Skip to content

Commit

Permalink
NOJIRA Update documentation to reflect changes in features
Browse files Browse the repository at this point in the history
  • Loading branch information
johnhurt authored and eaufavor committed Oct 12, 2024
1 parent b939776 commit 5151683
Show file tree
Hide file tree
Showing 13 changed files with 82 additions and 29 deletions.
2 changes: 1 addition & 1 deletion .bleep
Original file line number Diff line number Diff line change
@@ -1 +1 @@
9ec41e3e1817e36107195f6ca1a3168779857cc7
f03c6a3f42dddc28f95bc10022de285e10223866
4 changes: 4 additions & 0 deletions pingora-core/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,10 @@
//! # Optional features
//! `boringssl`: Switch the internal TLS library from OpenSSL to BoringSSL.
// This enables the feature that labels modules that are only available with
// certain pingora features
#![cfg_attr(docsrs, feature(doc_cfg))]

pub mod apps;
pub mod connectors;
pub mod listeners;
Expand Down
5 changes: 3 additions & 2 deletions pingora-core/src/listeners/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,9 @@ pub use l4::{ServerAddress, TcpSocketOptions};
#[async_trait]
pub trait TlsAccept {
// TODO: return error?
/// This function is called in the middle of a TLS handshake. Structs who implement this function
/// should provide tls certificate and key to the [TlsRef] via [ext::ssl_use_certificate] and [ext::ssl_use_private_key].
/// This function is called in the middle of a TLS handshake. Structs who
/// implement this function should provide tls certificate and key to the
/// [TlsRef] via `ssl_use_certificate` and `ssl_use_private_key`.
async fn certificate_callback(&self, _ssl: &mut TlsRef) -> () {
// does nothing by default
}
Expand Down
6 changes: 4 additions & 2 deletions pingora-core/src/modules/http/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,11 @@

//! Modules for HTTP traffic.
//!
//! [HttpModule]s define request and response filters to use while running an [HttpServer]
//! [HttpModule]s define request and response filters to use while running an
//! [HttpServer](crate::apps::http_app::HttpServer)
//! application.
//! See the [ResponseCompression] module for an example of how to implement a basic module.
//! See the [ResponseCompression](crate::modules::http::compression::ResponseCompression)
//! module for an example of how to implement a basic module.
pub mod compression;
pub mod grpc_web;
Expand Down
2 changes: 1 addition & 1 deletion pingora-core/src/protocols/http/client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,7 @@ impl HttpSession {
}
}

/// Return a mutable [Digest] reference for the connection, see [`digest`] for more details.
/// Return a mutable [Digest] reference for the connection.
///
/// Will return `None` if this is an H2 session and multiple streams are open.
pub fn digest_mut(&mut self) -> Option<&mut Digest> {
Expand Down
2 changes: 1 addition & 1 deletion pingora-core/src/protocols/http/v1/client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -639,7 +639,7 @@ impl HttpSession {
&self.digest
}

/// Return a mutable [Digest] reference for the connection, see [`digest`] for more details.
/// Return a mutable [Digest] reference for the connection.
pub fn digest_mut(&mut self) -> &mut Digest {
&mut self.digest
}
Expand Down
2 changes: 1 addition & 1 deletion pingora-core/src/protocols/http/v2/client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -310,7 +310,7 @@ impl Http2Session {
Some(self.conn.digest())
}

/// Return a mutable [Digest] reference for the connection, see [`digest`] for more details.
/// Return a mutable [Digest] reference for the connection
///
/// Will return `None` if multiple H2 streams are open.
pub fn digest_mut(&mut self) -> Option<&mut Digest> {
Expand Down
2 changes: 1 addition & 1 deletion pingora-core/src/protocols/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ pub trait Ssl {
None
}

/// Return the [`ssl::SslDigest`] for logging
/// Return the [`tls::SslDigest`] for logging
fn get_ssl_digest(&self) -> Option<Arc<tls::SslDigest>> {
None
}
Expand Down
4 changes: 3 additions & 1 deletion pingora-core/src/protocols/tls/noop_tls/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ pub mod stream {
use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};

use crate::protocols::{
GetProxyDigest, GetSocketDigest, GetTimingDigest, Shutdown, Ssl, UniqueID,
GetProxyDigest, GetSocketDigest, GetTimingDigest, Peek, Shutdown, Ssl, UniqueID,
};

/// A TLS session over a stream.
Expand Down Expand Up @@ -194,6 +194,8 @@ pub mod stream {
None
}
}

impl<S> Peek for SslStream<S> {}
}

pub mod utils {
Expand Down
13 changes: 8 additions & 5 deletions pingora-core/src/server/configuration/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -67,21 +67,24 @@ pub struct ServerConf {
/// Timeout in seconds of the final step for the graceful shutdown.
pub graceful_shutdown_timeout_seconds: Option<u64>,
// These options don't belong here as they are specific to certain services
/// IPv4 addresses for a client connector to bind to. See [`ConnectorOptions`].
/// IPv4 addresses for a client connector to bind to. See
/// [`ConnectorOptions`](crate::connectors::ConnectorOptions).
/// Note: this is an _unstable_ field that may be renamed or removed in the future.
pub client_bind_to_ipv4: Vec<String>,
/// IPv6 addresses for a client connector to bind to. See [`ConnectorOptions`].
/// IPv6 addresses for a client connector to bind to. See
/// [`ConnectorOptions`](crate::connectors::ConnectorOptions).
/// Note: this is an _unstable_ field that may be renamed or removed in the future.
pub client_bind_to_ipv6: Vec<String>,
/// Keepalive pool size for client connections to upstream. See [`ConnectorOptions`].
/// Keepalive pool size for client connections to upstream. See
/// [`ConnectorOptions`](crate::connectors::ConnectorOptions).
/// Note: this is an _unstable_ field that may be renamed or removed in the future.
pub upstream_keepalive_pool_size: usize,
/// Number of dedicated thread pools to use for upstream connection establishment.
/// See [`ConnectorOptions`].
/// See [`ConnectorOptions`](crate::connectors::ConnectorOptions).
/// Note: this is an _unstable_ field that may be renamed or removed in the future.
pub upstream_connect_offload_threadpools: Option<usize>,
/// Number of threads per dedicated upstream connection establishment pool.
/// See [`ConnectorOptions`].
/// See [`ConnectorOptions`](crate::connectors::ConnectorOptions).
/// Note: this is an _unstable_ field that may be renamed or removed in the future.
pub upstream_connect_offload_thread_per_pool: Option<usize>,
/// When enabled allows TLS keys to be written to a file specified by the SSLKEYLOG
Expand Down
2 changes: 0 additions & 2 deletions pingora-rustls/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
[package]
name = "pingora-rustls"
version = "0.3.0"
authors = ["Harald Gutmann <[email protected]>"]
license = "Apache-2.0"
edition = "2021"
repository = "https://github.com/cloudflare/pingora"
Expand All @@ -11,7 +10,6 @@ description = """
RusTLS async APIs for Pingora.
"""

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[lib]
name = "pingora_rustls"
path = "src/lib.rs"
56 changes: 50 additions & 6 deletions pingora/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ name = "pingora"
path = "src/lib.rs"

[package.metadata.docs.rs]
all-features = true
features = ["document-features"]
rustdoc-args = ["--cfg", "docsrs"]

[dependencies]
Expand All @@ -29,6 +29,10 @@ pingora-load-balancing = { version = "0.3.0", path = "../pingora-load-balancing"
pingora-proxy = { version = "0.3.0", path = "../pingora-proxy", optional = true, default-features = false }
pingora-cache = { version = "0.3.0", path = "../pingora-cache", optional = true, default-features = false }

# Only used for documenting features, but doesn't work in any other dependency
# group :(
document-features = { version = "0.2.10", optional = true }

[dev-dependencies]
clap = { version = "3.2.25", features = ["derive"] }
tokio = { workspace = true, features = ["rt-multi-thread", "signal"] }
Expand All @@ -50,31 +54,71 @@ jemallocator = "0.5"

[features]
default = []

#! ### Tls
#! Tls is provided by adding one of these features. If no tls-providing feature
#! is added, only unencrypted http. Only one tls-providing feature can be
#! selected at a time

## Use [OpenSSL](https://crates.io/crates/openssl) for tls
##
## Requires native openssl libraries and build tooling
openssl = [
"pingora-core/openssl",
"pingora-proxy?/openssl",
"pingora-cache?/openssl",
"pingora-load-balancing?/openssl",
"openssl_derived",
]

## Use [BoringSSL](https://crates.io/crates/boring) for tls
##
## Requires native boring libraries and build tooling
boringssl = [
"pingora-core/boringssl",
"pingora-proxy?/boringssl",
"pingora-cache?/boringssl",
"pingora-load-balancing?/boringssl",
"openssl_derived",
]
proxy = ["pingora-proxy"]
lb = ["pingora-load-balancing", "proxy"]
cache = ["pingora-cache"]
time = []
sentry = ["pingora-core/sentry"]

# Coming soon
# ## Use [rustls](https://crates.io/crates/rustls) for tls
# ##
# ## ⚠️ _Highly Experimental_! ⚠️ Try it, but don't rely on it (yet)
rustls = [
"pingora-core/rustls",
"pingora-proxy?/rustls",
"pingora-cache?/rustls",
"pingora-load-balancing?/rustls",
"any_tls",
]

#! ### Pingora extensions

## Include the [proxy](crate::proxy) module
##
## This feature will include and export `pingora_proxy::prelude::*`
proxy = ["pingora-proxy"]

## Include the [lb](crate::lb) (load-balancing) module
##
## This feature will include and export `pingora_load_balancing::prelude::*`
lb = ["pingora-load-balancing", "proxy"]

## Include the [cache](crate::cache) module
##
## This feature will include and export `pingora_cache::prelude::*`
cache = ["pingora-cache"]

## Enable time/scheduling functionality
time = []

## Enable sentry for error notifications
sentry = ["pingora-core/sentry"]

# These features are intentionally not documented
openssl_derived = ["any_tls"]
any_tls = []
patched_http1 = ["pingora-core/patched_http1"]
document-features = ["dep:document-features", "proxy", "lb", "cache", "time", "sentry"]
11 changes: 5 additions & 6 deletions pingora/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -36,12 +36,11 @@
//!
//! If looking to build a (reverse) proxy, see [`pingora-proxy`](https://docs.rs/pingora-proxy) crate.
//!
//! # features
//! * `openssl`: Using OpenSSL as the internal TLS backend. This feature is default on.
//! * `boringssl`: Switch the internal TLS library from OpenSSL to BoringSSL. This feature will disable `openssl`.
//! * `proxy`: This feature will include and export `pingora_proxy::prelude::*`.
//! * `lb`: This feature will include and export `pingora_load_balancing::prelude::*`.
//! * `cache`: This feature will include and export `pingora_cache::prelude::*`.
//! # Feature flags
#![cfg_attr(
feature = "document-features",
cfg_attr(doc, doc = ::document_features::document_features!())
)]

pub use pingora_core::*;

Expand Down

0 comments on commit 5151683

Please sign in to comment.