Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Capability to configure both default `CallCredentials` and custom `SslContext` on netty `ManagedChannel`

See original GitHub issue

The problem

I would like to create a netty ManagedChannel which has both a default CallCredentials and a custom SslContext.

I can do the former with

return NettyChannelBuilder.forTarget(
    target,
    CompositeChannelCredentials.create(TlsChannelCredentials.create(), callCredentials))
  .build();

and I can do the latter with

return NettyChannelBuilder.forTarget(target)
  .sslContext(sslContext)
  .build();

but I can’t see a way to do both at once.

Solution ideas

I can see two possible API additions which would achieve this.

  1. Make it possible to configure an SslContext on a ChannelCredentials instance. I guess this couldn’t be done on TlsChannelCredentials since that’s in core and can’t depend on the netty SslContext, so it would have to be a netty-specific ChannelCredentials implementation. Then I could do something like
return NettyChannelBuilder.forTarget(
   target,
   CompositeChannelCredentials.create(NettyTlsChannelCredentials.create().withSslContext(sslContext), callCredentials))
 .build();
  1. Make it possible to configure a default CallCredentials on a NettyChannelBuilder without a ChannelCredentials. Then I could do something like
return NettyChannelBuilder.forTarget(target)
  .defaultCallCredentials(callCredentials)
  .sslContext(sslContext)
  .build();

From what I’ve seen of the source code, 2. would probably be the easier change to make, but might fit in less well with the direction you want to take the API in.

My current workaround

The workaround we’re intending to use right now is to create a channel which has the correct SslContext but no default CallCredentials, and instead configure the CallCredentials directly on every stub I create. To make this easier, we’ll wrap the ManagedChannel and the CallCredentials together into an object of our own so that we can pass them around together. Something like

return GrpcChannelWithCallCredentials.create(
  NettyChannelBuilder.forTarget(target)
    .sslContext(sslContext)
    .build(),
  callCredentials);

where GrpcChannelWithCallCredentials is our wrapper class. This is a bit ugly, and involves a change in every bit of code where we create a stub, rather than being able to do it once where we create the channel.

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:5 (4 by maintainers)

github_iconTop GitHub Comments

1reaction
pete-gillin-privitarcommented, Dec 22, 2021

Thanks, that’s exactly what I wanted!

I guess the only issue here is the lack of discoverability of this class. If you’re tracking the docs update elsewhere, I’m happy to close this.

0reactions
sergiitkcommented, Jan 25, 2022

Documentation update is merged, so closing. If more information is provided or there’s a follow-up question, comment and we can reopen.

Read more comments on GitHub >

github_iconTop Results From Across the Web

NettyChannelBuilder (grpc-all 1.51.0 API)
This class is meant to be overriden with a custom implementation of NettyChannelBuilder. ... SSL/TLS context to use instead of the system default....
Read more >
dhuaqiao/grpc-spring-boot-starter - Gitee
By default, starter pulls io.grpc:grpc-netty-shaded as transitive ... This gives you the ability to setup the desired order of built-in and your custom...
Read more >
Diff - platform/external/grpc-grpc-java - Google Git
Final _(grpc-netty-shaded avoids issues with keeping these versions in sync.)_ ... SslContext; import java.io. ... localAddress()) .set(CallCredentials.
Read more >
Index (grpc-all 1.36.0 API) - javadoc.io
Returns the ManagedChannel built by the delegate by default. ... Create a credential using Netty's SslContext as configuration. create(SslContext) - Static ...
Read more >
Webflux + Webclient + Netty, how to use SslContext with ...
Option 1. The most straightforward solution would be using a specific client for each downstream api. And having each client configured with ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

io.grpc.StatusRuntimeException: INTERNAL: No value received for unary call

Next page

JVM crash with grpc-java 1.42.x and alpine docker image