_all/1, Node) of
ok -> ok ->
emqx_ctl:print("ACL cache drain started on node ~s.~n", [Node]); emqx_ctl:print("ACL cache drain started on node ~s.~n", [Node]);
{error, Reason} -> {error, Reason} ->
@ -600,6 +601,15 @@ acl(_) ->
{"acl cache-clean <ClientId>", "Clears acl cache for given client"} {"acl cache-clean <ClientId>", "Clears acl cache for given client"}
]). ]).
pem_cache(["clean", "all"]) ->
with_log(fun emqx_mgmt:clean_pem_cache/0, "PEM cache clean");
pem_cache(["clean", "node", Node]) ->
with_log(fun() -> for_node(fun emqx_mgmt:clean_pem_cache/1, Node) end, "PEM cache clean");
pem_cache(_) ->
emqx_ctl:usage([{"pem_cache clean all", "Clears x509 certificate cache on all nodes"},
{"pem_cache clean node <Node>", "Clears x509 certificate cache on given node"}
]).
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
%% Dump ETS %% Dump ETS
%%-------------------------------------------------------------------- %%--------------------------------------------------------------------
@ -721,3 +731,20 @@ restart_http_listener(Scheme, AppName) ->
http_mod_name(emqx_management) -> emqx_mgmt_http; http_mod_name(emqx_management) -> emqx_mgmt_http;
http_mod_name(Name) -> Name. http_mod_name(Name) -> Name.
for_node(Fun, Node) ->
try list_to_existing_atom(Node) of
NodeAtom ->
Fun(NodeAtom)
catch
error : badarg ->
{error, unknown_node}
end.
with_log(Fun, Msg) ->
case Fun() of
ok ->
emqx_ctl:print("~s OK~n", [Msg]);
{error, Reason} ->
emqx_ctl:print("~s FAILED~n~p~n", [Msg, Reason])
end.

2
lib-ce/emqx_dashboard/src/emqx_dashboard.app.src
View File

@ -1,6 +1,6 @@
{application, emqx_dashboard, {application, emqx_dashboard,
[{description, "EMQ X Web Dashboard"}, [{description, "EMQ X Web Dashboard"},
{vsn, "4.3.8"}, % strict semver, bump manually! {vsn, "4.3.9"}, % strict semver, bump manually!
{modules, []}, {modules, []},
{registered, [emqx_dashboard_sup]}, {registered, [emqx_dashboard_sup]},
{applications, [kernel,stdlib,mnesia,minirest]}, {applications, [kernel,stdlib,mnesia,minirest]},