Review Board 1.7.22


ACCUMULO-1009 - add use of SSL for thrift comms (was https://reviews.apache.org/r/14972/)

Review Request #15245 - Created Nov. 5, 2013 and submitted

Michael Berman
1.6.0-SNAPSHOT
Reviewers
accumulo
busbey, ctubbsii, kturner
accumulo
(was https://reviews.apache.org/r/14972/ ; created new review created so I get responses instead of Vines)

Rebased on 1.6.0-SNAPSHOT's current HEAD (which is pretty close to master), and feedback from the last review integrated.

Still need to clean up all the references to newly deprecated ZKInstance constructors and Input/OutputFormat config setters, but wanted to get this up for feedback sooner.

 

Diff revision 2

This is not the most recent revision of the diff. The latest diff is revision 4. See what's changed.

1 2 3 4
1 2 3 4

  1. core/src/main/java/org/apache/accumulo/core/cli/ClientOpts.java: Loading...
  2. core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java: Loading...
  3. core/src/main/java/org/apache/accumulo/core/client/impl/ConditionalWriterImpl.java: Loading...
  4. core/src/main/java/org/apache/accumulo/core/client/impl/MasterClient.java: Loading...
  5. core/src/main/java/org/apache/accumulo/core/client/impl/ServerClient.java: Loading...
  6. core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java: Loading...
  7. core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java: Loading...
  8. core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportKey.java: Loading...
  9. core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportPool.java: Loading...
  10. core/src/main/java/org/apache/accumulo/core/client/mapred/AbstractInputFormat.java: Loading...
  11. core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloInputFormat.java: Loading...
  12. core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloMultiTableInputFormat.java: Loading...
  13. core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java: Loading...
  14. core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloRowInputFormat.java: Loading...
  15. core/src/main/java/org/apache/accumulo/core/client/mapreduce/AbstractInputFormat.java: Loading...
  16. core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloInputFormat.java: Loading...
  17. core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java: Loading...
  18. core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloRowInputFormat.java: Loading...
  19. core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java: Loading...
  20. core/src/main/java/org/apache/accumulo/core/conf/AccumuloConfiguration.java: Loading...
This diff has been split across 3 pages: 1 2 3 >
core/src/main/java/org/apache/accumulo/core/cli/ClientOpts.java
Revision 9247d56 New Change
[20] 34 lines
[+20]
35
import org.apache.accumulo.core.client.mock.MockInstance;
35
import org.apache.accumulo.core.client.mock.MockInstance;
36
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
36
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken;
37
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.Properties;
37
import org.apache.accumulo.core.client.security.tokens.AuthenticationToken.Properties;
38
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
38
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
39
import org.apache.accumulo.core.conf.AccumuloConfiguration;
39
import org.apache.accumulo.core.conf.AccumuloConfiguration;

    
   
40
import org.apache.accumulo.core.conf.ClientConfiguration;

    
   
41
import org.apache.accumulo.core.conf.ClientConfiguration.ClientProperty;
40
import org.apache.accumulo.core.conf.DefaultConfiguration;
42
import org.apache.accumulo.core.conf.DefaultConfiguration;
41
import org.apache.accumulo.core.conf.Property;
43
import org.apache.accumulo.core.conf.Property;
42
import org.apache.accumulo.core.security.Authorizations;
44
import org.apache.accumulo.core.security.Authorizations;
43
import org.apache.accumulo.core.security.ColumnVisibility;
45
import org.apache.accumulo.core.security.ColumnVisibility;
44
import org.apache.accumulo.core.zookeeper.ZooUtil;
46
import org.apache.accumulo.core.zookeeper.ZooUtil;
[+20] [20] 115 lines
[+20] [+] public AuthenticationToken getToken() {
160
  public boolean mock = false;
162
  public boolean mock = false;
161
  
163
  
162
  @Parameter(names = "--site-file", description = "Read the given accumulo site file to find the accumulo instance")
164
  @Parameter(names = "--site-file", description = "Read the given accumulo site file to find the accumulo instance")
163
  public String siteFile = null;
165
  public String siteFile = null;
164
  
166
  

    
   
167
  @Parameter(names = "--ssl", description = "Connect to accumulo over SSL")

    
   
168
  public boolean sslEnabled = false;

    
   
169

   

    
   
170
  @Parameter(names = "--config-file", description = "Read the given client config file.  If omitted, the path searched can be specified with $ACCUMULO_CLIENT_CONF_PATH, which defaults to ~/.accumulo/config:$ACCUMULO_CONF_DIR/client.conf:/etc/accumulo/client.conf")

    
   
171
  public String clientConfigFile = null;

    
   
172

   
165
  public void startDebugLogging() {
173
  public void startDebugLogging() {
166
    if (debug)
174
    if (debug)
167
      Logger.getLogger(Constants.CORE_PACKAGE_NAME).setLevel(Level.TRACE);
175
      Logger.getLogger(Constants.CORE_PACKAGE_NAME).setLevel(Level.TRACE);
168
  }
176
  }
169
  
177
  
[+20] [20] 16 lines
[+20] [+] public void parseArgs(String programName, String[] args, Object... others) {
186
    startDebugLogging();
194
    startDebugLogging();
187
    startTracing(programName);
195
    startTracing(programName);
188
  }
196
  }
189
  
197
  
190
  protected Instance cachedInstance = null;
198
  protected Instance cachedInstance = null;

    
   
199
  protected ClientConfiguration cachedClientConfig = null;
191
  
200
  
192
  synchronized public Instance getInstance() {
201
  synchronized public Instance getInstance() {
193
    if (cachedInstance != null)
202
    if (cachedInstance != null)
194
      return cachedInstance;
203
      return cachedInstance;
195
    if (mock)
204
    if (mock)
196
      return cachedInstance = new MockInstance(instance);
205
      return cachedInstance = new MockInstance(instance);

    
   
206
    return cachedInstance = new ZooKeeperInstance(this.getClientConfiguration());

    
   
207
  }

    
   
208

   
Moved from 230

    
   
209
  public Connector getConnector() throws AccumuloException, AccumuloSecurityException {
Moved from 231

    
   
210
    if (this.principal == null || this.getToken() == null)
Moved from 232

    
   
211
      throw new AccumuloSecurityException("You must provide a user (-u) and password (-p)", SecurityErrorCode.BAD_CREDENTIALS);
Moved from 233

    
   
212
    return getInstance().getConnector(principal, getToken());
Moved from 234

    
   
213
  }

    
   
214

   

    
   
215
  public void setAccumuloConfigs(Job job) throws AccumuloSecurityException {

    
   
216
    AccumuloInputFormat.setZooKeeperInstance(job, this.getClientConfiguration());

    
   
217
    AccumuloOutputFormat.setZooKeeperInstance(job, this.getClientConfiguration());

    
   
218
  }

    
   
219

   

    
   
220
  protected ClientConfiguration getClientConfiguration() throws IllegalArgumentException {

    
   
221
    if (cachedClientConfig != null)

    
   
222
      return cachedClientConfig;

    
   
223

   

    
   
224
    ClientConfiguration clientConfig;

    
   
225
    try {

    
   
226
      clientConfig = ClientConfiguration.loadDefault(clientConfigFile);

    
   
227
    } catch (Exception e) {

    
   
228
      throw new IllegalArgumentException(e);

    
   
229
    }

    
   
230
    if (sslEnabled)

    
   
231
      clientConfig.setProperty(ClientProperty.INSTANCE_RPC_SSL_ENABLED, "true");
197
    if (siteFile != null) {
232
    if (siteFile != null) {
198
      AccumuloConfiguration config = new AccumuloConfiguration() {
233
      AccumuloConfiguration config = new AccumuloConfiguration() {
199
        Configuration xml = new Configuration();
234
        Configuration xml = new Configuration();
200
        {
235
        {
201
          xml.addResource(new Path(siteFile));
236
          xml.addResource(new Path(siteFile));
[+20] [20] 18 lines
[+20] [+] public String get(Property property) {
220
        }
255
        }
221
      };
256
      };
222
      this.zookeepers = config.get(Property.INSTANCE_ZK_HOST);
257
      this.zookeepers = config.get(Property.INSTANCE_ZK_HOST);
223
      Path instanceDir = new Path(config.get(Property.INSTANCE_DFS_DIR), "instance_id");
258
      Path instanceDir = new Path(config.get(Property.INSTANCE_DFS_DIR), "instance_id");
224
      String instanceIDFromFile = ZooUtil.getInstanceIDFromHdfs(instanceDir);
259
      String instanceIDFromFile = ZooUtil.getInstanceIDFromHdfs(instanceDir);
225
      return cachedInstance = new ZooKeeperInstance(UUID.fromString(instanceIDFromFile), zookeepers);
260
      if (config.getBoolean(Property.INSTANCE_RPC_SSL_ENABLED))

    
   
261
        clientConfig.setProperty(ClientProperty.INSTANCE_RPC_SSL_ENABLED, "true");

    
   
262
      return cachedClientConfig = clientConfig.withInstance(UUID.fromString(instanceIDFromFile)).withZkHosts(zookeepers);
226
    }
263
    }
227
    return cachedInstance = new ZooKeeperInstance(this.instance, this.zookeepers);
264
    return cachedClientConfig = clientConfig.withInstance(instance).withZkHosts(zookeepers);
228
  }

   
229
  

   
230
  public Connector getConnector() throws AccumuloException, AccumuloSecurityException {
Moved to 209

   
231
    if (this.principal == null || this.getToken() == null)
Moved to 210

   
232
      throw new AccumuloSecurityException("You must provide a user (-u) and password (-p)", SecurityErrorCode.BAD_CREDENTIALS);
Moved to 211

   
233
    return getInstance().getConnector(principal, getToken());
Moved to 212

   
234
  }
Moved to 213

   
235
  

   
236
  public void setAccumuloConfigs(Job job) throws AccumuloSecurityException {

   
237
    AccumuloInputFormat.setZooKeeperInstance(job, instance, zookeepers);

   
238
    AccumuloOutputFormat.setZooKeeperInstance(job, instance, zookeepers);

   
239
  }
265
  }
240
  
266
  
241
}
267
}
core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java
Revision a85b72e New Change
 
core/src/main/java/org/apache/accumulo/core/client/impl/ConditionalWriterImpl.java
Revision bb5987d New Change
 
core/src/main/java/org/apache/accumulo/core/client/impl/MasterClient.java
Revision 32c80f9 New Change
 
core/src/main/java/org/apache/accumulo/core/client/impl/ServerClient.java
Revision 218bd36 New Change
 
core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java
Revision 0376304 New Change
 
core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java
Revision 0dd86bf New Change
 
core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportKey.java
Revision f07139d New Change
 
core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportPool.java
Revision e7dabb5 New Change
 
core/src/main/java/org/apache/accumulo/core/client/mapred/AbstractInputFormat.java
Revision 856936e New Change
 
core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloInputFormat.java
Revision cccd7b8 New Change
 
core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloMultiTableInputFormat.java
Revision 61838db New Change
 
core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java
Revision 908b8b3 New Change
 
core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloRowInputFormat.java
Revision fe5003b New Change
 
core/src/main/java/org/apache/accumulo/core/client/mapreduce/AbstractInputFormat.java
Revision 626a785 New Change
 
core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloInputFormat.java
Revision 9ecae53 New Change
 
core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java
Revision 727bfec New Change
 
core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloRowInputFormat.java
Revision 992990d New Change
 
core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java
Revision 4f8cdb6 New Change
 
core/src/main/java/org/apache/accumulo/core/conf/AccumuloConfiguration.java
Revision 0a456ba New Change
 
  1. core/src/main/java/org/apache/accumulo/core/cli/ClientOpts.java: Loading...
  2. core/src/main/java/org/apache/accumulo/core/client/ZooKeeperInstance.java: Loading...
  3. core/src/main/java/org/apache/accumulo/core/client/impl/ConditionalWriterImpl.java: Loading...
  4. core/src/main/java/org/apache/accumulo/core/client/impl/MasterClient.java: Loading...
  5. core/src/main/java/org/apache/accumulo/core/client/impl/ServerClient.java: Loading...
  6. core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchReaderIterator.java: Loading...
  7. core/src/main/java/org/apache/accumulo/core/client/impl/TabletServerBatchWriter.java: Loading...
  8. core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportKey.java: Loading...
  9. core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportPool.java: Loading...
  10. core/src/main/java/org/apache/accumulo/core/client/mapred/AbstractInputFormat.java: Loading...
  11. core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloInputFormat.java: Loading...
  12. core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloMultiTableInputFormat.java: Loading...
  13. core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloOutputFormat.java: Loading...
  14. core/src/main/java/org/apache/accumulo/core/client/mapred/AccumuloRowInputFormat.java: Loading...
  15. core/src/main/java/org/apache/accumulo/core/client/mapreduce/AbstractInputFormat.java: Loading...
  16. core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloInputFormat.java: Loading...
  17. core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloOutputFormat.java: Loading...
  18. core/src/main/java/org/apache/accumulo/core/client/mapreduce/AccumuloRowInputFormat.java: Loading...
  19. core/src/main/java/org/apache/accumulo/core/client/mapreduce/lib/util/ConfiguratorBase.java: Loading...
  20. core/src/main/java/org/apache/accumulo/core/conf/AccumuloConfiguration.java: Loading...
This diff has been split across 3 pages: 1 2 3 >