public virtual void SetUp()
{
config = new HdfsConfiguration();
config.SetBoolean(DFSConfigKeys.DfsWebhdfsEnabledKey, true);
config.SetLong(DFSConfigKeys.DfsNamenodeDelegationTokenMaxLifetimeKey, 10000);
config.SetLong(DFSConfigKeys.DfsNamenodeDelegationTokenRenewIntervalKey, 5000);
config.SetBoolean(DFSConfigKeys.DfsNamenodeDelegationTokenAlwaysUseKey, true);
config.Set("hadoop.security.auth_to_local", "RULE:[2:$1@$0](JobTracker@.*FOO.COM)s/@.*//"
+ "DEFAULT");
FileSystem.SetDefaultUri(config, "hdfs://localhost:" + "0");
cluster = new MiniDFSCluster.Builder(config).NumDataNodes(0).Build();
cluster.WaitActive();
dtSecretManager = NameNodeAdapter.GetDtSecretManager(cluster.GetNamesystem());
}
public virtual void SetupCluster()
{
SecurityUtilTestHelper.SetTokenServiceUseIp(true);
conf.SetBoolean(DFSConfigKeys.DfsNamenodeDelegationTokenAlwaysUseKey, true);
conf.Set(CommonConfigurationKeysPublic.HadoopSecurityAuthToLocal, "RULE:[2:$1@$0](JobTracker@.*FOO.COM)s/@.*//"
+ "DEFAULT");
cluster = new MiniDFSCluster.Builder(conf).NnTopology(MiniDFSNNTopology.SimpleHATopology
()).NumDataNodes(0).Build();
cluster.WaitActive();
string logicalName = HATestUtil.GetLogicalHostname(cluster);
HATestUtil.SetFailoverConfigurations(cluster, conf, logicalName, 0);
nn0 = cluster.GetNameNode(0);
nn1 = cluster.GetNameNode(1);
fs = HATestUtil.ConfigureFailoverFs(cluster, conf);
dfs = (DistributedFileSystem)fs;
cluster.TransitionToActive(0);
dtSecretManager = NameNodeAdapter.GetDtSecretManager(nn0.GetNamesystem());
}
public virtual void TestDTManagerInSafeMode()
{
cluster.StartDataNodes(config, 1, true, HdfsServerConstants.StartupOption.Regular
, null);
FileSystem fs = cluster.GetFileSystem();
for (int i = 0; i < 5; i++)
{
DFSTestUtil.CreateFile(fs, new Path("/test-" + i), 100, (short)1, 1L);
}
cluster.GetConfiguration(0).SetInt(DFSConfigKeys.DfsNamenodeDelegationKeyUpdateIntervalKey
, 500);
cluster.GetConfiguration(0).SetInt(DFSConfigKeys.DfsNamenodeSafemodeExtensionKey,
30000);
cluster.SetWaitSafeMode(false);
cluster.RestartNameNode();
NameNode nn = cluster.GetNameNode();
NUnit.Framework.Assert.IsTrue(nn.IsInSafeMode());
DelegationTokenSecretManager sm = NameNodeAdapter.GetDtSecretManager(nn.GetNamesystem
());
NUnit.Framework.Assert.IsFalse("Secret manager should not run in safe mode", sm.IsRunning
());
NameNodeAdapter.LeaveSafeMode(nn);
NUnit.Framework.Assert.IsTrue("Secret manager should start when safe mode is exited"
, sm.IsRunning());
Log.Info("========= entering safemode again");
NameNodeAdapter.EnterSafeMode(nn, false);
NUnit.Framework.Assert.IsFalse("Secret manager should stop again when safe mode "
+ "is manually entered", sm.IsRunning());
// Set the cluster to leave safemode quickly on its own.
cluster.GetConfiguration(0).SetInt(DFSConfigKeys.DfsNamenodeSafemodeExtensionKey,
0);
cluster.SetWaitSafeMode(true);
cluster.RestartNameNode();
nn = cluster.GetNameNode();
sm = NameNodeAdapter.GetDtSecretManager(nn.GetNamesystem());
NUnit.Framework.Assert.IsFalse(nn.IsInSafeMode());
NUnit.Framework.Assert.IsTrue(sm.IsRunning());
}
/// <summary>
/// Test if StandbyException can be thrown from StandbyNN, when it's requested for
/// password.
/// </summary>
/// <remarks>
/// Test if StandbyException can be thrown from StandbyNN, when it's requested for
/// password. (HDFS-6475). With StandbyException, the client can failover to try
/// activeNN.
/// </remarks>
/// <exception cref="System.Exception"/>
public virtual void TestDelegationTokenStandbyNNAppearFirst()
{
// make nn0 the standby NN, and nn1 the active NN
cluster.TransitionToStandby(0);
cluster.TransitionToActive(1);
DelegationTokenSecretManager stSecretManager = NameNodeAdapter.GetDtSecretManager
(nn1.GetNamesystem());
// create token
Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token = GetDelegationToken
(fs, "JobTracker");
DelegationTokenIdentifier identifier = new DelegationTokenIdentifier();
byte[] tokenId = token.GetIdentifier();
identifier.ReadFields(new DataInputStream(new ByteArrayInputStream(tokenId)));
NUnit.Framework.Assert.IsTrue(null != stSecretManager.RetrievePassword(identifier
));
UserGroupInformation ugi = UserGroupInformation.CreateRemoteUser("JobTracker");
ugi.AddToken(token);
ugi.DoAs(new _PrivilegedExceptionAction_406(identifier));
}
public static void SetUp()
{
Configuration conf = new Configuration();
conf.Set(MRConfig.FrameworkName, MRConfig.YarnFrameworkName);
conf.Set(YarnConfiguration.RmPrincipal, "jt_id/" + SecurityUtil.HostnamePattern +
"@APACHE.ORG");
MiniDFSCluster.Builder builder = new MiniDFSCluster.Builder(conf);
builder.CheckExitOnShutdown(true);
builder.NumDataNodes(numSlaves);
builder.Format(true);
builder.Racks(null);
dfsCluster = builder.Build();
mrCluster = new MiniMRYarnCluster(typeof(TestBinaryTokenFile).FullName, noOfNMs);
mrCluster.Init(conf);
mrCluster.Start();
NameNodeAdapter.GetDtSecretManager(dfsCluster.GetNamesystem()).StartThreads();
FileSystem fs = dfsCluster.GetFileSystem();
p1 = new Path("file1");
p1 = fs.MakeQualified(p1);
}
private bool IsDTRunning(NameNode nn)
{
return(NameNodeAdapter.GetDtSecretManager(nn.GetNamesystem()).IsRunning());
}
