add setting to allow private IP (opensearch-project#2534) (opensearch-project#2535)

* add setting to allow private IP

Signed-off-by: Yaliang Wu <ylwu@amazon.com>

* fix ut

Signed-off-by: Yaliang Wu <ylwu@amazon.com>

---------

Signed-off-by: Yaliang Wu <ylwu@amazon.com>
(cherry picked from commit 06d1742)

Co-authored-by: Yaliang Wu <ylwu@amazon.com>

Author: opensearch-trigger-bot[bot]

ml-algorithms/src/main/java/org/opensearch/ml/engine/algorithms/remote/HttpJsonConnectorExecutor.java

@@ -16,6 +16,7 @@
 import java.util.Locale;
 import java.util.Map;
 import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.atomic.AtomicBoolean;
 
 import org.apache.logging.log4j.Logger;
 import org.opensearch.client.Client;
@@ -62,6 +63,8 @@ public class HttpJsonConnectorExecutor extends AbstractConnectorExecutor {
     @Setter
     @Getter
     private MLGuard mlGuard;
+    @Setter
+    private volatile AtomicBoolean connectorPrivateIpEnabled;
 
     private SdkAsyncHttpClient httpClient;
 
@@ -136,6 +139,6 @@ private void validateHttpClientParameters(String action, Map<String, String> par
         String protocol = url.getProtocol();
         String host = url.getHost();
         int port = url.getPort();
-        MLHttpClientFactory.validate(protocol, host, port);
+        MLHttpClientFactory.validate(protocol, host, port, connectorPrivateIpEnabled);
     }
 }

ml-algorithms/src/main/java/org/opensearch/ml/engine/algorithms/remote/RemoteConnectorExecutor.java

@@ -15,6 +15,7 @@
 import java.util.Locale;
 import java.util.Map;
 import java.util.Optional;
+import java.util.concurrent.atomic.AtomicBoolean;
 
 import org.apache.logging.log4j.Logger;
 import org.opensearch.ExceptionsHelper;
@@ -146,6 +147,8 @@ default void setScriptService(ScriptService scriptService) {}
 
     default void setClient(Client client) {}
 
+    default void setConnectorPrivateIpEnabled(AtomicBoolean connectorPrivateIpEnabled) {}
+
     default void setXContentRegistry(NamedXContentRegistry xContentRegistry) {}
 
     default void setClusterService(ClusterService clusterService) {}

ml-algorithms/src/main/java/org/opensearch/ml/engine/algorithms/remote/RemoteModel.java

@@ -8,6 +8,7 @@
 import static org.opensearch.ml.common.connector.ConnectorAction.ActionType.PREDICT;
 
 import java.util.Map;
+import java.util.concurrent.atomic.AtomicBoolean;
 
 import org.opensearch.client.Client;
 import org.opensearch.cluster.service.ClusterService;
@@ -43,6 +44,7 @@ public class RemoteModel implements Predictable {
     public static final String RATE_LIMITER = "rate_limiter";
     public static final String USER_RATE_LIMITER_MAP = "user_rate_limiter_map";
     public static final String GUARDRAILS = "guardrails";
+    public static final String CONNECTOR_PRIVATE_IP_ENABLED = "connectorPrivateIpEnabled";
 
     private RemoteConnectorExecutor connectorExecutor;
 
@@ -101,6 +103,7 @@ public void initModel(MLModel model, Map<String, Object> params, Encryptor encry
             this.connectorExecutor.setRateLimiter((TokenBucket) params.get(RATE_LIMITER));
             this.connectorExecutor.setUserRateLimiterMap((Map<String, TokenBucket>) params.get(USER_RATE_LIMITER_MAP));
             this.connectorExecutor.setMlGuard((MLGuard) params.get(GUARDRAILS));
+            this.connectorExecutor.setConnectorPrivateIpEnabled((AtomicBoolean) params.get(CONNECTOR_PRIVATE_IP_ENABLED));
         } catch (RuntimeException e) {
             log.error("Failed to init remote model.", e);
             throw e;

ml-algorithms/src/main/java/org/opensearch/ml/engine/httpclient/MLHttpClientFactory.java

@@ -14,6 +14,7 @@
 import java.time.Duration;
 import java.util.Arrays;
 import java.util.Locale;
+import java.util.concurrent.atomic.AtomicBoolean;
 
 import lombok.extern.log4j.Log4j2;
 import software.amazon.awssdk.http.async.SdkAsyncHttpClient;
@@ -43,9 +44,11 @@ public static SdkAsyncHttpClient getAsyncHttpClient(Duration connectionTimeout,
      * @param protocol The protocol supported in remote inference, currently only http and https are supported.
      * @param host The host name of the remote inference server, host must be a valid ip address or domain name and must not be localhost.
      * @param port The port number of the remote inference server, port number must be in range [0, 65536].
-     * @throws UnknownHostException
+     * @param connectorPrivateIpEnabled The port number of the remote inference server, port number must be in range [0, 65536].
+     * @throws UnknownHostException Allow to use private IP or not.
      */
-    public static void validate(String protocol, String host, int port) throws UnknownHostException {
+    public static void validate(String protocol, String host, int port, AtomicBoolean connectorPrivateIpEnabled)
+        throws UnknownHostException {
         if (protocol != null && !"http".equalsIgnoreCase(protocol) && !"https".equalsIgnoreCase(protocol)) {
             log.error("Remote inference protocol is not http or https: " + protocol);
             throw new IllegalArgumentException("Protocol is not http or https: " + protocol);
@@ -62,12 +65,12 @@ public static void validate(String protocol, String host, int port) throws Unkno
             log.error("Remote inference port out of range: " + port);
             throw new IllegalArgumentException("Port out of range: " + port);
         }
-        validateIp(host);
+        validateIp(host, connectorPrivateIpEnabled);
     }
 
-    private static void validateIp(String hostName) throws UnknownHostException {
+    private static void validateIp(String hostName, AtomicBoolean connectorPrivateIpEnabled) throws UnknownHostException {
         InetAddress[] addresses = InetAddress.getAllByName(hostName);
-        if (hasPrivateIpAddress(addresses)) {
+        if ((connectorPrivateIpEnabled == null || !connectorPrivateIpEnabled.get()) && hasPrivateIpAddress(addresses)) {
             log.error("Remote inference host name has private ip address: " + hostName);
             throw new IllegalArgumentException("Remote inference host name has private ip address: " + hostName);
         }

ml-algorithms/src/test/java/org/opensearch/ml/engine/algorithms/remote/HttpJsonConnectorExecutorTest.java

@@ -6,13 +6,16 @@
 package org.opensearch.ml.engine.algorithms.remote;
 
 import static org.junit.Assert.assertEquals;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.never;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
 import static org.opensearch.ml.common.connector.ConnectorAction.ActionType.PREDICT;
 
 import java.lang.reflect.Field;
 import java.util.Arrays;
 import java.util.HashMap;
+import java.util.concurrent.atomic.AtomicBoolean;
 
 import org.junit.Before;
 import org.junit.Rule;
@@ -102,6 +105,52 @@ public void invokeRemoteService_invalidIpAddress() {
         assertEquals("Remote inference host name has private ip address: 127.0.0.1", captor.getValue().getMessage());
     }
 
+    @Test
+    public void invokeRemoteService_EnabledPrivateIpAddress() {
+        ConnectorAction predictAction = ConnectorAction
+            .builder()
+            .actionType(PREDICT)
+            .method("POST")
+            .url("http://127.0.0.1/mock")
+            .requestBody("{\"input\": \"${parameters.input}\"}")
+            .build();
+        Connector connector = HttpConnector
+            .builder()
+            .name("test connector")
+            .version("1")
+            .protocol("http")
+            .actions(Arrays.asList(predictAction))
+            .build();
+        HttpJsonConnectorExecutor executor = new HttpJsonConnectorExecutor(connector);
+        AtomicBoolean privateIpEnabled = new AtomicBoolean(true);
+        executor.setConnectorPrivateIpEnabled(privateIpEnabled);
+        executor
+            .invokeRemoteService(
+                PREDICT.name(),
+                createMLInput(),
+                new HashMap<>(),
+                "{\"input\": \"hello world\"}",
+                new ExecutionContext(0),
+                actionListener
+            );
+        Mockito.verify(actionListener, never()).onFailure(any());
+
+        privateIpEnabled.set(false);
+        executor
+            .invokeRemoteService(
+                PREDICT.name(),
+                createMLInput(),
+                new HashMap<>(),
+                "{\"input\": \"hello world\"}",
+                new ExecutionContext(0),
+                actionListener
+            );
+        ArgumentCaptor<Exception> captor = ArgumentCaptor.forClass(IllegalArgumentException.class);
+        Mockito.verify(actionListener, times(1)).onFailure(captor.capture());
+        assert captor.getValue() instanceof IllegalArgumentException;
+        assertEquals("Remote inference host name has private ip address: 127.0.0.1", captor.getValue().getMessage());
+    }
+
     @Test
     public void invokeRemoteService_Empty_payload() {
         ConnectorAction predictAction = ConnectorAction

ml-algorithms/src/test/java/org/opensearch/ml/engine/httpclient/MLHttpClientFactoryTests.java

@@ -8,6 +8,7 @@
 import static org.junit.Assert.assertNotNull;
 
 import java.time.Duration;
+import java.util.concurrent.atomic.AtomicBoolean;
 
 import org.junit.Rule;
 import org.junit.Test;
@@ -28,70 +29,84 @@ public void test_getSdkAsyncHttpClient_success() {
 
     @Test
     public void test_validateIp_validIp_noException() throws Exception {
-        MLHttpClientFactory.validate("http", "api.openai.com", 80);
+        AtomicBoolean privateIpEnabled = new AtomicBoolean(false);
+        MLHttpClientFactory.validate("http", "api.openai.com", 80, privateIpEnabled);
     }
 
     @Test
     public void test_validateIp_rarePrivateIp_throwException() throws Exception {
+        AtomicBoolean privateIpEnabled = new AtomicBoolean(false);
         try {
-            MLHttpClientFactory.validate("http", "0254.020.00.01", 80);
+            MLHttpClientFactory.validate("http", "0254.020.00.01", 80, privateIpEnabled);
         } catch (IllegalArgumentException e) {
             assertNotNull(e);
         }
 
         try {
-            MLHttpClientFactory.validate("http", "172.1048577", 80);
+            MLHttpClientFactory.validate("http", "172.1048577", 80, privateIpEnabled);
         } catch (Exception e) {
             assertNotNull(e);
         }
 
         try {
-            MLHttpClientFactory.validate("http", "2886729729", 80);
+            MLHttpClientFactory.validate("http", "2886729729", 80, privateIpEnabled);
         } catch (IllegalArgumentException e) {
             assertNotNull(e);
         }
 
         try {
-            MLHttpClientFactory.validate("http", "192.11010049", 80);
+            MLHttpClientFactory.validate("http", "192.11010049", 80, privateIpEnabled);
         } catch (IllegalArgumentException e) {
             assertNotNull(e);
         }
 
         try {
-            MLHttpClientFactory.validate("http", "3232300545", 80);
+            MLHttpClientFactory.validate("http", "3232300545", 80, privateIpEnabled);
         } catch (IllegalArgumentException e) {
             assertNotNull(e);
         }
 
         try {
-            MLHttpClientFactory.validate("http", "0:0:0:0:0:ffff:127.0.0.1", 80);
+            MLHttpClientFactory.validate("http", "0:0:0:0:0:ffff:127.0.0.1", 80, privateIpEnabled);
         } catch (IllegalArgumentException e) {
             assertNotNull(e);
         }
 
         try {
-            MLHttpClientFactory.validate("http", "153.24.76.232", 80);
+            MLHttpClientFactory.validate("http", "153.24.76.232", 80, privateIpEnabled);
         } catch (IllegalArgumentException e) {
             assertNotNull(e);
         }
     }
 
+    @Test
+    public void test_validateIp_rarePrivateIp_NotThrowException() throws Exception {
+        AtomicBoolean privateIpEnabled = new AtomicBoolean(true);
+        MLHttpClientFactory.validate("http", "0254.020.00.01", 80, privateIpEnabled);
+        MLHttpClientFactory.validate("http", "172.1048577", 80, privateIpEnabled);
+        MLHttpClientFactory.validate("http", "2886729729", 80, privateIpEnabled);
+        MLHttpClientFactory.validate("http", "192.11010049", 80, privateIpEnabled);
+        MLHttpClientFactory.validate("http", "3232300545", 80, privateIpEnabled);
+        MLHttpClientFactory.validate("http", "0:0:0:0:0:ffff:127.0.0.1", 80, privateIpEnabled);
+        MLHttpClientFactory.validate("http", "153.24.76.232", 80, privateIpEnabled);
+    }
+
     @Test
     public void test_validateSchemaAndPort_success() throws Exception {
-        MLHttpClientFactory.validate("http", "api.openai.com", 80);
+        MLHttpClientFactory.validate("http", "api.openai.com", 80, new AtomicBoolean(false));
     }
 
     @Test
     public void test_validateSchemaAndPort_notAllowedSchema_throwException() throws Exception {
         expectedException.expect(IllegalArgumentException.class);
-        MLHttpClientFactory.validate("ftp", "api.openai.com", 80);
+        MLHttpClientFactory.validate("ftp", "api.openai.com", 80, new AtomicBoolean(false));
     }
 
     @Test
     public void test_validateSchemaAndPort_portNotInRange_throwException() throws Exception {
         expectedException.expect(IllegalArgumentException.class);
         expectedException.expectMessage("Port out of range: 65537");
-        MLHttpClientFactory.validate("https", "api.openai.com", 65537);
+        MLHttpClientFactory.validate("https", "api.openai.com", 65537, new AtomicBoolean(false));
     }
 
 }

plugin/src/main/java/org/opensearch/ml/model/MLModelManager.java

@@ -27,6 +27,7 @@
 import static org.opensearch.ml.engine.ModelHelper.MODEL_SIZE_IN_BYTES;
 import static org.opensearch.ml.engine.algorithms.remote.RemoteModel.CLIENT;
 import static org.opensearch.ml.engine.algorithms.remote.RemoteModel.CLUSTER_SERVICE;
+import static org.opensearch.ml.engine.algorithms.remote.RemoteModel.CONNECTOR_PRIVATE_IP_ENABLED;
 import static org.opensearch.ml.engine.algorithms.remote.RemoteModel.GUARDRAILS;
 import static org.opensearch.ml.engine.algorithms.remote.RemoteModel.RATE_LIMITER;
 import static org.opensearch.ml.engine.algorithms.remote.RemoteModel.SCRIPT_SERVICE;
@@ -128,6 +129,7 @@
 import org.opensearch.ml.engine.indices.MLIndicesHandler;
 import org.opensearch.ml.engine.utils.FileUtils;
 import org.opensearch.ml.profile.MLModelProfile;
+import org.opensearch.ml.settings.MLFeatureEnabledSetting;
 import org.opensearch.ml.stats.ActionName;
 import org.opensearch.ml.stats.MLActionLevelStat;
 import org.opensearch.ml.stats.MLNodeLevelStat;
@@ -169,6 +171,7 @@ public class MLModelManager {
     private final MLTaskManager mlTaskManager;
     private final MLEngine mlEngine;
     private final DiscoveryNodeHelper nodeHelper;
+    private final MLFeatureEnabledSetting mlFeatureEnabledSetting;
 
     private volatile Integer maxModelPerNode;
     private volatile Integer maxRegisterTasksPerNode;
@@ -198,7 +201,8 @@ public MLModelManager(
         MLTaskManager mlTaskManager,
         MLModelCacheHelper modelCacheHelper,
         MLEngine mlEngine,
-        DiscoveryNodeHelper nodeHelper
+        DiscoveryNodeHelper nodeHelper,
+        MLFeatureEnabledSetting mlFeatureEnabledSetting
     ) {
         this.client = client;
         this.threadPool = threadPool;
@@ -213,6 +217,7 @@ public MLModelManager(
         this.mlTaskManager = mlTaskManager;
         this.mlEngine = mlEngine;
         this.nodeHelper = nodeHelper;
+        this.mlFeatureEnabledSetting = mlFeatureEnabledSetting;
 
         this.maxModelPerNode = ML_COMMONS_MAX_MODELS_PER_NODE.get(settings);
         clusterService.getClusterSettings().addSettingsUpdateConsumer(ML_COMMONS_MAX_MODELS_PER_NODE, it -> maxModelPerNode = it);
@@ -1170,6 +1175,7 @@ private Map<String, Object> setUpParameterMap(String modelId) {
             params.put(GUARDRAILS, mlGuard);
             log.info("Setting up ML guard parameter for ML predictor.");
         }
+        params.put(CONNECTOR_PRIVATE_IP_ENABLED, mlFeatureEnabledSetting.isConnectorPrivateIpEnabled());
         return Collections.unmodifiableMap(params);
     }
 

plugin/src/main/java/org/opensearch/ml/plugin/MachineLearningPlugin.java

@@ -496,6 +496,11 @@ public Collection<Object> createComponents(
         mlIndicesHandler = new MLIndicesHandler(clusterService, client);
         mlTaskManager = new MLTaskManager(client, threadPool, mlIndicesHandler);
         modelHelper = new ModelHelper(mlEngine);
+
+        mlInputDatasetHandler = new MLInputDatasetHandler(client);
+        modelAccessControlHelper = new ModelAccessControlHelper(clusterService, settings);
+        connectorAccessControlHelper = new ConnectorAccessControlHelper(clusterService, settings);
+        mlFeatureEnabledSetting = new MLFeatureEnabledSetting(clusterService, settings);
         mlModelManager = new MLModelManager(
             clusterService,
             scriptService,
@@ -510,12 +515,9 @@ public Collection<Object> createComponents(
             mlTaskManager,
             modelCacheHelper,
             mlEngine,
-            nodeHelper
+            nodeHelper,
+            mlFeatureEnabledSetting
         );
-        mlInputDatasetHandler = new MLInputDatasetHandler(client);
-        modelAccessControlHelper = new ModelAccessControlHelper(clusterService, settings);
-        connectorAccessControlHelper = new ConnectorAccessControlHelper(clusterService, settings);
-        mlFeatureEnabledSetting = new MLFeatureEnabledSetting(clusterService, settings);
 
         mlModelChunkUploader = new MLModelChunkUploader(mlIndicesHandler, client, xContentRegistry, modelAccessControlHelper);
 
@@ -929,7 +931,8 @@ public List<Setting<?>> getSettings() {
                 MLCommonsSettings.ML_COMMONS_MEMORY_FEATURE_ENABLED,
                 MLCommonsSettings.ML_COMMONS_RAG_PIPELINE_FEATURE_ENABLED,
                 MLCommonsSettings.ML_COMMONS_AGENT_FRAMEWORK_ENABLED,
-                MLCommonsSettings.ML_COMMONS_MODEL_AUTO_DEPLOY_ENABLE
+                MLCommonsSettings.ML_COMMONS_MODEL_AUTO_DEPLOY_ENABLE,
+                MLCommonsSettings.ML_COMMONS_CONNECTOR_PRIVATE_IP_ENABLED
             );
         return settings;
     }

plugin/src/main/java/org/opensearch/ml/settings/MLCommonsSettings.java

@@ -184,4 +184,7 @@ private MLCommonsSettings() {}
     // This setting is to enable/disable agent related API register/execute/delete/get/search agent.
     public static final Setting<Boolean> ML_COMMONS_AGENT_FRAMEWORK_ENABLED = Setting
         .boolSetting("plugins.ml_commons.agent_framework_enabled", true, Setting.Property.NodeScope, Setting.Property.Dynamic);
+
+    public static final Setting<Boolean> ML_COMMONS_CONNECTOR_PRIVATE_IP_ENABLED = Setting
+        .boolSetting("plugins.ml_commons.connector.private_ip_enabled", false, Setting.Property.NodeScope, Setting.Property.Dynamic);
 }