Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revisit TLS Cluster tests to drop stunnel #4018

Open
ggivo opened this issue Nov 11, 2024 · 0 comments
Open

Revisit TLS Cluster tests to drop stunnel #4018

ggivo opened this issue Nov 11, 2024 · 0 comments
Labels

Comments

@ggivo
Copy link
Contributor

ggivo commented Nov 11, 2024

SSL/TLS is supported natively by Redis starting with version 6.

With #4015 we are migrating test infra toward containerized env to support multiple Redis version test matrices.
Now we are using native TLS/SSL Redis support, while the previous test infra was relying on stunnel with custom host/port mappings.

Simply removing the port mapping is sufficient for Redis server 7.x and above.
Some tests are still failing when run against Redis 6.2.16 because difference in how ports are reported in CLUSTER SLOTS command see(redis/redis#8134, redis/redis#8587)

Tests to be revisited :

Error:  Errors: 
Error:    SSLACLJedisClusterTest.connectByIpAddress:147 » JedisClusterOperation Cluster retry deadline exceeded.
Error:    SSLACLJedisClusterTest.connectToNodesSucceedsWithSSLParametersAndHostMapping:188 » JedisClusterOperation Cluster retry deadline exceeded.
Error:    SSLACLJedisClusterTest.testSSLDiscoverNodesAutomatically:80 » JedisConnection javax.net.ssl.SSLException: Read timed out
Error:    SSLACLJedisClusterTest.testSSLWithoutPortMap:125 » JedisConnection javax.net.ssl.SSLException: Read timed out
Error:    SSLJedisClusterTest.connectByIpAddress:127 » JedisClusterOperation Cluster retry deadline exceeded.
Error:    SSLJedisClusterTest.connectToNodesSucceedsWithSSLParametersAndHostMapping:165 » JedisClusterOperation Cluster retry deadline exceeded.
Error:    SSLJedisClusterTest.testSSLDiscoverNodesAutomatically:64 » JedisConnection javax.net.ssl.SSLException: Read timed out
Error:    SSLJedisClusterTest.testSSLWithoutPortMap:106 » JedisConnection javax.net.ssl.SSLException: Read timed out

Expected behavior

 TLS/SSL tests pass successfully against test env using native Redis server TLS/SSL supprt (e.g no stunnel)

Actual behavior

TLS/SSL tests failures observed  when using Redis 6.2.16 native TLS/SSL support
same tests pass successfully against  Redis 7.+ native TLS/SSL support

Steps to reproduce:

  Bring up test 6.2.16 test infra env using containerized setup introduced with (https://github.com/redis/jedis/pull/4015)
  `docker compose --env-file src/test/resources/env/.env.v6.2.16 -f src/test/resources/env/docker-compose.yml up`

   Run TLS/SSL tests (SSLJedisClusterTest, SSLACLJedisClusterTest)

Redis / Jedis Configuration

depends on test

Jedis version:

5.2.0

Redis version:

6.2.16

Java version:

1.8

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants