@Before public void setUp() throws Exception { zkw = HBaseTestingUtility.getZooKeeperWatcher(utility); String fakeRs1 = ZKUtil.joinZNode(zkw.rsZNode, "hostname1.example.org:1234"); try { ZKClusterId.setClusterId(zkw, new ClusterId()); rp = ReplicationFactory.getReplicationPeers(zkw, conf, zkw); rp.init(); rt = ReplicationFactory.getReplicationTracker(zkw, rp, conf, zkw, new DummyServer(fakeRs1)); } catch (Exception e) { fail("Exception during test setup: " + e); } rsRemovedCount = new AtomicInteger(0); rsRemovedData = ""; plChangedCount = new AtomicInteger(0); plChangedData = new ArrayList<String>(); peerRemovedCount = new AtomicInteger(0); peerRemovedData = ""; }
@Test public void testClusterId() throws Exception { TEST_UTIL.startMiniZKCluster(); TEST_UTIL.startMiniDFSCluster(1); Configuration conf = new Configuration(TEST_UTIL.getConfiguration()); CoordinatedStateManager cp = CoordinatedStateManagerFactory.getCoordinatedStateManager(conf); //start region server, needs to be separate //so we get an unset clusterId rst = JVMClusterUtil.createRegionServerThread(conf,cp, HRegionServer.class, 0); rst.start(); //Make sure RS is in blocking state Thread.sleep(10000); TEST_UTIL.startMiniHBaseCluster(1, 1); rst.waitForServerOnline(); String clusterId = ZKClusterId.readClusterIdZNode(TEST_UTIL.getZooKeeperWatcher()); assertNotNull(clusterId); assertEquals(clusterId, rst.getRegionServer().getClusterId()); }
/** * Get the authentication token of the user for the cluster specified in the configuration * @return null if the user does not have the token, otherwise the auth token for the cluster. */ private static Token<AuthenticationTokenIdentifier> getAuthToken(Configuration conf, User user) throws IOException, InterruptedException { ZooKeeperWatcher zkw = new ZooKeeperWatcher(conf, "TokenUtil-getAuthToken", null); try { String clusterId = ZKClusterId.readClusterIdZNode(zkw); if (clusterId == null) { throw new IOException("Failed to get cluster ID"); } return new AuthenticationTokenSelector().selectToken(new Text(clusterId), user.getTokens()); } catch (KeeperException e) { throw new IOException(e); } finally { zkw.close(); } }
@Test public void testClusterId() throws Exception { TEST_UTIL.startMiniZKCluster(); TEST_UTIL.startMiniDFSCluster(1); Configuration conf = new Configuration(TEST_UTIL.getConfiguration()); //start region server, needs to be separate //so we get an unset clusterId rst = JVMClusterUtil.createRegionServerThread(conf, HRegionServer.class, 0); rst.start(); //Make sure RS is in blocking state Thread.sleep(10000); TEST_UTIL.startMiniHBaseCluster(1, 0); rst.waitForServerOnline(); String clusterId = ZKClusterId.readClusterIdZNode(TEST_UTIL.getZooKeeperWatcher()); assertNotNull(clusterId); assertEquals(clusterId, rst.getRegionServer().getClusterId()); }
/** * Get the authentication token of the user for the cluster specified in the configuration * @return null if the user does not have the token, otherwise the auth token for the cluster. */ private static Token<AuthenticationTokenIdentifier> getAuthToken(Configuration conf, User user) throws IOException, InterruptedException { ZKWatcher zkw = new ZKWatcher(conf, "TokenUtil-getAuthToken", null); try { String clusterId = ZKClusterId.readClusterIdZNode(zkw); if (clusterId == null) { throw new IOException("Failed to get cluster ID"); } return new AuthenticationTokenSelector().selectToken(new Text(clusterId), user.getTokens()); } catch (KeeperException e) { throw new IOException(e); } finally { zkw.close(); } }
@Before public void setUp() throws Exception { zkw = HBaseTestingUtility.getZooKeeperWatcher(utility); String fakeRs1 = ZNodePaths.joinZNode(zkw.znodePaths.rsZNode, "hostname1.example.org:1234"); try { ZKClusterId.setClusterId(zkw, new ClusterId()); rp = ReplicationFactory.getReplicationPeers(zkw, conf); rp.init(); rt = ReplicationFactory.getReplicationTracker(zkw, new DummyServer(fakeRs1), new DummyServer(fakeRs1)); } catch (Exception e) { fail("Exception during test setup: " + e); } rsRemovedCount = new AtomicInteger(0); rsRemovedData = ""; }
@Test public void testClusterId() throws Exception { TEST_UTIL.startMiniZKCluster(); TEST_UTIL.startMiniDFSCluster(1); Configuration conf = new Configuration(TEST_UTIL.getConfiguration()); CoordinatedStateManager cp = CoordinatedStateManagerFactory.getCoordinatedStateManager(conf); //start region server, needs to be separate //so we get an unset clusterId rst = JVMClusterUtil.createRegionServerThread(conf,cp, HRegionServer.class, 0); rst.start(); //Make sure RS is in blocking state Thread.sleep(10000); TEST_UTIL.startMiniHBaseCluster(1, 0); rst.waitForServerOnline(); String clusterId = ZKClusterId.readClusterIdZNode(TEST_UTIL.getZooKeeperWatcher()); assertNotNull(clusterId); assertEquals(clusterId, rst.getRegionServer().getClusterId()); }
@BeforeClass public static void setupBeforeClass() throws Exception { TEST_UTIL = new HBaseTestingUtility(); TEST_UTIL.startMiniZKCluster(); // security settings only added after startup so that ZK does not require SASL Configuration conf = TEST_UTIL.getConfiguration(); conf.set("hadoop.security.authentication", "kerberos"); conf.set("hbase.security.authentication", "kerberos"); server = new TokenServer(conf); serverThread = new Thread(server); Threads.setDaemonThreadRunning(serverThread, "TokenServer:"+server.getServerName().toString()); // wait for startup while (!server.isStarted() && !server.isStopped()) { Thread.sleep(10); } ZKClusterId.setClusterId(server.getZooKeeper(), clusterId); secretManager = (AuthenticationTokenSecretManager)server.getSecretManager(); while(secretManager.getCurrentKey() == null) { Thread.sleep(1); } }
@Test public void testClusterId() throws Exception { TEST_UTIL.startMiniZKCluster(); TEST_UTIL.startMiniDFSCluster(1); Configuration conf = new Configuration(TEST_UTIL.getConfiguration()); //start region server, needs to be separate //so we get an unset clusterId rst = JVMClusterUtil.createRegionServerThread(conf, HRegionServer.class, 0); rst.start(); //Make sure RS is in blocking state Thread.sleep(10000); TEST_UTIL.startMiniHBaseCluster(1, 0); rst.waitForServerOnline(); String clusterId = ZKClusterId.readClusterIdZNode(TEST_UTIL.getZooKeeperWatcher()); assertNotNull(clusterId); assertEquals(clusterId, rst.getRegionServer().getConfiguration().get(HConstants.CLUSTER_ID)); }
@Override // Synchronize peer cluster connection attempts to avoid races and rate // limit connections when multiple replication sources try to connect to // the peer cluster. If the peer cluster is down we can get out of control // over time. public synchronized UUID getPeerUUID() { UUID peerUUID = null; try { peerUUID = ZKClusterId.getUUIDForCluster(zkw); } catch (KeeperException ke) { reconnect(ke); } return peerUUID; }
/** * Create a new secret manager instance for generating keys. * @param conf Configuration to use * @param zk Connection to zookeeper for handling leader elections * @param keyUpdateInterval Time (in milliseconds) between rolling a new master key for token signing * @param tokenMaxLifetime Maximum age (in milliseconds) before a token expires and is no longer valid */ /* TODO: Restrict access to this constructor to make rogues instances more difficult. * For the moment this class is instantiated from * org.apache.hadoop.hbase.ipc.SecureServer so public access is needed. */ public AuthenticationTokenSecretManager(Configuration conf, ZooKeeperWatcher zk, String serverName, long keyUpdateInterval, long tokenMaxLifetime) { this.zkWatcher = new ZKSecretWatcher(conf, zk, this); this.keyUpdateInterval = keyUpdateInterval; this.tokenMaxLifetime = tokenMaxLifetime; this.leaderElector = new LeaderElector(zk, serverName); this.name = NAME_PREFIX+serverName; this.clusterId = new ZKClusterId(zk, zk); }
private static String initPeerClusterState(String baseZKNode) throws IOException, KeeperException { // Add a dummy region server and set up the cluster id Configuration testConf = new Configuration(conf); testConf.set(HConstants.ZOOKEEPER_ZNODE_PARENT, baseZKNode); ZooKeeperWatcher zkw1 = new ZooKeeperWatcher(testConf, "test1", null); String fakeRs = ZKUtil.joinZNode(zkw1.rsZNode, "hostname1.example.org:1234"); ZKUtil.createWithParents(zkw1, fakeRs); ZKClusterId.setClusterId(zkw1, new ClusterId()); return ZKConfig.getZooKeeperClusterKey(testConf); }
@BeforeClass public static void setupBeforeClass() throws Exception { TEST_UTIL = new HBaseTestingUtility(); TEST_UTIL.startMiniZKCluster(); // register token type for protocol SecurityInfo.addInfo(AuthenticationProtos.AuthenticationService.getDescriptor().getName(), new SecurityInfo("hbase.test.kerberos.principal", AuthenticationProtos.TokenIdentifier.Kind.HBASE_AUTH_TOKEN)); // security settings only added after startup so that ZK does not require SASL Configuration conf = TEST_UTIL.getConfiguration(); conf.set("hadoop.security.authentication", "kerberos"); conf.set("hbase.security.authentication", "kerberos"); conf.setBoolean(HADOOP_SECURITY_AUTHORIZATION, true); server = new TokenServer(conf); serverThread = new Thread(server); Threads.setDaemonThreadRunning(serverThread, "TokenServer:"+server.getServerName().toString()); // wait for startup while (!server.isStarted() && !server.isStopped()) { Thread.sleep(10); } server.rpcServer.refreshAuthManager(new PolicyProvider() { @Override public Service[] getServices() { return new Service [] { new Service("security.client.protocol.acl", AuthenticationProtos.AuthenticationService.BlockingInterface.class)}; } }); ZKClusterId.setClusterId(server.getZooKeeper(), clusterId); secretManager = (AuthenticationTokenSecretManager)server.getSecretManager(); while(secretManager.getCurrentKey() == null) { Thread.sleep(1); } }
private static String initPeerClusterState(String baseZKNode) throws IOException, KeeperException { // Add a dummy region server and set up the cluster id Configuration testConf = new Configuration(conf); testConf.set(HConstants.ZOOKEEPER_ZNODE_PARENT, baseZKNode); ZooKeeperWatcher zkw1 = new ZooKeeperWatcher(testConf, "test1", null); String fakeRs = ZKUtil.joinZNode(zkw1.rsZNode, "hostname1.example.org:1234"); ZKUtil.createWithParents(zkw1, fakeRs); ZKClusterId.setClusterId(zkw1, new ClusterId()); return ZKUtil.getZooKeeperClusterKey(testConf); }
/** * Get the authentication token of the user for the cluster specified in the configuration * @return null if the user does not have the token, otherwise the auth token for the cluster. */ private static Token<AuthenticationTokenIdentifier> getAuthToken(Configuration conf, User user) throws IOException, InterruptedException { ZooKeeperWatcher zkw = new ZooKeeperWatcher(conf, "mr-init-credentials", null); try { String clusterId = ZKClusterId.readClusterIdZNode(zkw); return new AuthenticationTokenSelector().selectToken(new Text(clusterId), user.getUGI().getTokens()); } catch (KeeperException e) { throw new IOException(e); } finally { zkw.close(); } }
@Override public UUID getPeerUUID(String peerId) { ReplicationPeer peer = this.peerClusters.get(peerId); if (peer == null) { return null; } UUID peerUUID = null; try { peerUUID = ZKClusterId.getUUIDForCluster(peer.getZkw()); } catch (KeeperException ke) { reconnectPeer(ke, peer); } return peerUUID; }
private static String initPeerClusterState(String baseZKNode) throws IOException, KeeperException { // Add a dummy region server and set up the cluster id Configuration testConf = new Configuration(conf); testConf.set(HConstants.ZOOKEEPER_ZNODE_PARENT, baseZKNode); ZKWatcher zkw1 = new ZKWatcher(testConf, "test1", null); String fakeRs = ZNodePaths.joinZNode(zkw1.znodePaths.rsZNode, "hostname1.example.org:1234"); ZKUtil.createWithParents(zkw1, fakeRs); ZKClusterId.setClusterId(zkw1, new ClusterId()); return ZKConfig.getZooKeeperClusterKey(testConf); }
/** * Create a new secret manager instance for generating keys. * @param conf Configuration to use * @param zk Connection to zookeeper for handling leader elections * @param keyUpdateInterval Time (in milliseconds) between rolling a new master key for token signing * @param tokenMaxLifetime Maximum age (in milliseconds) before a token expires and is no longer valid */ /* TODO: Restrict access to this constructor to make rogues instances more difficult. * For the moment this class is instantiated from * org.apache.hadoop.hbase.ipc.SecureServer so public access is needed. */ public AuthenticationTokenSecretManager(Configuration conf, ZKWatcher zk, String serverName, long keyUpdateInterval, long tokenMaxLifetime) { this.zkWatcher = new ZKSecretWatcher(conf, zk, this); this.keyUpdateInterval = keyUpdateInterval; this.tokenMaxLifetime = tokenMaxLifetime; this.leaderElector = new LeaderElector(zk, serverName); this.name = NAME_PREFIX+serverName; this.clusterId = new ZKClusterId(zk, zk); }
@Before public void setUp() throws Exception { TEST_UTIL = new HBaseTestingUtility(); TEST_UTIL.startMiniZKCluster(); // register token type for protocol SecurityInfo.addInfo(AuthenticationProtos.AuthenticationService.getDescriptor().getName(), new SecurityInfo("hbase.test.kerberos.principal", AuthenticationProtos.TokenIdentifier.Kind.HBASE_AUTH_TOKEN)); // security settings only added after startup so that ZK does not require SASL Configuration conf = TEST_UTIL.getConfiguration(); conf.set("hadoop.security.authentication", "kerberos"); conf.set("hbase.security.authentication", "kerberos"); conf.setBoolean(HADOOP_SECURITY_AUTHORIZATION, true); conf.set(RpcServerFactory.CUSTOM_RPC_SERVER_IMPL_CONF_KEY, rpcServerImpl); server = new TokenServer(conf, TEST_UTIL); serverThread = new Thread(server); Threads.setDaemonThreadRunning(serverThread, "TokenServer:"+server.getServerName().toString()); // wait for startup while (!server.isStarted() && !server.isStopped()) { Thread.sleep(10); } server.rpcServer.refreshAuthManager(new PolicyProvider() { @Override public Service[] getServices() { return new Service [] { new Service("security.client.protocol.acl", AuthenticationProtos.AuthenticationService.BlockingInterface.class)}; } }); ZKClusterId.setClusterId(server.getZooKeeper(), clusterId); secretManager = (AuthenticationTokenSecretManager)server.getSecretManager(); while(secretManager.getCurrentKey() == null) { Thread.sleep(1); } }