/// <summary>This method creates the Curator client and connects to ZooKeeper.</summary> /// <param name="config">configuration properties</param> /// <returns>A Curator client</returns> /// <exception cref="System.Exception"/> protected internal virtual CuratorFramework CreateCuratorClient(Properties config ) { string connectionString = config.GetProperty(ZookeeperConnectionString, "localhost:2181" ); RetryPolicy retryPolicy = new ExponentialBackoffRetry(1000, 3); ACLProvider aclProvider; string authType = config.GetProperty(ZookeeperAuthType, "none"); if (authType.Equals("sasl")) { Log.Info("Connecting to ZooKeeper with SASL/Kerberos" + "and using 'sasl' ACLs"); string principal = SetJaasConfiguration(config); Runtime.SetProperty(ZooKeeperSaslClient.LoginContextNameKey, JaasLoginEntryName); Runtime.SetProperty("zookeeper.authProvider.1", "org.apache.zookeeper.server.auth.SASLAuthenticationProvider" ); aclProvider = new ZKSignerSecretProvider.SASLOwnerACLProvider(principal); } else { // "none" Log.Info("Connecting to ZooKeeper without authentication"); aclProvider = new DefaultACLProvider(); } // open to everyone CuratorFramework cf = CuratorFrameworkFactory.Builder().ConnectString(connectionString ).RetryPolicy(retryPolicy).AclProvider(aclProvider).Build(); cf.Start(); return(cf); }
public ZKDelegationTokenSecretManager(Configuration conf) : base(conf.GetLong(DelegationTokenManager.UpdateInterval, DelegationTokenManager .UpdateIntervalDefault) * 1000, conf.GetLong(DelegationTokenManager.MaxLifetime, DelegationTokenManager.MaxLifetimeDefault) * 1000, conf.GetLong(DelegationTokenManager .RenewInterval, DelegationTokenManager.RenewIntervalDefault * 1000), conf.GetLong (DelegationTokenManager.RemovalScanInterval, DelegationTokenManager.RemovalScanIntervalDefault ) * 1000) { shutdownTimeout = conf.GetLong(ZkDtsmZkShutdownTimeout, ZkDtsmZkShutdownTimeoutDefault ); if (CuratorTl.Get() != null) { zkClient = CuratorTl.Get().UsingNamespace(conf.Get(ZkDtsmZnodeWorkingPath, ZkDtsmZnodeWorkingPathDeafult ) + "/" + ZkDtsmNamespace); isExternalClient = true; } else { string connString = conf.Get(ZkDtsmZkConnectionString); Preconditions.CheckNotNull(connString, "Zookeeper connection string cannot be null" ); string authType = conf.Get(ZkDtsmZkAuthType); // AuthType has to be explicitly set to 'none' or 'sasl' Preconditions.CheckNotNull(authType, "Zookeeper authType cannot be null !!"); Preconditions.CheckArgument(authType.Equals("sasl") || authType.Equals("none"), "Zookeeper authType must be one of [none, sasl]" ); CuratorFrameworkFactory.Builder builder = null; try { ACLProvider aclProvider = null; if (authType.Equals("sasl")) { Log.Info("Connecting to ZooKeeper with SASL/Kerberos" + "and using 'sasl' ACLs"); string principal = SetJaasConfiguration(conf); Runtime.SetProperty(ZooKeeperSaslClient.LoginContextNameKey, JaasLoginEntryName); Runtime.SetProperty("zookeeper.authProvider.1", "org.apache.zookeeper.server.auth.SASLAuthenticationProvider" ); aclProvider = new ZKDelegationTokenSecretManager.SASLOwnerACLProvider(principal); } else { // "none" Log.Info("Connecting to ZooKeeper without authentication"); aclProvider = new DefaultACLProvider(); } // open to everyone int sessionT = conf.GetInt(ZkDtsmZkSessionTimeout, ZkDtsmZkSessionTimeoutDefault); int numRetries = conf.GetInt(ZkDtsmZkNumRetries, ZkDtsmZkNumRetriesDefault); builder = CuratorFrameworkFactory.Builder().AclProvider(aclProvider).Namespace(conf .Get(ZkDtsmZnodeWorkingPath, ZkDtsmZnodeWorkingPathDeafult) + "/" + ZkDtsmNamespace ).SessionTimeoutMs(sessionT).ConnectionTimeoutMs(conf.GetInt(ZkDtsmZkConnectionTimeout , ZkDtsmZkConnectionTimeoutDefault)).RetryPolicy(new RetryNTimes(numRetries, sessionT / numRetries)); } catch (Exception) { throw new RuntimeException("Could not Load ZK acls or auth"); } zkClient = builder.EnsembleProvider(new FixedEnsembleProvider(connString)).Build( ); isExternalClient = false; } }